#ubuntu-server 2006-02-13
<Drac[Server] > Is "0" unlimited?
<Pygi> depends where
<Pygi> but probably yes
<Drac[Server] > Um... What do I do with "user www-date" and "group www-data" ?
<Drac[Server] > data*
<Pygi> just make sure you set right permissions on files
<Drac[Server] > Eheh... um... which files would those be? ._.
<Pygi> bah
<Pygi> /var/www I guess
<Drac[Server] > I told you I'm new at this...
<Drac[Server] > What would those files do?
<Pygi> buh, that is where you put files to host
<Pygi> for your web server
<Drac[Server] > Oh! Okay. Now I get it.
<Drac[Server] > /var/www/(user)/filesgohere  right?
<Pygi> huh, you want a multi-user enviroment?
<Pygi> this can probably help
<Pygi> read this
<Drac[Server] > Well... I don't see how else I'd have multiple accounts with FTP access and stuff...
<Pygi> t see how else I'd have multiple accounts with FTP acce
<Pygi> bah, sec
<Pygi> https://wiki.ubuntu.com/ApacheMySQLPHP?action=show&redirect=LAMPForHoary
<fmasi> can some one help me seting up my vsftpd i am a bit rusty and i trying to make anonymous aces to be able to upload but after some configuration i got this error http://paste.ubuntu-nl.org/8221
<fmasi> please help me i nead to get unrusted
<Drac[Server] > When the mysql documents refer to the "hostname" do they mean what can be printed by the command that I can't remember at the moment?
<fmasi> some one home ???
<Pygi> o, welcome fabbione
<fabbione> hey Pygi
<Pygi> long time no see
<fabbione> how are you?
<Pygi> tired :-/ too much non-sleep due to coding :-/
<fabbione> ehe
<Pygi> :)
<Pygi> how's server comin' along?
<fabbione> working on it :)
<Pygi> great :-P
<Pygi> anything that I can help on?
<fabbione> Pygi: test install from daily cd would be great
<Pygi> k, will do...now tell me where to get it :)
<fabbione> http://cdimage.ubuntu.com/ubuntu-server/
<Pygi> k, I'll make it download now
<Pygi> Once I install it *these days I hope* you'll get reports
<fabbione> Pygi: keep in mind one thing
<fabbione> the reason why we need testing is because we did switch the archive managment software
<fabbione> iso's might be borked to death
<fabbione> or not working at all
<Pygi> k, no problem
<fabbione> that's the whole point of testing them :)
<Pygi> :)
<Pygi> also, are we going to provide more detailed /etc files? meaning *every* option in most crucial files explained?
<fabbione> i don't have time to do stuff like that
<fabbione> and i won't
<fabbione> if somebody wants to work on it, welcome to push me patches and i will apply them
<Pygi> ah,kk
<lapo> hi
<fabbione> hi
<lapo> ubuntu kernel should run update-initramfs in postinst
<fabbione> it does
<lapo> I have machines with mpt hw and the actual initramfs doesn't contain the needed modules (bug?), so w/o updating the initramfs on kernel upgrade the machines won't boot anymore
<fabbione> lapo: file a bug in malone, but the kernel does update-initramfs
<lapo> fabbione, are you sure?
<fabbione> yes i am
<lapo> fabbione, the kernel update of 2 or 3 days ago, leave my test server unbootable
<lapo> fabbione, can it be lilo? does update-initramfs run lilo after updating the initrafs?
<fabbione> lapo: file a bug on malone. component: linux-source-2.6.15
<fabbione> that's a completely different hook
<lapo> K, I'll do it
<lapo> fabbione, yes it is, but the result is the same :-)
<lapo> fabbione, should I file a bug against update-initramfs?
<fabbione> lapo: yes.
<fabbione> i don't think lilo is at fault here at all
<fabbione> since the hook that calls the update bootloader has been untouched for ages
<fabbione> and i would have noticed the breakage
<lapo> fabbione, I think the problem is that update-lilo is run before update-initramfs
<lapo> so I get a panic on boot cause it cannot find the initrafs image (since it's changed)
<fabbione> nope
<fabbione> lilo is executed way later than that
<fabbione> open a bug on update-initramfs or lilo
<fabbione> also check that initramfs is of a reasonable size compared to the old one
<lapo> I think it's about 200k bigger, not that much
<fabbione> try to boot with the old kernel and run lilo manually and see if it helps
<fabbione> start excluding one bit at a time will help
<lapo> fabbione, no problem doing things manually, there's some automation which haven't worked
<lapo> I'll try reinstalling that kernel to see what happen
<fabbione> lapo: do one thing at a time
<fabbione> the kernel is installed, try to check if lilo config is right
<fabbione> and rerun lilo manually
<fabbione> see if that fix the problem
<lapo> I know the drill, I did it several times these days :-)
<fabbione> if it doesn't compare the differences between the initramfs?
<lapo> doing things manually works
<lapo> donig an apt-get install --reinstall linux-image-2.6.15-14-amd64-xeon
<lapo> update-initramfs and update-lilo are in the correct order, lets reboot
<lapo> something wicked happend :-/
<lapo> found out, my boot partion fs was corrupted, so it was not kernel nor lilo fault, sorry for the noise
* fabbione sighs
<fabbione> lapo: anyway.. your nick says it all :D
* fabbione couldn't resist
<lapo> fabbione, my nick is actually my name (purtroppo) :-)
<fabbione> sucks to be you
<lapo> but I'm no way involved with fiat, elkan or so :-)
<lapo> eheh
<fabbione> ejje
<fabbione> ehe
<lapo> since you did that joke about my name, I'going to bug you about grub :-)
<fabbione> tsk :O)
<lapo> lilo is the only option for a sw raid1 + lvm setup (read no /boot partition), since lilo is a PITA and there are patches around for grub to support raid1+lvm setups, any caches to have them in?
<lapo> I think sw raid1+lvm is a common setup on servers, no?
<fabbione> lilo does not support /boot on LVM
<fabbione> you must keep /boot separate
<lapo> fabbione, are you sure?
<fabbione> lilo manages to install once
<fabbione> it will kill you at the first kernel upgrade in certain conditions
<fabbione> lapo: yes i am sure.. don't ask me if i am all the time :)
<lapo> lapo@posta:~$ sudo sfdisk -d /dev/sda
<lapo> Password:
<lapo> # tabella delle partizioni di /dev/sda
<lapo> unit: sectors
<lapo> /dev/sda1 : start=       63, size=143363997, Id=fd, bootable
<lapo> /dev/sda2 : start=        0, size=        0, Id= 0
<lapo> /dev/sda3 : start=        0, size=        0, Id= 0
<lapo> /dev/sda4 : start=        0, size=        0, Id= 0
<lapo> so how can you explain this? :-)
<fabbione> please do NOT flood the channel
<lapo> sorry
<fabbione> lapo: because i read lilo code? and we had bugs for it that forced me to do it
<lapo> lilo does support booting from lvm, I'm currently using it
<fabbione> lvm1, not 2
<fabbione> and only if certain conditions are met
<fabbione> the first time you will upgrade the kernel and the file will be fragmented across more than one PV you lose
<lapo> fabbione, yep but if the boot vg is only on one pv there are no problems using such a setup
<fabbione> right
<fabbione> it also depends how you set the lv but that's a more uncommon case
<fabbione> anyway grub supports boot from raid1, but not from lvm (in our case)
<fabbione> and i doubt we will pull in anything new and fancy for grub
<fabbione> we will probably get grub2 in dapper+1
<lapo> grub2 is a myth :-)
<lapo> btw, the installer get confused in my case using preexisting partitions and vgs, it installs grub
<lapo> so a smarter grub can solve this problem too
* lapo set bugging mode off
#ubuntu-server 2006-02-14
<fmasi> hi can some one help me whith vsftpd config
<fmasi> i geting 500 OOPS: vsftpd: refusing to run with writable anonymous root after i had configurate the server for anonymous to be able to right
<spike> wow, gnutls DoS
<spike> pretty nasty stuff
<morrow> Hmm?
<spike> this release fixes several serious bugs that would make the DER
<spike> decoder in libtasn1 crash on invalid input.  The problems were
<spike> reported by Evgeny Legerov on the 31th of January.  New releases of
<spike> GnuTLS will follow later today.
<spike> http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html
<morrow> ahh thx :)
<ubijtsa> fabbione: ping
<fabbione> ubijtsa2: pong?
#ubuntu-server 2006-02-15
<bashgeek> hi
<bashgeek> is there any installation guide to install ubuntu on a remote system via. rescue console?
<troy> good day folks
<ubijtsa2> fabbione: no worries..
<fabbione> morning
<fabbione> i am not worried :)
<fabbione> what' s up?
<ubijtsa2> I was going to ask you about setting a hard stack limit in /etc/security/limits.conf
<ubijtsa2> testing it last night though showed there being no difference in memory usage on a freshly booted system
<fabbione> hmmm i am not too happy about changing these defaults
<ubijtsa2> it had been suggested to me it could make as much difference as 100MB on a full Gnome desktop..
<ubijtsa2> the default of the system seems to be allocating 8MB of stack, and lowering that to 512kB was the suggestion
<ubijtsa2> as it turns out, it probably will not make that much difference.. hence the 'no worries' comment :)
<fabbione> nope
<fabbione> that's just wrong
<fabbione> that's not the default alloc on the stack.
<fabbione> it's max amount of stack a user can allocate
<fabbione> if you hit the limit, the process is killed
<fabbione> so something like that will just break in some corner cases
<fabbione> = BAD
<ubijtsa2> Mmhmm.. I wanted to ask you about it last night, but while rebooting I encountered oddities with zeroconf
<ubijtsa2> hence why I was not back on IRC when you replied
<ubijtsa2> still, half a meg of stack should be more than adequate..
<fabbione> -> REJECTED
<fabbione> it breaks stuff in corner cases
<fabbione> and you don't want that
<fabbione> 8MB is more than fine
<fabbione> and again, it is a limit
<ubijtsa2> I understand..
<fabbione> it's not allocated by default
<neuralis> fabbione: long time no see
<neuralis> fabbione: how are things?
<fabbione> hey neuralis
<fabbione> i am fine and you?
<neuralis> pretty good, moved back to cambridge a week ago, horribly busy
<fabbione> i believe that
<neuralis> how's server-candy coming along?
<fabbione> we are at 2/3 more or less
<neuralis> nice!
<fabbione> there are things that needs to be done
<fabbione> but we are getting there
<fabbione> we won't manage to get /etc in RCS
<fabbione> but otherwise we are okish
<neuralis> hmm, too complicated or other problems?
<fabbione> mainly the changes in bzr
<fabbione> bzr is changing too fast to be good for 5 years
<fabbione> and i didn't want the overhead of other RCS
<neuralis> yeah, good decision
<fabbione> there are also the 3rdy part tools that need packaging or something
<fabbione> assuming we can redistribute them
<fabbione> but that's like a couple of days of work
<neuralis> although, for just versioning /etc, bzr 0.7 would probably be just fine
<fabbione> my point is that the bzr backend is changing fast
<fabbione> so let say we ship 0.7 in dapper
<fabbione> it might not be compatible with dapper+1
<fabbione> figure in 5 years
<fabbione> so you might not be able to use the repos for cross merging
<fabbione> and that's one of the most interesting features about having all /etc in RCS
<neuralis> right.
<fabbione> cherry-pick this change from the test-server... boom
<neuralis> well, bzr should stabilize quite a bit by dapper+1, so hopefully we can do it then.
<fabbione> did you hear anything from the cluster guys?
<neuralis> nope.
<fabbione> i guess they won't match our deadlines
<fabbione> oh well.. we will work it out for dapper+1 hopefully
<neuralis> it sounds like they'll still put out openssi packages for dapper, just not through ubuntu channels
<fabbione> that's sick.. but ok
<fabbione> if they prefer that way
<neuralis> they don't, but there just wasn't enouh time to meet UVF
<neuralis> *enough
<fabbione> well they need to meet Feature Freeze
<fabbione> that's in 13 days
<ajmitch> bzr guys are hoping to have 0.8 in dapper, with the understanding that there be some stability in branch formats & API (though probably not for 5 years)
<neuralis> ajmitch: they're aiming for 6-12 months.
<ajmitch> not nearly enough for a 5-year distro support
<neuralis> fabbione: to be honest, i think it's better for ubuntu not to have it in officially for dapper. it's not stable enough.
<fabbione> neuralis: ok
<neuralis> fabbione: so let them put out packages separately and get testing, and we can look at official inclusion for dapper+1
<fabbione> neuralis: right, but we will land in the exact same problem
<fabbione> dapper+1 won't have .15
<fabbione> probably .18 or something
<fabbione> if the openssi guys don't start tracking recent kernels, it will be the same as Xen for hoary/breezy/dapper...
<fabbione> anyway i need to reboot my ws
<fabbione> brb
<neuralis> ok
<fabbione> re
<neuralis> fabbione: around feature freeze, i'd like to chat with you briefly about everything that went into server, to make sure i don't forget anything
<fabbione> sure
<fabbione> assuming i can remember all of it :)
<fabbione> but i think we should chat about it today
<fabbione> so if there is something i did overlook
<fabbione> there might be time to get it done
<neuralis> sure
<neuralis> would you like to do it now or later?
<fabbione> i just need about 20 minutes to finish something
<neuralis> sure. ping me when you're back.
<fabbione> yup
<fabbione> re
<fabbione> neuralis: still around?
<neuralis> fabbione: yep
<fabbione> ok where do you want to start?
<neuralis> i just went over the list of all dapper specs
<neuralis> relevant to servers are HardwareTestingCatalog, CommunityServerHardwareTesting, KernelServerRoadmap, TestingServerHardware, ServerCandy, UbuntuClusters
<neuralis> we should probably talk only about the last two
<fabbione> KernelServerRoadmap is implemented
<fabbione> in terms that we have the kernels
<fabbione> we need to make them the defatuls for server CD
<fabbione> and probably do some more config tuning
<fabbione> nothing really fancy is left there
<neuralis> right, i just want to find out specifically what was changed in them, although i suppose i can just look at the .config
<fabbione> basically -server doesn't have PREEMPT, HZ=100
<fabbione> and a bunch of modules have been removed from -desktop
<neuralis> sound, DRM removed, i imagine
<neuralis> eah
<neuralis> *yeah
<fabbione> like for example OCFS2 and GFS
<fabbione> no, sound is there
<fabbione> you might want a streaming server "use case"
<fabbione> but clearly you don't need OCFS2 on your workstation
<neuralis> right.
<fabbione> -server on i386 is only 686+SMP
<fabbione> it has basic numa support
<fabbione> -server-bigiron is pushed to the limit of 64CPU or something
<fabbione> with bignuma support
<neuralis> got it.
<fabbione> Ben's definition of -server-bigiron was really good
<neuralis> the one posted to -devel? i remember reading it :)
<fabbione> yeah that one
<neuralis> okay. so that gets rid of kernel, and i know what's been going on with the three server specs, so let's talk about server-candy and ubuntu-clusters.
<fabbione> yup
<fabbione> for Cluster i only managed to keep GFS and OCFS2 updated to a decent level
<neuralis> okay. slurm didn't make it in due to licencing issues, correct?
<fabbione> slurm is GPL
<fabbione> but it links with ssl
<neuralis> but links against openssl
<neuralis> right
<fabbione> and i never got around to ask all upstreams for permissions
<fabbione> or try to port it to gnutls
<neuralis> i think asking for permission is impractical; probably too many contributors
<maswan> how about torque then?
<fabbione> neuralis: i agree
<maswan> slurm seems to have less licensing issues though, just a gnutls port..
<fabbione> neuralis: there are also tons of libs that slurm uses.. they have the same issue
<maswan> I got rather confused trying to read the torque license
<fabbione> maswan: i don't remember testing torque.. neuralis did you?
<neuralis> fabbione: no, there were reasons why we didn't look at it
<fabbione> i don't remember tbh
<neuralis> fabbione: i think it's very non-free
<fabbione> ok
<maswan> neuralis: I'm not so sure, acutally. There are a bunch of non-free clauses, but they were time-limited and expired in 2002 or something like that.
<neuralis> maswan: i'll take a closer look, but i doubt we can do this in time for dapper.
<neuralis> maswan: also, slurm seems to be a much more accepted solution, so i'd really rather that we get that in.
<neuralis> maswan: the people who really need a resource manager on dapper are few enough that they probably don't mind deploying one by hand.
<neuralis> fabbione: let's continue
<fabbione> yup
<neuralis> fabbione: drbd, ganglia, lvs?
<fabbione> we can look at ganglia and lvs
<fabbione> that's just question of promoting them to main
<neuralis> right
<fabbione> for drdb.. dunno.. we have plenty of these solutions already
<neuralis> hmm. examples?
<fabbione> aoe, gnbd, nbd...
<fabbione> is there something really special about drdb that others don't have?
<neuralis> nbd just lets you use a remote disk locally. isn't that correct?
<fabbione> yes
<fabbione> like aoe or gnbd
<neuralis> fabbione: right. that's not what drbd is for.
<fabbione> what does drdb does in short
<fabbione> ?
<neuralis> fabbione: drbd is network raid1. it gives you actual drive replication over the network.
<neuralis> in realtime.
<fabbione> ok
<fabbione> than we want it
<fabbione> is the code stable?
<neuralis> it's not changing much, and it works solidly in heavy production.
<fabbione> ok
<fabbione> do you have an url handy?
<neuralis> there is a kernel module component, obviously. is that a problem?
<neuralis> http://drbd.org
<fabbione> i might as well get it done today
<fabbione> no
<fabbione> well .. it depends of course on how intrusive this thing is
<neuralis> it's relatively isolated, i believe.
<fabbione> i will check
<fabbione> now i am almost a git guru :)
<neuralis> :-D
<neuralis> it should, in theory, apply cleanly to .15.
<fabbione> yeah
<fabbione> we need to see if it works even if applied :)
<neuralis> right.
<fabbione> ok next..
<fabbione> i guess there is no more for Cluster
<neuralis> okay, will you pursue the promotion of keepalived, ipvsadm, ganglia, drbd0.7-utils to main?
<fabbione> do we need keepalived?
<fabbione> we didn't mention it in the spec
<neuralis> fabbione: yes, we did; it's part of LVS
<fabbione> oh right
<fabbione> i missed the ()
<neuralis> np
<fabbione> i think i can manage to ask for promotion..
<fabbione> i am sort of utterly overloaded
<neuralis> do promotion reports need to be filed, or is it just a matter of asking?
<fabbione> we need to fill the forms
<neuralis> by when?
<fabbione> there is no real deadline for it
<fabbione> but it would be better if we can at least test the packages before we do so
<neuralis> right. i'm almost totally unavailable until march; is there anyone else on the server team we can get to do the reports?
<fabbione> <-
<fabbione> or infinity
<fabbione> well actually
<fabbione> everybody can do the report
<fabbione> but it would be better if that somebody is a known source and could test the pkgs as well
<fabbione> it will spare pitti the time to review it again
<neuralis> why don't we get one or two of the 12 ubuntu-server guys to write the reports, and you or infinity can test the packages
<fabbione> we can try.. do you want to write a mail to -server asking for it?
<neuralis> (have most of the ubuntu-server guys actually done something for ubuntu server? writing server specs or doing some actual ubuntu-server work should be a prerequisite for joining, i think.)
<neuralis> fabbione: yes, i'll take care of it. if we don't hear back in a few days, i'll get back in touch with you about it.
<fabbione> ok
<neuralis> ok, shall we move on to server-candy?
<fabbione> yup
<neuralis> server test suite (really burn-in suite) on the cd. i think benc is assigned to work on this. do you know if there's been progress?
<fabbione> no progress that i know of
<fabbione> i think it was assigned to somebody else...
<fabbione> anyway
<fabbione> i doubt that will ever happen
<neuralis> why's that?
<fabbione> because i haven't seen progress so far
<fabbione> and there isn't much time left for it
<maswan> neuralis: Sure. slurm also seems much cleaner, torque has lots of cruft.
<neuralis> maswan: yes.
<fabbione> Third party software inclusion is like i said above
<fabbione> we got a list that needs investigation
<fabbione> together with mdy
<fabbione> and packaging
<neuralis> fabbione: hm. well, if we can include stress and iperf on the cd, writing a totally simple script to run them isn't a big deal.
<neuralis> we can then build a real interface for dapper+1.
<fabbione> neuralis: are they in main or universe?
<neuralis> universe, we haven't needed them in main before.
<fabbione> hmm ok
<fabbione> that means that the machine can be stress tested only after installation
<fabbione> ok let's keep this as a point..
<neuralis> they're both tiny packages; do you think it'd be a problem to promote them to main?
<fabbione> i don't think that's an issue
<fabbione> i am more thinking of: "Hey i installed -server and the stress tools crash my box... wtf"
<fabbione> it would be more useful to be able to test the box before
<fabbione> like for instance.. from the live CD
<neuralis> we were talking about having this on the -server install cd, no?
<fabbione> yes
<fabbione> we can ship them
<neuralis> you should be able to hit F<something> on the install screen to drop into shell and launch a script that runs the burn-in suite
<fabbione> yes but to run something that's in a .deb you need to install it first
<fabbione> in d-i you need the udeb
<fabbione> that's probably a day of work to get it done
<neuralis> can we get that in for dapper?
<fabbione> i dunno.. i don't think i will have the time
<neuralis> sorry, let me just make sure i'm understanding this right
<fabbione> sure..
<neuralis> afaik, we already ship a recovery mode on the cd that drops us into the shell
<fabbione> yes
<neuralis> if we provide stress and iperf as simple binaries available from that shell, problem solved, no?
<fabbione> but that assumes that your system is already installed with ubuntu
<fabbione> my understanding was that the test suite should run before
<neuralis> ah!
<neuralis> i didn't know the recovery mode required an ubuntu installation; that's not how the debian cds work, i believe
<fabbione> it's the same infrastructure
<fabbione> well
<fabbione> hold on
<neuralis> sure.
<fabbione> the recovery mode is able to mount /
<fabbione> it doesn't check if it is Debian or Ubuntu or RedHat
<fabbione> my problem is to ship the binaries in the rescue mode
<maswan> but you can also get a shell without recovery mode, just a plain busybox shell without any mounted /
<fabbione> maswan: that too
<fabbione> that's why i am mentioning shipping the binaries in rescue mode
<fabbione> they need to be available in d-i
<neuralis> fabbione: okay, now we're on the same page. should i e-mail infinity or benc and see if they have the time to roll them into the appropriate udeb?
<fabbione> works for me
<fabbione> whatever doesn't involve me to add stuff to my TODO list is OK
<neuralis> :) let's continue - 3rd party /vendor software inclusion. you have the list, how much do you think will get done?
<fabbione> it depends from the licence of this stuff
<fabbione> and how much mdy can convince vendors to allow us to redistribute
<neuralis> okay. mdy is working on that, i assume? when do we expect to know?
<fabbione> no idea
<fabbione> he is in Japan or somewhere around there
<neuralis> ah. okay, i'll ask about it again closer to the end of the month, or e-mail him.
<fabbione> ok
<fabbione> point him to the page on the wiki
<fabbione> i am pretty sure i told him
<neuralis> is there a separate page other than ServerCandy?
<neuralis> yes, found it
<fabbione> https://wiki.ubuntu.com/ServerExtApps
<neuralis> ok, moving on, central snakeoil stuff was worked on during the distrosprint, how far did we get there?
<fabbione> we do have the basic ssl-cert infrastructure
<fabbione> i already migrated a bunch of servers
<fabbione> there are a few left
<fabbione> that should be finished by end of next week
<fabbione> infinity is to cleanup ssl-cert to be nicer
<neuralis> sounds good. i'll ask again about details in ~10 days.
<neuralis> md5 checker: still blocking on elmo/admins?
<fabbione> yes
<fabbione> the code is there and i tested it locally
<fabbione> works for me
<fabbione> that's all i know
<fabbione>  /etc we already discussed
<neuralis> should i ping the admins, and if so, who specifically?
<fabbione> nah
<fabbione> i am on their necks almost every day
<fabbione> so is mdz
<neuralis> ok, sounds good
<neuralis> i think that's all. did we miss anything?
<fabbione> so i think that generally we look good
<neuralis> yes, we're in very good shape.
<fabbione> seed management, but that's something that needs to be done step by step
<fabbione> and we already discussed most of it already
<fabbione> there is stuff i want to kick out of server cd
<fabbione> and i am waiting for Kamion to merge the -server seeds into the standard branch
<neuralis> right
<fabbione> and that's about it i think
<neuralis> great. thanks for your time! i'll send out the e-mails we talked about and follow up on loose ends later.
<fabbione> perfect
<fabbione> thanks to you
<neuralis> sure. one final question -- are we planning to include the md5 checker in a special mode on the server cd? e.g. do you have an udeb ready, or are we taking a different approach?
<fabbione> it's already integrated into rescue mode
<neuralis> rock.
<neuralis> okay, i have everything i need, and i'll talk to you soon. cheers.
<neuralis> (4:45AM here, time to get some sleep.)
<fabbione> night :)
#ubuntu-server 2006-02-16
<ruaok> hi!
<Pygi> hi
<ruaok> I'm getting a kernel panic while booting the installer on a supermicro with adaptec RAI (i20)
<ruaok> Pygi: fancy meeting you here. :)
<ruaok> anyone know how I might be able to circumvent that kernel panic and get it to install properly?
<Pygi> you are running dapper server daily build?
<Pygi> *trying to run*
<ruaok> no, breezy release
<Pygi> fabbione: ping
<fabbione> pong
<Pygi> just wanted to let you know that I am currently installing daily build of server
<Pygi> everything seems clean for now
<fabbione> cool
<fabbione> great
<Pygi> :)
<Pygi> only loader of installer looks "too much windows-alike"
<Pygi> that progress bar :P
<Pygi> I'll let you know what happened once everything is installed and tested
<Pygi> should be done all today
<fabbione> ok
<fabbione> i won't be around today or tomorrow
<fabbione> let me know on monday
<fabbione> i need to take off now
<Pygi> kk
<Pygi> enjoy
<fabbione> thanks
<fbn> if not all packages in the main repository are supported, what happens to unsupported packages installed on a system?
<fbn> are there no security hotfixes for five years or what does that mean?
<troy> nick theives
<ubijtsa> troy: ?
<troy> ubijtsa: I have to use nickserv to enforce my nick all the time
<ubijtsa> troy: mmm... I know that one
<troy> it's just annoying
<troy> whenever there's an interruption in my connection, I reconnect as _troy or troy_ or something
<ubijtsa> troy: that could be your normal nick on the previous connection
<troy> nah, /whois always tells me it's someone else
<ubijtsa> on freenode I have same problem with my normal nick
<ubijtsa> so I xlated it into russian and transcribed it into latin script (ubijtsa)
<ubijtsa> that means I *very* rarely end up with a nick collision :)
<troy> I've been on freenode/openprojects for like 8 years - never had this problem until the last year or so
<ubijtsa> when someone else named troy turned up
<ubijtsa> in 93 I used to use the nick 'flex', and all was fine for a year..
<troy> yeah, but it's not always the same person either, so I have to lay down the nickserv beatstick quite often
<ubijtsa> mmm, I just registered my nick (means I can pvt message as well I think)
<troy> the most annoying part is that I used to give the thieves a warning that I was about to steal my nick back, but now I can't because I need my nick to send them the message :)
<ubijtsa> hehe
<ubijtsa> that has always been the problem with big IRC networks
#ubuntu-server 2006-02-17
<MarioMeyer> heya irvin
<irvin> hello MarioMeyer
<MarioMeyer> did u get that planet working?
<irvin> i did. i wanted to use flat files but i've got lots of stuff on my hands now
<MarioMeyer> i c..
<MarioMeyer> phplanet isnt that modularized yet.. it may be a little hard to get everything to flat files
#ubuntu-server 2006-02-18
<nictuku> infinity, when you come back please let me know
<infinity> I'm here.
<infinity> (more or less)
<nictuku> when you find some time, could you please check https://opensvn.csie.org/traccgi/nwu/trac.cgi/wiki  (NetworkWideUpdates)? milestone 1 is on the way
<infinity> Is there meant to be more to the IRC quote in "other references"? :)
<infinity> The dangling "mvo" is a bit.. Odd
<nictuku> ah, that was "remember the nick of Michael Vogt" hehe
* infinity laughs.
<infinity> Which xmlrpc/soap implementation were you planning on using?
<nictuku> currently it can trigger the clients to run the following tasks: cache update (apt-get update), package installation (apt-get install <pacakges>, list repositories and, the best part, list update candidates.
<infinity> If it's generally considered mature (and well maintained upstream), the fact that it's currently in universe is no big deal.  We can promote it if/when nwu is ready to be supported.
<infinity> I also find it reasonably entertaining that we don't have a python xmrpc/soap extension in main, since we have the python kitchen sink in mian...
<infinity> s/mian/main/
<nictuku> currently it uses SOAPpy and M2Crypto, both of which are in universe. I can remove m2crypto, maybe.
<nictuku> indeed hehe. I spent the whole aftertoon asking me why there is no python soap in main hehe
<nictuku> and asking in #ubuntu-* too =] 
<infinity> python-soappy is not only in main, it's in the default desktop.
<nictuku> hmm
<nictuku> by the way, is packages.ubuntu.com supposed to not accept multiple keys in the packages search form?
<nictuku> i could not search after, say, python soap
<infinity> As for crypto, python-pyopenssl (also in the default desktop) may work for you.
<infinity> I dunno, I use "apt-cache search" for multiple key searches.
<nictuku> I needed that to find dapper packages..
<infinity> I only find packages.ubuntu.com handy to check versions of each package in each dist.
<nictuku> yes, removing migrating from m2crypto to pyopenssl is in the todo list
<MarioMeyer> we would need to get python-sysinfo to main also..
<nictuku> yeah, but it's not strictly needed for milestone1
<nictuku> infinity, MarioMeyer, check out the "manager cli" working: http://paste.ubuntubrasil.org/11
<MarioMeyer> this will be great to use on server farms... :P
<nictuku> I hope so
<infinity> nictuku: Oh, and the reason you couldn't find an xmlrpc extension is because xmlrpclib is included in the main python package.
<nictuku> hmm
<infinity> So, if you'd prefer to use basic xmlrpc instead of soap, that kills another dependency.
<nictuku> that would be better
<infinity> I've never been a big fan of SOAP anyway.  Too bloated for anything I've ever needed xmlrpc for.
<infinity> To each their own, though.
<nictuku> well, I'll confess. python-soappy had a nice "/usr/share/doc/python-soappy/GettingStarted.txt.gz". That's why I used it in the first place hehe
<nictuku> if you know of a sample code of xmlrpc + pyopenssl, I'd be interested
<infinity> Heh.  Well, I don't mind either way.  I'll admit that I've done very little xmlrpc with python, so I have no strong opinions.
<nictuku> ah, it would be great if someone more experienced than me reviewed the architecture and security "features". MarioMeyer  had made some interesting notes and I need more of that
<nictuku> MarioMeyer, I'll pay your honoraries when I get rich
<MarioMeyer> haha
<MarioMeyer> just pay a beer on FISL
<MarioMeyer> :P
<nictuku> :-)
<MarioMeyer> infinity, http://paste.ubuntubrasil.org/12
<MarioMeyer> agent running on a machine ;P
<nictuku> MarioMeyer, I updated it with the nwu list <your machine> update-candidates |wc result hehe
<MarioMeyer> niiiice
<oliver_savage> Hey everyone, I just got a VPS with ubuntu running apache2, and just installed mod_python. I'm going to install postgresql shortly, are there any gotchas I should be aware of?
<oliver_savage> anyone here using apache2?
<infinity> Yes.
<oliver_savage> i've only used apach1.3 and just started using apache2, this site-enabled and sites-available directories of doing things, is it required? Is it worth using?
<oliver_savage> er "way of doing things"...
<infinity> It's not "required", if you want to replace /etc/apache2 with your own configs completely, but it's definitely recommended, and makes a fair bit of sense once you get used to it.
<infinity> (My old apache 1.3 config was pretty similar, though, with an /etc/apache/virtual directory for vhosting config snippets)
<oliver_savage> Oh, ok I was used to just defining all the virtual hosts in the httpd.conf file, I'd only ever configured one internet facing server before. I'm sniffing through the docs now. Thanks
<await> waves to all!
<oliver_savage> waves back
<oliver_savage> This document; http://doc.ubuntu.com/ubuntu/serverguide/C/ch04s10.html, is well done.
<oliver_savage> can anyone recommend, from experience, a fairly easy to admin, lightweight mail server for a server with no xwindows?
<fabbione> postfix
<oliver_savage> thank you fabbione
<oliver_savage> I'm putting together a step-by-step documentation for ubuntu 5.10 server on a VPS. Using apache2, mod_python, mail-server, multiple domains, most fun I've had all week.
<fabbione> nice idea
* ubijtsa2 read something *very* nice on LKML last night
<ubijtsa2> libata will take over and drivers/ide will go away.. :)
<ubijtsa2> *woohoo* <jump around for joy>
<maswan> now if just those sata drivers beside 3ware would become stable and trouble-free.
<ubijtsa2> maswan: in the Dell GX280 *spit* the sata (libata) drivers work fine
<maswan> ubijtsa2: Well, I've been running into evil corner cases with sata_sil lately. Onboard stuff seems fine, but you're screwed if you want pci cards for a few (>4) extra ports.
<ubijtsa2> maswan: ah. sorry to hear that
<maswan> Well, my current workstation needed 2.6.15 to support the sata_sis chip, but that was doable, if slightly inconvenient with breezy.
* ubijtsa2 was running a custom 2.6.15 for a good while
<ubijtsa2> mostly statically compiled to avoid requiring initrd
<ubijtsa2> if the "libata drives all ?ATA" patch hits 2.6.16, I'll compile it myself for Dapper & Breezy
<ubijtsa2> I aint gonna wait for Dapper+1 for that beauty
<infinity> If it actually works, we may be able to convince mdz to let it into our 2.6.15... It would solve a LOT of corner cases we have in udev and initramfs and such.
<ubijtsa2> not to mention that all disk devices become /dev/sd*
* infinity nods.
<infinity> I'd welcome such a patch if it actually works, and if all the ide drivers are properly replaced and working.
<ubijtsa2> even if mdz says no, I reckon many that know how to, will be running a kernel with that patch before long.
<infinity> Oh, I'm sure they will, I mean I'd like it in the default kernels to remove some of my headaches in some complex packages.
<ubijtsa2> it's Alan Cox that is working on it, so when it is ready, it will be working..
<ubijtsa2> I have lots of confidence in him :)
<fabbione> if all disks will become /dev/sd* it's really unlikely it will make dapper
<fabbione> upgrade from breezy will be hell
<ubijtsa2> fabbione: fstab will be a bit af a pain yeah
<fabbione> it's not the only thing
<fabbione> a lot of tools have /dev/hd* hardencoded
<fabbione> to do some really stupid tests
<fabbione> it's not a transition i wish to see in Dapper
<ubijtsa2> yeah... but on the good side, getting shot of drivers/ide is a "Good Thing"
<fabbione> probably
<fabbione> anywya it's not up to me
<ubijtsa2> To be honest, I didn't think it'd make it into Dapper
<ubijtsa2> 2.6.16 is to late to make the cut, and a backport into 2.6.15 will most likely be painful
<spike> anybody would be able to comment what's wrong with fuse that encfs inclusion has been refused?
<spike> I cant remember the url, could google it out if necessary, but I read a page where they said that, without additional details or anything
<hunger> 2~
<hunger> Tonio_: Why is there DB on the debian-file-icon?
<hunger> Sorry, wrong channel again!
<lapo> hi
<lapo> lo interface won't came up on boot here, I have an all lvm setup with a /var on an lv, since I think /var is not mounted afterI have a
<lapo> sorry
<lapo> I think /var is not mounted early enough, I can see ifupdown complaining that there is not /var/run
<fabbione> lapo: file a but http://launchpad.net/malone/
<lapo> fabbione, against what I should file the bug? init?
<fabbione> ifupdown
<lapo> k, tnx
<christl> anyone here using clamav?
<lionelp> yep
<christl> one question: is under ubuntu something similar to the debian-volatile repository?
<christl> so, that the signatures/engine are always up-to-date
<lionelp> to my knowledge, the answer is no
<lionelp> signatures are idependant, with freshclam you can get new signatures everyday
<lionelp> that is not the case for the engine, ok
<lionelp> it would be a good idea... I do not know if it is planned...
<christl> have you ever tried the debian-repository? (with pinning .. only for clamav)
<lionelp> i have not tried
<await> fabbione ping
<mkrufky> im trying to set up apache2 using php to access a mssql database, and i get this error: Fatal error:  Call to undefined function mssql_connect() --  all resources tell me that i must recompile php with freetds support, but I was under the impresseion that Ubuntu Just Works (tm) ...  I already have dev-freetds and sqlrelay-freetds packages installed
<mkrufky> what is my next step?
<tiris> anyone home?
<tiris> I have a quick question about ubuntu server (not sure if this is the place to get it answered).
<spike> tiris: go on
<tiris> okay, I have installed a server and was going to use it for a fileserver...I also want to access it from outside the LAN...like at work.
<tiris> but I am afraid of connecting it to the internet because I know nothing about security
<Pygi> fabbione: ping
<Pygi> tiris: what's the prob?
<tiris> any suggestions for quick reading material on tools and practices for server security for ubuntu?
<tiris> keep in mind that I am really new to the linux jive and really, really new to the linux-server jive
<spike> tiris: then dont really expose a box to the net
<spike> tiris: there's not quick reading. u can start with the debian security howto, that will apply to ubuntu as well
<tiris> I want to learn how to safely expose the box to the net.
<tiris> I would like to be able to access my files from work.
<spike> tiris: sshfs sounds like ur best bet judging from what u're saying
<spike> it's fairly easy to secure ssh, and it seems the file sharing is limited to you
<spike> ssh daemon*
<tiris> I am a little familiar with ssh. I know how to use it and set it up, but what vonerabilities am I opening myself to when I connect to the Internet...how easy is it for someone to get access when they are not supposed to?
<spike> tiris: either an ssh bug, and let's say it's quite unsual, or a weak password. ssh bruteforcing is *very* common, and weak password is they way they go
<tiris> how do I know when an unauthorized attempt was made?
<tiris> how do I know when an unauthorized attempt was made and succeeded and what the user did while having access?
<spike> tiris: what u can do is employ an ssh keys solution, that will prevent pwd bruteforcing totally disabling pwd based access
<spike> tiris: /var/log/auth.log and lastlog command
<tiris> can you point me to a good HOWTO on this ssh keys setup?
<spike> tiris: http://www-128.ibm.com/developerworks/library/l-keyc.html
<spike> as the big black line at the beginning says, it's a 3 part tutorial, read all of them, not just that one
<spike> at least part 1 and 2, u dont need 3 at this stage
<tiris> okay. Thanks this should get me started. Thanks again.
<spike> tiris: read the secure debian howto too please
<tiris> what is the url?
<spike> u can find it urself, it's not hard
<spike> check out the documentation section on debian.org, it's there
<tiris> is it an official howto from debian?
<spike> yes
<tiris> okay thanks
<Pygi> one of the good tutorials for unixes/linuxes in general is also a freebsd documentation
#ubuntu-server 2006-02-19
<tiris> Great sources, thanks all. This will keep me going for a while.
<Pygi> that docs is one of the best tech docs ever written, so if you wanna read :)
<ealden> MarioMeyer: ping
<MarioMeyer> pong
<MarioMeyer> ealden,
<Psi-Jack> saslpasswd2: generic failure <-- Why do I get this error, trying to create a password for a new user, using saslpasswd2 -c -a slapd <username> ?
<Psi-Jack> Anyone here? ;)
<fabbione> morning
<MarioMeyer> morning
<MarioMeyer> still night here though :P
<nictuku> fabbione, hi
<nictuku> fabbione, when you find some time could you please take a look at https://opensvn.csie.org/traccgi/nwu/trac.cgi ?
<fabbione> nictuku: will try, but i am really busy
<nictuku> ok. It's related to Network Wide Updates
<spike> 'morning?
<spike> fabbione: arent u on .dk timeframe?
* spike yawns
<fabbione> spike: yes
<spike> eeer, 10 to 6am then, no?
<spike> hey ubijtsa, getting ready for work? :)
<ubijtsa> spike: just got up yeah :)
<spike> how's you besides sleepy? :)
<ubijtsa> breakfast now, and then a bath before driving 55 miles up to Aylesbury
<ubijtsa> I'm alright.. raised my first ubuntu defect yesterday
<ubijtsa> how's things with you then spike?
<spike> ubijtsa: fine tnx, got back to .it to setup a new site for a customer, and now I'm kinda tripping around visiting friends before coming back home
<spike> had 2 interviews yesterday for new jobs, wish me luck
<ubijtsa> good luck (or should I say break a leg) :)
<spike> ehehe, break a leg, first time I hear it
<spike> any special way you reply to that?
<ubijtsa> well, here in .uk they think it unlucky to wish someone luck for some things, so they tell them to break a leg instead, so they really will get the luck they wanted them to get
<spike> yeah, same here
<nictuku> lol
<nictuku> only to some things?
<ubijtsa> things get very complicated when you take superstition into account :)
<spike> here they say something I'd roughly translate to "in wolf's mouth"
<ubijtsa> nictuku: I'm not native so I am not entirely sure :)
<spike> and u're supposed to reply "die"
<spike> replying "tnx" will bring u *very* bad luck
<nictuku> LOL
<ubijtsa> spike: oookay, I'll try and remember that one :)
<spike> there are "funny" variations, tho, like "in whale's ass", to which u reply "hope it wont fart" :)
<spike> dont ask me where it comes from because I've no idea :)
<ubijtsa> *loooool*
<ubijtsa> pinochio story maybe :)
* ubijtsa wants to find Jrg, shake him and scream *aaaaaaaaaarrrgh!* to his face
<ubijtsa> that man is *SO* irritating at times
<oliver_savage> Is there any reason that I wouldn't want to add "deb http://security.ubuntu.com/ubuntu breezy-security main" to sources.list? This is for an internet facing production server, I'm wanting to make sure mod_python, etc is patched.
<LordHunter317> i cant' think of any reason you wouldn't want to have it.
<fabbione> if your machine was properly connected to the internet at install time, that line would be automatically on
<fabbione> otherwise it is commented
<fabbione> and clearly you want it on
<oliver_savage> it doesn't even appear, this was an install on a vps, so the host set it up, sources list only has "deb http://archive.ubuntulinux.org/ubuntu breezy main
<oliver_savage> " in sources.list. Thank you fabbione!
<ruaok> hey ho. anyone awake?
<ruaok> I'm trying to install breezy onto system with an i2o controller and I get a kernel panic when the installer loads.
<ruaok> anyone know of a workaround?
<ruaok> this is for a production system, otherwise I'd try dapper
<ubijtsa2> ruaok: this is a dpt_i2o controller?
<ubijtsa2> ruaok: like an Adaptec 2100S ?
<ubijtsa2> ruaok: if that is the case, you'll either have to use Hoary or Dapper. Breezy is (completely broken|not working) for dpt_i2o.
<spike> who was using openqrm in here?
<spike> I remember someone asking for it to being included into ubuntu-server, but cant remember the nickname
<spike> I'm looking at it, but it's not very clear how it operates and I was wondering if anybody could offer some quick overview
<spike> ubijtsa: you there?
<spike> ubijtsa2: 2 maybe :)
<ubijtsa2> aye
<spike> can I query you?
<ubijtsa2> schure
<ubijtsa2> go ahead :)
<spike> tnx
<ubijtsa2> spike: query as in 'nmap' or?
<spike> no, query as private message
<spike> ubijtsa2: cant you read what I wrote? u should have some text from me somewhere
<spike> either a new window or server message buffer (iirc u were using irssi,no?)
<ubijtsa2> I use kontact
<spike> uhm, well, whatever, u should have my stuff somewhere
<ubijtsa2> and I seem not to be allowed to send private messages by freenode :(
<spike> oh, ubijtsa2 is probably not registered, that's why
<ubijtsa2> I can read it.. just can't answer
<ubijtsa2> spike: you have jabber?
<spike> since they switched to hyperion an anti-spam filter has been introduced so only identified users can send pvt msgs
<ubijtsa2> ah
<spike> ubijtsa2: /j #spikelab
<Pygi> fabbione: ping
<Psi-Jack> What is a very lightweight httpd that I could install to temporarily direct /every/ hit to one single .html file, regardless of the URI?
<spike> Psi-Jack: thttpd?
<Psi-Jack> Can thttpd actually rewrite, or at least redirect all URI's to one file?
<Psi-Jack> Ahh, thttpd has it's own mod_rewrite?
<Psi-Jack> Hmmm,. No, I was apparently thinking lighthttpd==thttpd, which it's not.
<spike> Psi-Jack: yes, it's called redirect, a small cgi
<spike> nope, those are different things. lighthttpd is indeed light too and very fast for static page serving
<Psi-Jack> Hmm, and no package for ubuntu for lighthttpd, either. ;)
<Psi-Jack> So, thttpd might just do the trick.
<Psi-Jack> Oh wait.
<Psi-Jack> Does thttpd let you define errorpages?
<spike> Psi-Jack: yes
<Psi-Jack> Basically, I'm making a temporary non-apache server to handle temporarilly unavailable service.
<spike> Psi-Jack: consider that http://www.acme.com/software/thttpd/thttpd_man.html has on its main bar the following topics: url rewriting, error codes
<Psi-Jack> Hmm. How about possibly making it also send the errorcode for temporary unavailable?
<Psi-Jack> Basically, sending a 503
<Psi-Jack> Urgh.
<Psi-Jack> Just to change GENERATE_INDEXES, it requires changing the config.h and re-compiling thttpd? :/
<anto9us> does dovecot dictate whether to use maildir/mbox formats or should it be set to match the configuration as dictated elsewhere?
<Psi-Jack> Doesn't dovecot only use Maildir?
<anto9us> it supports both
<Psi-Jack> Hmm.
<anto9us> I'd like to set my system to use Maildir, where is that normailly done, should dovecot do that?
<Psi-Jack> Well, that's up to your MTA, or MDA actually.
<anto9us> what's the default mda in breezy?
<Psi-Jack> But, yes, Dovecot will obviously need to be configured accordingly.
<Psi-Jack> There is none.
<Psi-Jack> An MDA would be something like procmail, lmtpd, cyrus-imapd, or what-not. What actually handles the DELIVERY from MTA to the final mailbox storage.
<anto9us> I see, the jigsaw is making a picture now, thanks
<Psi-Jack> MTA == Mail Transfer Agent.. Essentially, the SMTP server. MDA is the Mail Delivery Agent. Often not used, but can be used to setup a medium of how to handle actual delivery.
<LordHunter317> if you're using postfix, which is the default MTA when you install one, you configure it there.
<LordHunter317> as for davecot, I believe it can use both ,but I could be wrong.
<LordHunter317> I know courier only uses maildir.
<anto9us> I'm going with postfix
<LordHunter317> fwiw though, if you use procmail as well, you need to, as Psi-Jack said, configure procmail to do maildir delivery.
<Psi-Jack> I personally recommend the use of LMTP MDA transport. ;)
<anto9us> Psi-Jack, why?
<Psi-Jack> But, that's because I setup small-to-huge scale mailservers. And LMTP is an excelent protocol for handling such things.
<LordHunter317> hwy would you use LMTP unless your MDA only understands LMTP or SMTP?
<anto9us> Psi-Jack, well this is my desktop/server at home which will be a failover for work so scalability is important
<LordHunter317> if your mailserver has direct disk access to the mailboxes, use procmail or something else that delivers the message directly.
<anto9us> all the services will be local to the machine
<Psi-Jack> And I stronly advice against procmail, myself. It's outlived it's usefulness. ;)
<LordHunter317> compared to?
<Psi-Jack> Compared to sieve, actually.
<Psi-Jack> I believe sieve will become the new standard of mail filtering.
<anto9us> Psi-Jack, the one in mailutils package?
<Psi-Jack> eh?
<Psi-Jack> Oh, lemme check.
<anto9us> This package contains the GNU mailutils versions of dotlock, frm, from
<anto9us> guimb, mail, messages, movemail, readmsg and sieve. They are capable
<anto9us> of speaking POP3, IMAP, mbox, MH and Maildir.
<Psi-Jack> Oh, could be. ;)
<anto9us> it's also in cyrus mail system
<Psi-Jack> I'm not honestly familiar with mailutils yet. But I will be.
<Psi-Jack> anto9us: Correct. Which is what I personally use.
<Psi-Jack> Cyrus made sieve.
<Psi-Jack> I'm writing, practically, a book about small to large scale, clusterable servers, which will involve how to setup, mysql, postgresql, or ldap-backed clustered servers, using various MTAs and MDAs to handle everything. :)
<Psi-Jack> And actually, I should say, cyrus made the sieve library, and definition of it.
<anto9us> Psi-Jack, is cyrus complicated to set up? what I want is an email server setup to support several domains with local delivery, imap support and external access
<Psi-Jack> anto9us: Postfix and Cyrus-IMAPD actually work rather quite well with each other. Especially since both postfix and cyrus-imapd share the same cyrus-sasl authentication library. But, cyrus-imapd itself, is a bit complicated to setup, initially. It does not store mail in Maildir, mbox, or MH format, it uses it's own berkely-db-capable indexed mailbox storage,.
<anto9us> well, I suppose maildir is not critical I just read it was a better option than mbox
<Psi-Jack> But, mind you, it does provide IMAP and POP3 retrieval protocols, and LMTP to insert mail. :)_
<Psi-Jack> Maildir is definately a MUCH better method than mbox, but it's with it's own problems. There no "standard" means to handle quotas.
<anto9us> I'll definitely be running postgresql, if that's a factor anywhere
<Psi-Jack> And in fact. The worst thing about Maildir and the implemented sum of methods to handle quotas, revolves around the Maildir message filenames to set the filenames to include each message's content size, in ocets, and to bulk them all up adding that filename-based value together to get the total storage amount used.
<anto9us> I'll also possibly run ldap, if I can get my head around it
<Psi-Jack> Hehe.
<Psi-Jack> Choose one. I don't recommend mixing them, in the overall scheme of things. :)
<anto9us> postgresql in place of ldap?
<Psi-Jack> postgresql is a very good rdbm, and can in fact, handle quite a serious load if it has to, but depending on the load it'll have, there are times you will absolutely have to run it on a dedicated machine JUST for postgresql.
<LordHunter317> what are you intended for using postgres for?
<Psi-Jack> Course, this is common for /any/ SQL server. :)
<anto9us> postgresql for multiple database applications including the entire UK eroll which is seperated into distinct tables for each postcode
<LordHunter317> what?
<anto9us> postgresql to store data for web applications run on zope
<anto9us> as well as allowing odbc access from gui clients
<LordHunter317> as a rule, web and mail shouldn't be mixed where possibile, and if your sites are busy for either, you'll want a dedicated DB server.
<Psi-Jack> Right, Which is where LDAP holds a strong-point. ;)
<anto9us> it's unlikely to exceed more than 20 concurrent users
<LordHunter317> Psi-Jack: for authentication and such, sure ;)
<anto9us> both machines are raid setups with 2 gigs of ram
<Psi-Jack> LordHunter317: Authentications, mailRouting, Accounts, and much more.
<anto9us> ie. server in work and at home
<LordHunter317> Psi-Jack: i meant in the most generic sense.
<Psi-Jack> Hehe
<Psi-Jack> Like I said, I do small to HUGE scale servers. :)
<LordHunter317> you still won't be storing the actual mail in LDAP, which is sorta what I was alluding to.
<anto9us> LordHunter317, I do plan to balance the load with dedicated servers later, yes
<Psi-Jack> True. :)
<Psi-Jack> Then there's dbmail, if you want to actually physically store the mail inside an SQL server. :)
<LordHunter317> Thouse Exchange manages to get by with JET, so i suppose it's not impossible.
<LordHunter317> i mean, if it can do JET, I bet Ican do OpenLDAP.
<anto9us> I think storing as much as I can in postgresql makes backups easier
<LordHunter317> yes and no.
<LordHunter317> mailservers are still tricky to get a reliable backup of.
<LordHunter317> meaning, fully consistent.
<anto9us> daily full backup, not going to bother with incremental
<Psi-Jack> LordHunter317: Another thing my docs I'm writing will address. ;)
<Psi-Jack> Combining DNS, replicating SQL/LDAP servers, and mailbox storage containers.
<LordHunter317> sad how immature postgres' replication is.
<Psi-Jack> Unlike IBM's "Self-Healing Technology", my own implementation will just plain work from redundancy and duplication, and providing that accross a wide scale. :)
<anto9us> LordHunter317, that's something else I was looking at, although, all I need is to back up to the failover
<LordHunter317> well, slony-1 can push data to a backup.
<LordHunter317> it's the rest of the solution that's immature.
<anto9us> I was just going to write a cron scipt to run pg_dump, connecting to both servers
<Psi-Jack> anto9us: Let me give you some pointers:
<anto9us> so, postgresql mail storage and authentication is possible?
<Psi-Jack> First of all, use PostgreSQL only for user information: This means, usernames, passwords, and such. Depending on your choices, this will also include the mailbox location.
<anto9us> ok
<Psi-Jack> Unless you are going to use dbmail, storing mail itself into SQL is not gonna happen. :)
<anto9us> dbmail is in the repos
<LordHunter317> and if you're going to do LDAP down the road, skip postgres for auth now and just setup LDAP.
<LordHunter317> you're saving yourself a migration and probably a second trip to the ER for alcohol poisioning.
<Psi-Jack> hehehehe
<anto9us> :)
<Psi-Jack> anto9us: dbmail is indeed, a very nice IMAP/POP3 server, which is being commercially developed, and made opensource.
<Psi-Jack> BUT.
<Psi-Jack> It's still not quite mature enough for 100% reliable use, depending on how you use it.
<Psi-Jack> They're still working on getting some things working, such as libsieve mail filtering, and lmtp.
<anto9us> imap is the most important thing to me, people will be accessing email from several machines/locations
<Psi-Jack> anto9us: Do you need/want shared mailbox capabilities?
<anto9us> some email addresses will need to go to several people
<Psi-Jack> That wasn't what I meant. :)
<anto9us> what's a shared mailbox?
<Psi-Jack> That's another thing, though, you can use SQL/LDAP to handle mailbox/domain aliasing.
<anto9us> I'm not going to get this set up tonight am I?
<anto9us> :)
<Psi-Jack> But, I mean, actual Mailbox sharing. Multiple users being able to read from the same shared mailbox. Wether it's the user's own setting to allow it, or a global shared mailbox.
<Psi-Jack> anto9us: Probably not, not if you want to do it right. ;)
<Psi-Jack> The first time.
<anto9us> Psi-Jack, shared mailboxes won't be required
<Psi-Jack> Okay, then you just opened yourself up to pretty much any mailstorage system. Dovecot, Courier-IMAP, Cyrus-IMAPD, dbmail, etc.
<Psi-Jack> How about user-definable mail-filtering rules?
<anto9us> that can be configured in the client can't it? thunderbird/evolution
<Psi-Jack> I meant server-side.
<anto9us> that's extra work for me, I'll leave it to the user
<Psi-Jack> If you're going for IMAP, and you want filtering rules, you /want/ it server-side.
<anto9us> how would the user configure the server side filtering?
<Psi-Jack> If you used Cyrus-IMAPD, there's actually a SquirrelMail plugin to work with making SIEVE scripts, very easily to the user. :)
<anto9us> I think the client can do it
<anto9us> ok, a bit more traffic but I'm not worried about that
<Psi-Jack> Heh, your choice. :)
<anto9us> I want to limit the number of components as much as possible for both me and the user
<Psi-Jack> Heh. Postfix + Cyrus-IMAPD + PostgreSQL + SquirrelMail is too many components? :)
<anto9us> let me look at squirrelmail, brb
<Psi-Jack> Quite possibly the best webmail engine out there. Course that's my own opinion. :)
<anto9us> I wasn't planning on running a web server other than zope but I think ssl might be a good thing to have so that will probably be apache rewrites, ok, squirrelmail it is
<Psi-Jack> Zope is one beast I will never understand. heh
<anto9us> yeah, I'm barely guessing my way through it :)
<anto9us> fact is, I know how to put up web forms and integrate postgresql with it
<Psi-Jack> Well, if you want an easy-to-setup quick escape for postfix+cyrus-imapd, look into WebCyradm.
<Psi-Jack> It does handle virtual domains and virtual users. And automatically creates mailboxes within cyrus-imapd when working with it.
<anto9us> it's a front-end configuration tool, yes?
<Psi-Jack> Web-based front-end configuration tool, yes.
<Psi-Jack> Made, I think, in PHP, just like SquirrelMail.
<anto9us> what about webmin interfaces, any good?
<Psi-Jack> I can't comment on webmin interfaces. I haven't researched webmin enough, yet, for my book. :)
<anto9us> is your book ubuntu oriented?
<Psi-Jack> Specifically, no. It will cover generalizations, nothing Linux or Distribution specific.
<Psi-Jack> Basically, it'll cover BSD, Linux, Solaris, etc. Whatever OS's have the capabilities. Which is pretty much anything Non-Windows. :)
<anto9us> is it part of an academic project?
<Psi-Jack> Nope. Personal project.
<anto9us> how are you going to publish it?
<Psi-Jack> I have helped people on IRC for a great many years. And throughout those many years, I have learned some of the most useful knowledges, which is basically part of this book. ;)
<Psi-Jack> How? Hmmm. Open Document? :}
<anto9us> Psi-Jack, yes, I've learned a lot by advisinig people, in my limited capacity, in #ubuntu
<Psi-Jack> It's something that'll be free, open, and publically available. With only one wish: If you like it, and you use it, donate. :)
<anto9us> nice philosophy, I think people do like to be honourable
<Psi-Jack> I just need to figure out what kind of license to "market" it as, so that it can't be used by publishers or authors writing their own books, to use my own material.
<anto9us> creative-commons
<Psi-Jack> Hmmm, good idea!
<anto9us> http://en.wikipedia.org/wiki/Creative_commons
<Psi-Jack> Hrmm, the CCL NonCommercial is probably the best fitting.
<anto9us> you can reserve more rights than with other licenses, it's actually been criticised for that
<Psi-Jack> SOLD on Creative-Commons NonCommercial, especially since it's exactly what I want, plus Google even has a specific search engine for it. :)
<anto9us> yeah, there's a number tools for searching creative commons content
<anto9us> yahoo has one too
<Psi-Jack> Seems to be one of the most flexible, multi-tier licensing arrangements.
<anto9us> when are you likely to publish?
<Psi-Jack> Heh. It may be a couple months, yet.
<Psi-Jack> Writing a book is not exactly one of my strongest fortes. ;}
<anto9us> you could feasibly publish before it's complete and welcome some feedback
<Psi-Jack> That is one thing I'd planned on doing, is progressively publishing it.
<anto9us> get an outline up for the incomplete parts
<anto9us> what do you think to this setup? https://wiki.ubuntu.com/MailServer
<Psi-Jack> Looks like a good wiki, actually, at first glance.
<anto9us> apparenly we make our decisions as to what is a good/bad website in just a few milliseconds, a scientific study has shown that
<anto9us> http://news.bbc.co.uk/1/hi/technology/4616700.stm
<Psi-Jack> Heh yep.
<Psi-Jack> I've seen that over the many years. :)
<anto9us> social engineering is just as important as any other kind
<Psi-Jack> Hey, can I get a quick favor from ya? :)
<anto9us> what's that?
<Psi-Jack> I need you to hit www.furreville.net and tell me if it's giving you "Service Currently Down" or not.
<anto9us> service currently down
<Psi-Jack> Perfect.
<Psi-Jack> And you get a thttpd footer, yes?
<anto9us> yes
<Psi-Jack> Okay. Good. Wanted to make sure, and didn't wanna have to get JAP to test it myself real quick. ;}
<Psi-Jack> Bout to move that frackin server to Kubuntu, instead of continuing to do it using Gentoo. heh
<Psi-Jack> I got tired of rebuilding cyrus-sasl and openldap to try to get it all to properly do a full SASL LDAPv3 bind, when it wouldn't even use an ldap DN to authenticate too. Something's seriously broken in Gentoo's ebuilds for openldap or cyrus-sasl causing it to just plain not work.
<anto9us> it's quite easy to sync 2 ldap servers, yes?
<Psi-Jack> Actually, yes. Using slurp
<Psi-Jack> You setup one master, and you slurp it to any number of clients.
<anto9us> I'm still in 2 minds about whether to use postgresql for auth or storage
<anto9us> or is that 4 minds?
<Psi-Jack> Hehehe
<Psi-Jack> I like my own personal setup. It's a bit heavy on the CPU of all the machines it works with, but it does sooo much. ;)
<anto9us> each of the servers is 2Ghz
<Psi-Jack> server-side mail filtering, shared mailboxes with user-definately ACLs for each within their own domain, SpamAssassin detection with a bayesian learning, anti-virus checking, and SPL.
<anto9us> how long does it take you to set something like that up?
<Psi-Jack> With the know-how, roughly a couple hours at most. ;)
<Psi-Jack> With my book, and seperating out specific catagories of interest, it'll be about the same, I'd imagine.
<anto9us> user-defined ACL, they can log in and change username/passwords?
<Psi-Jack> anto9us: ACL == Access Control List. (but yes, they can login and change their username/password from SquirrelMail, too). The ACLs allow them, within SquirrelMail, to make specific mailboxes of their own, allow other users within their domain to access it. Wether read-only, or even write/delete access. Their choice.
<anto9us> squirrelmail is intuitive for users?
<Psi-Jack> It itself is, yes. With the plugins, makes it versatile. ;)
<Psi-Jack> Aww man.. :/
<Psi-Jack> Thjere's no mysql 5 packages in ubuntu. :(
<anto9us> it's in dapper
<Psi-Jack> Damnit. :/
<anto9us> http://packages.ubuntu.com/dapper/misc/mysql-server
<Psi-Jack> Guess I could always... Use the deb-src. heh
<anto9us> so, If I go postfix/maildir/dovecot, other than authintication stuff all I need to do is tell postfix to where to push them and dovecot where to pull them, right?
<Psi-Jack> Correct.
<Psi-Jack> Anyway. I've gotta run, and start building my new server back up. \
<anto9us> thanks for the tips :)
<Pygi> fabbione: ping
<nictuku> fabbione, hi. Did you find some time to take a look at nwu?
<nictuku> it's in https://opensvn.csie.org/traccgi/nwu/trac.cgi/ =)
<Pygi> nictuku: seems he is not around currently
<nictuku> indeed 3 hours idle
<MarioMeyer> heya chara :P
<Pygi> hello chara :P what's up?
<nictuku> hehe xar!
<MarioMeyer> trying to package a dependency of NWU :P
<Pygi> chara: AH :)
<Pygi> trying to think of a slogan currently :p
<nictuku> slogan for what?
<MarioMeyer> heya.. ajmitch_ back :P
<ajmitch_> yes?
* ajmitch_ isn't 'back'
<MarioMeyer> i made the setup.py for that app i wanted to create :P
<ajmitch_> ok
<MarioMeyer> how should i procede?
<nictuku> are you paying for these packaging classes with ajmitch_ ?
<nictuku> hehe
* MarioMeyer is a poor brazillian.. :(
<MarioMeyer> lol
<Pygi> nictuku: my IM application :)
* ajmitch_ is a poor kiwi :P
<nictuku> I have a great idea. "Instant message, now!". Genious, isn't it?
<MarioMeyer> lol
<MarioMeyer> superb, nictuku
<Pygi> bah, no comment :P
<nictuku> MarioMeyer, you lack common sense. You don't count.
<Pygi> lol :)
<nictuku> I mean, you're not sensible enough
<nictuku> hehe
* MarioMeyer is the annoying suggestion making guy in the NWU team
<MarioMeyer> lol
<nictuku> also called "most unwanted collaboration"
<MarioMeyer> https://wiki.duckcorp.org/DebianPackagingTutorial/CDBS#line-791
<MarioMeyer> is this a good example?
#ubuntu-server 2007-02-12
<poningru> anyone alive?
<poningru> running feisty I mean
<poningru> I need some help with testing mysqld bug
<poningru> I think
<ben16s> hi
<ben16s> Anyone can help me with a problem on an Ubuntu server
<ben16s> with ssh and X11forwarding
* [miles]  see's little point in doing X11forwarding
<[miles] > ah, he's gone
<[miles] > ah well
<sky_walkie> what problem do you have with X11 forwarding ? maybe I can help 
<[miles] > I have none
<[miles] > I don't use it
<[miles] > it was ben16s
<[miles] > :)
<sky_walkie> sorry, incorrect person didn't catched that
<[miles] > jeje
<[miles] >  np
<sky_walkie> was, on another channel , and just answered .... too fast , to furious :)
<coNP> welcome, zoli2k 
<zoli2k> Hi
<zoli2k> I have a small problem
<zoli2k> I use gentoo on my servers and ubuntu on desktop
<infinity> That is a problem, have you considered ubuntu on the server?
<infinity> (In all seriousness, this isn't a support channel)
<coNP> sorry, I was wrong
<coNP> I thought it was both devel & support channel
<zoli2k> Now I consider to install debian or ubuntu-server
<zoli2k> can anybody give me some link where I can compare these two distros?
<zoli2k> Och sorry
<zoli2k> I see, development discussion, sorry.
<LiENUS> is selinux available for ubuntu-server?
<Urme> I have a server using samba, rsync via ssh. Is there a way for my users to change there passwords them self? 
<Urme> Both system and password.
#ubuntu-server 2007-02-13
<canine_kouji> mm, what does "development" coveR?
<canine_kouji> is this a place to talk about future ubuntu stuff?
<infinity> Can be, depends on what you want to discuss. :)
<canine_kouji> infinity: I'm not sure of the question exactly. I've been using ubuntu for a while, both server and desktop, and I'm curious what/when canonical will make another LTS release.
<[miles] > guys, anyone had problems with UBS 6.06 and gettext + php
<[miles] > ?
<[miles] > I'm going totally crazy here 
<ivoks> what kind of problems?
<[miles] > nothing translates
<[miles] > LDAPAccountManager
<[miles] > my own locale PHP scripts
<[miles] > nada
<[miles] > zip
<[miles] > fuck all
<[miles] > not one PHP tutorial actually works
<[miles] > nothing
<Nijikon> hi all
#ubuntu-server 2007-02-14
<kupesoft> Does linux-restricted-modules-generic work on the server kernel?
<fabbione> kupesoft: no
<shafire> hello
<shafire> how can i fast up the ubuntu server installation when i have no inet connection?
<[miles] > I dunno, but I guess if you use apt-proxy
<[miles] > you can store your updates there
<shafire> mhm
<shafire> last reinstall setup needed 1h!!
#ubuntu-server 2007-02-15
<r00tintheb0x> Hey, when i connect 2 unix machines together... with a crossover cable and each machine has 1 NIC. What should the eth configuration be?
<mralphabet> well, you can do 192.168.1.2 and 192.168.1.3 with sub of 255.255.255.0
#ubuntu-server 2007-02-16
<FatherTyme> Has anyone attempting netboot installs on Dell PowerEdges here?
<FatherTyme> I'm having difficulty getting it to recognize the network interfaces on Dapper for a PE 1950.
<robertj> Are the integrated SATA controllers all well behaved throughout the PowerEdge line?
<lionel> robertj: which controller ?
<lionel> (several are provided with PowerEdge)
<FatherTyme> Dapper won't autodetect the SAS one...
<FatherTyme> Edgy will...
<FatherTyme> PERC5i is great on both.
<robertj> FatherTyme: sweet, I need the PERC5i one for a 5 disk RAID 5
<robertj> VMWare here I come :)
#ubuntu-server 2007-02-17
<bigfuzzyjesus> i have a bit of a server problem
<bigfuzzyjesus> basically i gave chmod 777 to /var/run/sudo and now i cant use sudo so i cant do "sudo chmod /var/run/sudo/ 700"
#ubuntu-server 2007-02-18
<apecat> i booted up my debian testing home server with ubuntu feisty's latest 2.6.20-server package (as the stock kernel in debian testing might trigger a file curruption bug when using ext3 and rtorrent (which i rely upon heavily), and the 2.6.20 i tried to compile on my oen didn't boot)). Works just fine,as one might expect. What got me curious is the whole concept of server tuned kernels, and the faq (https://help.ubuntu.com/community/ServerFaq/) ...
<apecat> ... didn't answer my questions. Where can i find discussion about this sort of thing? i'd like to know, for example, why the server kernel which i am now running has "CONFIG_HZ=100" rather than 250 (which is the dafault these days afaik) or 1000 (which i remember reading about being the value chosen for the UbuntuStudio kernel). I know nothing about this except the fact that netcraft will now display very long uptimes without resettign the ...
<apecat> ... counter ;)
<apecat> just out of curiosity, something like a redirecttion to some mailing list archive thread or someting would be useful :)
<zyga> hi, I'm planning on running ubuntu server (edgy) from a CF card with cf->ide adapter, are there any things besides flash write limit that I should be aware of?
<zyga> (asking again, maybe someone new will have some hints) hi, I'm planning on running ubuntu server (edgy) from a CF card with cf->ide adapter, are there any things besides flash write limit that I should be aware of?
<ebe-1> How do I return to the network config? I skipped it on install. I am connected via ethernet.
<zyga> ebe-1: are you after install?
<ebe-1> Yes.
<zyga> I don't really know how to return to that file but in general /etc/network/interfaces has all the things you need and it trivial to modify
<zyga> I can help you if you like
<ebe-1> ah yes, i remember now. thanks. :)
<ebe-1> been a while ;)
#ubuntu-server 2008-02-11
<stiv2k> so i have a directory that several users access to share files... the dirs have perms drwxrws--- and files have perms -rw-r-----, yet for some reason i'm still able to delete files that aren't owned by me... how can i change this?
<faulkes-> is there a reason the directory has the setgid bit set?
<faulkes-> (the s in the perms)
<stiv2k> um
<stiv2k> faulkes-: i used to think s was sticky
<stiv2k> but recently found out it's t
<stiv2k> i really need some help organizing this directory structure -- if you don't mind, faulkes-
<stiv2k> at least to get in the right direction
<faulkes-> why do you need the sticky bit?
<stiv2k> its a directory that many people will be accessing
<stiv2k> to share music
<stiv2k> and i dont want people to be able to modify or delete anything that isn't owned by them
<stiv2k> and i've been messing with permissions and stuff but i can't seem to get it just right
<faulkes-> well, start by setting the sticky bit then
<faulkes-> well, probably remove the setgid bit, then apply the stick bit
<stiv2k> right, but the sticky bit does not inherit
<stiv2k> which kind of makes it a problem
<stiv2k> so, if someone were to add a new directory, lets say its a new album
<stiv2k> none of that new stuff will be stickied
<stiv2k> faulkes-: is there any way to get around that? maybe a daily cron script or something...
<faulkes-> cron may be an option, I'm not sure about what value selinux would provide, although that may be an option
<stiv2k> hmm
<stiv2k> now, is there anything else i should do in terms of permissions on directories and regular files
<stiv2k> like for the samba config, theres a create mask for them
<faulkes-> umask is set usually upon login
<faulkes-> depending on the shell
<stiv2k> well
<stiv2k> i have no idea what that is
<stiv2k> i was talking about samba's configuration
<stiv2k> create mask = 0640
<stiv2k> directory mask = 0770
<faulkes-> umask is the default permissions a file/dir is created with
<stiv2k> oh
<stiv2k> how do i edit those?
<faulkes-> it is typically set upon login by the default shell startup files
<stiv2k> oh
<stiv2k> so it's user-specific
<faulkes-> i.e. either .bash_profile, .bashrc or /etc/bashrc (/etc/bash.bashrc on ubuntu usually)
<stiv2k> i dont think thats a viable solution for me
<faulkes-> the . files being user specific settings, the /etc/ generally being the defaults
<stiv2k> since i'd have to configure it for each user
<stiv2k> faulkes-: i think i found a solution
<stiv2k> i'll do a sticky on the parent dir
<stiv2k> and use a directory mask of 0750
<stiv2k> so if they dont own the directory, they cant fuck with any of the files within, even if it's not sticky
<faulkes-> sounds good, test it out
<darkpixel> I am getting ready to do a network install of 7.10 on a handfull of machines.  I copied the cd to /var/www/ubuntu, created a kickstart file, setup PXE, and am running into one minor problem.  The machines PXE boot correctly, download the kickstart, and begin retrieving some of the installer files via HTTP...but at one point it says that downloading a file failed.  The file is ...
<darkpixel> ... /ubuntu/pool/main/e/e2fsprogs/e2fsprogs-udeb....  I look in that folder and I find an older version of e2fsprogs.  Why is it trying to download a newer version?
<darkpixel> I have even tried symlinking /var/www/ubuntu to my local copy of archive.ubuntu.com and I run into the same issue--except with different files.
<kgoetz> darkpixel: because the package lists your using point to that file
<darkpixel> That's the part that confuses me.  If I'm doing an apt-mirror, shouldn't I have the correct package lists?   If I instead make a copy of the CD and try to install from that, how would I suddenly end up with a bad package list?
<kgoetz> not sure, i havent tried netinstalling yet (but i'd be interested in any guides you have, i'll be doing it soon)
<kgoetz> i have full mirrors at home, so i dont have that issue
<darkpixel> Here are two from the ubuntu wiki: ectory under your freshly installed apache's document root and copy all of the contents of the Ubuntu Alternate CD to that directory
<darkpixel> Here are two from the ubuntu wiki: https://help.ubuntu.com/community/PXEInstallServer
<darkpixel> Darn copy/paste bug
<darkpixel> https://help.ubuntu.com/community/Installation/QuickNetboot
<kgoetz> copy/paste bug?
<darkpixel> I've noticed there appears to be a difference between Edit->Paste/Right-Click->Paste and Shift+Insert.  And occasionally when you have text selected in firefox and then right-click the address bar and hit copy you may get the text you selected.
<darkpixel> I've never really dug into the issue too much.  It happens on just about every linux platform I've used.
<Clinteger> im installing samba, what's smbpasswd for?
<Clinteger> do i have to make an account for it first?
<Clinteger> ohh right nvm
<kgoetz> um... can someone try and install 'tofrodos'? launchpad lists it as available in gutsy, but i cant install it (package not found)
<kgoetz> hm. updating my package lists fixed it.
<joycetick> anyone know how i can make my apache alias show up as a directory tree instead of 403 forbidden?
<kgoetz> joycetick: can you explain a bit more?
 * kgoetz has a question about mysql :/
<kgoetz> specifically: is there a way to read a file in mysql syntax, and verify the file without loading it into hte database?
<joycetick> kgoetz: i have a website in /home/web/public_html, so http://localhost shows me that folder in a directory tree because theres no index.php/htm file, now i want localhost/files to show /home/user/files in a directory tree but it just shows 403 forbidden :( (but i can still access the files in there if i type out the name in the address bar)
<kgoetz> check the perms on the folders
<kgoetz> your setup seems strangely complex though
<joycetick> their 755.. does it? :S
<joycetick> i just made another website for the /home/user/files and now it works
<joycetick> ..but the root folder isnt the original website anymore, im not sure how to change that :$
<joycetick> so now going to localhost or localhost/files goes to /home/user/files :S
<kgoetz> are you editing sites-available/default ?
<joycetick> i copied it
<joycetick> so i have 3 files, default, web and files
<kgoetz> and they are all enabled?
<joycetick> not sure if thats how your supposed to do it?
<joycetick> default is disabled
<joycetick> web and files are enabled
<kgoetz> can you pastebin your files please
<kgoetz> !pastebin | joycetick
<ubotu> joycetick: pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
<joycetick> ok, will just one be fine because the only difference is the directory in 2 of the lines?
<joycetick> http://paste.ubuntu-nl.org/55568/
<kgoetz> joycetick: sorry, i've been doing work (i'm at work currently) :/ try #apache if you havent already, hopefully people there will have time to help out
<joycetick> kgoetz: yeah np thanks
<Dimitree> hello
<Dimitree> is it possible to have the server version with GUI ?
<Dimitree> i'm trying to acheave a secure noob phpbb server :)
<kgoetz> you can install the desktop (or install a desktop on teh server)
<Dimitree> and not lose the GUI :)
<Dimitree> well i installed LAMP with Synaptic but it didn't work ... php pages were downloaded instead of opened, now i have installed xamp over it and i think i made a bih mess :) altho php works and i have installed phpbb
<zobbo> Dimitree: from memory "sudo apt-get install ubuntu-desktop"
<Dimitree> *big
<zobbo> not that i'd ever do such an evil thing ;)
<Dimitree> haha :)
<Dimitree> i'm noob :) i need the GUI but i also want it to be at least secure to some point :)
<Dimitree> i tryed Fedore and installed apache and php and mysql and i got hacked after 5 mins in irc in the Fedora chan
<Dimitree> so if there is a way to avoid such incidents and still run a web noobish server with only one forum ill be very very happy :)
<zobbo> I don't run gui's on my servers. I'd read up on and install shorewall though (firewall software). (apt-get install shorewall)
<zobbo> there's a shorewall channel on freenode
<Dimitree> can someone try to hack me :D
<Dimitree> please ? =)
<Dimitree> nevermind :)
<Dimitree> i readed the server webpage and i think its what ill go for :)
<Dimitree> after apt-get install ubuntu-desktop do i have to do anything + to make the gui autoload ?
<Dimitree> ou one more thing
<Dimitree> will i be able to setup my network ip during install ? if nto what is the command to configure LAN ?
<Dimitree> guys please ? :)
<soren> Of course you can set up your network during...
<soren> oh, he buggered off.
<kraut> moin
<spiekey> hi
<spiekey> soren: you there? :)
<soren> I am.
<spiekey> cool
<spiekey> i was here last week because of a nss_ldap problem. I could need some help or hints ;)
<soren> Ah, right.
<soren> I'm sort of busy, but I'm sure someone in #ubuntu-motu could help you do the backport using your ppa.
<spiekey> if i comment out ldap from my group section in "/etc/nsswitch.conf" my vmware-server works fine
<spiekey> soren: okay. no problem. I am just not quite sure if backporting will solve this ;)
<soren> spiekey: Didn't you say the new libnss-ldap fixed it?
<soren> That's the last I remember. Sorry, if I missed something.
<spiekey> i hope it will fix it.
<spiekey> but it does not make sense to me since starting a vmware-child works if you press the start button a 2nd time after the error.
<spiekey> i would have expected it to either work or not work. But thats weird
<soren> spiekey: Well, it's hard to say if it remembers that the ldap lookup didn't work out.
<Gargoyle> Morning all
<spiekey> hi
<spiekey> soren: what tool would you use to draw the nss and ldap architecture for documentation purpose?
<spiekey> i would like to have a little diagramm to show what requires what
<_ruben> ScottK: got a few mail server/postfix q's for you: does postfix offer a method to remove certain headers from emails that are relayed through postfix, and im looking for some performance statistics (mails/hour etc)
<soren> spiekey: Depends on how masochistic I'm feeling.
<soren> spiekey: On a day like today, I'd probably be writing it in pic (using groff to turn it into something pretty).
<spiekey> soren: what the url of pic?
<soren> spiekey: Good question.
<soren> spiekey: ah.
<soren> spiekey: /usr/share/doc/groff/pic.yourpreferredformat.gz is a good primer.
<soren> spiekey: pic's a bit special. If you're on a tight deadline and never used it before, it might not be what you're looking for.
<soren> spiekey: graphviz might also be an option (depending on what exactly you're doing)
<spiekey> graphviz looks cool! ;)
<zul> morning
<ivoks> patching your kernels? :)
<zul> no because I let the security team do it for me :)
<ivoks> i don't see anyone commiting patches :/
<zul> oh they are working on it...besides its not even 8am yet
<ivoks> it's 1:30PM here :)
<ivoks> i think people from security team should live all around the world :)
<_ruben> 1:30pm ? you live in a timezone with a 20minute offset? :P
<ivoks> 50
<ivoks> 1:50
<_ruben> figured as much :)
<Kamping_Kaiser> 11.30 here. i do have a 30 min offset ;)
<_ruben> Kamping_Kaiser: i know there's 30min offset timezones, wasnt aware of any 20minutes ones ;)
<Kamping_Kaiser> _ruben, i think theres a 45 minute one in AU too (it covers one town+ surounding area)
<Kamping_Kaiser> however - night al!
<_ruben> night? .. ah, 11:30am then i guess ;)
<soren> One city with its own timezone? That has urban legend written all over it.
<_ruben> erm .. pm
<zul> newfoundland is half hour ahead of everyone in canada
<soren> Madness.
<_ruben> 'everyone in canada' .. i'd say that'd cover several timezones .. newfoundland is 30mins ahead of all of those? :p
<soren> Wikipedia mentions the one in Australia.
<soren> Go figure.
<soren> Nepal has an .25 hour offset as well.
<zul> http://www.timetemperature.com/tzca/newfoundland_time_zone.shtml
 * _ruben decides to go southpark-ish and "blames canada!"
<Clinteger> how do I add a new user and make it have a home directory and all the stuff that the user created in setup has [in the sudoers file, etc.]?
<zul> Clinteger: adduser for start and then you can add the user to the various groups after
<ScottK> _ruben: Yes.  You can remove headers using header checks.  There are add-ons for performance stats.
<_ruben> ScottK: g'day .. after browsing some more on the postfix site i did find the header removal option .. still looking for some real life benchmarks/comparisons .. but those seem to be non-existent :p
<ScottK> Ah.  I thought you were looking for a package to check your own performance stats.  I misunderstood your question.
<_ruben> ScottK: any thoughts for hardware to run a bulkmail server running postfix on? currently i have a quad core / 4 gig / hardware raid using sas disks on the to-order list
<ScottK> This kind of question does come up and it's difficult to have reliable, comparable benchmarks.
<_ruben> i know
<lamont> postfix has an smtp-{source,sink} binary in it, iirc... good for comparisons
<ScottK> What are your message flow requirements?
<_ruben> there's a lot of variables involved
<ScottK> You'll be able to move a lot of mail with that.
<_ruben> ScottK: what do you mean by that?
<tez> what the hell O_O
<_ruben> it'll be a dedicated bulk mail server .. so lots of outbound and only bounces as inbound
<ScottK> How many messages do you need to be able to send (e.g. messages/minute or something)
<_ruben> ScottK: our current setup (using suse+qmail) varies between 60k and 120k per hour
<tez> so i have my server, right. and now everything is in capitals [as in BLAH LOGIN: <nothing> PASSWORD: <wrong> LOGIN INCORRECT]
<tez> okay now thats not there
<tez> idk :D
<_ruben> ScottK: we want to atleast have similar performance
<ScottK> In large volume deployments, disk I/O tends to be the bottleneck.  Having a large cache battery backed up controller is good.
<_ruben> ScottK: figured as much .. the current mailservers all have software raid1 or raid5 .. switching to hardware raid should be a nice win i hope
<ScottK> For an outbound server that doesn't need a lot of spam scanning, virus scanning, etc, I would guess that's achievable.
<_ruben> ScottK: not too sure about the cache options, will ask around
<_ruben> ScottK: no spam/virus checking at all
<tez> meh so i think my .bashrc is screwed up, cause it only shows $ not name@location $, and I can delete the $ on the screen :}(
<ScottK> For reliability reasons Postfix always writes messages to a queue file, so that's why disk I/O can dominate.
<_ruben> that's similar to qmail i think
<lamont> tez: if you give getty an uppercase login name, then it switches to believing that you're on a terminal from the 1970s that only does upper case, and downshifts everything you type, and upshifts everything it prints
<tez> ohh okay.
<tez> but what about the other part? you can't normally delete the $ :,
<ScottK> Every site is different, so I think you need to just first set it up and then work on tuning for your situation.  Depending on what header checks you do, those can be pretty CPU intensive.
<lamont> _ruben: you can tell the filesystem to not force the update (faster, introduces risk of lost mail), or just get a phat UPS and RAM and put /var/spool/postfix on a ramdisk. :)
<ScottK> _ruben: ^^^ lamont is the postfix maintainer for Debian and Ubuntu.
<lamont> (RAM + ramdisk and no UPS?  better be able to explain lost email......)
<lamont> and then there's that whole what-happens-at-panic issue
<lamont> Setting up tetex-bin (3.0-13ubuntu6.1) ...
<lamont> Creating config file /etc/texmf/fmt.d/01tetex.cnf with new version
<lamont> No alternatives for oxdvi.bin.
<lamont> I hateseses tetex
<_ruben> lamont, ScottK : just asked my boss .. the machine (dell pe1950) will have a perc6/i controller which has 256MB battery backed raid controller
<ScottK> Dell 1950s work well with Ubuntu.  I know a number of people that use them.
<lamont> with ext3 you can generally feel good about turning off sync writes... in fact, I, um, think that might be the default...
<_ruben> nice
<_ruben> hmm .. the battery backed part is actually a bit vague on the dell site .. lets just hope we dont have too much crashes during mailings ;)
<lamont> Default: false
<lamont> _Description: Force synchronous updates on mail queue?
<lamont> use ext3
<_ruben> ext3 is what i use pretty much everywhere anyways
<lamont> of course, by default, ext3 just does metadata, not actuall datadata
<_ruben> i really should find me some time to dive into filesystem optimization possibilities and such
<_ruben> just far too many things on my to-do & wish list .. tho i recon thats a far too common issue around here ;)
<tez> in ubuntu, for root and the default created user it shows name@comp:location$ but for the account I created myself it only shows $, i can't use the up arrow to go to previous commands, I can delete everything in the terminal, etc. -- how can i change this?
<sommer> tez: double check the user's default shell in /etc/passwd... you probably meant it to be /bin/bash
<tez> ahh thanks so much!
<sommer> np
<_ruben> lamont: last quick q before i head out .. concerning the performance .. given a dell 1950 (quad core / 4 gb / hw raid) on a gigabit uplink without any spam/virus checking .. does 100k mails per hour sound fair ?
<lamont> _ruben: others would be better for that question...  although I once moved >30000 emails in far less than an hour in 1997, with no tuning.  I know it's come a long way since that evening.
<_ruben> ah ok .. thanks for the pointers so far :)
<lamont> amusingly, that was the evening that my patch introducing header_checks was accepted.
<_ruben> heheh
<_ruben> gotta go now .. be back tomorow (that is in about 16 hrs)
<roote> hi all!
<roote> how do i install a package to use while installing ubuntu server? i need to install the dmraid package.
<faulkes-> hrmmm, next week is gonna be a whole lot of busy afternoons with UDW for me
 * faulkes- expects to learn a lot
<soren> roote: Which Ubuntu version?
<livingwater> wohoo :) successfuly installed server and desktop :) and it works !
<Dimitree> is there some way to check if my installation is secure ?
<tez> hi. I'm not sure if its a grub error or ubuntu, but I'm just starting ubuntu server [recovery mode] and it gets stuck at Starting up... after that. Nothing at all, no errors, shows
<Stonekeeper> Hi! I'm wondering if it's possible to install dmraid using the gutsy server CD. I'm trying to get it to pick up a promise raid controller. Many thanks.
<roote> soren: ubuntu server 7.10
<faulkes-> Dimitree: that is a hugely scoped question, re: security, try to define it a little more
<faulkes-> tez: is there a reason you are starting in recovery mode? (granted you seem to be having issues)
<Dimitree> faulkes-, i want to know if my system is secure enough so that a "l33t" person can not hack it in 5 minutes :)
<Dimitree> i have installed LAMP and phpbb3
<Dimitree> i don't want someone to just try and due to my not knowing anything be able to destroy everything in 5 inutes
<Dimitree> can someone intentionaly try hacking my pc ?
<Dimitree> please don't do damage :)
<faulkes-> unfortunately that isn't something I would do, I would recommend though reading up on security, especially as it relates to phpbb3
<faulkes-> follow any phpbb3 best practices for security, etc..
<faulkes-> in general, LAMP is fairly secure, but when you add php code (such as phpbb3) that is where security becomes an issue
<Dimitree> any chance to referance me to a good guide ? I don't know what is good and what's not :)
<faulkes-> I would start with the phpbb3 homepage
<faulkes-> you can google that up fairly easily
<faulkes-> phpbb has been around for quite awhile, so starting at the sites page is most likely to provide you with up to date information
<Dimitree> ok thank you
<jlong_> Hey guys I'm still new to Linux command lines, can I get Ubuntu Server up in a GUI?
<jlong_> I don't really have a purpose for it yet just exploring the OS.  I was reading somewhere it might be best to just install ubuntuX instead if I wanted GUI
<pepperjack> jlong_: for minimal gui i usually use server install then grab xserver-xorg and fluxbox
 * pepperjack shrugs
<faulkes-> sudo apt-get install ubuntu-desktop
<faulkes-> would probably be the simplest way
<faulkes-> although the gui is not a garrauntee of making things easier ;)
<jlong_> heh, yeah figures
<jlong_> So with server would I be able to setup something like Active Directory or is it called something else?
<faulkes-> 99% of the server stuff I do is all command line
<faulkes-> ldap + samba
<pepperjack> jlong_: ldap is... an adventure ive heard. ive not tackled it yet
<faulkes-> would be the equivalent of an AD PDC
<zul> there isnt and gconfd on the server is there?
<mathiaz> zul: nope
<tez> hello
<mathiaz> hi tez
<tez> I'm having trouble installing Ubuntu Server 7.10 because it stalls at "Trying to enable framebuffer..." installing it
<faulkes-> mathiaz: see my emails when you have a moment
<faulkes-> what type of fb and hardware?
<tez> uhmm its just an old computer, some compaq something or other
<tez> From the wiki: When installing your Ubuntu system, you can tell the Ubuntu installer not to use the framebuffer. How to do that is not covered in this wiki.
<tez> I'm not sure how to do that
<gcleric> tez: check out https://help.ubuntu.com/community/BootOptions
<faulkes-> iirc it's a boot option, sec
<tez> okay.
<tez> sorry bout that.
<tez> I think I want vga=771 as that would be 800x600, 256colors
<tez> correct?
<faulkes-> that sounds reasonable
 * faulkes- nods
<tez> ok
<tez> now it went Starting... Loading Linux Kernel, went to 100% then the 100% went away O_O
<tez> perhaps I'll try 769
<faulkes-> if it's old hardware, you may have to be patient for it to boot
<tez> nope.
<tez> okay
<tez> now its asking for COLSxROWS
<faulkes-> 80x25 is default iirc
<tez> okay there.
<tez> now its just a blinking _
<faulkes-> describe "blinking"
<faulkes-> oh, the cursor
<tez> yeah lol
<faulkes-> hrmmm, have some patience
<tez> blah earlier when i had patience i spent a couple hours because of a problem where it just sat and was blinking just after grub loaded the kernel and there weren't any errors or anything
<tez> maybe the kernel doesnt like this computer
<faulkes-> without exact knowledge of what hardware is there, it's entirely possible
<tez> hmm
<gcleric> is the cd at least still spinning?
<tez> lights not on :|
<tez> no noticeable movements or sound
<tez> ok i have the model of craputer.
<tez> compaq presario 5003us.
<tez> https://bugs.launchpad.net/ubuntu/+source/casper/+bug/82014
<ubotu> Launchpad bug 82014 in casper "can't start ubuntu or kubuntu from cd" [Undecided,Invalid]
<tez> im not the only one
<tez> gcleric, faulkes-, any ideas?
<tez> it seems this computer isnt compatible with the kernel. both the install disc and current install [installed through VirtualBox onto the hard drive] hang loading the kernel with a blinking _ and nothing else
<tez> ...
<faulkes-> follow the bug link you listed and follow the advice for the f6 to remove quiet and splash and report what it says
<faulkes-> it's entirely possible the cdrom doesn't like a burned cd
<tez> it does.
<tez> i pulled it out of a new desktop
<tez> ok
<gcleric> which version of Ubuntu are you installing?
<gcleric> Server or Desktop?
<tez> server
<tez> which is why i'm in #ubuntu-server lol
<gcleric> 7.10?
<tez> yeah
<tez> do I need to go lower?
<gcleric> you can create a server from the desktop live cd..
<faulkes-> again, follow the instructions on the second last post of the bug youlinked
<tez> faulkes-: in the process of doing that
<tez> ok
<tez> blinking cursor.
<tez> nothing.
<tez> which is what it did after grub loaded on the hard drive
<tez> \i'm trying to reinstall incase the virtual->native intstallation didnt work
<tez> http://ubuntuforums.org/showthread.php?t=462688 shows that someone installed 7.04 on it successfully
<tez> ok
<faulkes-> that forum post is about envy and nvidia cards
<tez> yeah
<tez> but that means they got ubuntu installed
<tez> but they're using 7.04
<faulkes-> but how does it relate to your compaq?
<tez> because I can't get the isntaller to work
<tez> they obviously did
<tez> so theres something new in 7.10 from 7.04 that is different
<tez> i'm going to try 6.06lts
<\sh> tez, how are you trying to install you 7.04/7.10? via IlO 2?
<tez> iio?
<\sh> ilo ;)
<tez> oh lol
<\sh> the remote insight board of the hps
<tez> im not sure what you mean :S
<\sh> tez, are you sitting in front of your server with a CD or are you trying to install it via the remote insight board?
<tez> its not a serveh
<tez> its just some old computah
<tez> and sitting here with a cd
<\sh> I see...I thought you are talking about hp/compaq servers
<tez> nope, sorry
<tez> lol i feel bad for anyone that has a compaq server
<\sh> tez, why? it works :)
<tez> idk, compaq sucks :p
<tez> im not sure they make servers, aren't they all hp branded?
<\sh> tez, compaq is only still valid for old hardware...the newer "compaqs" are all named "hp"..even the alpha ones ;)
<tez> ohh okay.
<tez> k well that computer isnt getting anywhere
<tez> been loading for ahiwle now
<tez> a while*
<\sh> broken cd?
<tez> nope
<tez> the kernel doesn't like this computer at all
<\sh> acpi=off apic=off?
<tez> see i have an install on a partition on the hard drive thats flagged bootable, but past grub, it does the same thing as the installer does. nothing, exxcept sit with a blinking curser
<tez> ok just tried taht
<tez> stuck at blinking cursor, cdrom isnt flashing
<\sh> while booting the install cd? I would say a broken cdrom, likely not burned <=10 speed...I have this problem always, when I do 52 speed burning with boot cds
<tez> nope i've confirmed the cd boots
<\sh> hard to debug when I don't sit in front of the bugger ;)
<tez> especially since this problem also happens on the hard drive where ubuntu server is installed
<tez> yeah :p
<tez> see i installed ubuntu server to a partition on the hard drive through a virtual [really the raw] hard disk in VirtualBox and it works fine there
<tez> anyway im going to install 6.06 see if that works because I know someone got 7.04 installed on the same computer
<tez> well same model
 * \sh thinks a strange kernel setting which can be disabled via grub/selinux boot
<tez> nope. at least I don't think so
<ivoks> problems?
<tez> ivoks:  you're having problems
<tez> ??
<ivoks> never
<tez> k then I don't know what you're talkng about :p
<tez> anyway, I'm going to go piece together my desktop and i'll throw the server in the basement for the time
<Dimitree> Any ubuntu Log Viewer/monitor for Apache ? i can't find one with the Add/Remove ?
<macd> Dimitree, try tail, multitail
<macd> so 'multitail -f /var/www/apache2/access.log /var/www/apache2/error.log'
<ivoks> with ubuntu you get tail for free!
<ivoks> :)
<foo> :D
<foo> heya ivoks
<mathiaz> hello ivoks ! :)
<ivoks> hi
<ivoks> i have a solution for bacula problems
<ivoks> i've worked on it with upstream
<ivoks> we will just ship our make_catalog_backup script which will read database config from director config
<ivoks> and... that's it
<ivoks> no command line arguments except names of catalogs which are getting backed up
<ivoks> downside is that i'll introduce new dependency for bacula
<ivoks> python
<ivoks> :D
<ScottK> In Ubuntu, I think that's not a problem.
 * pepperjack smacks ivoks 
<Dimitree> awesome macd  :) thank you
<ivoks> hopefully, i'll upload changes tomorrow
<ScottK> pepperjack: We like Python here.
<ivoks> ScottK: we do, but introducing delta with debian isn't welcome :(
<mathiaz> ivoks: have you contacted the Debian maintainer ?
<ivoks> i've sent an email to dd
<pepperjack> i will fight you all if i have to
<ivoks> but he never responded :/
<ScottK> True, but that was coming regardless.
<mathiaz> ivoks: ok. It may take a while.
<ivoks> mathiaz: i know; but we don't have time :)
<ivoks> we have scheduled releases :D
<mathiaz> ivoks: so you rewrote the make_catalog_backup script ?
<ivoks> mathiaz: yes, in python
<mathiaz> ivoks: that's an upstream script ?
<ivoks> no
<ivoks> upstream said it's ok and helped me with it, but they'll continue shipping old shell script for now
<ivoks> i planed naming this script make_backap_catalog.py
<mathiaz> ivoks: ok. And it wasn't possible to fix their script ?
<ivoks> or something, just to to be clear this isn't the same script
<leonel> mok0: will you do the dbmail  merge  ?
<ivoks> we should ship both
<ivoks> mathiaz: it is possible, but i'm not so much familliar with awk (and awk is the only solution for this)
<ivoks> some really serious parsing is needed :/
<mathiaz> ivoks: right. So this was needed to fix a CVE ?
<ivoks> yes
<ivoks> i think there's no point in CVE
<mathiaz> ivoks: IIRC the configuration is well structured
<ivoks> make_catalog_backup is just an example script
<mathiaz> ivoks: or at least a security concerns
<mathiaz> ivoks: something like password on the command line
<ivoks> it's up to user to decide to use it or not...
<ivoks> i know what's the problem
<ivoks> i just don't think that example script deservs a CVE :D
<mathiaz> ivoks: do you have a link to the debian bug ?
<mathiaz> ivoks: correct. I'm not familiar with the actual bug.
<ivoks> http://www.mail-archive.com/debian-bugs-closed@lists.debian.org/msg160720.html
<ivoks> meh...
<ivoks> mailing list
<ivoks> hm
<ivoks> debian has an interesting fix
<ivoks> i don't know...
<ivoks> i'll propose solution; which *isn't* backward compatible
<ivoks> it can't be, cause atm, password is an argument
<mathiaz> ivoks: right.
<mathiaz> ivoks: you could add some code that checks if there is a third argument and warn the user if so
<ivoks> this should be done during upgrade of package
<mathiaz> ivoks: correct.
<ivoks> cause some of the users don't check status of catalog backup
<mathiaz> ivoks: is this just an issue with mysql ?
<ivoks> no, it's also a postgre issue
<ivoks> but my scripts solves both
<mathiaz> ivoks: right - because you extract the information from the bacula configuration files.
<mathiaz> IMHO it's the best way to do i.
<ivoks> it basicaly parses configuration, creates my.cnf and connects to mysql with it
<mathiaz> s/i/it/.
<mathiaz> ivoks: do you have a reference to the discussion you had with upstream dev ?
<ivoks> just emails
<mathiaz> ivoks: private emails I guess.
<ivoks> yes
<ivoks> i'll talk with the dev about making a 'public statement' :)
<ivoks> something like 'ubuntu rulez, they solved our long lasting CVE' :)
<mathiaz> ivoks: well - I'd rather make sure they'd accept our patches.
<ivoks> as i said, this is an example script
<mathiaz> ivoks: that's why I'm not so sure about shipping a python script it upstream doesn't think it's a good idea
<ivoks> it's like udev rules
 * mathiaz install bacula-directory to understand this situation better
<ivoks> we don't change a code
<ivoks> you have a backup procedure which can run a job before backup
<ivoks> so you could dump database to a file and then backup it
<ivoks> i do that with oracle, mysql, etc...
<mathiaz> ivoks: yes - I'm familiar with that.
<ivoks> so, baculva provided a example script how to dump sqlite, mysql and pgsql
<ivoks> where you provide a dbname, username and password
<ivoks> people you this script to dump bacula's database
<ivoks> which is silly
<mathiaz> ivoks: ok.
<ivoks> i don't know one would create special program to dump my_secret_db, but then not use the same program for bacula's db
<ivoks> s/know one/know why someone/
<ivoks> jesus, how many typos
<ivoks> i should take typing lesons...
<ivoks> or buy a bigger laptop, with normal keyboard :D
<danp> hi. any word on when new kernels will be coming out for feisty/gutsy?
<ivoks> :(
<ivoks> we are probably to slow regarding this problem
<danp> what's holding it up? anything i can do to help as far as testing?
<ivoks> there's nothing to test
<pepperjack> bah, you should trust your users anyway
<ivoks> problem is a known thing and patched kernels are probably already buildin
<mok0> leonel: yes
<ivoks> bye
<danp> hmm
<faulkes-> pepper: you did not actually just suggest an admin trust a user did you ;)
<Dimitree> wow O_O anyine seen "The hills have eyes" movie ? its just starting but it shows some shocking images lol o-o
<ScottK> !ot > Dimitree
<Dimitree> ???
<ScottK> Movie reviews are a bit off topic for this channel.
<Dimitree> ok i'm sorry
<Dimitree> very strict rules around here : )
<pike_> wait we do ontopic chat here?
<jjesse> off topic can be found at #ubuntu-offtopic
#ubuntu-server 2008-02-12
<onesandzeros> hello all.  Any of you guys know how I can see all the make targets in the kernel?  I'm building from source and need a little refresher on how it all works.
<xmanxxxx> hi
<xmanxxxx> what is this?? pci error cmd=0x157 status=0xc2b0
<xmanxxxx> can somebody help me with this ubuntu error
<xmanxxxx> ?
<xmanxxxx> i finish to install and the first that i see pci error cmd=0x157 status=0xc2b0
<xmanxxxx> ehyyyyy
<xmanxxxx> what can i do
<seanh> if you get a prompt at some point you can look at the boot logs
<faulkes-> Evening ScottK
<ScottK> Evening
<xmanxxxx> where is the dicrectory of C headers
<xmanxxxx> ?
<kgoetz> pardon?
<xmanxxxx> i'm installing  vmware
<xmanxxxx> and it is asking for the c headers location directory
<kgoetz> meh. *shrug*. i dont use vmware
<kgoetz> i think theres a channel on freenode if you want to try it though
<kgoetz> and probably instructions on teh ubuntu wiki
<infinity> Does it not appear to have a sane default answer (like /usr/include)?
<xmanxxxx> o solve
<xmanxxxx> tks'
<xmanxxxx> jjejeje, reading all is possible
<DoYouKnow> sudo apt-get linux-headers
<DoYouKnow> sudo apt-get install linux-headers
<DoYouKnow> then you should get a list of options
<DoYouKnow> and then copy paste the right one into: sudo apt-get install <package_here>
<DoYouKnow> that will install the kernel headers needed by vmware
<xmanxxxx> ehu
<xmanxxxx> how is linux/restricted/modules
<xmanxxxx> it says that cant find the package
<xmanxxxx> ?
<faulkes-> gah, once again insomnia takes over
<Martian> Where can I buy an Ubuntu Server cd?
<_ruben> http://www.ubuntu.com/getubuntu/purchase
<_ruben> then again, downloading usualy is the fasted, unless you're unlucky enough not to have access to broadband connection
<Martian> __ruben: That's a rare thing in Africa.
<Martian> Thanks fro the help.
<Martian> *for
<kraut> moin
<_ruben> g'day
 * soren gazes up at the sky with a distant look in his eyes, dreaming of the new ubuntu-server-bugs mailing list
<_ruben> hahah
 * _ruben pinches soren's arm
<soren> Ouch!
<_ruben> sorry
 * soren stomps on _ruben's foot
<_ruben> ouch
<Stonekeeper> hi. I'm wondering if some kind soul could point me towards getting a promise 20319 controller working during the 7.10 server install? The bios on my ncch-dl mobo doesn't allow me to set the controller in IDE mode, even though the manual has screenshots saying it can. This is now my only option. Thanks.
<Stonekeeper> or can i just setup a "fakeraid" on the controller, then use softraid when ubuntu picks up the 3 disks?
<soren> Stonekeeper: What is the problem?
<Stonekeeper> hi soren. I have 3 disks i would like to set up as raid 1+spare. My mobo has 2 standard sata ports and 4 "raid" ports. The "raid" ports are controlled by a promise fakeraid controller. The bios does not allow me to set these 4 ports to work in standard IDE mode (even though the manual says i can). I have 2 options: Setup the raid using the bios and somehow get dmraid installed during the server install (can't see the answer to that) or could i just
<soren> You got cut off at "or could i jus"..
<soren> Well, it's *fake*raid anyway.. What happens if you set them up as raid devices and try to install?
<Stonekeeper> Setup the raid using the bios and somehow get dmraid installed during the server install (can't see the answer to that) or could i just setup the array in bios and then use software raid on the 3 drives that ubuntu detects?
<Stonekeeper> yeah, it detects 3 drives. I tried just not creating an array, and i installed just fine, however the bios wont boot the drives as it doesn't see any "arrays".
<soren> Stonekeeper: Ah, I didn't consider the boot process.
<soren> Hmm..
<Stonekeeper> so i wondered if it was possible to create a fake array, and just use the drives as standard drives, or whether there would be some crazy conflicts
<soren> WEll, dmraid in the installer is quite experimental, so you can't even enable it.
<Stonekeeper> from the wiki: Under Linux, which has built-in softRAID functionality that pre-dates these devices, the hardware is normally seen for what it is -- multiple hard drives and a multi-channel IDE/SATA controller. Hence, fakeRAID.
<Stonekeeper> so, am i right in thinking that it's literally a plain old sata controller? if so, i should be able to get it to work?
<Stonekeeper> if the worst came to the worst, i could ditch the spare and go with the onboard 2 channel sata connections. It's a real waste though as i have 5 drivebays and 6 sata ports
<soren> fakeraid is indeed fake.
<Stonekeeper> so you think if i created a raid 1+spare array in the bios, then just did what i wanted with the 3 disks, it would work?
<soren> All it means is that there's an interface (from the BIOS) to configure the raid stuff and then it's up to the driver in the OS to use those settings for setting up software raid.
<Stonekeeper> (if only these things would work in ide mode this would be fine)
<soren> I'm not entirely sure. I've not used fakeraid myself.
<Stonekeeper> ok, I'll give it a go. My options are getting limited :/
<Stonekeeper> it's easy to get it going once you have dmraid installed, but i'd rather just use software raid and ditch the crappy fake stuff
<Stonekeeper> hahah, fantastic, i went to the raid bios, created a 1+spare array and then my disks booted into the pre-installed ubuntu server.
<Stonekeeper> i guess that answers my question
<Stonekeeper> i'm just worried that there will be any conflicts, but if you're sure that the bios doesn't actually do anything during operation, then it'll be fine i guess.
<soren> That's why it's called *fake* raid :)
<Stonekeeper> soren: thanks man, I understand this a lot better now. I guess the "controller" is simply a standard controller, with some software that allows you to create a kind of "config". Drivers could then read this config up if they so wished. Or you could just plain ignore it and do what you want with your drives. Would that be a fair summary?
<soren> Stonekeeper: Pretty much. There might be some additional magic in the bios w.r.t. to booting (failing over if one of the disks are broken or whatnot), but that's it.
<Stonekeeper> ah, that could be a problem i guess :/
<Stonekeeper> depends if i've guessed which one of the drives is the spare correctly. Perhaps i should just use the 2 disk on board controller :/
<Stonekeeper> before the bios kills one of my mirrors thinking it's a spare
<Stonekeeper> hmm.. but i guess the bios wouldn't recover. This is just booting... Meh, I'll stick with it.
<Stonekeeper> one other quick Q soren: Does the installer now realise that when you setup md mirrors, to install grub on BOTH drives, or do we still have to do that manually?
<soren> Stonekeeper: The installer should do the right thing.
<Stonekeeper> ah great. I know it didn't used to. I was going to md5sum the bootrecord on each drive. Wont bother now.
 * soren lunches
<Stonekeeper> hmm. no grub isn't installed on the second mirror
<soren> If your boot partition is on raid, the installer should be using lilo, afair.
<tzu3l> experiencing curruption issues while debootstrapping a xen domU; packages are corrupt? suggestions welcome
<tzu3l> part of the log from xen-create-image W: http://nl.archive.ubuntu.com/ubuntu/dists/gutsy/main/binary-amd64/Packages.bz2 was corrupt
<_ruben> grub can boot from raid as well
<_ruben> (must say i havent tried that with ubuntu tho, but works like a charm on suse)
<zul> tzu3l: try a different archive
<zul> or a different mirror
<_ruben> ScottK: you happen to have any pointers on postfix fine tuning? currently im reading http://www.postfix.org/TUNING_README.html and http://www.postfix.org/QSHAPE_README.html
<ScottK> _ruben: That's where I'd have pointed you.
<_ruben> ah ok ;)
<_ruben> one things that remains a bit vague to me is the (default) queue sizes .. the customer im currently investigating this for, has a mailinglist of ~1 million subscribers .. i'd say the default active queue size of 20K is a bit small, unless im not fully understanding the way those queues work
<_ruben> i'll be using 2 loadbalanced mailservers btw, dedicated for this customer
<ScottK> I suspect for the active queue that's plenty, but I've not done anything on that scale myself.
<_ruben> ah ok
<_ruben> i'll make sure to report back when all this goes live ;)
<_ruben> the tender will be sent to the customer sometime this week, so hopefully the servers will be ordered shortly
<cjwatson> I've been reorganising the seeds of late, and am now at the point where I'd like to split the server seeds out of the Ubuntu seeds (and keep ubuntu.hardy as "Ubuntu desktop")
<cjwatson> this will let us delete the server clutter from the Kubuntu etc. seeds, which has always been rather confusing
<cjwatson> ... actually, I just realised I can't do this right now as it would involve another Launchpad change and I'm just about out of credit at the moment. Never mind ...
<soren> cjwatson: so that leaves us at...
<soren> cjwatson: Where we were a few days ago?
<cjwatson> staying in ubuntu.hardy for now :-)
<soren> noted.
<cjwatson> yeah, pretty much, sorry for the excess drama
<cjwatson> I'll try to get something figured out on the Launchpad side soonish
<soren> No worries.
 * _ruben wonders what this seeding thing is about :)
<soren> _ruben: The seeds decide where Ubuntu packages go..
<soren> For instance, there's a seed that lists all the packages that we want to have on the UBuntu Server cd.
<soren> (kind of)
<soren> There's a seed for each task, basically.
<_ruben> ic
<soren> and a few "special" ones.
<soren> The one called "server-ship" decides which packages are on the CD, but they're not part of a task per se.
<soren> Er..
<soren> It's just the technical parts of moving stuff around from task to task and deciding what goes in main, what goes on which cd, etc. Most people needn't worry about it.
<_ruben> ah, just curious ;-)
<soren> _ruben: That's how you learn new stuff :)
<_ruben> yeah, if only i'd just a little less curious ;)
<_ruben> everytime i research something, i end up adding 10 other/more things to my to-research list before finishing the first one :p
<soren> _ruben: I know the feeling :)
<_ruben> soren: im afraid its a common (mis)habit in IT land
<Stonekeeper> ubuntu-server with openVZ is really quite special
<_ruben> huh? when i do 'apt-get install mail-server^ -s', it shows it'll install postfix and yet also recommends exim4 .. bit strange, no?
<lamont> _ruben: only slightly
<lamont> something in the pile Depends: exim4 | mail-transport-agent, and mail-server^s Depends: that, I expect
<_ruben> ic
<_ruben> ah, right .. it recommends both exim4 as well as mail-transfer-agent :)
<_ruben> strange nonetheless, im my eyes atleast ;)
<_ruben> s/im/in
<soulc> damn
<soulc> it is hard to go from a distro that installs everything to a distro that you have to know what to install
<soulc> I am getting this error and I can't get up
<soulc> <?php
<_ruben> that doesnt really look like an error to me
<soulc> checking whether make sets ${MAKE}... no
<soulc> checking for gcc... gcc
<soulc> checking whether the C compiler (gcc  ) works... no
<soulc> configure: error: installation or configuration problem: C compiler cannot create executables.
<soulc> ah but it got your attention
<soulc> |-P
<soulc> so what do I install to fix this
<soulc> that is the problem.....my ignorance
<_ruben> what are you trying to install?
<soulc> was it me?
<soulc> I have to complie wwwcount
<soulc> I do know that it needs dbcomp package
<_ruben> might be old version: http://ubuntu.cica.es/guadalinex/repositorio/pool/non-free/w/wwwcount/ .. otherwise: sudo apt-get install build-essential .. that installs the basic stuff for compiling apps
<soulc> ah
<soulc> where can I get a listing of things that I need to install for xyz
<_ruben> if its a .deb package, it'll tell you what you need .. if its a source package, then its up to yourself to figure out
<soulc> ok
<soulc> thank <fill in blank> that there are these ppl that will help
<_ruben> ;)
<_ruben> time to head home for me tho, bbl
<faulkes-> heh, \sh, you do look very german
<atlas95> hello
<\sh> faulkes-, well, I could have send also some pictures where I had long hair, but my cameroonian wife didn't like the look of long hair at me...so she made it short...very short
<atlas95> I need help for knockd
<faulkes-> which reminds me, I have to start planning for oktoberfest
<spiekey> hey
<spiekey> any idea how i can solve this problem on my gutsy server? http://pastebin.ca/901295
<tez> hey
<tez> it seems 7.04 is the only version of ubuntu someones gotten to work on my model of computer, 6.06 gets stuck at detecting network hardware :/ 7.10 gets stuck starting the kernel
<tez> any ideas on what i can do to stop it from getting stuck at this point?
<Stonekeeper> soulc: you play tremulous?
<tez> meh
<faulkes-> tez: without more information about the specific hardware in your server, it is very difficult to determine what is happening
<faulkes-> I would catalog each piece and investigate any known issues which surround them
<tez> I'm trying to find the info :<
<tez> blah compaq doesnt help with info at all :|
<faulkes-> try lspci
<tez> oh that worked!
<faulkes-> granted, depending on the age of the computer, it may not display every bit of hardware
<faulkes-> which means you should also troll through a dmesg
<tez> nope. but it shows the ethernet controller: accton technology corporation smc2-1211tx
<faulkes-> dmesg should be very specific about what it finds
<tez> doesnt show anything about the ethernet controller
<tez> hmm. "Fixing recursive fault but reboot is needed!"
<faulkes-> dmesg | grep eth0
<tez> ohhh
<faulkes-> that's an interesting error, anything else related to it (above or below)
<tez> im not sure, the line directly below is scheduling while atomic: echo/0x000000001/10433 but i dont really know
<tez> and its a RealTek RTL8139
<faulkes-> iirc there are issues with the RTL8139 which may or may not have been solved, one sec
<faulkes-> paste the lspci line for the network controller and the dmesg output for the eth0 (dmesg | grep eth0)
<tez> 0000:01:09.0 Ethernet controller: Accton Technology Corporation SMC2-1211TX (rev 12)
<tez> [17179620.632000] eth0: RealTek RTL8139 at 0xc8972000, 00:10:b5:5c:xx:xx, IRQ 5
<tez> [17179620.632000] eth0: Identified 8139 chip type 'RTL-8139B'
<spiekey> soren: my nss_ldap vmware problem disapeared with gutsy :)
<spiekey> yey
<soren> spiekey: Great!
<spiekey> now i could try to backport nss_ldap
<tez> faulkes-: from what I've seen, it doesn't look like its possible, but maybe there's a way :\
<spiekey> what was the backport channel again?
<faulkes-> tez: well, from what I can see on the forums, there are known issues with network connectivity with the rtl8139 based chips
<tez> gahg
<tez> so no way to even get it installed?
<faulkes-> I also see at least one person having a boot problem
<spiekey> soren: what was the backport channel again?
<tez> faulkes-: so it appears all-around unusable?
<faulkes-> tez: it may or may not be related, I'm just going on what hardware we now know exists
<tez> well considering its stopping at the "Detecting network hardware..." i'm assuming its realted
<tez> related*
<soren> spiekey: Er... I don't think there is one.
<tez> #ubuntu-backports but its small
<spiekey> ah, i meant ubuntu-motu :)
<tez> ok lol
<tez> wtf
<tez> running the installer with "noacpi" shows note: udevd[848] exited with preempt_count 1
<spiekey> soren: could i just use the configure options from the dpkg source file and install it from source?
<faulkes-> tez: I'd look through the forums, search for 8139 or 8139 wake
<faulkes-> there is a huge trove of posts which are in some ways similar to your problem (others may not be related)
<faulkes-> and as you now have a better understanding of what hardware you have, you can decide which is appropriate
<tez> yeah
<tez> im still not sure why the kernel doesnt even load in 7.10
<soren> spiekey: Why would you?
<spiekey> because i need a recent version of nss_ldap?
<faulkes-> afternoon soren
<soren> spiekey: That's why you want to backport it. Otherwise, upgrades will be a pain.
<tez> hmm
<tez> looks like i wont be getting anywhere today with ubuntu and this stupid computah
<tez> gah i was really hoping i'd be able to get this instlaled
<tez> bye everyone
<tez> thanks for the help faulkes-, i'll continue looking on the forums, maybe i'll post a topoc
<tez> topic(
<tez> topic**
<spiekey> soren: you mean i just take the source package from gutsy and build/install it on dapper?
<Stonekeeper> see ya. Thanks soren.
<XiXaQ> does anyone have experience with LTSP? How is video on a webpage when connected to a local network?
<faulkes-> havent done anything with ltsp, perhaps other here have
<ra21vi> hello
<ra21vi> I am working on corporate-site transformation from IIS windows to Ubuntu server based. and right now I am unabe to achieve one basic goal
<ra21vi> i am using django, and I want my single server, that alloctaed to me for demo, to have Apache with subdomains
<ra21vi> such as www.site.com, and www2.site.com and forums.site.com etc
<ra21vi> can it be possible with single server, afaik machine-hostname.domainname.com or whatever, forms the FQDN
<ra21vi> so like my server machine name is oss-dev
<ra21vi> and domain name is abc.com
<ra21vi> so, FQDN would be oss-dev.abc.com
<ra21vi> so how can I achieve that goal of having multile subdoamins served from apache
<ra21vi> network is CISCO based
<ra21vi> please Guide me
<leonel> just as you tell apache to server  for  www.site.com  and  www2.site.com  same config  for   oss-dev.abc.com
<leonel> all you need is your nameserver to  point  oss-dev.abc.com  to the ip of your apache server
<leonel> or your /etc/hosts  in case you cant move  your dns
<faulkes-> it would likely also be helpful for you to read the community documentation available at http://help.ubuntu.com/community/Servers
<ScottK> lamont: requestsync fubar'ed the version wanted in your postfix request.  I fixed it.
<lamont> thanks
<ScottK> lamont: Your timing was good.  Riddell's already done the sync.
<ra21vi> leonel: how does apache knows that the it has been asked to serve the www2 virtuals instead www when I am pointing the same ip for two subdomains
<leonel> the protocol sends the hostname you are asking ..
<ra21vi> leonel: :) thanks
<incorrect> i am lazy these days, is there a web admin tool that will do most things for me?
<zul> !ebox
<ubotu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See the plans for Hardy at https://wiki.ubuntu.com/EboxSpec
<incorrect> sweet
<incorrect> is there a nas server project based on ubuntu a bit like freenas?
<zul> not too my knowledge
<incorrect> ah well
<incorrect> thanks
<good_dana> incorrect: i dont know what it's based on, but if you're looking for NAS software, i'd recommend openfiler
<faulkes-> incorrect: iirc there is some work currently on the list for iSCSI targets and such
<faulkes-> but I'm not aware of any full projects devoted to NAS stuff for ubuntu specifically
<incorrect> i just installed sdb, how do i generate the uuid?
<faulkes-> incorrect: once you have partitioned sdb, you can find the uuid by executing the following command
<faulkes-> udevinfo -q env -n /dev/sdb<partition #>
<faulkes-> the ID_FS_UUID= contains the uuid of the disk such that you could put it into /etc/fstab
<faulkes-> again, with all commands someone tells you to run, you should always look at the associated man page first
<faulkes-> hmm, I guess whoever that "peer" guy is reset him
<Soskel> hi
<Soskel> I want to show people a list of installed server software, will running rpm -qa and displaying the results show anyone something.... bad?
<faulkes-> considering ubuntu doesn't use rpm for packaging, I don't think it would display anything at all
<faulkes-> hrm, perhaps I could have phrased that better, it sounded a little sarcastic
<mathiaz> ScottK: thanks. Congrats you too ! :)
<faulkes-> ScottK: good news on core-dev I take it?
<ScottK> mathiaz: Thanks
<ScottK> faulkes-: Yes
<faulkes-> ScottK: well, congrats
#ubuntu-server 2008-02-13
<vipaca> Hello all is ther a seperate channe; forsparc ?
<ScottK> faulkes-: Thanks.
<vipaca> Hello anybody out there dealing with sparc
<dendrobates> vipaca: I have a couple sparc boxes
<vipaca> really
<vipaca> Im really a sun hardware noob
<vipaca> but I inheireted two v210s
<vipaca> I just ubuntu on one of them
<vipaca> installed fine I was suspect of network connectivty
<vipaca> now that the box is up the nics are acting falkey
<vipaca> dendrobates: what kinda boxes do you have?
<dendrobates> vipaca: t2000, t5200
<dendrobates> vipaca: or something like that I am unsure of the model of the second one.  But they are both newer.
<vipaca> I see these are newerthen v210?
<vipaca> there definatley beefer
<vipaca> what kinda of nics you got?
<dendrobates> I believe they are marketed as Sun gigaswift, or something like that.
<dendrobates> but they are intel GE.
<vipaca> when you do lspci
<vipaca> Did you run into any nic problems when you installed ubuntu
<dendrobates> I did not.  What version are you installing?
<vipaca> 7.1
<vipaca> LATEST
<dendrobates> are you seeing anything in dmesg?
<vipaca> let me check
<helfire> hey, is it easy to change from php to suphp?
<vipaca> I hope this doesn
<vipaca> get me hacked
<vipaca> http://pastie.caboo.se/151347
<vipaca> dendrobates:Shouldn't be anything dmesg that could :/
<dendrobates> vipaca:  no, it;s pretty safe.
<vipaca> dendrobates:Im not sure how to read these things
<vipaca> [   32.575597] tg3: eth%d: Cannot get nvarm lock, tg3_nvram_init failed.
<dendrobates> vipaca: yeah, I haven't seen that before.
<vipaca> hey you pointed me to dmesg
<vipaca> very good
<vipaca> now I at least no that the driver is not happy
<vipaca> or kernel module or what ever tg3 is
<vipaca> thanks
<dendrobates> the driver seems to be finding your interfaces
<dendrobates> I think that message is not relevant.
<vipaca> maybe and maybe not
<dendrobates> what is the actual problem you are seeing?
<vipaca> well something like this I can only get light when connacting cable to 3 outof 4 nics at a time
<vipaca> and depending it changes whiich one
<vipaca> once Iget a cable connected andlights on that port no connectivity after static ip conf
<dendrobates> I see the kernel module finding all four cards.
<vipaca> sure and ifconfig shows them all but no lights
<vipaca> no connectivity
<dendrobates> You should dig deeper into the logs.  See if you can find any errors in /var/log/syslog
<dendrobates> does ifconfig look ok?
<vipaca> it does to me
<dendrobates> have any of the ports worked at all?
<vipaca> not on ubuntu
<vipaca> and I couldn
<dendrobates> what does your /etc/network/interfaces look like?
<dendrobates> what are you connecting these ports to?
<vipaca> dendrobates:sorry daddy duty called
<vipaca> a switch
<vipaca> interfaces is empty now but when its configure no good
<vipaca> Ive bee using just temp ip setupwith ifconfig
<kgoetz> anyone here tried exim4-daemon-light? i have it half installed in a chroot, and its breaking my packaging system :(
<kgoetz> wondering if its a bug in the package or because its chrooted
<kraut> moin
<kgoetz> hey mate
<kgoetz> fwiw, i think its a chroot issue
<roote> hi!
<roote> anyone knowledgeable about linux software RAID? Shouldn't a RAID1 be faster than a single disk?
<roote> i'm getting the same speeds testing a single harddisk VS RAID1
<roote> i thought it was supposed to give me almost double the speed
<soren> For reads, it should be significantly faster than a single disk. For writes, it's the same or slower.
<soren> It depends a bit on the hardware involved. If they're on the same IDE channel, you won't get much improvement (if any).
<_ruben> on same channel i'd expect it to be much slower even
<soren> _ruben: Depending on how I/O bound it is compared to seek bound.. Dunno. I'm just guessing.
<_ruben> same here
<c1|freaky> is there an RSS news feed somewhere for the server people?
<soren> What sort of news are you looking for?
<c1|freaky> news about ubuntu releases, security updates and other server-related stuff
<soren> c1|freaky: There are mailing lists for all of that. There's security-announce, ubuntu-server, and ubuntu-announce.
<c1|freaky> where can i subscribe to ubuntu-srever?
<c1|freaky> *server
<_ruben> c1|freaky: https://lists.ubuntu.com/
<stiv_> hey everybody ... i have multiple ubuntu-servers w. feisty that i update using my self-signed mirror w. some own packages (works fine!). These machines are not in a LAN, so updating via https would be a good idea, but i fell over this bug: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/109294
<ubotu> Launchpad bug 109294 in apt "HTTPS sources fail to update" [Medium,Fix released]
<stiv_> it's only fixed in gutsy and i can't find a way to adapt the apt source package (i could build it myself) to fix this issue ... is there a patch?
<stiv_> "These machines are not in a LAN," --> yes they are :-) but not all in the same the update server is in. "are not in a LAN" sounds weired
<c1|freaky> thank you :)
<roote> soren and _ruben : the disks of the RAID1 are on different SATA channels. I tested speed with hdparm -tT /dev/sda, hdparm -tT /dev/sdb and hdparm -tT /dev/md0 (and 1 and 2, since i have 3 partitions on each disk, and corresponding 3 raid arrays).
<roote> soren and _ruben : they all give me roughly the same speeds (around 60MB/s)
<_ruben> roote: i never put much faith in hdparm as a benchmark
<_ruben> if only i could recall the name of that benchmark tool ... its a girl's name ..
<_ruben> bonnie++
<_ruben> http://www.acnc.com/benchmarks.html for several other options
<Gargoyle> is there a meta package to install a LAMP stack as if you had chosen it during installation?
<_ruben> Gargoyle: i think that'd be sudo apt-get install lamp-server^
<Gargoyle> not showing up under apt-cache search.
<_ruben> correct (i think), tried that recently as well .. the install part does work tho ;)
<Gargoyle> with the ^ ?
<_ruben> yes
<_ruben> the ^ indicates a task
<_ruben> or you could use tasksel
<Gargoyle> ahh well seems I got everything with apache2 mysql-server php5 and php5-mysql
<_ruben> grr .. cant connect to mit's pgp server .. lets see if i can find an alternative
<sommer> jdstrand: hey, I've updated the firewall documentation section... have time for a review?
<jdstrand> sure! email?
<sommer> on the way, thanks
<sommer> also I went ahead and committed the changes so if you have the repo checked out you can see it that way :)
<jdstrand> sommer: thanks reading
<jdstrand> sommer: heh-- comma needed after 'configuration' in 2nd sentence of 3.2
<jdstrand> actually, I'll send you a diff
<sommer> jdstrand: okay
<sommer> just for the one comma or.... ?
<jdstrand> sommer: no, couple of other teeny things
<sommer> jdstrand: ah, I appreciate the feed back
<fuzed> hello?
<fuzed> I'm wondering about X setup on server, is there a specific set of packages needed, does one need to run xorgconfig(which I can't seem to find) or what
<jdstrand> sommer: sent diff
<jdstrand> sommer: thanks again!
<sommer> jdstrand: awesome, thank you
<sommer> fuzed: it's not really recommended, but you can find a guide here: https://help.ubuntu.com/community/ServerGUI
<soren> fuzed: Ask in #ubuntu
<fuzed> thnks
<sommer> jdstrand: so you only need one commit in the rules file?
<jdstrand> sommer: just at the end
<jdstrand> sommer: let me double check that
<sommer> gotcha, is there a site, man page, or something that documents iptables-restore files?
<sommer> I got most of that info from forum and mailing list examples
<_ruben> info on iptables-restore/save is *very* limited
<sommer> I wanted to add a link in the resources for further rules file details, but couldn't really find anything official
<_ruben> even netfilter/iptables developers dont know the 'rules' ;)
<jdstrand> sommer: for the most part, it is the same as an iptables rule, with 'iptables'
<jdstrand> the parts that are different are the default policys and COMMIT
<sommer> I see, I guess I was wondering about these lines ":PREROUTING ACCEPT [0:0]", what does the [0:0] mean?
<_ruben> 0 bytes / 0 packets
<jdstrand> resets the counters
<sommer> ah, gotcha
<sommer> I guess once you understand that part of it, it's really just iptables commands... like you said
<sommer> _ruben: thanks
<_ruben> correct .. just slightly different formatted ;)
<sommer> cool, I think we're good for the resources section then
<sommer> jdstrand: also, to double check even if you set /etc/default/ufw to forward you still need to enable forwarding in /etc/sysctl.conf?
<sommer> I think I missed a command to reload sysctl once you edit the file :-)
<jdstrand> sommer: yes. I should probably change that
<jdstrand> sommer: and you are right about COMMIT
<sommer> so it is needed for both tables?
<jdstrand> one COMMIT per table
<jdstrand> so the *filter table needs a COMMIT and the *nat table needs a COMMIT
<sommer> gotcha, I'll adjust that and add the sysctl command
<jdstrand> so all POSTROUTING part should be entirely *before* the *filter section
<sommer> cool, does the new file cover the major aspects of ufw?
<jdstrand> eg http://paste.ubuntu-nl.org/55851/
<jdstrand> sommer: yes
<jdstrand> sommer: obviously that paste includes some of my rules that shouldn't be in there ;)
<jdstrand> sommer: particularly leave out the OUTPUT and PREROUTING lines
<jdstrand> sommer: I am going to file a bug on the sysctl part
<sommer> jdstrand: with regard to the documentation?
<sommer> the bug I mean
<jdstrand> sommer: you shouldn't have to adjust sysctl.conf in ufw when you adjust /etc/default/ufw
<jdstrand> no, in ufw
<jdstrand> so leave the sysctl.conf part out of the ufw section
<sommer> ah, will do
<jdstrand> sommer: fyi bug #191596
<ubotu> Launchpad bug 191596 in ufw "ufw: should not have to enable ip_forward in sysctl.conf" [Undecided,Confirmed] https://launchpad.net/bugs/191596
<sommer> jdstrand: here's my new before.rules: http://paste.ubuntu-nl.org/55852/
<jdstrand> sommer: looks good
<sommer> cool, I'll move the sysctl step to the iptables masquerade section and apply the changes
<jdstrand> sommer: can you send me your final changes-- I am going to walk through this section on my system
<sommer> sure will do
<sommer> before applying ;-)
<jdstrand> sommer: won't happen til later in the day though
<jdstrand> feel free to apply-- I think they are right-- I am just going to double check it all
<sommer> jdstrand: no problem, minor changes won't be a big deal until SF, I just wanted to get the major section update in before FF
<jdstrand> yes-- would only be minor
<mathiaz> zul: I'm currently merging mysql-dfsg-5.0 from debian. I think that the changes you made for man conflict need to be extended to mysql-client-5.0 and libmysql-dev-5.0.
<mathiaz> zul: these two packages also shipp conflicting man page.
<vipaca> Where do I open a bug against sparc server
<mathiaz> vipaca: is a kernel problem ? a problem with a specific package ?
<vipaca> tg3
<vipaca> perhaps
<vipaca> What im seeing is that eth2 is tied to port 0 of 4
<mathiaz> vipaca: so if it's a kernel bug, file a bug against the kernel package.
<zul> mathiaz: ok im just having lunch
<mathiaz> zul: np. I'm doing the merge.
<fuzed> ok, does it say anywhere that you have to run mandb initially (-c) and rerun occaisonally,  why don't the package scripts or the pkg manager do that automatically?
<peterdv> fuzed: You should have the files "/etc/cron.daily/man-db" and "/etc/cron.weekly/man-db"  doing just that
<vipaca> can you give me a link for fileing a bug against the kernel
<mathiaz> vipaca: https://bugs.launchpad.net/ubuntu/+source/linux/+filebug
<frame45> does anyone listen to Linux Reality Podcast
<foo> Anyone located in southern california?
<frame45> FTP Server? should I use Ubuntu Server edition (command line) or the regular distro (gui) and then run like VFTP? (is VFTP right)
 * foo likes proftpd
 * ScottK dislikes FTP period due to plain text password transmission.
<foo> actually, good point. sftp++
<frame45> I work at a Video Production co. we need to setup an SFTP server so that our client can download about 60Mb-100Mb video files from it.
<foo> frame45: Hm, is the client only downloading?
<frame45> yes
<foo> frame45: Do you plan on giving them ftp/sftp access?
<foo> Are the files already on the server? Or does someone need to upload to the server so people can download?
<ScottK> For an Ubuntu Server if you install openssh-server, sftp will just work.
<foo> ScottK: Right, but that may not be the best solution here
<frame45> yes.   Most of our client use Mac I want them to be able to log-in via Connect to server or with an FTP client software
<zul> vsftp
<foo> frame45: That's too complicated for a client. Why not setup HTTP authentication with directory listing enabled so they can download files via HTTP?
<frame45> I will be creating and administering (uploading to the FTP)
<foo> frame45: Ok, so someone will need to upload files, then client downloads. You can upload via sftp, and client could download via HTTP. I think that's your best bet.
<frame45> ok, that would be great I just don't know enough about all this yet i guess.
<CarlFK> how do I setup /etc/network/interfaces to use a wifi card?
<CarlFK> pretty sure I did it that way before...
<infinity> CarlFK: man 5 interfaces
<infinity> CarlFK: It's well documented.
<CarlFK> ah, I stopped at man interfaces
<CarlFK> thanks
<moos3> anyone awake in here
<ScottK> Yes
<moos3> I need some server help
<foo> moos3: ask away
<moos3> http://ubuntuforums.org/showthread.php?t=695341
<moos3> is a thread that I started last night when I upgraded from 7.04 to 7.10
<moos3> and lost my server because of some unknown reason
<moos3> it worked fine in 7.04 but for some reason when I upgraded to 7.10 it hangs and I can't figure out why
<foo> moos3: is all of that the last 8 lines before you get into a shell?
<moos3> yeah
<moos3> its when its trying to load the kernel
<moos3> what gets me kernel 2.6.20-16 boots until it gets to kernel log daemon where it hangs
<moos3> and kernel 2.6.22-14 fails when trying to load the kernel
<foo> moos3: Ask in #ubuntuforums too
<foo> moos3: Wish I could help, but not sure, sure. Let me know when you find out
<moos3> ok
<mathiaz> Ubuntu Server meeting in #ubuntu-meeting in 5 minutes
<zul> nothing has been added to the agenda recently has it?
<ScottK> It's a good warning though, so I can do my action from that last meeting.
<mathiaz> zul: well - it depends how you define recently
<zul> heh i just saw it on the wiki
<zul> wiki esp
<XiXaQ> didn't someone tell me that vmware tools is now in hardy repositories?
<pwnguin> is there anything close to a remote installer for ubuntu/debian?
<XiXaQ> remote installer?
<pwnguin> specifically: something to control the install via a network; i can place a cd in the drive and boot it, but we'd rather not drag a mouse monitor etc for the duration
<zul> like kickstart?
<pwnguin> i think kickstart is a boot from network deal
<pwnguin> but this is all new to me, so perhaps
<faulkes-_> look at PXE booting for install
<faulkes-_> not sure what exists for an automatic though
<pwnguin> what about say a serial console?
<XiXaQ> that's interesting. Indeed, it would be nice if you could connect to the installer using ssh or vnc.
<soren> you can.
<pwnguin> do you need to install sshd first?
<soren> No.
<soren> Hang on.
<soren> http://wiki.debian.org/DebianInstaller/NetworkConsole
<pwnguin> i gotta say, that's a terrible wiki page
<mathiaz> XiXaQ: you're probably looking for open-vm-tools.
<pwnguin> i mean the first paragraph basically says the topic's pointless, without ever explaining what it is :(
<pwnguin> i dont need to preseed d-i, but d-i over ssh would be handy
<XiXaQ> mathiaz, ah, thanks. :)
<pwnguin> it kinda sounds like something already exists
<moos3> foo: ok I did what you said now I'm getting the follow
<soren> XiXaQ: A new and fresh version will hit the archive within 24 hours. (of open-vm-tools)
<XiXaQ> great :)
<moos3> foo: http://pastebin.org/19460
<XiXaQ> hmm. It doesn't seem to have any configuration options, like vmware-tools does. Like screen resolution, etc.
<soren> open-vm-tools-gui
<Goosemoose> hi guys
<Goosemoose> cjwatson_, you around?
<pwnguin> soren: were you suggesting a preseeded install?
<Goosemoose> anyone else know the status of the utility to connect to active directory for authentication?
<pwnguin> launchpad says needs code review
<pwnguin> https://blueprints.edge.launchpad.net/ubuntu/+spec/windows-authentication-integration
<cjwatson_> Goosemoose: I'm around, but know nothing about Active Directory
<Goosemoose> hey cjwatson_
<Goosemoose> hmm, thought it was you that was working on the tool in hardy for authentication
<Goosemoose> darn, who was it!
<soren> Goosemoose: No, it's dendrobates.
<Goosemoose> ahh ok
<soren> pwnguin: That's an option. You can also just specify it on the kernel command line.
<cjwatson_> pwnguin: section 6.3.8.3 of the installation guide (package installation-guide-i386) is probably more useful.
<cjwatson_> and the rest of the installation guide in general
<cjwatson> the option soren refers to is anna/choose_modules=network-console
<dendrobates> Goosemoose: https://launchpad.net/~dendrobates/+archive
<pwnguin> of course, under 6.3.8. Miscellaneous
<cjwatson> pwnguin: Kickstart doesn't intrinsically involve booting from the network
<dendrobates> Goosemoose: a new version has just been uploaded.  You will need to wait for it to build.
<cjwatson> it's usually invoked that way just because its main use is installing a zillion systems at once and obviously you don't want to go around inserting a CD into each one
<cjwatson> but Kickstart is just another automation method, not an interactive remote control method
<pwnguin> ok, so does the server CD allow me to access the menu via console, or do i still need to haul in a monitor / keyboard?
<pwnguin> we've got a laptop in there with a serial port for serial console hacking ;)
<cjwatson> server CD >= feisty should let you do it
<pwnguin> ok; thanks for the help and pointers!
<ivoks> so, when we eliminate dbconfig, how are we supposed to create both database and user during installation?
<Goosemoose> dendrobates, will it work with the current edubuntu or do i have to wait for hardy?
<dendrobates> Goosemoose: I am just packaging it for hardy, but I believe Likewise is packaging it for gutsy, check http://www.likewisesoftware.com/products/likewise_open/
<Goosemoose> ok, any idea if I can get it to work with a preseed cfg file?
<jronnblom> soren: you still around?
<Gargoyle> Can anyone help me out with apache warning me that namevirtualhost *:0 has no virtual hosts?
<Gargoyle> I have to files in sites-available and they both look OK to me.
<antdedyet> Gargoyle: you probably don't want apache listening on port 0.
<Gargoyle> I havent specified that anywhere
<soren> jronnblom: Always.
<antdedyet> Gargoyle: You might rather have it on a standard or non-standart port, such as 80 or 8080, respectively
<Gargoyle> I have namevirtualhost * should I change that to namevirtualhost *:80 ?
<jronnblom> soren: In the /etc/init.d/open-vm-tools I think there might be a problem with the loading of the vmxnet driver
<Gargoyle> Or should it get picked up from the main config?
<jronnblom> 		if vmxnet_needed
<jronnblom> 		then
<jronnblom> 			rmmod pcnet32
<jronnblom> even if vmxnet_needed returns 1 its never evaluated by the if
<antdedyet> Gargoyle: You will only need "NameVirtualHost *" once in your httpd.conf
<Gargoyle> ahh
<Gargoyle> ok
<soren> jronnblom: Why?
<jronnblom> soren:                 vmxnet_needed
<jronnblom> 		if [ $? -eq 1 ]
<jronnblom> 		then
<jronnblom> 			rmmod pcnet32
<soren> That's the exact same thing.
<Gargoyle> makes the sites-available a bit more awkward, but not a major problem.. thanks antdedyet
<soren> Except opposite, but ykwim
<soren> jronnblom: Ok, are you actually experiencing a problem, or are you just looking at the code and think there's something wrong?
<jronnblom> im running hardy alpha4 on vmware ESX I by default the pcnet32 driver is loaded
<antdedyet> Gargoyle: np -- you can always create a namevhost-local.conf in conf.d and write "NameVirtualHost *" in there
<jronnblom> it also loads the vmxnet driver
<antdedyet> That will allow you less conflicts with distribution default config updates
<jronnblom> soren: at first I thougth the vmxnet_needed purpose was to remove the pcnet32 and replace it with vmxnet
<jronnblom> soren: now Im not sure anymore
<antdedyet> Of course, you could also just set proper dpkg up to not ever overwrite conflicting conffiles
<jronnblom> soren: should both the pcnet32 and the vmxnet be loaded in ESX ?
<Centaur5> Is there a way to make a dhcp server only give out IP addresses to PXE boot requests?
 * antdedyet shrugs as he sees someone's gutsy box hard lock after trying the likewise-open built package from their site after failing to join the domain
<antdedyet> The hardy pkg worked fine for me, except joining the domain failed.
<antdedyet> (my error tho, I don't know the network well)
<antdedyet> Centaur5: My method would involve manually toggling the MACs in and out of the PXE boot config section located in dhcp... probably not what you're looking for.
<antdedyet> Centaur5: what dhcp server are you using? isc?
<Centaur5> antdedyet: Right, I do that to have one server do thin clients but the other server I want to network install (hopefully when I can figure that out).
<Centaur5> When I have both servers running though they both give out IP addresses and I only want one of them to give addresses to regular workstations.
<faulkes-> Centaur5: you can tell dhcp to ignore or handle specific mac addresses
<Centaur5> faulkes-: great suggestion but I have guest machines coming and going that are constantly connecting.
<Centaur5> I'm probably going to unfortunately have to physically separate with a new hub and cables the machines that need installations or just deal with 2 servers giving out IP addresses?
<antdedyet> Centaur5: that's almost exactly what I was about to suggest ... network segregration is a good thing when multiple dhcp servers are involved
<antdedyet> Centaur5: but the new servers to be installed are going to eventually join the existing infrastructure?
<faulkes-> iirc, I believe some switches support forwarding tftpboot / pxe / dhcp requests to specific hosts on a per port basis
<Centaur5> We sell and repair computers and I'm trying to figure out the best way to load Ubuntu on new machines and network installs would be excellent.  New machines are built and installed on any available bench so we would have to dedicate an area for new installs which would be mainly wasted.
<faulkes-> however, those would typically be high end switches/routers ;)
<faulkes-> why don't you have just one dhcp server do both?
<antdedyet> Centaur5: why would the space be wasted? it's saving you a ton of time; making your work more effective.
<faulkes-> iirc it is entirely possible and shouldn't affect regular client machines
<faulkes-> pxe calls dhcp to get an address and then connects to tftpboot to get config files and other data
<faulkes-> so a regular machine booting, unless pxe boot is enabled in the bios, will only ever get a dhcp address
<Centaur5> antdedyet: Well we would have to find a decent amount of necessary bench space. We have 9 machines to install now but next week we may have 0.
<antdedyet> Centaur5: run two patch cables to each dedicate machine space on the bench and label them appropriately as "new network install access" and "regular ole internet" or whatever...
<faulkes-> again, I have to question the requirement of two dhcp servers
<Centaur5> antdedyet: Yeah, I thought about that as a possibility.
<faulkes-> one dhcp server is quite capable of handling both pxe booted machines and regular dhcp requests
<Centaur5> faulkes-: Only mainly cause I try to keep all hard file transferring on a different server than the one with our applications.
<faulkes-> as long as you have a good switch, it shouldn't matter
<faulkes-> if you are using a hub, different story
<faulkes-> that's just MO though
<Centaur5> faulkes-: It's mainly to prevent bogging down the 2 thin clients we use off that primary server as well.  We have a gigabit 24 port switch.
<Centaur5> It's not managed though, we should have done managed.
<faulkes-> if you have gigabit ethernet available, bandwidth shouldn't be an issue
<faulkes-> managed or not really doesn't matter
<faulkes-> switching is handled at the hardware layer
<faulkes-> once the switch learns the mac destination, it won't flood other ports
<faulkes-> so unless your thin clients are attempting to access the pxe booted machines during install
<Centaur5> faulkes-: Okay, we currently have a raid 10 on the primary server that runs the thin clients and all web apps.  When I did a 8 gig data backup it made the thin clients unusable.  Do you think a network install will cripple them?
<faulkes-> it shouldn't
<faulkes-> it's raid, you are basicly doing one huge read
<faulkes-> how was the backup done?
<Centaur5> Oh right, I was doing the backup to the server so I was writing.
<faulkes-> again, I'm not saying you won't have issues, but I think it's at least worth an investigation before you start rewiring stuff and creating a workbench area
<Centaur5> It's also a hardware raid controller so I don't imagine we can get much faster without getting very expensive.
* soren changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || For virtualisation: #ubuntu-virt || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: https://help.ubuntu.com/7.10/server/C/ || https://
<soren> Gah..
* soren changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wiki.ubuntu.com/ServerTeam
<faulkes-> if the backup software runs on the server itself, you also have to deal with the fact the it likely stole a good portion of the cpu in the server
<faulkes-> not to mention disk i/o
<faulkes-> whereas reading from a raid controller to a gige network should all happen at the hardware level and the ip stack
<Centaur5> faulkes-: It was actually just a 8 gig transfer from a different machine.  Maybe I'll test the network install on that server then and hopefully solve that issue.
<faulkes-> well, that is my suggestion, if it works, you would save alot of time and energy
<Centaur5> Now my question is has anybody successfully done a network install server on Gutsy?
<faulkes-> iirc Loye has
<Centaur5> I did one on Edgy 8 months ago but Gutsy appears to be different.
<faulkes-> http://ubuntu-tutorials.com/2007/10/11/how-to-configure-pxe-network-booting-on-ubuntu-for-network-based-installations/
<faulkes-> which specically references 7.10
<Centaur5> Yeah, I tried that one.
<Centaur5> The server gets this error in syslog when a workstation attempts to boot. in.tftpd[14220]: received address was not AF_INET, please check your inetd config
<faulkes-> suggested work around includes using xinetd instead of inetd
<faulkes-> https://bugs.launchpad.net/ubuntu/+source/inetutils/+bug/32330
<ubotu> Launchpad bug 32330 in inetutils "Amanda fails because client thinks server is IPv6 when it's IPv4." [High,Confirmed]
<faulkes-> although that references amanda, it is the same issue you are seeing
<Centaur5> ahh...new package
#ubuntu-server 2008-02-14
<Dimitree> how can i check if my apache supports mod rewrite ? or is there a simple way to make phpbb3 sitemap and seo ?
<Dimitree> nevermind =)
<m1r> hello
<m1r> i am trying to install gnome desktop on ubuntu server, but it dosent show top window borders, any help
<m1r> ?
<soren> Ask in #ubuntu.
<m1r> ok tnx
<helfire> are there any tutorials on changing from php to suPHP?
<faulkes-> not that I know offhand, check ubuntu-tutorials.com
<helfire> i just have a production machine, wanta make sure everything goes right
<helfire> actually i'm setting up a VM to test it out on first
<helfire> if i cant find a good tutorial
<faulkes-> well, if it's a production machine, vm is always a good route to go to test out changes
<Dimitree> is this a safe way to recover mysql password ? http://www.debianadmin.com/recover-mysql-database-root-password.html
<Dimitree> will this leave any security risks ? = ) please help
<frame45> foo u there
<antdedyet> Dimitree: if mysqld_safe listens on any interfaces, it could be a security issue while you are running with the skip-grant-tables; might want to comment out any interface statements in my.cnf
<antdedyet> also, local issues could arise if regular users have mysql access
<sommer> jdstrand: so should the sysctl.conf instructions be included in the ufw section as well?
 * antdedyet double checks that last point ... I'm not sure non-superusers are allowed to connect while mysqld is running with skip-grant-tables.
<jdstrand> sommer: I was just going to email you
<jdstrand> did you read the bug report?
<Dimitree> i dont have users yet :) antidedyet i have reset the password using this guide http://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/
<sommer> jdstrand: heh... yep, also noticed your email wasn't very old
<Dimitree> do i have to disable anything after that or i just star mysql allover ?
<jdstrand> yeah-- I just invalidated that
<jdstrand> sommer: you do, but ufw has a separate sysctl.conf file in /etc/ufw/sysctl.conf
<jdstrand> I am adding it in there
<jdstrand> and will get it uploaded tomorrow
<jdstrand> /etc/ufw/sysctl.conf will have:
<antdedyet> Dimitree: once you run update ()  and set the root password, you can ^C  the mysqld_safe process and re-run the /etc/init.d/mysql start.
<jdstrand> # uncomment this to allow this host to route packets between interfaces
<jdstrand> #net/ipv4/ip_forward=1
<sommer> jdstrand: ah, bonus
<antdedyet> The new pass will then be in place and prompted for the new password on mysql client invocation.
<jdstrand> also, net/ipv6/ip_forward does not exist (for your iptables section)
<sommer> jdstrand: so when you set DEFAULT_FORWARD_POLICY ufw will turn forwarding on in /etc/ufw/sysctl.conf
<jdstrand> no
<Dimitree> antdedyet, is it possible to run the safe and reguler at the same time ? this guide i used had an exit command at the end and i started mysql after that and was able to login with new pasword ? im wondering if the safe one is still running ?
<jdstrand> sommer: I was thinking I could make that assumption, but I thought wrong
<sommer> jdstrand: I see, so update the ufw section to use /etc/ufw/sysctl.conf instead of /etc/sysctl.conf?
<jdstrand> sommer: will have to do both /etc/ufw/sysctl.conf and /etc/default/ufw in the version that will ship with hardy
<jdstrand> sommer: well, either would work-- but for forward compatibility, yes
<jdstrand> (in this version it won't matter)
<sommer> jdstrand: cool, I'll adjust the steps
<jdstrand> but other than flipping ip_forward, I went through the MASQUERADE section and it looks good
<sommer> that's good, I think that's a good example of using custom rules
<jdstrand> sommer: /etc/sysctl.conf is wrong about net.ipv6.ip_forward
<sommer> jdstrand: heh... was just going to ask for clearification on that
<jdstrand> doesn't exist
<sommer> okay, I'll remove that as well
<sommer> jdstrand: wait... by doesn't exist, do you mean it's not in the file?
<sommer> or the line in the file shouldn't be there?
<jdstrand> $ ls /proc/sys/net/ipv6/ip_forward
<jdstrand> ls: cannot access /proc/sys/net/ipv6/ip_forward: No such file or directory
<sommer> ah, I'm with ya
<sommer> would that be a bug then?
<jdstrand> $ sudo sysctl -A 2>/dev/null| grep ip_forward
<jdstrand> net.ipv4.ip_forward = 0
<jdstrand> no, it would be configured in conf/*/forwarding
<sommer> okay, I'll fix the doc
<sommer> jdstrand: thanks again for your feedback
<jdstrand> sommer: should be net.ipv6.conf.default.forwarding=1
<sommer> ah, so why isn't that in /etc/sysctl.conf?
<jdstrand> that's the bug
<sommer> aaahhh... now I'm really with ya
<sommer> jdstrand: so I'll update the ipv6 forwarding to net.ipv6.conf.default.forwarding=1 and add #net/ipv4/ip_forward=1 to /etc/ufw/sysctl.conf, correct?
<jdstrand> yes on ipv6
<sommer> will the net/ipv4/ip_forward=1 already be in the file and just need uncommenting or will it need to be added?
<jdstrand> no on /etc/ufw/sysctl.conf
<jdstrand> I am uploading a new version of ufw
<jdstrand> it will have the net/ipv4/ip_forward=1 in there, but commented
<jdstrand> the docs should simply say to uncomment it
<jdstrand> (so yes to your last comment)
<jdstrand> *sigh*
<sommer> gotcha, will you need to do a sysctl -p /etc/ufw/sysctl.conf after uncommenting?
<jdstrand> sommer: yes to 'will the net/ipv4/ip_forward=1 already be in the file and just need uncommenting'
<Dimitree> oh shait :/ now that i changed mysql pass the Lamp is broken >__< dang dang
<sommer> jdstrand: I'm with ya... apologies I got a little confuseded by the ipv6 thing
<antdedyet> Dimitree: Ah, so the ^C isn't applicable since mysqld_safe --skip-grant-tables will background itself, so the '/etc/init.d/mysql stop' is the easiest route after you 'flush privileges;'
<jdstrand> sommer: the 'sudo ufw disable && sudo ufw enable' will handle it
<sommer> jdstrand: party
<sommer> I'll update and commit the changes
<jdstrand> sommer: fyi-- normally you wouldn't have to disable/enable in this way, but because you are changing default policies, you need to
<jdstrand> sommer: thanks!
<Dimitree> antdedyet,  ok i stoped and started ti again thank you :)
<sommer> jdstrand: np, thank you
<antdedyet> Dimitree: np
<dendrobates> antdedyet: I'm glad to see you becoming active in the server community.
<sommer> jdstrand: another quick question to double check, will the net.ipv6.conf.default.forwarding=1 line be in /etc/ufw/sysctl.conf as well?
<jdstrand> sommer: yes
<sommer> cool, doc's updated
<jdstrand> \o/
<sommer> should a bug be filed about the current ipv6 sysctl line?
<sommer> I documented it like it was already there :-)
<antdedyet> dendrobates: Awesome. Time and pressure has only recently started permitting such activity.
<kraut> moin
<ivoks> someone lives in amsterdam?
<soren> According to wikipedia, more than 700000 people, yes.
<ivoks> i hear there are wallets laying around the whole city
<soren> Eh?
<ivoks> thousands of them :)
<ivoks> http://www.splinq.com/en/news/splinq-launches-new-discount-site-in-the-netherlands
<soren> Wow. Large scale littering.
<soren> They should get this guy to come and clean up: http://upload.wikimedia.org/wikipedia/commons/0/00/International_tidyman.svg
<soren> He's awesome.
<ivoks> hehe
<_ruben> holland, yes; amsterdam, no; guess i'll stick to my own wallet then ;)
<AnRkey> why would my samba server give very slow transfer speeds?
<wkornewald> what's the difference between a debian and an ubuntu server? I want to choose a VPS and I'm not sure which one is easier to maintain/setup
<_ruben> ubuntu is based upon debian, so globally they're identical, but they differ in the details
<wkornewald> BTW, I don't like fiddling with settings and compiling my custom kernel/apps. it should just work with the minmum amount of effort on my side
<_ruben> maintainance and setup arent that much different i think, tho ofcourse, here you'd only hear that ubuntu is easier/better/etc
<wkornewald> well, at #linux some guys told me that ubuntu isn't as stable as debian and security fixes will become a problem
<_ruben> well .. that depends on your definition of "fiddling with settings", no distro will do exactly what you do out of the box
<_ruben> ubuntu has a way faster release cycle, which might make you think its less stable, you do however get newer software in return, and thats a fact
<wkornewald> all I need is a very basic LAMP system (PHP for phpmysql only; otherwise Python for the web app)
<_ruben> installing a lamp system (based on php) is a one-liner on ubuntu .. adding python support might just be another single line (never done it)
<wkornewald> I might even use GMail for email handling (i.e.: point my mx to their server) if that makes things simpler for me (no SPAM filter, etc.)
<wkornewald> the Python stuff isn't the problem. the initial LAMP setup and security and maintenance are my problems. it's the first time I'll have a VPS (i.e., root access)
<wkornewald> is it really as simple as running "apt-get update"+upgrade regularly (esp. when http://www.ubuntu.com/usn shows something new)?
<_ruben> seting up LAMP is one command .. security and maintenance, well, subscribe to the ubuntu security lists and keep your install up to date
<_ruben> pretty much yeah
<wkornewald> and what does "pretty much" mean? there must be a catch ;)
<_ruben> and "sudo apt-get install lamp-server^" is all you need to get a LAMP setup running ;)
<wkornewald> cool. I think my VPS might even come pre-installed with LAMP (at least Apache and MySQL are)
<_ruben> well, it depends on the level of security and all you want to have .. having your system firewalled properly is a must as well ofcourse
<wkornewald> since I won't run any publicly accessible services apart from http and ssh the firewall part shouldn't be too difficult I hope
<wkornewald> is there a good security checklist for ubuntu LAMP servers?
<_ruben> wkornewald: not that im aware of (was having lunch)
<wkornewald> _ruben, which DB would you recommend, BTW? I guess that any serious web app will need transactions, so the comparison would be mysql+innodb vs postgresql and here the speed difference isn't so significant, is it?
<wkornewald> to me, mysql currently looks more interesting because it got (or will get) acquired by sun
<_ruben> i only have experience with mysql (and a little mssql on our windows systems)
<wkornewald> ok. I'll probably go with mysql since it's pre-installed
<ivoks> am i missing something here?
<ivoks> mysqladmin --defaults-extra-file=/etc/mysql/debian.cnf create $database_name
<sommer> ivoks: feels good to me... do you need -u username -p?
<ivoks> hm, no
<ivoks> but it works wihtout -extra part
<ivoks> is there a special reason why dbconfig-common isn't in main? :(
<ivoks> Access denied for user 'debian-sys-maint'@'localhost' to database 'bacula'
<ivoks> i touhgt debian-sys-maint is mighty account :)
<sommer> it's mighty in my eyes... heh
<sommer> fyi the dev docs are on the web: http://doc.ubuntu.com/ubuntu/server/C/index.html
<tjaalton> sommer: hey, re: vmware; now that lum contains open-vm-tools, I guess the vmware-tools in lrm are redundant?
<tjaalton> don't know when they were built the last time
<sommer> not too sure, soren or zul probably know more
<soren> eh?
<soren> Oh, same again :)
<_ruben> hrm .. just downloaded server edition of hardy alpha4 and it seems like it looks straight through my raid array :(
<_ruben> dell sc1420 machine, with both scsi and sata raid controller
<_ruben> hmm .. "HostRAID" .. probably some fancy name for software raid :/
<soren> _ruben: It's called fakeraid.
<soren> _ruben: ...if you want to google for it.
<_ruben> soren: yeah .. i had some small hope for it being real raid .. untill i noticed the 'hostraid' part (combined with the fact that ubuntu sees raw disks) .. setting up s/w raid + lvm atm :)
<_ruben> since afaik thats still prefered over fakeraid
<soren> _ruben: If the price tag leaves you in any sort of doubt as to whether it's proper hardware raid or not, then it's not.
<soren> Really.
<_ruben> soren: its an old box
<_ruben> so pricetag isnt on it no more :p
<soren> Was it free?
<soren> Then stop complaining. :)
<_ruben> no, but bought years ago
<_ruben> and not by me personnally
<_ruben> just a no longer used machine im gonna use to play with kvm and test stuff
<_ruben> crap .. cpu too old .. no vt, thus no kvm
<_ruben> crap .. qemu requires framebuffer .. lets continue tomorow
<soulc> is there vsftp for ubuntu?
<soulc> got it needed the d on the end
<foo> Anyone use logwatch? I was writing a custom script to grab logs on systems, parse them, and e-mail... but I think I should just be using logwatch.
<soulc> where can I get help with mail?
<faulkes-> soulc: https://help.ubuntu.com/community/Servers has mail related documentation
<faulkes-> however "mail" is a rather large subject, perhaps you can be more specific
<soulc> ture
<soulc> ha ha  1/2 an hour later
<soulc> ture
<soulc> damn
<soulc> true
<soulc> ok I installed the internet mail server postfix local mta and I guess a smtp program for internet mail....
<soulc> I guess that is right.  sorry if I hit <enter> too often went from irc to im then both irc and im
<soulc> ls -al /var/log
<soulc> opps
<peterdv> OK, when it comes to postfix, I wil recommend you to have a look at http://www.postfix.org/docs.html and especially the excellent notes from Ralf Hildebrandt (http://www.postfix.org/docs.html). The path to take really depends on your requirements (authorization, security, spam filtering etc.). I am afraid that it takes some time to explore the various different architectures available. Personally I find postfix an excellent ch
<peterdv> Sorry, Rlaf's work is at http://www.arschkrebs.de/postfix/
<faulkes-> I would also consider reading the Server Guide page about Postfix
<faulkes-> https://help.ubuntu.com/7.10/server/C/postfix.html
<faulkes-> and peterdv's suggestions are both excellent resources
 * ScottK would add that the postfix documentation is not organized for beginners.  "The Book of Postfix" will tell you everything you need to know and more.
<peterdv> True
<ivoks> hello
<ivoks> mathiaz: any objections on filling mir for dbconfig-common?
<mathiaz> ivoks: it will rejected.
<mathiaz> ivoks: it will be rejected.
<ivoks> is there a special reason?
<mathiaz> ivoks: it has already been looked at. moodle had to be changed in order to get in main.
<mathiaz> ivoks: so the option is to drop dbconfig-common.
<ivoks> ok, i'll take a look at moodle to see how it's done
<ivoks> everything else i've already striped
<ivoks> bacula builds now only with main libs
<ivoks> mathiaz: wwwconfig was droped; there's no mention of dbconfig
<mathiaz> ivoks: so how does moodle handle db creation ?
<ivoks> trough large perl scripts
<ivoks> i'll copy that
<ivoks> but having dbconfig would make it easier...
<soulc> thanks for the resources
<faulkes-> today, my valentine goes to squid proxy
 * faulkes- <heart> squid
<sommer> faulkes-: details!
<faulkes-> heh
<faulkes-> I have my niece staying with me and lets say, teenagers aren't particularly aware or caring of what they install / download
<faulkes-> so I forced the only windows box here into a proxy, which bans a bunch of sites and rate limits others
<faulkes-> leaving my precious bandwidth alone so I can download ubuntu iso's
<sommer> sweet
<faulkes-> as much fun as it is having to clean up malware, spyware and all the other junk that gets infested on windows
<jronnblom> nice thing about squid is that it is simple to connect to Active Directory and with NTLM authentication in the background the users don't know that they're running through a proxy
 * faulkes- nods
<jronnblom> and finally the squidguard project has come back from death (died in early 2000 i think)
<jronnblom> I have a box with ~ 3000 clients connected through dapper + modfied squid ;)
<moos3> can anyone help me with a openldap issue?
<peterdv> Dont know ....
<faulkes-> aye, I used to run squid for my isp, forward and reverse
<moos3> Feb 14 13:59:39 edgecomb slapd[4606]: @(#) $OpenLDAP: slapd 2.3.35 (Dec  3 2007 20:02:39) $ ^Ibuildd@terranova:/build/buildd/openldap2.3-2.3.35/debian/build/servers/slapd
<jronnblom> replaced it with what?
<moos3> any ideas what that means
<faulkes-> jronnblom: no idea, sold it in '99 after we brought it to a regional level, for all I know, they could still be running it
<faulkes-> that would appear to be a startup message for slapd
<faulkes-> it is an informational message, not an error
<faulkes-> unless there is stuff after it, which is more error-like in nature
<faulkes-> jron: since then I've worked with f5's and cisco stuff mostly
<moos3> all i did was change was access to attrs=userPassword,sambaNTPassword,sambaLMPassword from access to attrs=userPassword,shawdowChanges
<moos3> any ideas why it fails in 7.10
<faulkes-> define "fail"
<moos3> slapd wont start
<faulkes-> any other slapd messages in the log other than the startup message?
<moos3> root@edgecomb:/home/richard# /etc/init.d/slapd restart
<moos3> Stopping OpenLDAP: slapd.
<moos3> Starting OpenLDAP: slapd - failed.
<moos3> The operation failed but no output was produced. For hints on what went
<moos3> wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
<moos3> try running the daemon in Debug mode like via "slapd -d 16383" (warning:
<moos3> this will create copious output).
<moos3> Below, you can find the command line options used by this script to
<moos3> run slapd and slurpd. Do not forget to specify those options if you
<moos3> want to look to debugging output:
<moos3>   slapd -g openldap -u openldap
<moos3> thats all i get
<moos3> sorry for the paste
<peterdv> Did you try "slapd -d 16383" ?
<moos3> yeah
<faulkes-> and?
<peterdv> Surely it was'nt silent
<moos3> heres the output http://pastebin.org/19615
<moos3> way to much to paste in here
<peterdv> Thanks
<moos3> ideas?
<moos3> you want to see my config file for it?
<peterdv> line 246: /etc/ldap/slapd.conf: line 101: unknown attr "sambaNTPassword" in to clause
<moos3> so what should I cahnge it to then
<sommer> is this for a school project?
<moos3> no
<moos3> I wish
<sommer> testing?
<peterdv> lines 202-203 was the samba schema read by slapd ? Is the file present ? permissions ?
<moos3> becuase then I wouldn't be pressed for time
<moos3> yeah testing a move from windows environment to complete open source
<sommer> ah, I agree with peterdv. do you have the samba schema file loaded?
<moos3> yeah
<peterdv> "etc/ldap/slapd.conf: line 15: unknown directive <incldue> inside backend database definition (ignored)."
<moos3> ok, looking to make sure
<peterdv> I think what i tells you is that you have placed the include in a wrong place. I tend to start the file by including all the schema's right at the top of the file
<moos3> ok there
<moos3> ok I made sure the permissions are correct and still dies
<Goosemoose> dendrobates, what was the link to the active directory authentication program? i forgot to write it down. i want to get it rolled into my preseed im running
<dendrobates> Goosemoose: just a sec
<Goosemoose> ok, thanks
<avatar_> https://bugs.launchpad.net/ubuntu/+source/likewise-open
<dendrobates> Goosemoose: https://launchpad.net/~dendrobates/+archive
<Goosemoose> thanks dendrobates, is there instructions on how to install that with a preseed file somewhere/
<Goosemoose> im pushing 200 computers
<dendrobates> Goosemoose: there is a new upstream codedrop in a few minutes.
<Goosemoose> ok, ill wait a few minutes to download
<Goosemoose> even though it says for hardy, it will still work in the current release right?
<dendrobates> Goosemoose: if you wait until it's in the archive it will be easier.
<Goosemoose> when will that be?
<dendrobates> Goosemoose: I hope to hvae it reviewed after the new code drop hits, then it will take a short time for it to show up.
<dendrobates> Goosemoose: have you tested it?
<Goosemoose> dendrobates, no i haven't tried it yet
<Goosemoose> i set up one machine using a 8 page doc
<Goosemoose> to connect to my AD domain
<Goosemoose> users log into ubuntu with their AD account
<Goosemoose> but replicating that on all machines would be a major PIA
<Goosemoose> so ive been waiting for the utility release
<dendrobates> Goosemoose: Are the machines using AD for DNS?
<Goosemoose> yes
<Goosemoose> It's a school
<Goosemoose> I have 200 windows machiens
<Goosemoose> now rolling out 200 ubuntu
<Goosemoose> 6 in each classroom
<Goosemoose> got a large donation from kinkos :)
<Goosemoose> P4, 2.6 ghz machines
<Goosemoose> work pretty well
<dendrobates> Goosemoose: I'll ping you when the new release is up.
<Goosemoose> dendrobates, ok thanks
<Goosemoose> another server question, in my preseed I create an administrator user. And that account seems to automatically get administrator access. How can I create a normal user account as well?
<jronnblom> Goosemoose: I do it with a script that I run in preseed using late-command
<jronnblom> d-i preseed/late_command string preseed_fetch http://mywebserver/preseed/install_me.sh /target/root/install_me.sh ; chmod u+x /target/ro
<jronnblom> ot/install_me.sh ; in-target /root/install_me.sh
<Goosemoose> jronnblom, thats how you install new users, or install the AD script?
<jronnblom> thats how I adapt thing on the desktop after the preseed install is finish (I add a local user account among other things)
<jronnblom> In your case I suppose all you user accounts is in the AD?
<moos3> ok back to sqaure one with ldap issue, samba is all configured and this is still giving me issues access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword
<moos3> ideas?
<Goosemoose> jronnblom, yes
<jronnblom> Goosemoose: you need help with an AD script to create new users, is that what your asking for or did I missunderstand the question?
<Goosemoose> im asking lots of things :D
<Goosemoose> dendrobates is posting the new version of his program
<jronnblom> ;)
<Goosemoose> i need to figure out how to work that into a preseed
<jronnblom> you could use late_command and download a script which in turns uses wget to download the program...
<Goosemoose> ok, guess i need to read up more about the program
<jronnblom> me too, likewise-open seems almost to good to be true ;)
<moos3> ok this doesn't make any sense at all, all the how-to's say this is correct access to attrs=userPassword,shadowLastChange,sambaNTPassword,sambaLMPassword I dont understand why it fails then
<pwnguin> i think i confused the installer =(
<pwnguin> im running the installer via ssh -- is there a way to reset the current decisions without rebooting?
<pwnguin> it just sits at the partitioner at 50 percent saying please wait...
<moos3> pwngiun: which installer
<pwnguin> the text mode one?
<moos3> so you booted off the cd and then started sshd and then connected?
<pwnguin> yea
<pwnguin> i was trying to browse for a raid option, and i might have run two menus at the same time
<pwnguin> maybe ill just grab the cluster admin and see about resetting it
<moos3> yeah
<pwnguin> i can still bring up a root console
<mathiaz> soren: can I run a guest using a logical volume as the root disk ?
<soren> mathiaz: Sure.
<mathiaz> soren: hum. how do you define that in the xml file ?
<mathiaz> soren: I've tried using <disk type='block' device='disk'> but it fails.
<mathiaz> soren: my xml configuration file: http://pastebin.ca/904456
<soren> mathiaz: What happens if you just do type='file' ?
<mathiaz> soren: and using a logical volume as a source ?
<soren> akvist: Yup.
<mathiaz> soren: I guess I meant yup for me.
<mathiaz> soren: it fails with a qemu error: qemu: could not open disk image /dev/mapper/ubuntu-vm_hardy-server
<mathiaz> soren: the configuration that is the paste works.
<mathiaz> soren: if I comment type=file and use type=block instead, create fails.
<soren> mathiaz: create? What exactly are you doing?
<mathiaz> soren: I'm using virsh
<soren> Ok.
<mathiaz> soren: from the shell, I use the command "create vm/cfg/test-srv.xml"
<soren> You probably want "define vm/cfg/test-srv.xml" instead
<mathiaz> soren: ok. So how do I start a vm then ?
<soren> mathiaz: start
<soren> :)
<soren> "create foo.xml" instantiates the domain. When you shut it down, it ceases to exist.
<soren> "define foo.xml" adds it to libvirt, so to speak.
<mathiaz> soren: hum... it's documented neither in the man page, nor in the help message.
<mathiaz> soren: IIUC create = define+start
<soren> No, the documentation really relies on you having the same understanding of the word "create" as the authors have.
<soren> No.
<soren> create = load+start
<soren> (load is a term I just made up)
<soren> It doesn't get defined.
<soren> It just starts it.
<soren> and when you stop it, it disappears again completely.
<soren> If, however, you define it, libvirt remembers it. After defining it, you can start it.
<mathiaz> soren: ok. you need to define if you want to have your guest persistant across host reboot.
<mathiaz> soren: or when libvirtd is restarted
<soren> Precisely.
<mathiaz> soren: so if I use this xml file: http://pastebin.ca/904468
<mathiaz> soren: define fails with the following error: libvir: QEMU error : hda
<soren> won't work.
<soren> a) you probably don't want localtime
<soren> b) /usr/bin/qemu-system-x86_64 <---
<soren> er..
<soren> Hm...
<soren> <type>hvm</type> and <emulator>/usr/bin/qemu-system-x86_64</emulator> probably adds up to it trying to use kqemu.
<soren> mathiaz: Oh.
<soren> You need to:
<soren> No, sorry. :)
 * soren has tired eyes.
<soren> I'm wouldn't have thought qemu/kvm cared whether the type was block or file.
<soren> What's the exact error if you try with type='file' ?
<soren> And which hypervisor are you connecting to?
<mathiaz> soren: when using type='file
<mathiaz> soren: I get: qemu: could not open disk image /dev/mapper/ubuntu-vm_hardy-server
<mathiaz> soren: for the connection string, I've used: qemu:///system
<mathiaz> soren: if this is what you meant with hypervisor I'm connecting to
<soren> Yeah, that's what I meant.
<soren> Erm...
<soren> This is a logical volume?
<mathiaz> soren: yes.
<mathiaz> soren: not filesystem created on it.
<soren> In that case, I'm not sure I belive that /dev/mapper/ubuntu-vm_hardy-server exists.
<soren> Could you doublecheck?
<soren> I'm guessing one of those - should be --.
<mathiaz> soren: yes.
<mathiaz> soren: you're right.
<soren> \o/
<mathiaz> soren: you have to use type=file
<mathiaz> soren: so type-block doesn't work ?
<soren> Right. I think type=block only makes sense for Xen.
<mathiaz> soren: is there a way to specify that the vnc server should listen on 0.0.0.0 instead of 127.0.0.1 ?
<soren> mathiaz: Yes, you can add listen='0.0.0.0'
<mathiaz> soren: great !
<soren> mathiaz: The docs are really awful, IMO.
<mathiaz> soren: yes.
<soren> mathiaz: Documentation by example doesn't work well in this case.
<mathiaz> soren: so now I'm trying to boot using an iso: http://pastebin.ca/904473
<soren> Ok.
<mathiaz> soren: I've got an error while creating/defining.
<soren> Yes?
<mathiaz> soren: http://pastebin.ca/904473 is my configuration
<mathiaz> soren: there isn't any specific error message
<mathiaz> soren: just: libvir: QEMU error :
<soren> mathiaz: Does it work anyway, by any chance?
<mathiaz> soren: it seems the problem is <boot dev="cdrom">
<soren> Ah, yes, your xml is invalid.
<soren> it should be <boot dev='cdrom' />
<mathiaz> soren: yeaaah ! It works :)
<mathiaz> soren: It seems that you cannot define a cdrom as being hdb
<soren> mathiaz: That's right.
<soren> It's a limitation in qemu.
<mathiaz> soren: I didn't get the network part.
<mathiaz> soren: there are multiple options in the documentation for qemu
<mathiaz> soren: which is the default in ubuntu ?
<soren> mathiaz: I recommend virtual.
<soren> mathiaz: It's got everything "user" has, and more.
<soren> mathiaz: and doesn't require you to change anything at all on the host.
<mathiaz> soren: ok
#ubuntu-server 2008-02-15
<Centaur5> faulkes-: Are you here?
<faulkes-> Centaur5: you're welcome
<stmartin> Hello, I'm currently writing a tutorial on system installation and deployment strategies. I'm not all that familiar with the development efforts of Ubuntu currently. Is there a mechanism to manage what packages should be installed via LDAP or some such in Ubuntu? If not currently, is this something that is being worked on? Thanks.
<kgoetz> packages installed via ldap?
<stmartin> Yes. I would like to be able to specify in LDAP which packages should be installed, and have the client system maintain that. Probably something to do with cfengine.
<kgoetz> thats an abuse of ldap i havent seen before
<stmartin> Why would it be an abuse? It is a directory server. That doesn't mean it just does account information.
<kgoetz> no it doesnt, but i still think its abuse :)
<stmartin> You would hate Novell's eDirectory then I think. ;^)
<kgoetz> good guess ;)
<stmartin> Do you know of anything in the Ubuntu-scape that addresses the problem of remote package management?
<kgoetz> no i dont. launchpad may have a spec on it though. (if there isnt one, ther probably should be)
<stmartin> Thanks, will have a look.
 * kgoetz muses. wonder how hard it would be to get puppet to read its configs out of ldap
<kgoetz> wonder what the schema would look like *heh*
<davidof> Hi all
<davidof> anybody has /boot mounted in a separated partition from /?
<stmartin> I see https://wiki.ubuntu.com/ConfigurationInfrastructure looks like its trying to solve the problem I envisage.
<davidof> I mean, /boot in /dev/sda1 and / in /dev/sda5. For example
<kgoetz> davidof: yes, lots of people
<faulkes-> yes, I typically setup /boot as it's own partition
<davidof> kgoetz, I need that menu.lst. I've lost it :'(
<davidof> faulkes-, can you give me your boot.lst?
<kgoetz> davidof: do you have access to the system in question, and a live cd?
<davidof> yes
<kgoetz> you can recreate it with grub-intall
<davidof> kgoetz, I've launched grub-install but don't do that :(
<kgoetz> stmartin: i stopped readin g at 'clients use avahi'
<kgoetz> davidof: but what?
<stmartin> kgoetz: this one looks better https://wiki.ubuntu.com/NetworkWideUpdates
<stmartin> but fundamentally, I think its a partly a problem with Linux's Unix heritage (wrt configuration file management).
 * kgoetz shrug
<kgoetz> i havent looked into it recently enough
<davidof> kgoetz, when I launch grub-install manually from the live-cd... grub-install don't recreate the menu.lst :(. Sorry about my english
<stmartin> Although this one looks closest to what I was pondering. https://wiki.ubuntu.com/NetworkWideUpdates
<stmartin> Whoops, that should be /UpdateServer
<stmartin> Puppet looks very interesting.
<kgoetz> davidof: you need to mount your partitions, chroot them, and then run it
<kgoetz> puppets meant to be cvengine without 500 years of legacy :)
<davidof> ok, I'm going to try it :)
<kgoetz> not tried it yet though
<kgoetz> btw https://help.ubuntu.com/community/GrubHowto
<davidof> kgoetz, I tell you what I have done. (sda5 = /, sda1 = /boot). # mount /dev/sda5 /mnt # mount /dev/sda1 /mnt/boot # chroot /mnt
<kgoetz> davidof: you need to bind in /proc and /dev
<kgoetz> before chrooting
<davidof> but when I launch grub-install /dev/sda it says "/dev/sda: Not found or not a block device
<davidof> Â¿?
<davidof> bind? how can I bind?
<davidof> ln?
<kgoetz> mount --bind /dev/ /mnt/dev/
<kgoetz> same for /proc, and (optional) /sys
<davidof> oh, thanks
<kgoetz> and no, ln wont work, because you cant link to outside a chroot
<davidof> uhm, no. There is no menu.lst. Maybe using dpkg-reconfigure grub?
<kgoetz> you are looking in /boot/grub/menu.lst ? (just making sure)
<davidof> kgoetz, yes. I'm in
<davidof> there are device.map, stage1, stage2, .... but no menu.lst :S
<kgoetz> brb. work
<davidof> brb?
<stmartin> be right back
<davidof> :"(
<davidof> I can create it, can't I?
<davidof> title Ubuntu
<davidof> root (hd0,0) ? (grub partition)
<davidof> kernel /vmlinuz-2.6.22-14-generic root=/dev/sda5 ?
<stmartin> I'd help, but I'm not very familiar with grub myself.
<kgoetz> ubuntu mangleats grub, so i doubt my debian boot bears any semblence to an ubuntu boot at all
<kgoetz> s/boot/menu
<stmartin> update-grub creates menu.lst
<stmartin> man update-grub
<davidof> stmartin, !!!!! now it worked! :). I'm going to reboot "Crossing fingers"
<stmartin> Here's a little hint for the future then.
<stmartin> dpkg -L grub | less
<davidof> O yes!!! I works!!
<stmartin> You'll find no mention of menu.lst in there, ergo it must be auto-generated.
<davidof> Thanks everybody!! :)
<stmartin> If you wanted, you could also look in /var/lib/dpkg/info/grub.postinstall
<kgoetz> now dont delete it again :p
<stmartin> You will see that it runs update-grub.
<stmartin> A quick check of update-grub(8) and you can figure out the rest.
<davidof> Now... What do you think of vmware-server (it's free) vs another options like Qemu or the other.... (don't remember the name). I need it to run windows to give support in my work
<davidof> I have always used vmware, but I remember since a time to now, lot of people is using another alternative...
<stmartin> I'm currently running Ubuntu quite nicely inside VirtualBox running on FedoraCore. Runs quite nicely, but VirtualBox is a workstation product, not such much a server product.
<stmartin> Sound doesn't work though, and XVideo isn't enabled on the host (no privs), so I can't try out the desktop effects in Ubuntu.
<stmartin> I'm also using it to try out Solaris
<davidof> ahm... oki
<stmartin> Underlying hardware is a 20" iMac (but running Fedora)
<davidof> Do you prefer Fedora than OsX? I never used OsX
<stmartin> I should mention we're an academic institution, so the license allows us to use the vendor-compiled version freely.
<stmartin> No! I much prefer OS X. But alas, this is a departmental machine that I am testing software on currently.
<davidof> ahm, ok ok :)
<stmartin> My upgrade (coming shortly I hope) will be a 24" iMac running Leopard 8-)
<stmartin> What are your requirements?
<davidof> hehehe. I'd like to test Leopard on my x86 Laptop. Only to see OsX
<davidof> requirements? for Virtual Machines? Very poor. Only contability programs (Visual Basic + Access programs) and not much more
<stmartin> compatibility?
<davidof> no... uhm, bad translation... I'll look for the word
<stmartin> accounting?
<davidof> yes!
<davidof> :D
<davidof> Management and accounting.. right?
<stmartin> Well, then ideally you would want something that has the ability to make your windows applications share the same desktop space as your native apps. I'm not terribly familiar with the Linux virtualisation space, so I don't know if VMWare Workstation offers that capability. Parallels might, its another cross-platform program. Ubuntu has it available via its partners repository.
<davidof> stmartin, wine?
<stmartin> that is a possibility. As an IT professional, I would perhaps feel uncomfortable with that as a solution from a stability and support perspective.
<stmartin> Qemu would be another obvious choice. Free too.
<kgoetz> i saw parrallels get slammed in a review (trying to remember where)
<stmartin> performance wise? It depends on the host platform. I've not used it myself (using VirtualBox).
<stmartin> although VirtualBox is currently unreleased for Jaguar.
<stmartin> I do like the look of VMWare Workstations specs with regard to virtual networking. Up to 10 virtual switches. Seems a bit arbitrary, but at least you can have more than one (via the GUI anyway).
<davidof> what I like of VMware is that you can create your own Virtual Network, with several VM machines (caution with the RAM) in the same network, being totaly isolated from the Host
<stmartin> Strange though, I don't see any desktop convergence features in any non-Mac hosted products. eg. Parallels Desktop for Mac has its Convergence, and VMWare Fusion has its Unity, but no such feature for Linux or Windows hosts (that I can see)
<stmartin> I'm very tempted to write a manageable software ethernet switch, since I teach networking at uni.
<stmartin> Lots of interesting applications for VM stuff there.
<davidof> desktop convergence? You mean to put a window from Xp (for example) outside Vmware and being integrated in Linux? No.. I think this is not possible
<stmartin> You can certainly do it from a Windows guest onto a Mac host.
<stmartin> Rather effectively too, from my (short) playing with Parallels and Fusion in my local Mac store.
<davidof> oh thats amazing. but you have to run the whole machine, haven't you?
<stmartin> Yes.
<davidof> I mean, can you run only an aplication? (less resources usage)
<stmartin> No, all the OS is still running, but any running applications are merged into the desktop.
<antdedyet> a colleague of mine installed MS Vista & XP instances on gutsy using VirtualBox-ose last week and now runs them simultaneously
<antdedyet> 3G RAM total, 1G for Vista, 512MB for XP, remaining goes to host
<stmartin> davidof: is this for one or many users?
<davidof> stmartin, only for me. But I use vmware server because is free :)
<davidof> or was...
<stmartin> was?
<antdedyet> davidof: on ubuntu gutsy and newer: sudo apt-get install virtualbox-ose
<davidof> was in the past. I'm not sure if now it is free
<antdedyet> qemu/kvm is also free, but the GUI is more complete for VirtualBox
<stmartin> I see the virtualisation market becoming a bit like the browser market. The basic apps will be free, in order to compete.
<davidof> antdedyet, and what about the speed? Becouse for example, I tested Qemu some years ago, and it was toooo sloooowww
<antdedyet> GUI = mgmt GUI
<stmartin> Where the virtualisation market will differ is in the enterprise integration.
<antdedyet> davidof: kvm is the hardware accelerated version of qemu.
<kgoetz> qemu virtualises a full system
<stmartin> The virtual data-center is where the money is to made in the virtualisation space.
<stmartin> vmware server still appears to be free.
<kgoetz> no cost at least
<stmartin> indeed
<antdedyet> VirtualBox was really about the same with and without the cpu instructions enabled
<stmartin> but it would have a better upgrade path should you decide your enterprise needs more of this virtual stuff.
<stmartin> I found the VT-x instructions did make it go noticably faster. I was installing Solaris at the time, I think.
<antdedyet> non-distro packaged software has a better upgrade path?
<stmartin> Granted, it wasn't a _whole_ lot faster, but noticeable.
<stmartin> no, what I meant that VMWare has a better upgrade path if you want to scale up your virtual infrastructure.
<davidof> Oh men! Here in Spain it's 5:53 AM... I think I should sleep a bit :D:D
<kgoetz> hehe
<faulkes-> welcome to late night and early morning #ubuntu-server
<davidof> Thank you all very much, and see you!
<faulkes-> the best cable access show around ;)
<stmartin> davidof: you think you've got it tough... I have to get to the gym.
<davidof> :)
<kgoetz> i raise you being at work still :p
<stmartin> work != #ubuntu-server ??? wtf?
<kgoetz> work == using a vi release from 1996
<kgoetz> Version 1.79 (10/23/96) The CSRG, University of California, Berkeley.
<kgoetz> silly yanky dates
<stmartin> ew. What OS?
<kgoetz> Freebsd 4.1
<faulkes-> heh
<stmartin> Forced obsolescence does have its attractions.
<faulkes-> I still have 4.1 cd's kicking around
<faulkes-> in fact, I probably have older versions as well
<faulkes-> and slackware cd's from err, hmm, '96
<kgoetz> slack was on cd in 96?
<faulkes-> yes, ordered from cdrom.com back when jfk was still doing freebsd
<faulkes-> err, jkh even
<faulkes-> afair
<faulkes-> 4 cd jewel case, red label iirc
 * faulkes- is an old old man
<kgoetz> hehehe
<faulkes-> when I started using linux, you had to walk up hill, both ways through stacks of floppies 8ft deep, fighting off rabid packs of wolves
<kgoetz> when i started you put in a cd and waited a while :p
<faulkes-> none of this fancy "cdrom" technology
 * faulkes- fondly remembers dd'ing install floppy images
<faulkes-> 0.99p1 was the first kernel I ever compiled
<faulkes-> like I said, an old old man
<faulkes-> now get off my lawn or I'll start talking about bang path addressing and how we wore onions on our belts, that being the fashion of the day
<stmartin> Bah, _real_ hackers didn't bother with any of that, that just let a butterfly flap its wings, then digitised the wind on the other side of world and wrote that onto disk. :-[ Actually, that might explain the stability of the early Unix systems.
<stmartin> xkcd - A webcomic of romance, sarcasm, math, and language - By Randall Munroe <http://xkcd.org/378/>
<stmartin> (shamelessly adapted by /me)
<stmartin> poorly
<faulkes-> quite.
<faulkes-> however, +0 for the attempt ;)
<kgoetz> lol
<faulkes-> anyways, 00:39 EST and time to try to get some sleep before my phone goes off tomorrow morning
<faulkes-> night
<kgoetz> later mate
<sommer> anyone else experience hardy not tab completing sudo commands?
<_ruben> hrm .. trying to get qemu working on hardy alpha4 .. (no kvm due to lack of vt flag) .. getting "Could not initialize SDL - exiting"
<_ruben> doh .. its an "access denied" issue
<_ruben> and now my keyboard aint working properly .. not on the console (within qemu) nor over vnc .. guess i'll stop experimenting with this for now
<AnRkey> i have two samba servers on my network and they seem to mess each other around a bit. how can i see if they are fighting?
<AnRkey> soz for the "special" explanation :D
<spiekey> morning!
<kraut> moin
<spiekey_> soren: are you there? :)
<TrioTorus_> what is the recommended web-interface to an ubuntu server? Will anything be put forward for Hardy server?
<Kamping_Kaiser> hm. ebox perhaps. not sure
<TrioTorus_> I was looking at ebox, but it seems it is a complete distro of its own. Is integration with Ubuntu possible?
<Kamping_Kaiser> yeah, people are working on it
<TrioTorus_> Looks very good for what I need though. On the forums I saw some talk about including it with ubuntu?
<TrioTorus_> okay, where should I look to follow it up?
<dexem> It's intended to have some ebox packages for hardy
<dexem> most of them, if it's possible
<TrioTorus_> that would be truely fantastic
<dexem> TrioTorus_: last meeting log is not ready yet, but when it is ready you can see what it was decided
<TrioTorus_> great, thanks
<foo> /w 20
<Nafallo> no, /win :-)
<sergevn> Is there an good solution to give remote login users only an handful of commands in the login shell?
<_ruben> sergevn: you'd probably need to set up a restricted chroot environment with only those commands available
<moos3> anyone have issues with setting up slapd?
<moos3> anyone wake this morning
<faulkes-> did you fix the spelling mistake in your configuration file?
<moos3> include is the only way i know how to spell include
<moos3> I have tried with a capital I and no difference
<faulkes-> not the I
<moos3> the du needed to switched to ud
<faulkes-> incldue/etc/ldap/schema/samba.schema
<moos3> yeah I fixed that but no go
<faulkes-> ok, is it spitting out new errors now?
<moos3> nothing
<faulkes-> even with debug on?
<moos3> yeah
<moos3> I'm thinking something else is stopping it from running
<faulkes-> ps -ef | grep slap
<faulkes-> and have a look at the log files again
<moos3> ok thansk faulkes
<faulkes-> if it is exiting abnormally due to an error, it should report it
<faulkes-> morning mathiaz
<mathiaz> hi faulkes-
<faulkes-> anyways, I'm off to the doctors
<sommer> hey all, I'm migrating some Tomcat java apps from CentOS to Ubuntu, everytime the apps connect to the db and do a prepareStatement or a createStatement it returns a NullPointer Exception
<sommer> I'm not a Tomcat expert by any means, so I was wondering if there was some config I'm missing?
<sommer> also I've extraced the connection and query code into a test cli app and it works fine
<sommer> so I think the jdbc and everything is setup correctly
<sommer> here's the error: http://paste.ubuntu-nl.org/56084/
<CarlF1> lvm vgscan says  "No volume groups found" - it was there yesterday.  what tool will search for it?
<sommer> CarlF1: did you use sudo vgscan?
<sommer> also do you have dm_mod loaded?
<CarlF1> yes, du no.
<CarlF1> looking...
<CarlF1> (dhu)
<CarlF1> yes.  used by 4
<sommer> mmm... I take it vgdisplay doesn't return anything either?
<CarlF1> vgdisplay =  "No volume groups found"
<sommer> are you using lvm+raid?
<CarlF1> fdisk shows sda1 start1 end 17847 (whole disk) - I can mount it and get the 100m boot fs.  iv never really looked at how it is setup
<faulkes-> sommer: offhand, it looks like a permissions issue, from the stacktrace
<faulkes-> sommer: I'm now actually off to the dr.'s I'll check in when I get back
<CarlF1> lvm yes.  it is on raided drives, but hardware - so linux just sees sda
<zul> sommer: you arent missing a jar file are you?
<CarlF1> yeah, dmesg just shows sda: sda1
<sommer> zul: I don't think so... I've symlinked the jdbc driver to /usr/share/tomcat5.5/common/lib/
<sommer> it's connecting to an Informix db
<zul> the user that you have created is allowed to connect from your new machine?
<sommer> the tomcat user?
<zul> the database user assuming
<sommer> yep, that user can connect
<zul> try google? :)
<sommer> zul: heh... yep, but haven't found much
<sommer> It'd be easier if it would give me a jdbc error or connection error or something
<sommer> but freakin null error seems to be a million possibilities
<sommer> the code, queries, and everything work on the current box
<sommer> I'm currently comparing conf/*.xml files between the two, and hoping :-)
<CarlF1> sommer: i have used jdbc in jython - might help
<sommer> CarlF1: do you mean to run the app from jython?
<sommer> or test the connection from jython?
<CarlF1> test the connection
<sommer> CarlF1: gotcha, the connections good.  I created a test script in java using the same credentials and it worked fine
<CarlF1> ah
<sommer> after adding the cp /path/to/ifxjdbc.jar anyway
<sommer> all jar files in /usr/share/tomcat5.5/common/lib/ are  added to the class path correct?
<sommer> I would think that if tomcat didn't see the jdbc driver that it would have a different error than null exception
<sommer> but I could be totally wrong about that one!
<CarlF1> guessing no source?
<sommer> CarlF1: no, I have the source... very home grown app by an admin no longer here, which was also used to learn java, so not the most professional of applications
<CarlF1> oh hell...  error handeling seems to be the last thing people bother to impement
<sommer> heh... or learn about in java class
<sommer> I'm thinking that's my next step to troubleshoot this issue is to whip up a test struts app
<CarlF1> fdisk shows sda1 start1 end 17847 (whole disk) - I mount it and get a 100m fs that looks like /boot (kernel, grub/...)
<CarlF1> doh
<nealmcb> sommer: i haven't caught up with the whole email thread, but http://doc.ubuntu.com/ubuntu/server/C/ and http://doc.ubuntu.com/ubuntu/serverguide/C/ still have no version information, and no indication that they aren't 2-year-old dapper documentation (based on the copyright dates).  what are the plans for versioning of the guides and how they will show up?
<CarlF1> is there a list of apps on the u-server cd "fix broken system"
<sommer> nealmcb: http://doc.ubuntu.com/ubuntu/server/C/ is the up to date dev version
<sommer> nealmcb: I think the copyright part just hasn't been updated in a Makefile somewhere
<nealmcb> sommer: will it ever say "hardy" or "gutsy"?  Will it ever have links to versions for other releases?
<sommer> nealmcb: there will be a water mark saying "draft" or something similar
<sommer> the other releases are at: https://help.ubuntu.com/7.10/, 7.06, etc
<faulkes-> sommer: re: credentials, aside from login/pass, does the user have appropriate privileges within the schema?
<sommer> we could also put the version number there somewhere I guess
<sommer> faulkes-: yeppers
<nealmcb> how does it relate to https://help.ubuntu.com/ubuntu/serverguide/C/index.html
<sommer> the serverguide/C/ is the source for the ubuntu-serverguide package while the server/C/ is the help system
<nealmcb> pointers to those other versions would help a lot, I think
<sommer> what Matt proposed was to develop in serverguide/C/ then sync to server/C/, we've been doing the reverse until now :-)
<faulkes-> sommer: LIES! err, I mean, ok, hrrmm, let me think for a bit on it
<sommer> faulkes-: cool, thanks for your ideas so far
<sommer> nealmcb: I'm not sure I see how pointers would help?
<sommer> aside from being convienent
<faulkes-> sommer: it's been awhile since I've done java/jboss/tomcat type stuff
<nealmcb> sommer: Besides a "draft" marker, will the front page (or all pages?) indicate which version the guide is for?
<faulkes-> sommer: I take it the test script you ran, runs the exact same query as the live app?
<nealmcb> when someone stumbles across one of the server documentation pages, they should be able to see what version it is for, and how to find the version they need
<sommer> nealmcb: sure, I guess... at this point I'm just happy to have the docs built somewhere on the web
<sommer> can you reply to the thread with your ideas for the frontpage?
<faulkes-> nealmcb: https://help.ubuntu.com/7.10/C/
<faulkes-> nealmcb:  iirc previous versions are listed at the top right
<nealmcb> faulkes-: not found....
<faulkes-> err, https://help.ubuntu.com/7.10/server/C
<sommer> faulkes-: what we're thinking is to have the same type of thing here: http://doc.ubuntu.com/
<sommer> which is the development version of the docs
<nealmcb> faulkes-: right - I'm just asking that the url that I posted to start with (the latest, at  http://doc.ubuntu.com/ubuntu/server/C/ and/or http://doc.ubuntu.com/ubuntu/serverguide/C/ ) indicate what version it is, and link to those other versions.
<sommer> nealmcb: I'm sure we can do that, but I think Matt East is the only one outside conanical with access
 * faulkes- nods nealmcb
 * nealmcb writes to the list....
<sommer> cool thanks nealmcb
<nealmcb> thanks for the updates, folks
<nealmcb> sommer: speaking of versions.... is there a bzr section planned in the Version Control chapter?
<sommer> nealmcb: I've actually been meaning to enquire about that myself
<sommer> in the logs there was at one point, and in the ml archive there's requests for one, but now there isn't
<sommer> I think it may have been because bzr was pretty new at the time, but that would need to be confirmed
<nealmcb> or git - that has some very cool features
<sommer> the other thing may be that there mostly desktop "style" apps
<sommer> but covering setting up bzr, git, etc servers should be covered
<nealmcb> desktop style?
<sommer> heh... my term for used mostly on development desktops
<sommer> at least that's mostly how I use them
<nealmcb> I keep wanting a nice version control profile for versioning stuff in /etc et al.
<nealmcb> bzr seems to do it fine, but I haven't had to use it in a crisis
<sommer> that would be cool, I copy configs to a folder in my home then commit from there :)
<nealmcb> git might be better there because of its security features (sha1 on everything)
<sommer> that's cool... haven't used git much myself
<nealmcb> git - the filesystem - the platform:  http://www.advogato.org/person/apenwarr/diary/371.html
<nealmcb> randall schwartz talk on git at google - http://video.google.com/videoplay?docid=-3999952944619245780
<nealmcb> (better than the talk there by linux....)
<sommer> heh, I'll have to check those out... I did watch the one by Linus
<nealmcb> "hear linus rant about cvs" :-(
<sommer> ya, I thought he was unnecessarily rude in that talk
<nealmcb> "rant, Linux, rant!"
<nealmcb> s/linux/linus/ !!
<moos3> when i run smbldap-populate -u 3000 -g 3000 i'm getting the following errors and I'm not sure why http://pastebin.org/19756
<sommer> moos3: looks like you need to execute the command with user creds
<moos3> like sudo command
<moos3> because I'm all ready su in as root
<sommer> I think more for the ldap user with rights to modify the directory
 * faulkes- would agree
<faulkes-> sommer: on the last three lines of that stack trace, how difficult would it be for you to add some error reporting?
<moos3> I can't figure out how to specify a user tho
<sommer> faulkes-: shouldn't be to hard, is there something specific I should add?
<sommer> faulkes-: there is a try and catch around the getConnection() statement
 * faulkes- nods
<faulkes-> I'm not a java guy perse, however, you should be able to pull out additional details on what happend
<faulkes-> normally, for me with php (try / catch) I usually increase the verbosity of the messages
<sommer> okay, I'll do some digging and add some
<moos3> faulkes you have any idea on this topic
<faulkes-> on how to specifcy a user?
<moos3> yeah
<moos3> all the tutorials just say run it
<faulkes-> give me a moment
<moos3> ok thanks
<faulkes-> http://pastebin.org/19760
<faulkes-> I would check those settings in /etc/slapd.conf
<faulkes-> or wherever slapd.conf is located
<moos3> yeah
<faulkes-> you'll excuse if I may get a little confused, 10mg's of diazepam is kicking in right about now
<moos3> lol
<moos3> what did you have done, surgery?
<faulkes-> I have 5 bulding discs in my back as well as some other issues with my muscles
<faulkes-> s/bulding/bulging
<moos3> dam dude, I have a good idea what your going though my dad has 18 inches of discs fused,
<faulkes-> yes well, I'm not one to let it stop me, "suck it up, walk it off" and al that ;)
<faulkes-> but yeah, overall, not fun
<moos3> yeah, I know the idea behind just suck it up and walk it off, consider I'm in the army I know the feeling I delt with cyst on my tailbone for the past 7 years and ignored the pain
<moos3> I got it to work
<moos3> but now auth-client-config wont accept my custom profile
<faulkes-> heh, most army folks are familiar witht he suck it up / walk it off concept
<faulkes-> "but I've just lost both legs!", "that's an order trooper, now move!"
<moos3> yeah
<moos3> I dont think I could ever work in the private sector again
<faulkes-> heh
 * faulkes- <heart> private sector
<moos3> i doing now and i hate it
<faulkes-> public sector here is teh suck, unless of course you are a private sector consultant to the public sector ;)
<moos3> lol yeah I'm a IT advisor to a few non-profits and a couple for-profits
<moos3> while i'm home for a couple more weeks
<moos3> auth-client-config: error: option -p: invalid choice: '/etc/auth-client-config/profile.d/open_ldap' (choose from 'ldap_example', 'lac_ldap', 'kerberos_example')
<moos3> is the error i"m getting running auth-client-config -a -p open_ldap
<faulkes-> check that open_ldap exists, is readble and has the appropriate setup would be my first suggestion
<faulkes-> noting that I'm not an ldap expert
<moos3> its there because I made the file and the perimissions are right I'm assuming its something in the file that is breaking it
<moos3> heres the open_ldap file http://pastebin.org/19769
<Goosemoose> hey dendrobates, how's your AD integration coming along?
<vipaca> Im having trouble getting apt-get to work with my http proxy
<vipaca> Is there something that I missing
<dendrobates> Goosemoose: It is in universe in Hardy.
<Yacine> hello!
<Goosemoose> dendrobates, will your download on https://launchpad.net/~dendrobates/+archive work on gusty?
<Yacine> I am having problems with updating my ubuntu server!
<Yacine> Any help?
<dendrobates> Goosemoose: perhaps
<Yacine> I get error messages like Err http://us.archive.ubuntu.com gutsy/main Packages
<Yacine>   Could not resolve 'us.archive.ubuntu.com'
<dendrobates> Goosemoose: I haven't tried.
<Yacine> Everything see,s to be ok but no way to update or upgrade!
<Goosemoose> dendrobates, i dont see the file to download and try
<Goosemoose> dendrobates, or is it just in packages.gz?
<dendrobates> Goosemoose: add the line 'deb http://ppa.launchpad.net/dendrobates/ubuntu hardy main' to /etc/apt/sources.list
<dendrobates> Goosemoose: or go here http://ppa.launchpad.net/dendrobates/ubuntu/pool/main/l/likewise-open/
<Goosemoose> ok, looking
<zul> Yacine: do you have a network connection?
<vipaca> does the server come with a text based web browsing app?
<vipaca> or can someone give me a good way to test my http proxy
<vipaca> right now Im having problems using apt-get
<sommer> vipaca: it does w3m http://whatever_site
<vipaca> thanks I got it workingi
<sommer> np
<vipaca> Are there any windows managers included in the distro?
<Goosemoose> dendrobates, i added that line to the sources.list on my server. now what would i need to do to get it installed via preseed? I dont see any documentation yet
<vipaca> n e one have experience with NIS on ubuntu
<antdedyet> vipaca: I don't ... sorry
<antdedyet> Goosemoose: add pkg 'likewise-open' to the preseed pkg install list
<Goosemoose> antdedyet, ok, thanks, ill do that, what do i need to do to configure it
<antdedyet> Goosemoose: I don't know the technical details of your preseed, but I will help you find them if you need.
<Goosemoose> yeah, that would be great
<Goosemoose> ive been having a hard time
<antdedyet> baby steps. :)
<antdedyet> Goosemoose: what documentation are you using to setup your preseed?
<Goosemoose> antdedyet, just an example file that one of the guys here gave me
<Goosemoose> i have it working except for likewise
<antdedyet> Goosemoose: can you pastebin the config? I don't have a record of it without digging thru a pile of logs.
<Goosemoose> sure, just a sec
<Goosemoose> http://pastebin.com/d721521b1
<antdedyet> Goosemoose: ah, ok, sorry for the delay ... got busy with client work
<Goosemoose> no problem
<antdedyet> Goosemoose: on the line: "d-i     pkgsel/include string ..." (... denotes the rest of the pkg list, append "likewise-open" (no double quotes)
<antdedyet> Goosemoose: http://pastebin.com/d7f3b0c98
<adm2> can someone help with boot command append to get past bug in debian-install
<adm2> ?
<adm2> install freezes on libc6-udeb
<Goosemoose> antdedyet, ok
<antdedyet> adm2: What ubuntu source are you using for the install?
<adm2> ubuntu-server 7.10, ive found some posts in the forums, but no solution so far.
<adm2> http://ubuntuforums.org/showthread.php?t=557103
<adm2> http://ubuntuforums.org/showthread.php?t=529549
<adm2> http://ubuntuforums.org/showthread.php?t=82017
<adm2> http://ubuntuforums.org/showthread.php?t=68662
<antdedyet> adm2: have you tried the alternative installation iso?
<adm2> not yet...
<antdedyet> seems like the alt cd may only be applicable to the "Desktop" version
<Goosemoose> antdedyet, my problem is more how do i configure this package to work
<antdedyet> Goosemoose: by using a "d-i" line for "domainjoin-cli" after installing likewise-open, I would imagine.
<Goosemoose> where can i find info on that line
<Goosemoose> i need it to join a domain called dhs.local
<antdedyet> Goosemoose: i installed the pkg and ran 'domainjoin-cli -h', there doesn't seem to be a man page supplied though
<antdedyet> "domainjoin-cli join dhs.local adminuser adminpass"
<antdedyet> insert your correct values for adminuser and adminpass
<Goosemoose> darn, dendrobates left too
<antdedyet> yep.
<Goosemoose> ok, where did you find that?
<antdedyet> Goosemoose: I installed the pkg ... :)
<Goosemoose> ok, let me test on a machine
<antdedyet> I like to know things work before adding them to an automated installer. :)
<Goosemoose> so the d-i line would need to call a script?
<Goosemoose> i couldn't just write it directly, correct?
<antdedyet> Goosemoose: probably safer to write an executable script
<antdedyet> Goosemoose: s/safer/cleaner
<Goosemoose> ok
<mathiaz> Goosemoose: you should install the likewise-open in your preseed and then use the late_command to join a domain.
<antdedyet> Goosemoose: but I don't see why you couldn't put the values directly in there, assuming no problem with shell escapes and such (remember, I've never did a pre-seed install -- just learning as we go. :) )
<Goosemoose> i dont think you can put commands directly in, not sure
<Goosemoose> mathiaz, you saying to run a script with the late_command or call the command
<antdedyet> Goosemoose: either way will work with the late_command
<Goosemoose> also can i encrypt that password using md5?
<Goosemoose> ahh ok
<mathiaz> Goosemoose: Add the following line to your preseed: "d-i pkgsel/include string likewise-open"
<mathiaz> Goosemoose: that installs the likewise-open
<antdedyet> Yep.
<Goosemoose> yeah we got that part
<mathiaz> Goosemoose: and then to run a command: "d-i preseed/late_command string domain-join join ...."
<antdedyet> Goosemoose: add "d-i preseed/late_command string domainjoin-cli join dhs.local adminuser adminpass" to your preseed after the .. yep, mathiaz
<Goosemoose> gotcha
<Goosemoose> i just tried to do an apt-get install of the package just on one machine to play with, but it says it cant find it
<antdedyet> except, the command is domainjoin-cli for me in hardy ... :)
<Goosemoose> i added dendrodytes server though
<Goosemoose> im using gusty tsill
<mathiaz> Goosemoose: yes - you need to have your repository configured correctly.
<antdedyet> Goosemoose: "sudo apt-get update && sudo apt-get install likewise-open"
<mathiaz> Goosemoose: likewise-open is not the archive yet.
<Goosemoose> i did this:  add the line 'deb http://ppa.launchpad.net/dendrobates/ubuntu hardy main' to /etc/apt/sources.list
<antdedyet> mathiaz: he added dendrobate's PPA to his sources.list
<mathiaz> Goosemoose: you can configured another repository in the preseed too.
<Goosemoose> unless i need to restart something
<mathiaz> antdedyet: ah ok. I was thinking about the preseed file.
<Goosemoose> right now my server acts as apt-cacher
<mathiaz> Goosemoose: you'll have to configure dendrobates PPA in your preseed file.
<Goosemoose> shouldn't it pull it from the server?
<Goosemoose> wait, right now im just trying to install it on the server itself
<Goosemoose> i added the PPA but it doesn't work, do i need to restart a service?
<antdedyet> Goosemoose: You will need to "sudo apt-get update"
<Goosemoose> ahh just saw that
<Goosemoose> running now
<antdedyet> Goosemoose: that will refresh all sources that you are pulling pkgs from
<antdedyet> k
<Goosemoose> hmm, broken packages
<Goosemoose> unmet dependencies
<Goosemoose> gotta instll a few other things first i guess
<Goosemoose> The following packages have unmet dependencies:
<Goosemoose>   likewise-open: Depends: libc6 (>= 2.7-1) but 2.6.1-1ubuntu10 is to be installed
<Goosemoose>                  Depends: libkrb53 (>= 1.6.dfsg.2) but 1.6.dfsg.1-7build1 is to be installed
<Goosemoose>                  Depends: libldap-2.4-2 (>= 2.4.7) but it is not installable
<Goosemoose> i just tried installing libc6 it says i have the latest
<antdedyet> ok, so now we find out that dendrobate's pkg is not compatible with gutsy!
<Goosemoose> lol
<Goosemoose> yeah he wasn't sure
<antdedyet> you never know, until you've journeyed
<Goosemoose> i wonder if the normal likewise-open package is
<mathiaz> Goosemoose: probably, as it has been built for gutsy.
<antdedyet> Goosemoose: the one off likewise's site is for gutsy.
<mathiaz> Goosemoose: but you may not get the same version.
<antdedyet> I saw it successfully install on a desktop Wednesday, but we were unable to make it join the domain
<mathiaz> Goosemoose: I think that dendrobates has a more recent version than the one from likewies.
<antdedyet> (at least via the gui)
<Goosemoose> ok
<antdedyet> mathiaz: you're correct.
<mathiaz> antdedyet: what was the error ?
<antdedyet> mathiaz: hmm, I don't recall, but it hard locked the machine
<Goosemoose> ok so off the likewise site is: http://www.likewisesoftware.com/bits/likewise-open_4.0.0-1likewise1_i386.deb
<mathiaz> Goosemoose: yeah - that's an old version.
<Goosemoose> damn
<Goosemoose> where would a newer version be?
<mathiaz> Goosemoose: It hasn't been put on the website I think.
<Goosemoose> will the old version work?
<mathiaz> Goosemoose: you could try to take the package from hardy and rebuild it for gutsy.
<mathiaz> Goosemoose: I don't know. You should try.
<Goosemoose> im not an advanced linux user, i can run my lamp servers, been doing that for years, and admin 500 computer windows network with 7 servers
<Goosemoose> just learning preseed and this sort of stuff
<Goosemoose> ok ill try the old one
<antdedyet> Unfortunately, the machine that the 4.0.0 is on here is shutdown and I don't have login credentials for it ... the guy is out of office helping Kiwani's setup for Pancake Day tomorrow
<antdedyet> ah, I get 'domain can't be resolved' on my laptop w/ the hardy pkg
<antdedyet> resolv.conf is using the win2003 ad server for dns (it serves dns as well)
 * antdedyet logs
<Goosemoose> strange
<Goosemoose> i tried installing the deb package, told dependicies were missing
<Goosemoose> tries install those and told i couldnt but to run
<Goosemoose> apt-get -f install
<Goosemoose> i did that and the likewise started and asked me for the domain name
<Goosemoose> entered it, clicked ok
<Goosemoose> got ldconfig deferred processing now taking place
<Goosemoose> so im guessing it work, or is trying to
<Goosemoose> damn
<Goosemoose> leia@Leia:/var/www$ kinit
<Goosemoose> kinit(v5): Cannot resolve network address for KDC in realm DHS.LOCAL while getting initial credentials
<Goosemoose> tried getting a ticket
 * antdedyet sips fresh coffee
 * antdedyet hopes there will be a README.Debian for the final hardy pkg
<antdedyet> ah, new release availabe
<adm2> ah well, thanks for your help
<moos3> anyone see anything wrong with this http://pastebin.org/19769
<antdedyet> does this denote a bug can be filed against likewise-open now? :
<antdedyet> https://bugs.edge.launchpad.net/ubuntu/+source/likewise-open/+filebug
<antdedyet> or does the bug report fail later in the process?
<moos3> anyone made a auth-ldap-client profile before ?
<moos3> http://pastebin.org/19769
<antdedyet> moos3: I don't see anything wrong with that profile. Have you verified proper settings in /etc/nsswitch.conf ?
<antdedyet> welp, time for me to shutdown and play nomad.
<antdedyet> bbiab, hopefully.
<moos3> yeah
#ubuntu-server 2008-02-16
<mindframe_> what's the package name for cyrus-sasl
<mindframe_> can't find one specific to it
<faulkes-> cyrus-imap?
<faulkes-> !imap
<ubotu> IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<faulkes-> I was hoping it would list imap however
<faulkes-> err, cyrus even
<mindframe_> !mailserver
<ubotu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/7.10/server/C/email-services.html
<c1|freaky> is there any ubuntu rss feed where new releases and more is ?
<Nafallo> c1|freaky: www.ubuntu.com
<Buzz_> is ther any way to interrupt initrd in debian/ubuntu and drop to a shell (busybox or so) ?
<Nafallo> yes
<Buzz_> Nafallo: how can i? i have lilo as my bootloader
<Buzz_> thanks
<Nafallo> I would imagine break=top would work
<Nafallo> or break=bottom
<Buzz_> great. ill try that.
<Nafallo> or whereever you want to break
<Buzz_> it stopped. but then rebooted shortly after
<Buzz_> no # prompt :(
<Buzz_> ah ok i removed panic=9 and now its ok
<Buzz_> Nafallo: i think you saved my skin!
<Nafallo> Buzz_: glad to help
<jronnblom> anyone else using the LSI Fusion SCSI cards? I have a few HP DL385G1 with these cards where the drivers die during light I/O load
<jronnblom> they are called HP U320 SCSI Adapter
<faulkes-> iirc hp/compaq releases oss drivers for there server stuff ontop of whats in the kernel, so you may wish to check the vendor site
<faulkes-> although I also imagine that google may have answers as well, I havent dealt with the DL series in quite some time
<jronnblom> yeah, HP has released a version for other distributions but not for Ubuntu... Im d/l the lastest driver from LSI now so I'll try and compile my own version of the kernel
<jronnblom> it seems to be a rather "well-known" problem with the Fusion driver but it isn't updated in the offical kernel
<jronnblom> And the current driver locks the box so hard it will take a power cycle to bring it back :(
<faulkes-> well, I don't think a full kernel compile should be needed, you should just be able to compile it as a module
<faulkes-> which is significantly less work
<jronnblom> I hope so. Wouldn't want to support my own kernel. I'll try to compile it as a module and if that doesn't work I'll buy a adaptec card and replace it :=)
<XiXaQ> is spamhaus lookups integrated by default when you install the Mailserver task?
<faulkes-> I don't know offhand, the person to ask that is likely ScottK
<faulkes-> at least if it's postfix
<ScottK> XiXaQ: No.
<faulkes-> speak of the devil himself
<ScottK> XiXaQ: Anti-spam setups are very site specific, so we don't provide one.
<faulkes-> hi ScottK
<ScottK> Hi faulkes-.
<Dimitree> how to set up shm for fglrx ? i have devshm on /dev/shm type tmpfs (rw) and tmpfs on /dev/shm type tmpfs (rw)  this came after ejs1920 helped me in #ati and told em to ask "<ejs1920> try your distro's channel on how to set up shm for fglrx"
<Dimitree> can someone help ?
<faulkes-> try #ubuntu
<Dimitree> ok
<faulkes-> we don't generally deal with X issues as the server doesn't ship with it
<Dimitree> ou yep i forgot about that sorry ^^
<emilsedgh> im getting an error when trying to get a file using http in php:  php_network_getaddresses: getaddrinfo failed: Name or service not known (im in kubuntu but i think this channel is a better place for such question...)
<faulkes-> we generally deal with server level issues as opposed to programming level issues, however, I would suggest you determine what service or name it is failing to resolve
<faulkes-> you may also want to check google groups for the usenet php groups
<emilsedgh> its not a programming failure, its because of server settings i think
<emilsedgh> googling says that there is a problem with dns server, also im on dynamic ip (dialup) (if it matters at all)
<faulkes-> both "php_network_getaddresses: and getaddrinfo" are not base functions within php which leads me to believe it is something within whatever php application you are using
<faulkes-> if you can resolve addresses exernally through other means, that would infer that dns resolution is functioning correctly
<faulkes-> so, the question that would come up next, is what php application is this from?
<emilsedgh> thats not a function
<emilsedgh> that php 'internal'
<faulkes-> yes, but something has to call it for it to create the error
<faulkes-> because php by itself does not do any automatic connections outbound by itself
<emilsedgh> its not a php function, probably a c function used in php code
<faulkes-> so, again, what application resulted in the error
<emilsedgh> file_get_contsns()
<emilsedgh> file_get_contents()
<emilsedgh> or fsockopen()
<faulkes-> the only way I can see for it to generate that error, is if file_get_contents() was calling a URI
<faulkes-> and therefore, I would check what URI it was calling
<emilsedgh> and the url is: http://websvn.kde.org/*checkout*/trunk/l10n-kde4/'.$Language.'/messages/elntry.desktop
<faulkes-> I would try, the full url in a browser with the expected path (rather than $Language and such) and see what it returns
<faulkes-> I would also ensure that your system can resolve websvn.kde.org
<emilsedgh> i did, works.also wget return 200 OK status.
<faulkes-> what is the non php'ized url
<emilsedgh> http://websvn.kde.org/*checkout*/trunk/l10n-kde4/fa/messages/entry.desktop (for example)
<faulkes-> then I would start adding in additional debugging around the statements which call get_file_contents()
<emilsedgh> this is a common problem, looks like that there is something wrong with dns settings
<emilsedgh> and sure i tried to debug it for hours
<faulkes-> afaik php uses the unerlying system as it's resolver
<faulkes-> the easiest way to test this would be to create a test unit which attempts to resolve
<faulkes-> also check php.net for comments on file_get_contents()
<faulkes-> and fsockopen()
<emilsedgh> didnt find anything there :(
<moos3> does anyone know how to roll back to from a upgrade that fail?
<faulkes-> emil: the only other thing I can suggest is you check php.ini to make sure that
<faulkes-> ; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
<faulkes-> allow_url_fopen = On
<faulkes-> is turned on
<luckyone> hello all
<luckyone> any rsync pros out there?
<luckyone> I want a solution that will mirror two directories on different machines
<luckyone> and I will 'work' on both directories potentially adding/removing from each one
<luckyone> I want them to constantly be in sync - what is the best way to do something like that
<Nafallo> nfs
<Nafallo> ;-)
<ScottK> unison
<luckyone> Nafallo: I have nfs setup, but I actually want them both to have local copies
<luckyone> it provides faster access to data and some failover
<ScottK> unison is essentially a birectional rsync.  It's been a while since I used it and upstream is not at all active these days, so test first.
<luckyone> ScottK: unison... nice
<lamont> ScottK: thoughts on 466068?
 * ScottK looks
<Nafallo> lamont: probably needs SQL mail storage backends :-)
 * Nafallo hides ;-)
<lamont> Nafallo: heh
<ScottK> lamont: I don't like it.
<ScottK> lamont: I think the different types ov mynetworks_style answers will almost always be wrong and you'll almost always have to specify.
<ScottK> Just trusting a subnet could have unexpected results for a small user that only has a few public IPs.
<soneil> are there any jeos images for hardy that are installable?
<ScottK> lamont: I replied on the bug.
<lamont> ScottK: thanks.. I was afk there for a bit
<lamont> and about to run out of the house
<ScottK> K
#ubuntu-server 2008-02-17
<pteague> i'm having issues with the computer locking up... i finally switched to a tty & waited for it to crash again & got the following - http://pastebin.com/m657e3319 - any ideas?
<faulkes-> I don't do oops/kernel panics but I would suggest you start removing loaded modules you don't require as a first step
<pteague> i removed the nvidia drivers (not sure how else to set up my dual monitors though) & it's been running for about 30 minutes, but atop messed up & won't update... ps aux dumps some stuff & then hangs & won't respond to ctrl+c
<faulkes-> the nvidia drivers, did you install them from synaptic or via envy?
<faulkes-> and which kernel are you running?
<faulkes-> I will be back, I have to do a reboot here
<pteague> faulkes-> i installed them via the restricted drivers thing
<pteague> & whatever kernel is on the ubuntu 7.10 64-bit live cd (not the server)
<faulkes-> hrrm, interesting, well that could be an issue, I'm not sure
<faulkes-> you may wish to consider installing using envy
<faulkes-> (nvidia drivers that is)
<faulkes-> which card is it?
<spiekey> Hello!
<spiekey> i am running OpenLDAP 2.2.26 on Dapper.
<spiekey> when i reset my linux box by pressing the reset button, then my ldap database seems to erase or forget some added attributes.
<spiekey> e.g. my new samba user disapears from the DB.
<spiekey> any idea why the hell this is happenening?
<faulkes-> iirc doesn't ldap have a write/commit time interval, such that if you added something and then rebooted, those changes would be lost if the commit hadn't happend yet
<faulkes-> (noting that I'm not an ldap expert)
<faulkes-> but I do recall reading something about that
<spiekey> that would make sense and explain that "recover not found" message when i normally start ldap
<faulkes-> iirc there is a config value which you can set to tell it how often to do the writes
<faulkes-> don't ask me *where* it is, but I recall reading that in the same post
<faulkes-> it might have been from the ubuntu-server bug notifications
<spiekey> i am just checking tha man page
<spiekey> oh, so this could be quite ubuntu-related?
<faulkes-> no, I believe it is ldap in particular related
<faulkes-> however the ubuntu-server bug lists gets traffic from many sources
<peterdv> I do not believe this to be ubuntu related.
<peterdv> http://www.openldap.org/lists/openldap-software/200304/msg00066.html:
<peterdv> "Check up on how often your data is set to sync to disk. The slapd-bdb
<peterdv> man page is useful: look particularly at 'checkpoint' and 'dbnosync'.
<peterdv> You may also need to read the Berkeley DB reference guide."
<faulkes-> peter: thanks for the links
<peterdv> My pleasure
<spiekey> so "checkpoint 1 1" and "cachesize 0" should make sure it writes my changes to disk quite regually?
<peterdv> Yes. Remember this will always be a tradeoff. You can not have both security and performance at the same time. You have to make that choice.
<spiekey> i write about 5KByte to my bdb within 1h. So i have no problems with performance at all
<peterdv> It's been a while since I personally looked at tuning ldap servers, I seem to recall setteling at a fairly large cache myself (heavy read load).
<spiekey> oh, i think i just killed everthing under my rootdn :-/
<spiekey> those two options broke my db :P
<peterdv> "cachesize 0" appears to be extreme ...
<spiekey> do you think checkpoint 1 1 is ok?
<peterdv> Again, very extreme ...
<peterdv> I run at default checkpoint and cachesize 1000000 - and try very hard to do a clean shutdown (at most times) :-)
<peterdv> In my setup, this gives me close to wire speed read performance ...
<spiekey> what do you have as checkpoint?
<peterdv> Nothing. Ie. default.
<spiekey> ok...if i add a new user to ldap and reset my box 15secs afterwards those changed are lost :-/
<peterdv> If you by reset mean powercycle - yes this is to be expected. If you do a "shutdown -r now" changes should persist.
<peterdv> Disclaimer: My production machine uses the LDBM backend.
<spiekey> i am testing it by pressing the reset button, like a power failure
<spiekey> ;)
<peterdv> In that case - It does not have a chance :-)
<spiekey> it has 15 seconds to write!
<peterdv> True, but chanches are that it does not even try - depending on the default value for checkpoint - which I do not recall (or have readily at hand ....
<peterdv> ... we try very hard to protect the LDAP server we write to, and try very hard to keep it running. It is considered core infrastructure. We are less sensitive about the ones we read from ...
<soneil> sounds more like a task for a UPS, than a config option
<peterdv> Indeed
<spiekey> i just want to cover as much as i can
<spiekey> of course the box will get a ups
<peterdv> If this is key requirement to you, investigate the LDBM backend - once upon a time it did seem to write directly to disc, I do not know its current status.
<spiekey> okay, thanks
<soneil> Is there a write-up anywhere on why KVM was chosen over xen? All I'm finding on google is "a better fit for us"
<faulkes-> soneil: best person to ask would be soren I imagine
<faulkes-> !bug 112839
<ubotu> Launchpad bug 112839 in samba "I/O error on access to SMB shares of OS/2 Warp 4 host mounted in Ubuntu 7.04" [Undecided,Confirmed] https://launchpad.net/bugs/112839
<faulkes-> ok, at some point you just have to ask why and laugh a little bit
<spiekey> what package do i need for ldbm? (Unrecognized database type (ldbm)
<faulkes-> aptitude search ldbm
<faulkes-> would likely be your best bet if it's in the repositories
<spiekey> libmldbm-perl ??
<faulkes-> I couldn't say for sure
<spiekey> as far as i can tell the result does not show what i am lookig for ;)
<peterdv> Mea Culpa. It seems that the LDBM backend type has been deprecated in OpenLDAP 2.2 - it was deemed to "not work well" - we still run on an old Red Hat server (no flames please).
<spiekey> hmm..
<spiekey> damn
<soren> soneil: We chose kvm for a number of reasons.
<zul> hey soren
<soren> soneil: One of the primary reasons was the fact that Xen i not in the mainline kernel.
<soren> zul: Hey, dude.
<soren> soneil: A lot of it really boils down to supportability.
<zul> what xen not being easily supportable? ;)
 * soren looks up in the air
<Nafallo> it is. we have zul :-)
<soren> Oh, sure it is.</sarcasm>
<soren> zul is a scarce ressource. :)
<zul> also a bit of a masochist
<soren> Clearly :)
<Nafallo> masochists are fun :-)
<soneil> soren: thanks.  (something for me to look into when the hardware arrives, I guess)
<soren> soneil: Xen works with Ubuntu, though. We just don't give it nearly as much attention and Canonical won't be offering professional support for it.
<onesandzeros> hello all.  Do any of you know if the ubuntu-server installer will let you install to a partition without formatting it?  kubuntu's won't.
<ScottK> It won't, IIRC.
<faulkes-> onesandzeros: just leave the space unallocated and create the partition afterwards
<Kamping_Kaiser> debian-installer allows you to not reformat a partition (as long as it has a valid filesystem to start with)
#ubuntu-server 2009-02-09
<owh> twb: The site that davexoxide was having problems with.
<twb> owh: oh, sorry.
<davexoxide> owh: PHP it's Drupal
<owh> davexoxide: Then you can just write a simple php script that runs a mail() command, and you can use phpinfo() to check what it thinks the mail settings are. I'm not certain, but it may be that apache needs reloading before php detects that there is mail installed.
<davexoxide> owh sounds like a good way to test... i'll do that now
<ScottK> owh: We don't install any MTA by default.
<ScottK> davexoxide: What is it you're trying to test?
<owh> ScottK, IIRC if you install the "mail-server" task, it installs postfix.
<ScottK> owh: True, but that's hardly by default.
<owh> ScottK, the original question was: "What should I install, exim or postfix." - default, as in, bare install, you are correct. Default, as in, the one you install when you install the mail-server task, then it's postfix. Meanwhile, the problem davexoxide is currently having is that PHP isn't sending, but we've been working through it.
<ScottK> OK.
<ScottK> Generally when I'm testing postfix I use telnet to the appropriate port.
<owh> ScottK - interesting idea. The php suggestion from me came from the notion that the site was running drupal using php. Seemed like less to gin around :)
<owh> ScottK, besides, I figured the postfix installer worked - just that PHP was having a hisseyfit :)
<ScottK> For basic MTA level stuff it's pretty easy to use telnet and you have direct control over what's being sent.  That and tailing /var/log/mail.log generally clarifies things.
<twb> netcat beats telnet :P
<tonyyarusso> I need some help configuring bacula.  I want my backups to go into /var/bacula/.  I have that defined in the File Storage type.  Although, it seems like I still need to manually label something there (?).  When I attempt to use the label command in bconsole, I get "3910 Unable to open device "FileStorage" (/var/bacula/): ERR=dev.c:491 Could not open: /var/bacula/File1, ERR=Permission denied"
<tonyyarusso> /var/bacula/ is 770 root:bacula.  What's wrong here?
<rgotten> anybody has try webmin agains ebox
<Deeps> !webmin | rgotten
<ubottu> rgotten: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<luckyone> hello all, can anyone help me figure out how to get my samba server running correctly? I have tried to use eBox to create it
<luckyone> I am getting some errors trying to connect...
<ricardo1> hi can you help me????
<ricardo1> how can i install pear???
<ricardo1> having trouble
<zoopster> what is the trouble?
<zoopster> sudo apt-get install php-pear would be the command, no?
<Kamping_Kaiser> ricardo1, fewer "?" and more description will probably get you more (and less hostile) help
<ricardo1> Kamping_Kaiser Fatal error:  require() [function.require]: Failed opening required '/var/www/joomla159/components/com_estateagent/includes/gallery/../../../../globals.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/joomla159/components/com_estateagent/includes/gallery/authEA.php on line 22 ............ fuckin error
<zoopster> provided the globals.php exists...does it have the correct permissions?
<Kamping_Kaiser> zoopster, s help still hold - thats how you install php-pear. not dealing with php much i'm not sure how to read the error - it looks to me like joolas globals.php cant be found
<zoopster> Kamping_Kaiser: his 2nd question was "how can I install pear???"
<Kamping_Kaiser> zoopster, i saw
<zoopster> most of those issues I have seen are permissions issues...the file cannot be read by the server...either ownership or rights
<davexoxide> ScottK: so i set up a simple php script and it's unable to send
<ScottK> davexoxide: If you telnet from localhost can you send?
<davexoxide> ScottK: I got 201 messages until i do DATA
<davexoxide> then no matter what i put I get 500
<davexoxide> sorry 501
<ScottK> What does /var/log/mail.log have to say about it?
<ScottK> If you can pastebin the log messages for one transaction, I can probably sort it out.
<davexoxide> ScottK: http://davexoxide.pastebin.com/d7693521b
 * ScottK looks
<ScottK> davexoxide: So you have one that you did send to Hotmail that was OK.
<ScottK> How is that being sent?
<davexoxide> no, telnet failed at the last step
<davexoxide> i did a command line php -a
<davexoxide> mail();
<davexoxide> that did work to hotmail
<ScottK> OK.
<ScottK> What's the exact error you got after data?
<davexoxide> ScottK: http://davexoxide.pastebin.com/d2c54238f
<ScottK> Looking
<ScottK> davexoxide: When you are telnetting, you need a newline between the command DATA and the actual data.
<davexoxide> ok i'll try that, and see what happens
<ScottK> The 501 is it's telling you you got the syntax wrong.
<davexoxide> ScottK: yeah that worked.. and php -a mail() works...
<davexoxide> but my simple php mail script fails... hmm
<davexoxide> ScottK: http://www.buildwebsite4u.com/advanced/php.shtml
<davexoxide> http://static.davexoxide.com/mail.html
<ScottK> davexoxide: OK.  Those two things tell you you have a php problem, not a mail server problem.
<davexoxide> ok great, thanks man
<ScottK> davexoxide: My guess would be that the php 'mail' command you appear to be using doesn't talk smtp, but I know zip about php.
<davexoxide> yeah it's sendmail_path
<davexoxide> i still had exim in my conf file
<ScottK> Ah.
<davexoxide> for postfix it should be /usr/lib/sendmail?? or something like that
<ScottK> Postfix sendmail is compatible externally with the sendmail sendmail command.
<ScottK> Yes.  That's where it is.
<twb> davexoxide: all MTAs on Ubuntu provide /usr/sbin/sendmail.
<twb> davexoxide: /usr/lib/sendmail is a legacy location found on e.g. Solaris
<davexoxide> yeah i decided to go with default setting of sendmail -t -i
<davexoxide> still not working as expected but at least i know it's not postfix
<davexoxide> i'm over in the php room bothering those guys now
<davexoxide> thanks ScottK and twb for the help!
<ScottK> davexoxide: You're welcome.
<Hellsheep> Hey
<Hellsheep> I am trying to install a teamspeak server onto my Ubuntu home server, i created a new user using: sudo useradd -d /home/teamspeak teamspeak
<Hellsheep> and it created the user, except i dont know the pass? =o
<Hellsheep> How do i determine the password for it
<Hellsheep> i tried su teamspeak
<Hellsheep> but it asks for the password, and no matter what i try it wont work
<Kamping_Kaiser> why on earth did you `useradd -d` instead of just `adduser` ?
<Hellsheep> i have no clue
<Hellsheep> i blame a website
<Kamping_Kaiser> Hellsheep, it wont have a password, set one with `sudo passwd teamspeak`
<Hellsheep> the teamspeak website says use -d
<Hellsheep> ty
<Hellsheep> Why do people on sites like teamspeak and vent fail to write all the details
<Kamping_Kaiser> if its in a wiki, i suggest you update it
<Hellsheep> It's not. =[
<Hellsheep> It's on the main teamspeak site..... =/
<Kamping_Kaiser> its possible they use 'adduser' in the example because its a lowest common denominator.
<Kamping_Kaiser> :\
<Hellsheep> http://www.teamspeak.com/?page=tutorial_b
<Hellsheep> and i had the same problems with Ventrilo
<Hellsheep> They lack the correct information to install without looking somewhere else
<Kamping_Kaiser> Hellsheep, it assumes you are root - if you are root you can `su` to any other user without a password
<Kamping_Kaiser> `sudo su teamspeak` would be equivilant to `su teamspeak` as root
<Hellsheep> i see
<Kamping_Kaiser> i still think `adduser --disabled-password` or something similar would be better then useradd -d (but i'm sure they've look into it)
<Hellsheep> Your solution would have worked the first time though.
<Hellsheep> And your solution solved my problem.
<Kamping_Kaiser> theres a few lines in that guide  i find a little strange
 * Kamping_Kaiser shrug
<Hellsheep> yeah
<Hellsheep> like their extraction methods dont work either
<Hellsheep> =/
<Kamping_Kaiser> should do. how did it fail?
<Hellsheep> Dunno lost the error thing
<Hellsheep> except
<Hellsheep> i just WinSCP the whole folder
<Hellsheep> instead of .tar.bz2 file
<Hellsheep> bash: ./teamspeak2-server_startscript: Permission denied
<Hellsheep> Love that
<Kamping_Kaiser> its probably not executable.
<Hellsheep> so i see
<Hellsheep> dunno how to change that
<Kamping_Kaiser> perhaps a result of copying it around. try `chmod +x ./teamspeak2-server_startscript` and rerunning the command
<Hellsheep> thanks
<Hellsheep> that worked
<Hellsheep> gotta clean up around the house now
<Hellsheep> cyaz
<Hellsheep> and thanks
<Hellsheep> you always have the answers =P
<suigeneris> ScottK-desktop, are you there?
<uvirtbot`> New bug: #326936 in samba (main) "package samba 3.0.28a-1ubuntu4.7 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/326936
<kraut> moin
<Kamping_Kaiser> allo
<pike__> im trying to run a dhcp server on eth1.  i have installed the server but im not sure how to designate an interface to listen on in dhcpd.conf
<pike__> all other config is done it just compains that no interface is set to listen on
<Kamping_Kaiser> pike__, ISC dhcpd? set it to give out addresses on the netblock eth1 is on, it'll do the rest
<pike__> i see thx
<Xperiment62> ive been forced due to my brother killing my main computer, to use my server as a desktop machine, i miss my music... how can i install and setup a sound system to use with mplayer easily?
<uvirtbot`> New bug: #327105 in apache2 (main) "package apache2.2-common 2.2.9-7ubuntu3 failed to install/upgrade: package apache2.2-common is not ready for configuration" [Undecided,New] https://launchpad.net/bugs/327105
<Xperiment62> how can i get sound output from my server
<soren> Xperiment62: Play something?
<Xperiment62> i tried
<soren> And?
<Xperiment62> nothing
<soren> -ENOINFORMATION
<Xperiment62> mplayer started playing it but absolutely no sound
<soren> turn up the volume?
<Xperiment62> umm
<Xperiment62> remember this is server edition
<soren> Yes?
<Xperiment62> and i did turn up the volume
<Xperiment62> nothing at all
<Xperiment62> so please dont treat me like an idiot
<soren> Well, then give me some information that is actually useful.
<Xperiment62> well, what is tehre to say
<soren> How does it fail? What output do you get? What have you done to make it work?
<suigeneris> did you unmute it?
<Xperiment62> gah
<Xperiment62> its a basic install of server
<Xperiment62> recently installed mplayer
<soren> You keep saying that, but what do you think that means?
<Xperiment62> tried to use the alsa output but no avail
<Xperiment62> tried pulse
<Xperiment62> no luck there
<Xperiment62> and i havent ever been given any output from them
<Xperiment62> im telling you what i know
<soren> mplayer doesn't give you any output?
<Xperiment62> your asking for information i dont have
<Xperiment62> ti gives regular output
<soren> Well, /I/ certainly don't have it.
<soren> Let's see it.
<Xperiment62> umm
<Xperiment62> how can i do this
<soren> regular output != no output
<Xperiment62> from CLI
<Xperiment62> regular output = nothing of interest to the situation
<soren> pastebinit, for instance.
<Xperiment62> umm
<Xperiment62> im in CLI
<soren> pastebinit - command-line pastebin client
<Xperiment62> so you want me to instal a pastebin client?
<soren> No. I want you to show me the output from mplayer. I'm *suggesting* that you use a pastebin client for that. That seems reasonable.
<soren> If you've got a better way, that's fine.
<soren> ssh from another machine or whatever.
<soren> I'm just interested in the output.
<Xperiment62> oh yeah
<Xperiment62> fyi
<Xperiment62> i dont ahve anotehr machine
<Xperiment62> thats the whol reason for wanting sound
<Xperiment62> my brotehr killed my IDE controller on my main
<Xperiment62> so ive had to revert to using my server
<Xperiment62> ill install a pastebin client
<soren> Ok. Well, if you've got a better way to show me the output, that's fine. You just asked med how to do it.
<soren> If you can dump it in a file an put in on a webserver somewhere, that's cool.
<Xperiment62> that would be a good idea
<Xperiment62> if i hadnt killed my apache server a couple of weeks ago
<Xperiment62> unless
<Xperiment62> nah
<Xperiment62> chuck me an example of what i should be doing with pastebin init
<soren> Dunno. never used it myself.
<Xperiment62> like what command should i run to use it to output the output from a command?
<Xperiment62> hrmm
<Xperiment62> i think ive got it figured out
<Xperiment62> wont be a minute or two
<Xperiment62> http://pastebin.com/f20b3558a
<Xperiment62> that work>?
<Xperiment62> that was usign mplayer filename >> alsa.txt
<Xperiment62> then pastebininit -i alsa.txt
<soren> Yes.
<Xperiment62> col
<Xperiment62> cool*
<soren> Could you send the output of amixer as well?
<Xperiment62> umm
<Xperiment62> one sec
<Xperiment62> http://pastebin.com/fd8fa4f
<soren> Your master is muted.
<Xperiment62> really?
<Xperiment62> why would it be muted?
<Xperiment62> thats just bizzare
<soren> *shrug*
<Xperiment62> know how to remedy the situation?
<soren> Unmute it with your favourite mixer application?
<Xperiment62> umm
<Xperiment62> i dont ahve a favourite
<Xperiment62> or have one that i really know how to use fully
<Xperiment62> as i dotn often use a server as a desktop machine
<soren> You said earlier that you had turned up the volume... What did you use for that?
<Xperiment62> my amp
<soren> Eh?
<soren> ....
<Xperiment62> external
<soren> So you never touched your sound cards mixer settings?
<Xperiment62> no
<soren> ....
<soren> I see.
<soren> Now would be a good time to start doing so.
<Xperiment62> aah
<Xperiment62> found it
<soren> Actually, before asking about why you don't have any sound output would be an even better time. :/
<Xperiment62> tinkered around in alsamixer
<Xperiment62> and for some bizzare reason all my outputs were muted
<Xperiment62> tried random keys and found the muting key
<Xperiment62> thankyou soren
<suigeneris> hah! and you said "gah" when I asked "did you unmute it?"
<soren> suigeneris: He also didn't want us to treat him like an idiot.
<lukehasnoname> nijaba: Thank you for updates to the KVM documentation
<lukehasnoname> I've been wanting this for a while, it looks good so far. Haven't tested the instructions, but I hope to when I have a chance later this week
<nijaba> lukehasnoname: I merely reordered the instructions and split it in multiple page so that it is a bit less scary
<nijaba> but thanks
<lukehasnoname> the instructions are updated for hardy/interpid, and the wording is more informative rather than 'cp this into console and you have kvm!'
<UndertakerX2> Could some one help me with this error? http://pastebin.ubuntu.com/115946/
<Kamping_Kaiser> installed aclocal
<Kamping_Kaiser> ?
<UndertakerX2> dont believe so, sudo apt-get aclocal ?
<UndertakerX2> that right?
<Kamping_Kaiser> apt-file tells me its in the automake package
<UndertakerX2> so if i install automake i should be good to go right>
<Kamping_Kaiser> until the next missing dependancy yes
<Kamping_Kaiser> what are you trying to install?
<UndertakerX2> xbbt backend for gazelle
<UndertakerX2> that fixxed that but have a new error http://pastebin.ubuntu.com/115951/
<Kamping_Kaiser> ah. they should provide a list of dependancies needed to build it, eitehr in the package (Eg, in an INSTALL file) or on their site
<UndertakerX2> yeah but im not sure what is already on my system and whats not, and dotn want to overwrite anything
<Kamping_Kaiser> !be
<ubottu> Sorry, I don't know anything about be
<Kamping_Kaiser> bah.
<Kamping_Kaiser> !build-essential
<ubottu> Compiling software from source? Read the tips at https://help.ubuntu.com/community/CompilingSoftware (But remember to search for pre-built !packages first)
<Kamping_Kaiser> UndertakerX2, ^^
<UndertakerX2> i will check that out, thanks
<godsyn> nealmcb: I just wanted to stop in and say thanks again. I just google'd my nick (I'm that bored) and our conversation ( http://irclogs.ubuntu.com/2008/07/20/%23ubuntu-server.txt ) came up.
<UndertakerX2> Can some one help with this error http://pastebin.ubuntu.com/115951/ ?
<suigeneris> is this channel logged?
<suigeneris> !log
<ubottu> Official channel logs can be found at http://irclogs.ubuntu.com/ - For LoCo channels, http://logs.ubuntu-eu.org/freenode/
<godsyn> UndertakerX2, do you have libtool installed?
<UndertakerX2> i used this command: apt-get install cmake g++ libboost-date-time-dev libboost-dev libboost-filesystem-dev libboost-program-options-dev libboost-regex-dev libboost-serialization-dev make zlib1g-dev
<godsyn> new to linux?
<UndertakerX2> a biot yes :p
<UndertakerX2> bit*
<godsyn> hehe, ok. Echo back the results from "aptitude search libtool". I'm only interested in the ones that are installed (they'll have an "i" in front).
<UndertakerX2> http://pastebin.ubuntu.com/115977/
<UndertakerX2> there ya go
<godsyn> aptitude install libtool, then run your above command.
<UndertakerX2> that worked, thanks!
<UndertakerX2> you would think they could list that in the dpendincies ya know :p
<godsyn> no prob. enjoy XBT (just a guess).
<UndertakerX2> close enough
<UndertakerX2> gazelle, xbbt back end
<UndertakerX2> i used to work on a tbdev install for a friend awhile back so wanted to play around with gazelle
<suigeneris> the other day ScottK gave me a command to see inside a certificate, but I don't remember. does anybody know?
<suigeneris> openssl x509 something
<UndertakerX2> gosyn, used make and most of it went alright untill this part http://pastebin.ubuntu.com/115992/
<UndertakerX2> sorry godsyn, typing skills are horrid tonight
<godsyn> reading up on gazelle
<UndertakerX2> k thanks
<UndertakerX2> suigeneris: http://www.mkssoftware.com/docs/man1/openssl_x509.1.asp that what you want?
<godsyn> the 1st list of dependancies. did they install ok? (apache / etc)
<UndertakerX2> yep
<UndertakerX2> if memorey serves me right, i can gdouble check if you like
<UndertakerX2> the front end is up and running fine, but the guise i was using says i need xbbt but the offical instal docs did not
<godsyn> http://projectgazelle.org/viewtopic.php?pid=982#p982
<godsyn> out f date makefile :(
<godsyn> **of
<UndertakerX2> thanks let me try that
<godsyn> My shift is over and my replacement here (datacenter). Best of luck!
<suigeneris> UndertakerX2, thanks, with a little trial and error, i managed to see it
<UndertakerX2> thanks godsyn
<UndertakerX2> suigeneris: no problem glad to help
<dou213> can someone here help me with my ftp-server? installed vsftpd, in config no anonymous login possible, mount --bind the public folder with one folder from /home/user/, then configured FTP over SSL (like on this site over here: http://www.zeroathome.de/wordpress/ftp-und-webdav-fuer-euren-ubuntu-server/) but now when i go in FileZilla and try to connect, it fails...
<dou213> configs in FileZilla: host: ip-address of pc behind the router (i'm @ home), Port: 21, Servertype: FTP over SSL (explicit encryption), Logontype: normal with user and password from the users on the server machine
<Deeps> no idea about filezilla i'm afraid, however there should be some output somewhere, either in the server logs in /var/log, or from your client (in terms of what it recieved from the server as an error, if anything)
<dou213> hi Deeps, from my client (on windows *baaah*) nothing there, only connection failed... checking now the logs on the server machine
<dou213> in which log file would there be information about this?
<Deeps> auth.log maybe? if there's a vsftpd folder it may be in there? syslog?
<soren> What does it mean when ping says "source quench"?
<dou213> just seen that vsftpd created a new user: ftp, i think i must login with that user then... Deeps, can u please have a look on the configuration on that link i've sent? i know it is foreign language, have a look only at the commands to run, maybe you get an idea what the problem is... the commands from FTP - Server section to FTP over SSL
<Deeps> "destination too busy", says cisco on google
<soren> Deeps: Google, huh? I should try that.
<Deeps> soren: ;)
<Deeps> dou213: i dunno, ive never used vsftpd
<Deeps> dou213: it "appears" to be ok, but i honestly dont know
<Deeps> soren: "Source Quench Messages is an IP ICMP message implying the following. The server is getting data at to high a rate and can not buffer it. This messages then means please send data in smaller bursts." if that helps ;_
<dou213> Deeps, ok mate thx anyway, i'll try to figure it out myself.. maybe i'll get lucky
<UndertakerX2> how can i downgrade to gcc-4.1 and g++-4.1 ?
<suigeneris> !downgrads
<ubottu> Sorry, I don't know anything about downgrads
<suigeneris> !downgrade
<ubottu> Attempting to downgrade to an older Ubuntu version is explicitly not supported, and may break your system.
<UndertakerX2> im not downgrading an entire version of ubuntu am i? :s
<ScottK> UndertakerX2: There are separate packages for differenct GCC versions.
<ScottK> UndertakerX2: You want to install gcc-4.1 packages and then change the gcc symlink to point there.
<UndertakerX2> well i have a make file that seems to be compiled with gcc-4.1 and g++-4.1, just looking for the easiest route to resolve this issue
<UndertakerX2> would it be easiest to change the makefile and instal 4.1?
<UndertakerX2> rather then completley downgrading
<UndertakerX2> ScottK: where is the symlink located?
<Deeps> UndertakerX2: run: which gcc
<Deeps> UndertakerX2: or: ls -l `which gcc`
<UndertakerX2> thanks, do i do this for g++-4.1 to?
<UndertakerX2> i cant seem to make that work for g++
<ScottK> Dunno about g++
<UndertakerX2> ok thanks
<Deeps> # ls -l `which g++`
<Deeps> lrwxrwxrwx 1 root root 7 2008-10-15 11:17 /usr/bin/g++ -> g++-4.2
<UndertakerX2> Deeps: thanks, it says i need to use -E or -x.
<Deeps> ?
<Deeps> what is "it"?
<UndertakerX2> the command above
<UndertakerX2> ->
<UndertakerX2> that one
<UndertakerX2> ] lrwxrwxrwx 1 root root 7 2008-10-15 11:17 /usr/bin/g++ -> g++-4.2
<Deeps> i dont see "it" saying you need to use -E or -x?
<UndertakerX2> g++: -E or -x required when input is from standard input
<Deeps> what are you trying to do?
<Deeps> if you're trying to make a symlink for g++ to point to g++-4.1, you shouldn't be running g++...
<Deeps> rm /usr/bin/g++ && ln -s /usr/bin/g++-4.1 /usr/bin/g++
<Deeps> at a guess, assuming /usr/bin/g++-4.1 exists when you install g++-4.1
<UndertakerX2> sorry deeps im feeling rather sick i think this is going to have to wait untill tomorow
<UndertakerX2> Deeps: thanks for all the help though
<soren> I slept all the way to Berlin, so I thought the flight was longer, but it was only about an hour or so.
<soren> Err... Whoops
<soren> :)
<zul> how do I tell apt that I have a sources.list.d as well and to use it?
<lapo> hi
<lapo> is there any documentaion about clustering with hardy? I'm playing with heartbeat+drbd atm, I would like to setup a fail-over samba server
<kinnaz> anyone has exp with ibm server with lsi 1030 on ubuntu ?
<dou213> hi guys, i can't connect to my ftp-server from intern (behind the router) with SSL, unencrypted it works, but not with SSL
<dou213> can somebody help fix this problem, preferably someone with experience in FileZilla too :)
<Faust-C> dou213: ports open? are they being forwarded
<dou213> Faust-C, in router i didn't open port 21
<dou213> should i?
<DogWater> does anyone know what package i need to install to get the lib/modules/2.6.24-19-generic/source/ or lib/modules/2.6.24-19-generic/build/ folders?
<Faust-C> dou213: what port does it want for SSL
<Faust-C> forward that port
<dou213> Faust-C, don't know, how can i find that out? probably 443 (default port for SSL)
<Deeps> Faust-C: he's accessing an ftp server inside his lan from within his lan
<dou213> Deeps, yes right
<dou213> that's why i thought i don't need (for now) to open the ports
<Faust-C> heh cant work if you dont let it
<dou213> Faust-C, ok so open port 21 y?
<Faust-C> dou213: ? no what port does your ftp server use for SSL, you need to make sure its listening for it
<Faust-C> and what do logs say?
<Faust-C>  /var/log/<whatever ftp server app>
<Deeps> Faust-C: he can connect to his ftp without SSL encryption fine without any ports forwarded because it's on the same lan, no routing involved, it's just not working with SSL
<Faust-C> Deeps: i read that wrong
<dou213> thx Deeps for clearing him up, sry for my bad english
<Faust-C> maybe there is a error with the cert
<Faust-C> dou213: what ftpd are you using ?
<dou213> svftpd
<dou213> vsftpd
<dou213> w8, i'm giving you the link with what commands i've run to configure it
<Faust-C> k
<dou213> http://translate.google.com/translate?prev=hp&hl=en&u=http%3A%2F%2Fwww.zeroathome.de%2Fwordpress%2Fftp-und-webdav-fuer-euren-ubuntu-server%2F&sl=de&tl=en
<dou213> btw, very nice site :) translate.google.com, found it out just today
<dou213> Faust-C, and i've been reading also these pages: http://ubuntuforums.org/showthread.php?t=91887   &&  http://ubuntuforums.org/showthread.php?t=518293
<dou213> but the cfg i followed is that from the first site, just without his shell script
<Faust-C> k
<Faust-C> brb
<dou213> i sure hope that we can make it work with SSL, cuz the main purpose of me setting a FTP-server is to access it from outside my lan
<Faust-C> dou213: imo (in my opinion), it would be simpler to use sftp
<Faust-C> but thats me, anyways brb
<ScottK> +1 for sftp
<dou213> Faust-C, maybe you're right, but vsftpd is easier (so i've read, but not convinced :) )
<dou213> it can be something wrong with the certificates
<dou213> just llok @ the first page
<dou213> he creates a new certificate, maybe that's the problem, cuz i've read in some other tutorials that this is not needed
<Faust-C> well i would create a new cert
<Faust-C> but im odd
<Faust-C> dou213: btw did you look at logs?
<dou213> i've looked at tcpdump .. but nothing interesting there
<Faust-C> brb
<dou213> for me
<Faust-C> heh no look at logs /var/log/vsftpd
<dou213> looking in logs now
<dou213> Mon Feb  9 16:50:49 2009 [pid 4436] CONNECT: Client "192.168.1.31"
<dou213> Mon Feb  9 16:50:53 2009 [pid 4435] [alex] OK LOGIN: Client "192.168.1.31"
<dou213> this appears every time when i try to connect from FileZilla
<dou213> but it doesn't connect
<dou213> i can also paste the messages from FileZilla, maybe that'll help some?
<Deeps> maybe tell filezilla to use tls instead of ssl explicit?
<Deeps> odds are you should be getting some kind of error in filezilla though taht'll be telling you what's going wrong
<dou213> Deeps and Faust-C, i'll paste it on pastebin, too long to do it here w8
<dou213> http://pastebin.com/d67007892
<dou213> this is the information from FileZilla
<dou213> everything works just fine till connection timeout :S
<dou213> Deeps, already tried with TLS/SSL, disconnected right away, won't even work for as long as SSL explicit will
<Deeps> firewall on the ftp server?
<dou213> Deeps, really don't know, probably iptables (common in ubuntu)
<Deeps> dou213: do you have a firewall enabled? paste `iptables -nvL` to a bin
<dou213> k
<dou213> http://pastebin.com/d44990528
<dou213> Deeps, i see now maybe fail2ban is causing the prob
<dou213> ?
<Deeps> nah, it looks ok
<Deeps> nothing indicating why it's timing out trying to do dir listing
<dou213> so, do i have a fw enabled?
<dou213> should i simply try a reinstall?
<dou213> like sudo apt-get --purge remove vsftpd   and then install it anew
<Deeps> paste your vzsftpd.conf
<uvirtbot`> New bug: #326517 in ubuntu "Ethernet OK but no internet (dup-of: 307204)" [Undecided,Invalid] https://launchpad.net/bugs/326517
<uvirtbot`> New bug: #327233 in samba (main) "package samba 3.0.28a-1ubuntu4.7 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/327233
<dou213> http://pastebin.com/d973e606
<dou213> Deeps, in here is posted my vsftpd.conf: http://pastebin.com/d973e606 ... tell me if there is something fishy about it
<Deeps> lines 139-141
<Deeps> you dont appear to have a key file defined
<dou213> only by commenting line 141 i could make it work without SSL
<dou213> so unencrypted
<Deeps> gtg, gl, bbl
<dou213> :) ok Deeps, thx anyway... catch u later hopefully
<uvirtbot> New bug: #327242 in bacula (universe) "Hardy bacula update packages broken" [Undecided,New] https://launchpad.net/bugs/327242
<chrisadams> hi guys - is it bad practice to restart apache using /etc/init.d/apache2 restart?
<Nafallo> chrisadams: kills the active connections for sure.
<chrisadams> Nafallo: thought as much
<chrisadams> is there a way to run it gracefully from /etc/init.d?
<Nafallo> reload
<chrisadams> I get this response when i try:
<chrisadams> root@machine:/usr/sbin# /usr/sbin/apache2 -k graceful-stop
<Nafallo> also called "graceful" ;-)
<chrisadams> apache2: bad user name ${APACHE_RUN_USER}
<Nafallo> invoke-rc.d apache2 reload
<chrisadams> that's the graceful way restart the server?
<ivoks> hello
<chrisadams> Nafallo: thanks, that works a charm
<jmedina> any there anyone have problems with tg4 driver in hardy?
<jmedina> it is tg3: Broadcom Corporation NetXtreme BCM5721 Gigabit Ethernet PCI Express (rev 11)
<lamont> MTU:1492 <-- WTF is causing PPPoE to set the MTU down?
<ivoks> physics
<ivoks> it's never 1500 on pppoe
<ivoks> it can't be
<ivoks> PPPoE consumes 8 more bytes of data for its own purposes, which leaves us with 1492 of usable space for actual data.
<ivoks> ScottK: ping
<ScottK> ivoks: Pong.
<ivoks> ScottK: hi there
<ivoks> ScottK: i'm working on mail stack atm
<ivoks> ScottK: and i was wondering...
<ivoks> ScottK: what do you think about enalbing managesieve by default in dovecot?
<pecisk> hi people, have you encountered situation when you have LVM volume mounted on some temporary directory, umount /tmp/some_dir answers that device is busy, but no lsof nor fuser doesn't show anything running in that file system, there are also no strange processes in ps ax
<ivoks> ScottK: and making an effort of moving roundcube into main for jaunty+1 (which would include patch for managing sieve scripts)
<pecisk> I can't reboot box because of Xen VMs
<ScottK> ivoks: I think I don't know enough to have an opinion.  I think seive is really not for everyone.
<ivoks> ScottK: well, if we set dovecot as LDA, then we get sieve 'for free'
<ivoks> ScottK: so, we would have sieve, only question is will we enable 'remote' management of scripts
<ScottK> Yes, I'm just thinking about it adds complexity to the system.
<ScottK> I see.
<ivoks> that's true
<ivoks> the only problem i see is that none of ubuntu clients supports sieve remote management
<ScottK> What does?
<ivoks> and roundcube, which does have a patch for it, would support it
<ivoks> but roundcube is not in main
<ivoks> so we shouldn't consider it at all in this case
<ScottK> As I said, I don't have a strong opinion.
<ivoks> ok
<ivoks> i'll raise that question tomorrow on meeting
<ivoks> thanks
<jmedina> ivoks: my vote por managesieve in dovecot
<ivoks> jmedina: :)
<ivoks> how do you manage sieve remotly?
<ivoks> with thunderbird?
<jmedina> ivoks: Im just starting to use it, I recompiled dovecot from intrepid in hardy to get managesieve support
<ivoks> i see
<jmedina> btw, I remember about a security bug report about managesieve, something about user can modify other users scripts
<ivoks> what mail client do you use?
<jmedina> ivoks: kmail
<ivoks> well, i'll check security stuff, of course
<ivoks> kmail supports managesieve, right?
<jmedina> yeap, but I have not tried
<kees> bug 307291
<ivoks> there's an open bug in evolution for sieve
<uvirtbot> Launchpad bug 307291 in dovecot "Security hole in ManageSieve: Virtual users can edit scripts of other virtual users" [Undecided,New] https://launchpad.net/bugs/307291
<jmedina> kees: thanks, that is the bug
<ivoks> great
<ivoks> :)
<ivoks> kees: :*
<jmedina> dman, this broadcom nic doesnt works with xen's kernel :S
<kees> :)  it's been a low priority, but we'll be getting to fixing it.  If any one wants to get patches and do tests, we'd appreciate the help, of course.  :)
<ivoks> hm... looks like that's an existing bug in jaunty too
<ivoks> i'll have to check that out
<jmedina> ivoks: I want to use IMP ingo for server side filtering
<ivoks> why?
<jmedina> I also read there is a thunderbird plugin for sive and of course kmail
<ivoks> if you have kmail, you could do that from it
<jmedina> ivoks: I use horde webmail
<jmedina> yeap, but I want the webmail feature for customers
<ivoks> it's ugly, isn't it? :)
<jmedina> I always used maildrop, but I need something to create filters from webmail or another mail client withouth creating scripts manually
<ivoks> so you would like to have managesieve in 'default ubuntu mail server stack'?
<jmedina> ivoks: yeap, in fact I was testing managesive in dapper :D
<ivoks> great
<jmedina> I know a nothing about creating deb packages, I had to edit control by hand in order to compile in dapper
<jmedina> I was using intrepid packages
<ivoks> ok, i'll work on including sieve by default in ubuntu-mail-server package
<ivoks> that will not be default in standard dovecot installation
<ivoks> only if you install ubuntu-mail-server
<kees> okay, I've followed https://help.ubuntu.com/community/AutomaticSecurityUpdates and my system still isn't doing automatic updates.  anyone have success with this?
<ivoks> which one did you do?
<ivoks> cron or apt.conf.d?
<kees> the first one with apt.conf.d
<ivoks> and you installed unattended-upgrades package?
<kees> yeah: unattended-upgrades is already the newest version.
<lamont> ivoks: if the underlying card supports jumbo frames, there's no reason it can't be 1500 on the ppp interface
<ivoks> kees: i've tried that long time ago, and it worked :/
<ivoks> kees: like 2 years ago :D
<ivoks> lamont: well, i don't understand MTU so much, but if other side doesn't support jumbo frames, then i guess it shouldn't work?
<ivoks> so much :)
<lamont> ivoks: well, pathMTU discovery _should_ work, but then much of the internet drops ICMP unreachables, so it doesn't
<lamont> and not having MTU=1500 sucks
<ivoks> :)
<ivoks> take care... see you tomorrow
<grze_> hi guys, is there anyway to force a --prefix= like behaviour with dpkg?
<jmedina> grze_: like --root ?
<grze_> jmedina: seems to be the one!
<jmedina> good
<grze_> jmedina: does this also affect the resolution of dependencies?
<jmedina> grze_: afaik, nop
<jmedina> but Im not sure, never use it :D
<grze_> jmedina: *phew* cool :)
<grze_> in that case, fingers crossed
<grze_> thanks :)
<uvirtbot> New bug: #327326 in php5 (main) "parse_ini_file wrong return value on failure" [Undecided,New] https://launchpad.net/bugs/327326
<nonent> i'm getting a stranger error in hardy trying to setup racoon.  racoon does it's modprobes and tries to load   /lib/modules/2.6.24_23_server/kernel/net/ipv6/ipcomp6.ko    which doesn't exist.   the problem is in the path - should be replaced with _, but i can't figure for the life of me why it's doing that.   if i modprobe myself, it works fine
<nonent> wow, found it, racoon-tool seems to have a typo in it.   i shall file the bug
<uvirtbot> New bug: #327306 in apache2 (main) "Apache segfaults under load and can't span more than 130 childs" [Undecided,New] https://launchpad.net/bugs/327306
<AndyGraybeal> i remember someone in here saying something like they were going to write up some Bacula install instructions.  the ones i've found on the web ... are still very confusing to me and i'm having a hard time getting bacula to work
<ScottK> I think that was ivoks.
<kansan> how do i install the php bindings for the GD graphics library on ubuntu hardy LTS server?
<Jeeves__> 'apt-get install php5-gd'?
<kansan> ftw!
<kansan> is there a way to 'name' certain gnome-terminal instances?  or should i be using screen?
<ScottK> As soon as you said Gnome you were asking in the wrong channel.
<firestarter87> hi everybody
<firestarter87> i have a problem with my ubuntu-server
<firestarter87> i can't update my packages
<firestarter87> i get a 'w' error (can't connect) but my internet connection is up
<jdobrien> kirkland: have a second for a question about screenbin?
<firestarter87> my source list seems ok...
<kirkland> jdobrien: howdy
<jdobrien> hi
<ScottK> firestarter87: What's the exact error?
<jdobrien> my guests get prompted for a password...but it looks like it's getting their ssh keys
<jdobrien> kirkland: ^^
<kirkland> jdobrien: which images are you using?
<kirkland> jdobrien: thanks for the reminder, i have a bunch of changes to screenbin that I need to upload
<jdobrien> kirkland: ami-814aaee8
<kirkland> jdobrien: hmm
<kirkland> jdobrien: what are the ownership/perms on the .ssh/authorized_keys file?
<jdobrien> kirkland: when i created the image, should I have installed anything else? I did install openssh :-)
<kirkland> jdobrien: ;-)  shouldn't need to, no
<jdobrien> kirkland: one sec
<kirkland> jdobrien: can you point me to the URL of the ssh keys?
<jdobrien> hmm
<kirkland> jdobrien: i've seen some people incorrectly put ssh keys in lauchpad that have whitespace in them
<jdobrien> owner only
<jdobrien> -rw-r-----
<Deeps> should be owner readable only i think
<Deeps> chmod 600
<kansan> in general ; better to use _ between words or - ?  (for compatibility in linux and in bash etc)
<kirkland> jdobrien: yeah, chmod 600 and chown guest:guest
<kirkland> kansan: for what in particular?
<kansan> kirkland, i just thought one was good/bad
<kansan> kirkland, what permissions should /home/user    have
<kansan> kirkland, specifically for ssh access
<kirkland> kansan: $HOME is usually 755
<kirkland> kansan: but some people make it 700
<kansan> 755 is what mine is set on right now
<kirkland> jcastro: Nafallo: https://edge.launchpad.net/~screen-profiles/+archive/ppa
<kirkland> nijaba: ^
<Nafallo> ooooh
<Nafallo> o_O
<jcastro> kirkland: ta!
<Nafallo> that's like... killing my manual installs :-D
<kirkland> Nafallo: https://translations.edge.launchpad.net/screen-profiles
<kirkland> Nafallo: get to translating :-)
<kirkland> jcastro: you too...  we need some 'troit-speak in there :-)
<jdobrien> kirkland: sorry..not working
<Nafallo> hehe. we'll see if I can find time during the week :-)
<kirkland> jdobrien: who owns that file?
<jcastro> kirkland: btw that launch slowness I mentioned was indeed fixed by updating it
<kirkland> jcastro: rocktastic ;-)
<jdobrien> kirkland: root guest
<kirkland> jdobrien: change that to guest:guest
<kansan> how do i recursively list all files & directories for top level directory /foo/
<kirkland> find .
<jdobrien> kirkland: tried, it won't let me :-(
<kirkland> jdobrien: well, you need to be root (or ubuntu) to do that
<kirkland> jdobrien: that's a bug that i've fixed (and need to upload)
<jdobrien> kirkland: :-)
<kirkland> jdobrien: i'm really sorry about that
<kirkland> jdobrien: you should be able to ssh into that image as root with your key.pem file
<jdobrien> kirkland: it's totally fine
<gluck> Hi, is there any possibility to enable sound on Ubuntu Server?
<dou213> hi everybody, Deeps you there?
<jdobrien> kirkland: thanks for the help, i'll work it out later
<kirkland> jdobrien: no problem, i'll try to get an update uploaded today/tomorrow
<dou213> can somebody help me set up my ftp-server correctly? i am behind my router, trying to connect with FileZilla within the lan on an ubuntu server box, when i connect unencrypted it works just fine, when i do it with SSL it gives me an error: Connection timed out!
<dou213> my basic configuration: http://translate.google.com/translate?prev=hp&hl=en&u=http%3A%2F%2Fwww.zeroathome.de%2Fwordpress%2Fftp-und-webdav-fuer-euren-ubuntu-server%2F&sl=de&tl=en
<dou213> just without his shell script
<dou213> tried already a lot of things, here is my vsftpd.conf : http://pastebin.com/d973e606
<dou213> here is the response i get from FileZilla while trying to SSL: http://pastebin.com/d67007892
<dou213> i appreciate any kind of help
<gluck> Hi, is there any possibility to enable sound on Ubuntu Server?
<lukehasnoname> I'm trying to use "sudo apt-get --install-recommends install ubuntu-virt-server" but it doesn't say it's going to install recommended components
<lukehasnoname> any ideas?
<jtaji> lukehasnoname: the package has no recommends: http://packages.ubuntu.com/intrepid/ubuntu-virt-server
<jtaji> and even if it or a dependent package did, it doesn't specifically tell you what it's going to install is because of recommends
<lukehasnoname> Ah hell
<jtaji> also starting with intrepid, recommends are installed by default
<lukehasnoname> the package site shows no suggested packages, but apt-get shows several
<jtaji> how's that?
<lukehasnoname> unless one of its packages has suggested packages that are being pulled in
<jtaji> it will do that
#ubuntu-server 2009-02-10
<dou213> hi, is here an expert in vsftpd present?
<OsAC> he went to proftpd :-)
<OsAC> sry, joke :-)
<OsAC> just ask :-)
<dou213> np, i was just googeling what proftpd is :)
<OsAC> hehe
<dou213> i am behind my router, trying to connect with FileZilla within the lan on an ubuntu server box, when i connect unencrypted, so non-secure, it works just fine, when i do it with SSL it gives me an error: Connection timed out!
<dou213> so basically, the problem is i can't get it to work with SSL
<OsAC> dou213: which servertype ou chose in filezilla?
<dou213> OsAC, FTP over SSL (explicit encryption) ... anything else but 'FTP' won't work
<OsAC> I would sugest you setup sshd and than use sftp
<dou213> OsAC, sry wrong info: it works also (until operation times out) with FTP over TLS
<dou213> i already use ssh
<dou213> OsAC, do u have a good guide or tutorial for setting up sftp? a guide which u actually know about that it's good
<twb> SFTP is a nicer protocol than FTP over anything, if only because FTP implicitly requires bidirectional routing (i.e. chokes on NAT).
<twb> SFTP is set up automatically by installing the OpenSSH server: aptitude install openssh-server.
<twb> You can then configure sshd_config to remove full shell access, so that only SFTP is left.
<dou213> twb, interesting thing you're saying, ftp chockes on NAT? well, i'm behind a router
<dou213> could that be the problem?
<twb> dou213: it works on *some* clients; they have to implement either the EPORT or PASVE (IIRC) extension.  I remember that this is not the case for Firefox.
<twb> Note that SFTP is not just FTP over SSH; it's actually a quite different (and better) protocol.
<twb> http://en.wikipedia.org/wiki/FTP#FTP_and_NAT_devices
<OsAC> ftp is legacy protocol ...so you are better using something else for transfering files
<OsAC> if u need only to dwnl files http is better choice
<ScottK> Depends on the privacy requirements.
<OsAC> https :-p
<dou213> i need something like a ftp-server which allows me to upload and download files (securely) from outside my lan
<twb> ScottK: and other requirements, of course.  Maybe you need write access and DAV is sucky.
<dou213> should i try it with WebDAV?
<ScottK> Yeah
<twb> dou213: SFTP is the best choice for that by far, IMO.
<ScottK> sftp is totally wonderful.
<dou213> maybe a tutorial which i can use about sftp?
<dou213> i went for vsftpd because it is the only one on the ubuntu server guide page
<OsAC> if u have sshd installed , eg you can ssh to your box
<twb> dou213: no configuration is necessary for SFTP.
<OsAC> go to filezilla add new conn
<twb> dou213: except if you want to lock it down more.
<OsAC> enter server hostname, ssh port and choose sftp
<OsAC> and it will work
<OsAC> you have it working allready .-)
<OsAC> no need for vsftpd
<OsAC> try it :-)
<dou213> w8 i-ll try it this way
<dou213> Response:	Fatal: unable to initialise SFTP: could not connect
<dou213> i'm using SSH already with pub/private keys authentification (secure)... maybe that's why it won't work
<OsAC> yes
<OsAC> you need user/pass
<dou213> but ain't this a major security risk?
<dou213> because i'm open for brute force attacks
<dou213> and twb, what did u mean with lock it down more?
<OsAC> yes, dont allow root to be able to use ssh (use sudo) and move ssh port away from 22 to something like 15000
<twb> dou213: as in, disable password-based access, and disable access to anyone that isn't your user, and disable access except from a whitelist of source IPs.
<twb> dou213: for example, on one of my systems, you can only log into it if you are logging in as twb, from 203.7.155.19, and you have to have both my passphrase and my ssh key.
<twb> dou213: since you are interested in SFTP, you would also want to disable SSH (shell) access, so that only SFTP remains.
<dou213> twb, but i need shell access over SSH very much... i'm doing all the work remotely on the server
<twb> dou213: OK, so leave that on
<twb> dou213: my point is you turn off all the bits you *don't* need, so that brute-force crackers can't use them.
<OsAC> the best thing is just to move sshd to another port, avoiding automated hacking tools
<dou213> twb, you say disable password based access, OsAC says i must have that in order to use SFTP :S kinda confused over here
<dou213> OsAC, already done that :D
<twb> dou213: SFTP does not require password-based authentication.
<OsAC> twb is right
<dou213> [01:39] <OsAC> you need user/pass
<dou213> what do u mean then OsAC, sry i must have misunderstood u
<OsAC> listen what twb  has to say :-)
<twb> OsAC: I would not be comfortable with simply changing the port; I would also take the other measures I mentioned.
<OsAC> twb: ofc
<twb> Of course, I would also generally use port 443 because this is the least likely to be blocked by stupid corporate firewalls.
<dou213> ok guys, so now that u know my situation, how can i make it work?
<dou213> twb, i'm listening, what to do?
<twb> dou213: about what, specifically?
<dou213> the security measures you specified earlier were all been taken care of :)
<dou213> twb, how can i make sftp work?
<twb> What isn't working now?
<dou213> do i got to change some settings in /etc/ssh/sshd_Config ?
<dou213> nope, told u: error: Response:	Fatal: unable to initialise SFTP: could not connect
<twb> dou213: what gives that error?
<dou213> dunno the cause, it says so when i try to connect in FileZilla
<OsAC> drop filezilla and use http://winscp.net/eng/index.php
<OsAC> andyou are done
<twb> dou213: you are on a Windows machine?
<dou213> twb, yes
<OsAC> :-)
<twb> dou213: please get a copy of pscp.exe from putty's website.
<twb> dou213: while you're there, get putty.exe, too.
<dou213> i have them both already
<dou213> i also use them
<OsAC> ohh
<dou213> told u i was doing all the work remotely on the server
<dou213> with putty and winscp
<twb> Oh, oops.  I was confusing pscp and psftp.
<twb> Get psftp.exe and run it with the server's name as the argument.
<dou213> so as i got it: FileZilla won't work for me because i can't specify a private key to use right? which is possible in WinSCP so it works
<twb> I'm not interested in helping you get filezilla working.
<twb> If you have already established that the problem is in filezilla, then we are done; you can take up the problem with filezilla's team.
<dou213> i was just asking so that i get it why it won't work with the one while it works with the other
<dou213> ok it works with psftp.exe
<Phillomath> Hello, I'm looking for some help with a BIND9 problem
<Phillomath> When I run named-checkzone I get the error that my db file has no current owner
<Faust-C> thats a new error
<Phillomath> Its ok I've resolved it now, got some help in #dns
<suigeneris> hello,
<ivoks> ucf is very cool stuff :)
<suigeneris> what is ucf?
<ivoks> update configuration file
<ivoks> http://packages.debian.org/sid/ucf
<ivoks> it's for development of .deb packages
<suigeneris> i didn't think installing webmail would be so easy
<ivoks> roundcube?
<suigeneris> yes
<ivoks> how about configuring whole mail stack?
<suigeneris> i've been struggling with horde forever
<ivoks> :)
<ivoks> in my perfect world, this should be even easier:
<suigeneris> <ivoks> how about configuring whole mail stack? <--- what do you mean?
<ivoks> sudo apt-get install ubuntu-mail-server
<ivoks> pop, imap, mta...
<ivoks> how did you configure imap and pop?
<suigeneris> sudo apt-get install postfix dovecot
<ivoks> yeah, but you had to configure it :)
<suigeneris> not postfix
<suigeneris> only rbl stuff
<ivoks> true
<ivoks> so, you don't have SSL and you don't use dovecot's LDA
<ivoks> not SSL, SASL
<suigeneris> nope
<suigeneris> i have tls, but i have a problem with it
<suigeneris> i get offered the wrong certificate
<ivoks> it's not wrong
<ivoks> it's generic
<ivoks> you have to create your own
<suigeneris> i created one for 5 years, what i get offered is for 1 year
<ivoks> dovecot and postfix, by default, offer 'snakeoil' certificate
<suigeneris> and it keeps asking and keeps asking
<ivoks> so, you have to configure both services to use your certificate
<suigeneris> do you follow postfix-users ML?
<ivoks> no
<suigeneris> ivoks, i love you :)
<suigeneris> you got me the right direction
<suigeneris> i thought postfix offered the certificate
<suigeneris> i tweaked dovecot and i get offered the right certificate now
<suigeneris> yay!
<ivoks> great
<suigeneris> heh!
<suigeneris> now, how can i create & use one ssl certificate for roundcube?
<suigeneris> i think i have to make dovecot listen on 993, right?
<suigeneris> do i?
<suigeneris> oh, my server already listens on 993
<kraut> moin
<suigeneris> good morning
<Zlogger> hi guys, stupid apache question, but if i add a virtual host for domain.com... do i need to add another for www.domain.com or is this taken care of via dns?
<ivoks> suigeneris: you need to setup apache to use ssl
<ivoks> Zlogger: you need to do both
<ivoks> Zlogger: set up DNS and configure apache
<ivoks> Zlogger: in apache, you need to add 'ServerAlias domain.com' to www.domain.com vhost
<ivoks> Zlogger: but if DNS doesn't point domain.com to your apache server, there's nothing you can do
<Zlogger> ivoks, can i do something like a wild card?
<ivoks> Zlogger: i'm not sure, i've never tried that
<Zlogger> ivoks: i.e.  servername *.domain.com
<Zlogger> ah ok coolio.  i have a user who's using webmin
<ivoks> doh :(
<ivoks> webmin
<Zlogger> would be nice if he didnt have to add twice :)
<ivoks> we hate webmin on this channel
<ivoks> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Zlogger> i hate webmin as well
<Zlogger> thanks for the heads up on ebox!!
<Zlogger> will def check it out.
<ivoks> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Zlogger> ivoks: do you use ebox?  thoughts on it?
<ivoks> Koon: good morning
<ivoks> Zlogger: one of my clients use it, yes
<Koon> ivoks: hey
<ivoks> Zlogger: it's great, easy to use and quite simple
<ivoks> Zlogger: my client manages smb shares and user accounts with it
<Zlogger> it looks a lot cleaner than webmin
<suigeneris> i once used ebox, but it overwrote my smb.cnf so i got rid of it
<Zlogger> suigeneris: what do you mean?  like it installed a blank conf over what u had?  or did u try to make a change and lose everything?
<suigeneris> i live happily with webmin
<suigeneris> Zlogger, i don't remember exactly what it did, but i remember losing my shares
<ivoks> those things take full control of your configuration files
<ivoks> you can customize ebox's templates, if you don't like defaults
<Zlogger> suigeneris: sux man.
<suigeneris> ivoks, do i have to create another certificate for apache?
<ivoks> depends on common name you used for mail certificate
<ivoks> if the common name is the same as MTA, then no
<ivoks> in another words
<ivoks> if your mail server is mail.domain.com, and you created certificate with common name mail.domain.com
<ivoks> if you have webmail on mail.domain.com, then no, you don't need additional certificate
<ivoks> but if your pop/imap is mail.domain.com, and your webmail is www.domain.com/webmail, then you need additional certificate
<suigeneris> that means i need, because my mx is mail.domain.com and my webmail is on webmail.domain.com
<suigeneris> right?
<ivoks> right
<sergevn> hi, is anyone running hardy server with spamassasin and amavis, i getting the error that bayes synced databases every 3 hours with the cronuser
<sergevn> very annoying :), can place a dirty hack but that's not nice
<sergevn> anyone else having this problem?
<ivoks> what's the error?
<sergevn> bayes: synced databases from journal in 0 seconds: 646 unique entries (1023 total entries)
<ivoks> that's not an error
<ivoks> and that's not default in 8.04
<ivoks> check your cron scripts
<ivoks> redirect stdout to /dev/null
<sergevn> i didnt change the cronscript, it start emailing since the last update i guess
<ivoks> go to /etc/cron.d/
<ivoks> you get that via email?
<sergevn> yes
<sergevn> from the cron daemon
<ivoks> so, subject of email should have more info
<sergevn> Cron <amavis@silvio> test -e /usr/sbin/amavisd-new-cronjob && /usr/sbin/amavisd-new-cronjob sa-sync
<ivoks> grep -sr 'amavisd-new-cronjob' /etc/cron*
<sergevn> http://pastebin.ubuntu.com/116411/
<ivoks> so, you see where the problem is
<ivoks> i have those scripts and they don't return anything to me
<sergevn> how can i see what the problem is?
<sergevn> without editting the scripts, i didnt change anything :)
<ivoks> those scripts are ok
<sergevn> ok
<ivoks> ls -dl /bin/sh?
<ivoks> have you customized spamassassin configs?
<sergevn> nope defaults
<sergevn> serge@silvio:~$ ls -ld /bin/sh
<sergevn> lrwxrwxrwx 1 root root 4 2008-04-16 10:28 /bin/sh -> dash
<ivoks> sergevn: log into that server, become root
<ivoks> sergevn: do su - amavis
<ivoks> sergevn: and then run /usr/bin/sa-learn --sync
<ivoks> does that generate any output?
<dayo2> http://paste.ubuntu.com/116431/    <---- is 'hostname' a valid option in dhcpd.conf?
<suigeneris> man 5 dhcpd.conf says it is
<UndertakerX2> I get the error "apt-get install build-essential." but the "build-essential" package is installed and up to date. How can i fix this?
<_ruben> there's nothing to fix
<UndertakerX2> err sory errors is "error: C++ compiler cannot create executables"
<soren> UndertakerX2: Remove the '.' at the end?
<UndertakerX2> what . there is no . in the eroor "error: C++ compiler cannot create executables"
<soren> You said: "apt-get install build-essential."
<soren> Also, you probably need to install g++
<soren> sudo apt-get install g++
<UndertakerX2> then i corected myself after _ruben replied
<UndertakerX2> already installed
<soren> Although, that should be included in build-essential.
<soren> Dunno. Look at the config.log
<UndertakerX2> that was the only problem i found
<UndertakerX2> http://pastebin.ubuntu.com/116439/ but maybe i missed something?
<UndertakerX2> how do i change the sim link for g++?
<fw1> i have a file server and i've set up samba for sharing home dirs to windows boxes,  nfs for linux and what can i do to make it easy for mac guys?
<Kamping_Kaiser> tell them to use nfs or samba?
<ivoks> you'll have to set up 'unsecure' nfs for mac
<fw1> how does gnome build the 'network' list of servers
<ivoks> so it's better for them to use samba
<ivoks> or, there's netatalk for old afp protocol
<fw1> what protocol builds up the 'Network' file browser
<ivoks> wrong place for that question
<ivoks> try #ubuntu
<ivoks> i'd say it's smb
<fw1> its not smb as there is 'Windows NEtwork'
<fw1> all the macs are appearing there
<ivoks> macs have samba too
<ivoks> it shows computers from same workgroup
<ivoks> if you select windows network, it shows all workgroups
<ivoks> apple suggests using smb as default network protocol
<ivoks> nfs is also supported
<ivoks> afp is considered old, but imho, still is the best file sharing protocol for macs
<fw1> its doing something more
<fw1> as its picked up an sftp server
<ivoks> are you sure that sftp server doesn't have smb?
<RichardP> hi, operationally how different is 8.04 LTS and 8.10?  am i going to continually run into issues installing PHP 4, MySQL 5 etc on .04?  I like the sound of the LTS release, but if its more hassle to support locally....
<ivoks> php4?
<ivoks> why would you use php4?
<RichardP> ivoks: legacy code
<fw1> RichardP, if you want to for production go with 8.04
<fw1> i don't think php4 is in 8.04
<ivoks> well, i'd still go with 8.04
<RichardP> fw1: i would be surprised if it isnt
<Deeps> !info php4 hardy
<fw1> RichardP, its not
<ubottu> Package php4 does not exist in hardy
<RichardP> then im screwed
<Deeps> you can always install and maintain php4 from source yourself
<ivoks> even php5 is old :)
<RichardP> Deeps: i wanted to avoid that
<kinnaz> anyone has seen thing like that, lsi 1030 hard drives just wont show up
<kinnaz> i have two x345 ibm server
<kinnaz> one installed everytokey
<kinnaz> everything okey
<kinnaz> but with second server cant find drives
<kinnaz> any suggestions _
<kinnaz> ?
<ivoks> have you initialized drives in raid controller?
<kinnaz> ivoks, its resyncing array at the moment
<kinnaz> thou there was live system running on it before
<kinnaz> i tried to install ubuntu on it
<kinnaz> thou redhat
<kinnaz> all driver disks i have found are aswell for redhat/suse
<ivoks> you have lsi raid controller?
<kinnaz> yes lsi 1030
<kinnaz> both boxes to
<kinnaz> that what makes it strange
<kinnaz> thats
<ivoks> 8.04?
<kinnaz> yes
<ivoks> any errors in logs?
<kinnaz> hmmmz will check
<sergevn> ivoks: sorry was afk, lemme check
<sergevn> ivoks: it gives the same output as in the email :)
<ivoks> sergevn: that means your spamassassin is configured for verbose output
<ivoks> check /etc/spamassassin/*
<ivoks> i'm sure you changed something there
<sergevn> in local.cf everything is outcommented
<ivoks> could you paste that line again?
<sergevn> what line?
<ivoks> the output
<sergevn> sec
<sergevn> $ /usr/bin/sa-learn --sync
<sergevn> bayes: synced databases from journal in 0 seconds: 117 unique entries (117 total entries)
<ivoks> https://bugs.edge.launchpad.net/ubuntu/+source/amavisd-new/+bug/165184
<uvirtbot> Launchpad bug 165184 in amavisd-new "amavisd-new + spamassassin: cronjob spams root user" [Medium,Triaged]
<sergevn> yeah found that one, but the date is 2007
<kinnaz> really strange booted up ubuntu again to check the logs for errors and what happens it found my hdd
<kinnaz> only option is that my array was broken or smt
<ivoks> sergevn: so what? last activiy is 4 days ago
<ivoks> kinnaz: it probably wasn't initalized
<kinnaz> ivoks,  thou i didnot change anything in raid configuration util
<kinnaz> just booted up debian
<kinnaz> then it hanged or smt
<kinnaz> and then booted up ubuntu cd
<kinnaz> thou it was resyncing my array
<kinnaz> all the that time
<sergevn> ivoks: ok :) well i thought that if it was reported in 2007, and having problems since an update it would not matter :)
<kinnaz> ivoks,  tnx for help anyways
<sergevn> ivoks: thanks for the help ivoks, going to try those hacks later tonight
<Ko_deZ> Hi. Is there a netboot installer for ubuntu server? The only one I can find is this: http://archive.ubuntu.com/ubuntu/dists/hardy-updates/main/installer-i386/current/images/netboot/
<Ko_deZ> and that seems to be a regular ubuntu installation.
<Ko_deZ> The CD drive on my very old Dell only reads the inner parts of a CD, so I need a small iso :-p
<kinnaz> Ko_deZ, i would suggest you to go pxe boot
<Ko_deZ> kinnaz: Thanks for the tip. Will have a look at it.
<Jeeves__> Why do my servers crash when I try to get an iscsi-device attached?
<Jeeves__> (Hardy)
<_ruben> ouch
<_ruben> wasnt there a bug in open-iscsi some time ago .. or are you using iscsi hba's?
<Jeeves__> I'm trying to mount iscsi-devices exported by Sun storage (open storage, solaris)
<_ruben> server fully up to date? (wrt to the open-iscsi bug)
<Jeeves__> I just dist-upgraded :)
<Jeeves__> It's pxe-booting as we speak :)
<Jeeves__> So that will be a complete reinstall
<_ruben> havent tried ubuntu as initiator, only as target .. using esxi's software initiators at the other end of the "wire"
<henkjan_> Jeeves__: did you try to mount an iscsi volume from your netapps?
<Jeeves__> exported by Sun storage (open storage, solaris)
<Jeeves__> I wasn't even mounting yet
<Jeeves__> just discovering and attaching
<_ruben> bah .. why is squid's logging so damn nasty .. its pretty much undoable to write filter regexps for the useless stuff
<Scunizi> I just installed server with the LAMP, Samba & FTP options.  Testing FTP results in no connection. Any idea which FTP package was installed and where the conf file is?
<Deeps> dpkg -l |grep ftp
<Deeps> at a guess, vsftpd, and the configuration should be in /etc/vsftpd/
<Scunizi> good idea
<Scunizi> Deeps: nope not fsftpd
<Scunizi> Deeps: it's using ftp/lftp.. ftp is the client and lftp is the server
<Deeps> task-sel --list-tasks, find the task name for the ftp server
<Deeps> then tasksel --show-packages <ftpserver task>
<Deeps> lftp is a client, not a server
<ivoks> Scunizi: how did you install FTP server?
<Scunizi> oh.. hard to tell on the readout of the grep command
<Scunizi> ivoks: as part of the standard install of the server edition.. there's a point that asks what additional services you want.. I ticked Lamp, samba and ftp
<ivoks> but dpkg -l | grep vsftpd results with nothing
<ivoks> either you didn't select it or you've hit a bug
<ivoks> which ubuntu version is that?
<Deeps> cant be hardy, no ftp-server task in hardy
<Deeps> at least, according to tasksel, anyway
<ivoks> i don't think we have ftp task at all
<Scunizi> ivoks: it rusults in ii ftp  (next line) The FTP client (next line) ii lftp
<ivoks> Scunizi: notice: dpkg -l | grep vsftpd
<ivoks> vsftpd
<ivoks> not ftp
<Scunizi> k
<ivoks> Scunizi: what ubuntu version is that?
<Scunizi> looked in ~ for the .vsftpd.conf file but there wasn't one.. grep returns nothing .. version is 8.10
<ivoks> vsftpd is system service
<ivoks> it doesn't have users configuration
<ivoks> you just didn't install ftp service
<Scunizi> I haven't yet manually..
<ivoks> right, there's no FTP task in ubuntu-server
<ivoks> http://images.howtoforge.com/images/perfect_server_ubuntu8.10/24.png
<ivoks> so, you installed something else...
<ivoks> tasksel --list-tasks | egrep ^i
<Scunizi> ivoks: yep.. the pic jogged my memory .. it was ssh .. should have remembered that since I'm on the server box via ssh now.
<ivoks> this will tell you what you have installed
<ivoks> there you go...
<ivoks> we suggest vsftpd as FTP service
<ivoks> once you install it, configuration file is /etc/vsftpd.conf
<Scunizi> ivoks: yes.. I have vsftpd on another machine and works well. I have issues though, setting it up so Joomla functions..It's been driving me nuts for several days
<ivoks> vsftpd has nothing to do with joomla
<Scunizi> ivoks: it does on the back end when you need to change templates or upload pic etc..
<Scunizi> ivoks: not just vsftpd but ftp in general..
<Deeps> dou213: https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/308952 may relevant to you
<uvirtbot> Launchpad bug 308952 in vsftpd "FireFTP(Mozilla) cannot LIST files" [Undecided,Incomplete]
<Scunizi> interesting
<Scunizi> so maybe proftpd?
<kinnaz> hmmmz anyone worked around with drbd ?
<kinnaz> should i make the filesystems to partitions i want to sync before sync ?
<_ruben> kinnaz: not too sure about your wording, but the sync can be initiated either before or after the partitions are in use (data wont be destroyed)
<_ruben> *if* done correctly
<_ruben> but no, i dont have any experience with drbd, just did some limited research
<kinnaz> _ruben,  i have no data just two partitions without filesystems, was wondering what type of filesystem i should create to there
<_ruben> whatever filesystem you want to use
<kinnaz> ah okey tnx :)
<Scunizi> not FAT
<_ruben> there's tons of howtos out there on how to setup up dbrb properly
<_ruben> drbd
<kinnaz> yeah i was following the guide at drbd website
<kinnaz> just it mentioned lvm and stuff like that
<kinnaz> couldnot figure out can i use ext
<ivoks> Scunizi: that's a bug in client, not server
<ivoks> Scunizi: notice 'Hello, i reverted back to FileZilla_3.0.7.1_i586-linux-gnu.tar.bz2 and it is working fine now'
<Deeps> Scunizi: that bug has no relation to you, it was for dou213 (notice the line prefixed with dou213:)
<_ruben> when using drbd i'd use lvm logical volumes to replicate, makes things a tad easier .. i hardly ever use "raw" partitions these days, apart from /boot
<Scunizi> Deeps, ivoks thanks.. I was just picking up on that.  with joomla it's just a setup issue. there's lots of how to's but nothing a-z definitive.  Once I figure it out I'll have to write one
<Deeps> Scunizi: you'll probably find that whatever issue you have with vzftpd+joomla, will occur with any other ftpd
<Scunizi> Deeps: I'm sure..
<Deeps> Scunizi: anyway, good luck configuring joomla :)
<Scunizi> Deeps: thanks. on public shared servers it hasn't been an issue at least with the isp's I use. on the home server it's been a little different :/
<jcastro> soren: where you the one looking at cobbler a cycle or two ago?
<soren> jcastro: Yes.
<jcastro> fyi, 1.3 seems to support debian/ubuntu directly: https://fedorahosted.org/cobbler/wiki/SupportForOtherDistros
<soren> jcastro: Oh, someone else did my job. Fantastic!
<jcastro> I wonder if someone has messed with it yet
<dou213> thx Deeps, i'll give it a check
<a_ok> what is the most common cause of max cpu utilization by udevd?
<nijaba> server team meeting in #ubuntu-meeting now
<mathiaz> !screen
<ubottu> screen is a terminal multiplexer. See http://www.kuro5hin.org/story/2004/3/9/16838/14935 and http://en.wikipedia.org/wiki/GNU_Screen
<erzlaute> Anyone have success installing Ubuntu server with hardware raid on an HP Proliant dl160 g5--or is software raid the only solution?
<orudie> hi. what is the best way to set up an FTP server ?
<Faust-C> orudie: sftp (imo)
<Faust-C> which would be a recomended file system to store email on a SAN?
<orudie> imo ?
<Faust-C> i usually use xfs
<Faust-C> orudie: in my opinion
<orudie> right, but how would i make useres login to the same directory
<orudie> the FTP users
<Faust-C> orudie: hmm, i read a how to once...
<Faust-C> ill have to look for it
<orudie> heheh ok
<mathiaz> ivoks: is there a wiki page to track the postfix/dovecot integration?
<ivoks> no
<ivoks> i was working on this today
<ivoks> trying to get it in before FF
<mathiaz> ivoks: I'm just trying to remember what are the goals
<ivoks> goal is to provide full postfix-dovecot integration
<ivoks> including, not related to that, maildir support
<ivoks> and other optimizations
<mathiaz> ivoks: right - that means: maildir by default in /home/$USER/Maildir/, postfix using dovecot sasl, postfix using dovecot lda
<ivoks> i don't see why i can't use ucf to take over package
<ivoks> it even has examples in man page how to do that
<ivoks> mathiaz: right
<ivoks> s/package/config
<erzlaute> orudie: take a look at <http://www.cyberciti.biz/tips/rhel-centos-linux-install-configure-rssh-shell.html>. at the bottom of the page, you'll find a method for 'jailing' users in their own directories
<mathiaz> ivoks: since we've decided to provide a tight integration between  dovecot and postfix I think that dropping a different configuration file and update the init script to look for it is the easiest solution
<ivoks> how about making dovecot.conf a link to dovecot-original.conf in dovecot-common, and then in dovecot-ubuntu, making it a link to dovecot-ubuntu.conf?
<orudie> erzlaute, right, but if i want multiple users to access the same directory for FTP
<ivoks> that way we don't have to change init script
<ivoks> or use alternatives or something
<erzlaute> oh, right--sorry--i should've read more closely. not sure how that would be done securely...maybe a better solution will come up
<ivoks> anyway, dovecot needs serious update
<ivoks> new version
<mathiaz> Adri2000: what's your proposal?
<mathiaz> ivoks: yeah - it seems that experimental has an up-to-date package.
<ivoks> mathiaz: current is .11, irrc
<ivoks> iirc too
<mathiaz> ivoks: well - I don't know if symlinking would be accepted
<ivoks> cjwatson: ping :)
<Adri2000> wanted to ask about what samba version do we want in jaunty. 3.3 is out but it may not be a good idea as it's really recent. the latest release of the 3.2 branch is 3.2.8 whereas jaunty only has 3.2.6. does anyone object to updating samba to 3.2.8?
<ivoks> let's ask before we spend another day for nothing :D
<Adri2000> jaunty has 3.2.5 even
<mathiaz> Adri2000: right - there is a discussion about that on the samba maintainer list in debian
<cjwatson> ivoks: yes
<cjwatson> ?
<ivoks> cjwatson: i have a question
<cjwatson> just reading scrollback
<ivoks> cjwatson: would creating symlinks (dovecot.conf -> dovecot-[ubuntu|original].conf) be bad?
 * andol isn't sure about 3.3, but would definatly not mind seeing 3.2.8 in Jaunty.
<cjwatson> why is a symlink necessary? why not just run dovecot with some different argument to use a different configuration file?
<cjwatson> that would be perfectly reasonable and far less complex
<ivoks> cjwatson: cause then will have to change init script
<cjwatson> so what?
<mathiaz> ivoks: I thinks that's reasonable
<ivoks> ok then
<cjwatson> honestly, messing about with configuration files and symlinks is going to get you tons of bugs down the road
<cjwatson> keep it simple
<mathiaz> ivoks: some of the init scripts have specific logic to handle ltsp
<ivoks> if [ -f /etc/dovecot/dovecot-ubuntu.conf ]; then NAME=dovecot-ubuntu
<Adri2000> mathiaz: http://lists.alioth.debian.org/pipermail/pkg-samba-maint/2009-February/thread.html which one?
<mathiaz> Adri2000: http://lists.alioth.debian.org/pipermail/pkg-samba-maint/2009-February/006337.html
<ivoks> or, better CONF=blablabla, instead NAME
<ivoks> cjwatson: thank you!
<AndyGraybeal> i realize that a fresh install of Ubuntu doesn't have UFW turned on, but is there a type of firewall that's already on?  i think my port 9103 (bacula) should be trying to accept data.. but i'm getting a connection refused.  is there something blocking it?
<AndyGraybeal> should i just turn on ufw and ask it to open 9103?
<ivoks> mathiaz: but, i already see tons of bugs 'i've changed this and this in dovecot.conf, and nothing works' :)
<Faust-C> AndyGraybeal: what do logs on that server say
<andol> AndyGraybeal: Shouldn't be any rules active by default. You can always check by running "sudo iptables -L"
<mathiaz> ivoks: right - we could drop a comment in dovecot.conf about that
<mathiaz> ivoks: or change the way configuration files are used
<AndyGraybeal> Faust-C: what log do you have in mind, in particular?  (i'm fairly new to this and i understand that /var/log/syslog is important... i do see a /var/log/bacula/log but it doesn't look like much is in it.
<mathiaz> ivoks: hm - nevermind
<mathiaz> ivoks: it would too complicated
<ivoks> right
<mathiaz> ivoks: let's just modify the init script to use dovecot-postfix.conf if it's there
<ivoks> ok
<ivoks> and i'll add warning in dovecot.conf
<mathiaz> ivoks: and add a comment to dovecot.conf to point to dovecot-postfix.conf if it's there
<ivoks> big warrning :)
<Faust-C> AndyGraybeal: like andol said firewall isnt on by default
<Faust-C> but there is also /var/log/messages
<mathiaz> AndyGraybeal: you should check if bacula is listening on port 9103
<mathiaz> AndyGraybeal: and is accepting connection from the outside - it may be configured to only listen on localhost
<ivoks> mathiaz: i've forgot to mention one thing at meeting
<AndyGraybeal> thank Faust-C and andol  -- andol i tried the 'sudo iptables -L' and i don't really understand what it says- - but this is a fresh install, and i haven't touched iptables or ufw yet.  i'm trying to get bacula working (first thing) before i enable anything else.
<cjwatson> ivoks: no problem, hope that's all doable, sorry for sticking my oar in late
<mathiaz> ivoks: I wouldn't call the package ubuntu-mail-server
<mathiaz> ivoks: dovecot-postfix seems the best choice IMO
<ivoks> mathiaz: should we enable managesieve by default or not? none of ubuntu clients support it
<ivoks> mathiaz: right, i won't call it ubuntu-*
<AndyGraybeal> mathiaz: ahh interesting, i did an 'nmap -p1-65535' (or something like that) to see what would turn up on my host, and it only showed port 22 (ssh obviously) was open.
<mathiaz> ivoks: the managesieve patch is included
<AndyGraybeal> mathiaz: where do i look to see if bacula isn't accepting connections from the outside?
<ivoks> mathiaz: still, managesieve is just great stuff, supported by kmail and thunderbird plugin
<mathiaz> ivoks: what do you mean by enabling it?
<Adri2000> mathiaz: ok, but that doesn't say what we decide for ubuntu jaunty
<mathiaz> ivoks: I agree.
<ivoks> mathiaz: managesieve listens on port 2000
<andol> AndyGraybeal: what does "sudo netstat -tlp" tell you? It should give you information about which services listens on which ports.
<ivoks> mathiaz: so, it's an additional port, but none of our clients (except kmail) can use it
<Faust-C> AndyGraybeal: netstat -lnp
<ivoks> out ob the box
<ivoks> evolution even doesn't want to work on it
<mathiaz> ivoks: that's ok
<ivoks> ok
<ivoks> so, on by default? :)
<mathiaz> ivoks: a new port can be opened.
<ivoks> i know
<mathiaz> ivoks: we'd have to make sure that sieve scripts are stored correctly and processed by the lda
<ivoks> right, there's an open bug about that
<mathiaz> Adri2000: true - but it gives us clues about what debian is doing
<ivoks> any users can overwrite others sieve scripts :D
<mathiaz> Adri2000: and we're working closely with debian on the samba packages
<mathiaz> ivoks: oh! that should be fixed before enabling managesieve by default then
<ivoks> of course
<mathiaz> ivoks: as we're close to FF may be we should defer managesieve by default for the next release
<ivoks> well, we have to update dovecot anyway
<ivoks> once we do that, we've closed that bug
<Adri2000> mathiaz: I know, and I already asked slangasek about that. he said 3.3 is probably not a good idea but a more recent version of 3.2 should work. so does anyone in the server team disagrees?
<mathiaz> ivoks: let's focus on updating dovecot and integrate with postfix (sasl, maildir and lda)
<mathiaz> Adri2000: I think trying to get the latest 3.2 would be a good thing
<Adri2000> ok
<mathiaz> Adri2000: however we'd have to package the latest release since debian won't push it to unstable before our FF
<Adri2000> why wouldn't they? Steve told me it was possible
<mathiaz> Adri2000: true - what matters here is a timeframe
<mathiaz> Adri2000: we need to get 3.2.8 (IIRC) before Thursday, next week
<AndyGraybeal> andol and Faust-C okay, i've done both netstat commands, 'netstat -tlp' shows me that 'bacula-dir' and 'bacula-sd' are doing something (i can't see what.  'netstat -lnp' shows me that 127.0.0.1:9101 and 127.0.0.1:9103 (the bacula ports)  are LISTENing;  can you help me with what this may mean?
<mathiaz> Adri2000: and I don't think that debian will package 3.2.8 for unstable within a week
<andol> AndyGraybeal: If you'd like to interpret the result you can always paste it onto http://paste.ubuntu.com/
<uvirtbot> New bug: #327703 in dnsmasq (universe) "DHCP Request Cycle can get caught in infinite loop" [Undecided,New] https://launchpad.net/bugs/327703
<AndyGraybeal> rad thanks andol
<Adri2000> mathiaz: see the end of http://irclogs.ubuntu.com/2009/02/08/%23ubuntu-devel.txt and the beginning of the next day
<AndyGraybeal> i'm going to go through my bacula .conf files to see if i can make heads or tails to see if i'm only accepting from localhost or something like mathiaz said.
<AndyGraybeal> cause i pretty much swear i haven't to uched any firewall stuff
<mathiaz> Adri2000: ok - well we'll see then
<mathiaz> Adri2000: if 3.2.8 hits unstable before FF we can merge it
<Adri2000> ok, I'll follow this closely, to make sure we either have it via merging from debian or via packaging it ourselves
<teddy_> why did we choose IT/computers? I should have chosen the blue pill....
<AndyGraybeal> lol teddy
<ivoks> lamont: is there a way (like postconf) to write something in master.cf?
<ivoks> lamont: if i would like to integrate amavis with postfix, right from amavis package, for example
<ivoks> afaik, there's no such thing
<AndyGraybeal> okay, bacula doesn't want to connect to either 'buddleia:9103' (buddleia is the host name) or 'localhost:9103' i don't know what to do ... (i understand in the bacula director conf file i'm not supposed to use 'localhost' in the 'storage' section, i just did it for testing purposes.
<AndyGraybeal> so bconsole connects fine to the director, but the director isn't connecting fine with the storage daemon
<ivoks> AndyGraybeal: i could help, just give me a minute to sort some thing first
<AndyGraybeal> ivoks, thank you so much.  i guess i'm still in the holding hand stages with this -- i've been working with linux off and on for almost 10.. probably more..  years.. and i still don't understand it
<kraut> i've got a grypted root volume from which i boot, is it possible to type in the passphrase via tty0 and ttyS0?
<ivoks> kraut: why not?
<ivoks> AndyGraybeal: ok, let's see
<kraut> and how?
<kraut> a created ttyS0 in event.d, the getty starts after that
<ivoks> kraut: you need to tell grub to use terminal
<kraut> it does, but i'm not able to type in the passphrase
<ivoks> kraut: you see the output?
<kraut> i can move through the menu of grub, but after i boot the kernel, it stops
<ivoks> kraut: that's not it, do you see kernel loading in terminal?
<ivoks> kraut: that's *after* grub is loaded
<kraut> no
<ivoks> kraut: http://ivoks.blogspot.com/2008/09/full-control-over-server.html
<ivoks> kraut: check out grub section
<kraut> serial --unit=0 --speed=9600
<kraut> terminal --timeout=10 serial console
<kraut> that are the first lines of menu.lst
<AndyGraybeal> ivoks, what do you want me to share with you?
<ivoks> kraut: quiet serial console=ttyS1,57600n8 (in my case)
<kraut> aha!
<kraut> yeees, that's it
<kraut> gah! ;)
<ivoks> AndyGraybeal: just a second
<AndyGraybeal> ivoks, also looks like i lost my mouse.. so i can't cut and paste (i'll bring in a mouse on friday
<ivoks> AndyGraybeal: so, in bconsole
<ivoks> AndyGraybeal: when you do status, it waits where?
<AndyGraybeal> i've never done status before... i have 1,director, 2 storage, 3 client 4 all
<AndyGraybeal> just go ahead and hit 2?
<ivoks> 4
<ivoks> all
<AndyGraybeal> k
<ivoks> did it stop somewhere?
<ivoks> or did everything go without problems?
<AndyGraybeal> yea, 'failed to connect to Storage daemon File' also failed to connect to Client
<AndyGraybeal> but it connected to the first one, the director
<ivoks> ok, let's take care of storage first
<ivoks> which ubuntu version is that?
<AndyGraybeal> 8.10
<AndyGraybeal> server amd
<ivoks> nise
<ivoks> nice
<ivoks> ok, open bacula-sd.conf
<AndyGraybeal> k
<ivoks> check the Storage section
<ivoks> is there SDAddress?
<AndyGraybeal> yea, it's 192.168.2.104 ... originally it was 127.0.0.1 .. i changed it for 'testing' purposes because id idn't know what was going on -- i don't mind changing it back to 127.0.0.1
<kraut> ivoks: now i'm only able to type in the passphrase via ttyS0
<ivoks> AndyGraybeal: just delete it :)
<AndyGraybeal> delte.. okay
<AndyGraybeal> how abotu # instead of delete?
<Faust-C> w/ iscsi how do you have it auto mount devices after iscsi works
<ivoks> kraut: that's why you can have multiple grub entries, where you can define for each how to handle that problem
<ivoks> AndyGraybeal: or comment it out, yes
<kraut> ivoks: isn't there any soloutions? :/
<kraut> and per default there is only standard and rescue
<kraut> perhaps i need to violate rescue for that
<ivoks> kraut: i didn't think about them and now i'm helping AndyGraybeal, and i can't help everybody at the same time :D
<AndyGraybeal> ivoks == god
<ivoks> no, i'm not
<kraut> pff ;)
<AndyGraybeal> it works! holy crap
<ivoks> AndyGraybeal: it does? nice
<ivoks> AndyGraybeal: open bacula-dir.conf
<ivoks> AndyGraybeal: find 'Storage' section
<AndyGraybeal> ok
<ivoks> AndyGraybeal: check Address
<AndyGraybeal> address = buddleia (my server name)
<ivoks> Address in Storage section of bacula-dir.conf and SDAddress in bacula-sd.conf must be the same
<Faust-C> hmm
<ivoks> buddleia needs to resolve to 192.168.2.104
<AndyGraybeal> i thought i just uncommented SDAddress out in bacula-sd.conf
<ivoks> i'm just telling where the problem was
<AndyGraybeal> aaah understood
<ivoks> now, bacula-sd listens on all IP addresses
<ivoks> but you might want to squize that a bit
<AndyGraybeal> *understood.
<ivoks> if director and storage are on the same server
<ivoks> it would be reasonable to hade localhost for Storage Address and SDAddress
<ivoks> s/hade/have
<AndyGraybeal> buddleia doesn't really resolvge i don't think.. i just made the name up
<AndyGraybeal> how do i know if it resolves?
<ivoks> hehe
<AndyGraybeal> ah so your saying i could just use localhost then and all is okay?
<ivoks> AndyGraybeal: yes
<ivoks> on both
<AndyGraybeal> rock on thank you
<ivoks> for Storage
<ivoks> not for everything
<lamont> ivoks: there's a tool that scottk gave me that's in postfix.  outside of that (which we can modify...), there isn't a postfix-provided api
<AndyGraybeal> ivoks, for storage and director, correct?
<ivoks> AndyGraybeal: correct
<ivoks> notice that we haven't talked about Director at all :D
<ivoks> lamont: ok
<ivoks> lamont: i'll check it out
<AndyGraybeal> ivoks, nods, is there a reason .. should i not touch my director conf?
<ivoks> AndyGraybeal: no, i'm just saying... bacula is very complex piece of software
<ivoks> AndyGraybeal: Storage section in bacula-dir.conf describes how to contact storage daemon
<ivoks> AndyGraybeal: you could have director on one machine, storage on another, clients all over the world and console on your ipod
<ivoks> AndyGraybeal: bacula makes that possible, but cause of that, for newcomers it's PITA to set up :D
<ivoks> AndyGraybeal: in 8.10, everything should be set up out of the box, so i don't really understand why you changed configs :D
<AndyGraybeal> thanks alot ivoks. so far director and storage are on the same place, no ipod with  linuxes yet for me.
<AndyGraybeal> ivoks, it didn't work, i didn't change the configs!
<ivoks> it did
<ivoks> remeber the SDAddress? :)
<kinnaz> bacula is nice :)
<ivoks> very nice :)
<nxvl> sommer: is the ebox fix in a ppa or somewhere i can get the .deb?
<zul> nxvl: dont tell me you use ebox to run your system
<nxvl> no
<nxvl> a friend of mine is having troubles
<nxvl> :D
<nxvl> he updates from hardy to intrepid
<nxvl> updated*
<nxvl> http://forum.eboxplatform.com/index.php?topic=980.new;topicseen#new
<zul> nxvl: riiiight...:)
<ivoks> if it isn't reported on launchpad, it doesnt't exist :D
<nxvl> heh
<ivoks> when is FF?
<ivoks> i would like to squeeze support for DELL servers into ipmitool :)
<AndyGraybeal> okay, ivoks, thanks for the hand holding.  appreciated.
<ivoks> AndyGraybeal: everything works now?
<AndyGraybeal> i'm pretty sure i can go from here.
<ivoks> if you have problems with client, check FDAddress
<AndyGraybeal> status turns out fine thoug, still need to play with the client, but i think i'll be fine with that
<ivoks> in client's bacula-fd.conf and Address in Client section of bacula-dir.conf
<AndyGraybeal> gotcha, awesome th anks for say ing that.
<ivoks> np
<ivoks> and, if you find some bugs, report them on lp
<ivoks> i'm trying to keep bacula in shape in ubuntu
<ivoks> but there's one bug across all ubuntu version >8.04, which i'll deal with next week :D
<sommer> nxvl: I think interpid-proposed
<sommer> nxvl: other than that I don't think so... the version in my ppa is old
<nxvl> mm
<nxvl> i don't find it on -proposed
<nxvl> i will apply your patch and upload to my ppa
<AndyGraybeal> ivoks: all checks out good now.
<sommer> nxvl: err wherever mathiaz uploaded it
<ivoks> AndyGraybeal: i know, that bug isn't related to you, since you've managed to install bacula :)
<sommer> nxvl: if you want to run the latest the ebox-ppa has packages that work for intrepid
<nxvl> really?
<AndyGraybeal> AndyGraybeal: i wasn't talking about the bug :P  but just about the last test i ran with the Client alsol.
<ivoks> ok
<sommer> nxvl: it's not the version that shipped with intrepid, but it will run on intrepid.. if that makes sense
<nxvl> right
<nxvl> he just wants it to run
<sommer> nxvl: https://launchpad.net/~ebox-unstable/+archive/ppa
<sommer> in case you didn't have it :0
<nxvl> i was looking at https://edge.launchpad.net/~ebox/+archive/ppa
<sommer> ah, probably the same thing
<nxvl> yeah one is stable and the other developent i think
<AndyGraybeal> ivoks, can you help me with btape?  i'm doing this: "sudo -u bacula btape -c bacula-sd.conf Quantum" it gives me a prompt with no errors, i type 'test' and nothing happens.
<ivoks> sudo -u bacula "btape -c bacula-sd.conf Qantum" ?
<AndyGraybeal> well the quotes were around the whole thing.. just to distinguish it from the rest of my typing
<ivoks> but, that's wrong
<ivoks> sudo -u bacula "btape -c bacula-sd.conf Qantum"
<ivoks> otherwise, -c will be considered as sudo switch
<AndyGraybeal> interesting
<AndyGraybeal> i swore btape worked y esterday
<ivoks> now it doesn't?
<AndyGraybeal> looks like it... so evil
<AndyGraybeal> i co uldn't get bacula to work, but btape did the 'test' just fine yesterday
<ivoks> did you enclose btape in "" now?
<ivoks> as i told you?
<AndyGraybeal> yea, i did.. and it says: sudo: btape -c bacula-sd.conf /dev/nst0: command not found
<AndyGraybeal> i'm in /etc/bacula (just in case your wondering)
<ivoks> you didn't then
<ivoks> sudo is executing bacula-sd
<AndyGraybeal> well earlier it atleast worked, when i enclose it in quotes, it doesn't work
<ivoks> become root
<ivoks> sudo -i
<AndyGraybeal> k
<ivoks> then move to bacula user: su - bacula
<ivoks> then run, as bacula user, btape -c bacula-sd.conf
<AndyGraybeal> that gets me into bconsole, and i run 'test' and no diec from there.
<AndyGraybeal> *dice
<AndyGraybeal> any thoughts?
<AndyGraybeal> i ran 'test' just fine yesterday
<ivoks> are you sure you are bacula user?
<ScottK> ivoks: Note that the scripts lamont added to postfix for adding policy servers or smtpd proxies are very basic.  They do the limited thing they were meant to do, but could certainly do with improvement.
<ivoks> whoami
<ivoks> ScottK: if they can add amavis, that's all i'm looking for :)
<ScottK> ivoks: I was cribbing from the amavisd-new docs when I wrote it.
<ScottK> ;-)
<ivoks> :)
<AndyGraybeal> ivoks: i did "su - bacula" like you said, and it appears that i didn't become the bacula user
<ivoks> right, bacula has /bin/false shell by default
<ivoks> change it tu bash
<ivoks> to
<AndyGraybeal> ok
<AndyGraybeal> ivoks, okay now i'm 'bacula' i ran btape, and test just sits there.  yesterday it made the tape dance a little
<ivoks> mathiaz: i think i have dovecot sorted out
<ivoks> mathiaz: care for a debdiff?
<mathiaz> ivoks: sure
<mathiaz> ivoks: I can have a look at it
<pteague> why does mtop try to install itself using root@localhost with no password? shouldn't it try to install itself using the debian-sys-maint user?
<pteague> or as man mtop states... make a mysqltop user with all privileges set to N except Process_priv ...
<ivoks> mathiaz: http://www.init.hr/dev/jaunty/dovecot-postfix.debdiff
<ivoks> pteague: report it as a bug
<AndyGraybeal> aah it says "ensure that bacula is not running" when i use btape.... maybe this will change the circumstances when i turn off bacula.
<ivoks> ScottK lamont ^^ i'm also interested in your opinion
<AndyGraybeal> ivoks: turning off the storage daemon, made the world of difference when running btape :)
<ivoks> AndyGraybeal: that's how it works
<AndyGraybeal> <- slowly learning
<ivoks> lol, ignore the changelog :D
<ScottK> ivoks: Right.  Still needs the script called for the master.cf changes.
<ivoks> ScottK: yes, but that's another step, to integrate amavis
<ivoks> ScottK: for postfix+dovecot, this is all that's needed
<ScottK> OK.
<ScottK> Right.
<ivoks> ScottK: i would also like to move roundcube to main for jaunty+1 or +2
<ScottK> Sorry.  Brain slow today.
<ScottK> You'd want to add a similar binary to the amavis package for that.
<ivoks> and include it's sieve patch, so that we have full mail stack
<ivoks> for what?
<ivoks> for amavis, only config dropped in amavis's conf.d and two lines in master.cf is enough
<ivoks> that could be done in postinst of this binary (dovecot-postfix)
<ScottK> Doesn't amavis have to control that?
<ivoks> files in conf.d?
<mathiaz> ivoks: why do you need to replace dovecot, dovecot-common in dovecot-postfix?
<mathiaz> ivoks: AFAICT there isn't any file that is shared between the packages.
<ivoks> mathiaz: ah, good catch, that's from old idea
<ScottK> ivoks: Yes.  Isn't this the same conffile problem that stopped the tasksel approach?
<ivoks> mathiaz: that's leftover from ucf stuff
<ivoks> ScottK: tasksel problem was that we couldn't edit files
<ivoks> there's noting stoping us in dropping files in conf.d
<ivoks> that's the idea of conf.d
<ivoks> like /etc/apache2/conf.d
<mathiaz> ivoks: what is managesieve-vritual-users-fix
<mathiaz> ivoks: used for?
<mathiaz> ivoks: is it a security fix?
<ivoks> mathiaz: fix for https://bugs.edge.launchpad.net/ubuntu/+source/dovecot/+bug/307291
<uvirtbot> Launchpad bug 307291 in dovecot "Security hole in ManageSieve: Virtual users can edit scripts of other virtual users" [Undecided,New]
<ivoks> mathiaz: yes
<ivoks> mathiaz: patch is provided by http://dovecot.org/list/dovecot/2008-November/035259.html
<mathiaz> ivoks: ok.
<mathiaz> ivoks: you've also enabled ssl for postfix
<ivoks> yes
<mathiaz> ivoks: why use /etc/ssl/certs/ssl-mail.pem
<mathiaz> ivoks: ?
<ivoks> and disabled weak
<ivoks> ssl
<mathiaz> ivoks: rather than snakeoil directly?
<ivoks> well, ssl-certs create their own certificate
<ivoks> mathiaz: i would prefere if users would put their own certicates as ssl-mail, instead of changing configs
<ivoks> if they change config they'll get unneeded diff
<ivoks> of configs
<ivoks> so, ssl-mail is a link on snakeoil
<ivoks> so user can just relink it or remove it and put it's own
<mathiaz> ivoks: users could update snakeoil directly?
<ivoks> mathiaz: i know, but in 99% they'll want to change the name :)
<mathiaz> ivoks: or you want to support different certificates on the same system?
<ivoks> that could also be a usecase
<mathiaz> ivoks: I wonder if Maildir/ is a good location for the user mailbox
<ivoks> if we prefere users to change config, that's no problem
<ivoks> mathiaz: that's unwriten default setup
<mathiaz> ivoks: what is the default home_mailbox in postfix?
<ivoks> mathiaz: lots of howtos use ~/Maildir
<ivoks> mathiaz: default is none, which is then mbox in /var/mail/
<ScottK> ivoks: Good point.
<ScottK> (re conf.d)
<ivoks> mathiaz: i'm thinking of removing dovecot's related stuff from postfix, on dovecot-postfix removal (in postrm)
<ivoks> mathiaz: so that postfix continues to operate once package is removed
<mathiaz> ivoks: right - I was thinking the same
<mathiaz> ivoks: smtpd_tls_auth_only = yes
<ivoks> yes?
<mathiaz> ivoks: does this mean we won't support some smtp clients?
<ivoks> no
<ivoks> this means no SASL if it isn't crypted
<ScottK> Which is what you want.
<ivoks> we don't want plain text passwords over wire
<ivoks> mathiaz: if client doesn't support TLS (i can't think of any), then it won't be able to use SASL
<ivoks> but it'll be able to use server as a relay host if it is in the same network
<ScottK> ivoks: Older Outlook/Outlook Express need SMTPS.
<ivoks> ScottK: really?
<ScottK> Yes.
<ivoks> then we'll enable smtps too
<ivoks> somehow :D
<ScottK> I think Outlook 2007 was the first to do TLS.
<ivoks> that can't be true
<ScottK> Maybe 2003.
<ScottK> I don't recall for sure.
<ScottK> I know a lot of people still use Office 2000/XP.
<ivoks> i'll check that out
<ScottK> I think the last thing we want is "Sorry, you need to update your MS Office to use ours system."
<ivoks> we'll enable smtps
<ScottK> OK
<mathiaz> ivoks: in dovecot-postfix.conf: disable_plaintext_auth = yes
<ivoks> i think outlook supports TLS for a long time
<mathiaz> ivoks: are we loosing some clients?
<ivoks> it's just that you have to manualy change port
<mathiaz> ivoks: ie some POP/IMAP client won't be able to connect?
<ivoks> mathiaz: that's the same thing as postfix before
<ivoks> mathiaz: if you want to authenticate, use imaps or pop3s
<ivoks> mathiaz: no plain text passwords over wire
<mathiaz> ivoks: ok
<mathiaz> ivoks: mail_max_userip_connections = 5
<ivoks> yes
<mathiaz> ivoks: that's too low IMO
<mathiaz> ivoks: thunderbird is known to open multiple connections at the same time
<ivoks> well...
<ivoks> we could raise it to 10?
<mathiaz> ivoks: IIRC it opens an imap for each folder :/
<ivoks> if that's true, then it's broken
<mathiaz> ivoks: I'd go with the default upstream value
<ivoks> iirc, 10 for pop, 3 for imap :D
<mathiaz> ivoks: oh you're right
<ivoks> 10 for imap
<ivoks> 3 for pop
<mathiaz> ivoks: login_greeting_capability = yes
<mathiaz> ivoks: are we breaking existing clients?
<ivoks> no
<mathiaz> ivoks: or is it just an optimization issue?
<ivoks> it's optimization for those that support it
<mathiaz> ivoks: imap_client_workarounds = outlook-idle delay-newmail
<mathiaz> ivoks: ^^ we support more clients OOTB
<mathiaz> ivoks: ?
<ivoks> yes
<ivoks> those are bugs in OE
<ivoks> and this is workaround
<mathiaz> ivoks: same thing for: pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
<mathiaz> ivoks: ?
<ivoks> yes
<mathiaz> ivoks: postmaster_address = postmaster@localhost
<ivoks> right
<mathiaz> ivoks: is there a way to get the domain from the debconf db?
<ivoks> for lda, postmaster_address needs to be set
<ivoks> i haven't looked for it
<mathiaz> ivoks: or take the domain name?
<mathiaz> ivoks: how does postfix handle that?
<ivoks> we could do that
<ivoks> postfix adds localhost as designated address
<ivoks> so, this should be sane as default, but we could add something
<ivoks> postfix asks for user input on this one
<mathiaz> ivoks: ok - I'd suggest to mimic what postfix LDA does by default
<ivoks> but always adds localhost
<ivoks> imho, @localhost is best option
<mathiaz> ivoks: quota_full_tempfail = yes
<ivoks> but, i could look into scripting that into something...
<ivoks> right
<mathiaz> ivoks: re @localhost, I don't what would be the best option
<ivoks> instead of bouncing email, give sender human report
<ivoks> people always resend their mail on errors
<mathiaz> ivoks: if @localhost is standard practice we should keep it that way
<mathiaz> ivoks: ScottK or lamont would probably know better on that subject
<ivoks> mathiaz: postfix deliver to $mydomain, but...
<ivoks> mathiaz: with $mydomain, it always accepts mail for localhost
<ivoks> mathiaz: otoh, taking domain name from /etc/mailname
<ivoks> mathiaz: in some cases results with problems
<ivoks> when people misconfigure it's mta
<ivoks> their
<mathiaz> ivoks: ok - I don't know. But I'd do the same way as the default postfix LDA handles the postmaster_address
<ivoks> that's 'postmaster' :)
<mathiaz> ivoks: regarding the quota, the default postfix LDA doesn't handle that
<ivoks> without the domain :)
<ivoks> mathiaz: it does, kind of
<mathiaz> ivoks: ok - so why not setup the dovecot LDA to do the same?
<ivoks> mathiaz: it returns not quite understandable message
<ScottK> I think @localhost is a reasonable default
<ivoks> mathiaz: i didn't try without domain, but i will
<mathiaz> ivoks: auth_socket_path = /var/run/dovecot/auth-master
<mathiaz> ivoks: ^^ why is this commented?
<mathiaz> ivoks: shouldn't this be enabled for dovecot LDA?
<ivoks> hm...
<ivoks> i'll check that out
<ivoks> it should be enabled
<mathiaz> ivoks: so under this setup all mail users are local users
<ivoks> yes
<mathiaz> ivoks: their email is stored in /home/user/Maildir/
<ivoks> yes
<mathiaz> ivoks: where are the sieve scripts stored?
<mathiaz> ivoks: since managesieve is enabled by default, we should make sure it works correclty
<ivoks> ~/sieve
<mathiaz> ivoks: ie: sieve scripts can be uploaded/managed
<ivoks> but we could move that into Maildir too
<mathiaz> ivoks: *and* that the dovecot LDA process them correctly.
<mathiaz> ivoks: I don't think that sieve scripts should be under Maildir
<mathiaz> ivoks: or is it common/supported to upload sieve scripts via IMAP ?
<ivoks> over sievemanage
<ivoks> or ftp/sftp
<mathiaz> ivoks: as for the security patch it's irrelevant to this setup (but should be included anyway)
<mathiaz> ivoks: since it deals with virtual users (which is not the configuration here)
<ivoks> this is patch for dovecot in jaunty
<ivoks> it's not related only to 'setup'
<mathiaz> ivoks: right - it's relevant to dovecot, not dovecot-postfix
<ivoks> i haven't tested this
<ivoks> so there should be a new debdiff once i trougly test it
<ivoks> check this out:
<ivoks> http://blog.janus.cx/archives/237-dovecot-Fatal-postmaster_address-setting-not-given.html
<maw_> when using apt-get, is it possible to download the details of changes in a package?
<ivoks> argh...
<maw_> aptitude shows the generic package description, but I am looking for the details of the fix
<maw_> oh... "C" for changelog
<maw_> weeee
<ivoks> mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf
<ivoks> that should be right :)
<ivoks> mathiaz: i've checked; having 'postmaster' as postmaster_address is fine
<ivoks> mathiaz: postfix will add domain then
<ivoks> or deliver to the alias
<mathiaz> ivoks: great
<mathiaz> ivoks: would it make sense to split all configuration in their own files?
<ivoks> and it's running without problems without unix_socket_auth
<ivoks> mathiaz: i don't understand?
<mathiaz> ivoks: something like: dovecot-imap.conf, dovecot-pop.conf, dovecot-lda.conf, dovecot-auth.conf
<mathiaz> ivoks: and then start relevant daemons with their own configuration files?
<ivoks> hm
<mathiaz> ivoks: would that help in our setup?
<Scunizi> is there a way to import or convert a vcard export from evolution's address book so I can import it into abook? thunderbird and abook don't import vcard files
<ivoks> mathiaz: we would just have more configuration files to add -postfix too :)
<ivoks> mathiaz: i wouldn't go there for jaunty
<ivoks> mathiaz: but we could explore that for +1
<pteague> this doesn't seem to be good :( http://pastebin.com/m55058262
<ivoks> pteague: that application isn't supported by ubuntu-server
<mathiaz> ivoks: ok
<ivoks> mathiaz: so, just for the record, this debdiff doesn't work :)
<ivoks> mathiaz: i'll provide a new one with some changes
<ivoks> should be up in next 24 hours
<Scunizi> nevermind .. found a site http://labs.brotherli.ch/vcfconvert/
<pteague> ok, then what should i use to monitor apache? or which ubuntu supports it?
<mathiaz> ivoks: awesome - thanks for taking up this task!
<ivoks> mathiaz: i hope this time it will get accepted :D
<ivoks> pteague: well, it works for me on 8.04
<ivoks> maybe you have high traffic?
<pteague> just installed a VM using intrepid... access.log is 51372 & error.log is 1109 ... not sure why that should cause a buffer overflow issue
<ivoks> i haven't tested it on intrepid
<ivoks> anyway, that's all from me for today
<ivoks> take care
<lirxis> hi - have just upgraded my server from 7.10 to 8.10 - now nothing works - no server app will start on boot and apache2 wont even start correctly :/
<ScottK> lirxis: Did you upgrade directly 7.10 or stepwise 7.10 -> 8.04 -> 8.10?
<ScottK> ... directly 7.10 to 8.10 ...
<lirxis> yes 7.10 to 8.04 then 8.10
<lirxis> to tell u the truth it worked pretty bad already in 8.04 so i thaught that maybe a upgrade to 8.10 would fix it but it just made it worse
 * ScottK looks around for someone who knows about Apache.
 * ScottK <-- mail server guy.
<lirxis> my mailserver dont works pretty good either now :/
<lirxis> when i got things to work in 8.04 i could not send any mails :/ its pretty bad here :P
<lirxis> i get this when reconfig:
<lirxis> Warning: found /etc/apparmor.d/force-complain/usr.sbin.mysqld, forcing complain mode
<orudie> hi, i just installed munin master and munin node , what is the difference between the two, and how do i use them ?
<Adri2000> orudie: you can install munin-node on multiple machines, and each node sends the data to one machine which has munin installed
<AndyGraybeal> well, i'm running my first 'fill' onto my tapes; feels good.
<AndyGraybeal> looks like my throughput is roughtly 9250KB/s
<orudie> what is the best way to install webmin on 8.10 server ?
<hads> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<rdw200169> orudie, you *can* do it from the webmin website, but, like ubottu says, it may cause problems :(
<orudie> i just installed munin and munin-node, trying http://myip/munin  no data there
<viezerd> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<orudie> viezerd, E: Couldn't find package .^ebox-.*.
<viezerd> try without that first point "." ;)
<viezerd> @orudie
<orudie> viezerd, http://pastebin.com/m6b9ff3f
<orudie> viezerd, ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<orudie> viezerd, ooops sorry
<orudie> viezerd, WARNING: the eBox package released with Ubuntu 8.10 (Intrepid Ibex) is broken and cannot be installed. See bug #255368 for information and unsupported workarounds.
<uvirtbot> Launchpad bug 255368 in ebox "ebox: Depends: libapache-authcookie-perl but it is not installable " [Undecided,Fix committed] https://launchpad.net/bugs/255368
<viezerd> hmmz, orudie ; drop that second point too --> sudo apt-get install ^ebox-.*
<viezerd> that did it for me
<viezerd> euh
<orudie> viezerd, they say its broken for 8.10 which is what i have
<viezerd> orudie: I am on 8.04 myselve
<kansan> how often would people reccomend taking snapshots (i.e. backups) of a file system with mysql on it?
<mathiaz> kansan: it depends on your backup policy. However you'd better use mysql tools to do a backup of your mysql server
<mathiaz> kansan: either mysqldump or mysqlhotcopy to make sure that you have a consistent backup of your mysql databases;
<genii> Yes, dumping the db to some exterior storage on a regular basis is the safest
<kansan> i'm going to
<kansan> with amazon's EBS snapshots
<kansan> but i dont know at what frequency i should run them
<kansan> nightly i think for starters
<genii> It depends on how much the data changes
<jmedina> I liked zrm backup
<jmedina> kansan: well, how worth is your data?
<kansan> how much is it worth
<kansan> its important
<kansan> heh
<kansan> could we lose a day?  ugh i donnao
<lirxis> Hi - upgraded my server from 7.10 to 8.10 today - but that resultet in some problems... First apache2 did not work but that is fixed now :) I can get access to the server through SSH but cant access the shell on the computer locally... And no server app is starting auto. on boot Any ideas how to fix this?
<maw_> in regards to local access, what errors do you see on console or in /var/log/messages or /var/log/auth?
<lirxis> wait a sec
#ubuntu-server 2009-02-11
<lirxis> nothing special what i can see :/
<lirxis> just normal logins through ssh and loading of RAM etc.
<jmedina> local access is logged in /var/log/auth.log and /var/log/user.log
<maw_> well something will be logged
<lirxis> Feb 11 00:27:01 thedomain CRON[10561]: pam_unix(cron:session): session closed for user skrisad
<lirxis> just a bunch of these
<lirxis> Feb 11 00:52:25 solkronet kernel: [  116.101860] type=1502 audit(1234309945.389:14): operation="inode_permission" requested_mask="::r" denied_mask="::r" fsuid=1
<lirxis> and that
<lirxis> well when i start the comp. and look locally it just shows alot of module loading stats for NET MAIL etc.
<lirxis> and when it has started it seems like only SSH starts up - webserver, mail and so on is not starting at all
<lirxis> except manually after
<lirxis> any idea?
<maw_> have you tried booting to single user mode and if so did that work?
<lirxis> and how do i do that - i am not familiar with "single user mode" :)
<maw_> are you sitting in front of the server right now?
<lirxis> i have ssh contact
<maw_> well then you can't boot to single user
<maw_> you need to see the boot loader
<lirxis> okay what do i have to do?
<lirxis> okay you meen recovery mode?
<maw_> how have you been testing local logins so far?
<lirxis> SSH
<maw_> .
<lirxis> no
<lirxis> sorry :P
<lirxis> im tired
<lirxis> i have access to the computer :)
<lirxis> but not right now
<maw_> ok, then it is hard for us to recreate the error right?
<lirxis> before i tested locally when i had access to it
<maw_> and when I previously asked "what is the message on console" you could have said "I don't know because I am not at the computer
<lirxis> well - we still have all the server apps wich do not startup..
<lirxis> well sorry dude
<maw_> working with the information you have provided it is difficult to know what the issue is
<lirxis> i tried to remember just how it looked
<maw_> the two messages you reported before are for 1) cron 2) a filesystem issue of some kind
<lirxis> okay
<maw_> I don't think either are related to your local access issue. But that is speculation as I haven't seen your /var/log/*
<lirxis> well the problem accured after upgrading to 8.10 :/
<lirxis> i can pastbin it
<maw_> ya that sucks... Personally, I have not done that upgrade and I am not aware of any specific issues
<lirxis> wich one do you want
<lirxis> yeah - and i was stupid enough to try it :P
<maw_> well messages would be good... and auth.log / user.log
<lirxis> okay
<lirxis> give me a sec
<lirxis> http://notisec.se/logg.txt
<lirxis> thats messages
<lirxis> auth and user has nothing of interest - just login logs from my SSH traffic and webmin logs
<lirxis> found anything?
<maw_> not really
<lirxis> ok :/
<lirxis> could it be something with bash?
<maw_> I haven't used auditd before
<maw_> but it is complaining about BIND trying to read from some folders
<lirxis> ok
<lirxis> yeah i can see
<maw_> it looks like auditd is blocking access to named
<maw_> but I am not too familiar with auditd
<lirxis> okay :S
<lirxis> but could that be the problem of all this?
<lirxis> should not that just affect the DNS server?
<maw_> I am not sure, is 7.10 > 8.10 a supported upgrade path?
<maw_> why did you skip 8.04 LTS?
<lirxis> i took first 8.04
<lirxis> but that didnt work either so i thought that maybe another upgrade would fix it if something went wrong
<lirxis> but no..
<maw_> so you had the same problem when you went 7.10 to 8.04?
<lirxis> yes
<maw_> ok so.. is named even running right now?
<maw_> ps aux | grep -i named
<maw_> sudo /etc/init.d/named status
<maw_> etc..
<maw_> if it isn't running what happens when you manually start it?
<lirxis> syslog    3884  0.0  0.1   2012   680 ?        Ss   00:52   0:00 /sbin/syslogd -a /var/lib/named/dev/log -u syslog
<lirxis> bind      3926  0.0  1.5  41132  8032 ?        Ssl  00:52   0:00 /usr/sbin/named -u bind -t /var/lib/named
<lirxis> cant find named
<jmedina> lirxis: you could disable apparmor just to check that everything works
<lirxis> maybe i dont have it installed
<lirxis> have alerady tried that :/
<lirxis> does mysql start when you start apache2?
<jmedina> yes we know
<jmedina> well install apparmor and then disable it, something went wrong
<lirxis> reinstall you meen?
<jmedina> your logs are filled with apparmor (audit) denied messages
<lirxis> okay..
<jmedina> can you check apparmor is running?
<lirxis> on my way
<jmedina>  /etc/init.d/apparmor status
<lirxis> Warning: found /etc/apparmor.d/force-complain/usr.sbin.clamd, forcing complain mode
<kansan> mv: inter-device move failed: `images/' to `/var/openx/images'; unable to remove target: Is a directory  (from ext3 => xfs) ... is this not allowed or somethign?
<lirxis> seems like it is not running at all
<lirxis> sorry
<lirxis> it did
<jmedina> is that all?
<jmedina> that is not a complet output from status
<lirxis> 4 profiles are loaded.
<lirxis> 0 profiles are in enforce mode.
<lirxis> 4 profiles are in complain mode.
<lirxis>    /usr/sbin/mysqld
<lirxis>    /usr/sbin/clamd
<lirxis>    /usr/bin/freshclam
<lirxis>    /usr/sbin/named
<lirxis> 2 processes have profiles defined.
<lirxis> 0 processes are in enforce mode :
<lirxis> 2 processes are in complain mode.
<lirxis>    /usr/sbin/named (3926)
<lirxis>    /usr/sbin/mysqld (4048)
<kansan> say i have a directory named /home/foo.  then say i create a new symbolic link named foo... and point it to /var/local/foo .... does this overwrite the local directory foo?  and if user does cd /home/foo they'll really be in /var/local/foo?
<jmedina> lirxis: disable apparmor
<lirxis> okay
<maxb> kansan: You can't overwrite a directory, you'd have to delete/rename it first
<lirxis> just stop it or disable it on boot
<jmedina> invoke-rc.d apparmor stop
<lirxis> okay
<jmedina> then restart your apps, like named
<jmedina> lirxis: there were some changes in the files used by named (afaik), I remember to change something about apparmor named profile, to match the paths I use
<jmedina> lirxis: and keep watching your logs
<lirxis> okay so I can try to reboot now?
<jmedina> reboot?
<jmedina> why?
<jmedina> it is linux
<lirxis> just so all apps get started =)
<jmedina> just restart your apps
<lirxis> yeah yeah :P
<jmedina> well if you want to fight with apparmor, customize their profiles, if not, just disable it permanently
<lirxis> dont know how many who has not been started
<jmedina> update-rc.d -f apparmor remove
<jmedina> and restart :D
<lirxis> okay i will do that and try then - then fix apparmor another day :P
<lirxis> wish me luck :P
<jmedina> luck is for newbies!!!
<jmedina> :D
<lirxis> haha :P
<lirxis> well said
<jmedina> good luck
<lirxis> ;)
<lirxis> remember that the only thing you will have to learn in life is to improvise ;)
<lirxis> works on jobs, when you study everywhere ;)
<lirxis> but improvisation combined with knolledge is the ultimate :)
<jmedina> well you can improvise your luck
<lirxis> haha :P yea
<lirxis> okay did not work
<jmedina> what?
<lirxis> but maybe i can add apache2 to start on boot somehow?
<Alysum> Hello - how do I check what port number my nfs server is running on so I can open the firewall? tahnks
<jmedina> lirxis: check that there is a S??apache2 file in /etc/rc2.d
<lirxis> ok
<Alysum> what options should I use with netstat?
<jmedina> Alysum: nfs doesnt open ports by itself, it is partport via rpc
<jmedina> rpcinfo
<lirxis> yes S91apache2
<jmedina> lirxis: what about apache logs?
<Alysum> what port is rpc ?
<jmedina> not, use rpcinfo
<Alysum> I did rpcinfo -p localhost
<Alysum> it says port 111 for portmapper
<Alysum> I suppose thats it
<jmedina> 111 is the portmapper port not nfs
<Alysum> nfs uses portmap
<lirxis> nothing in error.log
<jmedina> nfs use a range, they shoul be listed there, a port por nfsd, mountd, nfslock and probably otheres
<lirxis> looks like it is not even loaded..
<Alysum> oh yes I have a couple of nfs rows in rpcinfo
<jmedina> Alysum: nfs ports can change over the time
<Alysum> ok
<jmedina> you need to open a range or fix nfs ports, dont remeber where, probably in /etc/default/nfs-something
<Alysum> how come port 2049 is not listed in netstat -l ?
<Alysum> or maybe it doesnt actually listen?
<jmedina> is your nfs running?
<jmedina> you need to start nfs after portmap
<Alysum> yeah they are boh running
<kansan> is it legal to create symlinks across different volumes (if one is ext3 and the other is xfs)?
<Alysum> nf/etc/init.d/portmap restart
<Alysum> and /etc/init.d/nfs-kernel-server restart
<jmedina> kansan: I dont see the problem, they all use inodes :D it is everything they need to know
<soren> jmedina: symlinks do not refer to inodes. They refer to names.
<soren> kansan: That's completely fine.
<jmedina> soren: you are right, i confused with hard links
<jmedina> they do are the same inode with a different name
<Alysum> to NFS mount something you need to open portmapper and  nfs ports I believe?
<Alysum> which are 111 for portmapper and 2049 for nfs (by default)
<Alysum> but it still won't mount :( I get timeout
<Alysum> "NFS Portmap: RPC: Port mapper failure - RPC: Timed out"
<Alysum> any tips?
<Elite> Hey guys!
<twb> Alysum: does "rpcinfo -p" list nfs entries?
<Alysum> twb: yes
<twb> Alysum: which end is giving that error, the server or the client?
<Alysum> the client trying to mount it
<twb> Alysum: are both client and server running Ubuntu?
<Alysum> yep
<twb> OK, next I would check the firewall / networking between the two machines.
<Alysum> portmap 111 port and nfs port 2049 are open on firewall
<Alysum> ping works
<twb> Oh, you have a firewall between them.
<Alysum> not sure if mountd port needs to be open too ?
<twb> NFS uses a whole bunch of ports, IIRC.
<twb> According to unfs3's manpage, the MOUNT protocol also uses 2049 by default.
<Alysum> hmm that is well open...
<twb> I also see "-p Do not register with the portmapper. This will prevent other hosts from finding out the port numbers used for the MOUNT and NFS services by querying the portmap daemon. Clients will need to manually specify the port numbers to use (on Linux clients, use the mountport and port mount options)."
<twb> On a working box, I can see that statd is also in use on a high port (33641)
<twb> That might be for NIS, though; the box I'm looking at is both an NFS and NIS client, and an NFS server.
<Alysum> I dont have statd
<Alysum> rpcinfo has portmapper, status, nfs, mountd and nlockmgr
<twb> Alysum: I'm looking at "netstat -nap"
<twb> I have a whole bunch of rpc.statd port mappings.
<Alysum> OK FIXED
<Alysum> I had to open mountd port...
<Alysum> so thats 3 bloody ports that need open: portmapper, nfs and mountd
<Alysum> thanks
<twb> I'm amazed it worked with only those 3.
<twb> So just for my interest, you opened which ports on which host(s)?
<a1fa_> i am having issues doing do-release-upgrade on 7.04
<a1fa_> is it advisable to change sources manually and run dist-upgrade
<twb> a1fa_: there is an upgrade document somewhere that explains how to do it, and the known gotchas.
<twb> a1fa_: but what you described is the basic idea, yes.
<a1fa_> do-release-upgrade is trying to download amd64 sources for intel cpu
<a1fa_> ;P
<twb> All modern Intel CPUs are amd64 architecture.
<twb> The marketing name is EM64T
<Alysum> twb:  I opened the 3 ports on the nfs server
<twb> Alysum: and you have no firewall on the NFS client?
<Alysum> yeah there is but it's outgoing not incoming
<a1fa> so my cpu is XEON and I used AMD64 cd
<a1fa> would that create problems?
<a1fa> is there a special flavor for xeon now?
<twb> a1fa: if you can boot and install the AMD64 CD, then it is an AMD64 CPU.
<twb> a1fa: there may be a special flavour of the kernel, but there won't be for anything else -- the ROI of making Xeon-specific packages is negligible.
<a1fa> awesome
<a1fa> thanks
<orudie> how do i stop the mysql server ?
<Elite> use /etc/init.d/mysql stop
<hads> There's also invoke-rc.d which does the same thing
<Elite> Touche
<hads> I use it because on my system it's less characters to type :)
<Elite> I wanna start x on my server how can I do this?
<hads> You'll need to install some GUI packages
<Elite> I did sudo apt-get install xinit, what else do I need to do?
<hads> sudo apt-get install ubuntu-desktop will install GNOME etc. bear in mind that for help with GUI stuff you won't receieve much assistance here - it's mostly all command line people.
<Elite> Well what I wish to do is start up firefox to see if the server is properly connected to the net
<hads> heh, you don't need firefox for that.
<hads> ping google.com
<Elite> lol unknown host
<steelcityjim> good evening
<steelcityjim> Im looking for some help with 8.10 server
<steelcityjim> can anyone answer a few ?'s
<Elite> Hello.
<steelcityjim> hello elite
<steelcityjim> can anyone walk me through mounting a windows share drive?
<Elite> I only know a little about 8.10 whats up?
<steelcityjim> im new to ubuntu and linux
<steelcityjim> have installed the software and samba
<Elite> I can try it should be easy though
<steelcityjim> well for some reason im not seeing the largest partition of my hard drive
<steelcityjim> not sure if it did not get configured correctly upon installation
<steelcityjim> or if im not doing something correctly
<jmedina> steelcityjim: have you read this? https://help.ubuntu.com/community/MountWindowsSharesPermanently
<Elite> So you have a drive in your PC now you wish to share to windows computer?
<steelcityjim> yes
<steelcityjim> windows network
<steelcityjim> im adding a file server
<steelcityjim> i see the server on my windows netowrk
<steelcityjim> shows up under what i named it with samba on my windows pc
<steelcityjim> under my network places
<Elite> okay are you using ssh or a GUI?
<steelcityjim> niether
<steelcityjim> command line
<Elite> *sigh*
<steelcityjim> I have read the guis don't really do anything
<Elite> How do you connect to the server?
<steelcityjim> router
<Elite> no they really dont
<steelcityjim> dhcp
 * Elite facepalms
<steelcityjim> it configured upon install
<steelcityjim> it appears to have configured correctly from what I can tell
<steelcityjim> to the network that is
<Elite> Yes I know, do you plan to keep this machine on all the time?
<steelcityjim> yes
<Elite> I have mine on all the time since its in a 1U case that has a pinta front panel
<steelcityjim> if I reboot the server do I have to restart samba manually
<steelcityjim> im assuming with the standard install I do
<steelcityjim> is that correct?
<jtaji> steelcityjim: it will be set to start when the computer boots
<steelcityjim> without modifying any of the files?
<Elite> Yes all you have to do is reboot
<steelcityjim> ok cool
<steelcityjim> now I tried the sudo fdisk -i command
<steelcityjim> and i believe it only showed me the os partitions
<orudie> i just did mv dir/ /anotherdir , and the content disapeard :(
<steelcityjim> I appear to be missing 66 gb of my drive
<steelcityjim> when I was installing im pretty sure it said partition #5
<steelcityjim> would be the 66 gb
<Elite> then it should be /dev/sda0s5
<Elite> do cd /dev/sda0s5
<hads> Erm, what?
<steelcityjim> ok so i just type cd/dev/sda0s5
<Elite> Would it not be?
<steelcityjim> let me try
<hads> No, it wouldn't be.
<Elite> or /dev/hda5?
<hads> Be careful with what you're doing, you have the ability to destroy your data.
<hads> /dev/ is where your devices are, you can't change directory to a device.
<Elite> gah!
<Elite> damn BSD lol
<steelcityjim> yea that did not work
<steelcityjim> I got no data on here yet
<steelcityjim> ok how do i find this damn drive
<Elite> hads
<hads> Yes?
<Elite> I'm stumped lol
<hads> You want to know what device your drive is? It will likely be /dev/sda if you only have one drive.
<Elite> Will it be in /Volumes/ or will it be /mnt/ ?
<orudie> !mtr
<ubottu> Sorry, I don't know anything about mtr
<steelcityjim> so do i do sudo fdisk /dev/sda5
<steelcityjim> only one drive in the unit now with 80 gig hd
<Elite> yes do that
<hads> No, sda5 is a partition.
<hads> sda is the drive.
<steelcityjim> ok so....sudo fdsik /dev/sda
<Elite> Try it lol
<steelcityjim> wow that confident huh
<Elite> I don't use fdisk that much in fact the last time I used ssh to do anything to my server as far as setup was a month and a half ago lol
<steelcityjim> ok im guessing this ain't good
<steelcityjim> the number of cylinders for this disk is set to 165398
<steelcityjim> there is nothing wrong with that, but this is larger than 1024 and could in certain setups cause problems with
<steelcityjim> 1.  softwarre that runs boot time
<steelcityjim> 2. booting and partiionig software from other oss
<steelcityjim> command (m for help)
<steelcityjim> what does it mean basil?
<Elite> You use SWAT?
<Elite> !SWAT
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and http://help.ubuntu.com/ubuntu/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<steelcityjim> partition 5  head 255 greater than max 15
<steelcityjim> partition 7 head 255 greater than max 15
<steelcityjim> partition 8 head 255 greater than max 15
<steelcityjim> 5413 unallocated sectors
<steelcityjim> what is the swat command?
<steelcityjim> I can do that from a client in explorer correct?
<Elite> Yes you can, you have to install it first
<steelcityjim> on the client or the server?
<Elite> Server
<steelcityjim> sudo apt-get install swat?
<Elite> I thihnk so
<steelcityjim> ok swats in
<steelcityjim> now what?
<steelcityjim> what is my browser address/
<Elite> got to http://192.168.xxx.xxx:901 in your browser, obviously the 192.168.xxx.xxx being the servers lan address
<Elite> no the servers address
<Elite> I have my lan manually IP set for my internet sharing so my server it http://192.168.0.100:901 for SWAT
<steelcityjim> mfer
<steelcityjim> is it ipconfig to find your ip address
<Elite> no its ifconfig
<steelcityjim> imust not have the correct ip address
<steelcityjim> nothing is happening
<Elite> have a screenshot?
<steelcityjim> its timing out
<steelcityjim> ip address aint' right
<Elite> What is ifconfig telling you?
<d-b> hi there i can't seem to get ubuntu server to find my sata disk, the debian installer finds it but no the ubuntu server one - i have tried the normal and the advanced.. both do not detect it
<_ruben> fancy hardware ?
<d-b> _ruben: i doubt it
<d-b> its seagate on a generic intel motherboard
<d-b> http://pastebin.com/d41a34074
<_ruben> ich6 shouldnt be that exotic indeed .. strange
<_ruben> does the installer not detect it, or not even the kernel?
<d-b> _ruben: should i try again maybe ?
<d-b> i'm not sure about the kernel. i didn't stick around to test it. i have run ubuntu on this box before, but didnt' want to burn the alt cd to get encryption as i already have this server cd.
<_ruben> i'd try again, and if the installer complains about no disks, drop to a shell (on one of the virtual consoles) and check the bootlogs
<d-b> nar it finds my other disk.
<d-b> will do that now.
<d-b> nar it detects my hardware but "can't activate it"
<d-b> what ever that means
<d-b> do you think the alt install will work ?
<junhui> Hi.  Any website that discusses on the recent hacking of zone-h.org?  It's uname is "Linux ubuntu... server...", which is a visible negative impact.  A news report says its DNS has been wrongly modified to point to the wrong IP address.
<d-b> junhui: is this related to the ddos attack against metasploit ?
<d-b> and other such sites
<junhui> d-b: no.  sorry, i didn't know I'm off-topic.  you guys have fun.
<uvirtbot> New bug: #327945 in mysql-dfsg-5.0 (main) "mysql-dfsg-5.0" [Undecided,New] https://launchpad.net/bugs/327945
 * junhui is resisting joke on Bug #1.
<kraut> moin
<zed> hi there
<zed> I have a strange problem with creating a swap partition.
<zed> I have created the partition with fdisk:
<zed> /dev/sda3              31         611     4666882+  82  Linux swap / Solaris
<zed> but when trying to mkswap /dev/sda3 I have => /dev/sda3: Device or resource busy
<_ruben> perhaps its already mounted or in use as swap?
<zed> not according to /proc/swaps, it's empty
<zed> i'm running ubuntu 8.04.2
<zed> (it works if i do it on an image file so there's something related to the partition table or something like this
<zed> i already rebooted the node but nothing changes
<d-b> mm _ruben yeah i got it working with 8.04
<ivoks> lamont: in jaunty, on removal, postfix doesn't remove /var/lib/postfix cause of master.lock file in it (owned by postfix)
<lamont> ivoks: --> debian or launchpad bts pls
<lamont> iz bug
<ivoks> ok
<shally87> hi what the link for paste bin?
<shally87> i need help
<Deeps> !paste | shally87
<ubottu> shally87: pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<henriquelm> Hello there
<henriquelm> Can you guys tell me how can I get the "remote connections" to start working from the logon screen?
<shally87-2> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<shally87-2> this occur when i dig my bind server
<shally87-2> http://paste.ubuntu.com/116780/
<shally87-2> there is the servfail part
<shally87-2> i guess it is not functioning
<shally87-2> how to fix that?
<shally87-2> I'm running virtual box with 4 ubuntu 8.04 for dns,lamp, mail and host
<shally87-2> then the ip for all the nameserver and mail server  , www is 10.0.2.15
<shally87-2> and i follow the guide from http://ubuntuforums.org/showthread.php?t=236093
<shally87-2> hope got fix for this
<uvirtbot> New bug: #328057 in nut (universe) "virtualbox's udev rule overwrite nut rule about group owner" [Undecided,New] https://launchpad.net/bugs/328057
<rgl> hi
<rgl> how can I set the dnsdomainname?
<ivoks> in /etc/hosts
<ivoks> IP hostname.domainname
<ivoks> for example:
<ivoks> 127.0.1.1 jaunty64.init.lan jaunty64
<rgl> it still does not work :(
<rgl> I have to replace 127.0.1.1 with the real ip?
<rgl> reboot?
<_ruben> no and no
<rgl> how can I known why its not working?
<_ruben> how you determine its not working ?
<rgl> the result of the dnsdomainname command is empty
<ivoks> what are first two lines in /etc/hosts?
<rgl> oh, adding "search test" into /etc/resolv.conf did the trick
<rgl> now dnsdomainname return "test"
<ivoks> that's not it
<ivoks> what are the first two lines in /etc/hosts?
<rgl> oh.  what is it then?
<rgl> 127.0.0.1       localhost
<rgl> the the same for IPv6
<ivoks> so, you didn't add 127.0.1.1?
<rgl> no
<rgl> that didn't work
<rgl> I tried.
<ivoks> atm, your host doesn't know how to resolv it self
<ivoks> what's in /etc/hostname
<ivoks> ?
<rgl> the only thing that seems to work is changing resolv.conf
<rgl> plesk
<rgl> its "plesk"
<ivoks> try pinging plesk
<rgl> works
<ivoks> probably cause it resolvs over some other mechanism
<rgl> it tries to resolv "plesk.test" which resolves fine.
<ivoks> your /etc/hosts must contain:
<ivoks> 127.0.0.1 localhost
<ivoks> ip_of_computer hostname.domain hostname
<ivoks> where ip_of_computer is regular ip, or 127.0.1.1
<rgl> my host.conf has the default settings: order hosts,bind and multi on
<ivoks> i give up
<rgl> you asked what other mecanism it tried.  I guessed you wanted to see hosts.conf;  which contains the other mechanisms, no=
<rgl> ?
<ivoks> 14:42 < ivoks> your /etc/hosts must contain:
<ivoks> i never ever mentioned /etc/host.conf
<rgl> you didn't.  but thats not how we configure the mechanims for the local resolver?
<ivoks> so, there you go, it resolved over DNS
<ivoks> not hosts
<ivoks> cause there's no plesk in hosts
<rgl> ok, I understand now.
<rgl> thanks!
<rgl> the 127.0.1.1 is a special IP address that the local resolv understands as "name of the local host"?
<Deeps> 127.* is localhost
<rgl> yes, 127/8 is the localhost network.  though, only the particular 127.0.1.1 seems to trigger some special behaviour on the local dns resolver
<rgl> is this some convention?
<ivoks> ?
<ivoks> for example:
<ivoks> 127.52.34.89 jaunty64.init.lan jaunty64
<ivoks> this is exactly the same as 127.0.1.1
<ivoks> 127.0.1.1 is 'random' address
<ivoks> it could've been any other from 127/8
<ivoks> it just easier to remember it than 127.234.12.16
<rgl> indeed.  I've tried with127.0.0.1 and it works fine too.
<ivoks> but don't use 127.0.0.1
<ivoks> you already have 127.0.0.1 in /etc/hosts
<Nash_13> ayuda
<rgl> I've changed it to: 127.0.0.1       plesk.test plesk localhost
<Nash_13> help
<_ruben> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<ivoks> you can do that, it you want plesk to resolv on localhost, right
<Nash_13> I need to configure two network cards
<Nash_13> in the server
<_ruben> edit /etc/network/interfaces
<Nash_13> _ruben, I have a problem
 * _ruben activates his psychic ability
<Deeps> _ruben: what number am i thinking of?
<_ruben> 69
<ivoks> :)
<Nash_13> _ruben, when I configure the two interaces with all, I can not conect to internet
<Deeps> _ruben: wow
<ivoks> all men think of 69
<ivoks> :D
<ivoks> Nash_13: how did you configure them?
<Nash_13> ivoks, I configure the interfaces for the two network card
<_ruben> my guess: 2 default gateways, one for each interface
<_ruben> put your interfaces file on a pastebin site
<Nash_13> _ruben, when I do that I can not conect to internet wiht mi public IP
<Nash_13> ivoks, a friend tell me that I have to eliminate a gateway for can conect to internet
<_ruben> no need to "activate" those setting .. just put the settings you used on a pastebin (as in: instead of editing the interfaces file, type the text in a pastebin site)
<Nash_13> _ruben, ok wait
<_ruben> we cant determine what you're doing wrong without knowing what you've tried ;)
<Nash_13> _ruben, ok I will public that now
<Nash_13> _ruben, http://pastebin.ubuntu.com/116835
<Nash_13> ivoks, here is my interfaces configuration http://pastebin.ubuntu.com/116835
<ivoks> put a tab in front of all lines, except those that start with auto or iface
<ivoks> http://pastebin.ubuntu.com/116837/
<Nash_13> ivoks, what is for???
<ivoks> ?
<Nash_13> ivoks, the tab in front.....
<ivoks> that's a syntax of network/interfaces file
<Nash_13> ivoks, but that configuration have not a error
<ivoks> i don't see anything wrong with configuration
<ivoks> if you are router for 192.168.180.0 network
<ivoks> bah, strike that :)
<ivoks> everything is ok
<Nash_13> ivoks, but the computer in mi LAN can not see the server
<Nash_13> ivoks, my public IP is eth0 and the other is mi IP in the LAN
<ivoks> ok
<ivoks> and you want to be gateway for your local network?
<Nash_13> ivoks, and the computer in my LAN can see my server
<Nash_13> ivoks, no
<Nash_13> ivoks, in this server I have a ftp server and jabber
<Nash_13> ivoks, I whant to have mi public IP to conect to internet and the other for the computer in mi LAN acced to my server ftp and jabber
<kinnaz> is there anything like guardgod is for gui, building firewalls with iptables smt ncurses based for example
<_ruben> there's ufw, but that aint ncurses based though
<kinnaz> was just wondering
<kinnaz> really should learn iptables more and write my own firewalls
<_ruben> indeed ;)
<kinnaz> rather then use some interface to generate rules
<kinnaz> the basic things are quite easy
<kinnaz> but as it gets complex
<kinnaz> it gets complex :P
<Nash_13> _ruben, I eliminate the firewall and all
<Nash_13> _ruben, I donÂ´t know but I think that the problem is the configuration
<Nash_13> _ruben, I have to eliminate the gateway to my lan for can conect my public IP to internet
<Nash_13> _ruben, and I think that is the problem
<Nash_13> _ruben, for my lan can see my server
<_ruben> Nash_13: there's only 1 gateway defined in your pastebin, whcih seems ok
<_ruben> eth0 is hooked up to the internet i assume? :)
<Nash_13> _ruben, yes
<Nash_13> _R
<Nash_13> r
<Nash_13> _ruben, and eth1 is my lan
<_ruben> and you cant ping the gateway (200.55.167.1
<_ruben> ) with that config
<Nash_13> _ruben, yes
<_ruben> you sure the cabling is ok and that the gateway allows to be pinged?
<Nash_13> _ruben, I can not see mi lan
<ivoks> you don't see internet or...
<_ruben> i thouhgt you couldnt connect to the internet
<ivoks> ....you can't reslove hostname?
 * _ruben *confused*
<Nash_13> _ruben, my lan can see the lan yet
<_ruben> now im even more confused
<ivoks> Nash_13: what's your native language?
<Nash_13> _ruben, shut
<ivoks> pourtougese?
<Nash_13> ivoks, spanish why???
<ivoks> maybe would be easier if you ask in ubuntu-es
<ivoks> or if someone here speaks spanish
<ivoks> anybody?
<Nash_13> ivoks, well I donÂ´t practice
<ivoks> ok...
<Nash_13> ivoks, that is the point
<ivoks> so, once you set up interfaces as described, you can't access to lan or you don't have access to internet?
<Nash_13> ivoks, but I undertand and read fine
<Nash_13> ivoks, the problem es wirte it
<ivoks> i have the same problem, so, we'll try to figure out something :)
<Nash_13> ivoks, the computer of my lan can not see my server that is the problem
<ivoks> but the server does have access to internet?
<Nash_13> ivoks, yes
<ivoks> are you loged in to your server?
<Nash_13> ivoks, I have internet with my public IP
<Nash_13> ivoks, yes
<ivoks> it would be easier if you could set network
<ivoks> and then we will debug
<Nash_13> ivoks, where
<ivoks> set up network as you pasted on pastebin
<ivoks> reboot the server
<ivoks> and then log in on server and get back here
<ivoks> on irc
<ivoks> could you do that?
<Nash_13> ivoks, ok wait
<Nash_13> ivoks, I back
<ivoks> great
<ivoks> so, you have access to the internet, but not to your lan?
<ivoks> (from server)
<Nash_13> ivoks, yes
<Ng> soren: could I draw your attention to bug #328093 please? :)
<uvirtbot> Launchpad bug 328093 in libvirt "[jaunty] upgrade to 0.6.0 leaves a non-working libvirtd" [Undecided,Confirmed] https://launchpad.net/bugs/328093
<ivoks> ok, paste the output of 'ifconfig' on pastebin
<Nash_13> ivoks, and I can acced to my land too
<ivoks> you can?
<ivoks> so, then it's working?
<Nash_13> ivoks, yes but exist a problem?'
<shally87> how do i install ebox in lamp?
<ivoks> what is the problem now?
<Nash_13> ivoks, my subnetwork can not see my server
<shally87> just want to know the apt-get command..
<shally87> oh dont mind.. i got it while googling
<ivoks> Nash_13: what is your subnetwork?
<Nash_13> ivoks, sorry the network that are under my
<Nash_13> ivoks, I donÂ´t know how write it
<soren> Ng: Gah...
<uvirtbot> New bug: #328090 in libapache2-mod-perl2 (main) "libapache2-mod-perl2 does not depend on libbsd-resource-perl" [Undecided,New] https://launchpad.net/bugs/328090
<ivoks> Nash_13: paste the output of 'ifconfig' to paste.ubuntu.com
<Nash_13> ivoks, ok
<Nash_13> http://pastebin.ubuntu.com/116852
<ivoks> Nash_13: ok, this looks ok
<ivoks> Nash_13: what's the IP of 'subnetwork'?
<Nash_13> ivoks, my lan is 192.168.180.21
<soren> Ng: Darn it, my bad. I'll fix straight away.
<Nash_13> ivoks, and my subnetwork are 192.168.181.* and other
<ivoks> Nash_13: ah, that's the problem...
<Ng> soren: great! we've just quickly worked around by changing libvirtd.conf to use the old group, but I'll revert that when there's a new package and make sure the upgrade works :)
<ivoks> Nash_13: what's the gateway for 192.168.181.*?
<soren> Ng: libvirtd should continue to be the right name of the group.
<Ng> soren: ah good :)
<Nash_13> ivoks, I eliminate the gateway because, with that I can conect to internet with my public ip
<Nash_13> ivoks, I find that the two gateway cause problem
<ivoks> Nash_13: i understand that, my question is 'what's the gateway between 192.168.180.* and 192.168.181.*?'
<ivoks> Nash_13: two default gateways, yes; but ubuntu can have lots of gateways for other subnets
<ivoks> Nash_13: for example: route add -net 192.168.181.0/24 gw IP_of_gateway
<Nash_13> ivoks, yes but if I put a gateway I can not conect to internet
<soren> Ng: Just chaning the name in libvirtd.conf fixed it for you, right?
<soren> changing, even.
<ivoks> Nash_13: just tell me the IP of gateway and shut up :)
<Ng> soren: yeah, just changing the group from "libvirt" to libvirtd"
<Nash_13> ivoks, my gateway for this net is 192.168.180.22
<ivoks> Nash_13: this is what you need: http://pastebin.ubuntu.com/116857/
<soren> Ng: Fixed.
<soren> Ng: Thanks for the pointer!
<Nash_13> ivoks, what do the line in the end
<Fenix|work> Greetings and salutations!
<ivoks> Nash_13: adds gatway for 192.168.181.0/24 network
<ivoks> Nash_13: that's not the same as two default gateways
<ivoks> Nash_13: you can try it by your self
<ivoks> Nash_13: run: route add -net 192.168.181.0/24 gw 192.168.180.22
<ivoks> Nash_13: and everything will work out
<Nash_13> ivoks, thanks
<ivoks> bbl
<Nash_13> ivoks, that is another way to put that
<Fenix|work> I need some help with cvs on ubuntu-server ...  All users are members of the cvsusers group, but when new directories are included into the repository the permissions are 750 preventing the creation of a LOCK file on checkout ... is there a default umask or something that sets these permissions?
<Ng> soren: thanks for the quick fix
<orudie> is there such thing is Banner templates ?
<orudie> sorry wrong channel
<genii> Fenix|work: Try to see if the command argument given in xinetd directive which starts cvs has -w (create new files in writable mode)
<Fenix|work> genii, -w covers directories as well as files?
<AnRkey> where is the default bash alias list/file?
<AnRkey> i want to copy it to my root profile so that tab completion works as shown here >> http://ubuntuforums.org/showthread.php?t=190445
<AnRkey> 8.04.2 server
<jtaji> AnRkey: /etc/bash.bashrc , the 3 lines you need to uncomment should already be there
<ivoks> and you need bash-completition package
 * jtaji nods
<ivoks> bash-completion
 * AnRkey scurries off to try it all
<maswan> Is there a good reason why MAXNS is only 3 (resolv.conf)?
<maswan> ah, there is already a bug on it
<AnRkey> hmm, funny it wasnt uncommented
<AnRkey> nice, thanks guys
<AnRkey> i'm so happy now ;)
<genii> Fenix|work: Apologies on lag, work required me. I'm not currently running cvs server so can't test about the dir creation mode, unfortunately.
<Fenix|work> genii, I think I've identified how to fix it... in cvsd.conf there's a Umask value... the cvs admin set it to 027, I've since changed it to 007
<genii> Fenix|work: Ah, nice detective work
<leonel> scottK  wow  !!!  Just  read  https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions    for clamav ..
<ScottK> leonel: Yes.  We got that approved by the tech board.
<leonel> scottK remember  If you need help to test or any work related to clamav     just let me know
<ScottK> leonel: We also got clamav updated in Hardy.
<ScottK> leonel: Do you have Dapper you can do backport testing on?
<leonel> the hardy version to dapper ?
<leonel> scottK ?
<ScottK> There's a version in the PPA for Dapper already.
<ScottK> I still need to upload rdepends.
<leonel> scottK ppa  url ?
<ScottK> leonel: https://launchpad.net/~ubuntu-clamav/+archive/ppa
<ScottK> leonel: One hard task I know needs doing is looking at the php-clamavlib 0.13 changes for clamav 0.94 integration and backporting them to the php-clamavlib 0.12 in Dapper.
<ScottK> I don't know if you're up for that, but I need to find someone who codes a bit to do that.
<leonel> I hate php  but I can take a look
<ScottK> Great.
<ScottK> leonel: If you diff the php-clamav libs in hardy-updates and hardy-backports that should give you an idea.
<leonel> ok
<ScottK> Thanks.
<chmac> Does an application need to be written to support PAE memory? Or can any standard 32 bit app take advantage of the extra memory available via PAE?
<leonel> scottK  is to backport  clamav 0.94.2 to dapper  right ??
<ScottK> leonel: Yes.
<ball> chmac: if anything it'd just be a recompile I 'd have thought.
<leonel> scottK  ok  added to my  to do  list
<chmac> ball: Hmm, ok. I'm considering a 32bit PAE kernel versus a 64 bit kernel.
<chmac> Somebody told me that most applications are not written to support PAE, so they won't be able to access the additional memory. In which case, it's a waste of time going the PAE route.
<ScottK> leonel: Thanks.  We'll get 0.95 probably next month and it will break everything again, so best we get 0.94 to Dapper so we don't have so many versions ....
<leonel> scottK ok
<ball> chmac: I suppose it depends how the address mapping is done.  Do apps live in a 32-bit virtual address space that maps to the physical address space?  Perhaps the kernel takes care of that for the app and the app itself never knows.
<Kartagis> ScottK, FYI, I got dovecot to offer me the right certificate
<ScottK> Great.
<ball> chmac: My guess is the kernel needs to know and the apps don't care.
<chmac> ball: I'd guess that PAE does something like that, so the apps don't need to know. But jrusso2 suggested different here: http://ubuntuforums.org/showthread.php?t=1042318
 * chmac re-reads the wikipedia PAE Page
<ball> chmac: is jrusso2 a kernel hacker?
<chmac> ball: No idea, 1'583 posts on the forusm though :)
<Kartagis> ScottK, can you help me with horde/imp?
<chmac> Ok, so from the wikipedia article I'm guessing that PAE is a kernel hack and applications don't need to know anything about it http://en.wikipedia.org/wiki/Physical_Address_Extension
<ball> PAE's a cludge anyway
<maswan> Yeah, but PAE still limits individual processes to 32-bit adressing. But really, you want to run a 64-bit kernel anyway.
<ball> maswan: for most applications, 4 Gbytes "should be enough" ;-)
<ball> hello centaur5
<centaur5> Hi ball
<ball> hello mdeslaur
<mdeslaur> hello ball
<kirkland> anyone around here minding giving http://revu.ubuntuwire.com/p/phoronix-test-suite a REVU?
<LeoWei> hi
<LeoWei> i've installed my LAMP server and phpmyadmin
<LeoWei> and change the root to home/user/public_html
<LeoWei> how do i access the phpmyadmin installation and the ebox?
<LeoWei> what is it's path
<genii> There's ...just ..so many things ...wrong with that ...
<LeoWei> hat you mean genii
<LeoWei> What you mean genii
<dnperfors> /w/wx
<palt> Anyone knows of a simple yet powerful backup system. It will be used to take backup of a couple of linux servers :)
<jmedina> bacula
<palt> I have looked at bacula, and amanda but they seem quite complicated to setup
<palt> bacule seems to be everything but the kitchen sink :)
<palt> I could probably use some time to learn it, but I don't need a too advanced system :)
<ScottK> Kartagis: No, sorry.  I'm not familiar with those.
<AnRkey> is there a way to import ubuntu os iso's into apt-proxy caches?
<ivoks> use apt-cacher
<ivoks> instead of apt-proxy
<AnRkey> is that a tool or an apt-proxy replacement
<AnRkey> ah ok thanks
<AnRkey> different port?
<AnRkey> hmm, i could use one for the install and the other for updates
<ball> kirkland: are you around?
<kirkland> ball: hello
<ball> kirkland: I don't know whether you're interested in such an old data point, but I'm about to install Ubuntu Server on an old Dell box and will happily test APM suspend and resume for you.
<ball> ...not sure this qualifies as a server, but that's what I'm installing: Dell OptiPlex GX1
<kirkland> ball: sure, sounds good to me
 * kirkland needs to setup a wiki page for results
<AnRkey> ivoks: i'm pretty sure that import script is not going to work with the squashfs on the iso. this is nothing to work around though. Thanks very much for this info!
<ivoks> doesn't ubuntu-server store packages without squashfs?
<AnRkey> hmm, dono... checking
<ivoks> kirkland: hibernation works on dell t300
<kirkland> ivoks: and resume?  :-)
<ivoks> kirkland: and freq. scaling, even though it can scale from 2000 to 2500mhz :D
<ivoks> kirkland: and resume too
<kirkland> ivoks: have you tried suspend
<kirkland> ivoks: cool
<ivoks> i 'tried'
<ivoks> suspend command didn't do anything, so... i guess it doesn't work or isn't supported
<ball> This box predates SpeedStep
<AnRkey> ivoks: u'r right server does not seem to use squashfs
<ball> This will take me an hour to download, so I'm off to do the dishes.
<ball> Back later.
<AnRkey> i need desktop too though so gonna extraxt the iso and squashfs for that manually
<AnRkey> ball, i feel for u mate, just finnished ours
<AnRkey> man i hate doing dishes
<AnRkey> bah
<flyingsquirrel32> How do I modify my dhcp.conf to make my LTSP install work with a single nic?
<crackintosh_> I am having a hard time mounting a usb drive. I am able to read/write via gnome, but not via command line, which is where i need it for a shell script
<ball> crackintosh_: what error do you get?
<Rafael> i am getting error E: Couldn't find package â^ebox-.*â
<Rafael>  intalling ebox...any help on what this means
<Deeps> try again, copy and paste: apt-get install ^ebox-.*
<Rafael> Deeps: Thanks
<Faust-C> anyone know how to create a local update server?
<ivoks> yes
<erichammond> Faust-C: http://www.ubuntu.com/getubuntu/mirror
<ivoks> apt-cacher
<ivoks> apt-cacher isn't actually local update server, but a cache server
<ivoks> it caches downloaded packages
<ivoks> it doesn't pushes updates
<ivoks> s/pushes/push
<mathiaz> ivoks: I'm looking at your dovecot-postfix debdiff
<ivoks> mathiaz: ok
<mathiaz> ivoks: I'm also considering merging the latest version for upstream
<mathiaz> ivoks: debian is at 1.1.9 in experimental while upstream is at 1.1.11
<ivoks> that would be wise, yes
<ivoks> i would go with upstream
<ivoks> minor versions are just bug fixes
<Faust-C> ivoks: erichammond ty
<Faust-C> wait lol
<ivoks> kirkland: so, how does one suspend a server?
<ivoks> kirkland: pm-suspend? :)
<kirkland> ivoks: ack
<kirkland> ivoks: and i'm using wakeonlan to wake it back up
<ivoks> it won't do anything once i call pm-suspend
<ivoks> i wake mine with impi :D
<kirkland> ivoks: nice ;-)
<ivoks> ipmi
<kirkland> ivoks: "won't do anything" ... ?
<ivoks> running pm-suspend doesn't do anything
<ivoks> exit status 1
<ivoks> hm...
<ivoks> looks like i'm missing do_suspend
<ivoks> write(1, "do_suspend: not found\n"..., 22) = 22
<VK7HSE> What tests are required for a server system to be listed in the Validated Hardware list ???
<ivoks> i must admit, at first i was sceptical about hibernating servers, but i really like that idea
<ivoks> that was a good catch, kirkland
<VK7HSE> As I'm using an IBM eServer220 8646-4AX with ubuntu-server 8.10 and all is working a treat! however, 8.04LTS wouldn't detect the Serveraid 4lx card!
<ivoks> it didn't work on 8.04?
<ivoks> that old controller?
<ivoks> CONFIG_SCSI_IPS=m
<ivoks> it should work in 8.04
<avtarr> hi, if i modify the PATH variable in /etc/environment shouldn't that affect the PATH when using sudo?
<ivoks> 'night
#ubuntu-server 2009-02-12
<VK7HSE> ivoks: No as it wouldn't find the raid serveraid card!
 * twb is extremely Not A Fan of hardware raid.
<twb> It's like an RDBMS: sometimes you gotta use it, but no matter what it's gonna hurt.
<steeljim> can someone help assist in setting up a windows share drive
<steeljim> just installed 8.10 and samba
<steeljim> did fdisk -l command and the drive is /dev/sda5
<twb> Try #samba?
<twb> That is, if nobody responds here.
<twb> (I don't know about Samba.)
<steeljim> however it looks as if drives are duplicated
<steeljim> I have sda1 ,2,5,6,7,8
<steeljim> anyone?
<steeljim> what are your first steps in sharing a drive?
<ScottK> This channel is typically very quiet outside of the US/European business day.
<steeljim> scott you any good with 8.10 setups?
<ScottK> Not with Samba and Windows shares, no.
<twb> If it's anything like NFS, you'll need to add an export stanza [foo] to /etc/samba/smb.conf and mention at least the path being exported, and the hosts to which it is exported.
<twb> Samba is made excitingly annoying by needing a login account on the server for every machine that wants to mount the share, IIRC.
<twb> I don't know if that's handled automagically; I imagine it is *if* you're using the default files/compat auth method (as opposed to, say, LDAP).
<cameronh> i've been doing some testing of various apps.. is there any way to clean up /etc of config files for things which are no longer installed?
<ScottK> cameronh: Purge them when you remove them and don't just remove them is the way.
<cameronh> ScottK: noted :) given that i've already made the mistake, do i have to reinstall the apps i didn't want to purge them?
<ScottK> Yes.
<hads> You can aptitude purge them
<hads> Without reinstall
<ScottK> OK.  I don't generally use aptitude.
<hads> Something along the lines of aptitude purge `dpkg -l | egrep -v "^ii" | cut -f 3 -d ' '`
<hads> But don't just run that without checking :)
<ScottK> cameronh: Whatever you do, don't manually delete them.  That's telling dpkg you don't want those files even if the package is installed again later.
<cameronh> hmm okay
<cameronh> luckily it's just a test vm anyway, so i'll probably re-create it before finalising it (replacing my home network's server with ubuntu-server)
<cameronh> is etckeeper worth using? Looks like it tracks /etc changes with git
<ScottK> I haven't used it.  Some people really like it.
<ScottK> It does have options for using different VCS.
<uzair> hi all. anyone successfully seup open vpn before?
<uzair> *setup
<twb> 13:49 <cameronh> ScottK: noted :) given that i've already made the mistake, do i have to reinstall the apps i didn't want to purge them?
<twb> No: sudo aptitude purge ~c
<twb> ~c matches packages that are configured, but not installed (i.e. only their config files remain, i.e. they were removed, but not purged).
<twb> (Patterns are one thing that makes aptitude a useful addition to apt-get.)
 * ScottK has had aptitude decide removing half his system was the 'best' answer one to many times.
<hads> twb: Nice, that's useful to know :)
<twb> ScottK: that is why you don't use -y without caution :-)
<twb> ScottK: cf. "aptitude why"
<twb> A pattern I often use is ~i!~M, which matches packages that were explicitly installed.
<twb> i.e. it hides packages that are needed for something else.
<ScottK> I do use aptitude why and sometimes try it to see what it suggests, but don't generally let it actually touch the state of my system.
<agampher> hey guys, quick question, if i wanted to burn a cd over ssh, whats the best way to go about it?
<agampher> like, throw all the stuff in a folder, create an iso then burn it
<sloopy> how do i install the madwifi drivers in 8.10? same way as 8.04?
<sloopy> hmmm slow night
<VK7HSE> steeljim: still here ???
<roy_hobbs> Hey I just install 8.04.2 and selected LAMP during the install.  I have a blank /etc/apache2/httpd.conf file
<hads> Normal
<hads> ls -l /etc/apache2/
<roy_hobbs> without the l: apache2.conf  conf.d  envvars  httpd.conf  mods-available  mods-enabled  ports.conf  sites-available  sites-enabled
<hads> Yeah I know what's in there.
<hads> I meant for you :)
<roy_hobbs> Well, another problem.  Shouldn't I be able to use https by default as well?
<hads> http://doc.ubuntu.com/ubuntu/serverguide/C/httpd.html
<twb> hads: is that available as an A4 PDF?
<twb> I assume it's a debiandoc or docbook source somewhere, but I'm too lazy to build it myself :-)
<pschulz01> Greetings.. Anyone here know how kernel headers are configured?
<pschulz01> I was able to compile an application on my laptop whoch found headers in /lib/modules/2.6.27-11-generic/build (just a bunch of links)
<pschulz01> The other server that I'm trying to install the app. on doesn't have these links.
<pschulz01> I must have done something to set this up (in the past) but I don;t know what that was.
<genii> pschulz01: linux-headers-$(uname -r)
<hads> linux-headers-generic should pull it in too
<pschulz01> genii: Did that..
<pschulz01> genii: no dice.
<pschulz01> So.. I have two systems.. one which have links in /lib/modules/$(uname -r)/build and the other doesn't.
<pschulz01> both systems have the kernel-headers- package installed.
<ScottK> You may want linux-source
<pschulz01> the first is '-generic' the second is '-server'
<sloopy> heh  i just switched to this channel, i wa just installing the kernel headers too... have to compile madwifi :'(
<pschulz01> sloopy: Quick question then.. do you have links in your /lib/modules/$(uname -r)/build directory?
<sloopy> i will look when subversion is done installing
<sloopy> that is a link to the /usr/src/linux-headers-{installed kernel ver}
<sloopy> and yes in that dirs are alot of links and dirs
<pschulz01> Ok.. ta
<sloopy> np
<sloopy> argh
<sloopy> whats the package name that installs all the tools to be able to build a kernel?
<pschulz01> build-essential
<pschulz01> and apt-get build-dep
<pschulz01> ?
<pschulz01> For some reason I have to reinstall the header package and not the links are there.
<pschulz01> Shhhesh.
<sloopy> kernel-package
<sloopy> heh compiling madwifi on a 800Mhz machine will probly take a bit of time...
<pschulz01> genii: sloopy: thanks
<sloopy> hmm how do you become a ubuntu member? its good to be part of a family ;')
<Mal3ko> what's the quickest and efficient way to reinstall server os through remote ssh?
<hads> You don't
<sloopy> now to see if the madwifi drivers i just compiled work on my router...
<sloopy> cool its working as a client, now need to config as ap
<ScottK> Mal3ko: You also probably don't have to.
<Mal3ko> ScottK: do you have any idea what your talking about?
<ScottK> Mal3ko: I don't know why you think you need to reinstall.  You may actually have to, but a lot of times people reinstall for reasons that don't actually need it.
<ScottK> Mal3ko: Why do you think you need to reinstall?
<ScottK> Actually, I need to be up in three hours, so I think I'm off to bed.
<uvirtbot> New bug: #328436 in openldap (main) "SASL/GSSAPI ldap_sasl_interactive_bind_s Can't contact LDAP Server" [Undecided,New] https://launchpad.net/bugs/328436
<dayo2> can you help me with this?  http://paste.ubuntu.com/117206/
<mok0> I just had to clean up a major mess caused by schroot's use of logical lvm volumes
<mok0> Anyone else has experiences with that?
<uvirtbot> New bug: #328445 in openssh (main) "[Jaunty/amd64] Agent admitted failure to sign using the key." [Undecided,New] https://launchpad.net/bugs/328445
<dayo2> I'm trying to keep users from accessing home dirs outside their group, but i still need them to be able to access everyone's public_html/  how do i do that?
<tjaalton> soren: hey, you've merged multipath-tools in the past. Why did you drop dmsetup_env from it? Looks like it caused bug 320156
<uvirtbot> Launchpad bug 320156 in multipath-tools "Device nodes for partitions on multipathed device are not created" [High,Confirmed] https://launchpad.net/bugs/320156
<soren> tjaalton: Let me see...
<tjaalton> soren: it's a mess
<tjaalton> apparently our devmapper used to have a patch which was the same as others had, but now it's synced with debian
<Rafael> hi, i would like to use command line from my windows computer to my ubuntu server, i was recomended to use "Putty"do i have to install it on ubuntu also and how do i do this?
<tjaalton> so DM_TABLE_STATE is exported as '1' if online, not 'LIVE' as it should be
<tjaalton> but that's not enough to make it work
<dnperfors> Rafael: no, you don't have to install putty on ubuntu
<dnperfors> Rafael: but you need to have OpenSSH installed
<dnperfors> (sudo aptitude install openssh-server)
<Rafael> how do i know if openssh is installed?
<tjaalton> soren: I'd say we follow debian on this, and include the "temporary hacks" to multipath-tools until dmsetup is fixed
<tjaalton> soren: I've got a blade that fails to boot because of this, so I can merge m-t...-14
<soren> tjaalton: It's been too long since I looked at this... Our dmsetup used to do this just fine.
<tjaalton> soren: ok, so I'll make m-t work with the current dmsetup, thanks :)
<soren> I really hate that I don't have any hardware to test this on. I'm working in the dark here.
<dnperfors> Rafael: not sure wheter this will work, but you can try: dpkg --get-selections | grep openssh
<soren> tjaalton: What makes you say our devmapper is synced with debian?
<Rafael> dnperfors: do i have to do any configuration or just install it, then use putty?
<soren> tjaalton: I mean... any more than it used to be?
<tjaalton> soren: because the merge entry doesn't say about any changes to the export patch
<tjaalton> and the debian bugreports suggest that it was more like what suse has
<tjaalton> but I'll try it out and see if it manages to boot this time
<Rafael> ok i was abler to connect with Putty, question, when you open Putty are you suppose each time to use it are your suppor to "Run" it as if is a new install program?
<nijaba> kirkland: I did take a look at the resize issue: I can't find a way to fix this
<kirkland> nijaba: okay, i'm not that worried about it
<nijaba> kirkland: do you know a snack expert?
<nijaba> kirkland: cjwatson maybe?
<kirkland> nijaba: i don't even know what snack is :-)
<nijaba> kirkland: snack is what you use in python as a newt interface
<kirkland> nijaba: cool.  but still, no.
<dnperfors> Rafael: you don't need to configure anything, it will just work..
<dnperfors> you can use that checkbox to disable that dialog
<Rafael> every time i open it i have to run like installing it fresh on my window box
<cjwatson> snack? not me
<cjwatson> I know what it is but that's all
<cjwatson> Rafael: that has nothing to do with how your Ubuntu box is set up; you can download PuTTY to your Windows desktop and run it from there rather than having to run it from the web page or whatever, if that's what you're asking
<cjwatson> Rafael: if you can connect, then things are set up fine from the Ubuntu side
<Rafael> every  time i clkick on icon on desktop of windows it open : if i want to run as if was new software installed
<dnperfors> there should be a checkbox in that window, which you can use to disable that question
<Mal3ko> can you suggest me some ways to reinstall ubuntu on ded server through remote ssh?
<ScottK> Can you connect to it via ssh?
<soren> Mal3ko: Why do you want to reinstall it?
<Mal3ko> trying different distros..but my main os ubuntu
<Mal3ko> and my server provider staffs is too slow..
<soren> What's it running now?
<Mal3ko> ubuntu server. its on the main partition
<soren> Then why do you want to reinstall?
<soren> You want to install Ubuntu, but you're already running it?
<soren> People from "other" backgrounds tend to resort to reinstalling as a means for fixing things that can be trivially fixed by other means, and I'm trying to save you the hassle of going through a pointless reinstall to achieve something that might just be a few simple commands away.
<Mal3ko> the main os stays there..i wont touch that..
<ScottK> soren: You'll find the beginnings of a very similar conversation about 6 hours ago.
<Mal3ko> now i need to install the newest ubuntu svr on the second [artition
<soren> ScottK: Same participants?
<ScottK> Yep
<soren> ScottK: Lovely.
<soren> Mal3ko: For testing newer versions, might I recommend a virtual machine instead?
<soren> It's much less delicate.
<Mal3ko> i thought so too but i'd like to test the os under real environment
<Mal3ko> so vm is not an option..
<soren> What exactly are you trying to test?
<soren> Or: Why isn't a vm an option?
<Mal3ko> jaunty jackalope
<Mal3ko> soren, the server only have 2gb ram..
<soren> So?
<soren> Just assign all (well, 1.9 perhaps) to the VM.
<soren> You weren't going to be running both of them side by side anyway, so I'm presuming shutting down everything else on the machine is kosher.
<tjaalton> soren: do you remember why the multipath/kpartx udev rules were moved to 95?
<soren> tjaalton: Keybuk said that stuff that loaded modules belonged >90.
<tjaalton> soren: ok.. I'll mention that in the changelog
<tjaalton> although the modules are built-in now
<tjaalton> and I'll test if commenting out the modprobe's makes it quicker.. it seems to halt for one minute per modprobe now :)
<soren> Really?
<tjaalton> yes
<tjaalton> in jaunty
<soren> The multipath modules are built in?
<soren> That's crazy.
<tjaalton> why?
<soren> I'm just not a fan of building all this stuff into the kernel.
<soren> I like the kernels small, and I like that I can patch small things in the kernel and try them out without having to rebuild *everything*.
<soren> I can do that with modules, but not with built-in stuff.
<tjaalton> you can discuss it with rtg :)
<soren> ...and that makes me cry.
<tjaalton> or on the kernel-list perhaps
<tjaalton> btw, the local-top script already modprobes stuff
<tjaalton> so AIUI it's unnecessary to modprobe in kpartx.udev?
<soren> tjaalton: IIRC, we put it there to make sure it worked immediately.
<soren> I.e. not just after a reboot.
<tjaalton> but the preinst modprobes already?
<soren> You're going to end up making me actually look at code, aren't you? :)
<tjaalton> hehe, no
<tjaalton> preinst does modprobe
<soren> too late
<tjaalton> but is it enough?
<tjaalton> oops! :)
<soren> a) The initramfs stuff only comes into play if you have multipath-tools-boot installed
<soren> b) The purpose of the modprobe is documented just above it :) It's to get rid of the init script.
<juliux> hi
<soren> ...but we apparantly have the init script now. I wonder what purpose that serves.
<soren> I'm guessing: none.
<tjaalton> the -boot.init is removed from the package
<soren> Ah, that makes sense.
<tjaalton> anyway, I'll leave those as-is
<uvirtbot> New bug: #328525 in openldap (main) "package libldap-2.4-2 2.4.11-0ubuntu6.1 failed to install/upgrade: package libldap-2.4-2 is already installed and configured" [Undecided,New] https://launchpad.net/bugs/328525
<juliux> i have some trouble with postfix+mysql+cyrus+sieve
<juliux> if i enable vacation module in sieve there are no mails sent out
<juliux> is there any tools that need to be installed extra?
<tjaalton> soren: rock on, the merged version booted up fine :)
<kirkland> nijaba: https://edge.launchpad.net/ubuntu/jaunty/+queue?start=0
<kirkland> nijaba: phoronix on the end of the queue ;-)
<soren> tjaalton: Fantastic.
<soren> tjaalton: What did you change, exactly?
<tjaalton> soren: I didn't remove the dmsetup_env stuff, it's needed for kpartx rules to work
<tjaalton> with the current dmsetup
<kinnaz> reconfigure ocfs2 with following command with their default values
<kinnaz> sudo dpkg-reconfigure o2cb
<kinnaz> sudo /etc/init.d/o2cb restart
<kinnaz> sudo /etc/init.d/ocfs2 restart
<kinnaz> but dpkg-reconfigure tells me that there is no package called like that
<soren> tjaalton: Why?
<kinnaz> aswell there isnt anything called o2cb in init.d ... using ubuntu 8.04
<tjaalton> soren: because dmsetup doesn't export the needed variables
<tjaalton> so part of the kpartx rules are skipped
<soren> Which ones are they?
<soren> Ah, the TABLE_STATE?
<tjaalton> yep
<kinnaz> anyone has expirience with ocfs2 on ubuntu ?
<soren> kinnaz: Where did you read about those commands?
<soren> There is not, and has never been, an o2cb package in Ubuntu.
<soren> nor debian
<kinnaz> some debian manual i think
<kinnaz> http://www.debian-administration.org/articles/578
<kinnaz> soren, can you point me towards smt ubuntu related ?
<kinnaz> http://www.ubuntugeek.com/heartbeat2-xen-cluster-with-drbd8-and-ocfs2.html#more-408
<kinnaz> and again same commands
<kinnaz> hough I did run to some problems while installing this system on hardy. For example with the dpkg-reconfigure o2cb I had to use ocfs2-tools instead
<kinnaz> thats the answer :)
<Mal3ko> anyone familiar with ufw here?
<Mal3ko> how do i specify port range?
<Mal3ko> without inclucing ip address
<uvirtbot> New bug: #328571 in openssh (main) "ssh not working after upgrade from Intrepid to Jaunty" [Undecided,Incomplete] https://launchpad.net/bugs/328571
<tonyyarusso> Mal3ko: I don't actually know, but see if port1-port2 or port1:port2 works.
<methods> why does bzr install x11 ?
<profanephobia> i need for my workstations (with no hdds) to boot from an image on the network, can someone point me towards a tutorial to get me started please?
<methods> ltp
<profanephobia> is that directed towards me?
<genii> profanephobia: I think they meant LTSP (linus thin server project)
<genii> *linux
<profanephobia> genii, ok ill look it up thanks
<LeoWei> i have this LAMP server, but how do i point my domain www.abc.com to mu lamp server?
<uvirtbot> New bug: #238677 in apr (universe) "bump to apr 1.3.0" [Unknown,Fix released] https://launchpad.net/bugs/238677
<uvirtbot> New bug: #317564 in subversion (main) "upgrade to Subversion 1.5.5 for jaunty" [Undecided,New] https://launchpad.net/bugs/317564
<uvirtbot> New bug: #317565 in ejabberd (universe) "upgrade to ejabberd 2.0.3 for Jaunty" [Undecided,New] https://launchpad.net/bugs/317565
<uvirtbot> New bug: #328711 in php5 (main) "updates killed apache" [Undecided,New] https://launchpad.net/bugs/328711
<r00tintheb0x> Hello all.
<r00tintheb0x> Should I use an entry in /etc/inittab to make sure a process is running at all times or use cron and a script?
<ScottK> r00tintheb0x: Which release are you using?
<r00tintheb0x> Eh... well... its CentOS actually.
<r00tintheb0x> But, I'm installing all new servers we put up w/Ubuntu.
<r00tintheb0x> Its our CentOS 5.2 MX server.
<ScottK> r00tintheb0x: Then Ubuntu advice would be totally wrong.
<r00tintheb0x> amavisd keeps dying for some reason.
<ScottK> Ubuntu has not had /etc/inittab since Dapper.
<r00tintheb0x> ScottK would /etc/inittab not be the same for CentOS and Ubuntu?
<r00tintheb0x> Oh okay.
<r00tintheb0x> Sorry.
<r00tintheb0x> Ah, I see that.
<r00tintheb0x> My bacula server has no /etc/inittab
<ScottK> In Ubuntu you'd use an upstart job I guess instead.
<ScottK> Cron and a script works too.
<r00tintheb0x> Right, yeah... i just read about upstart in the forum.
<ScottK> Even better fix why amavisd is dieing.
<r00tintheb0x> ScottK, you have any experience w/Ubuntu and Oracle ODBC?
<ScottK> Nope.  Sorry
<r00tintheb0x> Dang
<r00tintheb0x> Anyone have any experience w/Oracle ODBC?
<mustangg> hello the chan. I'm looking simply to confirm the reason(s) why the alt-iso installer seems to be aware of my machines previous hostname. It was suggested to me that if my box is on dhcp with an already reserved IP that perhaps the installer makes an assumption and populates based on that.   Anyone..?
<maw_> have you tested that assumption?
<UndertakerX2> ubuntu-server
<UndertakerX2> how can i find a list of open ports on my server?
<mustangg> pardon for re-asking but: Trying to confirm where the installer find hostname info during network setup of a fresh install. Someone suggested to me that if the machine is on dhcp with an already reserved IP that maybe the installer make some assumptions and populates the name. Anyone?
<jpds> UndertakerX2: netstat -a
<jpds> UndertakerX2: On second thought, that's not quite it... I usually nmap the host myself.
<UndertakerX2> jd: thanks
<mustangg> perhaps someone might know where I can found out that info? Short of reading source code that is.. heh ..
<andol> kirkland: Satisfied with my new explanation to bug #296952, or do you want more details?
<uvirtbot> Launchpad bug 296952 in mysql-dfsg-5.0 "mysqlhotcopy failed on table with hyphen in name" [Undecided,In progress] https://launchpad.net/bugs/296952
<kirkland> andol: i'll check
<kassem> Bonsoir.
<o0o> can anyone tell me why IBM serveraid is not supported in ubuntu server?
<o0o> but is in debian
<roy_hobbs> I've got two network interfaces that are listed UNCLAIMED from lshw.  I'm not sure if these would be installed automatically with jockey if i had a gui.  Is there a way to figure this out?  Also, I'm not sure if the drivers are available online... but I do have a OS installation which might have them on there somewhere.  how might i find them?
<roy_hobbs> The box is originally this IDS appliance from juniper.net.  I have a installation CD that's some distro of linux or another.  If I knew where to get the drivers off of it, I might be able to put them on my ubuntu-server which I managed to install onto the appliance
<o0o> is there anyway to the get debian serveraid drivers to work with ubuntu?
#ubuntu-server 2009-02-13
<Khronos> is there a way to enable the dhcp daemon on only one interface?
<vano> Just installed debian-server with tomcat, however the app server doesnt seem to be serving pages, even the examples which are already installed do not work (they are rendered as plain text). This is an untweaked brand new installation. Any ideas?
<vano> sorry, I meant ubuntu-server, not debian.
<VK7HSE> Khronos: in your /etc/default directory there is a file called dhcp3-server in this is where you define what interfaces you want your dhcp server to serve on ;-)
<roy_hobbs> I'm trying to install some drivers.  I encounter this during "make install" Makefile:98: *** Linux kernel source not configured - missing version.h.  Stop.
<uvirtbot> New bug: #328874 in samba "getent group crashes winbindd on domain controller" [Unknown,Fix released] https://launchpad.net/bugs/328874
<Khronos> thanks VK7HSE
<Khronos> added that
<kansan> how often do folks here run mysql backups?
<kansan> specially if they are incremental
<sommer> kansan: I run daily fulls, but my databases aren't that big
<kansan> how often
<kansan> oh daily
<andol> same here
<andol> no big databases in my case either thought. nothing bigger than a few hundred megabytes.
<evarlast> daily
<isaacsm> daily mysql backups on several large production dbs
<kansan> can someone tell me why mysql wont shut down?  there is no output in /var/log/syslog;  /var/log/mysql/ ....  ubuntu hardy
<mathiaz> kansan: try /var/log/daemon.log
<kansan> MatBoy, theres stuff about mysql there
<kansan> but nothinga bout why it failed
<kansan> is it weird that i would have two mysqlld_safe's  :  http://pastie.org/387877
<MatBoy> kansan: ?
<MatBoy> I love you too !
<kansan> MatBoy, ;p
<MatBoy> kansan: ok, we need to make love now
<MatBoy> actually I want to sleep ;)
<MatBoy> kansan: sorry, next time better ;)
<Kkoala> hi i need help with an install
<Rafael_> i have software raid on ubuntu server, i have test it multiple ways and it works beatifull. something very strange i have notice: very often the raid goes into degrade mode and one of the drive disapers, i thoight was a physical problem wth the drive, i have test all the 3 drives with Western Digital softare and drive are fine, is this a now issue with software raid
<|Sigma|> hello
<|Sigma|> anyone interested in giving me a hand? I have a strange problem... wireless card refuses to get an ipv4 address, but it manages to get an ipv6 easily enough
<twb> "get an IP address" meaning via DHCP?
<|Sigma|> correct
<twb> Is this really a question for -server?
<|Sigma|> well, I AM running server edition
<twb> "server edition" is backed by the same package archive; the main difference is the default package list.
<twb> Is NetworkManager running?  Does /etc/network/interfaces refer to the wireless interface?
<twb> If "yes" to the latter question, does it refer to "inet6" instead of "inet"?
<|Sigma|> no GUI, hence no network manager. /etc/network/interface does refer to wlan
<|Sigma|> and give me a sec for the last one
<twb> NetworkManager has no GUI.
<|Sigma|> no, it refers to "inet'"
<|Sigma|> huh
<|Sigma|> well, I don't have it installed, at least >_>
<twb> The applet is a separate, wrapper program that interacts with NM via the dbus protocol.
<twb> aptitude search network-manager should tell you if it's installed, just to double-check.
<twb> IME most of the network problems on Ubuntu are caused by that bloody piece of shit.
<|Sigma|> not installed, just checked again
<|Sigma|> give me a second, I just disabled ipv6 globally (I hope)... dunno why I didn't think of that earlier
<|Sigma|> I've been fighting this beast for about 5 hours, just missing the IP now... I'm happy it can scan
<twb> |Sigma|: OK, what happens if you manually run "dhclient foo0", where foo0 is the interface name
<|Sigma|> fails miserably after a couple tries
<twb> OK, next I would check the DHCP server.
<twb> After that, I would try wireshark/tshark sniffing of the packets.
<|Sigma|> well, all other computers on my network are getting their IPs perfectly fine
<|Sigma|> so DHCP server not a problem
<twb> |Sigma|: are they getting their IPs over wifi, or ethernet?
<|Sigma|> wifi
<twb> OK, time to start packet sniffing.
<|Sigma|> time to look for a good sniffer that runs on mac, then
<ScottK> tdpdump should work.
<|Sigma|> thanks, I'll try it out
<twb> tcpdump pisses me off, compared to tshark
<twb> YMMV, of course.
<|Sigma|> I might give static DHCP a try first though
<|Sigma|> *sigh* no go, time to look up that sniffer
 * |Sigma| feels really really stupid
<|Sigma|> so, the only thing it picks up is a LOT of SSDP protocol connections from the router
<kraut> moin
<twb> |Sigma|: did you work out what the problem was?
<|Sigma|> looks like the router isn't answering ARP request
<|Sigma|> the NIC keeps on spamming who-has messages
<|Sigma|> but I don't get it
<|Sigma|> since all my other computers work fine
<mario_> Hello!
<|Sigma|> hi
<mario_> i have added the line "192.168.123.123 www.foobar.de foobar.de" to my /etc/hosts
<mario_> but if i ping www.foobar.de i still get a official ip.
<mario_> it works with foobar.de (then i get 192.168.123.123)
<mario_> any idea if ubuntu it caching the dns stuff somewhere?
<|Sigma|> mario_: how are you accessing the domain? web browser?
<|Sigma|> clear out the browser;s domain if yes
<|Sigma|> if no.... no clue >_
<|Sigma|> >_>
<mario_> command line ping :)
<|Sigma|> er, I mean, browser's cache
<|Sigma|> heh
<|Sigma|> sorry man, no clue.... it shouldn't :p
<mario_> well, why use the browser if its not even workign correctly on my console? :)
<mario_> hehe, thanks anyway
<|Sigma|> restart?
<mario_> already done, but now i feel like a windows users. And i did not even succeed :P
<mario_> ahh...i typed 4 w :)
<mario_> stupid me!
<|Sigma|> huh? problem solved?
<|Sigma|> .. I wish my problem was that easy <_<
<mario_> what have you got?
<|Sigma|> mario_: by the way, google says restarting the networking daemon clears the cache... so technically your reboot DID clear it up :p
<|Sigma|> a wireless NIC that refuses to get an IP address
<|Sigma|> I've come a long way though... at the beginning it refused to show up in the system at all
<nobse> hi
 * |Sigma| waves
<soren> |Sigma|: Does the dhcp server show anything in the logs?
<|Sigma|> soren: the log shows ARP requests get no answer :s
<dayo2> where is the init script for logrotate in 8.04?
<soren> dayo2: There is none?
<soren> it runs from cron.
<soren> |Sigma|: So it's statically configured?
<dayo2> soren: i've edited /etc/logrotate.conf   do i need to restart cron or something?
<soren> dayo2: No.
<dayo2> soren: ok, thanks :-)
<|Sigma|> soren: no, pure DHCP. I did try static though, and no go
<soren> |Sigma|: arp is used to map ip's to mac addresses.
<soren> |Sigma|: If it doesn't have an IP yet (since it's trying to get one via dhcp), how does ARP factor into it?
<|Sigma|> no clue, yet it shows up in the logs
<soren> What does?
<|Sigma|> HAH
<uvirtbot> New bug: #325809 in mysql-dfsg-5.0 (main) "package mysql-server-core-5.0 5.1.30really5.0.75-0ubuntu5 failed to install/upgrade: tried to overwrite `/usr/sbin/mysqld', witch is already provided by mysql-server-5.1" [Undecided,New] https://launchpad.net/bugs/325809
<|Sigma|> IT WORKS
<soren> Exactly what are the arp requests you see?
<|Sigma|> so stupid
<|Sigma|> soren: it was doing who-has requests that never got answered
<|Sigma|> you remember earlier when I was complaining that all I could get were IPv6 IPs?
<|Sigma|> well, I disabled IPv6 globally...
<|Sigma|> I just re-enabled it, and everything decided to work
<|Sigma|> no clue what the hell I did to fix it
<|Sigma|> but I'm glad it works
<|Sigma|> signal is incredibly low though
<|Sigma|> but speed doesn't seem hindered :D
<dayo2> this is a sample of my /var/log/kern.log  http://paste.ubuntu.com/117586/   can someone explain to me how to read that?
<|Sigma|> soren: sorry for having been such a pain. I created my own problem... but I did learn how to sniff packets, and i thank you for that :p
<soren> Heh :)
 * |Sigma| is outta here. 9 hours straight fixing a friggin NIC....
<|Sigma|> ciao!
<ivoks> is it only me or...
<ivoks> checking for gcc...4.2.4
<ivoks> checking for kernel gcc version...4.2.3
<ivoks> this doesn't look right
<dmacnutt> anyone have any web resources for "Best Practices" in terms of server setup and hardening?
<kinnaz> anyone has used ACL with OCFS2 ?
<sergevn> hi, maybe i cant ask my question here.
<sergevn> I have a bash script that calls a java-jar application, it exits with an error.
<sergevn> so i 2> /dev/null the bash script
<sergevn> probleem is cron doesnt, is it possible to fix this?
<ivoks> cron does what you tell it to do
<sergevn> hi ivoks
<ivoks> so if you put shell_script 2> /dev/null, it won't give you error output
<ivoks> cron only mails you output of the command
<ivoks> so, it's up to you to redirect output of that command to /dev/null
<sergevn> ah than i have to create a shell script, for the shellscript
<ivoks> ?
<ivoks> put in cron:
<ivoks> * * * my_shell_script 2> /dev/null
<sergevn> ah ok, i put it in /etc/cron.hourly :)
<ivoks> then make sure that script doesn't provide output
<ivoks> if that script calls java file
<sergevn> #!/bin/bash
<sergevn> sudo -u serge java -jar ~/src/fetchExc-2.0/fetchExc.jar -p ~/src/fetchExc-2.0/fetchExc.properties 2> /dev/null
<ivoks> redirect output of java program to /dev/null
<sergevn> yeah ive done that, still error from cron
<ivoks> sudo -u serge "java -jar blablabla 2>/dev/null"
<ivoks> otherwise you are redirecting sudo's stderr
<sergevn> aah ok :)
<sergevn> now seeing the logic :)
<UndertakerX2> can some one give me more info on the error "bind failed: EACCES"?
<sergevn> ivoks: now it expects the commented command phrase as one single command
<sergevn> ivoks: http://pastebin.ubuntu.com/117635/
<ivoks> does /root//src/fetchExc-2.0/fetchExc.jar exist?
<sergevn> root?
<sergevn> it's invoked by the user serge right?
<ivoks> but enviroment is from root
<ivoks> sudo -i -u user
<ivoks> so, like this:
<ivoks> sudo -i -u serge -c "java -jar ~/src/fetchExc-2.0/fetchExc.jar -p ~/src/fetchExc-2.0/fetchExc.properties 2> /dev/null"
<ivoks> man sudo can help you
<ivoks> er... no:)
<ivoks> sudo -i -u serge java -jar ~/src/fetchExc-2.0/fetchExc.jar -p ~/src/fetchExc-2.0/fetchExc.properties 2> /dev/null
<ivoks> this should work
<sergevn> lol now the command isnt executed at all :D
<ivoks> how do you know?
<sergevn> because the function of the script doesnt work :)
<sergevn> it is supposed to leech email from outlookwebaccess and forward it, takes some seconds, now none, and mail doesnt arrive :)
<ivoks> shy do you use sudo anyway?
<sergevn> hmm /usr/bin/java: /usr/bin/java: cannot execute binary file
<sergevn> because i dont want the script to run as root :)
<sergevn> but now ill use crontab instead of cron.hourly
<ivoks> then edit users' crontab
<ivoks> crontab -e
<ivoks> 00 * * * java -jar ~/src/fetchExc-2.0/fetchExc.jar -p ~/src/fetchExc-2.0/fetchExc.properties 2> /dev/null
<sergevn> where does 00 stand for?
<sergevn> every minute?
<ivoks> no
<ivoks> at 00 minutes
<ivoks> * - every hour
<ivoks> * * * - every day
<ivoks> * * * * * - every minute
<ivoks> 0 * * * * - every hour
<sergevn> thanks
<tgbryano_> im using hardy server on a 16 processor server and its only showing 8 cpus and an error in the logs saying max processors reached, how can i get it to see all the cpus?
<ivoks> which kernel do you use?
<tgbryano_> 2.6.24-16-server
<ivoks> right...
<ivoks> max. number of supported cpu in hardy is 8
<ivoks> in intrepid it is 64
<tgbryano_> darn, is there a kernel available to resolve this?, i was looking to stay with hardy as its lts..
<ivoks> well, you could rebuild kernel
<ivoks> and set this option to higher
<tgbryano_> whens the next lts out? is it april?
<ivoks> april next year
<ivoks> every 2 years
<ivoks> let me ask kernel team if there are plans to support >8 in hardy
<tgbryano_> ok thanks, i think i will have to go with intrepid, should be able to do a dist-update to the next lts without much problem
<tgbryano_> ok thanks
<ivoks> not dist-upgrade
<ivoks> do-release-upgrade
<ivoks> that will do everything for you to jump from 8.10 to 9.04 then to 9.10 and finally to next-lts 10.04
<ivoks> newsflash...
<ivoks> 64bit hardy supports 64cpu
<tgbryano_> what about the 32 bit?
<tgbryano_> they are reluctant to use 64 bit as we are using 32 bit oracle..
<ivoks> 8
<ivoks> 64bit version supports 32bit apps
<ivoks> just put linux32 in front :)
<tgbryano_> will it be unstable? im trying to move our servers over to ubuntu, we use oracle 9i at the moment
<ivoks> i never used 32bit oracle on 64bit arch
<ivoks> i've used firefox only :)
<tgbryano_> lol oh well i will find out
<ivoks> tgbryano_: let me know how it goes
<tgbryano_> will do, thanks for your help
<ivoks> i have oracle on one server too, and would like to move to 64bit :)
<uvirtbot> New bug: #329053 in php5 (main) "Cannot use both zlib.output_compression and output_handler together!!" [Undecided,New] https://launchpad.net/bugs/329053
<dmacnutt> anyone have any web resources for "Best Practices" in terms of server setup and hardening?
<uvirtbot> New bug: #329067 in libpam-ldap (universe) "Cannot change password on ldap client unless libpam-cracklib also installed" [Undecided,New] https://launchpad.net/bugs/329067
<UndertakerX2> can some one give me more info on the error "bind failed: EACCES"?
<andylockran> UndertakerX2: what was thecommand you ran to generate the error ?
<soren> UndertakerX2: It's usally due to attempting to bind to a <1024 port as non-root.
<andylockran> soren: yeah, was going to check the command then recommend running 'sudo '
<uvirtbot> New bug: #328992 in dnsmasq (universe) "Please sync dnsmasq 2.47-3 (main) from Debian unstable (main)." [Wishlist,New] https://launchpad.net/bugs/328992
<melter> i used to get firewall messages like "IN=eth0 OUT= MAC= ..." in /var/log/messages, but they're no longer there. is there some setting that will put them back?
<soren> melter: ufw logging on
<melter> soren: i don't use ufw, i have my own iptables script
<melter> i'm using 8.04, btw
<melter> i just tested my firewall, and it seems to work
<melter> it's stopping traffic, it's just not logging it anymore
<ivoks> check you script then
<ivoks> your
<melter> ivoks: what do i look for? is there some iptables argument?
<ivoks> -j LOG
<melter> i can't remember making any changes other than adding the occasional ip
<melter> ok, i'll look, thanks
<melter> ivoks: thanks! that line was uncommented for some reason
<ivoks> bye all
<andol> exit
<bdmurray> kirkland: yeah for developer doc search!
<Blah78> Hi, I have a quick question, maybe someone can help me out: I'm trying to install a minimal xorg server, just xorg-core, xorg-input-kbd and xorg-video-vesa but apt will always try to install every single xorg package it knows. Is there any way to avoid this and install just those three packages and the real dependencies? btw I'm coming from gentoo, and I know I shouldn't install X on a...
<Blah78> ...server, but this is not for a server exactly ;)
<andyfailran> 5/5
<kirkland> bdmurray: :-)  \o/
<lmr> dendrobates: Hey Rick
<dendrobates> lmr: hi
<lmr> dendrobates: How's it going? :)
<dendrobates> lmr: good, and you.
<slicslak> i just setup ubuntu in vmware2.  from a totally different linux box, i ssh into the new one, but i can't rsync.  the rsync error:  ubuntuhostname: Connection refused
<slicslak> usually rsync just works when ssh does.  any ideas?
<Deeps> specifiy -e ssh when you run rsync?
<sommer> kirkland: is there supposed to be an ecryptfs kernel module for jaunty?
<slicslak> Deeps, yep thanks.  odd.  normally that's default isn't it?
<Deeps> slicslak: dunno, might be an ubuntu default? i dont use just ubuntu though, so i've always specified
<slicslak> right
<slicslak> i think i'm on a centos client.  not really used to RH.  i'll have to remember to specify that now.
<mrcoodles>  hello everyone, i just installed ubuntu server 8.10 as a guest os on vmware, under windows vista - and i have no clue how to give it internet access. can anyone help ?
<ivoks> that really doesn't depend on guest, but on host
<ivoks> by default, ubuntu server installation will look for dhcp server to get an IP
<ivoks> if there's no dhcp server, it will ask user to give information about ip
<ivoks> if you have't typed ip address and stuff like that, then your vmware has a dhcp server (which is normal and default)
<ivoks> now, why your guest os (in this case ubuntu) can't access internet is really a question for vmware and/or host operating system
<mrcoodles> it usually works on desktoplinuxes. my host os connection is via pppoe; im a bit confused as to what im supposed to add to the /etc/network/interfaces file.
<ivoks> well, what's there now?
<mrcoodles> there's two lines for the loopback interfaces, which is working
<mrcoodles> and somethign labeled The primary network interface
<mrcoodles> auto eth0
<mrcoodles> iface eth0 inet dhcp
<mrcoodles> and i have no clue what they mean.
<ivoks> this means that:
<ivoks> a) eth0 interface will be up on boot
<ivoks> b) it will look at dhcp server for address
<kirkland> sommer: it's built in
<sommer> kirkland: ah
<kirkland> sommer: part of the faster boot time work
<sommer> kirkland: I get this error when trying to do a mount -t ecryptfs /srv /srv  http://paste.ubuntu.com/117781/
<sommer> kirkland: and was wondering if it was because of the module not being there
<kirkland> sommer: interesting, open a bug, would you?
<uvirtbot> New bug: #323731 in php5 (main) "php5 source packages announces Debian SVN repo" [Undecided,Invalid] https://launchpad.net/bugs/323731
<sommer> kirkland: sure, I get a similar, but different, error when trying the ecryptfs-setup-private utility as well
<sommer> kirkland: I'll post the output of both in the bug, thanks
<kirkland> sommer: i was just rolling out the -70 release right now
<kirkland> sommer: i'd like to get these fixed in that one
<mrcoodles> anyone has some additional clues about my vmware network thingie ?
<ivoks> mrcoodles: well, have you tested if guest can access internet, if yes, how?
<mrcoodles> ivoks well, pinging google.
<ivoks> bad test
<ivoks> try nslookup www.google.com
<ivoks> if that works, you have link
<mrcoodles> dns not working either.
<ivoks> ok, so now you know at least dns doesn't work
<ivoks> try this
<ivoks> mtr 74.125.39.103
<mrcoodles> oops silly, me , i pinged the ip and that worked.
<mrcoodles> so seems like just the dns is missing.
<ivoks> so, dns is in /etc/resolv.conf
<ivoks> cat /etc/resolv.conf
<ivoks> to see what's your DNS
<ivoks> your DNS is being provided by DHCP
<mrcoodles> its 192.168.37.2
<ivoks> that's from vmware
<mrcoodles> uhm, probably.
<sommer> yay for ivoks and email :)
<kees> ivoks: oh, we should totally compile postfix PIE if we've got dovecot that way.
<ivoks> pie?
 * ivoks confused :)
<kees> https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BuiltPIE
<ivoks> security stuff?
<kees> ivoks: yeah
<ivoks> kees: i'll leave that to you :)
<kees> :)
<lamont> kees: woot
<kees> lamont: should be the same as we did for bind9
<kees> oh..er
<kees> nevermind!
<kees> already done.  hahah
 * kees goes to find some coffee
<lamont> was postfix not done, then?
<kees> I thought it hadn't been done, but it was on the list for intrepid.  I opened up the debian/rules and saw "export DEB_BUILD_HARDENING=1" :P
<kees> right.  back to other work now
<lamont> \o/
<lamont> kees: let's put packit in ship-seed. :-p
<kirkland> sommer: hmm, i was about to ecryptfs-setup-private just fine in a fresh jaunty
<kirkland> sommer: can you tell me more about your error?
<sommer> kirkland: sure, what should I look for
<sommer> kirkland: I was testing it inside a kvm, if that matters
<kirkland> sommer: me too
<vimpulse> lllama:  go ahead and describe the long version whenever you're ready.  :)
<kirkland> sommer: can you pastebin the dialog (sans passwords)
<kirkland> sommer: and error messages?
<sommer> kirkland: http://paste.ubuntu.com/117789/
<kees> lamont: heh.  I've been trying to keep IDS out of main.  :)
<mrcoodles> @ivoks i modified the nameserver from the local address vmware one to the one in windows. it works. im unbelievably happy.
<kees> lamont: oh, not IDS, just an injector.
<kees> lamont: how does packit compare to nemesis ?
<kirkland> sommer: ls -alF $HOME
<mrcoodles> ehm, can i get ubuntu server a gui ?
<sommer> kirkland: ya, forgot to remove the previous Private folder here's a better paste with errors: http://paste.ubuntu.com/117791/
<vimpulse> mrcoodles:  yes, sudo aptitude install xorg-server, but why do you want one?
<vimpulse> mrcoodles: oops i meant sudo aptitude install xserver-xorg
<vimpulse> i think
<mrcoodles> because it took me half an hour to figure out how to use vi.
<sommer> kirkland: ls output http://paste.ubuntu.com/117792/
<vimpulse> mrcoodles:  then you should use nano :)
<kirkland> sommer: dude
<kirkland> sommer: why does root own Private and .Private
<kirkland> sommer: did you "sudo" it at some point?
<sommer> kirkland: nope
<kirkland> sommer: okay, root should *not* own it
<sommer> kirkland: should I scrap those and start over?
<kirkland> sommer: could you sanitize your environment like so:
<kirkland> sommer: sudo adduser foo
<mrcoodles> vimpulse: can i ehm search by description or smth with that aptitude thingie ?
<kirkland> sommer: then ssh foo@localhost
<vimpulse> mrcoodles:  yes.  sudo aptitude
<kirkland> sommer: then ecryptfs-setup-private as foo
<vimpulse> mrcoodles:  will bring up the aptitude TUI.
<sommer> kirkland: sure one sec
<vimpulse> mrcoodles:  but there are better options, like apt-cache search, which searches descriptions as well.  or www.freshmeat.net, which lists more packages than aptitude.  But do you know why you should never compile software yourself when possible and use aptitude instead?
<sommer> kirkland: hrmm, it worked fine
<sommer> kirkland: must have been something I did
<kirkland> sommer: your other setup is unclean
<kirkland> sommer: root should not own any of those files in your homedir
<kirkland> sommer: that can easily happen if you sudo something you didn't need to sudo
<kirkland> sommer: such as ecryptfs-setup-private
<kirkland> sommer: sudo ecryptfs-setup-private would create the exact situation you have there
<kirkland> well, it could
<mrcoodles> vimpulse: because it's easier, lol ?
<vimpulse> mrcoodles:  yeah :)
<sommer> kirkland: gotcha, I must have used sudo after trying the mount -t ecryptfs command
<mrcoodles> vimpulse: ok, how do i highlight the search button on top, lol
<vimpulse> mrcoodles:  most stuff at freshmeat is also available in aptitude, you just have to apt-cache search and find out the package name.
<vimpulse> mrcoodles:  i don't remember.
<vimpulse> you are probably new to Ubuntu.  I recommend you take out a good book about Ubuntu from your local library or buy one from www.abebooks.com btw.
<kirkland> sommer: i am also having trouble with the mount -t ecryptfs command
<kirkland> sommer: i'm debugging that now
<vimpulse> mrcoodles:  btw I am currently using vista so I can't check for you :(  anyone?
<kirkland> sommer: that's a major bug
<vimpulse> at least /me has cygwin
<mrcoodles> vimpulse: me too.
<kees> we should add molly-guard to the server seed.  :)
<sommer> kirkland: ah cool... well cool in the sense that I didn't mess that up :)
<vimpulse> mrcoodles:  for the aptitude help, you press Control+T then move to the help menu I think.  for the manual:  cd /usr/share/doc/aptitude*
<vimpulse> mrcoodles:  ask again in 2 min if you don't figure out how to do what you want.
<mrcoodles> vimpulse: oh great. now. how did you know this
<vimpulse> mrcoodles:  good memory thank god :)
<vimpulse> mrcoodles:  btw I made a mistake.  To install a GUI, do not xserver-xorg.  Instead, aptitude install ubuntu-desktop
<vimpulse> *mrcoodles:  btw I made a mistake.  To install a GUI, do not install xserver-xorg.  Instead, aptitude install ubuntu-desktop
<mrcoodles> vimpulse: ill probably run into trouble trying to do that. link to cool readables for noobs ? like a tutorial , anything but an 800-page book.
<vimpulse> mrcoodles:  the GUI comes with the "Add/Remove..." tool and the "synaptic" tool both of which are much nicer GUIs than aptitude's TUI.
<vimpulse> mrcoodles:  I dunno about alternatives books.  I don't read entire books, I just use them as references.  anyone know an answer to mrcoodles's question?
<vimpulse> *alternatives to books
<vimpulse> mrcoodles:  ask in #ubuntu
<vimpulse> lllama:  or, use a GUI tool, see if it succeeds, if it does then copy its output into a cron job command line
<lllama> vimpulse: this is where I've got to: http://pastebin.com/d7cf3e4f8
<lllama> inodes all different.
<lllama> Same on CentOS.
<vimpulse> lllama:  you wrote "Short version - we'd prefer certain data not to sit on a particular server for too long, so we're going to pull it off and wipe the machine each day. The snapshots will be used so that users can access an accurate copy of what they were doing."  What is the long version?
<lllama> vimpulse: Longer. Just trust me that it has to happen that way.
<vimpulse> I trust, but verify :)
<vimpulse> so?
<lllama> I'll tell you if I get it working.
<phreestyle-work> question for the server gurus out there....is there a way I can move my eBox firewall configuration to Webmin?
<phreestyle-work> is anyone even here?
<Deeps> !webmin | phreestyle-work
<ubottu> phreestyle-work: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<phreestyle-work> Deeps: eBox DOES NOT WORK FOR ME!
<Deeps> phreestyle-work: shout all you want, it wont change the fact that webmin isn't supported!
<phreestyle-work> Webmin is working perfectly fine for me
<phreestyle-work> eBox is the problem....I have made changes to the configuration files because eBox doesn't have the options I need...so whenever I make a change to ebox, it wants to overwrite my changes
<phreestyle-work> Deeps: either eBox needs to stop trying to overwrite my files, or I need to stop using it
<Deeps> phreestyle-work: file a bug on launchpad?
<antdedyet> read the documentation?
<phreestyle-work> Deeps: it's not a bug though.
<Deeps> phreestyle-work: then i'm out of ideas, maybe the webmin guys can help you?
<phreestyle-work> it's the way eBox works....if I make a change to a dansgaurdian config file, eBox wants to overwrite that file with its own settings if I make any changes inside eBox
<antdedyet> write a patch?
<antdedyet> so that one can include external, unaffected gui files
<antdedyet> or find a more elegant approach.
<phreestyle-work> well, here's the thing....I can edit everything I need in webmin....except for the eBox firewall settings. If I can disable ebox and use webmin's firewall interface, I don't need ebox anymore....which is fine
<Deeps> sounds like a good idea
<phreestyle-work> and I don't know how to write a patch....seems like a waste of time since everything but one small peice is taken care of
<uvirtbot> New bug: #329218 in mysql-dfsg-5.0 (main) "/mysql-server_5.0.67-0ubuntu6_all.deb failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/329218
<lamont> kees: haven't played with nemesis...  packit I'm a bit more biased about, given who the debian maintainer is...
<kansan> is there some way of testing how fast a drive's I/O is?  and telling me if its good/bad?
<jmarsden|work> kansan: Run iozone or bonnie benchmarks?  Or even just use hdparm -t -T /dev/sda  or whatever?  There is no way for the software to tell you what is "good or bad", you need to compare results with other drives and systems...
<Doonz> hey guys, if im using software raid (mdadm) and i pull out a failed drive and put a new one in what do i have to do so that drive is seen?
<uvirtbot> New bug: #298374 in samba (main) "Samba daemon not starting" [Undecided,Invalid] https://launchpad.net/bugs/298374
#ubuntu-server 2009-02-14
<erichammond> If a DNS name in sources.list resolves to a round robin IP list, and one of those IP addresses does not respond, would apt-get try a different IP address?
<LHC> hello
<ScottK> erichammond: No.  DNS doesn't work that way.  Round robin is for load sharing, not failover.
<LHC> hey
<LHC> im just wondering from one dedicated server, how many individual sites can be run of it. like a webhost
<rdw200169> LHC, many, using virtual servers
<LHC> oh what software does that
<rdw200169> LHC, well, the ubuntu community prefers apache webserver
<LHC> im interested in using a dedi i have as a webhost for a few sites
<LHC> its an ubuntu server :D
<rdw200169> LHC, well, it's easy to install a working webserver, just use the command: tasksel
<rdw200169> LHC, it's the option "LAMP Server"
<rdw200169> LHC, and that will install the appropriate packages
<LHC> I have a counter strike server on it, would it delete any of its feiles? haha please no
<LHC> files*
<rdw200169> LHC, it shouldn't
<LHC> cool
<rdw200169> LHC, they are completely separate apps
<rdw200169> LHC, you can run all kinds of stuff on a single server if you want
<LHC> where will it install to? I mean the directory for puttin the index.html web stuff
<rdw200169> LHC, for example, one server can be a: mail server, web server, ftp server, etc...
<rdw200169> LHC, well, aside from the apache binaries and configuration files, it sets the webroot as /var/www
<rdw200169> LHC, but that can be changed if you want it to be
<LHC> rdw200169, I had it for amonth, i bought it for a buddy and I to practise, so we used it as a gaming server, I still havent got the full idea what I can do with it haha
<LHC> thanks alot rdw200169 ill try it now
<rdw200169> LHC, well, you should research setting up an apache webserver, there's a lot out there on the internet about it
<LHC> so I can use it as a mail server? and have my own email from it? like lhc@mysite.com
<rdw200169> LHC, and there's more to it than i could ever explain here; rest assured that apache is the industry standard
<LHC> yeah Im just looking what I can do atm with it hehe Ill definitley look it up
<rdw200169> LHC, yes, you may also want to research what you can do w/DNS...
<LHC> ok, i guess I have to get a domain name xD
<rdw200169> LHC, for example, if you received a static IP from your dedicated webserver, having your own domain is as simple as setting up the IP on godaddy.com's DNS server
<rdw200169> LHC, you don
<rdw200169> LHC, you don't have to run your own DNS server, just let godaddy do it for you; much easier and more reliable
<LHC> yeah It is static thanksfully
<LHC> ok :D
<rdw200169> LHC, same thing w/running a mail server, i find it is much easier just to use google apps w/a domain name from godaddy
<rdw200169> LHC, b/c google provided "Gmail" for your own domain
<rdw200169> LHC, *provides
<LHC> so itll show up as rdw200169@whatever.com, but will use the gmail service?
<rdw200169> LHC, yes, it all has to do w/DNS records; for example, my domain is has it's mail server records pointed to what google suggested, so my mail gets routed to them
<LHC> thats fantastic!!
<LHC> im really impressed xD
<rdw200169> LHC, yeah, it works really well too, and they still provide imap/pop3 access
<LHC> http://www.google.com/apps/
<rdw200169> LHC, so you can have user@LHC.com routed through google
<LHC> cause I love gmail
<rdw200169> LHC, it
<LHC> do I click business it mangaer
<rdw200169> LHC, it's the same exact thing; it just *looks* like it's on your domain... allows you to have the power of gmail with the professionalism of a good domain name
<LHC> rdw200169, thank fuck for you xD I really wanted to know stuff like this, really helpful!
<LHC> plus I think people who have person@gmail.com on their site just looks bad
<rdw200169> LHC, yeah, just set up 'business' they have a 'free' version type thing that everyone uses
<LHC> haha, how come google is great for this stuff
<LHC> 50$ a year for a webserver not bad xD
<rdw200169> LHC, who knows... i like it.  i won't buy a dedicated server so i run one out of my home.  consequentially, it's on the same desktop i'm using to talk to you right now on
<LHC> the web server?
<rdw200169> LHC, yeah, greamin.com
<LHC> hehe
<LHC> whats your connection like?
<LHC> im reading your guide atm :D
<rdw200169> garbage, there's some old equipment where i live so i have to reset the connections every few hours to keep the caches (somewhere) from getting stale
<LHC> its relevant to me cause I have an old pc
<LHC> one problem on the server guide
<rdw200169> i still haven't figured out what is causing it, i think it's our old WRT54G, but that's doubtful.  then again, it can't be the cable modem, i tested that
<rdw200169> LHC, there are lots of them ;)
<LHC> the pic of the open case is massive, takes ages to load. you want me to resize it?
<rdw200169> LHC, my internet is slow :(  time warner only allows a small upload < 512 kbps
<LHC> 2 secs I forgot I dont have hardly any software on this pc haha
<LHC> wow same upload here buddy
<rdw200169> LHC, i should go through and resize the pictures smaller, i'm pretty lazy
<LHC> ill do i for you
<LHC> it
<LHC> since you helped me with that gmail suggestion hehe
<rdw200169> LHC, nah, that's ok ;)  i know *how* to do it, i just haven't
<LHC> i have to reinstall my programs bahhh
<erichammond> ScottK: Thanks for the response. I understand that round robin failover would have to be implemented at the application level.
<erichammond> ScottK: I understand that some browsers might do this and was hoping that apt-get might, too.
<ScottK> You can't really do this without ignoring TTL in DNS records and that's not a great idea overall.
<LHC> rdw200169, since i cant open firefox and research stuff cause im installing something. Any other interesting things
<LHC> i got really excited at that gmail thing for some reason xD
<LHC> oh ill set up lamp
<rdw200169> LHC, what do you want to know?  i've done lots of interesting things with servers
<LHC> anything, maybe basic things like virtual servers?
<LHC> is that wmware?
<LHC> cause I have a server with unlimited transfer and I dont use it as much as I should
<LHC> lack of knowledge haha
<erichammond> ScottK: Not sure how TTL applies.  If the client asks for all IP addresses for a given name and then tries them one by one, seems like it should work.
<rdw200169> i'm talking about apache virtual servers; apache can, all by itself, provide services for a multitude of domain naims
<ScottK> That's not how round robin generally works.
<rdw200169> *names
<ScottK> Generally you ask for a DNS name and it hands you an IP.
<erichammond> ScottK: "dig +short us.archive.ubuntu.com" returns (91.189.88.46, 91.189.88.40, 91.189.88.45, 91.189.88.31)
<LHC> so if I designed alot of sites for local businesses I can run it off them one dedi and charge them little for hosting?
<ScottK> Yes, it doesn't usually return all of them.  It gives you one.  If it gives you all of them it's not round robin.
<ScottK> So once you get the answer, your resolver should cache that for the TTL.
<maxb> Doesn't it give you all of them in a round-robined order?
<maxb> And then if your resolver / API is naive, you just use the first
<LHC> wow rdw200169 i installed tasksel
<LHC> has alot of options hehe
<ScottK> If it's giving you all of them that's not really round robin as I understand it.
<LHC> I think ill leave it for the mean time until I learn more
<erichammond> So I guess I'll repeat my original question: Does anybody know (for sure) if apt-get will or will not try multiple IP addresses for a DNS name if one of them fails?
<LHC> i ll give you feedback to show we are listening, sorry I dont hav a clue xD
<erichammond> I'm working with some folks who are creating an Ubuntu mirror inside Amazon EC2 and I'd like to make sure that we have failover.
<LHC> I remember I seeded ubuntu up to a ratio of 30 or so
<erichammond> Their current proposal for sources.list is to list the same source with each of the host names: mirror-roundrobin, mirror1, mirror2, mirror3
<erichammond> "mirror-roundrobin" gets the load balancing, but if the random IP fails, it would get sources from one of the remaining explicitly listed hosts.
<LHC> amm someone should really help you right now cause your doing good mirroring ubuntu
<ScottK> erichammond: That would probably work.
<LHC> brb
<dinsdale07> how can I temporarily open ports with iptables? I tried on the commandline sudo iptables -I INPUT -p tcp --dport 6984 -j accept
<dinsdale07> but it doesn't show up in iptables -L
<LHC> rdw200169,
<jmarsden> dinsdale07: ACCEPT needs to be UPPER CASE in your rule: sudo iptables -I INPUT -p tcp --dport 6984 -j ACCEPT
<dinsdale07> jmarsden, thank you I found out. I think it's also not possible just from the commandline since my last iptables comment is DROP ALL. It seems to override all unless I put it in a file and load it.
<jmarsden> You just need to insert the new rule ahead of that one.
<jmarsden> It has nothing to do with being in a file or not :)
<dinsdale07> jmarsden, I don't understand well. How can I specify where in the list my rule will appear? As I said iptables -L didn't even show my rule.
<dinsdale07> I for sure must give a line number or so.
<jmarsden> You can specify a rule number in the insert command
<jmarsden> sudo iptables -I INPUT 63 -p tcp --dport 6984 -j ACCEPT
<jmarsden> where 63 is the line number
<jmarsden> Read the man page for iptables more carefully :)
<dinsdale07> ah - that makes sense now. And yes you are right - I will.
<LHC> is it unix time yet?
<dinsdale07> I'm just stranded on the road in a hotel after a snow storm and I just wanted to get my torrent working :-)
<dinsdale07> Best time and place to study man pages actually.
<LHC> haha
<jmarsden> dinsdale07: You carry a *server* around on the road and into a hotel???  This is #ubuntu-server
<dinsdale07> I know - I'm abusing my webserver with rtorrent, that's why I have to do all cmd style.
<LHC> wtf, im banned from #apache and I never went there before
<ScottK> vorian: Soundtracker failed again on hppa due to deps not being built, but it has a retry button now so you can retry it again when you think it'll work.
<vorian> ScottK: great! thanks for the heads up
<LHC> can someone help me with a little problem
<LHC> i have a dedi that my mate and I share, im wondering how to check if there is apache installed, how do I check this
<Nat_RH> LHC: whereis apache2
<LHC> apache2:
<LHC> says that
<ScottK> which apache2
<Nat_RH> apache2 not installed...
<LHC> ty
<Nat_RH> which version of ubunut?
<ScottK> How about which apache
<ScottK> We didn't support apache 1 for a very long time.
<LHC> I wanted to find out if he had apache installed, he doesnt
<LHC> he has an htdocs folder that allows me to put files there that can be accessed
<Nat_RH> Maybe using another server...lighttpd, nginx?
<jmarsden> LHC: Maybe the output from sudo netstat -ntlp | grep :80   # will tell you what is listening on port 80...
<LHC> 3109/httpd
<LHC> that is the output
<LHC> Im just wondering can I install apache without causing any problems
<jmarsden> Not without making it run on a different port, that's for sure.
<jmarsden> There is already a web server (program named httpd) running and bound to port 80.
<LHC> should I delete that or is it perfectly fine
<jmarsden> It seems to be working, so I'd say it is fine... don't delete it unless you know what it is and that your buddy does not want it :)
<jmarsden> If you have libwww-perl installed, try  HEAD http://myserver  and see what the output says, especially the Server: line
<LHC> Server: Apache/2.2.11
<jmarsden> Hmmm, then that is what is already installed, in some fashion.
<LHC> thats strange I thought eariler it said it wasnt
<jmarsden> Maybe your buddy installed it from source not from the Ubuntu package?
<jmarsden> Sounds like it is time for the two of you to communicate? :)
<LHC> lol yeah
<LHC> I think ill just leave it for the mean time
<LHC> I wanted to know how to use it like a webhost. lots of domains - one server
<LHC> virtualize?
<jmarsden> Yes, I think that's wise.  If you want to poke around you could try locate httpd.conf
<jmarsden> It's trivial, just lost of <VirtualHost> entries in your config file.
<jmarsden> Virtual hosts in the web serving sense, not in the more general "virtual machine" or "virtual server" sense.
<LHC> ahh :D
<LHC> cause I wanted to use multiple domains from this one dedi
<LHC> thats good
<jmarsden> Yes, it's been easy to do that for well over a decade using Apache :)
<LHC> lol
<LHC> im new to this
<LHC> i found the lamp folder
<LHC> is there any command I can use to search for that file
<jmarsden> Oh ugh, your friend used some strange "LAMP" tarball maybe, instead of the Ubuntu packages?
<jmarsden> Yes, the command is locate
<jmarsden> locate httpd.conf
<LHC> cheers
<jmarsden> No problem.
<LHC> worked like a charm :D
<LHC> i like using linux but im slowy learning
<jmarsden> It takes a while.  I started in late 1992... so I have a few years head-start :)
<LHC> wow lol
<LHC> do new commands get added all the time?
<jmarsden> Well, yes, but all the important ones have been there for a while now :)  In 1992 the "distro" fit onto two 720kbyte floppy disks!
<LHC> haha
<LHC> how much has it changed xD
<jmarsden> well, it has got a lot more graphical, and multimedia, and works with more (and faster) hardware... but the basics of a Unix shell to manage a server have not really changed that much.
<jmarsden> Nor have the Emacs editing commands... fortunately for my fingers :)
<LHC> hehe
<LHC> does anyone run window servers?
<jmarsden> Sure, lots of people do.  But not many will admit that here on #ubuntu-server :)
<LHC> haha
<LHC> I think all the big bandwidth guys use freebsd?
<steelcityjim> can anyone help with a samba drive share set up
<steelcityjim> can see the share on windows network but won't allow me to move files to it
<steelcityjim> I think its a password permission issue
<steelcityjim> I have the desktop gui installed
<LHC> jmarsden, should this Options FollowSymLinks be on?
<jmarsden> if you want the web server to follow them, yes.  Otherwise, no, for slightly improved security.
<jmarsden> steelcityjim: pastebin your samba config file somewhere for me?
<LHC> kk :D
<LHC> just remove it?
<jmarsden> LHC: if you do nto need it, maybe commetn out that line in the file, or you could just delete the line.
<LHC> kk thanks
<steelcityjim> jmarsden not sure how to do that
<LHC> btw I found that httpd-vhosts.conf file
<LHC> I see what you mean
<LHC> steelcityjim, haha I see your pastebin thing 010101
<jmarsden> steelcityjim: Visit http://pastebin.ubuntu.com and paste the contents of your /etc/sa,ba/smb.conf file there, then hit the go button and tell me what the URL of the resulting pastebin page is.
<LHC> one thing jmarsden
<LHC> http://pastebin.com/d261154e4
<LHC> so thats two websites?
<jmarsden> LHC: yes.  The DocumentRoot lines are a bit odd, but yes.
<steelcityjim> how do I find that file guys?
<LHC> Ill change them to my root which is /home/htdocs
<LHC> so /home/htdocs/firstsite  + /home/htdocs/2ndsite
<LHC> that would be two sites?
<jmarsden> LHC: Sure, that could work.
<LHC> cool
<LHC> then I point the domain name to that directory?
<jmarsden> You make the DocumentRoot for that VirtualHost be that directory.
<jmarsden> If you end up doing a couple of hundred sites, you'll want to automate all of this... I think ebox will do it for you
<LHC> yeah, btw what happens if I dont make a virtualhost but try to do the same thing? will it break
<LHC> il google ebox
<jmarsden> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<LHC> looks good
<LHC> btw if someone got the server password, are I doomed
<jmarsden> Without any virtualhost entries in your httpd.conf (and the files it includes) you just have one web site.
<jmarsden> The server password as in the root account password?
<jmarsden> Probably, unless you trust that person a lot :)
<jmarsden> (Well, to be specific... *you* are not doomed, but your server might be!)
<LHC> haha
<LHC> I guess all the popular sites passwords are 100 characters long
<steelcityjim> jmarsden  ok i think i pasted what you need pastebin 117913
<LHC> I can imagine loggin onto youtube and being redirected to a trojan site xD
<steelcityjim> is that what you need jmarsden?
<jmarsden> Yes.  So... which share has the issue?  public?
<steelcityjim> yes
<steelcityjim> this is my first config
<steelcityjim> so I probably screwed something up
<jmarsden> And the symptom is that windows client machines can see the share just fine, and read files there, but not write files there... what are the (Linux) permissions on your /home/jim/Public/ directory ?
<steelcityjim> well i don't know about read since I don't have any file in it yet
<steelcityjim> but I cant write for sure
<infomomo> hey guys
<jmarsden> OK.  Do       ls -ld /home/jim/Public/      # and tell me what it says
<infomomo> ubutnu server here, and i would like to swicth the repositories to my country's specific
<infomomo> it's possible ?
<steelcityjim> where do I do that?
<jmarsden> infomomo: edit /etc/apt/sources.list
<steelcityjim> in the browser?
<jmarsden> steelcityjim: At a shell command prompt... this is a server, right?
<steelcityjim> im in the desktop gui
<infomomo> jmardsen: i must edit  by hand
<infomomo> ?
<infomomo> i am in canada you see
<steelcityjim> no desktop trying to convert to server
<infomomo> usually iweb's or sherbrooker are the fastest ones
<jmarsden> infomomo: I don't know of an automated tool for that... I would edit it by hand., but then I am used to editing files :)
<infomomo> me too :D but it seems like ubuntu desktop has the tool to choose the fastest server
<infomomo> why wouldnt it be available for server
<jmarsden> Because it is GUI-based and server does not come with a GUI?
<infomomo> maybe :D
<LHC> btw jmarsden sorry to interupt, after I set those. How do I access the second one?
<jmarsden> So you *could* install ubuntu-desktop on the server and then use that tool... but it seems easier to just edit the file :)
<infomomo> right
<jmarsden> LHC: http://www.seconddomain.com
<infomomo> i dont need a desktop on the server
<LHC> I donthave any domains for it yet
<LHC> its just using the server ip
<steelcityjim> I could not get the desktop to work from the server
<steelcityjim> so installed the desktop
<jmarsden> LHC: Then you can't access it.  Apache virtual hosting depends on domain names.  Well, you could test by setting up your own DNS server for the fake domaons if you want to.
<jmarsden> steelcityjim: So you are in #ubuntu-server asking for support for a ubuntu desktop machine... this is not really a good idea...
<steelcityjim> doh
<jmarsden> steelcityjim: Anyway, what does ls -l /home/jim/Public/ say ?
<LHC> oh
<steelcityjim> where do i put that in?
<steelcityjim> im in the gui
<LHC> jmarsden, I saw an option on tasksel about that
<jmarsden> steelcityjim: You type a command at a shell prompt.  Open up a terminal window and type it.
<jmarsden> LHC: Sure you can ... but I
<jmarsden> am not going to teach you how to configure DNS servers tonight too :)
<LHC> lol yeah
<LHC> what will the end result be? allowing me to type in any url and itll work?
<jmarsden> Any url that resolves to the IP of your server and which matches one of the ServerName or ServerAlias lines, yes.
<steelcityjim> no such file or directory jmarssden
<steelcityjim> is that the number 1
<steelcityjim> or L
<LHC> nice
<LHC> ill give that a go another night lol
<jmarsden> steelcityjim: Lima Sierra  ls "ell" "ess"
<steelcityjim> no such file or directory
<steelcityjim> did I bone the file creation up?
<jmarsden> steelcityjim: You did create a directory called /home/jim/Public, right?  Before you tried to share it?
<steelcityjim> i thought i did
<jmarsden> I would check on that if I were you :)
<jmarsden> Remember that public and Public are two different directories in Linux...
<steelcityjim> oh man
<steelcityjim> wait maybe i jacked that search up
<steelcityjim> how do I create the directory in the gui?
<jmarsden> I forget.  In the shell, do    mkdir /home/jim/Public
<jmarsden> You want help on the GUI, ask in #ubuntu, not here :)
<steelcityjim> ok did the mkdir /home/jim/public
<steelcityjim> then did the ls -l command and it gave total 8
<jmarsden> No... Public not public.. Your config file used Public so that is what you need to use
<steelcityjim> mfer
<LHC> jmarsden
<jmarsden> You need to be really accurate about typing in the Lunux/Unix world
<LHC> im going to buy thelhc.info xD
<jmarsden> LHC: Have fun :)
<LHC> yes its like 99p
<LHC> itll be good practise :P
<infomomo> how to update ubuntu-server ?
<steelcityjim> ok says can't creat directory home/jim/Public file exists
<infomomo> apt-get update?
<infomomo> apt-get upgrade?
<jmarsden> infomomo: sudo apt-get update && sudo apt-get upgrade
<infomomo> i did
<infomomo> :D
<infomomo> thanks
<infomomo> i am at kernel 2.6.27-7
<infomomo> running LAMP
<LHC> anyone buy from godaddy before?
<infomomo> domain yes
<infomomo> why?
<LHC> are the prices for a year
<LHC> or one month
<jmarsden> There is also a package called unattended-upgrades that will do security updates automatically for you
<infomomo> 1 year for domains brother
<LHC> ahh nice
<LHC> WOW infos are cheap
<infomomo> thats whats i need :D
<LHC> 82 pense
<infomomo> hun ?
<infomomo> let me check
<LHC> 82p
<infomomo> show us link please
<LHC> www.godaddy.com
<LHC> try your name
<steelcityjim> jmarsden  cannot creat directory /home/jim/Public file exists
<infomomo> jmarsden: it's allready installed :D guess i did during the install :D
<jmarsden> steelcityjim: OK, so we are back to ... what does  ls -ld /home/jim/Public    output ?
<LHC> infomomo, check your name?
<infomomo> hun ?
<steelcityjim> drwxr-xr-x 2 jim jim 4096 2009-02-13-15:28
<LHC> did you check godaddy about a domain
<steelcityjim> then in light blue after /home/jim/Public
<infomomo> the price you see is only for the first year
<infomomo> then its regilar price
<infomomo> 10$/year
<jmarsden> steelcityjim: OK.  That's a start.  So now put a file in there and check if a windows machine can see/read it.  perhaps just do     echo junk >/home/jim/Public/junk.txt
<LHC> ahh so I can quit then come back? xD
<jmarsden> LHC: Nope, then GoDaddy will steal your domain and ask you even more money for it...
<LHC> ill probably change my name then xD
<LHC> LHC2!!
<LHC> one more thing should all the information be correct cause I dont want my address be floating around the net
<steelcityjim> damn now the folder is gone on the linux machine
<jmarsden> Officially it should be correct.  There are privacy services you can use to hide that info for extra $$$
<jmarsden> steelcityjim: I doubt it... unless you deleted the folder it should stick around...
<LHC> meh Ill just modify it, im not expecting high traffic anyways
<steelcityjim> ok I got it back
<jmarsden> steelcityjim: OK.  So... did you do   echo junk >/home/jim/Public/junk.txt
<steelcityjim> but i tried to move a folder into it and get "the folder cannot be copied because you do not have permissions to create it in the destination
<jmarsden> Stop playing around ... one thing at once: did you do   echo junk >/home/jim/Public/junk.txt
<steelcityjim> yes just did that at terminal
<jmarsden> OK.  So now go to a windows PC and look at that shared directory... can you see the file?
<steelcityjim> no
<steelcityjim> giving me contact network admin you don't have rights to access
<steelcityjim> have access permissions or no logon servers available
<steelcityjim> now im able to access my shared folders on the windows pcs with the linux
<jmarsden> For a quick test, try   chown 777 /home/jim/Public/    and then see if the windows PCs can see that share
<steelcityjim> at termnal right
<jmarsden> OF course :)
<steelcityjim> operation not permitted
<ScottK> So where do I find CA.pl on Fedora?  Why /etc/pki/tls/misc/CA.pl.  Who wouldn't haved guessed that.
<jmarsden> Hmmm.  You are logged in as jim right?
<steelcityjim> yea
<ScottK> Equally obvious was the package I needed is called openssl-perl.
<jmarsden> ScottK: locate is a handy command :)
<ScottK> jmarsden: Google found me where it was located before it found me which package I had to install.  Locate doesn't help if it's not installed.
<ScottK> Installing I'm fine on because I do know yum install apt.
<jmarsden> That's true.  I think you can do something like rpm --whatprovides something   # but it's been a while since I knew RPM
<steelcityjim> jmarsden actually it says changing owership of /home/jim/Public/ operation not permitted
<jmarsden> steelcityjim: My bad... chmod 777 /home/jim/Public
<steelcityjim> ok did that
<steelcityjim> still can't see it on windows machine
<steelcityjim> but I also don't see anything else in the folder
<steelcityjim> on the linux
<jmarsden> steelcityjim: The file junk.txt should be in there...
<LHC> jmarsden, what does chmod 777 do
<jmarsden> Sets permissions so any unix suer can read, modify or view that directory
<steelcityjim> yes that file is there jmarsden
<steelcityjim> I thought the chmod would put something else in there
<steelcityjim> ok quick questions
<jmarsden> so... I'm not sure... reboot the windows PC and reconnect to the share?
<steelcityjim> server settings
<steelcityjim> authentication mode Domain
<steelcityjim> is that what I should have?
<jmarsden> Wait... what?  You are running an Active Directory Domain?  Do you now what those are?
<steelcityjim> no
<steelcityjim> lol
<jmarsden> s/now/know/
<jmarsden> Then don't do that.  Was that the default??
<steelcityjim> 4 options
<steelcityjim> ads
<steelcityjim> server
<steelcityjim> share
<steelcityjim> user
<steelcityjim> and domain 5 sorry
<steelcityjim> oh hang on
<steelcityjim> changed it to user
<steelcityjim> and i can now see the file on the windows pc.....great success
<LHC> jmarsden instead of buying .info I got a free.us.to one
<LHC> :D
<jmarsden> For a small home network you probably want user... yes.  OK, we got there!
<steelcityjim> ok now i know your gonna love this
<jmarsden> LHC: OK... now have fun with virtual domains on your web server :)
<steelcityjim> how do I set this up for remote access
<LHC> haha yeah
<jmarsden> Set up what for remote access?  remote file sharing over the Internet?
<steelcityjim> yes
<LHC> do when I add them do I point it to /htdocs/2nd ?
<LHC> if so im doing it :D
<steelcityjim> and I don't have a static ip?
<jmarsden> steelcityjim: You'd be mad to try that!  SMB file sharing is basically 100% insecure for Internet use.  You'd need to tunnel it inside a VPN for security, and I have other things to do tonight that teach you that...!
<steelcityjim> lol
<steelcityjim> ok answer a few ?'s real qick
<jmarsden> Why not use use something simple like FileZilla on the remote PC and SSH to your Linux box?
<steelcityjim> is filezilla linux or windows?
<jmarsden> Both, but I was thinking use it on remote Windows client PCs
<steelcityjim> i was going to ask about ssh
<steelcityjim> now ssh is a server application linux correct?
<jmarsden> There is an ssh client and an ssh server, yes
<jmarsden> They exist for both Linux and Windows...
<steelcityjim> i did not see that in the standard apps
<steelcityjim> I would want to set up as ssh server right
<jmarsden> what is a standard app?   sudo apt-get install openssh-server
<steelcityjim> the list in the desktop gui
<jmarsden> Quit thinking about and using a GUI, learn to use a server :)
<steelcityjim> yea thats what people keep telling me
<steelcityjim> I tried for 3 nights to get the server working via the command line
<steelcityjim> did not go well
<steelcityjim> however don't think i was getting the best direction
<steelcityjim> not like you
<jmarsden> So: sudo apt-get install openssh-server  # on the Linux box
<steelcityjim> ok
<steelcityjim> then im assuming i have to configure a sing on and password
<jmarsden> Then open port 22 in your router and point it to the IP of the Linux box
<jmarsden> You already did, you configured the user called jim
<jmarsden> You can add more users, if you want, but jim will do for now
<steelcityjim> now from the remote
<jmarsden> remote like not on your local LAN?
<steelcityjim> i type in the ip address of my internet connection at the time
<steelcityjim> yes
<steelcityjim> obviously that changes everytime i sign in and out?
<steelcityjim> since its dynamic
<jmarsden> Once you have that router configured right, yes.  You set up FileZilla to talk SFTP on port 22 to your public IP.
<jmarsden> You can use something like no-ip.com to get a dynamic DNS entry if you want to avoid that hassle.
<steelcityjim> now I have read some ip providers have an issue with this
<jmarsden> Well, for occasional SSH use to manage your home server, I doubt it.
<jmarsden> If you start firing masses of big files back and forth, sure...
<steelcityjim> like movies?  lol
<jmarsden> They want you to sign up for a business grade Internet connection.  Yes, like any large files.
<steelcityjim> and im assuming for hosting a personal web site also
<jmarsden> Yes.  Read the Terms of Service agreement from your ISP to check what their rules are.
<steelcityjim> im guessing they want more $$
<jmarsden> Correct.
<steelcityjim> they want $10 more a month for a static ip
<steelcityjim> so how does the no-ip.com work?
<jmarsden> You create a free hostna,me such as steelcityjim.no-ip.com and then run a program on your linux box that updates that account with your current Ip address every time it changes.
<steelcityjim> do they charge for that?
<jmarsden> Then from the outside you connect to steelcityjim.no-ip.com and you get to the right linux box even if its Ip has changed.
<steelcityjim> oh thats sweet
<jmarsden> No, it is free but you have to keep clicking on an email every 60 days to keep it.
<jmarsden> You can pay for upgraded services but I have not done that.
<jmarsden> There are many such services.  dyndns is another one.
<steelcityjim> excellent i'll check into it
<LHC> is there a way to check what ports are open?
<jmarsden> See http://www.no-ip.com/services/managed_dns/free_dynamic_dns.html for info on their free service.  Works for me.
<steelcityjim> you have been very helpful
<LHC> wow jmarsden you really do like to help haha I just came back and theres a whole page xD
<LHC> well done
<jmarsden> LHC: checking for what services are listening from the server itself?  or from a remote client PC?
<jmarsden> (I should get back to other things...)
<LHC> ahh checking what ports are open on my dedi
<LHC> via putty
<jmarsden> On the server if you do    sudo netstat -ntlp   # you will see what TCP services are listening on what ports there
<jmarsden> On a PC at home you could run nmap to portscan the dedicated server and check it that way too...
<LHC> hehe it worked perfectly again thanks
<jmarsden> No problem.
<LHC> http://pastebin.com/db97b1a9
<LHC> so is that perfect?
<jmarsden> Looks like it should work.  I would put stuff in so that each domain logs to a differnt log file, and maybe add ServerAlias lines for www.domain...
<jmarsden> But as it is it will work.
<LHC> oh I suppose your way is better practise :D thanks alot man
<jmarsden> See http://pastebin.com/d389ecc90 for an example that shows what I ended up doing on a production server...
<jmarsden> It hosts maybe 150 domains...
<LHC> WOW
<LHC> 150?
<LHC> why so much
<jmarsden> Sure, that's small potatoes for todays world.  Small businesses that are clients of the company I work for...
<LHC> once I get this all good I think ill maybe sell webspace for cheap
<LHC> cool
<jmarsden> You can do 1000 web sites per server if they are all small static sites :)
<LHC> the whole reason I was looking for this is because Im going to go around to local businesses and get them an online presence
<LHC> so I wanted to know how to do it xD its very interesting i like it
<jmarsden> If you know enough to provide reliable hosting, and fix it fast when it breaks, go for it.  Small business owners get really upset when their website (or email) goes down!
<LHC> lol yeah
<LHC> itll most likely be static as said, maybe their menu or services and a contact form
<LHC> dammit forbidden xD
<ScottK> OK, so $CLIENT now is their very own CA and their postfix box is using the self signed certs.
<ScottK> Time for Scotch after logging out of the Fedora box.
<LHC> for apache does it matter where you place the htdocs file? I got it in /home/htdocs whilst apache is in /opt/lampp/
<jmarsden> LHC: It can be anywhere you want, even a CDROM :)  Just be sure that the apache server can read the files there
<LHC> haha cool
<LHC> how do I make sure?
<jmarsden> Directory permissions all the way down the tree... so if you use /home/htdocs then check using ls -ld /home and ls -ld /home/htdocs
<jmarsden> You need the user and group apache runs as (often www-data but check your httpd.conf) to be able to read and traverse all the dirs from / down to the one you specify.
<LHC> drwxr-xr-x 8 root root 4096 2009-02-03 00:23 /home
<LHC>  
<LHC> drwxr-xr-x 9 root root 4096 2009-02-14 05:53 /home/htdocs
<LHC> so that is fine
<jmarsden> Should be fine, you have x permissions for everyone all the way down, and read for everyone too.
<LHC> nice
<steelcityjim> jmarsden you said your using this no-ip.com
<jmarsden> Yes...
<steelcityjim> what router you got?
<steelcityjim> seems this won't work with some routers
<jmarsden> I'm using it a several client sites, so it works over all kinds of things from Linksys and DLink home stuff to small Cisco and SonicWall and MonoWall routers... what is your real question...?
<steelcityjim> thats it
<jmarsden> Why would it not work with some routers...
<steelcityjim> i got lynksys
<steelcityjim> thats what is say on their site
<jmarsden> It just uses HTTP (web access)... hmm, I've never seen it fail, will check...
<steelcityjim> they only list 4 or 5 that it works with
<LHC> jmarsden I got an idea, I may reinstall apache so I know everything will work cause what is on atm doesnt seem to work
<steelcityjim> guranteed
<steelcityjim> I signed up
<steelcityjim> gonna give it a shot
<jmarsden> LHC: Well, it was working before you started editing things, right?
<jmarsden> So either you broke it or it is still working :)
<LHC> yeah when index.html was in the htdocs dir
<LHC> I dont think this multiple domains thing isnt working for me Ill just put it back
<jmarsden> What exactly is "not working" now?
<LHC> http://thelhc.us.to/
<LHC> its forbidden
<jmarsden> You mean you are getting an error 403?
<LHC> yep
<LHC> but when I add the folder http://thelhc.us.to/thelhc/ it works
<LHC> btw thats just a test page lol has a curse word on it
<jmarsden> So it is working fine... you can either set the document root to /home/whatever/thelhc/  or you can move your content up one level.
<LHC> <VirtualHost *:80>
<LHC> ServerName thelhc.us.to
<LHC> ServerAlias thelhc.us.to
<LHC> DocumentRoot /home/htdocs/thelhc
<LHC> </VirtualHost>
<jmarsden> OK.  Seems reasonable.  And the file is in /home/htdocs/thelhc/ ?
<steelcityjim> how difficult is makeing a web page?
<jmarsden> LHC: Did you restart the web server after the domain name became active and pointed to your IP?
<LHC> ahh no
<jmarsden> steelcityjim: Trivial... for a trivial page :)
<LHC> that might be the problem?
<jmarsden> Yesm it might well.
<LHC> would that reboot the whole server?
<jmarsden> No.
<LHC> thank god haha
<steelcityjim> and thats apache I use for that correct
<jmarsden> steelcityjim: For creating the page you use a text editor, or a web page creation tool if you prefer.  For serving up that page so others can see ityou could use Apache.
<steelcityjim> any text editors better than others?
<jmarsden> LHC : If you can find a command called apachectl try   sudo apachectl restart
<LHC> bash not found haha, i think i have to use kill command
<jmarsden> steelcityjim: Yes.  But there's a bit of a "religion" thing about which ones people prefer... use one you already know well.
<jmarsden> LHC Try not to do that...
<LHC> it sounded cool though xD
<steelcityjim> well I have not used any which do you prefer
<jmarsden> LHC: Do you know how the httpd was started?
<LHC> nope the other fella does that, he installed it
<LHC> I have a right mind of wiping it
<LHC> backup the files I need the clean install
<jmarsden> steelcityjim: I use Emacs but it takes a while to get comfortable with.  Try nano for something quick and simple.
<steelcityjim> ok apt-get install nano/
<steelcityjim> ?
<jmarsden> LHC; Your call.  So locate apachectl  does not find it at all?
<jmarsden> steelcityjim: sudo apt-get install nano   # but it may already be installed?
<LHC> oh it did,  /opt/lampp/bin/apachectl
<steelcityjim> jmarsden you ever see a captive works 3000hd?
<LHC> http://www.captiveworks.com/cw3000hd.php
<LHC> he did now haha
<steelcityjim> you familiar lhc?
<jmarsden> LHC: so do   sudo /opt/lampp/bin/apachectl restart
<LHC> wow jmarsden you know everything haha
<jmarsden> steelcityjim: No, I don't think so.  I used to be involved in setting up satellite comms at one point, but not recently...
<LHC> I think its working
<LHC> ill check
<jmarsden> LHC: No, I just know a fair bit about network and system admin stuff, because I have done it for years...
<steelcityjim> linux based media satellite reciever
<steelcityjim> pretty neat device
<LHC> haha fair enough
<LHC> so far its working I just have to point it to thelhc folder
<jmarsden> Interesting idea... much will depend on how good the software it uses is...
<steelcityjim> Ive had it for almost a year now
<steelcityjim> works pretty well
<steelcityjim> decodes hd satellite, dvr, web browser, cd/dvd burner
<steelcityjim> im sure you could fine tune it
<jmarsden> Probably needs a Bluray burner if you want to keep many HD movies around, I would think?  And yes, if I had one I'd probably hack on it :)
<steelcityjim> they claim they can't put blu ray in because of the driver or something
<steelcityjim> sony will sue
<LHC> sucky sony
<steelcityjim> thats the only thing its missing
<jmarsden> Hmmm, maybe there is no open source BluRay recording support in Linux yet... could be.
<steelcityjim> is there open support for hdmi?
<steelcityjim> from my understanding that has encryption also
<jmarsden> Some interest comments and suggestions for HD playback stuff at https://help.ubuntu.com/community/RestrictedFormats/BluRayAndHDDVD
<jmarsden> But nothing there directly says anything about *recording* to Bluray... so I'm guessing it isn't (yet?) doable.
<LHC> decrypt?
<jmarsden> I suppose you could just put a 2TB hard drive in there instead, that should be good to store quite a few movies :)
<LHC> haha
<LHC> do you know what hdbits.org is
<jmarsden> Sounds liek a place to get HD movie keys from?
<LHC> its a hdtorrent tracker
<LHC> it is pro for all hd stuff, the most popular hd tracker. If i get an invite ill pass it onto you?
<jmarsden> If you want, sure.
<LHC> do you know what, what.cd is
<LHC> the best music tracker xD
<steelcityjim> lhc what.cd what is it?
<LHC> for music
<steelcityjim> how do you register?
<LHC> its private
<LHC> you have to get an invite etc
<LHC> it counts your downloads and uploads so if you download loads, itll say stop or itll ban you
<steelcityjim> kinda like your own personal itunes
<LHC> sorta but better quality haha
<LHC> WOHOOOOOOOOOooooooooooooooooooooo
<LHC> hey anyone here
<LHC> hey
<LHC> anyone know anything about permissions
<Kamping_Kaiser> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<LHC> haha
<LHC> !coolshitbro
<ubottu> Sorry, I don't know anything about coolshitbro
<LHC> who knows about permissions
<LHC> beat that kaiser
<Kamping_Kaiser> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<LHC> i want to set up a ftp account so the person can upload html and css to their webspace
<LHC> but not go outside of that directory
<LHC> http://ubuntuforums.org/showthread.php?t=1057657
<LHC> I tried this so far
<Kamping_Kaiser> I dont do ftp, so i cant help with that sorry. hang around, someone else might know how
<LHC> k
<LHC> what do you do?
<Kamping_Kaiser> ssh/scp
<LHC> ahh
<LHC> basically I have a whole dedi to use and I hardly use it
<LHC> hey
<LHC> do you know How set up an account so a user can upload to a web directory, but cannot go outside that dir
<Hellsheep> Hey
<Hellsheep> I have a question about something i can't seem to find a good answer to on the net, i am installing noip DUC for Linux, and there is a few different binaries i can use such as: noip2-x86_64 or noip-i686 and i dont know the differece and what one i should use for my server
<Hellsheep> I know it's not a 64-bit server, but i see x86 and im not sure whether to use it or i686
<Kamping_Kaiser> "x86_64" is one string
<Kamping_Kaiser> eg, 64bit x86
<Hellsheep> Yeah, but is it used for 32bit CPU's?
<Hellsheep> I understand x86 to be 32bit
<Hellsheep> so to see x86 and 64 in both confuses me
<Kamping_Kaiser> x86 is the architecture, not related to the number of bits :)
<Kamping_Kaiser> 686 is the 32bit version (just for the logs)
<Hellsheep> oh, i see.
<maswan> yes, amd made a rather big mistake early on in naming it x86_64, IMHO. had they chosen x64 instead, I think things would be much clearer.
<Hellsheep> Agreed
<Hellsheep> Because i understand x64 to be 64-bit
<maswan> they renamed it amd64 later, but that has only partial uptake
<Hellsheep> and x86_64 to me is like
<Hellsheep> A mixture
<Hellsheep> Well
<Hellsheep> 686 it is then
<maswan> x86_64 is just another name for amd64/x64/em64t
<Kamping_Kaiser> isnt x64 used for itaniums? (IA64)
<maswan> no, it isn't
<maswan> x64 is what sun and microsoft call it
<maswan> and it being amd64/em64t/x86_64
<Kamping_Kaiser> aah, of course.
<maswan> since em64t/x86_64 are crap names and amd64 sounds a bit confusingly vendor-specific though it really isn't.
<Kamping_Kaiser> no much more specific then IA32 or IA64 (imo)
<maswan> yeah, I agree
<maswan> ah, intel now call it "intel 64", not to be confused with "intel architecture 64" which is itanium. ugh.
<Kamping_Kaiser> yep. loved that.
<uvirtbot> New bug: #329170 in dovecot (main) "Authentication failing intermittently" [Undecided,Incomplete] https://launchpad.net/bugs/329170
<Kartagis> how can i get dhcp to log in it's own file?
<Kamping_Kaiser> give syslogd a poke so it stops logging into syslog and starts into $otherfile
<maDChoPR> can anyone help me with bacula and win32 client?
<roy_hobbs> What are some ways to maintain /home/$USER on a centralized (redundant) server, but have it cached to a client machine when the user logs in, while not letting the client fill up to capacity if many users have logged in?
<tewmten> nfs perhaps?
<tewmten> i think you can do stuff like that with samba also
<tewmten> but personally ive only did those setups with nfs
<roy_hobbs> I was looking into AFS and DRBD.  I was interested in how enterprise networks handle such things.
<tewmten> ok i dont know about that
<tewmten> afs is the apple thing, right? i have a faint memory i used it a bit with my powerbook, but that was years ago
<roy_hobbs> no afs is a distributed network file system
<tewmten> ah ok
<tewmten> i was thinking afs, apple file share
<tewmten> http://en.wikipedia.org/wiki/Andrew_File_System
<tewmten> thats the Ã³ne you mean, right?
<roy_hobbs> yes
<tewmten> seems cool
<domas> hi!
<domas> http://p.defau.lt/?ILkL1opB2Tcs4iaRCW50pQ <-- do high Slab/SUnreclaim values mean I have memory leak in kernel somewhere?
<cart2man> anyone have any ideas where to go from here in terms of recovering my RAID10 array? http://pastebin.com/m39890121
<Mal3ko> anyone famiiar with pure-ftpd here?
<ZipmaO> Hi, I'm having a problem getting php mail function to work on my ubuntu web server. Someone's got a hunch?
<ZipmaO> Need help configuring the mail server to send emails through ISP:s smtp server and set the correct [mail function] setting in php.ini
<domas> ARGHHHH, I kept working tree of hour's work in /tmp, then rebooted
<axisys> i have a second network card.. do I just add this to the interfaced file `iface eth1 inet dhcp' ?
<axisys> sudo ifconfig eth1 dynamic did not help
<ivoks> open the file and write
<axisys> this is how the interfaces file currently looks like
<axisys> http://pastebin.com/f3e716c63
<axisys> so when I add .. do I have to run anything to activate short of rebooting?
<ivoks> you don't have to reboot
<ivoks> just ifup eth1
<ivoks> you know what 'auto eth0' stands for?
<axisys> ivoks: no
<ivoks> auto eth0 = when starting networking, start eth0 interface
<ivoks> automaticaly
<ivoks> that's why there's auto eth0
<ivoks> so if you want that for eth1...
<domas> is there a way to use canonical support without using landscape? :)
<axisys> how do I make sure my default gw interface is eth0 ?
<ivoks> axisys: good question
<ivoks> hm...
<axisys> right now route shows this
<axisys> default         192.168.1.1     0.0.0.0         UG    100    0        0 eth1
<axisys> default         192.168.1.1     0.0.0.0         UG    100    0        0 eth0
<axisys> lol
<ivoks> axisys: to be honest, i don't know :D
<ivoks> i don't think that's possible with dhcp
<ivoks> you can't flush routes and set your own
<axisys> i could have a line in interfaces to del the default route to eth1
<axisys> looking for the syntax
<ivoks> since dhcp server will resend everything
<ivoks> you could, yes
<ivoks> post-up 'route del default gw dev eth1'
<axisys>  sudo route del -net 0.0.0.0 gw 192.168.1.1 dev eth1
<ivoks> but, i'm not sure that will work once dhcp client asks for lease again
<ivoks> but...
<ivoks> you don't need sudo
<ivoks> you should look at /etc/dhcp/dhclient.conf
<axisys> ivoks: so add this line exactly? post-up 'route del default gw dev eth1'
<ivoks> so that client doesn't accept routes for eth1
<ivoks> axisys: yes, but as i said, i'm not sure that will work
<ivoks> since dhcp client asks for routes every couple of minutes
<ivoks> and you only bring interface up once
<ivoks> that's why i think /etc/dhcp3/dhclient.conf should provide some solutions
<axisys> i have to run for a min.. but i think u r right.. i just should not request for the routers in the dhcpclient file
<axisys> and just add the default route as a script for eth0
<ivoks> right
 * axisys will be back in few hrs
<domas> kees: that was fast! :)
<kees> domas: caught me just as I was sitting down at the computer.  :)
<domas> kees: I think I can try producing a C-based small testcase that wouldn't need apache
<domas> kees: (and leak doesn't go away until you reboot)
<kees> domas: oh! that would be very useful, yeah
<kees> domas: yeah, though I guess what I meant was, if you disable apparmor, the leak stays away?
<domas> yup, /etc/init.d/apparmor stop doesn't release memory
<kees> if it's limited to just one action, it should be (hopefully) easy to track down and fix.
<domas> it is still unreclaimable
 * kees nods
<domas> kees: thats the only thing I changed
<kees> right, but if you boot, turn off apparmor, and then run the test-case, it's okay?
<domas> I switched locking mode for a process that was apparmor-audited
<domas> kees: yup
<domas> no apparmor, nothing bad happens
<domas> I have 200 servers doing the job, few with apparmor
<domas> those few caused troubles :)
<kees> dang, sucky bug.  but like I said, with a test-case, it should be easy to find.
<kees> yeegh
<domas> we have canonical contract, but we didn't manage to find out how to open issues without installing landscape :)))
<kees> i'm honestly not sure how to either; I think you can just call the support phone #
<domas> cd /tmp
<domas> ergh
<domas> damn, today I rebooted one box and it wiped out working tree with few hours of diffs
<domas> I should avoid putting stuff into /tmp :)
<kees> eek
<LHC> does anyone have this in their home? or work. Like have a sound system that people can add sounds to a playlist
<domas> kees: hahaha, http://p.defau.lt/?HxHScO_HJyFcgLVE2Fp8qw
<domas> kees: this is what I hit with my testcase ;-D
<domas> kees: and immediate leak too
<domas> kees: I guess next step for me would be fixing it, but I really really don't want to go into kernel hacking land ;-)
<kees> domas: heh, okay, just attach the testcase to the bug, and I'll start getting the people we need to get it fixed.
<domas> kees: done
<kees> great, thanks!
<domas> it is all in the bug now
<domas> thanks for attention, immediately spotted you on subscribers :)
<domas> the kernel message buffer problem looks scary :)
<kees> yeah
<domas> hehe, I was solving other issue today
<domas> default php5-apc uses pthread futexes on shared memory
<domas> so if some apache kid segfaults, it leaves a deadlock
<domas> damn I hate computers :)
<domas> haha, kees, sorry to kill your vm! :)
<domas> kees: one could treat this as direct DoS vector
<domas> as fcntl kills apparmor in confined environments (I guess one could manage to do same with PHP and such)
<vikram> Anyone have any clever ideas for identifying a hard drive? I have a big raid6 that needs a drive to be replaced, but i cant tell what sdg is physically in the chassis
<domas> look for one that doesn't blink
<domas> =)
<vikram> Sadly they dont have individual lights
<domas> well, then you can try guessing
<domas> if you don't have visual IDs, the only remaining thing is shutting system down, and checking serial numbers
<vikram> The drives are split across multiple controllers, can i at least tell which driver owns which device nodes?
<domas> ghm, dmesg tells you some of that
<vikram> I had a look at that, but it didnt say which driver, it all appears like it comes from scsi
<vikram> x:0:0:0
<domas> hehehe, it is quite strange not to have individual LEDs ;-)
<vikram> i'm hunting through /sys at the moment
<domas> I'm spoiled by good hardware :)
<vikram> Equilibrium
<vikram> Ok i can tell which drives are on the same controller, but which controller is another question
<vikram> there must be a vendor/model/id label somewhere here...
<vikram> ah, here is a thought, i can put the drive to sleep with the scsi id
<vikram> then just listen for which drive switches off
<domas> =))
<domas> might work!
<domas> make sure others do lots of seeks then
<vikram> The needle lands when the drive goes to sleep, so it should be fairly easy to catch
<mrcoodles> how do i start mysql server?
<domas> mrcoodles: depends how you installed it, but usually /etc/init.d/mysql start
<mrcoodles> domas: tried that , says Access denied for user @ localhost
<domas> then you already started it ;))
<domas> I hate debian/ubuntu mysql package
<domas> =)
<mrcoodles> no, /etc/init.d/mysql status says its stopped.
<mrcoodles> any clue where the config file is ?
<domas> heh, /etc/mysql/my.cnf
<ha1331> Having problems with hp proliant ML110 G5. I have system installed on single disk and additionaly have 2xdisks on raid array. Would like to partition and format the array, but cannot find the array. /dev/sdb and /dev/sdc are present but no /dev/md* .
<vikram> cat /proc/mdstat
<ha1331> cat: /proc/mdstat: No such file or directory
<jmarsden> ha1331: Have you installed and used mdadm?  Maybe http://ubuntuforums.org/showthread.php?t=408461 will help?
<ha1331> jmarsden I need those even if I have raid "controller"
<ha1331> ?
<jmarsden> You were looking for /dev/md* which is for software raid devices... ?
<jmarsden> if you want to use a hardware raid controller you need to load the driver for that controller
<ha1331> jmarsden sorry about that... I tried to figure out if the array should appear as /dev/md. It isn't real raid controller, it is software raid, atlest I think so, after all /dev/sdb and sdc are present
<ha1331> lspci -v tell's me this:
<ha1331> 00:1f.2 RAID bus controller: Intel Corporation 82801 SATA RAID Controller (rev 02)
<jmarsden> If you can see the drives and are OK with using software RAID, then use mdadm and you'll get software RAID.  You might be "wasting" the capabilities of your disk controller, but it will still work.
<jmarsden> That doesn't sound like a "real" serious RAID controller. so I'd say go for software RAID.
<ha1331> well, I already created the array during boot, and it was present on install, but now I cant find it anywhere
<jmarsden> How exactly did you "create the array during boot"?  Using what tool did you do that?
<ha1331> pressed during boot, and created it, just like one would with real controller
<ha1331> pressed f8
<ha1331> more from lspci -v:
<jmarsden> I think you just created some sort of fakeraid array that is not understood by Ubuntu ?  I know nothing about fakeraid stuff... I'd suggest avoiding that approach
<ha1331>         Kernel driver in use: ahci
<ha1331>         Kernel modules: ahci
<ha1331> During the install, I had the option of installing the system on that array
<ha1331> so one would think it should be present on the installed system
<jmarsden> No idea.  Right now you can see the two drives as sdb and sdc, so you can go ahead and use them for software RAID... or you can try and figure out whatever you did before... your choice.
<ha1331> thanks for your help anyways :)
<jmarsden> OK :)
<vikram> pvmove is so horribly slow
<vikram> 1Tb takes about 24hrs
<LHC> anyone have 1 1tb hdd
<vikram> ?
<jmarsden> LHC: Even if someone does, they aren't likely to give one to you over IRC :)  640GB drive here, BTW...
<ha1331> jmarsden https://help.ubuntu.com/community/FakeRaidHowto#In%20Long%20without%20detail%20as%20above%20(2008-10-26%20update)
<vikram> 1Tb is the cheapest $/gb drive
<ha1331> this helped
<vikram> you can find OEM Western Digitals for $90 on ebay
<ha1331> now I'm fdisking plenty
<jmarsden> ha1331: OK, if you like fakeraid, go for it.  As the link I provided earlier says, you seem to end up with the worst of both hardware and software RAID that way, but I know some people like it...
<ha1331> jmarsden like the way you think, atleast you managed to present it positively :)
<vikram> The only thing I can think of that makes fakeraid practical is if you are going to share the disk with windows
<jmarsden> vikram: BTW you can get a 1.5TB drive from newegg for $130 which is cheaper per TB than your suggested $90 for 1TB on ebay :)  http://www.newegg.com/Product/Product.aspx?Item=N82E16822148337
<vikram> Oh not bad
<vikram> i have 6x500GBs in RAID6 at the moment. Very slow (10mb/s) but very reliable
<jmarsden> That really does sound slow for a multi-drive array... do you know where the speed bottleneck is?
<vikram> processor and controllers (old AMD x2, and old nvidia)
<hads> That is slow
<LHC> vikram, nice
<LHC> I may get a samsung 1tb spinpoint
<LHC> what do you use that for? hd video
<vikram> No, nothing fancy just /home /music /movies
<vikram> it started off as 1 500gb disk in 2003 and just sorta got bigger
<vikram> burst write still kicks ass though, near 150mb/s, but sustained writes to the array tape off at 30mb/s, controller to controller is around 10mb/s
<LHC> cool :D
<LHC> is it just a standard biege pc case
<vikram> yes, the cheapest case i could find
<vikram> luckily it has nice removable disk racks inside
<LHC> I may use my first pc as a server
<LHC> its an old compaq persario
<LHC> what specs are needed? for simple ftp downloader and music server
<vikram> Anything over p3 is overkill
<LHC> its an amd 500mhz something xD
<vikram> my jack server is a 200mhz cyrix running off 256mb of flash
<LHC> wow haha
<vikram> but it has a $700 dsp in it :)
<LHC> whats the most elaborate home system youve heard of
<LHC> I love the hardware side and im learning loads about scripts and software side
<vikram> i dont really follow the trends, i just sorta build something and put it behind a table until it dies
<LHC> haha
<LHC> oh btw what psu, I cant find any low power ones
<LHC> efficent and low watts i want
<vikram> you can buy small PSUs from ebay
<vikram> little ITX ones or even the laptop kind
<LHC> i reckon having your own wee server is the best way to learn haha
<ha1331> jmarsden: got fed up with it... going with the softraid on linux :D
<jmarsden> :)
<ha1331> those crappy-raids got to be the stupidest thing ever
<ha1331> totally invented by moron
<vikram> linux raid has really become quite capable these days
<ha1331> vikram hope so :D
<domas> kees: _any_ operation on unlinked files causes the issue
<domas> kees: just reproduced with write(fd,"a",1);
<vikram> I've been using it for the last 4yrs now anyways
<ha1331> new to ubuntu, used to go with gentoo, this is quite an experience
<vikram> in any distro switch the only pain is learning the package management commands
<LH[> hey jmarsden !
<jmarsden> LH[: Hi
<LH[> you know the way when you learn php or whatever you do a project at the end to test yourself? I thought of a cool one and it may use my server hehe
<LH[> since its underused, if anyone wants anything hosted tell me cause I got 200gigs free
<mrcoodles> im running a mysql server on ubuntu server as a guest on vmware which is on vista. any clue what else i have to do besides port forwarding 3306 so i can access sql from vista ?
<LH[> mrcoodles, you can run ubuntu on windows via wmware?
<mrcoodles> well, yes.
<mrcoodles> its sort of the point of vmware.
<LH[> I only heard of vmware on a mac I never knew it could be used on windwso
<LH[> can you send a screenshot?
<mrcoodles> i would but i also have loads of porn open and i cant share that.
<LH[> sharing is caring
<mrcoodles> meow.
<LH[> Moooooooo
<mrcoodles> not into that.
<LH[> VMware Workstation
<LH[> is that it
<mrcoodles> myeaps.
<LH[> awesomee
<jmarsden> mrcoodles: If you have the vmware networking stuff all set up so your Ubuntu VM has a known IP address reachable from the Vista, you should be all set?  But this is not really a #ubuntu-server question, if your host OS is Vista!
<LH[> ha
<LH[> can you run mac osx through vmware
<mrcoodles> jmarsden: vmware networking stuff confuse me.
<LH[> why you using it
<jmarsden> mrcoodles: Try using virtualbox or something else instead of VMware, maybe?
<LH[> mrcoodles, does ubuntu work perfectly fine with it
<LH[> I may test a few distros using it
<Mal3ko> can anyone help me with firewall issue?
<jmarsden> LH[: Yes, Ubuntu works fine with VMware, and KVM, and virtualbox... :)
<jmarsden> Mal3ko: as the /TOPIC says: Don't ask to ask, just ask.
<LH[> yaya
<LH[> theres no nonsence in here, just straight to it :D
<Mal3ko> i've set ufw to block most ports but when i scan with nmap, there are still hundred of ports opened
<jmarsden> Mal3ko: ufw should be doing default deny anyway... what does   sudo ufw status    # say?  (use pastebin if output is long)
<Mal3ko> pastebin url
<jmarsden> if you do    sudo ufw status verbose   you get a bit more info... including what the default is.  http://pastebin.ubuntu.com will work.
<mrcoodles> LH[: it works great. im just new to both of them.
<Mal3ko> http://pastebin.ubuntu.com/118208/
<LH[> mralphabet, whats this now
<LH[> mrcoodles, whats this now
<LH[> FAIL lol
<mrcoodles> ehm ?
<jmarsden> Mal3ko: Looks fine to me, so if you nmap scan the machine from another box on your local LAN nmap reports plenty of open ports??  Maybe you can pastebin the nmap output?
<LH[> both of what
<jmarsden> Mal3ko: Is the Ubuntu server connected directly to the public Internet or is there a router that you control in the way?
<jmarsden> LH[: Ubuntu and VMware... I would think!?
<LH[> oh I thought ubuntu and macosx
<Mal3ko> jmarsden: i dont know. maybe you want to scan the server yourself?
<Mal3ko> okey?
<jmarsden> Mal3ko: OK.  You seem to have most ports filtered (I just very gently nmap scanned your IP on a few common ports)... (got your IP from /whois)
<Mal3ko> no..that's not it
#ubuntu-server 2009-02-15
<lukehasnoname> Question:
<lukehasnoname> What is the difference between a vanilla OpenLDAP setup from Ubuntu's repos and something like Fedora Directory Server?
<jmarsden> I suspect lots of predefined schemas and tools for managing them... but I've not used Fedora Dir Server
 * jmarsden is going AFK for a while, hopefully back later...
<rdw200169> lukehasnoname, well, they both provide LDAP, i only know openLdap though... point of note:  openLdap uses the dn=config system now instead of config file
<lukehasnoname> I have zero experience with LDAP, I simply know its uses. I need to ramp up my knowledge and understanding of it, though, as I told a company I could build them software that interfaces with their AD server.
<vikram> ldap is just a simple db, thats all
<andol> vikram: It is? I always imagined it being a protocol :-)
<vikram> Misnomer
<lukehasnoname> It's a spec for a type of database
<lukehasnoname> that's how I see it
<lukehasnoname> in any case, I'm reading that FDS is easier to use and manage than OpenLDAP
<vikram> Its commonly used for providing authentication
<vikram> Windows Domain Controller uses an ldap db
<vikram> but once you cross 2000 clients, most people prefer the performance of kerberos over ldap
<vikram> Microsoft loves ldap, they use it in Exchange too. But as many of us have come to absolutely hate exchange, its mainly because ldap wasnt designed for anything more 1 liner entries
<Jeff1> hello, do i need to add a mime or something so my apache2 kicks in .cgi/.pl files? - php is fine, perl main file sites in /usr/bin/perl - my hello world script is exe/755 and what i get is my browser fires up the code raw in text rather than exec'n it
<Deeps> might need libapache2-mod-perl2
<Jeff1> ok, so thats a basic apt-get method?
<Deeps> sure
<Jeff1> thx
<Jeff1> is there a way, now on topic, to restart perl on my box
<Deeps> restart perl?
<Deeps> perl's an interpretter, it runs on demand
<Deeps> do you mean reload apache's config so it's aware of the newly installed mod_perl?
<Jeff1> I mean anything needed to let apache2 know its now there or something
<Jeff1> yes
<Deeps> apache2ctl reload, /etc/init.d/apache2 reload, invoke-rc.2 apache2 reload, 3 options, take your pick
<Deeps> ok not apach2ctl, lol
<Mal3ko> how to allow port ranges with ufw?
<Jeff1> ha! thanks chief
<Deeps> apache2ctl graceful i think
<Deeps> i tend to use the init scripts personally anyway, easy to tab complete and all services are listed in there
<Deeps> ls /etc/init.d/, you'll find a lot in there, running them without args tells you what args they accept
<Jeff1> i shal reboot incase
<Mal3ko> how to allow port ranges with ufw?
<ScottK> I'm pretty sure man ufw will explain that.
<steelcityjim> can anyone assist with at ssh setup
<ScottK> Depends on what kind of help you need.  What's the problem.
<steelcityjim> i just loaded ssh
<steelcityjim> setting up an acct witn no-ip.com
<steelcityjim> No i have to redirect something on my router
<steelcityjim> downloading a file from a website that how do I run it?
<steelcityjim> do I open with archive manager?
<LH[> wget url?
<steelcityjim> got a file on my desk top how do I run it?
<LH[> click on it
<LH[> brb booting ubuntu
<steelcityjim> ok it brought up a list of files
<steelcityjim> what is the executable in linux?
<steelcityjim> anyone?
<steelcityjim> have a tgz file in my download bin how do I run it?
<steelcityjim> actually tar.qz
<LHC> Ill try
<LHC> whats the link to the download
<steelcityjim> no-ip.com
<steelcityjim> downloaded the file
<LHC> are u running ubuntu as your os, or ssh to a ubuntu server
<steelcityjim> its on my desktop when I double click it I get  aarchive mgr
<steelcityjim> setting up ssh to a ubuntu desktop
<LHC> oh
<LHC> join #ubuntu
<LHC> I want to know too cause Idk how
<ha1331> is it possible to install window xp on KVM that runs on a server without X?
<jmarsden> steelcityjim: Do not run random files... what are you really trying to do?!
<jmarsden> steelcityjim: If the file ends in .tar.gz  ( g as in "gee" not q as in "queue") then you can unpack it using   tar zxf filename.tar.gz
<steelcityjim> ok I got it jmarsden
<steelcityjim> i did sudo apt-get install no-ip
<steelcityjim> looks like it loaded correctly
<steelcityjim> now I guess i need to configure my router
<jmarsden> Ah, that's what you were trying to download.  Yes, always use existing packaged software rather than trying to download a tarball and compile it yourself ... let someobne else do the hard part for you :)
<steelcityjim> ok so im redirecting port 80?
<jmarsden> BTW this is a classic case of asking the wrong question: If you had asked "what software can I install so that no-ip.com knows my dynamic IP address you would probably have got a more suitable answer more rapidly... always ask the real question...
<jmarsden> No, for SSH (unles syou reconfigured it) you are redirecting the ssh port, which is TCP port 22
<steelcityjim> ok is 80 if you do a webpage?
<jmarsden> grep ssh /etc/services will tell you.  and yes, TCP port 80 is the standard port for a web server to run on.
<jmarsden> grep http /etc/services will tell you that :)
<steelcityjim> what is grep http /etc/services
<steelcityjim> I don't see anything in my router config about redirecting
<steelcityjim> would i be looking for single port forwarding?
<jmarsden> steelcityjim: grep http /etc/services  is a command that you type at a shell prompt in Ubuntu
<jmarsden> And possibly, that depends on your router.
<steelcityjim> lynksys
<steelcityjim> linksys
<jmarsden> Your router probably does not run ubuntu server, so you need to ask specific questions about using that elsewhere... :)
<steelcityjim> I thought i had to tell the router that traffic coming in on port 22 (no-ip address) to redirect to the server ip?
<jmarsden> You do.  So do it, but if you do not know how, that is not a ubuntu-server issue...
<mrcoodles> how do i change the resolution for ubuntu server (its just the console) under vmware. its too small.
<steelcityjim> jmarsden tcp protocol correct?
<jmarsden> At [18:25:376] I said: <jmarsden> No, for SSH (unles syou reconfigured it) you are redirecting the ssh port, which is TCP port 22
<LHC> jmarsden, still helping as good as ever xD
<jmarsden> So I answered that question about 20 minutes ago... :)
<LHC> im running ubuntu locally right now
<steelcityjim> sorry im on like 4 different channels
<LHC> its called ubermicro steelcityjim  xD
<steelcityjim> jmarsdens gonna help me set up some users here in a min
<jmarsden> mrcoodles: Just set it up so you can ssh into it and use your favourite terminal app?
<LHC> steelcityjim, are you settin it up so users can use ftp and are locked to a fir
<LHC> dir
<steelcityjim> yes thats what I'd like to do
<LHC> I need to do the same thing haha ill watch closely
<LHC> its got something to do with chroot
<jmarsden> steelcityjim: sudo useradd johndoe    # to add a user called johndoe
<jmarsden> LHC: Last time I checked steelcityjim is setting up SSH not FTP ...
<LHC> oh
<steelcityjim> how do I do password jmarsden and restrict directories?
<LHC> is that so you can log in and use the cli ?
<jmarsden> Yes, or just use SFTP for secure file xfer... FTP is a badly designed protocol that sends the password in the clear over the Internet, etc etc.
<jmarsden> steelcityjim: sudo passwd johndoe   # and type in his pw when it promots you to.
<LHC> lol wow
<LHC> ever use wireshark? it grabs all the passwords from your local network
<LHC> i was shocked when it showed up so i use ssl on sites
<jmarsden> LHC: I use wireshark a fair bit for network troubleshooting. it does a lot more than that, btw :)
<jmarsden> LHC: for me, setting up SSH is easier than setting up the "secure" variations of FTP...
<steelcityjim> ok user set up
<steelcityjim> rock on jmarsden
<LHC> so its apt-get install openssh etc
<jmarsden> sudo apt-get install openssh-server  # yes
<LHC> close haha
<LHC> its already installed on my server dammit xD
<jmarsden> Of course, how else do you think you are using Putty to connect to the server? :)
<LHC> how would ya be able to set it up in the first place?
<jmarsden> At install time, from the server console.
<jmarsden> On a headless server you might be doing that over a serial console, or whatever...
<LHC> fook.us.to
<LHC> thanks to you jmarsden  :D
<LHC> lovely jquery works
<steelcityjim> jmarsden when my new no-ip address is entered into a browser what should happen will ssh promt for a sign on and password
<jmarsden> Into a browser??  Have you set up a webserver on it?
<jmarsden> Into FileZilla, if filezilla is set up right, yes, they will be prompted for their password
<steelcityjim> oh no
<jmarsden> Then if they use a web browser they won't get very far :)
<steelcityjim> lol
<steelcityjim> DOH
<LHC> haha
<LHC> jmarsden how many servers over irc and your own have you set up xD
<jmarsden> No idea... "lots"?
<LHC> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
<LHC> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
<LHC> --------------------------------------
<LHC> each dash is a server haha
<steelcityjim> filezilla under construction?
<LHC> what
<LHC> http://filezilla-project.org/
<jmarsden> Try http://filezilla-project.org/download.php
<jmarsden> Actuallt their home page at http://filezilla-project.org/ works fine for me, too.
<LHC> same
<vorian> eh
<steelcityjim> ok so they have to download the client piece?
<LHC> some hacker has his traffic running through a server :O
<LHC> jk
<jmarsden> steelcityjim: well, unless you want to mail then a CD containing it, or something...
<LHC> xD
<steelcityjim> why cant the windows client communicate?
<LHC> what os are u on
<jmarsden> Which windows client?  The filezilla windows client communicates using SFTP with your SSH server...
<LHC> you just have to enter in your info in the sitemanagaer
<jmarsden> As does any other SSH-based SFTP client for any OS...
<steelcityjim> so the sftp part is encrypted?
<LHC> secureftp
<steelcityjim> vs regular ftp
<LHC> yes
<jmarsden> Windows does not come with a built-in SSH / SFTP client.  Yes, SFTP is (in this context) file transfer over SSH, so it is encrypted.
<LHC> as jmarsden said ftp blindy gives out your pass
<steelcityjim> so you could use windows if you wanted your stuff dangling in the wind?
<jmarsden> Use windows??? You can use Windows any way you want, including using FileZilla on Windows, or Putty on Windows, or whatever....
<LHC> openssh on windows allows you to use the ssh command :P thought I advertise that
<jmarsden> See http://www.openssh.com/windows.html for alternatives
<steelcityjim> ok now I can't test this from my network correct
<Kamping_Kaiser> jmarsden, winscp (for doze)
<jmarsden> Is listed on the page I referred to.
<jmarsden>  steelcityjim You can test the SSH part, just not the router port open part.
<LHC> whats this router part?
<steelcityjim> how do i test the ssh part
<jmarsden> If server is behind a router doing NAT you have to set the router to redirect the SSH port to the server's local IP.
<jmarsden> steelcityjim: Install filezilla on a local windows box and configure it to point at the local Ip of your server
<jmarsden> Tell it to use SFTP and a username and pw of your choice...
<Kamping_Kaiser> jmarsden, no worries then (just finished reading up)
<Kamping_Kaiser> testing the port is open is easy - just telnet to it. testing that the service is configured is harder :)
<jmarsden> Kamping_Kaiser: I tend to suggest FileZilla because there is a Linux version of it that works the same way, which is not really the case for WinSCP.
<LHC> filezilla is great I used it forever
<jmarsden> I prefer tools I can use on multiple platforms... less to learn and less to remember that way.
<ptarrant> are there any good migration guides out there? im a sys-admin for a small school, i'd love to migrate everything to ubuntu. I'm using freenas for most of my share needs, but i always hit a snag trying to use LDAP to replace AD.
<Kamping_Kaiser> jmarsden, on unix boxes i use scp, so i'm only aware of winscp from using it
<ptarrant> *im aware freenas isn't ubuntu, just for the record :)*
<jmarsden> ptarrant: Samba has books and tutorials galore, some of which allow AD style domain setup using it.
<Kamping_Kaiser> ptarrant, what are the client os's?
<steelcityjim> ok ecconn refused
<jmarsden> ptarrant: http://www.samba.org/samba/docs/
<ptarrant> jmarsden: yea i looked those over, i never could get LDAP and Samba to shake hands correctly, i was looking for other guides, or do i just need to hit the tutorials more?
<ptarrant> kamping_kaiser: all of them are using xp or 2k
<Kamping_Kaiser> eeeh ok. there might be something in wiki.ubuntu.com or help.ubuntu.com
<jmarsden> Why do you need LDAP to stick around, in that case?  Do you have Windows servers in the mix?
<Kamping_Kaiser> personally, i just gave up trying to configure ldap+samba *cringe*
<ptarrant> jmarsden: all the servers are 2k3
<ptarrant> kamping: thats the issue i ran into over and over, i did all the tutorials for ubuntu 7 but can't get it to work with 8.10
<jmarsden> Ah.  So you are not migrating from them to Ubuntu?
<jmarsden> "I'd love to migrate everything to Ubuntu" implies migrating the servers too??
<steelcityjim> jmarsden can I enter nothing for a password
<ptarrant> for the moment, i need them to stay the way they are because its a production enviroment, i setup a "test" subnetwork (172.16 instead of 192) for me to try and get ldap and a totally *nix / linux solution
<jmarsden> steelcityjim: If you actually set up a blank pw, yes
<ptarrant> i need to make sure it will work before i swap them out for ubuntu server :)
<jmarsden> ptarrant: In a totally Linux solution why do you think you need LDAP at all?
<Kamping_Kaiser> fwiw, i hear fedora directory service is much better then openldap (only tried ol though)
<jmarsden> Are we talking thousands of accounts type of a setup here?
<ptarrant> doesn't LDAP basically replace AD, or did i mis-read?
<ptarrant> we are talking about 400 student accounts and aroudn 100 staff accounts
<jmarsden> AD uses LDAP...
<ptarrant> ahh so its a translator
<Kamping_Kaiser> AD uses x500, not ldap per se (unless the've gutted it recently)
<jmarsden> You could use any solution you like that your Ubuntu servers will work with...
<Kamping_Kaiser> AD is DAP + stuff on top for integration.
<ptarrant> so what would be the directory for ubuntu? are there many choices? or do i just make them users?
<ptarrant> i've only been using / learning linux for about 3 months
<ptarrant> so excuse the dumb questions here :)
<steelcityjim> im being denied by my server
<jmarsden> You might want to read http://www.samba.org/samba/docs/using_samba/ch04.html which seems closeto what you are wanting to do
<ptarrant> thanks jmarsden
<jmarsden> steelcityjim: What are you trying exactly and what is the error message you are seeing?
<steelcityjim> econnrefused
<steelcityjim> connection refused by server
<steelcityjim> im trying to connect via filezilla
<jmarsden> And you are sure you told it to use SFTP, right?
<steelcityjim> whoops
<steelcityjim> my bad
<steelcityjim> ok looks like it connected then gave me authentication failed
<jmarsden> So use a correct username and password :)
<steelcityjim> well i did
<LHC> hah
<steelcityjim> its the one i just set up
<jmarsden> If you did, it would have let you in :)
<jmarsden> OK, check /var/log/secure for why it denied you access...
<steelcityjim> ok wait i re did it
<steelcityjim> directory listing successful
<steelcityjim> is that what im supposed to get?
<jmarsden> Ok, so it is working fine.  You can drag and driop files from left pane to right pane to upload, and vice versa to download...
<jmarsden> You are in business.
<LHC> yaya
<steelcityjim> well now I just need someone to test from the outside
<steelcityjim> using my 6burgh.no.ip.org
<jmarsden> Give me a login (in a private message) if you want...
<jmarsden> OK, that works now but it looks like the user has no home directory of his own?
<steelcityjim> can you get to public
<steelcityjim> you should see Abba Gold
<steelcityjim> lol
<steelcityjim> public should be open to everyone
<LHC> whats this site for
<jmarsden> public as in /home/jim/Public ?
<steelcityjim> file share with some friend
<steelcityjim> yes
<steelcityjim> im just learning lhc
<LHC> same
<jmarsden> Did you just break it?  Now I can't connect to the machine at all??
<steelcityjim> no im just sitting here
<LHC> LOL
<steelcityjim> I swear i did not touch it
<jmarsden> OK... now it works again... odd.  Ok, I can see /home/jim/Public/abba/Gold/*.m4a
<steelcityjim> ohhh gyeeaa
<jmarsden> As well as /home/jim/Public/junk.txt that we created yesterday
<steelcityjim> yep
<steelcityjim> so I got it working........roflmao
<steelcityjim> you da man jmarsden
<jmarsden> Ok, I'm out now.  I would suggest you use much better (harder to guess) passwords, and you're set.
<LHC> password is god
<steelcityjim> yea I will that was just a test
<LHC> password is password
<steelcityjim> how fast would you be able to download on that/
<jmarsden> However fast your ISP lets you upload from your machine.
<steelcityjim> ohhhh mn
<steelcityjim> man that ain't fast
<steelcityjim> 4 mbs
<steelcityjim> mbps
<LHC> get a 100mbps dedi
<jmarsden> That's why people pay for colocated servers with lots of bandwidth
<steelcityjim> yea but this is free....roflmao
<steelcityjim> they can wait
<steelcityjim> mfers
<LHC> jmarsden, if you need up to 200gig of storage just ask, Im not using my dedi enough
<LHC> unlimited bandwidth
<steelcityjim> won't be download gigs
<jmarsden> OK :)
<steelcityjim> albums here or ther
<steelcityjim> just for easy access
<LHC> steel is your url working
<steelcityjim> i believe so
<steelcityjim> jmarsden you used the 6burgh rite?
<steelcityjim> I don't have a page yet lhc
<jmarsden> Yes, I did sftp USERNAME@6burgh.no-ip.org
<steelcityjim> thats my next project webpage
<jmarsden> (I used the command line sftp client instead of FileZilla, because I'm more a command-line type of person :)
<steelcityjim> I'd like to have a webpage with some pics general info and then a link to my server files
<steelcityjim> will that be doable?
<jmarsden> steelcityjim: Then you need to set up a web server and redirect port 80... and yes, that is doable.
<LHC> haha jmarsden that took me 5 hours to do yesterday
<steelcityjim> lol
<LHC> dam comment # #
<jmarsden> LHC: Well, because you had a weird LAMPP setup that your buddy created, mainly :)
<LHC> yeah dam him
<steelcityjim> is web server a differnt app than ssh
<LHC> oh Im gettin a new server jmarsden 1.5 tb :D
<jmarsden> Yes.  Different protocols
<steelcityjim> oh mfer how will that work with no-ip?
<steelcityjim> ok so now im a little confused
<LHC> whynot just use apache and a free domain?
<jmarsden> steelcityjim: It will work fine with the no-ip.org domain setup.  Same IP address, so same DNS name.
<steelcityjim> lhc you got a webpage you created
<LHC> yep
<steelcityjim> can I see it?
<LHC> thelhc.us.to
<LHC> its just up there for the time being instead of a nasty NOTHING FOUND sign
<jmarsden> steelcityjim: sudo tasksel install lamp-server  # will get your machine set up
<jmarsden> Then redirect port 80 just like you did port 22.
<jmarsden> Then browse to http://6burgh.no-ip.org and you will see the "It works!" page :)
<steelcityjim> can I have them both working at the same time
<jmarsden> Yes
<steelcityjim> ohhhh swweeeeettttt
<steelcityjim> lhc green screen with some text?
<LHC> what
<steelcityjim> your site
<steelcityjim> or teel
<LHC> there are pics in it
<steelcityjim> This visage?
<LHC> v for vendetta speech
 * jmarsden browses to http://thelhc.us.to/ and goes half-blind trying to read white text on light blue... eek!
<steelcityjim> i don't have any pics on mine
<LHC> http://thelhc.us.to/images/Screenshot-2.png
<LHC> steelcityjim, you see
<rdw200169> i dunno if you guys are aware of this, but there are some very easy ways to create robust websites w/out having to do a lot of coding
<owh> rdw200169: Really?
<rdw200169> yeah, like moinmoin, sphinx, drupal, wordpress, etc.. etc..
<LHC> hey rdw200169
<rdw200169> for example, my site is created w/sphinx i.e. greamin.com
<rdw200169> absolutely no html on my part, all i did was a little css manipulation
<rdw200169> LHC, yo, what up
<LHC> nmnm
<LHC> got my domain workin etc thanks to jmarsden
<owh> rdw200169: So, wordpress is "robust" these days is it? So I can hit it with a million hits in 12 hours?
<LHC> did you get those pics?
<rdw200169> yeah, i haven't done anything w/them though, i'm pretty lazy ;)
<LHC> haha fair enough
<rdw200169> owh, robust is relative... i'm talking about good looking, not good performiing
<Jeff1> i have removed # to activate 'AddHandler cgi-script .cgi ' in apache2's mime.conf has made my .cgi files work, but .pl files still provoke a download file window on browsers, anyone any ideas how to make .pl act like .cgi
<rdw200169> owh, performance is a matter of the server, bandwidth, firewalls, round-robin webservers, etc...
<tonyyarusso> owh: besides, that has just as much to do with you server and config as wp
<tonyyarusso> bah, rdw200169 beat me to it
<owh> rdw200169: I've never ever heard the word robust applied to the way something looks - and that's in over 30 years in IT - I suppose that's a sign of the times.
<jmarsden> Jeff1: sudo a2enmod perl perhaps?
<jmarsden> Jeff1: Assuming you have mod_perl installed in the first place?
<rdw200169> owh, sorry.  i was using a simple dictionary version of robust.
<tonyyarusso> that reminds me - I need to download some dict files
<jmarsden> rdw200169: So Apache is not robust, because on az 486 with 8MB RAM on a home DSL connection it cannot handle 1 million hits in 12 hours??
<rdw200169> i did not say that.
<jmarsden> You implied it by your definition of robust being decoupled from hardware
<owh> rdw200169: You mean: "Robust means, literally, made of oak, and hence implies great compactness and toughness of muscle, connected with a thick-set frame and great powers of endurance.", or was there another meaning that I missed?
<Jeff1> @ jmars -- Module perl already enabled
<rdw200169> i implied that the factors that determine a websites ability to handle millions of hits involve more than just the html
<owh> rdw200169: Or are you referring to a different dictionary?
<Jeff1> .cgi is perfect .pl trys to dnload scripts
<rdw200169> thats it.  i'm done.  y'all have fun.
<owh> rdw200169: You said: "(13:05:49) rdw200169: i dunno if you guys are aware of this, but there are some very easy ways to create robust websites w/out having to do a lot of coding"
<LHC> leave rdw200169 aloneeeeeeeeeee
<rdw200169> owh, quit reading inconsequential things into what i'm saying.  i'm trying to be helpful, and you're being an asshole english teacher.
<Jeff1> dare i say frontpage and a packet of razor blades ^^
<LHC> rdw200169, remeber you said things to do with my dedi?
<LHC> what other things can I do, i dont have any ideas xD
<owh> rdw200169: Thanks for that insult. Very professional of you.
<LHC> its irc whats professional in here ffs xD
<LHC> bickering women xD
 * owh shakes head.
<Jeff1> ok guys stay on target, perl .pl  how does one make .pl exec rather than download
<steelcityjim> jmarsden what was that text editor you recommended last night
<Jeff1> dont make me buy a mac!!
<Jeff1> vi is good
<jmarsden> Jeff1: Give me a sec, I think you need an AddHandler line...
<jmarsden> steelcityjim: nano is what I suggested
<Jeff1> cheers chief
<LHC> Jeff1, whats wrong with a mac haha
<LHC> except its price
<Jeff1> nothing it will make things work first time
<Jeff1> just no cash
<Jeff1> hehe
<LHC> yeah I know alot of web devs in my uni who have them for some reason
<LHC> maybe they like the look or something
<Jeff1> i ebay's a G3 in UK , started the bid at Â£1, (no monitor)  it sold for Â£1
<Jeff1> sold*
<LHC> whats the g3? is that a laptop
<LHC> im sure it he didnt sell it for that much haha
<Jeff1> it was a desktop unit, but a G3 upgrade card, was really an older model
<Jeff1> im sierous
<Jeff1> Â£10 posting / packing  and it went for Â£1
<LHC> cool
<Jeff1> i thaight i would do 1Â£ start to attract bidders
<Jeff1> lol
<LHC> ha
<LHC> I would love to get the old macbook pro
<jmarsden> Jeff1: It seems to "just work" for me on Ubuntu 8.10 here, I created a trivial perl script in /var/www/cgi-bin and it runs when I point a browser at it...
<LHC> what are u trying to do jeff
<Jeff1> hmm i try this now
<jmarsden> Script was exactly two lines:
<Jeff1> setup hosting for some sites, cgi mainly for myself cus not very good at php, happy with perl over the years
<jmarsden> #!/usr/bin/perl
<jmarsden> print "Content-Tyoe: text/plain\n\nHello Perl world\n";
<Jeff1> having fun with 'ehcp'
<LHC> what does it do
<Jeff1> nice tool
<Jeff1> like a basic isp/hosting/reseller sorftare
<jmarsden> Jeff1: Do you really want to make .pl file execute, or just to use mod_perl inside web pages?
<LHC> Im going to sell webspace later on
<LHC> when I learn a bit more about permissions which im stuck on
<Jeff1> some scripts got .pl on them , need them to kick in for outside web'rs
<jmarsden> OK.
<LHC> poland
<Jeff1> if rename, then gota rename code here n there, can of worms
<jmarsden> Jeff1: Does my test script work for you in /var/www/cgi-bin/ ?
<steelcityjim> ok so jmarsden after i install lamp
<Jeff1> brb
<steelcityjim> is my desktop gui going to be gone?
<jmarsden> steelcityjim: No.
<jmarsden> But you *really* need to stop relying on it!
<steelcityjim> so i can run it through the terminal
<LHC> hehe
<steelcityjim> what are you laughing at lhc
<LHC> But you *really* need to stop relying on it!
<LHC> plus I like to laugh, sue me
<steelcityjim> are a command line guy
<steelcityjim> r u
<jmarsden> This is #ubuntu-server, and the Ubuntu server install does not come with a GUI, for good reason... so, did you get the web sevrer working yet?
<LHC> i just started, and I think command line is best
<LHC> and its fun too
<steelcityjim> no not trying tongiht jmarsden
<jmarsden> OK.
<steelcityjim> I'll take my shallow vicotry to bed with me
<steelcityjim> ssh server gyyyeeaaa
<LHC> lol
<LHC> well done
<steelcityjim> so im going to do sudo apt-get install lamp
<LHC> brb gotta get my password from windows
<jmarsden> No, you are going to do what I told you do to some time ago here in the channel...
<jmarsden> About 39 minutes ago...
<steelcityjim> sudo taskell install lamp-server #
<jmarsden> Yes.
<steelcityjim> what is taskell?
<jmarsden> well, except spell tasksel correctly :)
<steelcityjim> lol
<jmarsden> Do man tasksel to find out all about it.
<steelcityjim> man tasksel at command prompt/
<jmarsden> Where else? :)
<steelcityjim> where can I find that in the gui?
<steelcityjim> roflmao
<jmarsden> The command prompt in a GUI is found in a terminal window, so open a terminal window and then type it... ?
<steelcityjim> i know im messing with you
<Jeff1> jmars, cheers, you joggle'd da mind, i try all that, but then noticed in that line : AddHandler cgi-script .cgi     the .cgi  at the end, so chanced a .pl after it also in array and it worked, after restarting apache2 of course!
<ScottK> On Konqueror man:/usr/share/man/man8/tasksel.8.gz will work.
<ScottK> jmarsden: ^^^
<jmarsden> Jeff1: OK, sounds good to me.
<Jeff1> now i can be old timer and never move to php and be stub'rn!
<Jeff1> no more macs for me!
<jmarsden> ScottK: and you can search for it in the Gnome help GUI thing on a Gnome desktop too... but we're in #ubuntu-server :)
 * ScottK has no idea about Gnome.   Thanks.
<jmarsden> ScottK: System -> Help and Support -> type tasksel into the search bar and press Enter... but I am trying to help people learn to admin servers where such tools do not exist...
<ScottK> Of course.
<ScottK> Mostly I find it kind of ironic the KDE web browser knows man.
<jmarsden> Yes, they added a ton of unusual schemas to the KDE browser.  ssh: I think, and all kinds of things...
<Jeff1> jmars, as far as security goes with this perl/cgi , due to how apache/www is setup, noone should be able to upload cgi scripts into their own host accounts that would be able to browse back or out side of their account, this correct?
<LHC> hey
<jmarsden> Jeff1: Yes, you should probably prevent ExecCGI stuff from working in any directory users can upload to.
<Jeff1> thx
<jmarsden> No problem.  You can use ScriptAlias to make /cgi-bin/ work out of someplace only you can write to...
<Jeff1> i was thinking, its really only me needs it, php covers it all if a client wants a shopcart or whatever
<Jeff1> i just love making support/contact forms for the sites in perl
<LHC> hmm
<LHC> type some perl let me see what it looks like
<LHC> <?php ?> does it look like php
<Jeff1> 10 print "lol"
<Jeff1> 20 goto 10
<Jeff1> 30 run
<Jeff1> run
<Jeff1> no
<LHC> I hear php is a derivative of it
<Jeff1> its crap for working with html in most cases
<Jeff1> yes
<Jeff1> its better i guess, just to someone like me thats more visual oddity than brains, perl is where the home is
<LHC> I forgot what i was meant to do xD
<jmarsden> LHC: Read a tutorial, such as http://www.perl.com/pub/a/2008/04/23/a-beginners-introduction-to-perl-510.html
<Jeff1> you have to \ all ur "
<LHC> im already on a php one haha
<jmarsden> And Jeff1, there are serious web app frameworks written in Perl, such as Mason and webgui and so forth...
<LHC> what are they used for
<Jeff1> but there is mods to putput html between quotes to , but not good in any area of perl, sometimes you must \ the "'s
<jmarsden> LHC: Building dynamic web sites of various kinds, CMS systems, etc.
<LHC> cool
<Jeff1> is there a gui/lib to make perl more used for gui programing?
<Mal3ko> jmarsden
<LHC> I may add a blog thing to my school site, I may build it myself
<LHC> css is piss easy compared to this, and I used to think it was hard haha
<Jeff1> have you's ever messed with basic
<Jeff1> like visual basic 6.0
<jmarsden> Jeff1: For non-web GUI app building in Perl... let me look... I suspect there are binding for some GUI toolkits...
<Jeff1> gnome is what ubuntu uses default for gui right?
<jtaji> Jeff1: that is correct
<jmarsden> Jeff1: wxWidgets has Perl bindings, so that would be one way to go...
<ScottK> Gnome is the Ubuntu standard, but there are siblings built around others, most notably KDE and Kubuntu and Xfce and Xubuntu.
<jmarsden> And there is POE which can do GTK stuff... http://poe.perl.org/
<Jeff1> activesite seem to have been making visual perl at one time
<Jeff1> now activeperl pro i beleve
<ScottK> qt4 apparently has Perl bindings, but I can't find that anyone has packaged them.
<LHC> jmarsden, whats that bit for rebooting apache
<LHC> I just added another domain
<jmarsden> LHCL Take notes or start logging in your IRC client :)  On your setup I think it was   sudo /opt/lampp/bin/apachectl restart
<LHC> cheers, I did copy that but im on ubuntu dualboot instead of my normal xp
<jmarsden> When you consider running Ubuntu "normal" we will have made progress :)
<LHC> haha
<jmarsden> You should be able to access your XP partition from Ubuntu though...
<LHC> yeah ubuntu is easy, it used to be foreign to me now its ok
<LHC> how?
<jmarsden> mount the relevant partition(s)
<jmarsden> See https://help.ubuntu.com/community/MountingWindowsPartitions/ThirdPartyNTFS3G for one approach
<LHC> oh I used wubbie I dont think there is a partition
<LHC> wubi
<LHC> or am I mistaken Idk
<Jeff1> oh POE is cross platform, win32 also i think
<jmarsden> LHC: WUBI has a way to get at the surrounding XP NTFS filesystem, I am pretty sure... but I forget what it is...
<jmarsden> Jeff1: So is wxWidgets I am fairly sure.
<LHC> coool
<LHC> ill google it :D
<Jeff1> wow
<jmarsden> LHC: type mount and see what is there, maybe a partition called /media or similar...?
<Jeff1> even cewindows  stuff
<Jeff1> .net  very very visual basic 6
<LHC> nope
<LHC> /dev/sda1 on / type ext3 (rw,errors=remount-ro)
<LHC> tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
<LHC> sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
<LHC> varrun on /var/run type tmpfs (rw,nosuid,mode=0755)
<LHC> varlock on /var/lock type tmpfs (rw,noexec,nosuid,nodev,mode=1777)
<LHC> udev on /dev type tmpfs (rw,mode=0755)
<LHC> tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
<LHC> devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
<LHC> /dev/sda2 on /home type ext3 (rw)
<LHC> securityfs on /sys/kernel/security type securityfs (rw)
<Jeff1> audacity was made with wxwidgets!
<jmarsden> Hm.  I ran WUBI a while back on one ancient laptop... and I am pretty sure I could cp files from it to the main windows filesystem...
<Jeff1> http://audacity.sourceforge.net/ next best thing to wavelab and it free!
<jmarsden> LHC: See https://wiki.ubuntu.com/WubiGuide#How%20do%20I%20access%20the%20Windows%20drives?
<LHC> ty
<Jeff1> for Ubuntu 8x one would dnload wxGTK-2.8.9.tar.gz version of wxW ?
<Jeff1> lol theres even os2 port, god is that still alive!
<jmarsden> Jeff1: No, it has been packaged, use your usual package management tools.
<Jeff1> @ jmars, was you expecting a CTCP responce mirc for windows lol
<LHC> jmarsden, that was easy haha
<Jeff1> i wish i had my FreeDOS/irc in action there...
<LHC> oh jmarsden after thinking of things to do with my server, im thinking Ill create a few accounts so people can upload stuff
<Jeff1> cheers for the tip on wxW, i think i will check it on windows first to get quick look,  nearly 6am here, bed calls!!
<Jeff1> cu LHC, jmars, thx again
<LHC> same here Jeff1
<LHC> 5:38 opps lol
<Jeff1> oh uk?
<LHC> bye
<LHC> yep
<Jeff1> mainland?
<LHC> belfast
<Jeff1> n,ireland here
<Jeff1> nbo way
<Jeff1> no
<LHC> LOLLLLLLLLLLLLLLLLLLLLLLLLLLLLL
<Jeff1> lol
<LHC> whatttttttttttttttt
<Jeff1> im out side
<Jeff1> 70mile
<LHC> thats funny
<Jeff1> big wheel!
<LHC> im about 10 mile from city hall
<Jeff1> alright there big wheel!
<LHC> its shit xD
<Jeff1> lol
<Jeff1> nice
<LHC> where abouts? omagh
<Jeff1> i used to visit there alot belfast
<Jeff1> arts collage/Shine
<Jeff1> clubs
<Jeff1> yes
<LHC> haha I go to the arts college
<Jeff1> omagh
<Jeff1> haha
<Jeff1> lol
<LHC> stiff kitten shine is amazing
<LHC> soulwax :P
<Jeff1> good old homer shake ur brain
<Jeff1> nice
<LHC> thats random as hell
<Jeff1> you ever see fish do deep up there?
<LHC> nahh, any good?
<Jeff1> deep house outfit
<Jeff1> from cork
<Jeff1> they bigtime
<Jeff1> famous track
<Jeff1> the cure the cause
<LHC> hear of japanese popstars
<Jeff1> vocals by tracey K
<Jeff1> youtubbe it
<LHC> brand new?
<Jeff1> they play in belfast not so long ago
<Jeff1> a few years now but it will ring a bell
<Jeff1> i will land here tomarrow for a yearn
<LHC> http://www.youtube.com/watch?v=nJTzjBd35wg
<Jeff1> yarn*
<Jeff1> small world man
<LHC> yeh indeed xD
<LHC> especially when you thought everyone else was in bed
<Jeff1> hahaha
<Jeff1> should be but linux gets the better of me sometimes
<LHC> my whole family is up cause my parents doing night shift this week xD
<Jeff1> one more ciggy wont hurt
<LHC> I think i did hear this track
<Jeff1> cools
<Jeff1> yes famous one, good outfit to see live, house music not my main cup of tea but thats good house!
<Jeff1> brb
<LHC> house is good, I like electro etc justice boys noize, japanese popstars are from derry they do housey tracks real club bangers
<MK13> i need help setting up a network for just 2 computers. A server with Ubuntu Server 8.10 and a laptop with vista. I am connecting them with a cat6 patch cord, but when connected together, niether computer assigns an ip ( i would prefer the Vista computer assigns them, btw)
<ropetin> MK13: Are you planning on doing that for internet access sharing or something?
<MK13> i am using the server as a file-backup type set-up
<ropetin> No real need to set up DHCP or anything then, can  you just statically assign IPs?
<ropetin> And use a cross over cable
<MK13> don't need a crossover cable, a cat6 patch cable works since the laptop has automatic crossover capabilities
<MK13> ;)
<ropetin> Ahhh, neato
<ropetin> So just statically assign IPs and you're good to go
<twb> IMO it's easier to set up static assignment *over* DHCP -- then the IP configuration is stored centrally rather than needing to configure it on both hosts :-)
<MK13> that's the problem, I don't really know how to w/out conflicting the vista computer (it is connected to the internet)
<ropetin> MK13: does it have a second NIC?
<ropetin> twb: But wouldn't you have to configure the DHCP server, so you're moving config from one place to another, but still have to do it?
<MK13> i have tried setting up eth0 as auto with dhcp, but it ends up with three inet6 addresses (scope: site, global, link) with addresses like fec0::16:250... etc.
<MK13> no second NIC... at home i have to suffer with dial-up
<MK13> and can't setup ad hoc connection because the server doesn't have wireless card
<Jeff1> i hear ya @ japanese popstars
<twb> ropetin: static IP configuration requires the configuration to exist on *both* the server and the client.
<Jeff1> u ever hear the saunters track
<Jeff1> from the derry lads
<twb> ropetin: by telling the DHCP server to statically assign an IP to a certain MAC, you put both ends of the configuration on the server.
<Jeff1> like a cover of 'my united states of america'
<LHC> saunters? nah, I bought their album too!
<ropetin> twb: OK :)
<Jeff1> its very funny
<Jeff1> let me find
<LHC> ill look it up
<ropetin> MK13: If you don't have anythnig acting as a DHCP server, then it won't get anything, you're right
<twb> ropetin: it's pretty easy if your DHCP server handlse /etc/ethers :-)
<MK13> well, is there any way to get vista to "act" like the DHCP server to assign the IP when the server connects?
<ropetin> Probably easier to set up Linux as the DHCP server
<MK13> or use bind9 on the Ubuntu server?
<ropetin> A little over kill I think
<MK13> how do i set ubuntu up as DHCP then?
<Jeff1> http://www.youtube.com/watch?v=nTtbRY5CuCE
<LHC> ty
<ropetin> I've used dnsmasq in the past as a DHCP server, very easy to configure
<ropetin> And can do DNS if you need it
<ropetin> Unless twb has another suggestion?
<LHC> LOL
<LHC> ever hear of big girl ?
<MK13> firefox had an error, and it took chatzilla with it :(
<twb> I also am a fan of dnsmasq, but not that it does not receive support from Canonical.
<ropetin> What does?
<LHC> http://www.youtube.com/watch?v=6feq0ME1s3Y&feature=related
<Jeff1> i got no sound on this box
<Jeff1> going to have to get it sorted
<LHC> oh anyways, it goes like "big girl you are fat as fuck"
<LHC> xD
<twb> ropetin: packages in the 'main' category nominally do
<Jeff1> lol
<LHC> "get ur self to the m club ,find yourself a fat milly.big lad cum in her mouth and shel let you have her babies "
<Jeff1> lol
<LHC> theres not that many things like that from here but they are always hilarious
<ropetin> Hmmm, ok
<Jeff1> http://www.youtube.com/watch?v=3fT-jX11poU
<Jeff1> a classic!
<LHC> haha i heard this on radio 1 I think
<Jeff1> the best bit is when she says 'fill your boots man' at the end
<LHC> or on someones phone
<LHC> haha
<ropetin> MK13: Does that make sense?
<MK13> does what make sense?
<LHC> the top boss yeah? xD
<LHC> you want it blown up, ill do whatever haha
<Jeff1> as they say in belfast, it'ill meeek a big baaaang
<Jeff1> lol
<LHC> haha
<LHC> lad
<LHC> laud
<Jeff1> http://www.youtube.com/watch?v=_hfv0_LQSnA also a classic!
<MK13> could i use the debian .deb package for the Ubuntu Server 8.10  ?
<LHC> this one is near done haha its awesome
<ropetin> MK13: you can't do an 'apt get install'?
<MK13> The server has no internet access, the only way it could get it is if I could get it on the network with the Vista computer to use ICS
<ropetin> Ahhh, in which case, you can download the deb on the other machine and transfer it across on a USB key or whatever, yes
<MK13> http://ftp.debian.org/debian/pool/main/d/dnsmasq/   would the .deb packages from here work, or do i need a .deb made specifically for Ubuntu 8.10?
<ScottK> MK13: You would want one compiled on the Ubuntu 8.10 tool chain.  One from Debian might work.  It might not.
<LHC> here Jeff1 nice talkin to ya, but im about to pass out from lack of sleep haha all the best
<LHC> bye
<twb> MK13: dnsmasq is part of Ubuntu.
<ScottK> Source compatibility with Debian is an explicit design goal of Ubuntu.  Binary compatibility is not.
<MK13> that's what i thought...
<Jeff1> cu bro
<twb> MK13: you need to activate the unsupported "universe" category.
<MK13> the server doesn't have internet access tho
<twb> MK13: then use packages.ubuntu.com/dnsmasq, not packages.debian.org.
<Jeff1> mk13 does the linux box have any connection to the vista? like normal network?
<MK13> the connection to Vista is what i am trying to acheive
<Jeff1> you know theres an optnio in vista/xp that u must check first that states that other machines can use the 'internet' through it
<MK13> is there any way to use apt-get to get the packages in a VMware setup i have, then transfer them to the actual server?
<MK13> Jeff1: I have ICS enabled
<Jeff1> if u have a normal network between linux/vista i.e u can see files
<Jeff1> then theres check box on ur vista's modem props or device that u check that states other machines can ALSO surf the net as well as SHARE files
<MK13> no, the two computers can't see each other yet, there is a cat6 patch cord connecting them (i connect my Ubuntu Desktop to XP and Vista this way)  BUT the computer's aren't getting ip's assigned, so even though they are connected, they don't see each other
<MK13> Jeff1: I know.... I connect other computer like that, but the server version of ubuntu just wont for some reason
<Jeff1> u mean u have a network card in both machines and a cable between them?
<uvirtbot> New bug: #329622 in openssh (main) "buffer_get_ret: trying to get more bytes 4 than in buffer 0" [Undecided,New] https://launchpad.net/bugs/329622
<MK13_> my setup is: Internet -> Vista Laptop --ICS Enabled-> Server
<Jeff1> i see, well i know xbuntu fresh install, did not find my basic ne2000 3-com, then i tryed atleast 7 other makes (a box of them here) and it still never found them, so i wiped and installed ubuntu desktop and it found the first card, then i tryed others and it found them, so maybe it is xbuntu not finding the actual card/device - assigning driver?
<Jeff1> i installed xbuntu first so i could run basic server, i found desktop version alot better for me cus of how it got up on its feet faster
<MK13_> lol, my server finds my 3-com 3c905B 100BaseTX [Cyclone] rev 30
<Jeff1> i thaught it would of atleast found my netgear
<MK13_> yea, the problem i face isn't hardware issues. Just the fact that there isn't an acting DHCP server
<MK13_> although I still don't see why Vista doesn't assign it one, as it does the desktop version
<Jeff1> anyways ubuntu desktop/hosting server seems to do well for me, but i did notice my memory (512) was eat'n up pretty quick
<Jeff1> maybe its to do with xbuntu ip range, like maybe it has a fixed range it can only assign and is out of vista's range, where it looks
<MK13_> mine only does simply file hosting and it doesn't even use all of its 96 megs of memory
<Jeff1> ics is a pain even when it is working, its hard to know what turn it takes, you would be better of with a little router from ebay or something
<Jeff1> modem/router
<Jeff1> then one machine does not have to rely on the other for net access
<MK13_> yea, but im cheap :D
<Jeff1> my headaches went away when i gout a router/modem, they are for nothing these days, real cheap if not need wireless router/modem
<MK13_> i don't think ICS likes working in vista anyways
<jmarsden> MK13_: If you need to work with just your existing hardware, why not set up the Ubuntu server as the router/firewall machine, it can run a DHCP server to serve an IP to the laptop behind it...  ?
<MK13_> jmarsden: i am looking for instructions to do that, do you know a way?
<jmarsden> Yes.  The Ubuntu box has two NICs, right?
<lukehasnoname> OpenLDAP vs. Fedora Directory Server: Which one is easier to administer?
<MK13_> jmarsden: no, but all i want is to get the two computers connected, hot worried with internet while they are connected tho
<MK13_> not*
<jmarsden> Oh... So... you have a crossover ethernet cable?  or a switch?
<MK13_> jmarsden: it is just a cat6 patch cord, but vista machine is automatic crossover compatible
<jmarsden> Do you have a third computer so you can use IRC while you are setting this up, BTW?
<Jeff1> shot in the dark, Fedora : http://ubuntuforums.org/showthread.php?t=206202
<MK13_> nope, just two computers
<jmarsden> OK.  So why not just wire them together and set static IPs on each one, say 192.168.0.1 on Ubuntu and 192.168.0.2 on Vista... and you are done.
<MK13_> how would i set up a static ip for ubuntu ( i just want to make sure I get it right)
<jmarsden> Is this Ubuntu server or desktop?
<MK13_> server
<jmarsden> For server see https://help.ubuntu.com/8.10/serverguide/C/network-configuration.html (but keep a copy of any files you modify so you can put things back later)
<Jeff1> also if done this way and no auto assigning, u must state the dns servers and gateway ip if you want both to see the internet also i think, so probe ur isp for the dns servers and gateway ip,
<jmarsden> Jeff1: He already said they will not see the Internet... no interface left to connect to the Internet :)
<jmarsden>  This is just a two node local network. no Internet connection at all.
<Jeff1> damn
<Jeff1> major wall
<Jeff1> lol
<MK13_> wait, i just realised. When i set up my eth0 device as DHCP set, then it gets assigned weird IPv6 addresses, and so does my vista machine
<jmarsden> What does that have to do with anything about this 2 machine static network?
<jmarsden> I refuse to teach you IPv6 networking tonight... too much work :)
<Jeff1> is ur modem to get on the net (what ur using now) a usb modem?
<MK13_> yea, but is there anyway to force it to IPv4?
<MK13_> i use the built in modem of the laptop
<jmarsden>  Yes, set the interface IP addresses statically is one simple way :)
<Jeff1> then so theres a free LAN socket
<MK13_> kk
<Jeff1> on lappy
<jmarsden> Yes, it means MK13_ can possibly set the wired LAN interfaces statically and stay Internet-connected on the laptop.
<MK13_> http://pastebin.ubuntu.com/118330/ -  that is the Vista side of the  ethernet connection if ur interested
<Jeff1>  a will a way
<MK13_> yea, except the modem is what i use at home, but i use ethernet at the university
<Jeff1> after 20 hail marys for ics of course
<jmarsden> MK13_: ... you have a Cat6 patch cord that goes from your home to the University???  Must be a really long cord?
<Jeff1> hahah
<Jeff1> i was about to suggest cups and strings but now not so sure
<MK13_> yea, I bet u've never seen a 15 mile long ethernet cord b4 ;P
<jmarsden> So right now are the two PCs at home, neaer enough to each other for your Cat6 cord to connect them?
<Jeff1> the omage is gota get weak alone that jog
<Jeff1> along*
<MK13_> jmarsden: yep
<jmarsden> OK, then the university setup is irrelevant for right now.  So hook the two PCs up with the patch cord and set the two wired interfaces to static IP addresses in the same subnet, and off we go :)
<MK13_> btw on a side note... using ICS i've hooked up a ps3 to dialup b4 :)
<jmarsden> I've done dialup from Siberia to the USA before... a few years ago... Telebit Trailblazer modems... :)
<Jeff1> BBS here
<Jeff1> late 90/91
<Jeff1> and big sexy phone bills
<jmarsden> Anyway... back to the present... how is the two machine network coming along?
<jmarsden> Should be about 1 minute per machine to reconfigure each interface... and we've been here more than two minutes... so does it work yet? :)
<MK13_> restarting the server now...
<jmarsden> You should have just done /etc/init.d/networking restart, much quicker...
<jmarsden> Unless you are replacing hardware or upgrading the kernel, you pretty much do not need to reboot Linux machines, ever.
<MK13_> last time i did that it didn't restart completely
<MK13_> http://www.newegg.com/Product/Product.aspx?Item=N82E16833127079   -  would this be sufficeint just to make my network  simpler?
<Jeff1> with out diving into the router world, my experence is any router works better than ics
<jmarsden> Theoretically yes, but the reviews of it are all rather negative...
<Jeff1> i would goto ebay and still look for something ugil'yr and cheaper
<jmarsden> Much cheaper than $20 including shipping may be hard to find, for a working router...
<Jeff1> just imagine , u could plug the ps2 in also
<MK13_> when i got back into the server, it wasn't connected and upon issuing "ifconfig" eth0 doesnt show up
<Jeff1> if u can afford that, then go for it, cus atleast its fast delivery of store
<Jeff1> ps3*
<jmarsden> Sounds like you mis-edited /etc/network/interfaces?
<MK13_> forgot auto eth :(
<Jeff1> that d-link is a great wee deal
<Jeff1> 4x lan ports to, the main thing, and ur not along getting d-link
<Jeff1> alone*
<jmarsden> You're not alone running Ubuntu either ... there's a sizable Ubuntu user community :)
<Jeff1> growing
<jmarsden> And I guarantee a Ubuntu box can become a more flexible router than the Dlink box can :)  Anyway... how is that 2 node network now?
<MK13_> ubuntu rox
<MK13_> i am logged into server via ssh on the Vista computer :)
<jmarsden> Bingo.  Job done :)
<Jeff1> yayy
<MK13_> thnx
<jmarsden> No problem.
<Jeff1> invoice is is the post
<Jeff1> in*
<Jeff1> lol
<MK13_> and only ubuntu is set as static, I'll just change it to reflect vista's since it is only meant for file transferring
<Jeff1> we tryed to email it but we got a bounce
<Jeff1> lol
<jmarsden> MK13_: Sure, if this is just a temporary setup, and it works, that's all that counts.
<MK13_> agreed
<Jeff1> after u do ur task, i deare u to tempt evil with a quick auto assign and reboot both, i bet it works
<MK13_> what?
<Jeff1> change from static to auto assign ip's
<Jeff1> see if it kicks in
<Jeff1> booting linux first
<MK13_> so, you are saying to change the ubuntu back to DHCP?
<Jeff1> only when you had all ur work done, not mentaly now
<MK13_> but is that what you mean, is just to switch ubuntu back to DHCP?
<Jeff1> yes
<MK13_> 22
<MK13_> kk, (forgot num lock was on)
<MK13_> thnx for the help ppl
<Jeff1> sleeps time , cu jmars, and cheers early'r
<jmarsden> No problem.  BTW, according to http://www.home-network-help.com/ics-host.html for Vista ICS you have to set the local NIC static at 192.168.0.1 ... may help if you do want to try the ICS approach later.
<jmarsden> I should sleep too...
<Jeff1> yes in the correct range
<Jeff1> something like that about ics, also ports are a problem , there is 3rd party tool to edit them, MS dont allow ics to do certin things
<Jeff1> sleep well
<uvirtbot> New bug: #329629 in bacula (universe) "package bacula-director-pgsql 2.4.2-1ubuntu6 failed to install/upgrade: le sous-processus post-installation script a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/329629
<uvirtbot> New bug: #329632 in dhcp3 (main) "System is not resolvable by DNS when using DHCP" [Undecided,New] https://launchpad.net/bugs/329632
<uvirtbot> New bug: #329647 in postfix (main) "package postfix None [modified: /var/lib/dpkg/info/postfix.list] failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/329647
<Killerkiwi> how do I unmount /sda1 from resuce mode so I can fsck it ?
<ropetin> umount /dev/sda1 ?
<Killerkiwi> i was in /target
<Killerkiwi> a cd .. fixed it
<Killerkiwi> the error was the least clear if ever seen it said invalid paramater
<ropetin> :D
<uvirtbot> New bug: #329682 in samba (main) "samba lock files (also local ones)" [Undecided,New] https://launchpad.net/bugs/329682
<Davedan> how can I run a script automatically when a packge is installed?
<soren> Davedan: Can you elaborate?
<soren> What are you trying to do?
<Davedan> I want to analize the packages list and send a mail with the changes when apt is used to install or update a package
<soren> apt-listchanges
<soren> Davedan: ...should be all you need.
<Davedan>  soren: how can I configure it to send mail not to localhost?
<Davedan> and how do I access mails sent to the admin@localhost?
<Davedan> do I need to install some mail client?
<Davedan> I want to do something similar but with http instead of through mail but couldn't find where apt-listchanges hook to apt
<soren> hang on, /me is on the phone.
<soren> Davedan: You need some sort of mta, yes.
<soren> Davedan: Either a proper one like postfix or exim or sendmail or whatever, and then redirect root's mail somewhere else, or use something like msmtp.
<soren> ...but this is hardly unique for apt-listchanges. If you want to send mail (which was your initial requirement), you need something that can do that. :)
<Davedan> soren: how do I inspect the admin mail on localhost?
<Davedan> just to see the apt-listchanges works
<ivoks> less /var/mail/$username
<Davedan> can I send xmlrcp to a webserver instead of mail?
<ivoks> you mean from?
<ivoks> what's wrong with webserver sending a mail?
<ivoks> it doesn't have to have opet port 25
<Davedan> opet port 25?
<ivoks> open
<Davedan> http feels lighter and can be done with few python lines
<ivoks> while smtp is heavy? :)
<ivoks> telnet mail.server.com 25
<ivoks> ehlo mail.server.com
<ivoks> mail from: webserveradmin@domain.com
<ivoks> rcpt to: admin@domain.com
<ivoks> DATA
<ivoks> Subject: mail from listchanges
<ivoks> (type in mail)
<ivoks> .
<ivoks> quit
<Davedan> where do I put this stuff?
<ivoks> still i don't see a reason why you wouldn't have postfix running on your webserver
<Davedan> apt-listchanges does this automatically right?
<ivoks> without smtpd running
<ivoks> you are complicating something that's just too easy
<ivoks> install apt-listchanges
<ivoks> install postfix
<ivoks> comment out smtpd in /etc/postfix/master.cf
<ivoks> set up an alias in /etc/aliases
<ivoks> and that's it
<Davedan> alias in /etc/aliases ?
<ivoks> yes, where will mail for admin go
<Davedan> ok I'll try it
<Davedan> thanks
<Davedan> the reason I want to 'simplify' it a bit is because I want it all to be automatically installed
<Davedan> without manually configuring it
<ivoks> for deployment on multiple servers?
<Davedan> yes
<Davedan> maybe even as an apt package
<ivoks> if they are going to have same ubuntu version
<ivoks> i don't see a point in listing changes for all of them
<ivoks> since they all have the same changes
<Davedan> they have base ubuntu version but might have different packages installed
<ivoks> ok
<Davedan> what I want is to be able to see packages conflicts of customers with our package
<Davedan> but I don't want the customers to have to install things manually
<ivoks> i guess better aproach would be to hook up on landscape-client
<ivoks> and then just create a landscape-like service
<ivoks> it will give you much more than just packages
<Davedan> ivoks: what else? from searching about it it looks like it give control over the server
<ivoks> you'll be able to install packages on machine
<ivoks> iirc, create users and groups
<Davedan> that's too much and open security issues
<ivoks> see system statys
<Davedan> all I want is to get the packages list
<ivoks> installed packages?
<Davedan> I don't want remote control, only to be notified when a new package is installed
<ivoks> i see
<ivoks> apt-listchanges is the best thing to do
<ivoks> create a deb package that will install postfix and apt-listchanges
<ivoks> that package would setup postfix to only listen on localhost
<ivoks> and it would create an alias in /etc/aliases to send mail to you
<ivoks> and that's it
<Davedan>  ivoks: so when it receives an email on localhost it forward it to me?
<ivoks> yes
<Davedan> but it will probably send me other mails that are not related to new packages
<Davedan> another security issue :)
<ivoks> yes, it will send all system related issues
<Davedan> I guess it is a good start and if it works in test I can tweak the python code in apt-listchanges to do something else on update
<ivoks> maybe you can set up an email to which changes will be sent
<ivoks> i don't know
<ivoks> but you will need mail server anyway
<Davedan> ok thank you very much!!!
<ivoks> np
<lamont> ivoks: apt-biff hasn't been written yet
<ivoks> :)
<tangentcollision> thank you very very much
<tangentcollision> okay, I've installed vino
<tangentcollision> using tightvnc on windows, how would I connect to my server?
<ivoks> ubuntu server doesn't ship vnc service
<ivoks> if you haven't installed ssh service during installation, there's no remote way you can connect to it
<tangentcollision> ugh
<tangentcollision> okay, let me re-cap I changed stuff
<tangentcollision> I don't use GUI on my server, I just installed kde I think
<tangentcollision> I only ssh into it and I wanted to see about VNC
<tangentcollision> so I installed x11vnc (meant for running from command line
<tangentcollision> but I don't even know what port to connect to or anything
<ivoks> 5900 is default vnc port
<tangentcollision> I keep getting a failed, this sucks
<ivoks> as it names suggests
<ivoks> x11vnc is vnc for x11
<ivoks> as any other VNC service
<ivoks> you can't run vnc on server
<ivoks> there's ssh for that
<tangentcollision> I need graphic applications
<ivoks> you can run vnc service only inside GUI/X11
<tangentcollision> I installed x11
<tangentcollision> I should be able to VNC for god's sake
<ivoks> did you start x11?
<tangentcollision> startx returns server is already active for display 0
<ivoks> ok, did you start x11vnc?
<tangentcollision> yep
<ivoks> and you configured it to listen on which port?
<tangentcollision> I didn't go ahead with that
<tangentcollision> one moment
<ivoks> check with 'netstat -natp'
<Davedan> ivoks: I've installed apt-listchanges and configured it to send mail on changes. If I understand correctly it should do it automatically when I'm installing a new package but /var/mail folder is empty
<tangentcollision> ivoks: it doesn't show up :(
<tangentcollision> what the crap?
<ivoks> tangentcollision: you didn't start it
<tangentcollision> my bad, it is there, it just hid :P
<tangentcollision> 6011 apperently, how odd
<tangentcollision> trying again
<ivoks> Davedan: it will send changes of packages
<ivoks> Davedan: where it ends depends on your mail server's configuration
<ivoks> Davedan: and /etc/aliases
<Davedan> I just want to see changes somewhere browser/mail whatever and then I`ll change it
<Davedan> but I thought it should happen automatically with me needed to call it from the command line
<ivoks> i never used apt-listchanges
<ivoks> but i do know that it can show changes automaticaly
<ivoks> check it's config
<ivoks> google it
<tangentcollision> wait a minute
<Davedan> I've tried :)
<tangentcollision> it only shows loopback on the netstat
<ivoks> :)
<Davedan> "When configured as an APT plugin it will do this automatically during upgrades"
<tangentcollision> that sounds like a problem I think
<ivoks> Davedan: check /etc/apt.conf.d/
<ivoks> tangentcollision: problems it that you didn't configure it
<tangentcollision> I see
<Davedan> I don't see such folder
<tangentcollision> I guess I'll hunt down the config file
<ivoks> Davedan: check /etc/apt/apt.conf.d/
<ivoks> tangentcollision: x11vnc --help
<Davedan> ok
<Davedan> I have the file 20listchanges
<Davedan> which has:
<Davedan> DPkg::Pre-Install-Pkgs { "/usr/bin/apt-listchanges --apt || test $? -ne 10"; };
<Davedan> DPkg::Tools::Options::/usr/bin/apt-listchanges::Version "2";
<tangentcollision> oh god yyesss
<tangentcollision> this is beautiful
<tangentcollision> except now I have a black vnc after trying to change users :P
<ivoks> tangentcollision: your questions aren't server related
<tangentcollision> sorry, it started out as server related, vnc server
<tangentcollision> nobody else would answer my question period
<ivoks> tangentcollision: you should ask on #ubuntu for questions about VNC or some window releated channel about windows support for xdmcp
<tangentcollision> ivoks: I tried for 2 days
<tangentcollision> and I've thanked you for your help, good day
 * tangentcollision passes out on the keyboard
<steelcityjim> trying to install lamp server from sudo tasksel install lamp-server # and it appears to be stuck on installing packages 0%
<steelcityjim> any suggestions
<steelcityjim> scratch that seems to be moving now
<steelcityjim> ok how do i develop a webserver page
<ivoks> /var/www/index.html presents excellent start :)
<steelcityjim> ivoks what is that and how do I access it?
<ivoks> steelcityjim: developing web pages is out of scope of this channel
<ivoks> most of us (if not all) aren't web developers
<steelcityjim> i know just looking for some direction
<ivoks> you
<steelcityjim> lamp set up and my ip is working
<ivoks> you get It works?
<steelcityjim> yes
<ivoks> great
<steelcityjim> that means its done correctly right
<ivoks> that 'It works' is in /var/www/index.html
<tangentcollision> I just do web hosting, ftp and ssh
<ivoks> that's a file on your server
<steelcityjim> which means the browser accessed the server for the file correct?
<ivoks> correct
<steelcityjim> great success
<steelcityjim> ivoks can you recommend a channel for this?
<ivoks> web development?
<ivoks> uf... no, not really
<maw_> that is a very broad question
<maw_> you should start with html, css and javascript
<steelcityjim> ok
<maw_> those three languages can allow you to do lots of things
<Deeps> w3schools.com
<maw_> php or .net after that
<ivoks> or skip all that stuff and move into future - python
<steelcityjim> i want to start with a basic page couple pics and text with a link to the file share
<maw_> html can do that
<maw_> ivoks: I am just learning python, pretty fun language :)
<steelcityjim> do you really need to know "language"
<ivoks> depends on what you want
<ivoks> if you just want it to write 'I'm cool', then no
<ivoks> if you want it do something depending on some other actions, then yes
<ivoks> netko me slijedi, cini mi se :D
<steelcityjim> I'll just start with "im cool"
<steelcityjim> lol
<ivoks> uh, wrong channel
<steelcityjim> not finding any good direction on this
<maw_> steelcityjim: your comments make it appear that you want to become a master hacker in 10minutes
<maw_> you need to put some effort into reading about the different technologies you are trying to work with
<maw_> do you even know what LAMP stands for? Is that what you really needed?
<maw_> sounds like you just needed Apache
<steelcityjim> maw Im not trying to hack anything
<maw_> >.<
<maw_> hacker doesn't mean criminal, it is the correct word for someone who manipulates code
<maw_> the media just uses that word to talk about bad people
<steelcityjim> lol
<steelcityjim> im new to linux and just created my first server and would like to create a web page
<steelcityjim> domain is setup
<maw_> good, I am happy for you. everyone starts from 0
<maw_> but if you overwhelm yourself you will just give up
<steelcityjim> just trying to figure out how im not finding the tutorials in detail like the server set ups
<maw_> without buying some books off amazon
<maw_> there is no man html
<maw_> someone said earlier... w3schools.com
<maw_> ya that is a good site
<steelcityjim> yea I looked at that site
<maw_> done already?
<maw_> I think that is humanly impossible
<maw_> try this one
<maw_> http://www.webmonkey.com/tutorial/tag/web_basics
<maw_> read through every html tutorial
<maw_> actually do the examples
<maw_> and you will learn
<maw_> but coming to IRC and asking "how do I html"... will get few replies
<maw_> get a basis and ask a technical question and someone can probably assist
<maw_> but 0 knowledge... you won't find much assistance
<maw_> buy some o'reilly books... they are usually decent
<steelcityjim> ok one basic question
<steelcityjim> I see how you enter the text
<steelcityjim> am I creating a file with this in it ?
<steelcityjim> and if so is that done from the text editor
<maw_> ya
<steelcityjim> so for example
<maw_> what desktop OS are you using?
<steelcityjim> ubuntu 8.10
<maw_> ok, for simplicity just use "text editor"
<steelcityjim> I was told nano is simple?
<maw_> applications > accessories
<maw_> nano is a CLI tool
<maw_> but you can use that too
<maw_> vi,emacs,pico,nano,ed... use whatever you want
<maw_> it is just text data
<maw_> that gets parsed by an engine of some sort
<maw_> html,php,.net etc..
<kinnaz> isnt pico just nano ?
<maw_> nano is an enhanced version AFAIK
<kinnaz> i know in debian at the start there was only pico
<kinnaz> and later came nano
<kinnaz> thou i never noticed the difference
<maw_> http://www.nano-editor.org states "improved pico editor"
<maw_> I don't use it myself, so I am not sure either :P
<kinnaz> what you use then ?
<dazman> surely nothing exists apart from vi/vim? ;)
<maw_> ya vi
<kinnaz> imho vi isnt easy to use, only benefit with it is that its available everywhere
<maw_> yes I agree
<maw_> and that is why I am still struggling to master it
<dazman> Sure, there is a learning curve required for vim, but, once you've mastered it, it's pretty good.  Of course, nano is pretty easy to use for anyone.
<kinnaz> its not that hard to learn its just not easy to use
<kinnaz> you have to press more buttons
<kinnaz> to get the same result then with nano
<maw_> you won't find nano on a Unix machine
<kinnaz> luckly i havent played around with unix much
<kinnaz> thou old days forced me to learn vi
<maw_> I wouldn't say that ;) ...freebsd is nice
<kinnaz>  freebsd has nano
<kinnaz> not by default
<maw_> not out of the box
<kinnaz> but still package is available
<kinnaz> installing nano/bash is first steps in my bsd installs
<maw_> ya their ports is quite extensive
<kinnaz> imho that default shell just sucks
<maw_> /bin/sh ?
<kinnaz> or was it csh
<kinnaz> one of them
<maw_> sh
<maw_> csh might be obsd
<maw_> either way, I also prefer bash
<kinnaz> yeah openbsd is the one i play around the most
<kinnaz> building carp/pfsync routers
<maw_> cool
<maw_> I use pf at home on my firewall
<maw_> that is my experience with obsd :P
<kinnaz> i had some problems with my nic at home router
<maw_> it is a very manual OS
<kinnaz> so im using ubuntu as routing device
<maw_> ipfilter,ipfw,pf I guess are the main 3
<maw_> I have limited experience with all of them
<Davedan> where can I find info on apt.conf.d ?
<maw_> there is an extensive man page apt.conf
<Davedan> thx
<Davedan> what is the difference between apt.conf.d and apt.conf?
<steelcityjim> maw one more quick question
<steelcityjim> this "it works" file is a text file somewhere on my server correct?
<steelcityjim> I could open this and edit it correct?
<maw_> steelcityjim: yes
<maw_> I think it is in /var/www/htdocs/index.html
<maw_> so... nano /var/www/htdocs/index.html
<maw_> or find /var/www -iname index.html
<steelcityjim> ok I did the nano /var/www/htdocs/indes.html and it brought up the nano editior
<maw_> and is there html code in that file?
<maw_> or blank?
<steelcityjim> but no "it works"
<steelcityjim> blank
<maw_> ok that could because of permissions or the file doesn't exist there
<maw_> find the file and then open it
<steelcityjim> when i did find /var/www -iname index.html nothing came up
<steelcityjim> is that because its not html?
<steelcityjim> found a site with some templates
<steelcityjim> that would work a template that I could insert a pic or to and some text would rock
<steelcityjim> ok anyone ever use a template site?
<steelcityjim> Im curious if the only thing you can edit is the text
<LMJ> steelcityjim  : depending of the template, you may edit also the logo color and shape too
<Nickyy> How come libdb4.7 is available for the desktop versions but not for the server versions?
<steelcityjim> anyone heard of joomla?
<Kartagis> there was the line log-facility local7 in /etc/dhcp3/dhcpd.conf and I added the line local7.debug /var/log/dhcpd.log and it started logging in both /var/log/messages and /var/log/dhcpd.conf. how can I make it log only to /var/log/dhcpd.log ?
<steelcityjim> how do i install one of these templates
<steelcityjim> zip file on my linux pc
<steelcityjim> how do I load the html files to my website?
<bn43> hi is anyone here using ntop on server specifically to track internet usage for each host connecting?  I'm not sure how to configure it tho I have it running
<bn43> My server is using a 3g modem and hosts connect to the servers network card - the ppp0 connection is shared
<bn43> can someone help/comment pls?
<kaja> hello
<steelcityjim> can anyone tell me how to load a web page template to my website?
<steelcityjim> I have all the files on my server
<bn43> steelcityjim: most hosted sites have cpanel access - does yours?
<steelcityjim> not sure im using lamp
<steelcityjim> this if my first server bn
<bn43> um when u say website - is this hosted or are you accessing your site through your own server?
<steelcityjim> my own site from my server
<steelcityjim> its set up and configured correctly just trying to get template content on it
<kaja> steelcityjim:  try in var/www
<bn43> most of the time all you do is load all files in /var/www
<bn43> what he said
<kaja> and access it thru browser with http://localhost should work
<steelcityjim> ok so find /var/www
<steelcityjim> ok it game me /var/www/indes.html
<bn43> ? normally standard file is index.html or index.php
<domas> hiii!
<bn43> your browser automatically looks for this file and loads this
<steelcityjim> ok i found the var www folder
<steelcityjim> and it contains the html It works file
<steelcityjim> so I just switch the html files
<kaja> steelcityjim: there u need place your website
<steelcityjim> ok how do i move this damn file
<steelcityjim> wont let me copy and paste
<Jeff1> gksudo nautilus
<steelcityjim> don't have permisiion to save file?
<bn43> steelcityjim: u will need to have root access - use sudo before command - ie sudo cp blah blah - it will ask you for your password
<steelcityjim> hmmmmmm
<bn43> oh thats if you use the command line to do your stuff - r u using nautilus to copy?
<steelcityjim> trying to bn
<steelcityjim> I was just able to edit the existing html file
<steelcityjim> changed the it works message
<steelcityjim> gonna try and drop the new html file in and see what happens
<Nat_RH> Anybody successful with tunnelbroker and UFW?  IPv6 works fine when UFW turned off
<bn43> vodacom in south africa
<steelcityjim> ok that kinda worked
<steelcityjim> the html file opened on my site
<steelcityjim> but Im guessing because the other files were not with it the other stuff did not run
<steelcityjim> when I do nautilis am i supposed to be moving the files via command line
<steelcityjim> or drag and drop on the desktop?
<jahor> hello, anyone from the team behing new tomcat scripts in jaunty ?
<steelcityjim> im not doing something right
<steelcityjim> the html file has loaded to the site but the css files that go along are not
<domas> ghmmmm
<domas> dear ubuntu people, I have a server, that is trying to resync it's RAID array, and crashes every time in the end
<steelcityjim> how do you edit your web page in the browser?
<domas> what should I do? :)
<Kartagis> <steelcityjim> how do you edit your web page in the browser? <--- you can't
<jahor> hi. i could not stop thinking that pinning based on source-package names could be very useful ... anyone has oposite meening ?
<steelcityjim> kart I thought once you had the files loaded you could edit in your browser
<Davedan> is there a function to find out what was the last installed package on the server?
<ScottK> tail -f /var/log/dpkg.log
<steelcityjim> how do the html css and ie files get blended into one offering?
<Davedan>  ScottK: that's great. Do you happen to know how can I extract only the last package?
<ScottK> Davedan: Not precisely, but that's the file the information is in.  You can process it however works for you.
<Davedan> ScottK: is it possible that this file will be deleted or unlikely?
<ScottK> Davedan: The file will always be there.  It will be empty just after logrotate, but then the information will be in dpkg.log.1.
<dazman> Davedan, you could write a small script, to do it.
<dazman> Davedan, tail -n 1 /var/log/dpkg.log | cut -d ' ' -f5   would output the package name, but it may not always be "install", it could be an upgrade or similar...
<dazman> Davedan, depends what you need to do... (tail -n 1 /var/log/dpkg.log) will output the whole line.
<Davedan> dazman: thanks
<Davedan> It might be easier for me to do it with python
<Davedan> because I need only the last installed package
<tsrk> From looking at proftpd logs it looks like people are trying to brute force me.  Is there a way to log the attempted password as well as the username so I can see if I'm at any risk of being brute forced?
<dazman> Davedan, yep..
<steelcityjim> do css files get placed in teh var/www also?
<Davedan> steelcityjim: all the static files are placed in a folder accesible to your web server
<Davedan> steelcityjim: slicehost have a nice tutorial on suggested folder structure
<steelcityjim> ok im reading a few tutorials that both talk about ftp upload of the files to the website
<steelcityjim> How is this done/
<Davedan> where is your server?
<Davedan> do you experiment locally or is it hosted somewhere?
<Davedan> if you have a shared hosting you usually have an easy web interface for this stuff
<steelcityjim> i have my own server
<Davedan> if you have access to it you don't need ftp
<steelcityjim> ok thats what I thught
<Davedan> ftp is unsecure but it is used to upload files over the network
<steelcityjim> i have been able to move the template html file to var www folder
<steelcityjim> and that page comes up on my site
<Davedan> usually you have sub folders underthe www folder to structure your website/websites
<Davedan> ok
<Davedan> what are you trying to do now?
<steelcityjim> im trying to do a webpage
<Davedan> you just did :)
<steelcityjim> downloaded a template page (cause its gonna take me motnths to figure this out)
<steelcityjim> the template has css files, html and its supposed to be customizable to an extent
<Davedan> templates usually have all the files and folder structure needed
<Davedan> just extract it under www and it should work fine
<steelcityjim> ok so I move the zip folder into the www folder and extract all files?
<Davedan> yep
<steelcityjim> gksudo nautalis gets me root right
<Davedan> gksudo runs gui application in root
<Davedan> sudo is for terminal commands
<steelcityjim> its telling me I don't have access to move this file again
<Davedan> not sure...
<Davedan> anyway, web folders and files permissions are tricky
<Davedan> that's why I told you about the slicehost folder
<Davedan> you are the user that moving around files but apache is the user that should be able to access them
<steelcityjim> no its local right next to me
<steelcityjim> scratch that
<steelcityjim> ok how do I get to root
<steelcityjim> file system folder is locked to root owner only
<steelcityjim> I don't recall creating a password for root?
<ScottK> sudo foo should do what you need.
<steelcityjim> sudo foo command not found
<ScottK> What are you trying to do?
<Davedan> on ubuntu you can't login as root (I think) but you have sudo
<ScottK> foo should be whatever command you need.
<james_w> hello, is there any reason that the new dovecot-postfix package is "Architecture: any"?
<steelcityjim> ok im now at root@desktop and I still can't move this file
<james_w> it only contains a single conffile, so either it mis-built, or the package should be "Arch: all"
<jahor> james_w: arch: all means that it's buildable on all archs or i'm wrong
<jahor> james_w: arch any means that it's architecture independant package. for dependency holder and config-only package it's fine to be arch all.
<jahor> james_w: i made some dependency-holding packages for internal purpose in our company and they are arch all too ...see http://open.prv.etn.cz/testing/pkg-meta/etpol-essential/
<james_w> jahor: I'm looking for someone that knows about what this package is meant to do, so they can tell me if it's a mistake or not.
<james_w> it's landed in binary NEW, and I don't want to accept it until I know whether it was intentional
<james_w> ivoks isn't around right now, so I hoped someone else might be online
<cxo> And LVM experts in the house? Anyone know how to revert a pvmove?
<cxo> (the destination drive died)
<jahor> james_w: ah so. sorry then. the only thing i know is that it was announced maybe on ubuntu planet as a new postfix+dovecot integration
<james_w> jahor: thanks, I'll take a look
<james_w> nice, It doesn't answer my question, but it sounds pretty cool :-)
<jahor> james_w: ;o)
<ScottK> james_w: I think it should have been arch all.
<ScottK> james_w: Since it's such a small package I don't think it hurts to accept and and he fixes in the next upload.
<james_w> ScottK: thanks, I'm asking how to handle this case now, as I just found a second like this from the server team :-)
<ScottK> That's the only one I know anything about.
<james_w> the advice is to accept anything that's not dangerous and file a bug on it
<ScottK> Sounds reasonable.
<steelcityjim> ok you need to do gksudo gedit
<steelcityjim> to edit the html file on the var/www folder
<steelcityjim> however its still not launching the who site
<uvirtbot> New bug: #329878 in dovecot (main) "dovecot-postfix is Architecture: any" [Undecided,New] https://launchpad.net/bugs/329878
#ubuntu-server 2010-02-15
<bogeyd6> zoran119, no those patches got skipped
<bogeyd6> zoran119, safe, arguably
<zoran119> bogeyd6: it's ubuntu 8.04 lts... if i do dist-upgrade these packages should get upgraded... but will i still have 8.04 lts? or will be it someting else?
<Roxyhart0> HI I am trying to join my PDC and i got this error: rpccli_netlogon_set_trust_password: unable to setup creds (NT_STATUS_ACCESS_DENIED)! any idea?
<Roxyhart0> how i can install winbind?
<Roxyhart0> i got 2 winbind on apt-get winbind4 and winbind
<uvirtbot`> New bug: #521973 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/521973
<bogeyd6> zoran119, still 8.04
<Roxyhart0> hi i just delete samba folder and unistall the application, when i try to create again it doesnt create the samba folder. any idea?
<Roxyhart0> which is the difference between winbind and winbind4?
<Roxyhart0> hi please i dont know what id wrong but samba doesn't install properly.
<Roxyhart0> doesn't create the samba file
<Roxyhart0> and tesparm doesn work
<twb> Sigh.  Did Canonical *really* need to change Ubuntu's etckeeper to default to bzr instead of git?
<pmatulis> twb: makes sense
<twb> Only in the sense that canonical is in bed with bzr and everyone else got over it five years ago
<pmatulis> twb: canonical in bed with bzr?  the bzr developers are canonical employees
<twb> Bedding is a reflexive relation.
<twb> Er, not reflexive.
<twb> Symmetric?
<twb> Yeah.
<pmatulis> twb: you're thinking too much
<lifeless> pmatulis: are you aware of any way to run UEC on a hardy server?
<lifeless> pmatulis: I have a hardy server that I depend on too much to upgrade to lucid at this point in the cycle, but I wants UEC :)
<pmatulis> lifeless: sorry, i have almost no experience with UEC
<lifeless> kk, no worries
<twb> lifeless: depending on the dependencies, you might be able to just backport it
<twb> lifeless: I wouldn't do that with a production machine, of course
<lifeless> twb: UEC is eucalyptus - so it wants kvm :)
<lifeless> as well as a tonne of java
<lifeless> I was thinking about running it up in a lucid chroot, kindof thing.
<twb> It shouldn't need kvm specifically -- surely qemu or any other full virtualization solution would do
<twb> Java, otoh, can foad
<twb> I wouldn't want to try running KVM in a chroot, but if you have hardware VT, I can't think of any obvious reason why it wouldn't work.
<Roxyhart0> hi somebody can help me i am not dure what i did wrong or what i am missing in my PDC config i am unable to get information with wbinfo -u my config is : http://pastebin.com/d4c68efa. Also i can join my own PDC
<bogeyd6> eucalyptus on 8.04?
<bogeyd6> http://open.eucalyptus.com/forum/eucalyptus-ubuntu-hardy-backport
<bogeyd6> you need at least two servers for uec
<lifeless> oh cool
<lifeless> bogeyd6: no, you don't.
<lifeless> oh, the link says 'we failed' :)
<lifeless> bogeyd6: recommended topology is multiple machines, but I have a test machine here running MANAGED_NOVLAN sc, cc and nc just fine.
<lifeless> I found some bugs in the setup scripts etc which I documented and filed, but it works just fine and reliablu.
<ksoviero> Is it easy - or possible - to get dovecot to work like gmail, meaning by saving each email to a safe folder apon being downloaded by a client on pop?
<ksoviero> IE. archive the servers copy of the email, while sending it to the client
<MTecknology> CRAP!
<MTecknology> I need my wiki; my wiki on my dev server; my server is being entirely rebuilt
<MTecknology> And now I can't get my VM to grab an IP
<MTecknology> I wonder if it's an issue with the bridged network...
<Roxyhart0> hi after take off kerberos winbind doesn't work any more...wbinfo -u doen give me information. any idea about this prblem?
<Roxyhart0> hi i cant find the package libnss_winbind.so in my server. ho i can install it?
<MTecknology> Roxyhart0: about the worst time of week to find support...
<Roxyhart0> yes, and just this weeks every thinks happen on the servers? this is my work week in the job history!
<Roxyhart0> things
<MTecknology> Roxyhart0: I wish I could help///
<laen> If there's a S17mysql-ndb-mgm, S18mysql-ndb and S19mysql in /etc/rc3.d/, does this mean they are all started in this order? I'm wondering what the first two are, never heard of 'em.
<Roxyhart0> thanks me too...anyway without problems it could be boring isn't?
<MTecknology> Roxyhart0: true; issues keep your mind sharp :)
<MTecknology> just like the issues I've been having
<ttx> Roxyhart0: looks like it's in package winbind (/lib/libnss_winbind.so.2)
<Roxyhart0> thanks ttx
<Roxyhart0> i just recover it
<Roxyhart0> i am trying to configure a PDC samba server , try to goin to the domain (which is in the same machine) but i cant see the Domain. say something that i dont have privileges, i am wondering if is something with winbind configuration / pam
<Roxyhart0> ls
<soren> Oh, puppet. Why must thee spite me so?
<KamaL>  hi all.. I have ubunut server 9.04 on a VPS, I installed the desktop pack on it, but now when I type STARTX I get this error log: http://paste.ubuntu.com/376753/
<soren> KamaL: You won't be able to run standard X on a VPS. Standard X expects a monitor to be connected to the machine. Besides, this is off-topic here. Try in #ubuntu.
<KamaL> so i won't be able to connect through remote desktop to a ubuntu GUI this way?
<Roxyhart0> hi, how i can reload my pam configuration without reboot the server?
<soren> KamaL: Try in #ubuntu.
<KamaL> no one is answering there :/
<soren> KamaL: That does not magically make it on-topic for this channel :)
<swift> hi guys, i changed the /etc/network/interfaces file and lost ssh connection to my server
<swift> can someone advise why this happened?
<swift> i changed the IP and now, pings are not going through
<ttx> soren: got a mystery task question on #ubuntu-devel... if you know what happens, let me know
<Roxyhart0> someone know how i can reload my pam.d configuration without reboot the server?
<RoyK> Roxyhart0: for what?
<RoyK> ssh I think is parsed each time
<RoyK> for the gettys, you'll need to restart them
<RoyK> s/each time/on login/
<RoyK> perhaps no restart at all
<swift> guys, any advise or reason why this happened?
<swift> i mean, i only changed the interfaces file
<RoyK> swift: and restarted networking_
<RoyK> ?
<swift> no
<swift> i didnt do that
<RoyK> if you changed interfaces and restarted networking, your box is on a separate ip
<RoyK> if you didn't start networking, I don't know.
<RoyK> that file should only be read by /etc/init.d/networking (re)start
<swift> i didnt restart networking?
<swift> i didnt restart actually
<Roxyhart0> yes
<Roxyhart0> i just see that and my pam crash? somebody have any example of configure authentication with, samba, unic and ldap (pam.d)
<RoyK> swift: changing that file doesn't restart anything
<RoyK> swift: but rebooting after changing it, obviously does
<swift> i just changed the file and lost ssh access to the server
<swift> also, i can't ping to the new as well as onld IP
<swift> this is wierd
<RoyK> changing that file doesn't do anything
<RoyK> might have been something else
<ewook> so, how often is ubu's keyserver reachable?
<Roxyhart0> hi somebody have a example how to configura pam.d to access with samba and ldap?
<Roxyhart0> hi do i need pam_unix2.so if i am susing pam_smbpass? or just pam_unix.so is ok?
<maxagaz> the date is wrong on my system, how to reset it ?
<maxagaz> i mean system time
<Roxyhart0> someone have some example how to configurate pam.d with samba, ldap, unix sincronization?
<maxagaz> :~# date
<maxagaz> Sun Jun 26 00:02:52 CDT 1988
<liva> maxagaz : date --help
<liva> check for ntpdate to keep the system synchronized
<AmokPaule> Hello, someone has an idea why my mouse in karic is moving from alone to the top of my screen?
<maxagaz> liva, ntpdate ntp.ubuntu.com
<liva> You can have various servers in fact
<liva> It depends where you live
<liva> editing /etc/cron.daily/ntpdate
<alkisg> Since the new tftpd-hpa upload, where it now runs as a daemon as opposed to running from inetd.conf, it no longer autostarts when my system boots.
<alkisg> I need to manually run it. Any clues on how to make it autostart?
<c0dem4gnetic> when i send (external) emails postfix does not at all respect the hostname set in main.cf .. this leads to the sender being like <blabla.defaultdomain> .. how can i set these mappings?
<lbrinkma> Does anyone know why libaprutil1-dev is uninstallable on amd64?
<lbrinkma>  the anjuta package FTBFS because of that lib http://launchpadlibrarian.net/39209795/buildlog_ubuntu-lucid-amd64.anjuta_2:2.29.90.0-0ubuntu2_FAILEDTOBUILD.txt.gz
<soren> Nggghghhh!!
<soren> Is anyone using puppet in Lucid?
<fhermeni> hello
<fhermeni> I have trouble using kickstart to configure a NIS client
<fhermeni> I update /etc/passwd, group & shadow during post.
<fhermeni> After the install, I am able to log as a NIS user
<fhermeni> but not with root
<fhermeni> if I execute the modification after the install, by myself. It worksss
<sherr> fhermeni: what is kickstart?
<fhermeni> a tool for fully automated installation
<sherr> fhermeni: not the redhat tool?
<fhermeni> yes
<fhermeni> but usuable in ubuntu too
<sherr> You can use that on Ubuntu?
<pmatulis> !info kickstart
<ubottu> Package kickstart does not exist in karmic
<fhermeni> https://help.ubuntu.com/9.10/installation-guide/amd64/automatic-install.html
<mealstrom> use preseed
<sherr> fhermeni: interesting - didn't know that. Perhaps "preliminary" means "not all working" :-)
<fhermeni> yeah I suppose
<fhermeni> but I was never able to boot using the configuration file of preseed
<fhermeni> I've just tried passing a preseed file in the kernel but I have to screen to choose the language
<fhermeni> so anyone already tryed preseed ?
<fhermeni> in fact, the installer do not try to get the file (no log in apache access)
<_ruben> fhermeni: preseeding happens after locale/keyboard selection and network configuration (which can be configured using kickstart (never tried) or boot params)
<fhermeni> ok, seems effective, still have the two first points (locale/keyboard) to manage which is not really possible
<_ruben> debian-installer/locale=en_US console-setup/layoutcode=us
<fhermeni> ok thanks
<_ruben> add those as boot parameters (adjust if needed)
<_ruben> network shouldnt ask any questions if only one nic is available
<_ruben> and will try dhcp on it
<fhermeni> yep, but it asks for a confirmation about the hostname
<lbrinkma> why does libaprutil1-dev depend on the old libmysqlclient16-dev?
<KurtKraut> Can rsync connect to a ftp server to pull the files to sync it locally or just through SSH?
<fhermeni> _ruben: ok, seems to works. thanks for the tips
<karel> What do I need to do to make vmbuilder --add-pkg sun-java6-jdk work (sun-java6-jdk is in multiverse)
<fhermeni> by
<karel> Should I create a boot script which adds multiverse to /etc/apt/sources.list and apt-get update/install from there?
<uvirtbot`> New bug: #377474 in bridge-utils (main) "bridge-utils ifupdown script should disable IPv6 address autoconfiguration for underlying interface" [Wishlist,Triaged] https://launchpad.net/bugs/377474
<soren> uvirtbot`: nick uvirtbot
<uvirtbot`> soren: Error: You don't have the admin capability. If you think that you should have this capability, be sure that you are identified before trying again. The 'whoami' command can tell you if you're identified.
<lbrinkma> the libaprutil1-dev issue mentioned above breaks up the hole anjuta package
<JordanCook> i am getting this error in my mail.log.. "error: to submit mail, use the Postfix sendmail command" and "fatal: the postfix command is reserved for the superuser"
<_ruben> JordanCook: obviously something is trying to send mail in an inappropriate manner
<JordanCook> ok
<soren> ttx: How much have you thought about the etckeeper-puppet integration thing? I have a few things I'm not sure how are supposed to work..
<ttx> soren: it's more a spec from Mathias, but I should be able to answer
<soren> ttx: For one, the spec says that it should support two modes: a) overwrite local changes, or b) abort on local changes and output the diff.
<soren> In b), what does "output" mean? Where should I put it?
<soren> (Also, the diff etckeeper subcommand is listed as a "Later" work item, but I needed it for this, so I went ahead and implemented it.
<soren> )
<soren> Wow. I almost forgot the closing parenthesis.
 * soren suddenly thinks of all the parentheses people have opened on IRC, but never closed.
<soren> The parts of my brain that speak LISP are twitching.
<ttx> soren: i'm not sure what Mathias meant exactly )
<ttx> soren: since I agree "output" doesn't make a lot of sense in that context
<ttx> soren: better ask him, should ba available in a few
<Roxyhart0> hi, I got a problem similar to this  hi i got a problem similar to this one http://www.mail-archive.com/samba@lists.samba.org/msg102818.html and i have samba 3.4.0. . It say is improved in samba 3.4.1. somebody know about that? how i can migrate to samba 3.4.1?
<sherr> Roxyhart0: You can download Samba source and compile. The link you sent is referencing a fedora/RH Samba package - which may be different to the "official" 3.4.1 however (additonional patches). You would need to check.
<Roxyhart0> i am wonderin if there are Ubuntu version
<Roxyhart0> sombody has change or update to samba 3.4.x? x >0
<soren> ttx: Alright, I'll talk to mathiaz. Thanks :)
<sherr> Roxyhart0: http://packages.ubuntu.com/lucid/samba
<Roxyhart0> i got karmik it is ok if i install it on 9.10?
<sherr> Roxyhart0: Probably not - dependencies. You might break your system if you force it.
<sherr> Roxyhart0: But I don't know.
<Roxyhart0> :S so what i can do i need solve this problem
<Roxyhart0> just move to lucid?
<furythor> I got issue, I did install Open LDAP server according to this and I did not get promt for password, is there any way to recover it ?
<furythor> https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<ivoks> no, there's no password
<ivoks> if you are root on local machine
<furythor> so I can still set it later on ?
<ivoks> you should be able to create DIT and work with it
<furythor> invoks does SSH connection count as "root on local" ?
<ivoks> if you can do sudo, then yes
<furythor> ok
<ivoks> this document is buggy
<ivoks> instead of -x -D cn=admin,cn=config -W
<ivoks> you should be able to use -Y EXTERNAL
<furythor> do I need to define something for ldap server in /etc/hosts ?
<ivoks> so... ldapsearch -Y EXTERNAL -H ldapi:///
<ivoks> nope
<uvirtbot> New bug: #522185 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/522185
<furythor> I get this error ldap_bind: Server is unwilling to perform (53)
<furythor> 	additional info: unauthenticated bind (DN with no password) disallowed
<furythor> when I did try to run
<furythor> ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb
<ivoks> have you not read what i said?
<ivoks> instead of -x -D cn=admin,cn=config -W
<ivoks> you should be able to use -Y EXTERNAL
<ivoks> so... ldapsearch -Y EXTERNAL -H ldapi:///
<ivoks> ldapsearch -Y EXTERNAL -H ldapi:/// olcDatabase={1}hdb
<RoAkSoAx> ivoks, in the Cluster Testing, how come there's no openais configuration?
<RoAkSoAx> i mean
<RoAkSoAx> corosync
<RoAkSoAx> or the default config and replacing the bindnetaddr is the only things that needs to be configured
<ivoks> RoAkSoAx: that's the only thing that's needed
<swift> gy, i changed the IP iin the interfaces file of my ubuntu-server, restarted networking service and ifconfig shows the new IP
<swift> but, if i try pinging to the IP, it doesnt ping
<swift> also, i cannot ssh to the new IP
<swift> please advise how i can make this work?
<ivoks> restart sshd
<swift> but why can't i ping to the new IP?
<swift> is restarting sshd mandatory?
<ivoks> firewall?
<furythor> what that error I am getting is basically meaning ?
<ivoks> no, sshd should restart by it self
<ivoks> furythor: i told you 2 times to use -Y EXTERNAL, cause that doc is outdated and buggy for ubuntu 9.10
<swift> no, i'm trying to ping the IP from within the network
<swift> i can ping other servers on the same network
<ivoks> swift: wrong gateway?
<ivoks> check it out with route -n
<swift> ok
<furythor> ivoks: is there some better guide or should I just dump open LDAP for while ?
<swift> the gateway is correct
<swift> the server was getting a dhcp IP
<swift> i changed it to static in the interfaces file
<swift> and gave it a new IP
<furythor> Say, anyone here got experience with setting up irssi in screen ?
<swift> also, I uninstalled network-manager
<ivoks> swift: paste your /etc/network/interfaces
<ivoks> swift: on pastebin
<ivoks> furythor: the guid is ok, except the auth part
<ivoks> sommer: here?
<furythor> ok
<ivoks> what's the url for development version of help.ubuntu.com?
<furythor> is there some way to change admin password ?
<swift> http://pastebin.com/m66d0d335
<swift> thats the portion i added
<swift> ivoks:http://pastebin.com/m66d0d335
<ivoks> swift: you are missing gateway there
<swift> i need to specify one in the interfaces file?
<ivoks> swift: yes
<ivoks> otherwise, routes won't be added
<ivoks> furythor: yes, but why would you do that?
<ivoks> furythor: do you understand how ldaps work?
<swift> oh!
<furythor> ivoks honestly said : NO
<ivoks> furythor: there's config DIT
<ivoks> furythor: and there's your_data DIT
<furythor> okay
<ivoks> furythor: config DIT doesn't need admin account, unless you would like to change configs from other machines
<ivoks> your_data DIT can be populated with whatever you want
<furythor> ok
<ivoks> now, check this out:
<ivoks> http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala
<ivoks> this guide creates dc=example,dc=com (that's your_data DIT)
<furythor> Can I use OpenLDAP to define access control to various directories on my server ?
<ivoks> directories?
<ivoks> like folders on disk?
<furythor> yeah
<swift> thanks ivoks!!!!!
<swift> u rock!!!
<swift> it worked!
<ivoks> what's wrong with doing it with decades old chmod?
<ivoks> swift: great
<ivoks> RoAkSoAx: how's it going?
<furythor> because I am building setup like this, I got my home server which I will use on multiple purposes, some include like designing websites for clients, and others get confidential data on there, so I want my server to be secure before I introduce it more wider population
<ivoks> you don't need ldap for that
<ivoks> mkdir /tmp/my_private_dir
<ivoks> chmod 700 /tmp/my_private_dir
<ivoks> done
<ivoks> only you can access it
<furythor> well I'd wish it would be THAT simple however it is not, my intention is to offer files via webserver, so visitors need to be authenticated before getting access to files
<ivoks> so?
<ivoks> .htaccess?
<furythor> and password through it ?
<ivoks> htpasswd
<ivoks> htdigest
<ivoks> openldap is overkill for what you want
<furythor> yeah that would be one solution too... well I don't need server quite yet... so I will go through options and see what I choose
<furythor> but thanks for the help
<ivoks> eh
<ivoks> RoAkSoAx: ?
<RoAkSoAx> ivoks, yers?
<ivoks> RoAkSoAx: i tought you were testing
<RoAkSoAx> ivoks, yeah i am but trying to configure a loadbalancer with pacemaker and ldirectord , but went to take a shower first :P
<ivoks> hehe ok
<ivoks> why ldirectord?
<ivoks> haven't we decide to use keepalived?
<RoAkSoAx> ivoks, yes, I've already done simple config with keepalived and it works, not I wanna test pacemaker/ldirectord/ipvsadm and do some comparisons with failover
<RoAkSoAx> s/not/now
<ivoks> ok
<RoAkSoAx> like how much time each takes to failover
<RoAkSoAx> i'll do a call for testing by the end of this week
<ivoks> ok
<ivoks> feature freeze is very near
<uvirtbot> New bug: #521231 in nagios3 (main) "package nagios3-cgi (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/cgi-bin/nagios3/avail.cgi', which is also in package nagios3 0:3.0.6-5ubuntu3" [High,Triaged] https://launchpad.net/bugs/521231
<uvirtbot> New bug: #522196 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/522196
<RoAkSoAx> ivoks, yeah well i rather have keepalived 1.1.17 instead of 1.1.19 since debian maintainer does not want that version either due to it introduces several bugs
<RoAkSoAx> so I rather have an stable version in lucid
<ivoks> then fix those bugs
<RoAkSoAx> ivoks, yeah Im tracking down the devel list, there's a patch for a bug there but I've not have the time to test it yet, I wanna do that tonight
<bogeyd6> argh, UEC needs images, damn them, images!!!!!!!!!!!!!
<mconigliaro> hey guys, i understand that its impossible to update the kernel on a ubuntu ec2 instance. so i was wondering if it ever makes sense to apply kernel updates. my guess is no, and i should have apt ignore all kernel updates. anyone have any thoughts on this?
<uvirtbot> New bug: #521312 in geronimo-j2ee-connector-1.5-spec (main) "Sync geronimo-j2ee-connector-1.5-spec 2.0.0-1 (main) from Debian testing (main)" [Undecided,Fix released] https://launchpad.net/bugs/521312
<kriel> Looking to do some traffic shaping, to ensure that my ssh terminal doesn't die thanks to torrenting/ftp server use. What should I be looking into?
<lbrinkma>  Why is libsvn-dev uninstallable? This causes the anjuta package to FTBFS:  http://launchpadlibrarian.net/39209795/buildlog_ubuntu-lucid-amd64.anjuta_2:2.29.90.0-0ubuntu2_FAILEDTOBUILD.txt.gz This is only an amd64 issue, it installs fine on i386.
<lbrinkma> I think the issue is caused by libaprutil-dev
<stas> hi, anybody know any web server software that can be launched from cli and instantly server curent pwd as docroot?
<stas> only static files support
<ivoks> RoAkSoAx: please help with MIRs
<kpettit> When you get a ssh "connection timed out" is that the server or client giving that?
<ivoks> client cannot connect to server
<kpettit> I have this server I try to connect too that is just slow as hell for me to get to, I always get timeout's
<kpettit> ivoks, anyway to increase how long the client will try before it gives up?
<ivoks> kpettit: time out means no network connectivity
<ivoks> there is nothing on that IP
<ivoks> mirs are killing me
<kpettit> ughh.  it's anoying becuase sometimes it works, i just seem to be at the tail end of that time out and simetimes I can get thorugh but mostly I can't
<kpettit> I know it's up becuase it's web services and such are running, ughhh.  I think it's the dumb linksys router that's not routing correctly or taking to long
<kriel> stas: iirc there's a python one-liner that does that.
<stas> kriel: thx, just tried python -m SimpleHTTPServer but it lacks some support
<stas> i cant get everything loaded into webpage dunno why
<stas> i thinks it has poor mime support
<stas> kriel: nvm, it worked, ty. I misspelled my docroot
<Guest50488> postfix seems to be going in a loop
<kriel> PS: <3 wondershaper
<Guest50488> it keeps relaying the mail localy
<bogeyd6> How can I tell apt to ignore an unmet dependency ?
<RoAkSoAx> ivoks, ok will also look into it tonight
<ivoks> please
<ivoks> we need to finish them asap
<ivoks> you could just use one of MIRs as template for new requests
<RoAkSoAx> ivoks, yep im already reading the other filed bugs
<ivoks> RoAkSoAx: go from bottom to top
<RoAkSoAx> ivoks, ;)
<ivoks> i'm to tired to continue today
<baffle> Hum; After rebooting a Karmic server with some (not root) LVM logical volumes on clustered storage, the server will drop to busybox on boot because it does not find liblvm2clusterlock.so; It does *not* fall back to local locking, even if this is enabled in lvm.conf ..
<baffle> Thus not starting the local root logical volumes, and not booting.
<ivoks> doh... that's cman
<ivoks> baffle: is that /home on clvm?
<baffle> ivoks: No, the CLVM-volumes are virtual machine LVs.
<mathiaz> ivoks: hi
<mathiaz> ivoks: I don't think MIR needs to be written before FF
<ivoks> mathiaz: hi
<mathiaz> ivoks: the most of important thing wrt to FF to have all the new packages in the archive by FF
<ivoks> mathiaz: problem is that if we don't get MIR before FF, we'll need to get features after FF
<baffle> ivoks: But this is in the initramfs; Since lvm.conf specifies "locking_type = 2" it tries to use the locking library wich is not included in the initramfs.
<ivoks> mathiaz: that's the thing
<baffle> ivoks: And instead of gracefully falling back to local locking, it dies instead.
<baffle> ivoks: Even if this is specified in the configfile.
<ivoks> mathiaz: we can't have new rhcs before pacemaker is in
<mathiaz> ivoks: because rhcs (in main) needs to be built with new libraries (currently in universe)?
<ivoks> mathiaz: yes
<mathiaz> ivoks: another way around is to demote rhcs to universe for now
<baffle> ivoks: If I change /etc/lvm/lvm.conf to "locking_type = 1" while in initramfs, I can active the root/swap LVMs.
<mathiaz> ivoks: and do the promotion to main after
<mathiaz> ivoks: if rhcs was already in main, promoting it is faster
<ivoks> mathiaz: same goes for lvm2 and ocfs2-tools
<ivoks> baffle: eh, i haven't worked with clvm and cman yet
<mathiaz> ivoks: lvm2?
<ivoks> baffle: i just started testing it with pacemaker
<ivoks> mathiaz: yes, clvm
<ivoks> mathiaz: lvm is build against libcman
<ivoks> mathiaz: if we demote rhcs, we will have to demote lvm too :D
<ivoks> mathiaz: and to avoid all that, it's just easier to finish MIRs before FF
<mathiaz> ivoks: lvm like in folder-hook imaps://mail.canonical.com/ 'set signature=~/.mutt-ubuntu-signature'
<mathiaz> ivoks: mh
<ivoks> ?
<mathiaz> ivoks: lvm like in Linux Logical Volume Manager?
<ivoks> mathiaz: yes
<ivoks> Depends: libc6 (>= 2.4), libcman3, libdevmapper1.02.1 (>= 2:1.02.24), libdlm3, libreadline5 (>= 5.2), lvm2 (= 2.02.39-0ubuntu11)
<ivoks> that's clvm
<ivoks> Source: lvm2
<mathiaz> ivoks: right
<ivoks> we could drop clvm for alpha3 :)
<ivoks> but it is just easier to finish MIRs
<ivoks> and be done with it all
<mathiaz> ivoks: ok
<ivoks> there's not that many of them
<ivoks> https://wiki.ubuntu.com/ClusterStack/MIR
<ivoks> i just need one more pair of hands
<panfist> can anyone comment on which version would be better to run a xen host: jaunty because it's newer, or hardy LTS?
<ivoks> that's it for me for now
<ivoks> i'll be back later
<ivoks> bye
<kriel> panfist: how linux-savvy is the person that's going to be maintaining this server?
<panfist> i would say i'm intermediate
<panfist> i know some scripting and i've experimented with debian, suse and solaris
<kriel> You'd probably be fine with jaunty, and maybe get some cool new optimizations out of it. LTS will be 'more stable' by definition, but I'd think jaunty would be more than stable enough.
<panfist> ok
<baffle> kriel: If you're going with a non-LTS release, why not just go for Karmic?
<kriel> baffle: panfist didn't ask for karmic. He asked choose([jaunty,hardy LTS])
<baffle> kriel: Yes..?
<kriel> baffle: If you'd like to ask that question, ask it of panfist. I answered the question that he posed.
<baffle> kriel: Oh, sorry, didn't notice it before now. :-)
<baffle> panfist: If you're going with a non-LTS release, why not just go for Karmic?
<panfist> i heard that there is no xen patched kernel for karmic yet
<panfist> unless that's changed since november
<baffle> panfist: Ah, that might be true.
<baffle> panfist: Didn't think of that; I've moved over to KVM now.
<panfist> i need a solaris guest, does kvm support that?
<panfist> i have a zfs thing going on, and no spare hard drives to dump the data and rebuild a linux raid. besides, there is a reason i switched from linux raid to zfs in the first place... the reason i want to run the zfs of a guest is because my video card isn't supported in solaris
<panfist> so i have two options, buy a new video card or motherboard, or virtualize
<panfist> or buy 8 TB storage to rebuild the array
<panfist> that's right out, for being too expensive
<panfist> i figure i will try the virtualization thing, because it's free, and if that doesn't work out then get an nvidia graphics card
<baffle> panfist: Seems like KVM supports solaris: http://www.linux-kvm.org/page/Guest_Support_Status
<panfist> fully or paravirtualized?
<panfist> i was going to set up the solaris vm as a paravirtualized guest and hopefully get close-to-bare-metal performance of the zpool
<baffle> panfist: Using HVM, not sure if there are paravirtualized i/o yet.
<panfist> ummm do i have my terminology wrong
<panfist> is paravirtualization what i want?
<baffle> panfist: Seems XEN might be the best way to go; I don't think there is support for paravirtualized i/o (virtio) in Solaris yet. So you will not get close to bare-metal performance.
<panfist> well, since you seem to be experienced with KVM, maybe you can let me know, what kind of performance would i expect managing the raid from a guest os?
<panfist> ok
<soren> mathiaz: I have a few questions about the puppet-etckeeper integration.
<mathiaz> soren: hi!
<soren> mathiaz: Apologies in advance if I go missing all of a sudden; Sofie's ill so she demands a lot of attention.
<soren> mathiaz: Oh, right: Hi :)
<mathiaz> soren: no problem - a human being is more important than a puppet and a keeper :)
<soren> :)
<soren> mathiaz: The spec says that it should support two modes: a) overwrite local changes, or b) abort on local changes and o
<soren> utput the diff.
<soren> whoops.
<soren> Meh, you can join lines.
<soren> In b) where should this output go?
<soren> The diff etckeeper subcommand is listed as a "Later" work item, but this output depends on it, so I'm curious if it was deferred?
<soren> (I did actually implement that diff subcommand, so if we can think of a place to put the output, that's cool).
<mathiaz> soren: hm - good question
<mathiaz> soren:  This is hasn't been really discussed
<soren> mathiaz: Alright.
<mathiaz> soren: so - for the spec and lucid alpha3 it's not important
<mathiaz> soren: for alpha3, the goal is to have a similar experience to what apt/etckeeper does for now
<soren> mathiaz: Ok.
<mathiaz> soren: ie: run etckeeper before modifying any files, run etckeeper after puppet has modified all the files
<soren> mathiaz: Have you thought about where to put this code? Should it be in a new puppet-etckeeper package that attempts to do the right thing if installed, or should we make etckeeper a dependency of puppet and stick the hooks in there by default?
<mathiaz> soren: I wouldn't make etckeeper a dependency
<soren> mathiaz: Ok.
<mathiaz> soren: if etckeeper is installed, puppet should automatically integrate with it
<soren> Ok. So I could put the integration code in puppet and have the hook scripts check whether etckeeper is installed, and if not, just bail out.
<mathiaz> soren: sounds like a good plan to me
<soren> Alright.
<soren> One more thing:
<mathiaz> soren: and have puppet *suggest* etckeeper
<soren> Not even recommend? Ok. Your call :)
<soren> The other thing: "run etckeeper before modifying any files"... What to do there? Commit local changes?
<mathiaz> soren: yes
<mathiaz> soren: that's what apt does
<soren> mathiaz: Oh, it does it before doing anything as well?
<soren> I didn't realise. Cool.
<mathiaz> soren: yes - http://paste.ubuntu.com/377070/
<soren> Wicked.
<soren> Dum, da dum..
<baffle> Anyone care to help me look at a LVM/clvm/initramfs problem?
<soren> baffle: Feel free to shoot. If I can be of help, I'll pitch in.
 * soren is not really clvm savvy, but still..
<soren> mathiaz: I will consider failure of etckeeper non-fatal for now.
 * mathiaz nods
<baffle> soren: I have root and swap on a local pv/vg. I also have some virtual machine logical volumes on a "remote" pv/vg (SAN). This vg is clustered.
<baffle> soren: This means I have specified locking_type = 2 in /etc/lvm/lvm.conf, so that clustering on these volumes work.
<soren> baffle: ok.
<baffle> soren: I've also enabled fallback to local clustering and local locking (for local volumes only) in lvm.conf.
<baffle> soren: When creating the initramfs (update-intramfs -u) it seems liblvm2clusterlock.so does not get copied to /lib/lvm2/ in the initramfs-image.
<baffle> soren: Ofcourse, liblvm2clusterlock.so would not *work* during the initramfs boot, as the cluster is not running.
<baffle> soren: But lvm now seems to error because liblvm2clusterlock.so does not exist, and exists instead of falling back.
<baffle> soren: (During the boot phase)
<baffle> soren: So the local (non-clustered) root-filsystems doesn't start.
<baffle> soren: To boot the server, I have to edit lvm.conf in the initramfs manually and change it to a non-clustered config and manually activate the logical volumes (lvm lvchange -a y /dev/blah/root & swap)
<soren> baffle: Ok.
<baffle> soren: So, I'm not really sure if this is a) A missing hook for copying liblvm2clusterlock.so into the initrd, or b) An error in lvm2 that doesn't handle missing dependencies.
<baffle> soren: Or c) something totally unrelated. :)
<soren> baffle: Have you tried copying liblvm2clusterlock.so in there to see the effects?
<baffle> soren: But basically the result is that the combination of root on LVM and clustered LVM breaks totally.
<baffle> soren: No, is there an easy way to do that?
<soren> baffle: How did you edit the lvm.conf in initramfs?
<soren> Oh, from the initramfs prompt?
<baffle> soren: Yes, from the initramfs busybox shell. :)
<soren> Ok.
<baffle> soren: sed < /etc/lvm/lvm.conf 's:locking_type = 2:locking_type = 1:' > /etc/lvm/meh ; mv /etc/lvm/meh /etc/lvm/lvm.conf
<baffle> Yay. :)
<soren> In /usr/share/initramfs-tools/hooks/lvm2, you see the code that copies the lvm2 related stuff into initramfs.
<soren> copy_exec is a function that's supposed to copy the binary itself and all its dependencies.
<soren> However, I imagine the clvm stuff is dl_open'ed at runtime rather than linked.
<soren> ...which would explain our problem.
<soren> s/our/your/, I suppose :)
<soren> So, if that will fix it, the solution will be to add a hook to the clvm package that copies the relevant libraries.
<baffle> soren: Yes, it is dl_open'ed.
<baffle> soren: Updating and booting the server now.
<soren> Well, there we go. That's why copy_exec doesn't to the trick.
<soren> It uses ldd to figure out what else to copy.
<soren> IIRC anyway.
<soren> Something to that effect.
<baffle> soren: It takes a little while to boot, the servers are slow to boot.
<baffle> Wow, that was redundant.
<soren> Fresh off the press from the department of redundancy department.
<baffle> soren: Hmm, seems that didn't fix it. It doesn't complain about the missing library anymore.
<soren> baffle: Dang.
<soren> Too easy.
<baffle> soren: I hoped it was something that easy. Bah.
<MTecknology> useless redundancy: atm machine; pin number; this slow server is slow
<baffle> MTecknology: :)
<soren> baffle: How did you copy in liblvm2clusterlock.so ?
<soren> baffle: Using copy_exec?
<baffle> soren: No, using mkdir $dest/lib/lvm2 & cp -p /lib/lvm2/blah.so $dest/lib/lvm2. So that worked. It didn't output an error about that.
<baffle> soren: But I just tought of something, maybe it will fix it.
<baffle> soren: Just noticed that fallback_to_clustered_locking = 1 (as well as fallback_to_local_locking = 1) .. But even after changing to "fallback_to_local_locking = 0" pvscan etc fails.
<soren> baffle: No errors?
<baffle> soren: Yes, 1 sec.
<baffle> soren: http://i.imgur.com/Kjdf7.jpg
<soren> baffle: Oh, right clvmd.
<baffle> soren: Yes, that is the locking library. :)
<baffle> soren: But this has worked before I think? I mean, people *have* booted their clustered machines before. :-)
<soren> So they say.
<soren> :)
<soren> Is this Lucid?
<baffle> soren: Maybe everyone uses ksplice.
<baffle> soren: It is karmic.
 * soren ponders
<soren> baffle: Bah. Someone who's actually ever used clvm should probably be able to say something remotely informed about this. Incidentally, I've never used it.
<baffle> soren: Hmm, it just seems fallback doesn't work at all, even if I try to set locking_type to 3 (clustered locking, but internal instead of external) it still doesn't fallback to local..
<baffle> Hmm, I should check how it works on another release.
<zooko> Folks: synaptic has a cool feature for choosing the fastest ubuntu apt repository.
<zooko> But I want to do that for a server to which I have only ssh access -- no X.
<zooko> Is there a textual, command-line tool that does the same thing?
<zooko> I know that Debian has two -- netselect and apt-spy -- but Ubuntu seems to have neither.
<MTecknology> zooko: I never thoguht about it, but that would be nice
<soren> mathiaz: lp:~soren/ubuntu/lucid/puppet/etckeeper-integration for your reviewing pleasure.
<soren> mathiaz: Also, I'm feeling quite under the weather. I may "call in" sick tomorrow, so if I'm not back yet to upload before FF, could you take care of that?
<mathiaz> soren: sure
<soren> It's amazing, really. Going to all these UDS's, acquiring all sorts of weird viruses from all over the world, training up my immune defence... and my daughter brings home something from day care, and I'm out for days. :(
<mathiaz> soren: I'm sure you'll survive ;)
<mathiaz> soren: your branch looks god
<mathiaz> soren: *good*
<mathiaz> soren: I'll probably do another upload of puppet as I've run into an issue with puppetmaster
<soren> mathiaz: Do share.
<mathiaz> soren: debian bug 570012
<uvirtbot> Debian bug 570012 in puppetmaster "puppetmaster fails to start: puppet user missing" [Normal,Open] http://bugs.debian.org/570012
<soren> Oh.
<soren> Yeah, puppet-common.postinst should totally be creating that user rather that puppet.postinst.
<soren> Oh, as you say yourself, apparantly :)
<MTecknology> zooko: I'm not finding anything helpful... Sorry :( - maybe we need to package netselect or apt-spy for Ubuntu with a few tweaks to make it work. Email me and I'll look into it.
<zooko> What's your email address?
 * MTecknology @ubuntu.com
<MTecknology> zooko: thanks, I keep my to-do list in email form :P
<fbc-mx> how do you mount the persistence file on a LIVECD/USB key?
<uvirtbot> New bug: #522339 in openldap (main) "package slapd 2.4.18-0ubuntu1 failed to install/upgrade: le sous-processus script pre-removal installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/522339
<uvirtbot> New bug: #520729 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/520729
<uvirtbot> New bug: #522160 in qemu-kvm (main) "qemu 0.12.2 now available" [Undecided,Fix released] https://launchpad.net/bugs/522160
#ubuntu-server 2010-02-16
<bc> does anyone happen to know the file number limit for a directory?
<qman__> that depends on your filesystem
<bc> ext3, which apparently has a directory number limit of 31998, but does that also go for files?
<qman__> the number of files varies based on the options you used when you created it
<bc> I'm up to 637 and counting, but the end result will be over 40 thousand files unless it borks.
<qman__> "The maximum number of inodes (and hence the maximum number of files and directories) is set when the file system is created. If V is the volume size in bytes, then the default number of inodes is given by V/213 (or the number of blocks, whichever is less), and the minimum by V/223. The default was deemed sufficient for most applications. The max number of subdirectories in one directory is fixed to 32000."
<bc> qman__: it would have been what ever the defaults are.
<bc> qman__: ah, I see
<qman__> you can check how many inodes are used/free with df -i
<bc> qman__: apparently I've only used 2% on a 320 GB disk.
<bc> (2% inodes, that is)
<bc> qman__: thank you
<qman__> no problem
<twb> Wasn't GNU supposed to AVOID arbitrary limits in its code?
<twb> Oh right, Linus and his mates aren't GNU
 * bc found out that waiting for 40 thousand sequential http requests isn't very amusing.
<cef> got a kvm guest (karmic for guest and host) that keeps saying 'EXT3-fs warning: maximal mount count reached, running e2fsck is recommended.' but I can't seem to get it to run on boot. Touching /forcefsck (as root) and then rebooting doesn't seem to alter that message, but /forcefsck does disappear after the next boot. Any ideas?
<cef> dumpe2fs -h also shows that the fs was last checked ages ago, and not when I last used /forcefsck
<Roxyhart0> hi guy i am having this problem. http://www.mail-archive.com/samba@lists.samba.org/msg102804.html how i can upgrade my samba version (reliable) fro my ubuntu 9.10?
<qman__> is there any way to reset a stuck tty? my tty2 locked up, I killed off the processes that were running on it, and tried 'sudo stop tty2; sudo start tty2' but it's still stuck
<cef> qman__: try 'sudo initctl stop tty2 ; sudo initctl start tty2'
<qman__> still stuck
<cef> but yeah, stop and start should  do the same
<qman__> it spawned new processes and everything
<qman__> but the screen is stuck
<cef> scroll lock? Ctrl-Q?
<qman__> hey, I think that's working
<qman__> thanks
<cef> np
<cef> good ol' flow control
<qman__> was using irssi, hit spell check, and it hard locked
<qman__> but that got the screen back, never even noticed scroll lock turned on
<cef> what's the key spell check?
<qman__> alt+s
<cef> haha, hit ctrl+S insteda methinks
<cef> instead even
<qman__> possibly, the keyboard is a bit wonky
<cef> yeah.. easy done
<qman__> one time I sort of mashed the right alt/win/context keys
<qman__> and it turned scroll lock on
<twb> qman__: ^Q or ^A^Q to turn it off
<twb> And stty -xoff to disable it forever in that shell
<qman__> thanks
<qman__> is that per bash, or per tty, because I'm using screen
<cef> so any ideas on forcing an fsck on a karmic server with no console access?
<qman__> which filesystem is it? if it's non-root, you could try unmounting it and running fsck manually
<cef> root unfortunately
<cef> I see hints on the net to 'sudo touch /forcefsck' then reboot, but no luck
<twb> cef: in fstab you must have fsck/dump options that aren't 0
<SJrX> I  just took a hardrive out of a P3-733 with Ubuntu 8.04, and put it into an AMD 2800+. I have no ethernet now. lspci shows a "00:12.0 VIA Technologies, Inc VT6012 [Rhine-II] (rev 74)" card, and I've loaded via-rhine module, however still no eth0 device. Ubuntu 9.10 was on this machine previously
<qman__> SJrX, it's probably eth1
<SJrX> eth3 oddly enough
<SJrX> any idea why?
<qman__> if you want it to be eth0, wipe the old interface out of /etc/udev/rules.d/70-persistent-net.rules
<qman__> and change the new one to eth0
<SJrX> Ad
<SJrX> Ah
<qman__> it dynamically assigns them, then keeps them in that file
<qman__> so that when you remove and re-insert a device, it keeps the same name
<SJrX> SSH doesn't respond
<SJrX> For some reason when I connect to the machine, I never get a login prompt. Ubuntu 8.10. It works locally but from two other machines, it's just hanging. The port is open.
<thebwt> SJrX: can it ssh out?
<SJrX> Yeah
<SJrX> weird it was an out of memory problem
<SJrX> apparently something went wrong with the raid array
<thebwt> SJrX: indeed! sounds messy.
<SJrX> "md: array md0 already has disks!" is what the messages said
<SJrX> but it printed about 1000 times a second in messages
<twb> SJrX: examine /proc/mdstat
<SJrX> It looks good afaik, not sure how to read that, active raid1
<twb> SJrX: pastebin it, then
<SJrX> mdadm --detail /dev/md0, says the State: is clean.
<SJrX> Events: 0.40166
<SJrX> I also get "md: could not bd_claim sdc1" on boot
<Roxyhart0> hi guys, i am upgrading a file server and sharing files for users...but when i move the data i am not sure why some users can see their thata and some of them doesn't im not getting any error in the log event? any idea?
<Roxyhart0> again. hi guys, i am migrating a file server and sharing files for users...but some users can see their thata and some of them don't. I just check the logs and im not getting nothing. any idea? i have ubuntu 9.10 and samba 3.4.0
<Roxyhart0> thata ->data
<MTecknology> Roxyhart0: I assume you checked permissions with ls -la
<Roxyhart0> yes i did
<Roxyhart0> is the same permisions
<Roxyhart0> group:users
<cef> twb: argh!!!! damn fstab.. thanks
<cef> any idea why one particular kvm guest I have 1) always starts first 2) crashes when it is set to autostart and starts at boot, but works fine if manually started from virsh?
<cef> if I can figure out why it starts first, i can narrow the issue down to the actual vm, or just cos it starts first
<cef> (and it's not alpha-sorted or date-sorted)
<uvirtbot> New bug: #522482 in samba (main) "Domain Members can not join to Samba DC (ubuntu 9.10). " [Undecided,New] https://launchpad.net/bugs/522482
<twb> It's unlikely, but whatever is looking at "directory full of VM definitions" might be listing the directory's inode without applying any sorting at all
<twb> cf. ls -U
<cef> twb: indeed that makes sense
<cef> and yup, that indeed seems to be the case.. now to change that around a bit...
<twb> Stupid libvirt
<twb> You should file a bug against it for doing things that way
<cef> yeah
<cef> oh you gotta be kidding me
<cef> every time I create a new copy of the machine, it ends up at the top of ls -U
<cef> well, time to go home
<cef> will hit it (or mebbe the dev) with a hammer tomorrow
<cef> twb: ta for the help btw
<SeR_X> hello someone who can help me with ubuntu korganizer?
<Roxyhart08> i got another question...I got a samba server and I configurated users folders . They can see some data in their folder and some dont. For example, I just copy data from the server to each user folder they can't see this new data, just the old one and the permisions are the same "users". i mean it does not refresh? any idea?
<Roxyhart08> hi somebody know what i need to do to refresh it, i dont know why the users can not see the info on the folder
<Roxyhart08> somebody has trying to share folder in a samba server?
<Error404NotFound> i am following http://shapeshed.com/journal/chroot_sftp_users_on_ubuntu_intrepid/ to setup a sftp server, and i get "Bad condition X11Forwarding"
<thebwt> Error404NotFound: at which part?
<Error404NotFound> thebwt, the line which defined "Match group sftp X11Forwarding no ......"
<thebwt> Error404NotFound: haveed leaving out "X11Forwarding no"
<thebwt> have you tried*
<Error404NotFound> yup, then it says same error on Chroot....
<thebwt> hmm, then double check "Match group sftp"
<thebwt> sounds like it's trying to read X11Forwarding as a condtion
<thebwt> or whatever comes in it's place
<Error404NotFound> i get Directive 'ChrootDirectory' is not allowed within a Match block now that i did it separately, e.g. first i defined Subsystem and then a Match group sftp
<Error404NotFound> damn, ssh version < 4.8
<Roxyhart08> hi some question i am migrating to new PDC, Id recover the ldap database and the name of the Domain is the same. Do i need to joing again the windows client to the domain?
<fhermeni> hy
<fhermeni> I have an issue with preseed. Everything is automatic except netcfg: after getting all the stuff with DHCP, it still asking for a confirmation of the hostname
<fhermeni> documentation say that using "d-i netcfg/get_hostname string unassigned-hostname" should prevent that question, but not seems right for my installation
<maxagaz_> is there a way to list the last removed packages ?
<maxagaz_> what package allows to mount usb devices automatically ?
<twb> maxagaz_: gnome
<maxagaz_> twb, no, I have it
<maxagaz_> twb, their must be some package
<twb> NFI
<twb> udev, if you mean a specific serial ID
<maxagaz_> udev is properly installed
<maxagaz_> If I had a list of the 20 last removed/installed packages, I guess it would help me to understanf
<maxagaz_> d
<twb> maxagaz_: that's /var/log/dpkg
<maxagaz_> twb, thanks
<Roxyhart08> hi by error I delete my logs folder, where is going the openldap log?
<Roxyhart08> how i can increment the log level ?
<uvirtbot> New bug: #522542 in mysql-dfsg-5.1 (main) "[Lucid] updating of libmysqlclient16 fails because file isn't downloadable" [Undecided,New] https://launchpad.net/bugs/522542
<acalvo> hi
<acalvo> is there any dhcp monitoring tool?
<acalvo> dhcp server, I meant
<screen-x> acalvo: you could try monitoring with dhcping
<acalvo> it seems dhcping is an audit tool
<acalvo> I find hard to manage the dhcp pool from command line
<screen-x> acalvo: I dont know of a gui for that. I define pools in dhcpd config then leave it. Do you  need to modify it regularly?
<acalvo> I'd like to trace if there is any error related to DHCP
<acalvo> we have several APs which relay on a peer dhcp pool
<acalvo> and some users have reported random disconnections
<sherr> acalvo: there many be verbose/debug flags in the server config. Monitor DHCP in the system logs.
<acalvo> btw, having a pool lifetime greater than 4h is not a good idea, since the network, which is a /22, gets full pretty quickly
<acalvo> sherr: yes, but we don't see any error (just some DNS updates denied, but DHCP is looking good)
<screen-x> acalvo: sounds like you just stated your problem. Can you use a larger network and NAT?
<acalvo> well, we've here around 250 unique users... getting 1022 MACs seems pretty unbelievable
<screen-x> so the /22 gets full, even though you only have 250 users?
<acalvo> yes
<acalvo> must say we're an university, so the wireless is not protected
<acalvo> but the range does not reach outside the building
<acalvo> even if some not-student users connect to the wireless network, seems pretty odd that the /22 gets full
<screen-x> acalvo: so are you getting multiple IPs assigned to a single MAC with overlapping times?
<acalvo> that should not occur, since the lifetime of a DHCP address is 2h
<acalvo> but some users, while having a good signal rate, suffer some disconnection problems
<screen-x> you say that multiple leases to one MAC should not occur, but how else are you filling that /22?
<acalvo> screen-x: is what I don't get...
<screen-x> acalvo: how many dhcp servers do you have?
<acalvo> I've a dhcp peer pool with 2 dhcp servers
<acalvo> managing 3 subnets
<zul> morning
<screen-x> acalvo: have you tried comparing dhcpd.leases from both servers?
<acalvo> screen-x: mm no
<Sorell> I was just checking my log files.... Does anyone else get IPs from china and the chech republic trying to break into there server?
<Sorell> their*
<Jeeves_> Sorell: That's not unusual
<Sorell> just checking, the server has been up for like 3 days
<Sorell> and it's already banned 42 IPs
<Sorell> thought that was a little werid.
<jiboumans> sorell: no, that's not a little weird :)
<Sorell> k
<Sorell> ty guys
<ttx> Sorell: http://isc.sans.org/survivaltime.html
<uvirtbot> New bug: #522074 in kvm (main) "fails to install due to differing kernel versions between installer and installee" [Low,Incomplete] https://launchpad.net/bugs/522074
<jiboumans> morning jkakar
<jiboumans> it's tuesday, this must be atlanta
<jkakar> jiboumans: Heyas!  Yep, we're in Atlanta, sprinting away.
<uvirtbot> New bug: #521392 in php5 (main) "(capital) FALSE is evaluted to int(0) whether to bool(false)" [Low,Incomplete] https://launchpad.net/bugs/521392
<uvirtbot> New bug: #522373 in openssh (main) "PublicKey authentication fails because of onerous permission rules" [Medium,Incomplete] https://launchpad.net/bugs/522373
<uvirtbot> New bug: #505493 in openssh (main) "ssh offers without question all your keys to any server" [Undecided,Incomplete] https://launchpad.net/bugs/505493
<cvincenzo> Hi all :)
<cvincenzo> can someone tell me whether packages of ubuntu for NAT and firewall there, so does the server (ubuntu) as a firewall and router?
<fhermeni> hy, I have trouble with preseed and the network configuration
<fhermeni> when it finished getting its stuff with dhcp, it still ask for the hostname while it knows it
<hyperlinx> is there any prouser who can help me ?
<hyperlinx> hello any body there ??
<KurtKraut> hyperlinx, you'll be more lucky if you ask right away what you want instead of asking if someone is active here.
<KurtKraut> *luckier
<zul> ttx: i have php 5.3 packaged in a ppa Im going to send out an email to ubuntu-devel and -server to ask people to test and report back bugs
<ttx> zul: ok
<KurtKraut> hyperlinx, you need to make your help request here and in english.
<smoser> good morning all.
<zul> hey smoser
<uvirtbot> New bug: #522671 in samba (main) "package winbind 2:3.4.0-3ubuntu5.4 failed to install/upgrade: podproces installed post-installation script zwrÃ³ciÅ kod bÅÄdu 139" [Undecided,New] https://launchpad.net/bugs/522671
<acalvo> Sorell: how did you block IPs? hardware firewall?
<Sorell> fail2ban auto blocks IPs
<Sorell> through software
<Sorell> if someone tries to login X times with wrong pass
<acalvo> never heard of that, thanks!
<Sorell> np :)
<Sorell> acalvo you may also want to install clam if you haven't already
<acalvo> Sorell: that's one of my ToDo, install ClamAV, spamassasin and squidguard
<Sorell> :)
<acalvo> thanks you so much!
<Sorell> Good luck
<uvirtbot> New bug: #522686 in libvirt (main) ""virsh save" hangs forever" [Undecided,New] https://launchpad.net/bugs/522686
<Jeeves_> grrr
<Jeeves_> debhelper--
<acalvo> Sorell: fail2ban is pretty awesome, support a lot of protocols
<smoser> mathiaz_, ping
<mathiaz_> smoser: !
<mathiaz_> smoser: how is you swap day going?
<smoser> hey, good.
<smoser> https://bugs.launchpad.net/ubuntu/+bug/521121/comments/1
<uvirtbot> Launchpad bug 521121 in ubuntu "[needs-packaging] txAWS" [Medium,Triaged]
<smoser> mathiaz_, it got swapped :)
<smoser> to friday or next monday. so i could get these packaging done
<smoser> mathiaz_, in above url, you said
<smoser> * The source package should be name txaws since this is the upstream name. The binary package should be name python-txaws as required by the Debian python policy.
<smoser> should that be the case with my ruby packages also (right-aws and right-http-connection)
<mathiaz> smoser: hm - that would be a good idea as well
<mathiaz> smoser: especially if the upstream tarball follows the same convention
<smoser> upstream tarballs are named right_aws and right_http_connection respectively
<mathiaz> smoser: ok - so you could name the source package right-aws
<smoser> so those changes and others to address your comments are available now in the branches linked from
<smoser> bug 521002
<uvirtbot> Launchpad bug 521002 in ubuntu "[needs-packaging] right_aws" [Medium,Confirmed] https://launchpad.net/bugs/521002
<smoser> and bug 521121
<uvirtbot> Launchpad bug 521121 in ubuntu "[needs-packaging] txAWS" [Medium,Triaged] https://launchpad.net/bugs/521121
<smoser> and both are lintian clean under lucid now
<smoser> i'll get to work on the other 2 packages on that list.
<smoser> mathiaz, ^
<Peanut> Hi - when installing Karmic via PXE, how can you prevent it asking the country/region questions, as it hasn't loaded 'preseed.cfg' yet?
<mathiaz> smoser: great - I'll have a look at them later
<mathiaz> smoser: I'm almost done with the puppet integration in cloud-init
<mathiaz> smoser: I've added a hook (config-puppet) to CloudConfig.py
<smoser> ok. i'll read that when you're ready.
<smoser> mathiaz, shoudl theree be only one entry in debian/changelog for ruby packages ?
<smoser> i'm guessing yes. so i'll change that.
<mathiaz> smoser: yes - since it's a brand new package
<mathiaz> smoser: for the ubuntu archive
<smoser> k
<mathiaz> smoser: we don't care about the previous life of the package
<mathiaz> smoser: it's a new born in the Ubuntu archive
<mathiaz> smoser: there isn't any concept of reincarnation in the Ubuntu archive
<aubre> hey guys, I updated my UEC front-end and nodes, and now when I try to run an instance, it goes from pending to terminating and once again I am getting the "in MANAGED-NOVLAN mode, priv interface 'eth1' must be a bridge, tunneling disabled"
<aubre> I thought this problem had been fixed already
<ttx> mathiaz: o/
<mathiaz> ttx: o^12
<ttx> smoser: I did the Perl package to offload you a bit
<zul> ttx is swell
<Pupeno> Hello.
<Pupeno> Any ideas how to make automatic upgrades work?
<ttx> smoser: race is on for the PHP package.
<smoser> ttx, i will do it. thanks.
<smoser> for the perl.
<ttx> smoser: i did it already
<ttx> it's uploaded
<smoser> oh. yeah. i meant, i will do the php.
<ttx> smoser: ok :)
<ttx> smoser: was wondering about bug 504883 status
<uvirtbot> Launchpad bug 504883 in udev "job with "mounted MOUNTPOINT=/ and net-device-up IFACE=eth0" blocks boot" [Medium,Triaged] https://launchpad.net/bugs/504883
<ttx> smoser: How critical is it to boothooks delivery ? If it is indeed necessary to fix it, I should bump it to alpha3 milestone
<smoser> well, i pinged Keybuk on that friday.  the response was "bugs are fixed after feature freeze"
<jdstrand> soren: hi! is there a wiki page describing how to ues kvm autotest in the way that you demo'd?
<smoser> i suggested that "sooner rather than later" on this would be nice.
<ttx> smoser: how does it impact the feature, the bug is not very clear
<ttx> ?
<smoser> ttx, it doesn't prevent anything, just makes the boothooks run later (and less determinably than i would have liked)
<smoser> less determinably : (other upstart jobs could be running)
<ttx> smoser: hhrm. So, when the bug is fixed, you can move to earlier in the boot process ?
<smoser> i would like for it to be fixed "sooner rather htan later" because it might have some fallout when we move to running that early.
<ttx> I'll target it for alpha3
<smoser> but, yes. thats what steve has found.
<smoser> you want a comment in there ?
<ttx> I'll do it
<uvirtbot> New bug: #522710 in libvirt (main) "libvirtd does not have a man page" [Undecided,New] https://launchpad.net/bugs/522710
<smoser> ttx, http://paste.ubuntu.com/377702/
<smoser> i'll post that in the bug unless you think its not clear
<ttx> aubre: not sure that error message is the cause to your instance run issues
<ttx> smoser: works from me
<ttx> for
<ttx> arrh
<aubre> ttx: agreed. I tried using the UEC web interface to get a 32-bit image and tried to start it - no joy
<aubre> ttx: everything was working fine until I upgraded to the latest packages
<ttx> aubre: define "latest" ? lucid ?
<aubre> ttx: karmic - I haven't made the jump yet
<ttx> aubre: so latest = ?
<aubre> ttx: sec
<aubre> ttx: what's the command to see what version you have installed? I'm having a senior moment
<aubre> ttx: it's the latest from "sudo apt-get dist-upgrade"
<aubre> ttx: I'm wondering if it has to do with this https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/503180
<uvirtbot> Launchpad bug 503180 in eucalyptus "[SRU] eucalyptus-cloud doesn't reply to requests (eucalyptus doesn't work after reboot or services restart issues due to upstart networking behavior)" [High,Fix committed]
<ttx> aubre: "dpkg -l | grep euca" ?
<aubre> ttx: 1.6~bzr931-0ubuntu7.4
<aubre> ttx: I can rebuild using the latest lucid isos if you think that might correct the problem
<ttx> aubre: i don't know what the problem is :)
<aubre> ttx: oh ok :P
<ttx> 1.6~bzr931-0ubuntu7.4 runs instances alright
<ttx> (usually)
<aubre> ttx: I've tried launching instances with command line as well as landscape and they have the same problem
<aubre> ttx: in nc.log I get doTerminateInstance() invoked (id=i-4DAC09AA) followed by ERROR: doTerminateInstance() failed error=101
<ttx> aubre: anything in libvirt logs ?
<aubre> ttx: checking
<aubre> ttx: interesting, it doesn't look like any logs have been created in /var/log/libvirt/qemu since I have been having the problem
<aubre> ttx: an ID is being assigned , but no instance gets to a running state
<aubre> ttx: the instances I am using are from the store
<ttx> aubre: could you pastebin your nc.log ?
<aubre> ttx: I mean images
<aubre> ttx: sure
<ttx> aubre: I'm more interested in error messages when ie starts up (rather than error messages when it terminates)
<aubre> tt: k
<aubre> ttx: k
<aubre> ttx: http://paste.ubuntu.com/377721/
<ttx> aubre: now that's strange
<ttx> aubre: look into cc.log
<ttx> because the nc never gets contacted to run the instance :)
<aubre> ttx: ok
<ttx> (the strange thing being... it gets contacted to terminate them)
<ttx> so from the NC perspective, everythign is alright
<aubre> ttx: ok that makes sense
<ttx> aubre: got to go now
<ttx> aubre: if you find something fishy, file a bug :)
<aubre> ttx: thanks for helping - will do
<pmatulis> with quotas, is it possible to override a group quota (giving a user a different quota)?
<zul> ttx: bug #522746
<uvirtbot> Launchpad bug 522746 in etckeeper "[MIR] etckeeper" [Undecided,New] https://launchpad.net/bugs/522746
<abeman> hi, I am having some issues setting up postfix behind a corporate proxy for wordpress
<abeman> i think it might be also due to the dns not resolving the smtp relay
<abeman> any suggestions?
<smoser> mathiaz, you have any way you can give me accesss to your UEC that reproduces bug 520707
<uvirtbot> Launchpad bug 520707 in euca2ools "euca-describe-snapshots invalid literal for int() with base 10" [Medium,Confirmed] https://launchpad.net/bugs/520707
<mathiaz> smoser: bug 522292
<uvirtbot> Launchpad bug 522292 in ubuntu "Lucid UEC image 20100215 unable to start on UEC" [Undecided,New] https://launchpad.net/bugs/522292
<acalvo> I'm in a hurry: does anyone know why a dhcp server receive dhcpdiscover, sends an offer but does not receive a dhcpack?
<acalvo> it seems to be a little random
<mathiaz> smoser: working on my cloud-init-puppet upstart job
<mathiaz> smoser: I'd like to have the puppet cloud config hook run *after* apt repositories have been setup
<mathiaz> smoser: on which job should I depend on in the cloud-config-puppet job?
<mathiaz> smoser: start on started cloud-apt-update-upgrade?
<smoser> started ?
<smoser> i think cloud-apt-update-upgrade is right , but dont know about started
<smoser> would that possibly let you run before that job is finished ?
<pgoetz> http://cdimage.ubuntu.com/ubuntu-server/daily/current/ doesn't appear to contain a .iso ....
<smoser> kirkland, ping
<tonyyarusso> I'm not really sure if this is a samba issue or an OpenOffice issue, but hopefully someone can help...  I have a Samba share set up, with create mask and directory mask of 0775, file permissions with g+w, yet whenever a user tries to open project2.odp, they get the message "This document is locked for editing by Unknown User".  What's wrong?
<tonyyarusso> (It works fine with an SFTP mount.)
<pgoetz> @tony Did you try opening a text file in the same folder using gedit?  If it's a samba issue, it should show up here, too.
<smoser> mathiaz, from started(7),
<smoser> A task that must be run after another task or service has been  started might use:
<smoser> start on started postgresql
<smoser> hm... first read of that indicated to me more clearly that  'another task' would have already finished. i dont know though.
<tonyyarusso> pgoetz: Yeah, it seems to only be OpenOffice and MS Office files that are affected.
<tonyyarusso> but only when accessed via samba.
<pgoetz> what version of samba/ubuntu server/oofice?
<mathiaz> smoser: right - I think it's the right definition
<mathiaz> smoser: and cloud-apt-update-upgrade will update the apt sources?
<smoser> yes
<tonyyarusso> pgoetz: 3.4.0-3ubuntu5.4, 9.10, 3.2
<mathiaz> smoser: great thanks
<smoser> mathiaz, but will also have run apt-upgrade (if configured)
<mathiaz> smoser: np
<mathiaz> smoser: the use case here is to be able to configure another apt repostory
<mathiaz> smoser: to pull in a new version of puppet if desired
<pgoetz>  What about opening an openoffice doc using koffice?
<tonyyarusso> pgoetz: I can give you access to the share if that would be helpful.
<tonyyarusso> I suppose I could try installing koffice on something - I don't have it currently.
<pgoetz> Should be easy to install (assuming you already have other KDE stuff) and might help narrow the problem down.
<tonyyarusso> is there a read-only flag somewhere internal to the ODF format?
<pgoetz> http://blogs.sun.com/oootnt/entry/read_only_writer_documents
<tonyyarusso> pgoetz: nope, not that.
<uvirtbot> New bug: #522797 in postfix (main) "Cancelled the Postfix configuration window. It then crashed." [Undecided,New] https://launchpad.net/bugs/522797
<tonyyarusso> pgoetz: KPresenter appears to have opened it okay?
<pgoetz> weird.  Sounds like it must be a problem with oo 3.2.
<nandersson> Hi! Does someone have a link for a "best-practices HOWTO" for setting up your own APT Repository?
<tonyyarusso> nandersson: are you looking to mirror existing ones or create your own for certain software?
<nandersson> tonyyarusso, Create my own for certain software on my private server
<tonyyarusso> nandersson: I'd try asking Seveas if he's online.
<nandersson> tonyyarusso, Ok, thanks!  I'll look out for him then :)
<tonyyarusso> nandersson: (not likely to be in here necessarily, use /whois)
<nandersson> tonyyarusso, Ah, ok, Thanks!
<pmatulis> lamont: do you know what postfix version enabled 'smtp_sasl_auth_cache_name' and a few other suchlike things?
<lamont> not off the top of my head, no
<pmatulis> lamont: i'm looking at the changelogs and i can't find anything.  man page just says "since 2.5"
<lamont> then 2.5.0-1 :-D
<pmatulis> lamont: hmm
<lamont> well, I expect so anyway
<pmatulis> lamont: ok, thx
<clbr> i've got a strange problem while trying to set up KVM on a karmic server: for some reason I get an class A netmask and bcast-address instead of what I specified in network/interfaces, see https://textb.org/t/7ac34qqvrw/
<clbr> someone has a hint?
<lbrinkma> Is their any update on libmysqlclient?
<jdstrand> jiboumans: fyi, I just filed bug #522845
<uvirtbot> Launchpad bug 522845 in libvirt "compiling with libcap-ng disallows qemu/kvm access to files not owned by root" [Undecided,Triaged] https://launchpad.net/bugs/522845
<jdstrand> jiboumans: soren updated libvirt to be compiled with libcap-ng for the lxc stuff
<jdstrand> jiboumans: this has some side-effects for the qemu/kvm driver
<jdstrand> jiboumans: as it turns out, the AppArmor security driver is preventing this problem-- however, if someone disables the AppArmor security driver and has disk files, etc owned by non-root, then there will be problems
<jdstrand> jiboumans: I marked it as Triaged, but I'm uncomfortable making changes atm
<jdstrand> jiboumans: mostly, I wanted you to be aware of the potential problems for any installs that disable the AppArmor security driver
<jdstrand> jiboumans: I've heard that some eucalyptus deployments do this (though I have no idea why)
<uvirtbot> New bug: #521815 in mysql-cluster-7.0 (universe) "breaks all builds requiring libmysqlclient-dev" [Critical,Fix released] https://launchpad.net/bugs/521815
<jdstrand> kirkland: hey, fyi on backscroll starting with '14:51 < jdstrand> jiboumans: fyi, I just filed bug #522845'
<uvirtbot> Launchpad bug 522845 in libvirt "compiling with libcap-ng disallows qemu/kvm access to files not owned by root when not using AppArmor" [Undecided,Triaged] https://launchpad.net/bugs/522845
<jdstrand> kirkland: can you also let ttx know in case I forget?
<kirkland> jdstrand: let ttx know what exactly?
<kirkland> jdstrand: that you filed the bug?
<jdstrand> heh
<jdstrand> kirkland: not that I filed it per se, but there is a potential problem, as reported in the bug :)
<kirkland> jdstrand: okay
<kirkland> jdstrand: i subscribed him to the bug
<jdstrand> kirkland: I really don't know what is going on the lxc and don't know what kind of priority (if any) this will have for you guys
 * jdstrand should have thought of that
<jdstrand> kirkland: thanks
<kirkland> jdstrand: np
<genii> ompaul isn't helping much
 * genii grumbles about wrong channels
<jdstrand> kirkland: say, have you done much with kvm-autotest?
<kirkland> jdstrand: sadly, no
<kirkland> jdstrand: i'm familiar with it
<jdstrand> kirkland: yeah, me either...
<kirkland> jdstrand: i watch/follow the threads about it
<kirkland> jdstrand: soren's presentation was interesting
<jdstrand> kirkland: do you know if an iso is *required* to be used with it?
<jdstrand> kirkland: it was indeed!
<kirkland> jdstrand: i'm pretty sure it's not required
<jdstrand> kirkland: cool, thanks
 * jdstrand sees what he can do with it...
<ebartilson> hello, I have a quick problem, I have a server computer at work, when I go to install ubuntu ( any iteration)  when i click install only a dialog box appears
<ebartilson> I believe the computer is not letting the CD load to RAM
<ebartilson> any help?
<sherr> Click Install? Is this an "install" icon on the desktop - off a live CD?
<usuario_> my usb wont mount any advices
<usuario_> advice
<Th0th> hello everyone
<Th0th> I have a server that recently started freezing on me, first the mysql daemon mysteriously died one day, now the thing is freezing intermittently anywhere from 1.5 hours to 15 hours after boot, on the actual monitor hooked up to the server it usually says something about one of my deamon processes hanging (java, apache2, or mysql usually)
<Th0th> any guesses to my problem?  I updated everything and no recent changes to my setup to precipitate this, all partitions have plenty of free space, so I'm thinking hardware like memory or cpu
<twb> Th0th: did you check the logs?
<twb> Th0th: did you check dmesg?
#ubuntu-server 2010-02-17
<twb> Th0th: did you run a memtest86+ overnight?
<sport> Does anyone have a cron script that monitors software RAID 1 they can share?
<lifeless> doesn't mdadm do that automatically now?
<twb> lifeless: FSVO mdadm = the kernel, yes.
<twb> Whether it propagates to the sysadmin as an email, I don't know...
<Th0th> twb: ya logs have the messages about hanging processes, dmesg shows nothing strange on startup, and no on memtest, its my main server in my closet, just ordered two blades from geeks.com but right now I'm caught with my pants down (removed one ram chip to see if that helps, if not swap)
<Th0th> right now I'm migrating my full network setup to a shiva plug, lol
<Th0th> dns, email, www, funny thing is I stress tested it for this like 2 months ago, and the shiva plug pulls its weight
<twb> Well, it IS a full GHz unit
<Th0th> ya and 512 of ram
<twb> You don't need anything more than a Pentium III for a typical SOHO "do everything" host
<Th0th> my first server was dell optiplex gx1 266mhz with 128mb ram
<Th0th> I am running around 20 domains, but only about 80kbs consistent traffic
<Th0th> so anyone see processes just start to hang like that?
<uvirtbot> New bug: #522819 in openssh (main) "Loosing connections with "Connection reset by peer" message" [Undecided,New] https://launchpad.net/bugs/522819
<MTecknology> If I deleted one drive that is part of an LVM, what are the chances I can get data back on the remaining piece of the volume?
<twb> MTecknology: "deleted" as in you pulled it out of the case and jumped up and down on the drive?
<MTecknology> twb: pretty much
<twb> You've lost everything that was on that drive.
<twb> Whether that's half the filesystem, or stripes of the filesystem, or none of the filesystem, depends on the layout of extents.
<mdeslaur> zul: fyi, I'm merging samba from unstable, as it takes away the setuid bit from mount.cifs
<MTecknology> twb: hm?
<lifeless> MTecknology: it depends on the lvm configuration in essense
<twb> There's an lvdisplay invocation that tells you where each LV lives on disk
<lifeless> MTecknology: if it was a raid member, then the pv being gone shouldn't matter much; if the fs was just extended onto a lv extent on the pv on the drive, then imagine you took a regular disk and use a knife on 1/2 the sectors onthe drive
<twb> Ah, lvdisplay --maps
<MTecknology> alrighty - so it's dead and gone
 * MTecknology fights to get into backup server which now hates me
<zul> mdeslaur: cool beans
<twb> Anyone have an opinion on using CF cards instead of SATA disks for a rackmount router running 10.04?
<MTecknology> twb: my only opinion is that I generally use BSD for routers :P
<twb> Probably using md RAID1 between two of them to avoid a SPOF on one disk
<smoser> kirkland, around?
<kirkland> smoser: only a little
<smoser> take a read of https://bugs.launchpad.net/ubuntu/+source/python-boto/+bug/520707
<uvirtbot> Launchpad bug 520707 in python-boto "euca-describe-snapshots invalid literal for int() with base 10" [High,Triaged]
<smoser> i dont know whwere you got the patch that you applied in the linked revision, or if it will remain, but thats where the regression came from.
<smoser> no hurry, but wondering what your thoughts on fixing this are.
<cef> oh fun. if the ethernet interface is not 'up' when a kvm guest that uses bridging comes up, the guest seems to crash when the enternet interface does come up. :(
 * cef goes to snoop around more to see if this really is the culprit
<lifeless> cef: perhaps it is stuck doing dhcp?
<cef> lifeless: static assignment.. but it is plugged into a cheap-arse router.. it's ethernet link it seems
<cef> just turned up libvirt's log, and about to reboot. ONLY seems to happen on reboot.
<cef> (of the server, not the guest
<MTecknology> Any ideas why I'm not able to use a shared key to log into one of my servers? It works perfect everywhere else except on this one system
<jmarsden> MTecknology: Most likely permissions, read /var/log/auth on that server for ideas, also try ssh -v -v user@thatmachine.com and see what it says.
<Roxyhart0> hi how i can force (samba) that thje users in the folder will be %u ?
<MTecknology> jmarsden: this is the only thing that stands out - Feb 16 20:14:19 pessum sshd[14253]: Error attempting to add filename encryption key to user session keyring; rc = [1]
<jmarsden> Hmmm.  That's one I've not seen before... have you tried googling for it?
<jmarsden> MTecknology: Looks like there are some Ubuntu big reports related to that... are you using encryptfs ?
<jmarsden> s/big/bug/
<MTecknology> jmarsden: ya
<jmarsden> OK... so check Ubuntu bugs 358906 361984 495143 and 433024   and see if they help you out.
<uvirtbot> Launchpad bug 358906 in linux "Wireless driver ath5k no longer being loaded." [Undecided,Invalid] https://launchpad.net/bugs/358906
<jmarsden> Make that 358096
<MTecknology> jmarsden: nothing useful for me there :(
<jmarsden> MTecknology: can you turn off the encrypted home directory thing for your account and retry, or test with an account that does not have the encryoted home dir stuff enabled?
<MTecknology> jmarsden: how can I just get rid of ecruptfs?
<jmarsden> I don't know, it's not something I have used.  Why did you enable it if you did not need/want/understand it?
<MTecknology> I didn't mean to pick encrypted home dir actually
<jmarsden> MTecknology: If it is only that one user which has the encrypted home dir, you can probably copy all their files somewhere else, delete the user, create the user again, put their files back... there is likely to be a better way, but that ought to work :)
<MTecknology> alrighty, thanks
<jmarsden> If you need to you can note the current user's uid and insist the new user uses the same uid ...
<jmarsden> You're welcome.  Now I need to go eat... :)
<cef> ok... how do I tell libvirt to start later than it does? The first guest fails to start, which hangs things for about 30 secs, then the rest of the guests start fine.*sigh*
<kirkland> smoser: poke me tomorrow about it
<cef> libvirt-bin - does it have the correct dependencies in the init script? I've had to add a 'sleep 5' to the start of the script to get all vm's to reliability start at boot (marked autostart).
<Roxyhart0> ah also i have this problem  * BUG 6673: Fix 'smbpasswd' with "unix password sync = yes". that is not too relevant at the moment
<uvirtbot> Launchpad bug 6673 in wmfire "wmfire: merge new debian version" [Medium,Fix released] https://launchpad.net/bugs/6673
<cef> ahh the wonders of fast machines. *sigh*
 * cef pokes at #495394 with a pointed stick
<twb> I know there are a few libvirt weenies in here.  I have a scratch Sid host I want to play with to learn about libvirt.  Which introductory text should I be reading?
<twb> My plan is to start with the current ubuntu server admin guide
<twb> Grr, and the tinyurl in /topic is still broken
<linshine> using karmic -- i don't get updates available printed upon ssh login on 1 PC, but i do on another. same exact setup. anyone help?
<twb> linshine: that's just some hokey thing writing to /etc/issue
<jmarsden> lansdcape-sysinfo
<jmarsden> landscape-sysinfo
<twb> Bah.  Flipping landscape
<twb> jmarsden: does it also annoy users who don't have sudo?
<jmarsden> linshine: Check that the contents of /etc/apt/ are the same on both servers.  If they are, try  sudo apt-get update && sudo apt-get upgrade   on each one and if they both update, you are fine.
<jmarsden> twb: I've not tried it without having sudo... I don't think I have an account on a Ubuntu machine where I don't have sudo :)
<twb> jmarsden: I meant if I log in as a peon instead of the sysadmin
<twb> i.e. sudo -l returns "you can't do shit, yo"
<jmarsden> Right... I'll have to create myself a 'peon' account to test with :)
<twb> jmarsden: just suborn one of your real peon's accounts :P
<linshine> jmarsden: /etc/apt are identical. i know updates are fine, but still i like that motd displays when they are available. yet, on one, it never displays this message.
<twb> linshine: diff <(ssh good-host dpkg --get-selections | sort) <(ssh bad-host dpkg --get-selections | sort)
<twb> linshine: is the state of landscape-sysinfo different on the two hosts?
<linshine> twb: i'm looking for packages differences. i don't think i have landscape installed, though
<twb> linshine: that diff I just showed you will list package differences
<micahg> any samba experts around?
<KurtKraut> micahg, I belive asking such a question will make some people insecure to step in and say 'me' :P
<micahg> KurtKraut: sorry, we have a user in #ubuntu-bugs with an issue and I don't know enough to figure out if the issue was solved upstream or not
<micahg> I need someone to look at a bug and an upstream changelog to tell me if any of the bugs match
<KurtKraut> micahg, I suggest you to pastebin the conversation log and offer here the URL. So, some people that are experienced but do not consider themselves as experts may read and give you a hand.
<micahg> bug 522482
<uvirtbot> Launchpad bug 522482 in samba "Domain Members can not join to Samba DC (ubuntu 9.10). " [Undecided,New] https://launchpad.net/bugs/522482
<micahg> user mentioned this forum post: http://www.mail-archive.com/samba@lists.samba.org/msg102804.html
<micahg> and here's the samba 3.4.1 changelog: http://samba.org/samba/history/samba-3.4.1.html
<linshine> twb: sorry, took awhile, only differences were multimedia packages
<linshine> also checked sshd_conf on both and they're identical
<linshine> motd on one shows 0 packages can be updated 0 updates are security updates.
<linshine> on the other PC i don't get this message
<linshine> what controls when the scripts in /etc/update-motd.d/ are run?
<linshine> if i manually run 90-updates-available, i see the printout of 0 updates 0 security, but this doesn't get written to motd?
<linshine> is there a way to force it to write to motd?
<uvirtbot> New bug: #523036 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subproces installed post-installation script werd gedood door signaal (Interrupt)" [Undecided,New] https://launchpad.net/bugs/523036
<Roxyhart08> hi guy i got a PDC congifured...what i need to do for windows cleitn can detect this PDC as Domain Controler...i am tryng to join the windows client from the client and i got the error: DNS name doesnt exist
<Callum__> Roxyhart08: Set the IP address of the PDC as the primary DNS server
<Roxyhart08> but i dont have installed DNS in this server, is anoter one
<Roxyhart08> sorry, what do you mean...not sure if i understood
<Callum__> Roxyhart08: Set the IP address of the PDC as the primary DNS server on the TCP/IP settings of the client computer
<Sakara> Just attempted to install ubuntu server powerpc ps3 onto a ps3 console. After selecting install from the bootloaders menu a blackscreen appears and nothing happens.
<Sakara> No beeps just a black screen.
<Roxyhart08> so, my PDC must to be DNS?
<Roxyhart08> hi somebody is working with tinydns?
<Roxyhart08> im tryin to install djbdns and i got this error :initctl: Unknown job: svscanstarter
<Roxyhart08> any idea
<acalvo> Roxyhart08: https://help.ubuntu.com/9.10/serverguide/C/samba-dc.html
<Roxyhart08> samba?
<acalvo> how would you do a PDC without samba for a opensource linux server?
<Roxyhart08> i did
<Roxyhart08> my problem now is install a dns
<Roxyhart08> tinydns
<Roxyhart08> do you know how?
<acalvo> install bind
<acalvo> is easy and there are a lot of howtos
<acalvo> (my own opinion tough)
 * nijaba shares acalvo's opinion.  It is always better when you can pick a solution that is maintained by the security team. Bind9 is in main...
<hyperlinx> hi guys
<hyperlinx> hi guys
<fahadsadah> Is anyone here familiar with the internal workings of libpam-ldap?
<hyperlinx> need some help about lamp installation without WAN connections
<uvirtbot> New bug: #523086 in tomcat6 (main) "Please sync tomcat6 6.0.24-1 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/523086
<progre55> hi people! any step-by-step guides on how to create an image to use for a could system (e.g. Canonical's Landscape)?
<jiboumans> morning folks
<jiboumans> progre55: you mean 'cloud system'?
<progre55> oh, yeah :)
<progre55> jiboumans: sorry, a typo there :) yeah, cloud systems
<jiboumans> progre55: so we already publish several cloud images, so i assume you're looking to customize one?
<progre55> jiboumans: yep, a tutorial on how to create customized images would be perfect
<progre55> jiboumans: oh and the publised images you mentioned.. where can I find them? =)
<jiboumans> progre55: http://uec-images.ubuntu.com/
<progre55> jiboumans: thanks
<jiboumans> progre55: https://help.ubuntu.com/community/UEC # contains links to buildign & bundling images
<progre55> jiboumans: awesome! appreciate, man!
<jiboumans> progre55: no worries -- there's also the ubuntu-cloud list you can sign up to and ask questions #  https://lists.ubuntu.com/mailman/listinfo/ubuntu-cloud
<progre55> nice
<progre55> jiboumans: thanks man
<Roxyhart08> hi guys i got samba 3.4.0 for my ubuntu 9.10, i was recomended uodate to lucis samba version. how i can do it from ubuntu 9.10?
<uvirtbot> New bug: #523107 in krb5 (main) "Sync krb5 1.8+dfsg~alpha1-6 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/523107
<Roxyhart08> sombody know how i can install samba 3.4.5 in my ubuntu 9.10?
<Roxyhart08> hi i got a package samba.tar how i do to install it?
<uvirtbot> New bug: #523131 in mysql-dfsg-5.1 (main) "mysql command line do not accept host param" [Undecided,New] https://launchpad.net/bugs/523131
<ghostlines> hi all
<ghostlines> anyone a little experience with bacual?
<hyperlinx> how can I test whether the server is apache2 server installed on my ubuntu?
<hyperlinx> do i need a browser ?
<ghostlines> hmm I'm not sure but i think you can enter an invalid url and you will see which apache version is running
<ghostlines> or just type apache in the terminal and hit tab to autocomplete and see if you get apache or apache2
<ghostlines> most probably you have apache2 i think
<acalvo> hyperlinx: dpkg --get-selections | grep apache
<sherr> hyperlinx: dpkg -l "*apache2*"
<sherr> hyperlinx: netstat -lnpt
<mdeslaur> kirkland: do we need to merge libvirt 0.7.6, or are we staying with 0.7.5? My name is beside it on merges.ubuntu.com, but I wasn't intending to merge it...
<uvirtbot> New bug: #523188 in dhcp3 (main) "Make it possible again to let dhcp server set the client hostname" [Undecided,New] https://launchpad.net/bugs/523188
<zul> morning
<zul> mdeslaur: how did the samba merge go?
<mdeslaur> zul: okay I guess....I'm still trying to figure out a sane workflow with source format 3.0 packages...
<Daviey> zul: I started looking at doing an apport hook.  So far it's looking somewhat thin with just a reference to attach_conffiles().. not quite sure what else to add!
<zul> Daviey: it depends on the package and how far you want to go with it, if you want to look at a more complicated example then have a look at samba
<Daviey> zul: I was looking at spamassassin, considering we don't ship it in daemon mode - it made sense to just attach changed defaults confs.
<zul> Daviey: sounds cool to me
<Daviey> zul: I spotted a recent dh_apport addition.  Still working out if i should use that or install
<zul> Daviey: yeah that was added recently i would recommend you use that
<kirkland> mdeslaur: if it's a stable release, i would probably say we should, though i'll defer to jdstrand
 * jdstrand guesses we are talking about libvirt
<jdstrand> mdeslaur, kirkland: do you guys need me to do something?
<kirkland> jdstrand: do you have an opinion on merging 0.7.6 libvirt for lucid?
<kirkland> jdstrand: or stick with 0.7.5
<kirkland> jdstrand: i don't have the time or inclination to do 0.7.6 right now
<kirkland> jdstrand: mdeslaur was asking me about it
<mdeslaur> jdstrand, kirkland: I don't mind doing it, I just wasn't sure if you guys wanted to stick to 0.7.5 for some reason
<jdstrand> kirkland: my gut reaction is that there have been a lot of changes lately that I'm a little leery of, but those might have been after 0.7.6 was released
<jdstrand> kirkland, mdeslaur: I don't have time to do it at the moment
<mdeslaur> jdstrand: what kind of changes?
<jdstrand> mdeslaur: see http://libvirt.org/news.html
<jdstrand> mdeslaur: some of the security driver reworking I've not tested
<jdstrand> mdeslaur: if you want to give it a shot, the qrt test script for libvirt exercises the apparmor functionality quite well-- and the build tests test the rest of it
<mdeslaur> jdstrand: okay, let me build it and try the scripts
<mdeslaur> jdstrand: so, I need to run the qrt test script _inside_ a lucid vm?
<jdstrand> mdeslaur: yeah
<jdstrand> mdeslaur: well, you don't have to, but it is certainly safest
<jdstrand> mdeslaur: in fact, I wouldn't try to run it outside of a vm
<mdeslaur> jdstrand: ok, cool
<jdstrand> mdeslaur: see the top of the script-- it tells you what you need to do
<jdstrand> mdeslaur: feel free to update the directions as necessary
<mdeslaur> jdstrand: thanks
<jdstrand> mdeslaur: no, thank you! :)
<hshong> hi where is keyboard layout configuration file?
<smoser> mathiaz, at this point i have to believe that bug 522292 is user error
<uvirtbot> Launchpad bug 522292 in ubuntu "Lucid UEC image 20100215 unable to start on UEC" [Undecided,New] https://launchpad.net/bugs/522292
<smoser> where 'user' is quite possibly my script
<ivoks> mathiaz: ubuntu-ha PPA has all the stuff we need
<mathiaz> ivoks: ok - which one do you need sponsoring for?
<mathiaz> ivoks: ie which are not in universe for now?
<ivoks> mathiaz: corosync, openais, redhat-cluster, ocfs2-tools, lvm
<ivoks> mathiaz: and drbd
<mathiaz> ivoks: lvm: I think cjwatson was working on a merge from Debian
<ivoks> mathiaz: wasn't it kees?
<mathiaz> ivoks: someone else from the fondation team - did you sync up with them>
<mathiaz> ivoks: oh right - it was kees
<ivoks> yes, i've told him what are the plans
<ivoks> we can demote to universe after FF, right?
<ivoks> that would be needed for cman
<mathiaz> ivoks: yes
<ivoks> great
<uvirtbot> New bug: #523126 in eucalyptus "Wrong CC IP address detected by eucalyptus-ipaddr.conf" [Undecided,New] https://launchpad.net/bugs/523126
<ttx> smoser: I can fix and upload the cloudfusion one if you ack my branch
<ttx> smoser: no need for you to do another round on it
<smoser> i merged your branch
<smoser> and fixed the other 3
<ttx> ah :)
<smoser> commented tha tin the bug i think
<smoser> but maybe i forgot
<ttx> i'm out of date
<smoser> anyway, if not, its there.
<ttx> ok, will upload
<smoser> i also sent an email to the upstream guy
<smoser> asking which tarball to use
<ttx> unless marthiaz wants to have a look into them before
<ttx> or mathiaz
<ttx> smoser: he answered
<ttx> smoser: pointing to (yet another) tarball
<ttx> smoser: just update the watch file :)
<smoser> ah
<smoser> :)
<ttx> mathiaz: are you ok with the right_aws and the txaws ones ?
<ttx> i did a quick review of them
<mathiaz> ttx: right_aws seemed ok
<mathiaz> ttx: I don't remember exactly about txaws
<mathiaz> ttx: nothing scary though
<mathiaz> ttx: if you've reviewed them and you're ok with them, go ahead
<ttx> mathiaz: upload at will
<mathiaz> ttx: great - so you'll upload right_aws, txaws and cloudfusion?
<ttx> I'll upload cloudfusion
<ttx> mathiaz: you do right_aws
<ttx> and we race for txaws ?
<smoser> ttx, watch file updated and pushed
 * ttx pauses for a bit to give mathiaz a head start
<smoser> ttx, mathiaz thank you.
<smoser> mathiaz, at some point... (later), can you help me sort out https://code.launchpad.net/cloud-init with https://code.launchpad.net/ubuntu/+source/cloud-init
<smoser> ideally (at least i think) i want to have all history in the packaging branches
<smoser> but at minimal i want some common ancestry so i can merge :)
<smoser> oh, but wait, maybe i'm not suppoed to merge... anyway, some point i'd like some of your time.
<ttx> smoser: hmm, that tarball Ryan pointed us to is quite empty
<ttx> I question their release process.
<ttx> i'll fire up an email to him
<smoser> gah.
<smoser> ttx, thank you.
<ivoks_doing_mirs> please act on bug 521373 :)
<uvirtbot> Launchpad bug 521373 in libtest-script-perl "Please merge libtest-script-perl (1.07-1) from Debian unstable" [Undecided,New] https://launchpad.net/bugs/521373
<ivoks_doing_mirs> and i promise, after LTS i'll sing up for core dev :)
<ivoks_doing_mirs> sign even :D
<ivoks_doing_mirs> kirkland: ping
<kirkland> ivoks_doing_mirs: yo
<ivoks> kirkland: you are in ubuntu-archive, right?
<kirkland> ivoks: yup
<ttx> kirkland: don't answer, sounds like a trick
<ttx> too late
<ivoks> kirkland: could you help me on pushing new packages to universe?
<kirkland> ivoks: possibly
<ivoks> or is there a procedure that i have to figure out and work on it and then get frustrated? :)
<kirkland> ivoks: how many are we talking about?
<ivoks> kirkland: 2
<kirkland> ivoks: are they clean?
<ttx> ivoks: on bug 521373... you mean "sync" ?
<uvirtbot> Launchpad bug 521373 in libtest-script-perl "Please merge libtest-script-perl (1.07-1) from Debian unstable" [Undecided,New] https://launchpad.net/bugs/521373
<ivoks> ttx: for sync, mir for one package is needed first
<ttx> (or it's missing a patch ?)
<ivoks> kirkland: clean?
<kirkland> ivoks: easy, small, straightforward?
<ivoks> ttx: there's a package in main (libtest-script-perl) that depends on package in universe
<ivoks> kirkland: not that small, but most of the files in those are already in universe
<ttx> ivoks: I'm not sure I get what you are asking help with ?
<ivoks> kirkland: heartbeat was split into: heartbeat, cluster-glue and cluster-agents
<ivoks> kirkland: to get new heartbeat, i need cluster-glue and cluster-agents (which depends on cluster-glue)
<ttx> ivoks: want someone to actually work on the merge ?
<ttx> (there is nothing to upload in that bug)
<ivoks> ok, so here is the thing
<ivoks> one package in universe build-depends on newer version of libtest-script-perl
<ivoks> new version of libtest-script-perl it build-depends on package from universe too
<ivoks> but libtest-script-perl is in main
<ivoks> so to get libtest-script-perl in shape, we need to sync newer version from debian + move to main one package from universe
<ttx> ok, so the bug is a sync bug, not a merge like the title implies, and it's blocked
<ivoks> right, a sync
<ivoks> sorry about the merge stuff
<ttx> ivoks: ok, makes sense now
<ttx> will fix it
<ivoks> thanks
<smoser> kirkland, if you (or anyone else) is/are sitting around doing nothing, and want to sponsor a python-boto upload
<smoser> https://bugs.launchpad.net/boto/+bug/520707
<uvirtbot> Launchpad bug 520707 in python-boto "euca-describe-snapshots invalid literal for int() with base 10" [High,Triaged]
<RoAkSoAx> ivoks, there's no MIR for libtest-simple-perl right? Since it is Build-Depends-Indep for libtest-warn-perl.
<RoAkSoAx> and libtest-simple-perl is in universe
<ivoks> eh, let me check
<ttx> ivoks: about bug 521373 again... 1.07-1 is already in lucid
<uvirtbot> Launchpad bug 521373 in libtest-script-perl "Please merge libtest-script-perl (1.07-1) from Debian unstable" [Undecided,New] https://launchpad.net/bugs/521373
<ivoks> ttx: oh
<ivoks> ttx: but it can't be built :)
<ttx> ivoks: right :)
<ttx> I can close that bug, I suppose
<ivoks> ok
<kirkland> smoser: tied up at the moment
<ivoks> RoAkSoAx: checking...
<smoser> yeah, i thought so. is not a feature, so it goes for "later"
<smoser> but i would like to ask that it be addressed by alpha3
<ttx> smoser: targeted to alpha3, so it won't be lost
<smoser> i just did the same.
<smoser> if you can follow my comments in the bug, its quite straightforward and patch taken upstream
<smoser> so it shoudl be very simple
<ttx> smoser: you need to target to release: Lucid when you do that
<smoser> ah
<ttx> and ask someone (me) to ack the nomination*
<smoser> hm... wonder where else i've not done that
<ttx> that's a UI glitch
<smoser> that seems silly that you have to do that
<smoser> yeah
<smoser> and that it allows you to if its not right
<ttx> for some readon it fails to appear in release team buglists if you don't
<ttx> you aren't the first one to fall in that hole
<ivoks> RoAkSoAx: hm...
<ivoks> RoAkSoAx: perl-modules provides that
<ivoks> RoAkSoAx: package builds and installs, but i have no libtest-simple-perl installed
<ivoks> RoAkSoAx: yeah, perl-modules provides it
<ivoks> RoAkSoAx: no mir for that
<RoAkSoAx> ivoks, even though it is listed as Build-Depends-Indep and in Depends?
<ivoks> RoAkSoAx: that's right, cause perl-modules package provides it
<ivoks> RoAkSoAx: if you install perl-modules, you'll have libtest-simple-perl
<RoAkSoAx> ivoks, ok so I'll just put in the MIR description that the dependency is provided by perl-modules
<ivoks> or all deps in main
<RoAkSoAx> ivoks, or something like: 6. Dependencies: Some in main, some in universe. Related MIRs:
<RoAkSoAx> libtree-dagnode-perl: bug 523257
<RoAkSoAx> libtest-simple-perl: Even thought it is in universe, it is provided by perl-modules.
<uvirtbot> Launchpad bug 523257 in libtree-dagnode-perl "[MIR] libtree-dagnode-perl" [Undecided,New] https://launchpad.net/bugs/523257
<ivoks> RoAkSoAx: perl-modules contain perl modules that are also contained in libtest-simple-perl
<ttx> mathiaz: i'm on txaws
<ivoks> RoAkSoAx: having those both is pointless
<ivoks> RoAkSoAx: that's why perl-modules 'meta provides' that package
<RoAkSoAx> ivoks, ok
<ivoks> it's like firefox and chromium
<ivoks> both provide browser package
<ivoks> or lighttpd and apache
<ivoks> or postfix and exim
<ivoks> etc
<RoAkSoAx> ok
<RoAkSoAx> kirkland, In kvm, if I for example setup several subnetworks for the vm's using a single bridged interface (eth0), would this VM's be able to ping between themselves (in the same network) and able to do NAT, to VM's that use the same bridge?
<RoAkSoAx> even thought if there's no cable connected to eth0
<ivoks> let's all say kirkland at the same time :)
<kirkland> RoAkSoAx: internal network, yes, they should
<ttx> smoser, mathiaz, kirkland: txaws uploaded, waiting in NEW
<mathiaz> ttx: great thanks!
<smoser> thank you
<mathiaz> ttx: I'm reviewing right_aws
<ttx> cloudfusion blocked on upstream pointing us to a sensible source tarball
 * smoser hurridly writes a query tool and accompaning motd hook.
<RoAkSoAx> kirkland, ok ;)
<ttx> mathiaz, smoser: work items updated
<kirkland> ttx: zul: could one of you sponsor smoser's boto fix?
<zul> kirkland: sure
<zul> where is it?
<RoAkSoAx> ivoks, do you have HW to test the loadbalancing part, since my VM loadbalancers don't loadbalance and I do not know if it's becausem Im using VM's or if it's because of ipvsadm or packet forwarding problem
 * ttx will stop now and be back later to upload cloudfusion in case we get an answer from upstream
<ivoks> RoAkSoAx: no at the moment, but it should work in VMs
<ttx> smoser: what would you suggest as a fallback mechanism ? The zip file seems the most complete release media...
<RoAkSoAx> ivoks, ok so I'll guess we can work that up later. And that's what I think, it should work in the VM's. I get keepalived to do failover, and track the real servers, but ipvsadm keeps rejecting connections in the VIP... i just need to figure out if its keepalived nat implementation, or ipvsadm itself... or even packet forwarding is not working
<ivoks> RoAkSoAx: we can get keepalived sorted later
<RoAkSoAx> ivoks, yeah... anyways.. I gotta run... there are some MIRs left :)
<zul> smoser: url for boto fix?
<mdeslaur> kirkland: fyi, new libvirt has broken apparmor support, so it won't get merged for FF
<smoser> is there not a linked branch?
<kirkland> mdeslaur: okay
<kirkland> mdeslaur: thanks for trying
<mdeslaur> np
 * ttx afk &
<smoser> zul, bug 520707 . linked branch there.
<uvirtbot> Launchpad bug 520707 in python-boto "euca-describe-snapshots invalid literal for int() with base 10" [High,Triaged] https://launchpad.net/bugs/520707
<smoser> ttx, i guess the zip makes the most sense. as otherwise we wont have those libraries around.
<ivoks> RoAkSoAx: ok
<greybrimstone> Hi guys, I am trying to configure apache2 with mod_proxy and modsecurity2, and it needs to connect to a bacend IBM WebSphere java server... where is mod ajp?
<smoser> also, it would seem to me that "getcloudfusion.com" would be a sensible release location.
<ttx> smoser: heh
<RoAkSoAx> ivoks, ok then. Im off. later :)
<ttx> smoser: needs repackaging and doesn't have the README.textile, so I need to remove that from the build, but that's about it
<greybrimstone> Anyone here know what the hell happened to AJP?
<greybrimstone> Don't I need it for this reverse proxy configuration
<ttx> smoser: will do that if we don't have a better candidate in 3 hours
<greybrimstone> So this an't be possible, nobody here had any idea how to setup a reverse proxy in ubuntu with mod_proxy, mod_security and mod_ajp (which no longer seems to exist).
<ivoks> http://launchpadlibrarian.net/39307692/buildlog_ubuntu-lucid-amd64.corosync_1.2.0-0ubuntu1_CHROOTWAIT.txt.gz
<ivoks> awesome
<mathiaz> smoser: right_aws uploaded to the archive
<smoser> i see. thanks.
<mathiaz> kirkland: right_aws should be in the NEW queue
<mathiaz> smoser: also the two packages I've sponsored aren't attributed to you because I changed the changelog entry
<mathiaz> smoser: the reason for doing is because I made some changes to your proposal
<mathiaz> smoser: I'd only sign a package if there aren't any changes made to the proposal
<mathiaz> smoser: and then the upload would be attributed to the sponsored rather than the sponsor
<mathiaz> smoser: the goal here is to first get the packages in the archive
<mathiaz> smoser: and second to get you to learn packaging and suggestions along the way
<smoser> oh, no, mathiaz, i see through you, you're a glory hungry coder, trying to take credit for all my work
<smoser> :)
<smoser> but once i look past that, i'm ok with it
<mathiaz> smoser: great! ;)
<mathiaz> smoser: allright - let's tackle the cloud-init upload
<smoser> that is done.
<smoser> zul did it.
<mathiaz> smoser: oh - I see now.
<freopen> Can iptables lose packets on a weak machine? Why it happens?
<mathiaz> smoser: we can look into stiching all the bzr branches later then
<smoser> yes. later.
<smoser> now i race on cloud-utils query tool
<freopen> I ping server and all ok. I ping internet from server and all ok. But i ping internet from my machine and i see lost packets
<freopen> On my server iptables does MASQUERADE on packets from wlan0 to ppp0
<freopen> and check mac address
<SockPants> hi all
<SockPants> i'm trying to configure apache to block all subdirectories of /var/www/todo apart from images/ and . itself, but it's not working so far. i have this: http://pastebin.com/m17fe8848
<zul> smoser/kirkland: done
<kirkland> zul: thanks, you da man
<SockPants> as you can see i'm missing the regex on line 11, i don't know what to put
<greybrimstone> Where did mod_ajp go for apache2?
<greybrimstone> sbeattie: what do I use to proxy to an IBM WebSphere server in ubuntu with mod proxy http
<greybrimstone> I wanted mod ajp
<Pici> greybrimstone: libapache2-mod-jk2 looks like it might be able to do what you want, but thats just from the package description.  I don't know anything about websphere or ajp.
 * zul lunches
<greybrimstone> Pici awesome, so that will enable me to connect to a back-end java server basically?
<greybrimstone> wow did I ever spell that wrong
<greybrimstone> Pici, by the way, thank you for the help man... I do really appreciate it.
<Kaushal> hi
<Kaushal> I have Dell Poweredge 1950 server with SAS 6iR intergrated RAID controller.
<Kaushal> does anyone know of any drivers that will
<Kaushal> work with Ubuntu Linux 8.04 Server (Hardy) ?
<Kaushal> Please suggest
<ivoks> it doesn't work out of the box?
<sherr> Kaushal: what does /var/log/syslog see + lspci
<Kaushal> sherr, I am trying to load 8.04 LTS on this Dell Server
<sherr> Kaushal: Poweredge forums : http://lists.us.dell.com/pipermail/linux-poweredge/
<Kaushal> it doesnot allow me to load
<ivoks> it doesn't load? at what stage?
<ivoks> disk partitioning?
<ivoks> are you using 8.04 or 8.04.4?
<Kaushal> ivoks, disk partitioning yes
<Kaushal> it says root device not found
<Kaushal> I am using 8.04 and not 8.04.4
<ichat> where to mount my diskspace if i want to build a print/file server with ebox
<ivoks> http://webapps.ubuntu.com/certification/hardware/200804-264/
<ivoks> Kaushal: ^^
<greybrimstone> ls
<greybrimstone> er
<greybrimstone> lol
<Kaushal> ivoks, so it wont work for Hardy 8.04.4 either ?
<SockPants> anyone want to help me figure out an apache config problem?
<ivoks> Kaushal: it should work with 8.04
<ivoks> Kaushal: are you using network install or cd install?
<Kaushal> both
<ivoks> Kaushal: net install won't work
<ivoks> Kaushal: for net install you need latest environment
<ivoks> Kaushal: so, update your net install to 8.04.4
<ivoks> Kaushal: installer can't find modules on net cause kernel that it uses is obsolete
<ivoks> i'm quite sure dell raid controlers work with 8.04
<ivoks> i have couple of those
<Kaushal> so i have to use CD install ?
<ivoks> i had simillar issue with 3ware controler
<ivoks> Kaushal: use latest 8.04.4 cd install or latest 8.04.4 net install
<Kaushal> which has 8.04.4 image
<Kaushal> cool will try it out
<Kaushal> so it wont work with 8.04 ?
<Kaushal> am i understanding you corectly ?
<ivoks> no if you are using net install
<ivoks> but it should with cd install
<Kaushal> ivoks, it did not worked with CD install having image 8.04
<ivoks> Kaushal: try with 8.04.4
<ivoks> and let me know where exactly does it fail
<Kaushal> ivoks, sure and Thanks
<ivoks> not finding root means that it did partitioning already
<ivoks> but you haven't selected /
<Kaushal> any specific reason why it would not work on 8.04
<Kaushal> is it due to old kernel ?
<Kaushal> ivoks, got it  installer can't find modules on net cause kernel that it uses is obsolete
<Kaushal> right ?
<ivoks> Kaushal: right
<ivoks> Kaushal: grab latest 8.04 (8.04.4) and try with that
<Kaushal> sure
<ivoks> update net install to use 8.04.4
<Kaushal> ivoks, so net install is also pxe server too ?
<Kaushal> right
<Kaushal> I mean other name for net install
<ivoks> yes
<ivoks> i guess you used pxe boot doc from net
<ivoks> https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install
<ivoks> this one
<ivoks> this one works
<ivoks> cause it uses 'current' in link
<Kaushal> ivoks, Thanks
<mathiaz> zul: hi - do you still need to write up a wiki page for the MIR process?
<zul> mathiaz: nope
<ivoks> argh
<mathiaz> kees: jdstrand: mdeslaur: http://people.canonical.com/~ubuntu-security/cve/universe-all.html doesn't exist anymore
<mdeslaur> mathiaz: are you looking for http://people.canonical.com/~ubuntu-security/cve/universe.html
<mathiaz> kees: I'm looking at the security section of  https://wiki.ubuntu.com/UbuntuMainInclusionRequirements wiki page
<jdstrand> mathiaz: http://people.canonical.com/~ubuntu-security/cve/universe.html
 * mathiaz updates the wiki page
<mathiaz> mdeslaur: and for the secunia site, it seems that http://secunia.com/advisories/search/ is the correct url
<mdeslaur> mathiaz: cool, thanks for updating that
<mathiaz> mdeslaur: http://cve.mitre.org/cve/
<mathiaz> mdeslaur: there are two links to search ui
<mathiaz> mdeslaur: which one should be used?
<mathiaz> mdeslaur: # CVE Search on NVD or # Search Master Copy of CVE ?
<mdeslaur> mathiaz: I'd use the NVD
<mathiaz> kees: I'm writting up a MIR for libpam-ccreds - there's a suid binary in there
<mathiaz> kees: IIUC that would require a more thorough security review
<kees> mathiaz: ok, noted.
<ivoks> kick me
<ivoks> i was a fool
<ivoks> kirkland: if you haven't already, decline cluster-glue and cluster-agents
<kirkland> ivoks: doh
<kirkland> ivoks: okay, why?
<ivoks> kirkland: hard coded deps on bunch of unneeeded stuff
<kirkland> k
<kirkland> ivoks: done
<ivoks> kirkland: thanks
<smoser> ttx, the 4th cloudfusion 2.5.0 was delivered to your inbox
<smoser> going simply from the file list it looks like what we'd want.
<ttx> smoser: hmmm, right. However that's hardly what I would call an official source tarball
<smoser> yeah
<ttx> I'll go for te one in getcloudfusion
<smoser> i think requesting him to place that somewhere "official like" would be good.
<ttx> they should sort that out
<smoser> i dont think its any less official than the one he sent earlier
<ttx> heh
<ivoks> kirkland: cluster-glue that i just uploaded is ok
<smoser> ttx, thank you for doing this.
<ttx> smoser: I don't have time for a new roundtrip with him
<smoser> yeah. i agree.
 * ttx grumbles
<ttx> smoser: we can fix that afterwards
<ttx> i'll just use the getcloudfusion zipfile
<ttx> hrrrm
<jdstrand> mdeslaur: thanks for the virt-manager merge-- the scaling it can do is pretty cool
<jdstrand> (yes, I am just now playing with it :)
<mdeslaur> jdstrand: yeah, it's cool
<AdamDV> Whats the benifit of private cloud computing?
<AdamDV> Is it like server clustering?
<KurtKraut> AdamDV, the benefit of a private cloud is: being private. you own all the hardware it runs on.
<KurtKraut> AdamDV, the other options would be hiring a company to run your virtual servers for you on their equipament, on their datacenter.
<AdamDV> Okay, whats the benifit of cloud computing in general?
<AdamDV> KurtKraut: Is it like, distributed processing, something like a server cluster?
<KurtKraut> AdamDV, not at all.
<AdamDV> Whats the purpose then? High Availability? or?
<KurtKraut> AdamDV, High Availability would reside in the cluster concept too. And I don't see 'cloud computing' as a cluster.
<AdamDV> Whats the purpose then? Google has been unnhelpful.
<KurtKraut> AdamDV, it is just several virtual servers running on real physical servers.
<AdamDV> So, that would be something like a VPS?
<_ruben> cloud computing isnt much more then 2009/2010's buzz word in my book
<KurtKraut> AdamDV, exactly.
<AdamDV> I see
<_ruben> virtualization + a bit of easy provisioning
<AdamDV> Yea, I understand now.
<ivoks> cloud + HA = awesome
<ivoks> where your images are on high availability storage and your nodes do the hard work
<_ruben> ivoks: still doesnt sound cloudy to me really ;)
<AdamDV> ivoks: ?
<AdamDV> Heh
<AdamDV> I never got the high availability setup, I should look into that.
<ttx> smoser: cloudfusion uploaded, based on the latest ZIP
<ivoks> _ruben: it's to cloudy :D
<smoser> thank you again, ttx
<_ruben> ivoks: probably ;)
<ttx> smoser: they should really get a clue on what "releasing" means
<ivoks> i was at the conference
<ivoks> wher one guy was giving a talk about cloud computing
<ivoks> and all he really said is 'look, we have a web service, you can access it from anywhere, therefor it's a cloud'
<_ruben> haha
<ivoks> of course, it doesn't scale
<ivoks> and i don't thing they even have fail over if server dies
<ivoks> but, you can sell anything with 'cloud' today
<ivoks> s/thing/think/
<_ruben> basicly all that cloud computing offers over "classic" virtualization is a nice abstraction layer for easy provisioning and not really having to deal with individual host systems
<_ruben> which, depending on the environment, are features possibly already being offered by other systems
<AdamDV> _ruben: Define abstraction layer.
<ivoks> _ruben: what's cool with clouding is that resources scale on demand
<ivoks> _ruben: at least, they should
<ivoks> awesome time for PPAs to die
<DrNick_> 'elastisity' is the buzzword.
<RoAkSoAx> ivoks, cant upload?
<ivoks> RoAkSoAx: chroot dies
<tbc> AdamDV: have you looked at Ubuntu's cloud page on the Web?
<AdamDV> No?
<AdamDV> Link?
<tbc> http://www.ubuntu.com/cloud
<tbc> I think Simon's definition works.
<tbc> AdamDV: here's more http://www.ubuntu.com/cloud/why-ubuntu
<AdamDV> Thanks
<AdamDV> Reading now
<AdamDV> Hmmm
<AdamDV> So if I understand it.
<AdamDV> Cloud computing is like "Okay, we need another server for the next 2 days"
<AdamDV> *runs command, boots vps through xen*
<AdamDV> "Done"
<AdamDV> Whereas virtualization is just having VPS's in the first place.
<AdamDV> And cloud computing is like copy pasting a virtual harddrive, something like that?
<AdamDV> Its scalable virtual computing?
<AdamDV> tbc: Something like that?
<tbc> AdamDV: Sorry. my IRC connection got reset. I say "something like that" just now, but missed anything else you may have written in past 10 minutes.
<tbc> s/I say/I saw/
<AdamDV> tbc: http://pastebin.com/m49885da3
 * tbc reads and thinks...
<tbc> AdamDV: i think you're on the right track. Some things I would tweak...
<AdamDV> such as?
<tbc> One key element of the concept of cloud is that you won't care about the underlying infrastructure anymore.
<tbc> Whether private or public, you're abstracting away from the idea of individual servers and separate storage.
<tbc> When you talk about a cloud, that is.
<AdamDV> so, instead of being like "I have 3 Quad Core Xeon Dedi's"
<AdamDV> its "I have the power I need"
<tbc> That's how I see it.
<AdamDV> And, your site scales up and down automatically.
<AdamDV> ?
<tbc> Yes.
<AdamDV> I see
<AdamDV> Useful.
<tbc> You'll get different answers from different people.
<AdamDV> Yea
<AdamDV> But, now, how does this all work?
<tbc> The concept is still too new to pin down. But I think Ubuntu is on the right track. Eucalyptus is a key technology to watch.
<tbc> Amazon created an API. That's a good place to start.
<AdamDV> I guess Eucalyptus detects things like apache is slowing down, and automatically provisions a new vps and boots it, or...?
<AdamDV> Ah
<tbc> Excellent question. I don't know the features well enough to say.
<tbc> But I think it should.
<tbc> A cloud should be proactive.
<AdamDV> I see
<AdamDV> cool
<AdamDV> Well, I don't think I'm going to adopt just yet
<AdamDV> I prefer my own homebrew solution with a couple linodes.
<tbc> In a cloud, the system should alert you that it might be a good idea to migrate some guests and power down some physical servers that aren't being used, for example. People might eventually configure stuff like that to happen automatically. I think some already do.
<tbc> AdamDV: if all you need is a couple linodes, then cloud is definitely overkill.
<tbc> A private cloud might make sense for a big chunk of an enterprise, and public clouds promise to scale to the Internet. Thus Amazon's involvement.
<AdamDV> By "couple of linodes"
<tbc> Economies of scale start to kick in.
<AdamDV> I mean around 20 360's.
<AdamDV> And a couple dedis from the planet.
<AdamDV> ;)
<tbc> *nod*
<AdamDV> Working on starting something of a web hosting company, using a bunch of home brew software which will be sold.
<tbc> Ah.
<AdamDV> Pondering the great Red Hat vs Debian vs Ubuntu
<tbc> understood
 * tbc finds http://www.linode.com/ after googling just now
<AdamDV> Yea
<tbc> Looks like a competitor. ;)
<AdamDV> They will be ;)
<AdamDV> But, I'm mainly shared hosting.
<AdamDV> VPS is no fun to start with.
<AdamDV> Haha
<tbc> I know the folks at http://tummy.com/ FWIW.
<AdamDV> Working with a team of people to develop something like cPanel, something like MyBB, a collaboration suite, social network, and something of an operating system.
<AdamDV> Heh
 * AdamDV clicks
<AdamDV> Hmmm
<AdamDV> NIce :D
<AdamDV> Seems proftiable
<AdamDV> *profitable
<tbc> I assume so. They've been at it since 1993.
<AdamDV> wow
<AdamDV> that was before I was born. haha.
<tbc> *chuckle*
 * AdamDV adds #ubuntu-server to autojoin
 * tbc visits http://www.theplanet.com/ to see what AdamDV was talking about
<AdamDV> tbc: Datacenter in Dallas
<AdamDV> Cheap and Reliable dedicated servers.
<tbc> *nod*
<AdamDV> ubuntu.com needs a softer favicons
<AdamDV> *favicon
 * AdamDV cant type today, it seems
<KurtKraut> If you live outside U.S., ThePlanet isn't reliable.
<AdamDV> KurtKraut: Why not?
<AdamDV> I'm in Canada.
<AdamDV> Havent had a problem.
<jpds> AdamDV: softer?
<AdamDV> Been with them for 3 years.
<KurtKraut> AdamDV, they abuse on foreign clients because we can't sue them.
<AdamDV> jpds: http://ubuntuforums.org/favicon.ico
<AdamDV> KurtKraut: I haven't had a problem so far.
<AdamDV> But, I was considering SoftLayer
<KurtKraut> AdamDV, I've met dozens of companies in Brazil that were just kicked on from ThePlanet because they 'complained to much'. And they didn't returned the money paid nor the files hosted.
<AdamDV> Well that seems unjust.
<AdamDV> But, they're cheap.
<KurtKraut> AdamDV, another thing is: they lie. They don't offer truly dedicated servers. Some of them are virtualized.
<AdamDV> That, I am aware of.
<KurtKraut> AdamDV, a very big client of them in Brazil is a friend of mine. He went to US to visit ThePlanet and other datacenters. He said: 'I want to see all servers I purchased from you.' They showed only the Windows Servers and refused without explanations to show the Linux servers.
<AdamDV> Heh
<AdamDV> Anyone know of an alternative Cheap, Reliable dedicated server hosting company?
<ivoks> mine :D
<ivoks> that was a joke :D
<AdamDV> ivoks: Link me :P
<tbc> AdamDV: have a look at tummy.com for hosting.
 * AdamDV studies site more
<blistov> Anyone know why open-vm-tools under 9.04 or 9.10 server, don't actually work under esx(i)3.5 or later?
<blistov> (Vmware says the VMwaretools state is "unmanaged".
<blistov> Been wondering this for months.
<blistov> Its about time I finally track down an answer.
<Karamon> Hello, how do I change the way a program starts?  I would like to add the -4 tag to BIND when it starts, but don't know where to look.
<tbc> Karamon: have a look at contents of /etc/init.d directory and related docs.
<thafreak> does anyone know if there are any tutorials or howtos on setting up CLVM?
<uvirtbot> New bug: #520389 in apache2 (main) "package gnome-user-share 2.28.0-0ubuntu1 failed to install/upgrade: AbhÃ¤ngigkeitsprobleme - lasse es unkonfiguriert" [Undecided,New] https://launchpad.net/bugs/520389
<smoser> mathiaz, did you upload for https://bugs.launchpad.net/ubuntu/+bug/521006
<uvirtbot> Launchpad bug 521006 in ubuntu "[needs-packaging] right_http_connection" [Medium,Fix released]
<smoser> its already in
<ttx> smoser: how is it going ?
<smoser> getting there.
<smoser> you want to sponsor one of my uploads ?
<smoser> ttx,
<smoser> i can get one together quick (the cloud-tuils)
<ttx> smoser: I'd prefer not to :)
<smoser> ok
<smoser> then go to sleep
<ttx> on my way to bed right now
<smoser> i'll bother someone else.
<ttx> smoser: send me an email if there is anything I should do early tomorrow morning
<smoser> ok.
 * ttx disappears again
<uvirtbot> New bug: #374505 in samba (main) "Places/Network (samba)" [Undecided,New] https://launchpad.net/bugs/374505
<ivoks> kirkland: sorry for interuption...
<ivoks> kirkland: just let me know when cluster-glue|-agents are approved/declined
<kirkland> ivoks: okay; fighting another fire at the moment
<ivoks> kirkland: yeah, i understand
<Zombie-Gaz> I've tried doing various forumn / web searches for this - all the "answers" don't work for me. How can I get my system to NOT load the splash screen / Gnome. I want to boot up to the console and have the option to start X if I need to.
<ivoks> Zombie-Gaz: that's really an #ubuntu question
<ivoks> Zombie-Gaz: look at /etc/init/gdm.conf
<Zombie-Gaz> ivoks: Sorry mate. Didn't have anyone help me in there and I thought it may qualify as a "server" question.
<Zombie-Gaz> ivoks: Thanks for the suggestion. I'll try that route.
<ivoks> that's for gdm
<ivoks> splash screen is grub option
<ivoks> for that look at /etc/default/grub
<ivoks> GRUB_CMDLINE_LINUX_DEFAULT
<Zombie-Gaz> Hm. I have no /etc/default/grub
<ivoks> which ubuntu is that?
<ivoks> what version
<Zombie-Gaz> 9.10
<ivoks> then it must be there
<ivoks> or you downgraded to grub1
<ivoks> or did an upgrade from previous version
<ivoks> in which case you have /boot/grub/menu.lst
<Zombie-Gaz> The latter. :)
<Zombie-Gaz> I just found it as you said that.
<kirkland> ivoks: are you waiting around for this?  I'll get to it, but it might be later this evening
<kirkland> ivoks: it's 5pm and i haven't had lunch today :-P
<ivoks> kirkland: it's 11pm here
<ivoks> kirkland: and i too haven't had a lunch :D
<ivoks> or dinner :)
<kirkland> ivoks: ;-)
<kirkland> ivoks: okay, i'm grabbing a bite to eat, then i'll take a look at it
<Zombie-Gaz> 9.10?
<ivoks> kirkland: please, cause i'm waiting with other uploads on this
<ivoks> Zombie-Gaz: search for # defoptions=quiet splash
<ivoks> Zombie-Gaz: and just delete splash
<ivoks> Zombie-Gaz: do not uncomment it
<ivoks> Zombie-Gaz: save and run update-grub
<Zombie-Gaz> Do NOT uncomment it?
<ivoks> correct
<ivoks> just remove word 'splash'
<ivoks> so it looks like this
<ivoks> # defoptions=quiet
<Zombie-Gaz> Got it.
<ivoks> kirkland: thanks
<Zombie-Gaz> ivoks: Thanks mate.
<ivoks> Zombie-Gaz: np
<ivoks> kirkland: i'll be back in an hour :/
<AdamDV> http://www.youtube.com/watch?v=uBUgEx_91BU I love that video.
<AdamDV> Err
<AdamDV> Whoops, wrong channel.
#ubuntu-server 2010-02-18
<uvirtbot> New bug: #523538 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/523538
<ivoks> kirkland: thank you! :D
<kirkland> ivoks: no problem
<kirkland> ivoks: on your bash patch
<kirkland> ivoks: i recommend fixing the bashism
<kirkland> ivoks: rather than using /bin/bash ;-)
<kirkland> ivoks: but not a blocker
<ivoks> kirkland: i'll do that once it is in main
<ivoks> or universe
<ivoks> i just need features in before FF
<ivoks> that's it from me for today, see you tomorrow
<RoAkSoAx> kirkland, how can I see all the VM's created using virt-manager with virsh?
<kirkland> RoAkSoAx: virsh list ?
<RoAkSoAx> kirkland, yeah I do that but does not work
<RoAkSoAx> i mean
<RoAkSoAx> does not list anything
<kirkland> RoAkSoAx: sudo virsh list ?
<RoAkSoAx> kirkland, not even sudoing
<RoAkSoAx> that's why I ask :)
<kirkland> RoAkSoAx: sorry, i don't know
<kirkland> RoAkSoAx: you might ask in #virt on irc.oftc.net
<RoAkSoAx> kirkland, ok will do... thanks :)
<RoAkSoAx> kirkland, btw.. I did create /patch/to/xml/file, which is the xml file that was created by virt-manager and now it is showed
<RoAkSoAx> i guess there's a but there
<RoAkSoAx> s/but/bug
 * bihuhn (Away Grund : Auto Away nach 60 min | Pager : OFF )
<Roxyhart0> hi there i am blackilist frequenly (my server is NAT) and i got few users at the moment. there are any change that my server got virus?
<Roxyhart0> hi, how i can run a C program, i mean program.C?
<Insyte> Roxyhart0: It needs to be compiled.
<Insyte> Roxyhart0: At its simplest, that's done by running 'gcc -o program program.c'
<Insyte> But that assumes a lot about how the program was written.
<Insyte> It can be quite a bit more complex.
<twb> If I had to describe how most programs are written, it would be "badly"
<Insyte> Or "drunkenly"
<Roxyhart0> :S
<cef> Any libvirt people: Does libvirt have an upstart script in Lucid?
<cef> (as apposed to karmic)
<twb> cef: apt-file should tell you
<twb> oooh, libvirt-bin no longer depends on crappy ol' hal
<cef> twb: I'm currently using karmic, which is why I'm asking.. trying to decide if I upgrade this kvm host to lucid and work on a bridging issue (see https://bugs.launchpad.net/bugs/495394 )
<uvirtbot> Launchpad bug 495394 in libvirt "autostart almost always fails on boot time host" [Medium,Confirmed]
<twb> cef: you can get the file list from packages.u.c, too
<cef> twb: arggg.. for whatever reason when I looked at that yesterday, I missed the 'list of files' bit. *sigh*
<twb> cef: np
<cef> hrm.. now, do I upgrade this machine to lucid? hrmmmm
<twb> ubottu: karmic->lucid
<twb> Crappy bot
<cef> it's not running production or anything
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/getubuntu/upgrading
<cef> oh I know how to upgrade. :P
<cef> only upgraded to karmic on this box a week ago. ;)
<twb> If your way involve dist-upgrade, that's not the official way
<twb> But I can't remember what the "right" way in Ubuntu is, since it's some damn silly separate tool
<cef> nup, using do-release-upgrade, after installing update-manager-core
<twb> Ah, sorry, I misread you "do I upgrade" as "how do I upgrade"
<cef> <-- no desktop install on said box
<cef> ;)
<cef> not enough coffee eh?
<twb> cef: I'm still absorbing it
<cef> hrm, upgrade I guess and then time to seriously learn about upstart
<JanC> dist-upgrade works fine too, if you're prepared to do all the work that do-release-upgrade does by hand  ;)
<twb> JanC: but how do you know what that work is?
<twb> Do you RTFS of update-manager?
<ja660k> hey, can someone give a guide as how to a printer and cups??
<ja660k> set up a printer*
<twb> ja660k: have you already tried the ubuntu-serverguide?
<ja660k> uhh?
<ja660k> i dont think so
<JanC> twb: I've used it (through aptitude or synaptic) when the official way didn't work (on a system that had lots of non-official packages etc.)
<JanC> just check what it wants to do, and if you don't like it, try to find why it's doing it, add/remove offending packges, repeat  ;)
<twb> How do you check what it wants to do?  Or by "it" do you mean aptitude?
<JanC> but if possible I use the recommended way too of course
 * twb installs update-manager-core in a pbuilder chroot
<JanC> twb: when you use it interactively it shows what will be removed etc.
<JanC> and yes I mean aptitude/synaptic/...
<JanC> after I saw the official way tried to remove half of what I used  ;-)
<JanC> worst example of that was on a desktop anyway
<twb> JanC: I'm perfectly happy to full-upgrade by hand, since that's what I've been doing since Woody.  But I want to upgrade documentation to tell me what the transition edge cases are, instead of just saying "use this wizard and hope it all works"
<JanC> they can't document all edge cases, as they don't know what unofficial packages you have
<ja660k> is there anything i need to enable in order to use ssh tunneling to my server as socks5 host?
<JanC> and nobody can test all combinations of official packages either
<twb> JanC: I mean I want them to document known edge cases -- i.e. I want the Debian upgrade process, not the hand-holdy Ubuntu desktop upgrade process.
<JanC> twb: I agree documenting what update-manager does would be useful
<JanC> even if it were only on soem wiki page
<twb> If nothing else, there should be an update-manager-core --dry-run --verbose
<twb> It looks like the only thing there is "-s, --sandbox         Test upgrade with a sandbox aufs overlay"
<JanC> twb: the GUI version shows you what it's going to do before actually doing it, so shouldn't be too difficult to implement?
<twb> There's a --proposed, but it looks like it doesn't DTRT
<twb> JanC: NFI.
<JanC> it shows what new packages will be installed, what packages will be removed, what packages will be upgraded
<JanC> if on a GNOME desktop it wants to remove all of GNOME, you know it's time to do amanual upgrade  ;)
<JanC> same should be possible on the CLI-version for servers IMHO
<cef> btw: 'do-release-upgrade' does that as well
<cef> no idea if it has other options (eg: show what will be done, etc)
<twb> Well, let's try it in a scratch hardy chroot
<twb> The lucid chroot failed because, obviously, there wasn't anything to upgrade to :-)
<cef> twb: heh.. I'm actually about to upgrade this karmic host to lucid, so I guess I'll find out soon enough
<genii> I am looking at Intel fibre network cards... would anyone know about Pro/1000 XF (pci-x) or the Pro/1000 PF (pci-e)  ? I have boards with both these ports
<twb> Looks like update-manager needs an internet connection, too -- you can't just give it a lucid debmirror.
<twb> That means I can't use it on my secure sites, at least.
<cef> twb: doh!
<twb> Haha, and a ^C causes the app to backtrace instead of exiting cleanly
<twb> Crappy python crap
<twb> And the prompt says "Continue [yN]", but just hitting enter isn't the same as N
<Roxyhart0>  HI I am getting error to join the domain and do wbinfo:  http://pastebin.com/dbf34dcb any idea?
<twb> It's also interesting on Hardy, it seems to assume that I'm doing LTS -> LTS, because unless I supply --devel-release, it claims there's no release after hardy.
<cef> will just scp my vm guests to a backup machine before I upgrade this vm host to lucid methinks ;)
<twb> Haha, ^C-ing do-release-upgrade leaves sources.list in a fucked-up state.
<twb> I can't work out why, but even if I restore sources.list and aptitude update, it still can't see packages from hardy.  I was gonna install man(1) so I could read the do-update-manager manpage.
<cef> twb: it's a python script btw
<twb> Which is a waste of time, because it has no manpage.  Fucking idiots...
<cef> yeah, no man page in karmic either
<twb> If this was Debian, that would be a policy violation.
<cef> hrm, looks like libvirt 0.7.6 might solve the bridge not being up issue, or at least, without fscking with upstart scripts.. hrmm oh well.
<twb> cef: ow ow ow ow ow -- guess what else it does.
<twb> cef: it ignores your local, unmetere, FAST mirror and always uses archive.ubuntu.com
<cef> twb: that iis fixed in jaunty+ at least
<cef> it used my approxx mirror
<twb> cef: hmm, do you have that in /etc/apt/sources.list, or in a sources.list.d/foo file?
<twb> Maybe it doesn't understand the former
<cef> apt/sources.list
<twb> Oh well.
<cef> I think it didn't use it prior to jaunty
<twb> Certainly looks like update-manager-core is waaay too flaky for me to use for LTS->LTS upgrade
<cef> they should backport a later version back to hardy before lucid ships, at any rate
<twb> Well, I don't turn on backports for production servers.
<twb> Because new versions = new bugs
<Roxyhart0> twb do you have any ide about my problem?  http://pastebin.com/dbf34dcb any idea?
<twb> It's not like a server needs a stupidly new firefox 3.5 :-)
<cef> no as in backport the script into main - as in traditional meaning of backport, rather than a repo meaning
<twb> cef: oh, right
<cef> :P
<ehnde> is there a way to block port scanners from my server?
<twb> ehnde: unplug it
<ehnde> and...just saw an entry in my apache access.log coming from something trying to find an zencart vulnerability :|
<cef> ehnde: you can use an iptables firewall, but it won't block someone who hits the right port
<twb> cef: depends if you mean xtables -m dscan
<cef> twb: yeah, but if it's a public webserver on port 80.. welll
<twb> ehnde: such a log entry isn't generated by port scanning.
<ehnde> two different episodes twb
<Roxyhart0> hi just a question can you read that because i think i am invisible?
<twb> cef: if you're having iptables *detect port scanning*, you can use that to selectively blacklist access from that IP -- including access to the otherwise open port 80
<cef> Roxyhart0: you're not invisible.. I just don't know the answer to your question, sorry!
<Roxyhart0> thanks
<cef> twb: yeqah, assuming they hit a different port first. but yes, I agree, that would work
<twb> Sorry, it's -m psd, not -m dscan
<twb> I don't know how reliable it is; I've never deployed it.
<twb> From the manpage, I get the impression that psd will only detect sequential probing of a large port range.
<twb> So e.g. a typical port knocker won't inadvertently trip it
<Roxyhart0> nad sombody know how i can install a package which is .tar i got samba 3.4.5 package in tar format
<lifeless> thats not a package for ubuntu
<lifeless> its either a bsd package (can't use) or its a source tarball (need to package it up)
<twb> lifeless: what isn't?
<ehnde> Address 195.19.32.17 maps to asus.bmstu.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
<MTecknology> what's the tool that shows me a pretty graph of where my network usage is going?
<ehnde> i'd love to somehow blacklist stuff like that
<twb> MTecknology: rrdtool?  Munin?  Cacti?
<lifeless> twb: what Roxyhart0, the personal that asked the question, is asking about.
<Roxyhart0> i just download it from ubuntu
<twb> lifeless: oh, sorry, I have /ignored Roxyhart0.
<MTecknology> twb: nope, is was a pretty little cli tool, showed source/dest/usage
<Roxyhart0> yes so i am invisible for you
<twb> MTecknology: by "cli" do you mean it emits an image file, or do you mean it's an interactive ncurses UI?
<Roxyhart0> sorry i just download this package because i have a bug and the guys from ubuntu-log told me i should instal samba 3.4.5 but i dont know how to do it. I just download form whe webpage a tar file. any idea ?
<MTecknology> twb: ncurses
<twb> MTecknology: I got no idea.
<MTecknology> twb: any ideas what the cause would be?
<MTecknology> twb: any ideas what that tool is called? I just forgot the name ***
<twb> MTecknology: nope, sorry
<MTecknology> twb: I remember exactly what it looks like; but for the life of me, I can't remember the name
<twb> MTecknology: try feeding debtags and keywords into aptitude's filter.
<twb> aptitude search ~dgraph~dtraffic~Gcurses or so
<MTecknology> gah.. I used this last time to find who was doing a dos attack on my system...
<MTecknology> jnettop
<MTecknology> there!
<twb> I hope that j doesn't designate java
<MTecknology> no
<MTecknology> is it possible to limit use of a port based on IP?
<twb> Anybody seen this failure before?  I'm trying to install syslinux in a lucid chroot.  http://pastebin.com/f1ade18c
<twb> Hmm, maybe it's whatever live-helper is doing AFTER syslinux is installed?
<Roxyhart0> him one question the first time when i was setting samba wbinfo -u was working but i uninstall winbind and install again and it does work any more. maybe i miss some package?
<cef> ok, upgrading this karmic box to lucid. wish me luck!
<lenios> good luck!
<cef> hrm, no workie. couldn't configure pre-depend for libplymouth2 for mountall
<uvirtbot> New bug: #523621 in squid (main) "squid_2.7.STABLE7-1ubuntu5 fails to install with " Unknown job: squid" error " [Undecided,New] https://launchpad.net/bugs/523621
<twb> The lucid images I'm building switch to an 80x30 framebuffer when booting.  This breaks qemu -curses -- how do I turn it off?
<twb> If I try vga=normal, the kernel segfaults.
<cef> hrm, another bug to follow for me: https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/514012
<uvirtbot> Launchpad bug 514012 in mountall "cyclic dependency between mountall and libplymouth" [Undecided,New]
<twb> "[   18.699679] Console: switching to colour frame buffer device 80x30"
<kaushal> hi
<kaushal> is there a way to download only particular repositoties
<cef> twb: btw: known alpha2 bug is that it leaves the fb device up after a boot, and you need to switch the VT *sigh*
<twb> cef: that's a different issue
<cef> ahh ok.. thought it might be related
<twb> I don't have X, I don't have ubuntu-minimal, I don't even have a root filesystem
<cef> it happens on server specifically btw
<twb> I boot a kernel and a ramdisk, and *even when I tell it not to*, it loads vga16fb
<twb> This is with the -generic kernel
<twb> Lemme pastebin for you
<cef> yeah afaik it's not specific to -server kernel.. it's something to do with the initrd.img I think
<twb> They might be related errors, but I'm not convinced it's the same error
<cef> Bug #506297 (from Known Issues @ http://www.ubuntu.com/testing/lucid/alpha2 fwiw)
<uvirtbot> Launchpad bug 506297 in plymouth "Graphical Ubuntu logo enabled on servers, no more login prompt" [High,Triaged] https://launchpad.net/bugs/506297
<twb> http://pastebin.com/f30a1022b
<cef> actually that might be another thing I saw.. something about lucid images not booting in kvm .. or was it UEC? hrm
<twb> Also, WTF is the point of making a swap partition IN RAM?
<twb> sed 1d /proc/swaps ==> /dev/ramzswap0 partition 29632 0 100
<twb> cef: I just checked, and sending ctrl-alt-f1 to the screen after vga16fb is loaded doesn't help -- as expected, it's enabling the framebuffer on all ttys
<cef> twb: ugh
<twb> It wouldn't normally matter, because you're looking at an analogue signal anyway
<twb> But because I'm in qemu, I can get 80x25 console visible as text, which you can just copy/paste.  That's not the case for vga/vesa framebuffers
<cef> ok, I'm off home.. have fun ppl!
<twb> So now I try to reproduce this with a Debian kernel, so I can report it to them instead of using launchpad...
<Roxyhart0> hi guys i got saba 3.4.5 and i want to install on ubuntu 9.10 somebody know how to do that?
<ivoks> ttx: morning
<ttx> ivoks: yo
<ivoks> ttx: could you sponsor two of my packages?
<ttx> ivoks: shoot
<ivoks> ttx: https://edge.launchpad.net/~ubuntu-ha/+archive/lucid-cluster
<ivoks> corosync and openais
<Roxyhart0> hi guys please help how i can install samba 3.4.5 in ubuntu
<twb> Fuck, this problem is Ubuntu-specific
<twb> So now I have to fight apport and/or malone's mail gateway
<Roxyhart0> twb what mean you "Fuck"?
<Roxyhart0> i am a lady please respect!
<ttx> ivoks: for corosync, quilt is no longer needed, you prefer to keep it in ?
<ivoks> hm...
<ivoks> yes, keep it, so that we don't add diff to debian
<ttx> ok
<ivoks> this is something that should be fixed there
<ivoks> iirc
<ivoks> oh
<ivoks> no!
<ttx> you removed the last patch :)
<ivoks> i added quilt
<ivoks> :D
<twb> Hey, guess what else is retarded?
<ttx> ok, removing
<ivoks> i woke up 20 minutes ago..
<twb> postinst scripts that call start(8) instead of invoke-rc.d(8), and thus IGNORE POLICY-RC.D
<Bacta> Am I allowed to speak in this channel if I don't run Ubuntu as a server?
<ball> Bacta: Hopefully, otherwise I'd be gagged too.
<Bacta> :P
<Bacta> Good
<Bacta> I got a +q in +1 for apparently not running lucid
<JanC> most likely it was for asking questions that weren't relevant for lucid
<uvirtbot> New bug: #523646 in samba (main) "missing changelog on changelogs.ubuntu.com" [Undecided,New] https://launchpad.net/bugs/523646
<JanC> and doing so repeatedly
<Bacta> JanC: I didn't say or do anything :P An op there hated me, found out what distro I was using and banned me
<Bacta> Then felt bad and made it a +q ;)
 * ttx uploads 2 minutes before EOD westcoast time
<ivoks> ttx: wait... that's it? :)
<ttx> corosync done
<ivoks> it's 10PM on tahiti :)
<ttx> openais in progress
<ivoks> thanks
<ttx> I'd have difficulties to prove I'm on tahiti.
<twb> Sigh.  So "apport-cli" apparently sent a bug to ubuntu, but I can't open the URL it gave me without digging out my stupid account details
<ttx> aloha
<ivoks> :)
<ttx> openais uploaded
<ivoks> thank you
<ttx> ivoks: now if you need more you need a Tahitian coredev :)
<ivoks> :)
<ttx> (or a FFe) :P
<ivoks> FFe from now on...
<ttx> you should at least apply for ha stack upload rights
<ivoks> i'll apply for core dev
<ivoks> this is silly...
<ttx> it's not as if I tested those better than you did :)
<ivoks> now, that's great...
<ivoks> all that's left now is wait for MIRs to get accepted and then upload new rhcs, ocfs2-tools and lvm and finally demote parts of rhcs :)
<baffle> ivoks: Oh, you've created all the MIRs? :)
<baffle> Or, well, ttx. :)
<ivoks> baffle: turns out, 99% of them weren't needed
<ivoks> but don't tell that anyone, cause i'll look stupid
<ivoks> :)
<baffle> ivoks: Is there really a functioning cluster in Karmic? I have it *running* on a set of machines, but it seems a bit.. Off...
<baffle> ivoks: :-)
<baffle> ivoks: (I figure since you have been working with cluster for lucid you might know the state of 9.10)
<ivoks> baffle: rhcs isn't really maintained, and pacemaker in karmic was still non working solution
<baffle> ivoks: Hmm, okay.. Because what I have now seems to be a bit hit'n'miss..
<ivoks> but lucid should have gfs2, ocfs2, clvmd and lots of other goodies with pacemaker
<baffle> ivoks: It seems to be using corosync.. But it takes many minutes to get it to actually join the cluster, and on a different setup clvm doesn't work and all.
<ivoks> corosync is just one part of the story
<ivoks> both pacemaker and rhcs use it
<ivoks> clvm on the other hand, in karmic, is compiled with support only for rhcs2
<baffle> ivoks: And it also seems LVM does not fall back to local locking when I've set up cluster locking? Wich is a problem since I have / on a local LVM VG. Wich means servers won't boot, since there is no cluster at initramfs stage.
<ivoks> that should all be fixed in lucid
<baffle> ivoks: Great.
<ivoks> i've seen that bug report of your complains on irc
<baffle> ivoks: Is it working in Lucid now, or are you waiting for the MIRs?
<ivoks> i'll look into it, once everything is there
<ivoks> at the moment, i don't consider we have clvm at all :)
<baffle> ivoks: I don't think I ever got aroudn to reporting a proper bug, since I haven't digged enough into it to be 100% sure it isn't PEBKAC.
<ivoks> baffle: clvm stuff? not yet... we need to recompile it with support for corosync
<baffle> ivoks: Oh, so clvm doesn't use corosync? What does clvm use in Karmic?
<ivoks> ttx: could you that for me? :)
<ivoks> ttx: i could send you a patch and you would patch this loveley small meaningless package, called lvm
<ttx> huh
<ivoks> :)
<ttx> ...no :)
<ivoks> ok... i'll ask kees then
<ttx> key to survival is to stay away from big predators.
<ivoks> :)
<ivoks> depends how you see surviving
<ivoks> just staying alive or taking other lives :D
<twb> Man, I'm confused
<twb> Did remoras work out how to get on IRC?
<ivoks> well, see you later
<acalvo> anyone can recommend an online log viewer for a centralised rsyslog server? (something like splunk but open-source)
<twb> logcheck
<twb> logwatch if you enjoy writing perl modules or having critical security events silently discarded
<acalvo> I'll check both options
<uvirtbot> New bug: #523665 in update-manager (main) "missing changelog on changelogs.ubuntu.com" [Undecided,Confirmed] https://launchpad.net/bugs/523665
<tsimpson> Bacta: I remind you to keep channel topics in mind
<RoyK> hrmf. if I mount an nfs filesystem and the server dies, it seems the client needs to be rebooted after the server comes up. volume is mounted with -o rw,bg,intr,soft
<qman__> yeah, I have that same problem with my nfs mounts
<qman__> never really looked into it because the server doesn't go down that often
<RoyK> doesn't matter, really. the connection should reopen
<RoyK> not just hang
<jiboumans> morning
<ivoks> morning
<RoyK> morning
<nijaba> good morning
<soren> jiboumans: 'morning.
<jiboumans> hey soren, how's life?
<soren> jiboumans: Much better now, thanks.
<qman__> I just ran chkrootkit on all my servers, and on my router it detected dhclient3 and dhcpd3 as packet sniffers
<huayra> I got an instance with Vanilla Ubuntu Server LTS 8.04 with nothing else than SSH
<qman__> is this a false positive/normal, or do I have a problem?
<huayra> is there an easy way to install the LAMP stack?
<huayra> I had hoped to get it finished out of the box, but I didn't...
<qman__> huayra, sudo tasksel install lamp
<huayra> Anyone can point to a how-to or give me the apt-get install list
<huayra> qman__, you rule!
<huayra> thx
<huayra> it gives me some locale failure
<huayra> perl: warning: Setting locale failed.
<huayra> perl: warning: Please check that your locale settings:
<huayra> 	LANGUAGE = (unset),
<huayra> 	LC_ALL = (unset),
<huayra> 	LANG = "en_US.UTF-8"
<huayra>     are supported and installed on your system.
<huayra> perl: warning: Falling back to the standard locale ("C").
<acalvo> huayra: pastebin please
<qman__> huayra, sudo apt-get install language-pack-en (or whichever language you use)
<huayra> http://paste.ubuntu.com/378942/
<huayra> thanks a lot. it was lamp-server
<huayra> ;)
<huayra> this community makes me believe!
<huayra> :)
<Cybert1nus> I've moved my Ubuntu Server install from one partition to another. I have a seperate /boot partition. I've done this before (with the same install) and then it worked. Now it doesn't. When I boot Grub2 works fine, but during the boot Linux can't find the root filesystem. I've checked the UUID it wants to mount, and it is the correct one. So it looks like my InitRD has lost the RAID drivers or something (I'm running on softraid level 1). Anybody any advi
<Cybert1nus> but I checked /proc/modules and the raid1 module gets loaded
<henkjan> huayra: sudo locale-gen en_US.UTF-8
<ivoks> would someone sponsor my amavisd-new-postfix thingie?
<Cybert1nus> I also updated /etc/mdadm/mdadm.conf with the new situation and /etc/fstab too
 * ivoks looking for core devs
<ivoks> anyone? small feature before FF?
<ivoks> http://www.init.hr/dev/amavisd-new.debdiff <- it isn't that scary :)
<Cybert1nus> when I run update-grub on a LiveCD (I've mounted my Ubuntu install on it, and chrooted to it) I get the error "Cannot find list of partitions!". I've Googled for this error, but nothing simular to my problem came up, only really old stuff (Ubuntu 6.06 :S). I don't know if it has something to do with my problem?
<ivoks> why would you update grub on live cd?
<ivoks> CD is a read only medium
<Cybert1nus> I know
<ivoks> you can't update anything
<Cybert1nus> but I boot a live CD, and then mount my Ubuntu install and update Grub in my Ubuntu install ;)
<ivoks> you chroot before you run update grub?
<Cybert1nus> yes
<ivoks> you mounted all dirs?
<Cybert1nus> yes
<ivoks> so, this is how i would do it:
<Cybert1nus> all my partitions, /dev and /proc
<ivoks> sudo mount /dev/sdXY /mnt
<ivoks> sudo mount -t sysfs /mnt/sys
<ivoks> sudo mount -t proc /mnt/proc
<ivoks> sudo chroot /mnt /bin/bash
<ivoks> sudo update-grub2
<ivoks> i'd also run:
<ivoks> sudo update-initramfs -k all
<ivoks> and then update-grub
<Cybert1nus> hmm, trying that now ivoks
<Cybert1nus> I didn't mount sysfs
<Cybert1nus> and update-initramfs -k all -u I didn't run
<Cybert1nus> updated everything, rebooting now :)
<Cybert1nus> ivoks: it didn't work :(, my /root device still can't be found :(
<ivoks> does it drop to the busybox?
<Cybert1nus> yeah
<acalvo> just to know your opinion: I've a bunch of ubuntu server 9.04 running with some services (apache2, openldap, samba, mysql...). I know that maybe it wasn't the best move to install a non-LTS system. My question is, is it worth (and safe) to upgrade to 9.10 and then to the next LTS (10.04 I assume)?
<ivoks> acalvo: don't
<ivoks> wait for lts
<ivoks> Cybert1nus: and your root is?
<acalvo> ivoks: ok, seems fine. thanks
<ivoks> Cybert1nus: /dev/...?
<Cybert1nus> ivoks: /dev/md3
<ivoks> Cybert1nus: and is there /dev/md3?
<Cybert1nus> no
<ivoks> how about lsmod
<Cybert1nus> command not found
<ivoks> does it show any modules?
<ivoks> cat /proc/modules
<Cybert1nus> cat /proc/modules does list modules
<Cybert1nus> including the raid1 module
<Cybert1nus> any ideas ivoks?
<ivoks> Cybert1nus: you are looking for md_mod module
<ivoks> and dm_mirror
<Cybert1nus> hmm
<Cybert1nus> problem found, I would say
<Cybert1nus> cat /proc/modules | grep md_
<Cybert1nus> doesn't return any lines
<Cybert1nus> how to add those? :)
<ivoks> try loading it
<ivoks> modprobe md_mod
<Cybert1nus> done
<Cybert1nus> now I've got a lot of md* devices in /dev
<ivoks> wait, i have a fire over here
<Cybert1nus> no /dev/md3, only /dev/md3_0p1 till /dev/md3_0p4 and /dev/md_d3
<Cybert1nus> ok
<ivoks> you need to rebuild initramfs
<ivoks> boot into live cd, mount patitions and add md_mod to /etc/modules
<Cybert1nus> indeed, with md_mod and md_mirro in it
<ivoks> and update initramfs
<Cybert1nus> ok
<Cybert1nus> booting live CD now
<ivoks> dm_mirror
<ivoks> md_mod
<Cybert1nus> indeed, typo ;)
<ivoks> take care, got to run
<Cybert1nus> ok, good luck
<Cybert1nus> thnx for you're help
<Cybert1nus> your*
<ichat> i have strange problem,  i have a raid set of  4x sata 1tb disks,   -  first partition on all 4 drives is a  1gb  /boot parttion  (raid 1)   -  now when i installed  ubuntu server 9.10 grub fails to install,  when i install  ubuntu-alternate-desktop (text only install)  it works fine...
<maxagaz> why nmap isn't installed on ubuntu by default, should i use something else ?
<soren> maxagaz: We don't install random utilities like that by default.
<soren> maxagaz:
<soren> Whoops
<maxagaz> soren, nmap, a random utility ?
<soren> maxagaz: Yes?
<maxagaz> why?
<soren> Why what?
<soren> Why we don't install them by default?
<maxagaz> i mean, what else should I use to check wether a port is opened/filtered/closed ?
<soren> nmap
<soren> It's the right tool for the job.
<maxagaz> ok
<soren> That doesn't mean it should be installed by default, though.
<maxagaz> where can I check where does fail2ban put the banned addresses ?
<liva> soren > id like to understand why it doesn't make sense to have nmap install by default
<soren> liva: Becuase it's dead simple to install it when you need it, and there's no need bloating a default install with every little utility that someone finds useful.
<maxagaz> it's in the Chain fail2ban-ssh when checking iptables -L, right ?
<liva> Ok i understand
<soren> liva: If we installed every little utility that someone finds useful, the default install would easily grow to 5 GB.
<soren> liva: Or 10.
<soren> liva: Or more. I don't know. A lot, for sure.
<liva> yep true
<liva> maxagaz > yes
<Roxyhart0> Hi i got a NAT and some of the client machines are with virus so my domain is blacklisted frequently. there any way to check the packages and stop when a virus is transfer?
<Roxyhart0> hi i need to install a antivirus and antisyware for my nat. any diea?
<Roxyhart0> idea
<soren> clamav is the antivirus thing in Ubuntu.
<Roxyhart0> but are not working i got a confiker
<soren> Are you using clamav to scan all your traffic?
<Roxyhart0> yes but doesnt work
<Roxyhart0> or do i need to config something else on clamav
<soren> "something else"? What have you done so far?
<thafreak> Morning server folks...I'm still wondering if anyone can point me to any docs on how to configure CLVM?
<Roxyhart0> it is checking emails but not sure about traffic about HTTP
<soren> Do you know how the virus got in?
<soren> Well, if you want to scan HTTP traffic you need a proxy of some sort.
<soren> Google for squid and clamav, and I'm sure you'll find something useful.
<Roxyhart0> because i am blacklist (my domain) many times this week and they say is comming for virus, troyan or blabla
<soren> No, /how/ the virus got in. Mail? Web? Something else?
<Roxyhart0> web apparently or IRC
<Roxyhart0> i got this one http://mtc.sri.com/Conficker/contrib/plugin.html
<kaushal> hi
<kaushal> while installing ubuntu 8.04 server using net install i get "No root file system is defined" on Dell Poweredge 1950 64 Bit Server
<kaushal> i am using pxe install
<kaushal> It says Please correct this from paritioning menu
<kaushal> and when i click on <Go Back> i dont see that option
<kaushal> please suggest
<soren> Did you go through the partitioning?
<kaushal> soren: i am not able to see that option
<kaushal> I am using kickstart
<kaushal> shall i pastebin the ks.cfg file ?
<soren> I won't be able to make much sense of it anyway.
<soren> kaushal: Does it work if you're not using kickstart?
<kaushal> soren: yes
<soren> kaushal: Ok, try posting your kickstart file.
<soren> Gah, /me needs lunch
<zul> morning
<soren> lies
<kaushal> sure
 * soren goes to lunch
<kaushal> soren: http://paste.ubuntu.com/379041/
<Ford121> Hi, I tried to install phpmyadmin from the console but when I goto the URL it downloads a file called download
<Ford121> Hi, I tried to install phpmyadmin from the console but when I goto the URL it downloads a file called download
<Ford121> come on, please help
<Ford121> Hi, I tried to install phpmyadmin from the console but when I goto the URL it downloads a file called download
<Ford121> come on, please help
<blackbear> where can i find out about a good implimentation of file encryption?
<blackbear> do i have to encrypt a whole drive or is it possible to simply do a set of files?
<Ford121> Hi, I tried to install phpmyadmin from the console but when I goto the URL it downloads a file called download
<liva> Ford121 > then you should download it and check which file is this.
<os_> I want to have a digital library that server for sharing ebooks  audiobooks videos with cataloging system what technology is available please  I googled a lot but I came in to situations like ILS(integrated Library System) but I want for storing content
<os_> Any one who has seen my question the question about the digital library I just want small hint please a keyword for google search is enough for me , I am waiting for you . People the precious kingdom
<mdeslaur> soren: any idea what bug #523589 could be?
<uvirtbot> Launchpad bug 523589 in vm-builder "vmbuilder aborts with "locale-gen does not recognize your locale"" [Undecided,New] https://launchpad.net/bugs/523589
<soren> mdeslaur: GNOME stuff. Very annoying. Haven't completely tracked it down.
<soren> mdeslaur: gdm sets my $LANG to da_DK.utf8 rather than da_DK.UTF-8, like it used to.
<soren> mdeslaur: and like it should be doing. No idea why. Yet.
<mdeslaur> soren: oh, right...it used to be UTF-8...I though something looked odd about it yesterday
<mdeslaur> even locale -a shows utf8
<os_> Is any one around among the 204 users or only your clients are there am I in the wrong channel I thought great ideas comes from server guys at least you have faced it at some part of your life or heard about it and I am looking for great  ideas from you
<mdeslaur> os_: noone answered you because no one knows of anything to suggest
<os_> It is only about digital resource sharing
<kaushal> soren: just checking in with you for my query ?
<os_> am I wrong to call it digital library I am thinking of implementing it to an educational orgainization and I am looking for possible technology solutionsl
<soren> kaushal: I have no idea. Perhaps #ubuntu-install will be of help.
<kaushal> soren: Thanks
<kaushal> soren: there is no one in that channel :(
<kaushal> is that correct ?
<os_> As linux server administrator what task's do you do I am new to linux with only 2 years of experience but I can see there is no thing attractive in information technology world what types of tasks are done as a server administrator
<soren> kaushal: sorry, #ubuntu-installer
<screen-x> os_: Backups, updates, script writing.
<os_> like configuring web servers ldap kerberos .... all of nothing is attractive
<os_> but is this the only task of admin guy
<os_> is there some thing better  I just want to have good time with IT
<screen-x> os_: depends entirely on the situation. How big the company is etc.
<screen-x> os_: What do you enjoy working on? Once you figure that out, you can look for a suitable job.
<os_> but is there some thing attractive I like things like big works innovation and some thing great not routine works
<os_> I like computer and I shifted from windows administration to linux  to satisfy myself  but I found nothing special just an overwhelming bunch of configuration files and command line options
<os_> I don't know what I can I do on earth
<os_> everything seems nonsense  and useless of useless
<os_> How do you guy's around the world indulge yourself with your work
<screen-x> os_: sounds like your issues are deeper than which OS you are administering.
<os_> yeah but  I am interested in computer works
<os_> you know even if I master linux still I am left with a lot of things like web integration with windows
<os_> hardware
<os_> etc what good thing is there on earth
<screen-x> os_: you can get apache to authenticate users against AD.
<os_> I thing you are guy's around the world from a lot of countries thank's for the internet
<os_> but this is a small thing you know what is the next step
<os_> How can I work a great thing for myself and the world
<os_> I want to bring some relief to the human life
<os_> but
<smoser> good morning all.
<os_> but
<os_> good morning  to you too
<os_> screen-x are you with me
<os_> screen-x: are you with me and the other guys too
 * screen-x backs away slowly and points os_ at ##philosophy
<swift> hi guys,,, how often is it required for an ubunt server to be updated?
<os_> I am having a lot to say but I don't want to shift the purpose of this channel but every one I would like to remind you about yourself
<os_> Are you using the LTS version or the other versions
<swift> os_ using ubunt 8.04
<zul> hey smoser
<swift> ubuntu 8.04, LTS
<swift> Also, do we need to reboot the server after the updates?
<corden> hello guys
<os_> I usually update it every 2 to 3 weeks and I reboot it if it is update like kernel update but sorry for not giving solid answer I would to leave it for the other great guys
<os_> the guys around in this channel
<corden> just want to ask what recommended partition scheme for ubuntu server
<corden> any site that you can point
<swift> please advise.. great guys
<corden> i've used ubuntu quite sometimes now and i want to learn the server side of it.
<corden> tnx in advance
<screen-x> swift: depends if there was a kernel update
<swift> screen-x.. what is the frequency?
<swift> i mean... do i need to do this every month?
<swift> or is it safe to do it quarterly?
<screen-x> corden: I tend to use a boot partition and the rest of the disk with LVM. But with grub2, you may not need a boot partition.
<os_> To interrupt Any one who would tell me any software  or web based for digital library content sharing system I prefer web based
<swift> screen-x... im trying to get a "best practice" here
<os_> this is my last question sorry
<screen-x> swift: If you server is internet facing then you definitely need to stau up to date with the updates in the security repos, you can get apticron or something like that to email you when they are available, then only reboot if there is a kernel update involved.
<swift> ok
<screen-x> os_: resourcespace, greenstone?
<corden> screen-x, oic. but i want to experiment with server partitioning
<screen-x> corden: LVM is great for that, you can create/delete/shrink/grow LVs, you can move them between disks and do all sorts.
<corden> i open lot of informative site but have mix partition scheme
<corden> but i guess i will try what you suggested
<corden> since i only got 10GB hdd
<os_> thank you screen-x now I got a great  keyword to google for this is enough from people like you
<os_> Let me copy and paste them to fire fox
<corden> and by the way which of the two you use? selinux or apparmor(default)
<screen-x> corden: I use apparmor, but I also use virtualisation to separate applications.
<corden> ah, separating your lamp, file other type of servers? i uses vbox in vmachine
<screen-x> corden: yeah, I'm currently using *cough* vmware, but hope to be able to move to UEC or something kvm based.
<corden> :)
<corden> ok tnx for the info
<blackbear> is there a channel for security / encryption?
<swift> guys, what command will tell me the linux distro?
<swift> uname -a f\doesnt give the necessary info
<soren> lsb_release
<swift> No LSB modules are available.
<swift> i got that message
<soren> That's the Right Way[tm] to do it.
<Pici> swift: lsb_release -a
<soren> Do you need to do this programatically?
<soren> Or are you just poking around from a shell?
<swift> shell
<swift> bash
<soren> swift: /etc/issue usually has a hint.
<swift> ok thanks!
<swift> got it
<heynow> hey all is there a way to inject module mptsas into 8.04 installer?
<heynow> 9.10 picks up the controller and loads the modules but not from the LTS installer
<jiboumans> zul: morning!
<zul> jiboumans: hey
<jiboumans> zul: thanks for being flexible; can i give you a call now?
<zul> jiboumans: sure
<zul> wow
<zul> i havent used virt-manager on lucid yet
<uvirtbot> New bug: #522225 in mysql-dfsg-5.1 "permissions incorrect on libmysqlclient16_7.0.9-1_amd64.deb" [High,Fix released] https://launchpad.net/bugs/522225
<BeardedChimp> How can I restart the usb system so that udev is forced to redetect the devices without having to reboot the system (n.b. I can't just plug and unplug them)
<thafreak> In lucid, will clvm not depend on cman then?
<thafreak> I've done some reading and it seems possible to use clvm with openais, but you need to rebuild the clvm package to do that...
<BeardedChimp> Oh and I'm running jaunty
<thafreak> Since it seems RHCS is being demoted, are there any plans to update clvm?
<ivoks> thafreak: yes
<uvirtbot> New bug: #523868 in samba (main) "FFe request: samba upstartification" [Low,New] https://launchpad.net/bugs/523868
<thafreak> ivoks: so for lucid, clvm will be able to use openais?
<ivoks> thafreak: openais and corosync
<thafreak> Is there a bug of blueprint for this I can subscribe to?
<thafreak> oops, bug or blueprint
<ivoks> https://blueprints.edge.launchpad.net/ubuntu/+spec/server-lucid-cluster-stack
<ivoks> but there's nothing specific for clvm
<thafreak> That's fine...I'll probably hold off on trying to set up clvm until lucid then.
<thafreak> Are the changes to clvm in the current alpha?
<thafreak> I guess I could get a head start on testing with an alpha...
<ivoks> thafreak: nope, it still depends on cman
<ivoks> hopefully, this change would get in before alpha3
<thafreak> excellent, when's alpha3 scheduled for release?
<ivoks> next week
<ivoks> but if you want, you could add my ppa and use clvm from there
<ivoks> any testing is welcome
<thafreak> cool...I may just do that...
<thafreak> what's your launchpad id?
<ivoks> ivoks
<thafreak> ok, wasn't sure if it differed from your irc handle...thanks for your help
<ttx> smoser: around ?
<ivoks> zul: around?
<zul> ivoks: kind of? whats up
<ivoks> zul: i was wondering if you would have time to sponsor my amavisd-new-postfix addition for amavisd-new
<zul> ivoks: sure
<zul> bzr branch or debdiff?
<ivoks> debdiff
<zul> k url?
<ivoks> zul: http://www.init.hr/dev/amavisd-new.debdiff
<zul> ivoks: dont you need a ffe?
<ivoks> i probably do
<ivoks> i'll file it up with the rest of them
<zul> ivoks: please do so and then ping me again
<ivoks> zul: will do
<zul> thanks
<ivoks> thafreak: there, clvm is packaged
<ivoks> in ppa
<thafreak> Cool, thanks!
<ivoks> please test it
<ivoks> i haven't had time to do that
<ivoks>   locking_type not set correctly in lvm.conf, cluster operations will not work.
<ivoks> that sounds promissing :)
<ivoks> thafreak: i just noticed that ocf is missing
<thafreak> ivoks: ocf? as in oracly filesystem?
<thafreak> I'm purely interested in clvm, nothing else...
<ivoks> no
<ivoks> ocf resource, for pacemaker
<thafreak> Ah, ok...is that needed for clvm to work?
<ivoks> well, if you want to tie it with pacemaker, yes
<thafreak> I'm sort of new to this...I've only ever used RHCS on redhat and that was a while ago (and a giant pain)
<ivoks> pacemaker is much easier
<thafreak> pacemaker, does that do the heartbeat/failover stuff?
<ivoks> yes
<thafreak> hmm...well I will be interested in that eventually, but not necessarily ATM
<thafreak> I'm setting up 2 KVM hosts, with shared iscsi between them...so I want clvm so I can use LV's for vm storage
<thafreak> eventually, it'd be nice to support migration if there's hardware failure, and I'm guessing pacemaker would be needed then...
<thafreak> but initially, I don't mind doing manual failover...
<ivoks> http://oss.clusterlabs.org/pipermail/pacemaker/attachments/20090427/a62cf2ac/attachment.dll
<ivoks> there it is
 * RoAkSoAx frustrated cause loadbalancers dont loadbalance... I wonder if that's because Im using VMs?
<uvirtbot> New bug: #523896 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/523896
<Jeeves__> RoAkSoAx: What are you loadbalancing?
<RoAkSoAx> Jeeves__, webservice. I;m actually testing keepalived/ipvsadm to backport latest keepalived to Karmic :)
<Jeeves__> RoAkSoAx: You could assume that ipvsadm tries to keep sessions together
<RoAkSoAx> Jeeves__, ivpsadm sends directly to inActConn
<RoAkSoAx> Jeeves__, you can follow it up here: https://bugs.launchpad.net/bugs/496932
<uvirtbot> Launchpad bug 496932 in keepalived "Keepalived haven't LVS support" [Medium,In progress]
<RoAkSoAx> however I'm seriously thinking is because I'm using a VM Testing Environment and for some weird reason, ipvsadm is not able to NAT to the real servers
<kaushal> hi
<kaushal> ivoks, hi again
<kaushal> Thanks for your email
<kaushal> I have replied you on that email thread
<kaushal> please suggest
<ivoks> thafreak: http://pastebin.com/m3865011f
<ivoks> thafreak: it's doable; next lvm upload will include RA file (OCF)
<ivoks> kaushal: i haven't seen your mail
<ivoks> kaushal: did you download ubuntu 8.04.4?
<kaushal> yes
<ivoks> and does installation work?
<ivoks> from cd
<kaushal> ivoks, it worked fine with 8.04 too
<kaushal> I enabled SAS Controller in the bios
<ivoks> so, only pxe install doesn't work?
<kaushal> yeah
<kaushal> i get that message
<ivoks> i said, you need to update pxe boot
<ivoks> on server that has tftpd
<ivoks> it's serving old kernel
<ivoks> and when installer starts and connects to internet
<ivoks> it looks for modules for that kernel
<ivoks> and there are no modules for it
<ivoks> therefor it can not find your controler
<kaushal> ok
<ivoks> is another ubuntu server providing tftp service?
<kaushal> are you referring to tftpd /diskless kernel image or /var/www/ubuntu folder structure ?
<kaushal> did not understand that
<ivoks> kernel image
<ivoks>  on my server, it's in /var/lib/tftpboot
<ivoks> it's very easy to fix it
<ivoks> just remove everything from there
<ivoks> and download latest hardy netboot
<ivoks> there's a really nice howto
<ivoks> https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install
<kaushal> ah you mean netboot image
<kaushal> ?
<ivoks> you can't miss with these
<kaushal> http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-amd64/current/images/netboot/
<ivoks> that's right
<kaushal> got it
<kaushal> Thanks a Lot
<kaushal> sorry for the trouble
<ivoks> just mirror that to your server
<kaushal> sure
<ivoks> lftp -c "open http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-i386/current/images/netboot/; mirror"
<ivoks> or amd64
<kaushal> ok
<kaushal> so run that command in the command line
<ivoks> inside your tftp directory
<ivoks> i don't know which tftpd you use
<ivoks> i've provided you a link that covers everything
<kaushal> sure
<kaushal> i use tftp-hpa
<kaushal> ivoks, Thanks again
<ivoks> then go to /var/lib/tftpboot
<ivoks> delete everything inside
<ivoks> and run that command
<ivoks> then boot your server
<ivoks> mathiaz: http://pastebin.com/m3865011f
<kaushal> ok
<ivoks> mathiaz: isn't that awesome? :)
<mathiaz> ivoks: cool!
<ttx> kirkland: bug 523826
<mathiaz> ivoks: is that with packages from the ubuntu-ha ppa?
<uvirtbot> Launchpad bug 523826 in eucalyptus "Second node autoregistration fails with "Not a candidate for local cluster" error" [High,Fix committed] https://launchpad.net/bugs/523826
<mathiaz> ivoks: or with packages from the lucid archive?
<ivoks> mathiaz: yes, with addition of lvm2 from my ppa
<ivoks> mathiaz: well, corosync and openais are from ubuntu-ha
<ttx> kirkland: feel free to box it with a few of your fixes and release, we need it for a3 candidates
<ivoks> mathiaz: cluster-glue, cluster-agents, pacemaker and heartbeat are still in the queue on launchpad
<ivoks> mathiaz: but there are no differences; those on ubuntu-ha or my ppa are the same as those sent to lucid archive
<mathiaz> ivoks: so what's the state of the cluster stack spec now that FF is in effect?
<mathiaz> ivoks: have all the packages been uploaded to the lucid archive?
<ivoks> mathiaz: all componentes are in archive
<ivoks> mathiaz: all deps have mir filled and except one all are already 'fix commited'
<mathiaz> ivoks: great! Looks like everything is on the right track then
<ivoks> mathiaz: once openhpi is also accepted, cluster-glue|agents, heartbeat, pacemaker go to main
<ivoks> i'd say it is
<mathiaz> ivoks: awesome work!
<ivoks> lets wait till is done completly
<ivoks> we might decide on https://bugs.edge.launchpad.net/ubuntu/+source/openhpi/+bug/515976
<uvirtbot> Launchpad bug 515976 in openhpi "[MIR] openhpi" [Undecided,Incomplete]
<kirkland> ttx: please go ahead and release as soon as you have a fix you're happy with
<ivoks> pitti asks if we are commited to support openhpi
<kirkland> ttx: no need to wait on me to roll fixes together, IMO
<ttx> I'm happy with my fix. I kinda like patches that are one character long
<kirkland> ttx: :-D
<mathiaz> ivoks: what do we loose if openhpi doesn't go into main?
<ttx> kirkland: ok, releasing then
<ivoks> mathiaz: support for IBM BladeCenter
<smoser> ttx, here now.
<ivoks> mathiaz: it's used to stonith servers in blade
<smoser> i just saw the euca call topic, and wished i would have called in
<ttx> smoser: https://bugs.launchpad.net/bugs/523832
<uvirtbot> Launchpad bug 523832 in cloud-init "20100218 fails to boot on UEC: 'time' is not defined" [High,Confirmed]
<smoser> yeah. i just see. :-(
<smoser> shouldn't fail to completly boot
<ttx> smoser: On the good news side, i didn't reproduce mathiaz's issue :)
<smoser> everything else shoudl be up, just the motd busted.
<mathiaz> ttx: which one?
<ttx> mathiaz: bug 522292
<uvirtbot> Launchpad bug 522292 in ubuntu "Lucid UEC image 20100215 unable to start on UEC" [Undecided,Incomplete] https://launchpad.net/bugs/522292
<ttx> mathiaz: mine starts to boot alright
<ttx> it even keeps on "running"
<ttx> smoser: I just can't ssh in
<ttx> and there are those scary messages in console-output
<ttx> "time is not defined", speaking like Einstein
<mathiaz> ivoks: what's the level of maintainaince in Debian for openhpi?
<smoser> ttx, ssh should function.
<mathiaz> zul: so no php 5.3 in lucid?
<smoser> the fix is easy, but i'll look at it.
<zul> mathiaz: no im looking at FFE
<ivoks> mathiaz: i'd say quite good
<ivoks> mathiaz: http://packages.qa.debian.org/o/openhpi.html
<ivoks> same maintainer for 4 years
<kaushal> ivoks, what does l mean in lftp ?
<kaushal> just curious to know
<ivoks> it's the name of the program
<ttx> smoser: no key shown in output, looks like it blocks quite early
<ttx> smoser: maybe the blockage is unrelated to the error message ?
<smoser> probably. i'll look at it though.
<zul> mathiaz: the debian guys are still fixing up the testsuite
<ivoks> take care, i'm off for today
<smoser> ttx, i'll get it fixed asap
<ttx> mathiaz, kirkland: I rewrote Dustin's PHP script in python and started configuration-filing it at lp:~ttx/+junk/boot-uec
<kirkland> ttx: nice!
<ttx> kirkland: trying to get rid of those tmpfile and system calls :)
<ttx> Still struggling with some of the language support, to get the right keyboard
<mathiaz> ttx: I did the same as well: http://bazaar.launchpad.net/~mathiaz/+junk/install-srv/files
<mathiaz> ttx: I didn't port everything though
<mathiaz> ttx: and the boot.py script was built around http support in gPXE
<ttx> mathiaz: I just couldn't get gPXE running correctly
<ttx> didn't find the time to fully debug why
<mathiaz> ttx: now that we have 3 scripts in some different variant we should schedule a session at UDS to merge all of this
<ttx> mathiaz: sure !
<ttx> mathiaz: mine includes the magic "run eucalytpus from local repo"
<ttx> so you publish to a local repo and check the "use local repo" checkbox.
<mathiaz> ttx: and I think there's already a blueprint registered about that a PXE installation service
<ttx> and voila
<mathiaz> ttx: and there is cobbler as well ;)
<ttx> mathiaz: you did see my email about PXE booting a UEC installer from mirror+localrepo ?
<ttx> mathiaz: there are a few nice hoops to jump through to succeed
<mathiaz> ttx: I think so
<mathiaz> ttx: it's in my archive somewhere
<ttx> mathiaz: I just integrated much of those hoops into my branch
<ttx> mathiaz: also used the yaml config to outsource differences between dustin's setup and mine
<mathiaz> ttx: IIRC it's mostly about generating the correct preseed
<ttx> mathiaz: yes, a creepy early_command and a few other classic preseed values.
<ttx> + some mangling of Release files in your localrepo
<ttx> (but that's separate)
<ttx> makes me think, I should publish that as well.
<zul> mathiaz: fyi mysql is fixed
<mathiaz> zul: great - how did it get fixed?
<zul> mathiaz: the soyuz guys fixed it
<mathiaz> zul: by doing what?
<zul> mathiaz: black magic im not sure slangasek told me its fixed
<smoser> ttx, are you able to test a fix on that ?
<smoser> would require cracking open image and re-registering
<ttx> smoser: hm, I just closed my cloud
<ttx> smoser: explain
<KristianDK> Do you guys know how i can install the da locale package?
<smoser> see my comment in bug.
 * ttx restarts
<smoser> the fix is easy as 'import time' in cloudinit/boto_utils.py
<smoser> but unfortunately, the fact that htat code was hit means the metadata service wasn't around
<smoser> which may point to Euca thing. with the 'import time' it would sleep and try again
<ttx> smoser: i suppose you should commit the fix anyway ?
<smoser> well yes
<smoser> :)
<juliux> hi
<smoser> but i'm just interested in seeing if there is a Euca bug now
<ttx> smoser: then i'll test tomorrow's images, it's EOD here :)
<smoser> alright.
<ttx> smoser: or convince Dustin to run it :)
<juliux> is it right that there is no xen kernel for lucid?
<smoser> so, ttx, or kirkland, or mathiaz where would you suggest i start to install a UEC right now
<kirkland> ttx: i'm just about to install UEC on the test drig
<smoser> ie, install from media
<kirkland> smoser: local hardware?
<ttx> kirkland: running todays image you'll fall into https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/523832
<uvirtbot> Launchpad bug 523832 in cloud-init "20100218 fails to boot on UEC: 'time' is not defined" [High,Confirmed]
<ttx> kirkland: follow smoser's advice to pass the first hurdle
<kirkland> ttx: k
<smoser> i think you *may* fall into that
<ttx> kirkland: correction: you /may/ fall into that bug
<smoser> its possible its timing
<ttx> heh
<smoser> but if not timing then more
<ttx> Only tried once, I must admit
<ttx> and on first image registration
<smoser> but i've never seen the "no metadata service up yet" bug for euca, only on ec2
<ttx> anyway, confirming it would be a good data point
 * ttx EODs
<kaushal> while installing Ubuntu 8.04 amd64 Bit server using CD Image, does it fetch the kernel image from the internet ?
<kaushal> since pxe install has kernel image in /var/lib/tftpboot
<kaushal> am i understanding it correctly ?
<kaushal> the reason why i am asking is the CD install works perfectly fine
<kaushal> while the pxe install fails
<kaushal> since netboot kernel image is obsolete
<kaushal> has ivoks left for the day here ?
<smoser> kirkland, where are you starting for an UEC install ?
<kaushal> ivoks you around ?
<RoAkSoAx> kaushal, most probably
<kaushal> RoAkSoAx, ?
<RoAkSoAx> kaushal, ivoks gone for the day
<kaushal> ah ok
<kaushal> Thanks
<kirkland> smoser: on the machines in Canonical's test lab
<kaushal> can someone answer to my query ?
<smoser> mathiaz, https://bugs.launchpad.net/bugs/523625
<uvirtbot> Launchpad bug 523625 in cloud-init "Wrong archive mirror temporarily set during the boot process" [Undecided,New]
<smoser> why "wrong archive mirror" ?
<raendeer> trying to install hardy-lts from usb to a sata drive.. the installer only shows the usb drive, not the sata
<smoser> what is wrong about it ? i thought you said it was right
<dhastha> need help: how to configure and install heartbeat in ubuntu
<mathiaz> smoser: it's right at the *end* of the boot process
<mathiaz> smoser: but not during the boot process
<mathiaz> smoser: IIUC this is what happens:
<mathiaz> smoser: cloud-config-puppet: apt-get update -> fetches from archive.ubuntu.com
<mathiaz> smoser: then apt sources.list is modified to use the local ec2 mirrors
<smoser> right. so your 'started' does not indicate finished
<raendeer> trying to install hardy-lts from usb to a sata drive.. the installer only shows the usb drive, not the sata drives? with amd64
<mathiaz> smoser: then cloud-config-puppet: apt-get install puppet fails
<smoser> but 'started'
<smoser> ie: start on started cloud-apt-update-upgrade
<mathiaz> smoser: right - that's what I though as well
<smoser> thats what i was asking about.
<smoser> (thats what i was asking about yesterday)
<kaushal> :(
<smoser> you need to run after that thing finishes.
<dhastha> need help on heartbeat installation
<dhastha> anybody know about heatbeat
<kaushal> checking in again for my query ?
<nunor> hi
<nunor> I have an ubuntu server 9.10 running. Fixed public IP but no reverse DNS possible (for smtp use). I have another linux server who acts as smtp server (with rdns) and I have whitelisted my ubuntu server. How can I configure postfix to send the mails to my another server instead of sending it directly to the internet? Thanks
<sherr> nunor: see "relayhost" and http://www.postfix.org/BASIC_CONFIGURATION_README.html
<inveratulo> At what point can I choose to install JeOS ?
<ksoviero> inveratulo, at boot, when you hit f6 (i think) it lets you choose JeOS
<inveratulo> ksoviero: hrm, not seeing it there...
<inveratulo> says I can install a minimal virtual machine, but I'm trying to get a host OS up and running
<inveratulo> I think I figured it out
<ksoviero> inveratulo, at boot, when you hit f6 (i think) it lets you choose JeOS VMs.
<ksoviero> woopse
<ksoviero> inveratulo, i meant, JeOS is for VMs, or at least meant for it, but can be used elsewhere
<inveratulo> ksoviero: yea i understand that, i'm trying to make sure i install ubuntu-server with the jeos kernel, looks like i'll have ot do it through expert mode
<smoser> mathiaz, you want to sponsor bug 523625
<uvirtbot> Launchpad bug 523625 in cloud-init "Wrong archive mirror temporarily set during the boot process" [Medium,In progress] https://launchpad.net/bugs/523625
<smoser> please ?
<wathek> hello all
<wathek> can I add this repos to my sources.list : deb http://ftp.fr.debian.org/debian/ lenny main contrib non-free
<aleyva> i've seen a strange behavior with open-iscsi in 9.04 and 9.10, is this the right place to ask?
<zul> mdeslaur: i updated the apparmor rule for mysql finally
<smoser> well, seeing as mathiaz isn't around, can someone (zul) sponsor the cloud-utils package at bug 523625
<uvirtbot> Launchpad bug 523625 in cloud-init "Wrong archive mirror temporarily set during the boot process" [Medium,In progress] https://launchpad.net/bugs/523625
<mdeslaur> zul: uh...I'm not aware of that...jdstrand maybe?
<zul> jdstrand: ^^^
<jdstrand> mdeslaur: thanks zul
<jdstrand> heh
<jdstrand> zul: thanks
<zul> smoser: yeah sure gimme a sec
<mdeslaur> zul: thanks
<jdstrand> mdeslaur: just stay out of it already!
<mdeslaur> zzzzzz
<jdstrand> :)
<aleyva> we have an equallogic and a poweredge with four nic's, two of them are connected to the equallogic, the PE is running ubuntu 9.04
<jdstrand> I don't know how I typed that...
<aleyva> we have the eql LUN's running fine, with open-iscsi
<aleyva> but when we reboot the server dont login to the targets
<aleyva> in /etc/init.d/open-iscsi, at line 93, we have:
<aleyva>         ISCSI_TARGET_NB=$(cat /etc/iscsi/nodes/*/*/iface* 2>/dev/null| grep -c automatic)
<aleyva> the original line is:
<aleyva>         ISCSI_TARGET_NB=$(cat /etc/iscsi/nodes/*/*/default 2>/dev/null| grep -c automatic)
<aleyva> the problem is that we dont have a "default" file at each node dir, thats why we have changed it to "iface*"
<aleyva> i dont know if we should have a "default" file
<zul> smoser: umm...did you bump the changelog entry?
<smoser> i thought so
<smoser> yeah
<smoser> archive is 0.5.5-0ubuntu1
<zul> so there isnt a -ubuntu2?
<zul> ok
<zul> ill do it
<smoser> this is 0.5.5-0ubuntu2
<smoser> zul, http://paste.ubuntu.com/379301/
<smoser> zul, i just tested
<zul> smoser: k done
<tbc> aleyva: I don't have an answer to your open-iscsi questions. If no one speaks up on this channel, you may have simply missed being online at the same time as a knowledgeable person who can help. You may want to write to ubuntu-server@lists.ubuntu.com (list info <https://lists.ubuntu.com/mailman/listinfo/ubuntu-server>)
<ChmEarl> on karmic, does the r8169 driver work for RTL8111/8168B nic?
<ChmEarl> for latest kernel 2.6.31-19-server?
<ChmEarl> I went into rescue mode and the nic works with the generic kernel, but fails with the server kernel
<smoser> zul thanks.
<ChmEarl> can I do a kernel update in rescue mode (booting from CD)?
<David_B> hello. i have a machine which i can install ubuntu desktop on fine, but will not correctly install server. i am not sure why this is the case
<David_B> the issue is at the grub bootloader stage of install
<ChmEarl> David_B, if you are multi-booting with other distros, you don't need to use that bootloader
<David_B> ChmEarl: new machine, nothing else on there
<ChmEarl> k, you are stuck with it :)
<David_B> chmeark: aye, but it won't instal!
<ChmEarl> do you have /boot partition and its ext2?
<ChmEarl> did you install with all defaults?
<David_B> don't know, and yes
<DrNick_> silly question, i assume a reboot is still required after updating the kernel or kernel modules? only I remember reading something somewhere about it not being required in some situations
<ChmEarl> David_B, so the install failed. Did you try to go into rescue mode and see if root is OK?
<David_B> chmearl: hmm, no, let me boot from cd again
<DrNick_> David_B: out of interest did you set up RAID or LVM voluems on the root device?  grub can't boot from an LVM partition, you'd have to use LILO in that instance
<David_B> AHA
<David_B> That must be it
<David_B> yeah, was just doing defaults and 'LVM' was default
<DrNick_> :)  it should offer to install LILO for you however
<David_B> hmm, i seem to remember trying that, and it not working
<DrNick_> odd
<David_B> but I'll try again
<DrNick_> if in any doubt however, create a partition for /boot which isn't on an LVM or RAID volume, then boot from that and set everything else up as you please
<DrNick_> only needs to be 100MB or so
<David_B> err, I only have my raid disks
<David_B> would a USB pen drive do?
<DrNick_> well no, reserve 100MB or so at the start of one drive for the /boot partition then use the rest of the drive for your linux RAID partitions
<David_B> rightâ¦ so would i need to un-raid my drives, partition them using the installer and then re raid them?
<David_B> it's hardware raid off my modo
<DrNick_> i'm afraid so yes
<David_B> *mobo
<DrNick_> ah
<DrNick_> i thought you meant you were using linux's softraid
<David_B> nope
<DrNick_> in that case that does somewhat confuse things... at least it can do.
<David_B> okâ¦ would i be best off starting off without raid and going from there?
<DrNick_> does the linux install program see your RAID'd drives as a single disk or as individual drives?
<David_B> single disk i think
<David_B> well, used toâ¦ now it see it as all kinds of rubbish as i've installed and reinstalled and fiddlled around so much
<DrNick_> my advice - disable the RAID on the mobo, and use linux software RAID which is probably faster anyway if the truth is told
<David_B> ok, I always thought hardware raid was faster, but this is just for a home web server so I guess it doesn't matter too much
<DrNick_> most if not all "RAID" chips on  motherboards aren't true hardware RAID anyway and are usually more trouble than they're worth.  disable it, and set up RAID under linux if you need/want it
<David_B> and I should be able to use grub with that? do you still recommend having a /boot partition on one disk?
<DrNick_> grub can boot from mirrored drives just fine
<David_B> so i install unraided, and then can I set up RAID after it's all booting ok?
<DrNick_> but if it's RAID5 you want, forget it you need a /boot partition.  if it's just disk mirroring you're doing however then you're fine
<David_B> no, RAID1
<David_B> by the way, thanks very much, you've been extremely helpful
<DrNick_> the steps you take should roughly be 1) disable RAID on the mobo, 2) boot the installer, 3) when asked about partitioning, nuke any and all partitions on your disks, i.e. initialise the partition table on each.  then set up the partitions as you like.  if you want RAID, create linux raid partitions on the drives, then you can do all your RAID setup from the installer itself
<David_B> excellent, I'll give it a go!
<DrNick_> :)
<DrNick_> good luck
<David_B> should I use LVM?
<David_B> bearing in mind I'm not entirely sure what it actually is
<DrNick_> if you're not entirely sure about it then either take the time to read up on it a little first (as there are concepts involved you really should understand before using it), or don't bother using it.
<DrNick_> in general i wouldn't think it'd be required for a web server anyway
<DrNick_> out of interest, i assume no one else had the answer to my original question then
<ChmEarl> DrNick_, I had to reboot after kernel update, so yes
<DrNick_> ok thanks ChmEarl
<ChmEarl> and my new kernel was picked fine
<David_B> I cannot seem to delete all the partitions, they say they are in use by 'ubuntuserver'
<DrNick_> select each disk in the list and press <Enter>, it should tell you it's about to initialise the partition table
<guntbert> David_B: you have to do it from the install/live CD - not from a running system (rescue counts as running)
<David_B> I am doing it from the instal
<David_B> the following things are listed: LVM VG ubuntu server, LV root - 497.4 GB
<David_B> LVM VG ubuntuserver, LV swap_1 â2.3GB
<David_B> Then my two hard drives, each with a 499.7 GB primary LVM partition and 361.9 of free space
<DrNick_> yeah, that must be from before... you migt have to go in and remove the LVM volumes first.... or actually restart the install, and when asked if you wish to activate existing LVM volumes say NO
<David_B> there doesn't appear to be an option to remove I'm afraid
<DrNick_> then you should be able to nuke all the patitions and start again
<David_B> how would i do that?
<David_B> I can't see any 'nuke' option :P
<DrNick_> reboot it.  restart the install, when it asks if you want to activate your LVM volumes say NO.  then you'll get the list as before, but without the LVM volumes listed at the bottom.  then you'll be able to remove the existing partitions and start agian
<David_B> ok, I'll try that, thank you
<David_B> err, the installer didn't ask me about lvm options
<David_B> do I need to go into a more advanced mode?
<DrNick_> what happens when you select the first hard disk in the list and press <Enter> with the highlight over it
<David_B> it says I cannot modify the disk because the primary partition is in use by the ubuntuserver lvm thing
<DrNick_> ok, what you'll have to do then, there will be a menu option for modifying the LVM config.  go into that, remove all the logical volumes, then remove the volume group.  basically you'll get a further menu with options, use that to remove the LVM volumes
<DrNick_> they're what the installer from before would have created
<David_B> ok
<ChmEarl> for managing services in Centos, I used chkconfig. What to use here for karmic?
<ChmEarl> I know about /etc/init.d/<srvc>
<David_B> ok, Dr Nick, that half workedâ¦ I was able to delete the logcal volumes and the volume group
<David_B> and then could go back and delete all the partitions on one of the disks
<DrNick_> ok good
<DrNick_> but... lol
<David_B> though there is still one LVM partition on one disk that won't go away (same issue as before)
<David_B> lvm volume group in use by ubuntu server
<David_B> oh wait, did it again
<David_B> needed to do it for both disks :p
<DrNick_> :)
<DrNick_> ChmEarl: best thing to use is possibly sysv-rc-conf
<ChmEarl> checking it out now
<sherr> ChmEarl: update-rc.d is the most similar - fairly straightforward.
<sherr> ChmEarl: see also : man service
<DrNick_> i wouldn't recommend update-rc.d - as it says in the man page, it's mostly for use in scripts.  sysv-rc-conf is most like chkconfig and has a nice menu interface also if required
<uvirtbot> New bug: #524095 in postfix (main) "Do I need postfix on my local machine ?" [Undecided,New] https://launchpad.net/bugs/524095
<RoyK> PROCS CRITICAL: 411 processes with STATE = RSZDT
<uvirtbot> New bug: #524101 in eucalyptus (main) "optionally fetch public ssh keys from Launchpad when starting an instance" [Undecided,New] https://launchpad.net/bugs/524101
<lijil> if i install the bugzilla 3.2 package in karmic, then manually install the latest bugzilla from bugzilla.org, will apt overwrite if ubuntu pushes out a new release in the future?
<lijil> this may apply to some of the other 'web' apps that there are packages for, like mediawiki
<mathiaz> kirkland: hey - are you done with the UEC testing on tamarind?
<kirkland> mathiaz: mostly
<kirkland> mathiaz: i'm running an instance
<kirkland> mathiaz: i can't ssh to it though
<mathiaz> kirkland: do you plan to do any more reinstall?
<uvirtbot> New bug: #522292 in cloud-utils (main) "Lucid UEC image 20100215 unable to start on UEC" [High,In progress] https://launchpad.net/bugs/522292
<kirkland> mathiaz: oh, i'm on the wrong machine
<kirkland> mathiaz: i think i'm done
<kirkland> mathiaz: you can have it
<mathiaz> kirkland: great - I'll test the iso support then
<kirkland> mathiaz: i marked the functional tests task i have done
<kirkland> mathiaz: i don't think i can do any scalability/performance testing
<kirkland> mathiaz: can it?
<mathiaz> kirkland: that's what config_multi.yaml is for - in uec-testing-scripts
<kirkland> mathiaz: hmm
<mathiaz> kirkland: it'll start as many instances as you want
<mathiaz> kirkland: and ssh into them
<mathiaz> kirkland: it tests the scability of starting/stoppping instances
<kirkland> mathiaz: okay
<kirkland> mathiaz: after you're done, i'll try that
<mathiaz> kirkland: making that sure that 1000 instances can be correctly started for example
<mathiaz> kirkland: I'll reinstall a topo1 then
<mathiaz> kirkland: with 4 NCs and one CLC+Walrus+CC+SC
<kirkland> mathiaz: i'll drop all serial consoles
<cef> anyone got a suggestion for getting past Bug #514012 when upgrading from karmic to lucid (server, no X)?
<uvirtbot> Launchpad bug 514012 in mountall "cyclic dependency between mountall and libplymouth" [Undecided,New] https://launchpad.net/bugs/514012
#ubuntu-server 2010-02-19
<cef> Any ideas on how to get past Bug #514012 when upgrading from karmic to lucid (server, no X)?
<uvirtbot> Launchpad bug 514012 in mountall "cyclic dependency between mountall and libplymouth" [Undecided,New] https://launchpad.net/bugs/514012
<cef> has no one using server tried upgrading to lucid since the 29th Jan since this bug appeared?
<uvirtbot> New bug: #524142 in nis (universe) "on shut or reboot, sticks on "shutting down alsa"" [Undecided,New] https://launchpad.net/bugs/524142
<uvirtbot> New bug: #524143 in postfix (main) "#522797" [Undecided,New] https://launchpad.net/bugs/524143
<mathiaz> kirkland: hi!
<mathiaz> kirkland: were you able to install UEC on the test rig?
<kirkland> mathiaz: huh?
<mathiaz> kirkland: I'm running into bug 524147
<uvirtbot> Launchpad bug 524147 in eucalyptus "UEC NC failed to fetch preseed.conf from CC using lucid-server-amd64-20100218" [Undecided,New] https://launchpad.net/bugs/524147
<kirkland> mathiaz: i thought you were reinstalling with 4 nodes?
<kirkland> mathiaz: i was able to install topo2 earlier today
<mathiaz> kirkland: yes - the CLC+Walrus+CC+SC is working
<mathiaz> kirkland: but the NCs fail
<kirkland> mathiaz: hmm, i got a nc working
<mathiaz> kirkland: was there an upload of eucalyptus that could have fixed bug 524147?
<mathiaz> kirkland: I'm using an iso rather that the archive
<mathiaz> kirkland: so this is with 1.6.2-0ubuntu1
<kirkland> mathiaz: hmm, i did one upload today, fixing bug #523826
<uvirtbot> Launchpad bug 523826 in eucalyptus "Second node autoregistration fails with "Not a candidate for local cluster" error" [High,Fix released] https://launchpad.net/bugs/523826
<mathiaz> kirkland: hm well. I don't know then.
<mathiaz> kirkland: at least I can confirm that the scripts on tamarind are working with isos
<cef> kirkland: btw: I'm trying to see if lucid has the same issue as karmic with Bug #495394 , but I can't upgrade the host cos of #514012 so it might be a while before I can help on that. :(
<uvirtbot> Launchpad bug 495394 in libvirt "autostart almost always fails on boot time host" [Medium,Confirmed] https://launchpad.net/bugs/495394
<kirkland> cef: okay
<mathiaz> kirkland: I suggest you take the test rig to conduct the rest of your tests
<cef> (more just a fyi, but any help with #514012 would of course be nice.. #ubuntu+1 has been no help now for 2 days... :(
<kirkland> mathiaz: um, not sure i can do much if it's busted as such
<kirkland> mathiaz: i'm about to call it a night anyway
<mathiaz> kirkland: ok
<uvirtbot> New bug: #524158 in elinks (universe) "needs -dump-charset in elinks.mime" [Undecided,New] https://launchpad.net/bugs/524158
<uvirtbot> New bug: #524159 in postfix (main) "I clicked "cancel" when it tried to install the mail program" [Undecided,New] https://launchpad.net/bugs/524159
<Italian_Plumber> hello.  My syslog is filled with these messages: http://pastebin.com/m43e147ae
<Italian_Plumber> is this something that I need to worry about, or would be slowing down my machine?
<Italian_Plumber> or could lead to data corruption?
<cef> Italian_Plumber: I personally wouldn't trust it seeing that.. but that is more just me than a definitive answer
<cef> Italian_Plumber: what brand/model drive?
<Italian_Plumber> Seagate
<cef> model # ??
<Italian_Plumber> actually Western Digital Caviat Green WD10EADS
<cef> hrm.. no idea but those green drives do have some weird power saving features..
<cef> are you running smartd at all?
<Italian_Plumber> I'm running it through an SATA PCI interface card, so I'm not sure.  I would assume not.
<Italian_Plumber> MB is PCChipps M830LR
<Italian_Plumber> ~8 year old board
<cef> just seen similar errors to that on lkml (google search) when certain versions of smartd is running
<Italian_Plumber> well i'm not sure how I would turn smart support on... siince the drive doesn't show up in the MB's BIOS.  So prolly ont
<cef> fair enough.. but is the smartd daemon running on the machine at all?
<Italian_Plumber> no smartd process, no
<cef> ok.. well that rules that out.
<cef> sorry, dunno. but I'd be watching the data on that drive
<Italian_Plumber> hmm... well thanks for the suggestion anyway.
<kirkland> zul: soren: nijaba: can someone add me to lp:~ubuntu-on-ec2, please?
<maxagaz> can I ping myself by making my computer think I'm another given ip ?
<Roxyhart0> hi guys i am looking for a software to distribute from the server antivirus and applications any idea?
<ChmEarl> how can I alias eth0 with r8169 in Karmic server? which file is for aliases. I have nothing under /etc/modprobe.d
<ChmEarl> nm-I made my own file under /etc/modprobe.d  realtek.conf
<ChmEarl> I blacklist ipv6 and alias eth0 r8169
<ChmEarl> friggin module loads, but eth0 never appears
<ChmEarl> its like there is an LSP/trojan/virus
<ChmEarl> do I have to set the HWADDR from lspci?
<cef> do you have another device as eth0?
<ChmEarl> no- onboard nic rtl 8111/r8168B
<cef> does it show up as eth1 or something else? or not at all?
<ChmEarl> nada
<cef> checked dmesg?
<ChmEarl> only lo and virbr
<ChmEarl> yes dmesg says there is a rename from udev- can't figure why
<ChmEarl> eth0 -> eth1   but it never shows either
<cef> checked /etc/udev/rules.d/70-persistent-net.rules ?
<ChmEarl> not yet - what to look for?
<cef> whatever it gets detected as, it has that name from then on
<cef> the mac of the adapter
<ChmEarl> k - looking now
<cef> it keeps the adapter persistent ALWAYS... so it stays the same.. you can edit that and remove any entries you don't want
<ChmEarl> ah - sounds like the ticket
<cef> np
<cef> might want to remove that alias though
<ChmEarl> there are 2 entries. one mac is right the other strange
<cef> just delete the other line then
<ChmEarl> comment it is OK?
<cef> yup!
<ChmEarl> back in a few. thanks Cef
<cef> np
<oh_noes> is it possible to apt-get install a package, but not start it?
<oh_noes> ie is there a generic deb way to do it?
<JanC> oh_noes: do you mean a server package that normally starts the service?
<oh_noes> Yep
<oh_noes> for example, NTP
<oh_noes> is it possible to "set VAR="DONOTSTART" && apt-get install ntp
<oh_noes> for example?
<JanC> not like that (AFAIK), but depending on whether it uses upstart or sysvinit, you could probably pre-create a config
<cef> oh_noes: don't think so, but I know where you are coming from.. you could possibly unpack it and edit the postinst script to do it, but I doubt anything like that is in there by default
<oh_noes> hrmmm .. i thought a mechanism did exist for this.  Maybe I was just dreaming though
<JanC> editing the postinst script is another possibility yeah
<oh_noes> yeh I know I can do that
<cef> actually yeah JanC's idea is a good one, or you could divert the init.d or upstart script?
<oh_noes> the package is sysvinit
<JanC> more and more services don't start by default anymore
<oh_noes> (eg: ntp)
<JanC> or have a setting in /etc/default/ to handle that
<Roxyhart0> hi i am looking for a scrip to detect who is running a program in the server. somebody have any idea? i mean user, ip?
<Roxyhart0> hi i am looking for a scrip to detect who is running a program in the server. somebody have any idea? i mean user, ip?
<smoser> kirkland, zul or anyone else, if you happen to see this, please accept bug 522292 nomination for lucid
<uvirtbot> Launchpad bug 522292 in cloud-utils "Lucid UEC image 20100215 unable to start on UEC" [High,Fix committed] https://launchpad.net/bugs/522292
<kirkland> smoser: done
<smoser> kirkland, go to bed!
<smoser> or sponsor that bug, either one is fine
<kirkland> smoser: our cloud-utils, cloud-init trees are wicked out of sync
<smoser> :)
<smoser> hm...
<kirkland> smoser: you have a fix?
<cef> kirkland: yeah, weren't you going about 4 hrs ago? ;)
<smoser> its fixed in that branch that is linked. in cloud-utils.
<smoser> so not really fixed, but worked around
<smoser> the real bug is in euca2ools
<kirkland> smoser: let me check
<uvirtbot> New bug: #524226 in openssh (main) "ssh-authorize - retrieve a key from a public keyserver and add to the authorized_keys file" [Wishlist,New] https://launchpad.net/bugs/524226
<kirkland> smoser: okay, this cloud-utils ready for upload, then?
<smoser> i think so. yeah.
<kirkland> smoser: i think we should be versioning these 0.4-0ubuntu1
<kirkland> smoser: or are you versioning them the way you are on purpose?
<smoser> it is 0.4-0ubuntu1 now
<smoser> at least i pushed that just 10 minutes ago
<smoser> https://code.launchpad.net/~ubuntu-on-ec2/ubuntu-on-ec2/cloud-utils
<kirkland> okay, and this is where our branches got out of sync ...
<kirkland> smoser: https://edge.launchpad.net/ubuntu/+source/cloud-utils
<kirkland> smoser: i uploaded a 0.4-0ubuntu1 earlier today
<smoser> for the love of pete
<smoser> i pulled from lp:ubuntu/lucid/cloud-utils tonight
<smoser> i really hate that that gets out of sync
<kirkland> smoser: yeah, well, we just need to get you write access to the same trees that we have
<kirkland> smoser: i asked you to pull from that junk branch of mine earlier
<kirkland> smoser: oh well
<ball> Could I expect Ubuntu Server to run properly on an IBM x3250?
<kirkland> ball: almost certainly yes
<ball> kirkland: Thanks.  I'll be back shortly, I need to go and do something.
<kirkland> smoser: okay, i'm ready to upload
<smoser> ok.
<smoser> revamped ssh-authorize
<smoser> http://paste.ubuntu.com/379529/
<kirkland> smoser: check this ...
<kirkland> http://paste.ubuntu.com/379530/
<smoser> oops. that had a debug in it
<smoser> http://paste.ubuntu.com/379531/
<smoser> that looks fine.
<smoser> basically, my goal with that "dev tree" is to get it with the same ancestry as the cloud-utils
<smoser> as lp:ubuntu/lucid/cloud-utils
<smoser> so that it can be pushed there
<kirkland> smoser: well that's fancier
<smoser> and for the record, i hate 'sh -e'
<smoser> i think its a copout for proper error handling
<kirkland> smoser: i hate scripts that aren't set -e
<smoser> thats because you've been brainwashed by debian
<smoser> no offense to anyone here
<twb> smoser: the "proper error handling" part is a trap ERR in the body.
<twb> IME, sh scripts *WILL NOT EVER* be able to manually catch all possible error conditions.
<smoser> but seriously, set -e is like coding in C with assert() wrapping everything
<smoser> twb that is no different in sh than it is in any other programing language
<smoser> s/no different/no more true/
<twb> smoser: so instead of doing that, you'd rather just let that NULL propagate all the way up the call tree before it fails?
<kirkland> smoser: okay ffs
<smoser> ffs?
<twb> For Fuck's Sake
<kirkland> for fucks sake
<smoser> ah.
<smoser> anyway.
<kirkland> smoser: the two different branches are driving me nuts
<smoser> yes, but seriously, catching the errors as they come and giving reasonable output to the user rather than just exiting and leaving the output in some borked state is not nice
<smoser> err... thats not a sentance
<kirkland> smoser: okay, i need you do to this synchronously for me
<smoser> do what?
<kirkland> smoser: pull from my branch
<kirkland> smoser: and then push upstream
<kirkland> smoser: and then i will re-pull from you, sponsor and upload
<smoser> ok. where is your branch ?
<kirkland> lp:~kirkland/+junk/cloud-utils
<twb> smoser: "just exiting" means that you haven't used a trap ERR.
<smoser> which no one ever does when they use set -e
<twb> I do.
<kirkland> smoser: i use traps
<twb> There's no point trapping ERR if you don't set -e.
<kirkland> smoser: when necessary
<twb> e.g. http://twb.ath.cx/Preferences/.bin/with-temp-dir
<smoser> i trap exit and cleanup correctly.
<twb> Hmm, bad example :-)
<smoser> in my experience, more scripts that have 'set -e' just stop, leaving me no idea why it failed (often no indication that it did).
<smoser> so anyway
<smoser> yeah, you can do it right
<smoser> either way.
<twb> trap 'echo >&2 "$0: unexpected failure."' ERR
<smoser> i prefer || fail "message"
<smoser> kirkland, so what branch ?
<twb> smoser: you can still use those and have an ERR trap as your fallback for all the cases your "do it by hand" forgot about.
<kirkland> smoser: <kirkland> lp:~kirkland/+junk/cloud-utils
<kirkland> <smoser> ok. where is your branch ?
<kirkland> <kirkland> lp:~kirkland/+junk/cloud-utils
<smoser> i'll merge.
<kirkland> smoser: i fixed the versions, and tagged the latest release
<kirkland> smoser: as soon as you can push that to the upstream, i'll upload the changes file i've signed
<smoser> wait.
<smoser> i just pulled that. latest revision is '7'
<smoser> message:
<smoser>   releasing version 0.3ubuntu1
<kirkland> huh?
<kirkland> smoser: pull again
<kirkland> smoser: what's head -n1 debian/changelog ?
<kirkland>   	
<kirkland> 11. releasing version 0.5-0ubuntu1
<smoser> kirkland, your tree looks sane to me.
<kirkland> smoser: cool
<kirkland> smoser: let me know when you've pushed
<smoser> and mine just successfully merged from yours
<smoser> ok. lp:~ubuntu-on-ec2/ubuntu-on-ec2/cloud-utils/ should have revision 11, which has your tree, and mine merged.
<smoser> that should be mergable into lp:ubuntu/lucid/cloud-utils
<smoser> so we're happy.
<kirkland> smoser: okay, then i'm uploading
<kirkland> smoser: done
<smoser> so when you upload, you first push to lp:ubuntu/lucid/cloud-utils, right?
<smoser> i think you're supposed to push there, then upload, then when the crawler comes through to sync them, it will have already done it and you'll have the intermediate history.
<smoser> at least thats how i thought it was supposed to work.
<smoser> good night, kirkland thanks.
<kirkland> smoser: well, they're all out of sync right now :-/
<smoser> well not now.
<kirkland> smoser: so pushing there isn't quite working
<smoser> they're all good.
<smoser> why not?
<smoser> i just pulled from there, and i can merge ours into that.
<kirkland> kirkland@x200:/tmp/foo3/cloud-utils$ bzr push lp:ubuntu/lucid/cloud-utils
<kirkland> Warning: Permanently added 'bazaar.launchpad.net,91.189.90.11' (RSA) to the list of known hosts.
<kirkland> bzr: ERROR: These branches have diverged.  See "bzr help diverged-branches" for more information.
<smoser> oh hell.
<smoser> i hate this
<kirkland> smoser: hang on
<kirkland> smoser: okay, we're good
<smoser> bzr branch lp:ubuntu/lucid/cloud-utils cloud-utils.lucid
<smoser> bzr merge lp:~ubuntu-on-ec2/ubuntu-on-ec2/cloud-utils
<kirkland> smoser: yeah, sorry, we're good
<smoser> good.
<smoser> good night.
<kirkland> kirkland@x200:/tmp/foo3/cloud-utils$ bzr push lp:ubuntu/lucid/cloud-utils
<kirkland> Pushed up to revision 12.
<smoser> funny
<kirkland> smoser: gnight
<smoser> i thoguht your x200 was bug in bzr
<kirkland> smoser: you just had to curse bzr enough
<smoser> looks like hex
<kirkland> smoser: and then it works out
<smoser> oh i curse it.
<kirkland> smoser: heh
<kirkland> smoser: fyi ... https://bugs.edge.launchpad.net/server-papercuts/+bug/524226
<uvirtbot> Launchpad bug 524226 in openssh "ssh-import-id - retrieve a key from a public keyserver and add to the authorized_keys file" [Wishlist,New]
<kirkland> smoser: i renamed it to ssh-import-id
<kirkland> smoser: as it's kind of the opposite of ssh-copy-id
<smoser> yeah. thats true.
<smoser> just make sure you take my improved version. :)
<kirkland> smoser: you can post it to that bug if you like ;-)
<kirkland> smoser: and add your name to the authors
<smoser> you actually have to properly urlencode the user names
<kirkland> smoser: true
<kirkland> smoser: let's not make it *too* complicate though, or it won't make FFe
<kirkland> smoser: or be considered a papercut
<kirkland> smoser: i'm hoping ttx might accept it as a papercut
 * kirkland -> bed
<smoser> but seriosly, it sould do that. i have a  perl one liner somewher ethat urlencodes.
<twb> Random annoying thing: OpenSSH's ssh-copy-id doesn't work with dropbear.
<smoser> twb, hm.. do you know why?
<smoser> other than ssh-copy-id is a good example of a bad shell script ;)
<twb> Because ~/.ssh/authorized_keys becomes a single /etc/dropbear/authorized_keys
<smoser> which does neither set -e or catches errors
<twb> ssh-copy-id's code is INSANE, I assume because it's trying to be really portable
<smoser> well that seems fixable if HOME=/etc/dropbear/
<twb> root's home is rarely /etc/dropbear
<smoser> right.
<twb> (Dropbear is ssh for embedded systems, in case you didn't know.)
<smoser> yeah. i've used it.
<smoser> its is very handy.
<smoser> twb, you could add a nother user with id 0 named 'dropbear' with HOME=/etc/dropbear. the ssh-copy-id dropbear@host
<smoser> but that likely has mmajor issues
<smoser> security wise
<cef> could you not 'ln -s .ssh /etc/dropbear' on the router ?
<cef> but yeah, a hack
<cef> (from root's home dir that is)
<cef> err.. did I even get that ln the right way around? NEED COFFEE. :/
<cef> twb: err from root's homedir on the router 'ln -s /etc/dropbear .ssh' even.
<cef> huzzah! progress on getting my libvirt hosts to lucid leads to new info for bug #495394.
<uvirtbot> Launchpad bug 495394 in libvirt "autostart almost always fails on boot time host" [Medium,Confirmed] https://launchpad.net/bugs/495394
<ChmEarl> in karmic server, anyway to shrink font size? I tried vga=791, but I lose all video
<ChmEarl> I expect to ssh in mostly so no biggee
<ChmEarl> how can I tell what depends on x11-common?
<lifeless> apt-cache rdepends
<ChmEarl> lifeless, thanks
<ChmEarl> ah, reverse depends
<ChmEarl> to shut off a service, the only way is to remove (bind9) out of /etc/init.d ??
<cef> check /etc/default/ and see if there is a config in there. many have options for whether to start or not
<uvirtbot> New bug: #524243 in python-boto (main) "Python-boto crashes with Duplicity and Amazon S3" [Undecided,New] https://launchpad.net/bugs/524243
<ChmEarl> cef, your hint about 70-persistent-net was key -- I got eth0 up and going -- cheers
<cef> ChmEarl: no probs
<ChmEarl> to remove bind9 startup: sudo update-rc.d -f bind9 remove
<Cappy> hi folks, new to the whole ubuntu server thing, quick question to get me started, do i need to do anything special, or does the default install of OpenSSH from the CD let me ssh into the box?
<smoser> ttx, ping
<ttx> smoser: opng
<smoser> hey.
<smoser> i just opened https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/524258
<uvirtbot> Launchpad bug 524258 in cloud-init "update check code is not enabled" [High,Fix committed]
<smoser> can you approve it for lucid and deny it for karmic ?
<ttx> on it
<smoser> i accidently clicked karmic
<ttx> done
<nijaba> kirkland: you are now a member of ubuntu-on-ec2
<soren> wtf?
<soren> nijaba: Oh, you just did that?
<nijaba> soren: yes, I did
<soren> We must have clicked "Add member" within seconds of each other :)
<nijaba> hehe
<soren> I had just checked the list of members, gone "Nope, noone's done it yet", went to add him, and it said he was already a member.. Man, if I could have seen the look on my face..
<nijaba> soren: would have loved to see it too ;)
<ttx> soren: anoter lost youtube moment
<smoser> i've gotten lp:ubuntu/lucid/cloud-init completely foobared
<ttx> smoser: james westby may be your friend
<smoser> somehow its missing a upstream-0.5.5 tag
<ttx> smoser: but I guess that comes with the territory when working too late :)
<smoser> whats most impressive is i can't even write there.
<soren> smoser: Nope, very few people can write to the lp:ubuntu/* branches.
<smoser> i dont think its very few, i was under the impression all coredev could
<soren> Nope.
<soren> These dudes:
<soren> https://edge.launchpad.net/~ubuntu-branches/+members
<ttx> aka rockstar-team
<soren> Pretty much :)
<smoser> i really thought the goal was for people to push to those branches and start builds from there.
<soren> It is. We're not there yet.
<soren> Hmm.. Yeah, I wonder why the new upstream version didn't get imported.
<soren> Oh, I know.
<soren> It was uploaded as a native package.
<soren> As can be seen here: https://edge.launchpad.net/ubuntu/lucid/+source/cloud-init/0.5.5-0ubuntu1
<soren> Well, here specifically: http://launchpadlibrarian.net/39341990/cloud-init_0.5.5-0ubuntu1_source.changes
<soren> smoser: Do you understand what happened there?
<ttx> soren: what do you think of https://bugs.launchpad.net/bzr/+bug/376388/comments/12 ?
<uvirtbot> Launchpad bug 376388 in bzr "~/.bazaar created owned by root (when run under sudo)" [Medium,In progress]
<smoser> i saw that that builddeb file go tput there.
<smoser> and it is attributed to me. must have been an errant bzr add.
<smoser> but i can't seem to work my way out of the problem
<soren> smoser: I know how to fix it from a debian source package perspective, but I don't know how that will look in the resulting bzr branch.
<soren> "very confusing" is my guess.
<smoser> ok. soren or ttx, if you had some cycles to spare, please review https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/524258
<uvirtbot> Launchpad bug 524258 in cloud-init "update check code is not enabled" [High,Fix committed]
<smoser> the linked branch there is in a sane state, minus the fact that by its count 0.5.5 never occurred.
<smoser> ttx, soren , i'm heading to bed. please do take a look at that if you can.
<ttx> smoser: ok
<ttx> soren: how does the puppet/etckeeper integration work ? Is puppet recommending etckeeper ? Or do they just happen to play nice if installed together ?
<ttx> i.e. how critical is etckeeper MIR in that process ?
<ttx> soren: I have my answer, forget it :)
<ttx> "Silently bail out if etckeeper is not available."
 * soren takes a break
<jiboumans> morning folks
<CDlx> hi
<lool> stgraber: Hola
<lool> stgraber: Would you have some time to discuss lxc?
<lool> stgraber: I wonder about a couple of integration stuff, notably mounting of cgroups
<lool> stgraber: Perhaps we could simply mount this on /dev/cgroup for everybody?
<lool> The mountpoint was apparently suggest to lenghty discussions
<lool> *subject
<lool> stgraber: Also, I'd like to test lxc on a karmic system; I've seen that the linux SRU is in progress, is a lxc backport needed as well?  Anything else?
<lool> I didn't look into the caps handling which allow random users to manipulate containers, it's not clear to me whether that's a good idea or not
<uvirtbot> New bug: #524341 in amavisd-new (main) "[FFE] Add amavisd-new-postfix package" [Undecided,New] https://launchpad.net/bugs/524341
<Roxyhart0> hi somebody know any good webmail server?
<Jeeves__> roundcube
<ivoks> or roundcube
<ivoks> it's an application, not a server
<ivoks> :)
<Roxyhart0> so, is the best?
<Jeeves_> Indeed
<Jeeves_> Roxyhart0: Well, yes. I think so
<Roxyhart0> yes i am looking for a option to squirmail
<Roxyhart0> mmm...look really nice :)
<ivoks> doesn't have all the features of squirrelmail, but looks great
<ivoks> :)
<acalvo> ivoks: it's easier to deploy than squirremail or horde
 * acalvo really likes roundcube
 * soren enjoys roundcube as well
<soren> I offer horde to my users as well, though. Most people prefer it, since they use this webmail interface as the only interface to their e-mail account, and horde is somewhat more full-featured than roundcube.
<soren> ...but roundcube is /really/ nice for most uses.
<acalvo> right
<acalvo> horde is more like a collaborational suite
<acalvo> btw, some having access attacks from Italy?
<acalvo> s/some/someone
<ghostlines> can live backups of vm's be made with kvm?
<lool> Folks, just a note that I've changed the locking primitive in qemu-kvm in some code pathes to use GCC's locking primitives, please tell me if you see any regression
<inveratulo> So I've set up ubuntu server as a host OS and now I'm preparing to install KVM, yet the kernel indicates that my proc does not support virtualization... is there some flag i should be setting?
<inveratulo> the proc is a c2d
<AntiProxy> hi everyone, i have a fresh installation of bind9 on my ubuntu box.. i configured named.conf.options with listen-on { 127.0.0.1; }; but netstat -nlp shows named listening on tcp 127.0.0.1:53 (as configured) and udp 0.0.0.0:53 .. how can i force it to listen to 127.0.0.1:53 on UDP also?!
<Roxyhart0> hi, my squirrelmail stop to work and i think is because id change by error permisions at the folders/files..somebody can tell me which permisions should it have ?
<uvirtbot> New bug: #510171 in samba (main) "connection from windows clients only works using IP, not using hostname" [Medium,Incomplete] https://launchpad.net/bugs/510171
<zul> morning
<ivoks> gday
<bogeyd6> hi ivoks
<Testament> hi
<Testament> i've just hosted some IBM server on a local service provider, and the websites on it run's very well, but on SSH i can't make a wget or an apt-get somthing or even a ping on any ip on the web !! i can connect to the machine over SSH, and i can access websites on it, but that's all :p any idea about that ?
<ivoks> can you ping your gateway?
<ivoks> there's one cool thing called mtr
<ivoks> mtr ip_of_google
<ivoks> will tell you where your pings stop
<Testament> i can ping the gateway
<Testament> but i can't ping my dns server
<Testament> that's pretty strange :p
<ivoks> it's not that strange
<jiboumans> telnet dns_ip 53 # is more likely to give a believable answer
<ivoks> some people don't like pings and firewall them
<Testament> aha
<Testament> ill try mtr just a sec :p
<jiboumans> also, if you're in a NAT, they can get lost
<ivoks> jiboumans: not every dns has TCP/53 :)
 * jiboumans notes ivoks has this covered and goes back to manager duties ;)
<Testament> well
<Testament> mtr stops at the first node
<ivoks> jiboumans: hehe
<ivoks> Testament: 1. or 2.?
<jiboumans> ivoks: actually, since you're around; do the TODOs here still reflect reality? https://blueprints.launchpad.net/ubuntu/+spec/server-lucid-more-mail-integration
<Testament> ivoks: 0 if i can say it :p
<Testament> nothing happens
<ivoks> jiboumans: i guess rbl will be postponed
<ivoks> jiboumans: and debconf integration
<ivoks> jiboumans: i'll update it
<jiboumans> ivoks: thanks -- just making sure i have a clear picture of what's going on
<Testament> telnet mydnsip 53 : connexion refused
<Testament> connection*
<ivoks> jiboumans: updated
<jiboumans> ivoks++
<ivoks> Testament: are you doing mtr IP or mtr hostname?
<Testament> IP
<Testament> want me to try hostname ?
<ivoks> no
<Testament> ok
<Testament> :)
<ivoks> paste route -n on pastebin
<Testament> that's disgusting i can't even do an apt
<Testament> can't live without it !
<Cappy> folks, im looking for a media type front end to run in ubuntu server, i just want to play a local library of music & movies... something that i can use to still serve files and all the other stuff with.
<ivoks> xmms2
<ivoks> mpd
<ivoks> that's backend
<ivoks> frontend can be web, gui, cli...
<Cappy> hrmm interesting, thanks
<Testament> i've done a ping of my_broadcast_ip -b and i've got another ip that i can ping
<Testament> i think i'ts a good start =)
<ivoks> mtr to it works?
<Testament> yup !
<ivoks> then your gateway is blocking the traffic
<Testament> my ISP is full of bastartads & liars then, and i'ts true, i prefer believing you
<Testament> ill call them now !
<Testament> thanks a lot ivoks :)
<ivoks> well
<ivoks> maybe it's your firewall
<Testament> nah
<ivoks> or bad routes
<Testament> iptables not configured yet
<Testament> i'ts allow anything
<ivoks> but if you had bad routes, then no one could access your server
<Testament> the server is accessible
<Testament> just type http://193.95.75.10
<ivoks> connecting...
<Testament> and there are websites hosted on it like jazzacarthage.com
<Testament> and they are all working well !
<ivoks> those are not same IPs
<ivoks> Name:	www.jazzacarthage.com
<ivoks> Address: 193.95.75.144
<Testament> yup !
<Testament> :)
<ivoks> server has more than one address?
<Testament> no only one ip
<Testament> ah shit
<Testament> http://193.95.75.144
<Testament> the .10 is the dns server
<Testament> sorry !
<ivoks> nice to see lost+found
<Testament> lol
<ivoks> now i can steal your data
<Testament> yeah i've mounted the /www in a partition
<ivoks> never, never put partition as a document root
<Testament> yep; i'ts just a test server
<Testament> nothing important on it
<Testament> but great advice thanks :)
<ivoks> and router is?
<ivoks> .1?
<Testament> well isp phone is always busy
<Testament> nah
<Testament> 193.95.75.190
<ivoks> are you sure?
<Testament> yep
<Testament> they gave me that
<ivoks> then inbound traffic is different than outbound
<Testament> the .1 don't answer on any request
<Testament> maybe, i'm not that good to be sure about that :p
<ivoks> what netmask do you have?
<ivoks> can you ping 193.95.77.1?
<Testament> netmask
<ivoks> ifconig | grep Mask | grep 193
<Testament> auto eth0
<Testament> iface eth0 inet static
<Testament>         address 193.95.75.144
<Testament>         netmask 255.255.255.192
<Testament>         network 193.95.75.0
<Testament>         broadcast 193.95.75.191
<Testament>         gateway 193.95.75.190
<Testament>         # dns-* options are implemented by the resolvconf package, if installed
<Testament>         dns-nameservers 193.95.75.10
<Testament> here is my interface :p
<ivoks> don't ever do that again
<Testament> well, as i said it's just a test server :p
<Testament> but thanks again :p
<ivoks> i was refering to pasting
<Testament> ahh
<Testament> sorry then !
<ivoks> that looks ok
<Testament> and i can't ping the .1
<ivoks> well, ask your provider why can't you get out of your subnet
<Testament> yep sadly i'ts look ok :p
<Testament> heh the guy told me same parameters for my interface, and told me that he can't do anything else
<Testament> ill call again until they say the truth they are all crackheads :p
<ivoks> take care
<Testament> hey i just understood
<Testament> their IPS is blocking outcoming traffic
<Testament> they have some extreme security things
<ivoks> bye
<Testament> cya
<bogeyd6> !pastebin | Testament
<ubottu> Testament: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<bogeyd6> rotfl
<smoser> ttx, did you get a chance to look at merge for bug 524258 ? or should I try to get someone from north america
<uvirtbot> Launchpad bug 524258 in cloud-init "update check code is not enabled" [High,Fix committed] https://launchpad.net/bugs/524258
<smoser> or south america
<ttx> smoser: I should be able to do it
<ttx> just in a few [tm]
<ttx> smoser: the bug blocking boothooks was recently lifted
<ttx> smoser: I was wondering if you tried moving earlier in the boot sequence yet
<smoser> ttx, right .  i have not.  i wasn't planning to try before alpha3, unless you think i should.
<ttx> I think you should try.
<ttx> unless things are already hopelessly broken.
<smoser> i'll give it a whirl
<ttx> smoser: if it looks good from your end, just ping slangasek to see if that requires FFe to land
<ttx> smoser: that would be a chnage in cloud-init ?
<smoser> ttx, yeah.
<ttx> smoser: because bug 524258 will also require FFe for runcmd
<uvirtbot> Launchpad bug 524258 in cloud-init "update check code is not enabled" [High,Fix committed] https://launchpad.net/bugs/524258
<ttx> since the branch you want to land is more than just that bugfix
<ttx> So I'd suggest making a pack of three (runcmd feature, updatecheck bugfix and move-earlier-in-boot featurefix)  and asking Ffe for the group
<ttx> rather than doing two consecutively
<ttx> smoser: ^
<ttx> or I got the changes wrong maybe
<smoser> i figured that. I would like that code in. so then i follow https://wiki.ubuntu.com/FreezeExceptionProcess and test the move-earlier ?
<ttx> is runcmd already in ? I'm confused by your bzr klog there :)
<smoser> it is in the 0.5.6 version
<ttx> nah, I think I got it right.
<smoser> but not in main yet. you are correct in the pack of 3
<ttx> test move earlier -> include it in the pack (or leave it out if more issues are encountered) -> ask FFe
<ttx> I'll mention it at the release meeting.
<uvirtbot> New bug: #524450 in samba (main) "smbd panic using root postexec" [Undecided,New] https://launchpad.net/bugs/524450
<ichat> can anyone help me with fixing a scanner sharing problem
<smoser> ttx, hm.. archive still doesn't have 0.6.5-2
<genii> Is there some known bug with e1000/e1000e driver which makes it think some fibre NIC is 1000 Base T ?
<smoser> the udev is in, but not upstart for bug 504883
<uvirtbot> Launchpad bug 504883 in upstart "job with "mounted MOUNTPOINT=/ and net-device-up IFACE=eth0" blocks boot" [Medium,Fix released] https://launchpad.net/bugs/504883
<ttx> hm
<ttx> smoser: it failed to build
<ttx> maybe
<ttx> - udev_monitor_set_receive_buffer_size(monitor, 128*1024*1024);
<ttx> + udev_monitor_set_receive_buffer_size(udev_monitor, 128*1024*1024);
<ttx> smoser: can you work from a local build ?
<smoser> i was just going to test
<mario_> Hello!
<mario_> i am trying to run a application in a chroot enviorment. When i do: "chroot /myfolder" then i can do all kind of stuff in this chroot dir
<mario_> set ip addresses or mount my root devices.
<mario_> any idea how to make chroot "secure"?
<soren> mdeslaur: reg bug 523589..
<uvirtbot> Launchpad bug 523589 in vm-builder "vmbuilder aborts with "locale-gen does not recognize your locale"" [Undecided,New] https://launchpad.net/bugs/523589
<jmarsden> mario_: The root user can do "all kinds of stuff" in a chroot.  It is not intended to protect against abuse by someone with root priviledges.  A normal user in that same chroot should not be able to do "all kinds of stuff".
<soren> mdeslaur: Um, yes, vmbuilder /should/ use locale-gen to validate the locale, because it will call locale-gen later to make sure the locales are generates properly in the guest.
<soren> mdeslaur: Can you say why you think en_US.utf8 is a valid locale?
<jmarsden> mario_: If you need more isolation than that, consider using a virtual machine instead of a chroot.
<inveratulo> mario_: this article may be of interest to you: http://www.fuschlberger.net/programs/ssh-scp-sftp-chroot-jail/
<mario_> thanks!
<mario_> i mainly want to protect against root users ;)
<inveratulo> perhaps VM is what you want
<jmarsden> mario_: Then don't give people root access, or else give them a separate VM.
<inveratulo> mario_: sorta paradoxical, people who require root typically can be trusted, hence their requirement, otherwise you can provide methods for them to do what they need without it
<Jeeves_> grrr
<Jeeves_> No up2date ipvsadm in Karmic
<Jeeves_> Ah, lucid does have it, I see
<ichat> can anyone help me with fixing a scanner sharing problem  -   scanimage -L   reconizes my scanner,   running scanimmage seams to (cant check)  even scan and return data  (hard to verify on a x-org-less system,   -    but  sane-twain says to have no backend -
<ichat> running 9.10  alternative x64 (text only)
<mdeslaur> soren: A discussion I had on #ubuntu-devel yesterday
<mdeslaur> soren: actually, it's locale-gen that should accept en_US.utf8
<soren> mdeslaur: How did you come to that conclusion?
<soren> mdeslaur: The problem (for me) is that older locale-gen's won't work with this.
<soren> So I have to rewrite the locale when building older versions of Ubuntu using vmbuilder.
<soren> That sucks.
<mdeslaur> soren: I didn't come to the conclusion, It's just what ogra and lifeless said yesterday
<mdeslaur> soren: I've tried to think how to fix it, but haven't thought of anything yet
<genii> ichat:  You have sane-twain windows config set for port 6566?
<ichat> genii:  - yes i have
<genii> ichat: And saned is being called on server with inetd/xinetd or is running standalone?
<soren> mdeslaur: Bah. I'll figure it out. I know how to fix it, I just don't like it.
<ichat> i followed the https://help.ubuntu.com/community/ScanningHowTo <
<mdeslaur> soren: yeah, it's not quite sitting right with me either
<ichat> for 9.10
<ichat> so its probably running by itself ...
<soren> mdeslaur: I mean.. It's far from the ugliest hack I've ever added to VMBuilder, but I was hoping to have /less/, not /more/ by the end of this cycle.
<mdeslaur> lol
<ichat> sudo update-rc.d saned defaults (told me it was allready added to start default)
<mdeslaur> soren: once software hits 80% complete, I though the remaining 20% was supposed to be made up of ugly hacks and workarounds? :)
<soren> I started with those.
<soren> That's the problem.
<soren> It started out as a sequence of more or less (usually more) grotesque hacks.
<genii> ichat: OK. Does ps show it running right now?
<soren> Now it's quite a bit better, but it still needs some tender loving before I'm really happy with it.
<mdeslaur> hehe
<soren> mdeslaur: Seriously, did you ever see my implementation of grub's install subcommand using sed and dd?
<ichat> ps ???
<genii> ichat: eg, does a command like: ps aux | grep saned            show a result?
<soren> mdeslaur: Not grub-install, but the actual code that would poke stuff into the mbr, that is.
<ichat> genii:  - shows me 3 lines with saned in red
<mdeslaur> soren: yeah, doing the grub stuff is painful
<ichat> and a bunch of (hexa) codes (i think)
<mdeslaur> soren: I've experienced some grub pain when I did the centos plugin
<ichat> (its just numbers )
<soren> mdeslaur: Dude.
<soren> mdeslaur: Hang on, let me find the code.
<soren> mdeslaur: http://bazaar.launchpad.net/~ubuntu-virt/vmbuilder/trunk/annotate/30/ubuntu-vm-builder#L666
<soren> mdeslaur: Yes, it starts at line 666. I didn't mean for that to happen, but it did.
<soren> It's an omen.
<soren> mdeslaur: Please tell me you didn't have to suffer through anything like that for the CentOS plugin.
 * mdeslaur spits out coffee
<mdeslaur> soren: oh, god, no :)
<soren> mdeslaur: I could tell by the lack of cursing you didn't know what I was talking about :)
<mdeslaur> soren: never in my wildest dreams
<soren> Man, that branch sure is a trip down memory lane.
<soren> Those were some long, long days.
<mdeslaur> soren: I though lines 159+ of this was a bad hack: http://bazaar.launchpad.net/~mdeslaur/vmbuilder/centos-support/annotate/head%3A/VMBuilder/plugins/centos/distro.py
<mdeslaur> but, that's nothing :)
<soren> Clearly we have different standards :)
<mdeslaur> hehe
<Italian_Plumber> Hello.  I asked this yesteday night, but I thought I'd re-post today, hopefully to more eyes... any ideas would be greatly appreciated...  http://ubuntuforums.org/showthread.php?t=1410891
<genii> ichat: OKgood this means it is in fact loaded and running ont he server then. Apologies on lag, work keeps requiring me. Can you use the pastebin to show contents of file:  /etc/sane.d/saned.conf     and also result of scanimage -L  (you can use the pastebinit for a command-line box) Also the sane-twain config file if possible
<Italian_Plumber> It's about some errors I've been getting with my new SATA drive and controller
<thafreak> Good morning group
<thafreak> Are there any known issues with the installer and compact flash -> IDE adapters?
<ichat> - hang on -  looking at howto get pasting to pastebin from a cmd-line
<genii> !pastebinit | ichat
<ubottu> ichat: pastebinit is the command-line equivelent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit
<jdooolger> i've been playing with UEC with one node for testing. are images running in the cloud supposed to be persistent?  when I shut an image down everything is reset
<ichat> so nano /etc/sane.d/saned/conf pastebinit ???
<screen-x> jdooolger: I havent deployed UEC yet,  but am considering it. From what I have read, to get persistent storage you have to mount an EBS/Walrus? volume.
<jdooolger> okay, that makes sense. i'm looking over the documentation now
<genii> ichat: No, more like: cat /etc/sane.d/saned.conf | pastebinit
<screen-x> jdooolger: ah the UEC version of EBS is StorageController, not walrus. Walrus is for S3.
<genii> ichat: And from the Windows side the contents of sanetwain.ini (to see if it matches the scanimage -L with proper port, etc)
<ichat> pastebin.com/f680e5668
<ichat> and  pastebin.com/f7d6e73d6
<lool> soren: Just curious, what do you use kannel for?
<soren> lool: SMS gateway.
<soren> lool: For my monitoring system.
<lool> soren: So you have a GSM modem over a serial port?
<soren> lool: I used to.
<soren> In these cloudy days, no more.
<soren> I have an account with an provider that lets me send SMS through their gateway.
<lool> Oh which one is that?
<soren> ...and I use kannel as a queueing and accounting mechanism.
<soren> Err...
<soren> I forget what it's called...
 * soren looks through config files.
<soren> Ah, Clickatell.
<lool> Ok; I know that one but never used it
<ichat> genii:  -  pastebin.com/f680e5668  pastebin.com/f7d6e73d6
<soren> lool: It works quite well. I have no idea whether it's priced competitively.
<soren> I don't send enough of them to warrant even spending time worrying about trying to save â¬0.01 per SMS.
<lool> Of course
<soren> I don't feel ripped off, though :)
<soren> It lets me send messages with a textual "msisdn", or with an actual msisdn I can verify that I own.
<zul> msisdn? as in isdn
<zul> ?
<jdooolger> screen-x: hmmm storagecontroller will let me make mountable volumes, but what I really want is when I have an image running I want to be able to update it (apt-get upgrade), shut it down, start it later and have it still be up to date. don't know if that's possible.
<zul> people still use isdn?
<screen-x> jdooolger: There is talk of being able to boot from an StorageController volume, but I don't know if that is possible yet. If it isn't, could you use AUFS to layer the writable volume over the read-only root?
<screen-x> Is it possible to boot from a storage controller volume with UEC?
<screen-x> soren: Is this channel logged?
<soren> screen-x: sure
<jdooolger> I guess that'd require opening the image and changing things, if that's possible.
<soren> screen-x: http://irclogs.ubuntu.com/2010/02/19/%23ubuntu-server.html for today's installment.
<screen-x> soren: thanks.
<jdooolger> maybe setting up a volume, attaching it and mirroring the fs on the image, edit /etc/fstab to use the volume to boot from... idk
 * soren goes to dinner and stuff
<screen-x> I need to go now but, want to check the logs later to see if anyone replies about UEC.
<screen-x> jdooolger: yeah, I don't really know how it works, but I hope its possible somehow..
<jdooolger> screen-x: thanks for the input!
<jief-> hello. im trying to run automated dist-upgrades. im running apt-get -y dist-upgrade. but some packages fails to install because it's asking questions about replacing some configuration files. i recall configure apt in the past so that it would always say no to these questions and do unattended dist-upgrades. i simply can't recall how. anyone knows?
<genii> ichat: The device name returned from scanimage is somewhat odd. Normally it looks something like "drivername:/dev/devicename0"
<ivoks> urgh...
<ivoks> cluster-glue still not published :/
<thefish> anyone know of any issues with lucid booting from lvm?
<thefish> failing on a dell M600 because it cant find root
<thefish> vgchange -a y brings them up
<ivoks> eh
<ichat> genii:  - on windows  device has no value set
<ichat> genii:  - a linux approach,  (if i can figure out how to  set  xsane to a network scanner
<genii> ichat: Set the devicename in sanetwain.ini to be the same as scanimage -L reported   (eg: hp5400:libusb:002:002 ) and make sure it is going to the right IP of the server. Also, is the IP range from the saned.conf file the actual ranges your network is using?
<ichat> genii:  -  devicename set,  no effect,    ip is correct, -  ubuntu xsane cant find it,   < just sees my webcam,   configured the right ip in   /etc/sane.d/net.conf
<ivoks> mathiaz: ping
<bogeyd6> kind of the wrong server ichat
<bogeyd6> s/server/channel
<ichat> bogeyd6: ?
<bogeyd6> they should be in #ubuntu for webcam support
<bogeyd6> amirite
<ichat> bogeyd6:  -  im trying to conect to a shared - scanner running on ubuntu-server
<genii> ichat: You did copy the sanetwain .dll file into the Windows\System32\Twain32   folder, yes?
<mathiaz> ivoks: hi
<ivoks> ichat: if xsane can't find it, probably isn't supported
<ivoks> mathiaz: i was thinking, maybe we could demote rhcs now, so i could upload new version and tie it with pacemaker
<ivoks> mathiaz: and then request MIR for parts that would be needed in main
<ivoks> mathiaz: what do you think?
<ichat> i had it running in  7.10 already - just never over lan
<genii> ivoks: He can locally see it as hp5400:libusb:002:002     and scanimage CLI apparently works
<bogeyd6> ichat, im just saying you might get better luck in there with people who know how to support desktop like apps
<mathiaz> ivoks: well - thought about that
<mathiaz> ivoks: but it seems that there is a bunch of packages in main that build depend on rhcs
<ivoks> another problem is that core thing (cluster-glue) still waits in build queue
<ivoks> mathiaz: yeah, that's true...
<mathiaz> ivoks: so we can't just demote rhcs to universe
<ichat> afaik there is no firewall (that i know of but how do i check if saned is even listening on the right port  and if its not blocked by anything ?
<ivoks> mathiaz: ok, we will just demote cman once clvm is built with support for corosync and openais drops it as a dep
<ivoks> actually, openais thing is already fixed
<bogeyd6> ichat, sudo ufw status
<bogeyd6> ichat, if disabled, do "sudo netstat -l"
<ichat> lowercase  L  ?
<bogeyd6> yes
<genii> ichat: On the local box, when you do something like: scanimage -d hp5400:libusb:002:002 > test.pnm             does it complete successfully? If so then you can try to fetch the file from that CLI box onto a gui one with something like scp and try to view it
<genii> ( using just scanimage > filename looks like it might be wanting to use your webcam by default)
<mathiaz> jiboumans: hi!
<mathiaz> jiboumans: what aren't you part of the scribe rotation for the ubuntu-server meeting?
<ichat> srry gotta go
<skuldGoddess> Hi!  I'm trying to add a second hard drive to my LVM,   I've got it added, according to vgdisplay, it shows both hard 110GB harddrives but the second one doesn't appear to be allocated.  I'll post a screenshot....can somebody remind me what that command is again to post to web, and then help me figure out what I'm missing to get my second harddrive fully integrated?
<skuldGoddess> is the command like post...something orother...I wish I could remember it!
<skuldGoddess> pastebinit?
<ivoks> i don't know about the command, but pastebin.com is the url
<inveratulo> you can pipe commands to 'pastebinit' and it will generate a url
<inveratulo> skuldGoddess: you already added your drive to the vg ?
<skuldGoddess> okay, well that helps, so I can show my vg
<skuldGoddess> yes
<skuldGoddess> I think there has soemthing to do with allocation
<inveratulo> do pvdisplay too
<skuldGoddess> is the command to post:  pastebinit | sudo vgdisplay ?
<inveratulo> no pipe INTO pastbinit
<inveratulo> <command> |pastebinit
<skuldGoddess> is the command to post:  pastebinit < sudo vgdisplay ?
<skuldGoddess> got it!
<inveratulo> pvdisplay too
<inveratulo> you already did a vgextend?
<skuldGoddess> vgdisplay is:  http://pastebin.com/f61887971
<skuldGoddess> pvdisplay:  http://pastebin.com/f709cb9bc
<skuldGoddess> I think so, I really don't remember anymore
<ivoks> so, expand the group
<ivoks> vgextend --help
<skuldGoddess> sudo vgexpand ayeka?
<ivoks> sudo vgextend ayeka /dev/sdb1
<skuldGoddess> it says it's already added to the group
<ivoks> ah, true, it is
<ivoks> sorry, my bad
<skuldGoddess> it's cool
<ivoks> it's in the group
<skuldGoddess> yeah
<ivoks> i guess you'd like to extend partition?
<skuldGoddess> and the group sees the total space correctly, just when I run df -h it only shows the one hard drive
<ivoks> of course
<ivoks> #
<ivoks>   Free  PE / Size       28617 / 111.79 GB
<skuldGoddess> yeah
<ivoks> rest of it isn't allocated
<skuldGoddess> how do I allocate it?
<ivoks> lvextend
<inveratulo> Allocated PE Â  Â  Â  Â  Â 0   is your problem
<inveratulo> ivoks is faster than me
<ivoks> skuldGoddess: pvcreate -> creates lvm partition, vgextend -> extends volume group, lvextend -> extends logical volume
<skuldGoddess> what's the syntax of the command, I can't seem to figure out what the path is
<ivoks> skuldGoddess: lvextend /dev/ayeka/logical_volume_you'd_like_to_extend
<ivoks> oh, i'm missing -L
<dvheumen> */dev/mapper/ayeka/logical_
<inveratulo> should probably toss a size in there too :-P
<ivoks> skuldGoddess: lvextend -L28617E /dev/mapper/ayeka-lvnam
<dvheumen> sorry, my bad, the 'mapper' is not required
<ivoks> or pe
<ivoks> bah... :D
<ivoks> skuldGoddess: lvextend -L111G /dev/mapper/ayeka-lvnam
<ivoks> :D
<inveratulo> lvextend -L100G /dev/mapper/ayeka/logical
<ivoks> isn't it ayeka-logical?
<inveratulo> yes you're right
<skuldGoddess> I don't know, it says it's not found
<ivoks> skuldGoddess: ls -dl /dev/mapper/*
<ivoks> ls /dev/mapper/*
<inveratulo> pastebin your lvdisplay :-P
<inveratulo> or that
<lamalex> Can anyone here help me figure out why I can't login via ftp? I've followed https://help.ubuntu.com/9.04/serverguide/C/ftp-server.html, but local users cannot log in
<VSpike> Does ubuntu server still fail when installing on a machine with no PAE?
<ivoks> lamalex: local_enable is set to YES?
<lamalex> ivoks: yes
<ivoks> lamalex: and you restared vsftpd?
<skuldGoddess> http://pastebin.com/f632034bd
<lamalex> ivoks: yup
<ivoks> skuldGoddess: you'll have hard time resizing root filesystem :D
<ivoks> lamalex: users using /bin/false as shell?
<inveratulo> skuldGoddess: you need to boot off a live cd or something
<skuldGoddess> oh great
<lamalex> ivoks: nope
<ivoks> lamalex: which one do they use?
<lamalex> zsh
<ivoks> lamalex: make sure zsh is in /etc/shadow
<ivoks> er
<ivoks>  /etc/shells
<lamalex> ivoks: hm, it had /bin/zsh, but which zsh shows /usr/bin/zsh
<ivoks> lamalex: then fix that
<lamalex> do i need to restart vsftp after editing /etc/shells?
<ivoks> not that i remember
<ivoks> VSpike: probably, yes
<ivoks> eh
<lamalex> fixed!
<lamalex> thanks ivoks :)
<ivoks> wait for answer or don't ask at all
<ivoks> lamalex: np
<zroysch> what am i supposed to do when i try to umount a drive and it tells me it is busy then i try to fuser -m the dev and it just goes to the next line acting like it did something. still get busy when i try to umount
<skuldGoddess> well, it let me resize the ayeka-root, probably have to reboot to see the changes though
<zroysch> lsof also gives me nothing regarding /dev/sdf1
<inveratulo> is your pwd mounted on that /dev/sdf1 ?
<ivoks> skuldGoddess: it will resize logic volume, but not filesystem
<ivoks> skuldGoddess: you still need to resize filesystem
<ivoks> skuldGoddess: that's ext3?
<inveratulo> zroysch: sorry -- is your pwd mounted on that /dev/sdf1?
<zroysch> inveratulo: i dont know what pwd is. how do i find out
<skuldGoddess> I'm confused, when I run pvdisplay: http://pastebin.com/f608704, it shows it's allocated now
<ivoks> zroysch: your home
<inveratulo> zroysch: type 'pwd',
<skuldGoddess> yeah< ithink so
<zroysch> inveratulo: no it isnt
<ivoks> skuldGoddess: filesystem isn't the same as partition
<ivoks> skuldGoddess: you resized partition (logical volume), but haven't filesystem
<ivoks> skuldGoddess: df -h shows filesystem, not partitions
<skuldGoddess> and the way I do that is ... by using a live CD and what?
<dvheumen> try 'df -Th'
<inveratulo> zroysch: i dunno then, that's the one that always gets me
<zroysch> god this is so annoying
<ivoks> zroysch: where's /dev/sdf1 mounted?
<skuldGoddess> df -Th : http://pastebin.com/f46f871ad
<ivoks> skuldGoddess: yes
<zroysch> ivoks: /mnt/raid5
<inveratulo> zroysch: and your 'pwd' is?
<zroysch> everything i find on google says to use fuser or lsof. they list nothing.
<zroysch> inveratulo: is having nothing to do with this drive
<ivoks> zroysch: no screens running?
<zroysch> none
<ivoks> zroysch: no other users loged in?
<dvheumen> skuldGoddess, okay, so it's ayeka-root has ext3
<zroysch> when i type users its just me
<ivoks> zroysch: are you root, are you sure you didn't enter /mnt/raid5 and then did sudo -i?
<zroysch> yes i am root
<ivoks> logout
<zroysch> or, admin with root privs
<zroysch> whatever
<zroysch> just tried logging out, sshing back in
<dvheumen> skuldGoddess, now to resize the partition you can use resize2fs, but you have to do that when the partition isn't mounted
<zroysch> umount: /mnt/raid5: device is busy.
<dvheumen> so this is where you boot from a live CD
<ivoks> dvheumen: i think there's online ext3 resize
<ivoks> hm...
<dvheumen> ivoks, is it possible, I'm not sure myself, if you say so ...
<zroysch> i guess i'll just reboot. this is clownish
<skuldGoddess> I tried that command, just for the heck of it,  it looks like it's doing an 'online' resize
<dvheumen> ivoks, remount as read-only then?
<ivoks> zroysch: something is locking that partition
<skuldGoddess> figured the worst case is it would tell me i coulnd't do it because it was mounted
<zroysch> ivoks: hope a reboot solves it
<ivoks> dvheumen: i think redhat4.x had a tool
<ivoks> zroysch: no, it won't
<ivoks> reboot never solves anything
<zroysch> sure it does.
<inveratulo> it solves the question of "how to waste 5 minutes?"
<zroysch> inveratulo: i've already wasted more than 5minutes trying to figure this sillyness out
<skuldGoddess> actually, on the rare occation when nothing else works, I've found a reboot does solve a problem every now and then, but I hardly ever reboot.
<ivoks> ext2online
<ivoks> :)
<inveratulo> zroysch: true, it won't hurt.  I was just being silly
<dvheumen> ivoks, According to this it is indeed possible: http://michael-prokop.at/blog/2006/08/01/ext3-online-resizing/
<ivoks> dvheumen: so, resize2fs should be able to do it
<zroysch> so i just got another 1tb drive today because one of mine said it was failed out of the md array
<zroysch> i look now and its back on
<skuldGoddess> it WORKED! :  http://pastebin.com/f70131f04
<ivoks> skuldGoddess: what did you do?
<dvheumen> nice :)
<skuldGoddess> sudo resize2fs /dev/mapper/ayeka-root
<ivoks> skuldGoddess: resized it online?
<skuldGoddess> yup
<ivoks> there we go
<dvheumen> ivoks, thanks, learned something new today :)
<ivoks> dvheumen: anytime ;)
<skuldGoddess> Probably not the best practices, but it worked. :)
<ivoks> skuldGoddess: that's ok practice
<ivoks> skuldGoddess: it's a supported feature
<inveratulo> i'm pretty sure that only works with LVs, and making them bigger, doesn't go the other way around
<ivoks> i doubt it can shrink online :D
<skuldGoddess> yeah, probably, but then again, I never understood why I'd want to shrink a volume
<ivoks> skuldGoddess: maybe tomorrow you'll want separate partition
<ivoks> skuldGoddess: and then you will have to shrink / to make some room :)
<inveratulo> yea i start all of my lvs as small as possible
<skuldGoddess> true...never thought of that, maybe someday I'll try it on a test box
<ivoks> would mdadm monitor lock partition?
<ivoks> nah... that sounds stupid
<ivoks> zroysch: you have samba running?
<zroysch> ivoks: i believe so
<ivoks> zroysch: well, stop it
<ivoks> zroysch: if it's using that partition
<zroysch> computer was restarted
<zroysch> problem solved
<ivoks> mathiaz: do i need ffe for new version of drbd?
<zroysch> oh, now it is faulty removed again.
<zroysch> i wish there was an easy way to determine which drive is which.
<ivoks> ?
<ivoks> smartctl
<ivoks> will tell you serial number
<SandGorgon_> any opinions of Nagios vs Monit - I'm dabbling in network management for the first time (for a few RoR websites on ubuntu servers)
<zroysch> yea, that involves taking each drive out.
<zroysch> if this were a real server, i could just blink it
<zroysch> and quickly see which drive bay it is in
<ivoks> zroysch: sda would problably be on sata0
<ivoks> zroysch: sdb on sata1
<ivoks> etc...
<ivoks> there's lshw
<ivoks> haha
<ivoks> lshw triggers something nasty on my thinkpad
<zroysch> you have ubuntu on it?
<ivoks> on everything
<ivoks> except my mobile phone :/
<zroysch> ah
<zroysch> havent been very impressed with my x61's linux performance
<ivoks> lshw triggers something on video card and messes up with the screen on lucid
<ivoks> back to console and then to X again solves the issue
<skuldGoddess> I run a webserver, and I'm sick and tired of chmod whenever somebody adds/modifies a file on the FTP.  Is there a permission setting I can apply so that I don't always have to re-chmod the files in the directory?
<jief-> anyone knows a site that lists all the available options for what goes in /etc/apt/apt.conf.d/ ?
<ivoks> skuldGoddess: ?
<zroysch> skuldGoddess: i used to know what its called but now i forget
<zroysch> starts with a u
<ivoks> umask :)
<zroysch> yes
<skuldGoddess> okay, whenever a user uploads a file to the server, I have to go in and reset the permissions on the file so that the world can see it
<ivoks> skuldGoddess: fix users umask
<jief-> skuldGoddess: set the sticky bit on the parent directory
<skuldGoddess> I want something automatic so that i don't have to do that anymore
<skuldGoddess> how do I do that?  is that the chmod 1774?
<jief-> although that applies only to groups
<jief-> chmod +s
<skuldGoddess> so chmod +s /var/www/someusersitedir?
<zroysch> this is odd. 3 drives in raid 5. if i mdadm -E the sdc and sdd, it shows the 3rd as faulty removed. if i mdadm -E sde it says theyre all online and working.
<jief-> skuldGoddess: man :P
<zroysch> wow
<zroysch> i chose wisely. unplugged the failed drive first try. 1/4
<mathiaz> ivoks: drbd FFe -> depends on the changelog
<mathiaz> ivoks: if there are *only* bug fixes in the lastest version, then you don't a FFe
<ivoks> mathiaz: bug 524594
<uvirtbot> Launchpad bug 524594 in drbd8 "[FFE] Please sync drbd8 from ubuntu-ha PPA" [Undecided,New] https://launchpad.net/bugs/524594
<ivoks> mathiaz: it's a new version
<mathiaz> ivoks: are there any new  *feature* between the version currently in lucid and 8.3.7?
<ivoks> mathiaz: i'd say all changes are bug fixes
<ivoks> mathiaz: but they did change how drbd builds
<zroysch> umm yea having a hard time getting my raid array back up here. not sure if i actually unplugged the right one
<smoser> soren, ttx, i just talked with james_w, and he verified what i thought yesterday.  if you can upload a package to the archive, then you can push to that packages' lp:ubuntu/<suite>/<package>
<zroysch> anyone familiar with md raid
<ivoks> zroysch: what's the problem?
<ivoks> mathiaz: configuration changed too
<ivoks> mathiaz: they now split main config file into .d config dirs
<momelod> greetings channel
<mathiaz> ivoks: hm - it's probably better to ask for a FFe then
<momelod> im currently trying to setup a ldirectord+heartbeat system for load balancing a website.  I've installed ubuntu jaunty but cannot find the package ipfwadm in the repos
<ivoks> mathiaz: i should've done this weeks ago, right? :(
<momelod> i do see a package named ipmasq.. has that package replaced ipfwadm?
<zroysch> ivoks: had one drive faulty removed, i unplugged one of the 3, now it appears there are 2 faulty removed. i plugged the drive back in, trying to assemble and get mdadm: /dev/md2 assembled from 1 drive - not enough to start the array.
<zroysch> md2 is 3 drive raid5
<ivoks> zroysch: you see all the disks?
<zroysch> md2 : inactive sdd[1](S) sde[2](S) sdc[0](S)
<zroysch>       2930287488 blocks
<fabrice_sp> Hi. Because of bug 524576, I've discovered that we have 2 versions of mysql in Lucid (5.0 and 5.1). Transition in Squeeze has been done thanks to libmysqlclient15-dev being a virtual package provided by libmysqlclient-dev (from mysql 5.1). As we still have mysql 5.0 (that builds libmysqlclient15-dev) in Lucid, the transition cannot be done by only rebuilding the affected packages (77, if I count correctly). How about removing mysql 5.0
<fabrice_sp>  in Lucid?
<ivoks> mdadm --assemble /dev/md2
<uvirtbot> Launchpad bug 524576 in lua-sql "causes conflict with libmysqlclient16 because still built against 15off" [Undecided,New] https://launchpad.net/bugs/524576
<zroysch> http://pastebin.ca/1802932
<zroysch> i get that metadata message for like every mdadm command im not sure what it is about
<ivoks> mdadm --assemble --scan /dev/md2
<soren> smoser: Interesting. Launchpad is lying, then :)
<zroysch> mdadm: /dev/md2 assembled from 1 drive - not enough to start the array.
<soren> smoser: I could have sworn I tried at some point, but maybe that was before this was possible.
<soren> smoser: Tried and failed, I mean.
<ivoks> zroysch: which one?
<smoser> james_w said that launchpad is a lieing $(*%*&ing piece of $*(*&
<smoser> well, ok, he didn't say that
<smoser> :)
<ivoks> zroysch: the broken one?
<smoser> i'm sure at one point in the past it was true.
<zroysch> ivoks: im not sure? mdstat lists them all
<ivoks> zroysch: you could try -f (force)
<zroysch> in the assemble?
<ivoks> yes
<ivoks> mdadm --assemble --scan -f /dev/md2
<zroysch> mdadm: forcing event count in /dev/sdc(0) from 572333 upto 572340
<zroysch> mdadm: failed to RUN_ARRAY /dev/md2: Input/output error
<zroysch> oh, fuck.
<zroysch> 2 drives couldnt have really failed at once
<ivoks> zroysch: pastebin mdadm -E /dev/sdc
<zroysch> md2 : inactive sdc[0] sdd[1]
<zroysch>       1953524992 blocks
<zroysch>  sudo mdadm --assemble --scan -f /dev/md2
<zroysch> mdadm: device /dev/md2 already active - cannot assemble it
<zroysch> who is lying here
<ivoks> activate it
<ivoks> mdadm -R
<zroysch> mdadm: failed to run array /dev/md2: Input/output error
<ivoks> maybe you replaced a working disk?
<ivoks> check dmesg
<zroysch> http://pastebin.ca/1802939
<ivoks> pase cat /proc/mdstat
<ivoks> paste
<ivoks> bin
<zroysch> http://pastebin.ca/1802941
<ivoks> cat /proc/mdstat
<zroysch> http://pastebin.ca/1802942
<ivoks> ok, let's try this
<ivoks> mdadm -S /dev/md2
<ivoks> mdadm -R /dev/md2
<zroysch> http://pastebin.ca/1802944
<zroysch> sdd gives me that
<zroysch> and sde says its all good
<zroysch> so i dont know how accurate examine is on the individual devices
<zroysch> http://pastebin.ca/1802947
<ivoks> ok, stop it
<ivoks> and then paste /proc/mdstat
<zroysch> http://pastebin.ca/1802953
<ivoks> great
<ivoks> mdadm --assemble /dev/md2
<zroysch> mdadm: failed to RUN_ARRAY /dev/md2: Input/output error
<zroysch> not good
<ivoks> sdc sdd and sde?
<zroysch> those are the devices of md2 yes
<zroysch> md2 : inactive sdc[0] sdd[1]
<zroysch>       1953524992 blocks
<ivoks> mdadm -A /dev/md2 /dev/sdc /dev/sdd /dev/sde
<zroysch> it apparently knows that sde is broke
<zroysch> mdadm: /dev/md2 assembled from 2 drives - not enough to start the array while not clean - consider --force.
<zroysch> OOOO
<zroysch> getting somewhere
<zroysch> please work force please
<ivoks> and?
<zroysch> mdadm: /dev/md2 has been started with 2 drives (out of 3).
<zroysch> WHEW
<ivoks> cat /proc/mdstat
<zroysch> mounted!
<ivoks> cat /proc/mdstat
<ivoks> have you replaced broken disk?
<zroysch> i<3ivoks
<zroysch> have not
<ivoks> ok
<zroysch> im gonna make raid10 i think
<zroysch> 5 way too questionable
<ivoks> :)
<ivoks> it's not, md is just paranoid :D
<zroysch> i dunno.. from what ive read 5 should be avoided
<ivoks> raid5 is ok for 3-5 disks
<ivoks> for 6 or more, raid6 is way to go
<zroysch> http://miracleas.com/BAARF/BAARF2.html
<zroysch> http://www.miracleas.com/BAARF/RAID5_versus_RAID10.txt
<zroysch> seems 2 drives failing at once wouldnt be that rare
<zroysch> especially when theyre from the same batch
<zroysch> and they usually are
<ivoks> that's why you have raid6 :)
<ivoks> for raid10 you need much more disks
<zroysch> yea its 50% loss right
<ivoks> yes
<ivoks> or 50% gain, depending on point of view :D
<zroysch> when 1tb is $75 i cant really complain
<zroysch> just comes down to drivebay space
<ivoks> https://edge.launchpad.net/ubuntu/+source/cluster-glue/1.0.3-0ubuntu1/+build/1514726
<ivoks>     *   Start 2010-02-21 (1855) What's this?
<ivoks> oh, come on!
<zroysch> its from the future!
<ivoks> i want it now!
<zroysch> no idea what the hell it even is
<ivoks> raid for servers :D
<zroysch> oh mirroring
<ivoks> high availability
<zroysch> hmm
<zroysch> raid 10 cant be started without 4 drives
<ivoks> that's right
<ivoks> cause you have two mirrors in linear raid
<zroysch> runnin outta space here
<ivoks> if you have only three, raid5 is the only option
<ivoks> or raid1 + hot spare
<zroysch> i wonder if this oldass athlon xp 2800 is enough to deal with that
<ivoks> but then you have 33,333% of space
<zroysch> where are you from
<zroysch> and why do you replace a decimal with a comma
<ivoks> me?
<ivoks> croatia
<zroysch> typical
<zroysch> them eastern europeans
<zul> kees: ping
<zul> kees: bug #512975
<uvirtbot> Launchpad bug 512975 in dovecot "mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/USERNAME" [Medium,Confirmed] https://launchpad.net/bugs/512975
<zul> ^^^ this is intentional for dovecot 1.2
<uvirtbot> zul: Error: "^^" is not a valid command.
<zul> shut up uvirtbot
<ivoks> zul: could we look if mail_location is set, on upgrade
<ivoks> zul: and if not, set it to /var/mail?
<zul> ivoks: we could im just confirming my suspicions with a patch to revert the commit to 1.1
<ivoks> or whatever it is by default
<ivoks> anyway, that's it from me for today; take care
<kees> zul: uhm, well, I can't seem to use dovecot at all in lucid.
<kees> (for new users)
<zul> kees: yeah im looking at a patch to revert that behavior
<kees> okay, cool
<peepsalot> neato, my server was up for 206 days before someone accidentally turned off the ups
<SuperLag> Is there a way to do the desktop version equivalent of the "Software Sources" option, from the command line?
<SuperLag> or am I just going to have to edit sources.list manually?
<pgoetz> I just tried moving /var to another partition on Lucid and was surprised to learn that the machine won't boot any more
<ikonia> just edit /etc/apt/sources.list
<ikonia> there is no non-graphical tool
<ikonia> pgoetz: then you didn't move it correctly
<ikonia> pgoetz: lucid discussion in #ubuntu+1
<pgoetz> ulookahead can't find /var/run (and I did move it correctly, but will take it to u+1 thx)
<ikonia> pgoetz: mount the partition manually and see if /var/run is there and the permissions are correct
<zatricky> Hey guys. I have a server where I need to add a range of addresses. Instead of adding them each one at a time into /etc/network/interfaces, I'd like to know if there's a way to specify "x.x.x.y - x.x.x.z"?
<zul> kees: that change was definently was the cause of it
<qman__> zatricky, no, not that I'm aware of -- an interface can only have one address assigned, so if you need more than one, you either need to add more NICs or to use virtual interfaces, and each one must be set up with a different address
<ChmEarl> on karmic server, I import a kvm guest (define *xml) into virsh. Guest runs on LVM block device. Suse used if=virtio for the block device. The guest hangs and never completes boot. Server has no vnc, X11, or anyway to connect to guest until ssh is available. Looking for ideas
<ChmEarl> I tried if=ide, next should I try if=scsi ?
<ChmEarl> I have dual boot with Suse 11.2 where the guest was created using LVM block device
<zroysch> how do i cancel cp
<lifeless> ctrl-C
<zroysch> yea didnt owrk
<zroysch> yea i think my raid failed
<zroysch> god damn this is terrible day
<lifeless> if its stuck in kernel that will show up as an unkillable process
<zroysch> root      8416  0.8  0.0   3504   620 ?        D    15:56   0:20 cp dephserv-backup/ /mnt/raid5/ -R
<zroysch> is that unkillable
<zroysch> it wont die
<ChmEarl> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<zroysch> its one line idiot
<ChmEarl> !paste @me, not you
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<ChmEarl> my xml for the LVM device http://paste.ubuntu.com/379976/
<lenios> ahah
<lifeless> zroysch: please don't call someone an idiot, its rather hostile.
<ChmEarl> np, I have a teenager :)
<lifeless> ChmEarl: so is your xml working?
<lifeless> ChmEarl: or is it erroring?
<lenios> zroysch, kill -9 8416 doesn't work?
<ChmEarl> no the boot hangs... but I can ping, but no ssh
<ChmEarl> its amazing that I can ping the guest
<ChmEarl> I destroy the guest #virsh destroy ubsvr91
<RoAkSoAx> kirkland, I was wondering if you know if networking in kvm is simulated hub or switch
<soren> RoAkSoAx: Neither.
<lifeless> RoAkSoAx: if you have a br device, thats a switch (switches are bridges, hubs are repeaters)
<lifeless> RoAkSoAx: if you're using a vlan config on top of that, then well, its a vlan :>
<soren> RoAkSoAx: Right, what lifeless said. kvm itself does not act as neither a switch nor a router.
<soren> RoAkSoAx: It's conventionally connected to a bridge device on the host, though, which acts as a switch.
<RoAkSoAx> soren, lifeless awesome thanks. that's exactly what i wanted to know :)
<lifeless> RoAkSoAx: note though that switches are not intrinsically secure; there are /many/ ways to get traffic from another port, as an attacker
<kees> zul: cool, thanks for finding it
<Yautja_Cetanu> Hi I'm trying to install ebox following an ubuntu community tutorial
<Yautja_Cetanu> its asking me for an LDAP server, whats that?
<runes> How do you get custom fonts to show in apache?
<runes> ok I know that was a vague question but I had to open with something....
<Yautja_Cetanu> @runes things seem to be slow here
<Yautja_Cetanu> atm
<Yautja_Cetanu> How do you get virtual hosts working with no dns server, one ip address on apache2? So I think its using ports
<soren> runes: Apache does not deal with fonts. You should read some basic web design tutorials.
<soren> Oh, he buggered off.
<zatricky> I think he got impatient - 9 minutes without a response, lol
<ChmEarl> is apparmor an optional service? I turned it off. Could this block my kvm guest?
<jdstrand> ChmEarl: how did you turn it off?
<ChmEarl> I stopped the startup: sudo update-rc.d -f apparmor remove
<jdstrand> ChmEarl: that is not the recommended action. what version of Ubuntu are you using?
<ChmEarl> karmic server 9.10
<jdstrand> ChmEarl: and you are using libvirt?
<ChmEarl> yes
<ChmEarl> the guest xml had seclabel tags. Just now saw thsi
<jdstrand> ChmEarl: please see /usr/share/doc/libvirt-bin/README.Debian.gz for how to disable apparmor for libvirt only
<ChmEarl> jdstrand, thanks for that
<jdstrand> ChmEarl: it is best to disable a problematic profile instead of all of apparmor since there are several profiles protecting you in the default install
<jdstrand> ChmEarl: I would encourage you to read https://wiki.ubuntu.com/DebuggingApparmor and file a bug against libvirt
<jdstrand> ChmEarl: that way we can fix it for others and possibly supply a workaround for you
<ChmEarl> I don't know how to undo the update-rc.d ... remove -- would that help
<zroysch> lifeless: sorry i'm on the verge of losing a massive amount of data
<zroysch> ChmEarl: you didnt deserve that. apologies
<lifeless> zroysch: are you using software or hardware raid ?
<ChmEarl> hey zroysch... I knw you didn;t mean harm. cheers
<zroysch> lifeless: md
<lifeless> if its software there is an md file in /proc that can give status
<jdstrand> ChmEarl: this should fix you up:
<zroysch> yes mdstat
<zroysch> i had it mounted earlier
<jdstrand> sudo update-rc.d apparmor start 37 S .
<zroysch> now its giving me this mount: wrong fs type, bad option, bad superblock on /dev/md2,
<jdstrand> ChmEarl: that is from /var/lib/dpkg/info/apparmor.postinst, btw
<ChmEarl> jdstrand,  k - do I need the period at end?
<jdstrand> ChmEarl: yes
<ChmEarl> jdstrand,  cmd was accepted
<jdstrand> ChmEarl: you should now see /etc/rcS.d/S37apparmor
<jdstrand> s/see/have/
<ChmEarl> yes there was console output about that
<jdstrand> you are good to go then on reboot. to start apparmor now, do 'sudo /etc/init.d/apparmor start'. then read the wiki and/or README I referenced
<jdstrand> ChmEarl: good luck!
<ChmEarl> jdstrand,  regards. thanks for thorough answer
<jdstrand> sure thing :)
<ChmEarl> btw, I normally run kvm on OpenSuse 11.2. I tried karmic 9.10 in order to tighten up my host and run leaner so guests have more resources. For ex. adding virt-viewer adds 49 MB, so I run w/o it
<ChmEarl> setting up Opensuse 11.2 headless as server is too custom. Karmic server makes it easy. But running kvm is now a challenge
<uvirtbot> New bug: #524696 in elinks (universe) "imdb smart url fails to work" [Undecided,New] https://launchpad.net/bugs/524696
<schgoddie> hi, since yesterday my mailman do not send mail anymore :o( - ubuntu-server 9.04 package dovecot-postfix
<schgoddie> /var/log/mailman/smtp-failture got tons of code 450 errors and a strange mail-address
<schgoddie> Feb 19 17:58:43 2010 (2849) All recipients refused: {'mareike_hy@hotmail.comandrea.stegmaier': (450, '4.1.2
<schgoddie> <mareike_hy@hotmail.comandrea.stegmaier>: Recipient address rejected: Domain not found')}, msgid:
<schgoddie> <16893131.1266245987101.JavaMail.ngmail@webmail08.arcor-online.net>
<schgoddie> any idea?
<volter> Hello! I'm not sure, if this is the right channel for my problem.
<volter> I'm renting a virtual root server.
<volter> It runs under Virtuozzo, as far is I know.
<volter> But it's Ubuntu!
<volter> My problem is with the permissions of /dev/null.
<volter> Instead of 666 it's got 600.
<volter> I looked into the udev-rules, which set 666, but in effect it's 600.
<uvirtbot> New bug: #495306 in openldap (main) "dpkg-reconfigure slapd does not let enter password" [Undecided,New] https://launchpad.net/bugs/495306
<ChmEarl> volter, cat /etc/lsb-release and paste to paste.ubuntu.com
 * ChmEarl is now running 2 kvm guests on karmic server - found my bug
<volter> http://paste.ubuntu.com/380017/
<ChmEarl> yeah, hardy 8.04
<volter> Yes, but with a non-standard kernel, i suppose.
<volter> If that matters!
<ChmEarl> did you know it was hardy? thats the only way I know to check
<volter> Well, yes, I ordered Hardy.
<ChmEarl> and uname will have generic, desktop, or server I suppose
<volter> 2.6.18-028stab067.4 #1 SMP Thu Jan 14 17:06:11 MSK 2010 i686 GNU/Linux
 * ChmEarl is wrong again
<volter> uname alone says "Linux", that was -a.
<ChmEarl> kernel version looks like redhat, centos style
<ChmEarl> not that I would try this, but what happens when $sudo chmod 666 /dev/null ?
<ChmEarl> or what does ls -al /dev/null retunr
<volter> It works until reboot.
<volter> crw------- 1 root root 1, 3 Feb 18 13:56 /dev/null
<ChmEarl> yeah, I get crw-rw-rw- 1 root root 1, 3 2010-02-19 07:13 /dev/null
<volter> Yes.
<ChmEarl> the desired result
<volter> You get a lot of problems, if you don't, I found out.
<volter> Linux is a self conducting tutorial.
<volter> Right.
<ChmEarl> so dev itself is not propagating perms down
<ChmEarl> recursive
<volter> No, doesn't look like.
<ChmEarl> I'm trying socratic method here... my experience with linux is limited (3 years)
<volter> But /dev has 755 here anyways.
<volter> Well, mine is smaller, and I'm not exerienced with servers at all. I'm grateful for any help!
<ChmEarl> oh, see if anything is funny in /etc/fstab on your root mount
<volter> Funny enough everything went wrong until now: The messed with the DNS entry and with storage!
<volter> It only features entries for /proc and /dev/pts.
<volter> *they, not the
<volter> Root is /dev/vzfs, as I can see via df.
<ChmEarl> maybe paste $sudo mount to paste.ubuntu.com
<ChmEarl> unless its empty :)
<volter> Pardon me?
<ChmEarl> mount cmd
<volter> Ah!
<volter> Got you wrong!
<volter>  /dev/vzfs on / type reiserfs (rw,usrquota,grpquota)
<volter> As it's just a single line!
<volter> Why do you think the wrong permissions have something to do with mounts?
<ChmEarl> ok, nothing stands out. Server here uses ext4
<ChmEarl> yes. perms start out in /etc/fstab
<volter> I see.
<ChmEarl> worst day on Linux is better than best day on Win
<volter> I hope so!
<ChmEarl> cheers
<volter> I tend to forget about it.
<volter> OK, so if fstab is the root of permissions, what happens next?
<volter> No further ideas what's wrong with my /dev/null-permission?
#ubuntu-server 2010-02-20
<Cappy> if i installed ubuntu SE from a Cd, the Cd should be in the repos list by default shouldnt it?
<genii> my fibre-optic nic ethtool query shows it's capabilities as 1000 base T which is a copper-based standard. e1000 driver. Any way to tell it to use something else?
<Cappy> can someone suggest a tool to manage wireless networks via command line?
<nOStahl> hi guys. how tuff is it to setup my first ubuntu cloud server. (few years of at home linux use under my belt)
<nOStahl> having hard time finding documentation for setup guides
<nOStahl> anyone have a good link to getting a basic cloud setup
<d4n1> sup
<d4n1> anybody here
<d4n1> i need help whith my ntp server
<nOStahl> woot downloading the img now
<nOStahl> for my first cloud setup!
<nOStahl> if your server controller is 64 bit
<nOStahl> can you run 64bit images on non 64bit nodes
<JanC> nOStahl: with one server there isn't much of a "cloud"...  ;)
<JanC> (but I guess you know that already, as you're talking about controller & nodes further on)
<nOStahl> aye just working on getting all the peices in order right now
<nOStahl> hrmm nostahl@nostahl-laptop:~/.euca$ . ~/.euca/euca2-*/eucarc
<nOStahl> bash: /home/nostahl/.euca/euca2-*/eucarc: No such file or directory
<nOStahl> following documents on eucalyptus website
<nOStahl> janC you got a nice juicy link that has a good n00b guide heh
<ChmEarl> trying to access guest console using virsh in host:virsh console <guest> . However this guide says I need to edit inittab. Server has it or not?
<nOStahl> hrmm
<ChmEarl> oh, can I create /etc/init/ttyS0.conf ? and add the required line?
<ChmEarl> T0:S12345:respawn:/sbin/getty -hL ttyS0 115200 vt100
<nOStahl> how do i source the euca file
<nOStahl> not finding any good documentation
<lifeless> . ~/.euca/eucarc
<lifeless> or whatever
<lifeless> 'source' means ". filename"
<nOStahl> k
<jpds> 1
<Cappy> hrmm i have a netgear nic installed in a machine im trying to setup as a ubuntu-server and for some reason its not detecting my dhcp from the router.
<genii> 2
<ChmEarl>  sudo socat - /dev/pts/1   I can see the boot messages of my kvm guest from the host. Is this a read only tty?
<Cappy> this might be a very noob question, but i have just completed an install of ubuntu-server, installed webmin and rebooted, now typing http://servername:10000 from another machine on the network, i get an error. also pinging servername tells me the host can not be found
<Cappy> all my machines have DHCP addresses from my router
<ChmEarl> Cappy, in servername /etc/init.d/apache2 start
<Cappy> hrmm sorry, for some reason hostnames are recognised. i can get in via the ip address
<Cappy> would enabling the dns server in tasksel help with that? then tell my router to use my new ubuntu server for dns?
<DanDare> Hello. Security updates are in sync with Debian ones ? IÂ´m new to Ubuntu trying to understand how they are close how they are different etc
<lifeless> we have our own security team
<lifeless> I believe they work together
<lifeless> with the debian security team
<DanDare> I see... thanks
<ElllisD> why's a fresh install of ubuntu server 9.10 refuse to let me connect via ssh?
<Cappy> anyone know of a channel that i can talk about DNS in? im a noob (already proven) and i need some help
<ElllisD> ##networking
<nOStahl> you guys gotta check this  vid out
<nOStahl> i like the presentation http://www.youtube.com/watch?v=QJncFirhjPg&feature=related
<AdamDV> nOStahl: Watching now.
<nOStahl> i will have to adopt that film technique for some of my how-to videos deffinently
 * ball can't play youtubes.
<DanDare> ElllisD, maybe you need to install ssh service first ?
<ElllisD> DanDare: thanks- I had assumed it was there- "ssh: unrecognized service" lol
<DanDare> :)
<ElllisD> 369k installed- sweeet
<DanDare> it was there... as unrecognized service... j/k
<ElllisD> :)
<ElllisD> "-bash: syntax error near unexpected token `)'"
<ElllisD> can't say smiley to the shell
<ElllisD> :)
<nOStahl> :)
<ElllisD> http://www.nature-one.de/events/nature-one/
<nOStahl> any of you guys running cloud
<AdamDV> nOStahl: Yea
<ElllisD> <--- my own. Too cheap to pay
<AdamDV> Trying to get one setup
<ElllisD> where
<AdamDV> Great video
<ElllisD> ?
<nOStahl> http://www.youtube.com/watch?v=QJncFirhjPg&feature=related
<nOStahl> that's the vid
<AdamDV> I'm starting a cloud web hosting company
<nOStahl> where at adam
<AdamDV> http://go-techo.com
<Cappy> is there a command line tool to scan and connect to wifi networks?
<AdamDV> Cappy: Look into snort
<nOStahl> iwlist
<DanDare> I have my own clouds: http://www.youtube.com/watch?v=C4fJjBTwOEc
<DanDare> zoneminder ftw
<AdamDV> Haha
<AdamDV> IMAP in the cloud = a PITA
<Cappy> thanks
<nOStahl> how many nodes will you have adam
<AdamDV> Quite a Few
<AdamDV> Probably start with 5 or so, expand up to a couple thousand
<AdamDV> Still working it all out.
<AdamDV> We will do shared, vps, and cloud hosting
<DanDare> good night gents
<nOStahl> how much for vps
<AdamDV> As well as web design, a social network, collaboration suite.
<swift> guys, what is postfix used for?.. on ubuntu-server?
<AdamDV> nOStahl: Anywhere from $5/m to $100/m
<nOStahl> email
<AdamDV> swift: Email
<swift> ok, so postfix running means, the server is a mail server?
<AdamDV> swift: It is used to accept mail from the internet, and send mail to the internet. It is usualy used in collaboration with dovecot, to deliver mail locally.
<nOStahl> 5 dollars a month for vps access nice
<AdamDV> Yea, I think its a good price.
<AdamDV> Burstable bandwidth and resources too.
<swift> ok thanks!!
<nOStahl> prices comming down for vps cause of cloud now?
<AdamDV> swift: Not necessarily.
<Cappy> AdamDV, is it safe to go with default options with snort, or should i customise from the start?
<AdamDV> Cappy: No idea, sorry.
<Cappy> AdamDV, np, thanks anyway
<AdamDV> nOStahl: Actually, I think they will rise.
<AdamDV> As people will be using VPS's as nodes.
<AdamDV> We offer managed and unmanaged vps hosting.
<AdamDV> But, I have to compete with a couple companys, so $5 is pretty god.
<nOStahl> ya
<AdamDV> Specs aren't great, but theyre not bad either.
<nOStahl> cheapest ive seen iis 19
<AdamDV> http://fivebean.com
<AdamDV> Run by Ryan, from UF.
<AdamDV> I like linode for the important ones, theyre pretty good.
<nOStahl> aye
<nOStahl> i hate email server setup
<AdamDV> I dont mind it
<nOStahl> you could make a living just setting up email servers for people lmao
<AdamDV> You just have to get used to it
<nOStahl> aye
<AdamDV> I like getting the setup working 100%
<nOStahl> like everything else
<AdamDV> SpamAssassin trained, dovecot and postfix secured, ssl setup, etc.
<AdamDV> Its quite a lengthy process.
<AdamDV> I usually train SA for at least 2 months before making a server live.
<AdamDV> Coding an Imap client in PHP to round robin accross a bunch of serers is harder, trust me.
<AdamDV> Especially when your 14 and have to keep up with school :|
<nOStahl> ahead of the curve
<nOStahl> keep with it
<nOStahl> i wasnt into the backend of computers as much when i was younger
<nOStahl> i was building hovercrafts in woodshop
<nOStahl> and catapults heh
<AdamDV> Nice.
<AdamDV> Tried building a hovercraft once.
<AdamDV> Didn't work out so well.
<AdamDV> Haha
<AdamDV> brb
<AdamDV> Alright
<AdamDV> Yea, trying to figure out the details of cloud computing and design homebrew software is a challenge.
<nOStahl> im thinking of setting up my 3 laptops and 1 desktop in the house as a cloud setup
<AdamDV> And I'm debating Debian vs. Ubuntu vs. CentOS (Cuurently using CentOS on all but the mail servers, where I run Debian Lenny)
<nOStahl> there all spares heh
<AdamDV> nOStahl: Couldn't hurt to try.
<AdamDV> How do you have all those as spares? ~.-
<nOStahl> i use an eeepc 901 as my main computer now
<nOStahl> so i have a few newer full size notebooks
<nOStahl> and an older desktop
<AdamDV> Nice
<AdamDV> I use an aspire one as my main
<nOStahl> try moblin yet
<AdamDV> Theyre nice because theyre super portable
<nOStahl> boots 4 seconds on my 901
<AdamDV> Havent tried moblin, tried jolicloud.
<AdamDV> Didn't like it.
<AdamDV> Felt restricted.
<nOStahl> aye
<AdamDV> Prefer a full install.
<nOStahl> moblin's still alpha
<AdamDV> Yea
<swift> guys, what does 'dmesg' exactly give?
<nOStahl> but it'll be nice when its full blown
<swift> i know it's a kinda log
<swift> but what messages will it display
<nOStahl> it lets you know what the computers thinking in a ways
<AdamDV> Yea, be nice once it hits beta.
<nOStahl> ie what drive you just plugged in
<AdamDV> swift: dmesg is basically an action log for the computer.
<AdamDV> Like:
<AdamDV> 10:10:09 : Found new drive /dev/sda1
<AdamDV> 10:10:10 : /dev/sda1 mounted to /media/USBDISK
<swift> so, it just displays logs
<swift> ?
<AdamDV> It writes to logs, and stdouts to the terminal is optional, yes.
 * AdamDV bangs head
<AdamDV> Php+Imap+Break=BAD.
<swift> thanks!
<AdamDV> No problem
<AdamDV> I'm worried canonical is on the path to the next microsoft
 * AdamDV ducks and runs for cover
<nOStahl> atleast it wont cost 300 for new versions :P
<AdamDV> Haha, true.
<nOStahl> i like ubuntu heh, when i was running arch linux alot i could always find a guide for ubuntu and translate it into arch
<AdamDV> I love the usability of Ubuntu
<AdamDV> I dont love how it seems to be starting to get chopped up.
<Cappy> i would love ubuntu more if i could get wifi going on a server install
<AdamDV> Theyre are what, 10 different package mangement apps now?
<AdamDV> Cappy: Why, oh why, would you be running a server on wifi?
<tenach> I got it to work after googling "ubuntu server wifi"
<nOStahl> servers = eth0
<AdamDV> Thats like complaining the olympic jogging team doesn't allow wheelchairs.
<tenach> AdamDV: I personally use it for local testing, then disable it.  I can't have my machines physically near/both at the router.
<Cappy> AdamDV, because its 40c outside and im not climbing around in the roof for a few months!
<nOStahl> i thought there was only apt-get :P
<nOStahl> who needs gui package management
<AdamDV> nOStashl: Well, lets see: Ubuntu Software Center, Package Updater, Package Updater Preferences, Add/Remove, Synaptic, Gdebi.
<AdamDV> Combine them all into one.
<AdamDV> I prefer the terminal for 90% of things.
<nOStahl> aye
<AdamDV> But, its nice to e able to have everything done in one application.
<AdamDV> Group the apps.
<nOStahl> i like update-manger though
<AdamDV> I do too.
<nOStahl> that one i do like
<Cappy> this is another issue, when im logged on to the machine, i keep getting messages like "* Reloading /etc/samba/smb.conf smbd only"
<AdamDV> But, it would be nicer if apt-url, gdebi, and update-manager were all built into USC
<AdamDV> Cappy: You logged in as root?
<Cappy> nope, logged in as my regular user
<AdamDV> And, are you reloading samba?
<Cappy> not reloading anything, just sitting at a prompt
<AdamDV> Do this:
<AdamDV> crontab -e
<AdamDV> sudo crontab -e
<AdamDV> See if theres anything relating to samba in there.
<AdamDV> That broadcasts to the terminal or that prints to stdout
<AdamDV> (?)
<Cappy> nope, nothing, just an entry about deleting the webmin temp files
<AdamDV> Great success! Got my little IMAP thing working!
<AdamDV> Cappy: Heh, try #samba ?
<Cappy> nah its cool
<nOStahl> so with cloud can you run games via wine over the cloud
<nOStahl> and ramp up the nodes? :P
<AdamDV> That's going to revolutionize gaming
<Cappy> im more interested getting this wifi working
<AdamDV> Cant blame it on the lag anymore.
<AdamDV> lol
<nOStahl> heh
<nOStahl> imagine having 4 or 5 computers all playing your game
<AdamDV> Yea
<AdamDV> It'd be nice
<AdamDV> I'm gonna laugh once quantum computers is figured out
<AdamDV> I laugh at intel
<AdamDV> ANd theyre 'dual cores'
<AdamDV> bullshit. Theyre virtualized cores. AMD make REAL cores.
<AdamDV> Anyway, </offtopic?
<nOStahl> heh
<nOStahl> i like intel
<nOStahl> they give me cool stuff
<AdamDV> Theyre high end are good for desktops.
<AdamDV> Xeons are good for servers
<AdamDV> Other than that, I'd reather AMD.
<AdamDV> *rather
<AdamDV> Also, I've got a question for the ubuntu-gurus.
<AdamDV> What with Canonical sending out the 'your private cloud' packages
<AdamDV> Where do we sign up?
 * AdamDV killed the room
<nOStahl> heh
 * Cappy is pulling out his hair!
<AdamDV> Cappy: Welcome to the club.
<Cappy> my wife is going to freak if i have to tell her this computer has to stay in the kitchen
<nOStahl> thats what wife's do
<Cappy> thats why i want wifi on this box
<nOStahl> whats iwconfig say
<AdamDV> Cappy: Does it have a wifi card in it?
<AdamDV> :P
<Cappy> AdamDV, ohh crap i knew i must have forgotten something!
<Cappy> =)
<AdamDV> Haha
<AdamDV> It wouldn't be the first time
<AdamDV> One time in #postfix something happened like that
<AdamDV> brb
<Cappy> hang on a tic, i'll clear out the crap i put in /etc/network/interfaces
<nOStahl> i wonder when moonlight project will be able to get netflix to linux
<AdamDV> back
<AdamDV> Yea, i #postfix, some guy comes in, we troubleshoot, then maybe 2 hours later hes like "Wait, do I have to install postfix first?"
<nOStahl> heh
<AdamDV> Next couple lines are usual this: mode +o user by Chanserv, mode +b *, /kick dumbuser
<AdamDV> lol
<Cappy> iwconfig lists a bunch of crap about the card, looks like its not seeing the ESSID etc.
<nOStahl> type sudo iwconfig wlan0 essid any
<nOStahl> then type iwconfig again see if it associated with any of the wifi networks around you
<Cappy> error for wireless request "set essid" (8B1A) : SET failed on device wlan0 ; operation not permitted
<nOStahl> did you use sudo
<AdamDV> Alright folks
<AdamDV> Have a good night
<AdamDV> I'm out
<nOStahl> adam
<AdamDV> Yea?
<Cappy> nope, but i have now, and its just got the essid and nothing else has changed
<nOStahl> check me out at #gridrunneradventures when you get online again
<Cappy> bye AdamDV , thanks!
<nOStahl> cappy k its associated
<AdamDV> Alright :D
<nOStahl> now type sudo dhcpcd wlan0
<nOStahl> and you should be done
<Cappy> command not found
<AdamDV> nOStahl: Its been set to autojoin ;)
<Cappy> nOStahl, my wireless is WPA2 protected....
<AdamDV> Have a good night :D
<Cappy> "sudo: dhcpcd: comand not found"
<nOStahl> cappy sudo apt-get install wireless-tools
<Cappy> k
<nOStahl> and goo to another computer and turn of wpa for now
<nOStahl> cya later adam
<Cappy> nOStahl, sorry about that
<Cappy> i had to reboot the machine and now its halted on a bunch of errors where its 'pre-start'ing and 'post-start'ing wlan0
<Cappy> "terminated with status 1"
<Cappy> i cant even boot into recovery mode
<nOStahl> weird
<Cappy> im not getting a prompt or anything, all i can do is ctrl-alt-del to reboot
<Cappy> hrmmm am i going to have to re install again...... 3rd time lucky maybe?
<fabrice_sp> Hi. Any reason why we should keep mysql 5.0 and mysql 5.1 in lucid? Squeeze will be release with 5.1
<Cappy> noi have installed wireless-tools but still get command not found when trying to do 'sudo dhcpcd wlan0'
<lifeless> uhm
<lifeless> dhcpd is the dhcp server
<lifeless> not really related to wireless-tools
<Cappy> ohh ok, well i was just going by what i was told in here earlier
<Cappy> so i have the card associated to the network, but i just cant connect
<lifeless> do you have a dhcp server on the network
<Cappy> yeah, the router is looking after that
<Cappy> the other 5 machines on the network are all working fine
<lifeless> is your /etc/network/interfaces setup appropriately?
<Cappy> ahh i got some tips in #ubuntu and it seems to have worked
<lifeless> assuming you're not using network manager
<Cappy> nope, no gui here, all cli
<Cappy> sudo ifconfig wlan0 up
<lifeless> nm can do cli, FWIW.
<Cappy> and sudo dhclient wlan0
<Cappy> and now i have an address associated to the wlan0 interface
<Cappy> but i cant ping out
<Cappy> host www.google.com - returns connection times out; no server could be reached
<Cappy> and i get destination host unreachable when i ping my router
<lifeless> Cappy: I suggest a read of 'man interfaces'
<Cappy> lifeless, there are no entries in my /etc/network/interfaces
<Cappy> not for the wlan0 anyway
<Cappy> and after a reboot, i cant get dhclient wlan0 to fetch an addredd from the router
<Cappy> comes back with "No DHCPOFFERS recieved, and fails again when "Trying recorded lease 192.168.0.103"
<Cappy> bah, got it sorted now
<Cappy> now i just have to work how how to make it persistant through reboots
<ElllisD> what was it?
<Cappy> ElllisD, it was the fact that i hadn't associated the network before trying to get the dhcp lease
<Cappy> now if i can just make it persistant, i'll be right
<ElllisD> I don't even know what it is to associate a network
<lifeless> Cappy: you need to add entries as per the man page
<lifeless> Cappy: it can associate for you automatically if you configure it
<Cappy> yeah i will have to look, the man page didnt make a whole lot of sense to me, thats partly because of the way my screen is configured (badly)
<Cappy> the other thing i need to do is get my wifi secured back up... im currently using an open network to get it working
<Cappy> folks, here is my entry to /etc/network/interfaces for my wlan0.  since putting this in, i cant get a dhcp lease. http://pastebin.com/d73699e8
<nathan__> hello all this is going to sound strange but i need to slow down network access for hotmail i can redirect request for hotmail to another address but thats not what i need
<nathan__> when using bind that is
<Yautja_Cetanu> How do you set up virtual servers using just ports (So I have no dns, no multiple ip addresses)
<Cappy> lifeless, are you there?
<Cappy> anyone there that might be able to help with /etc/network/interfaces and getting wifi working without any gui?
<Cappy> is anyone here alive? im REALLY stuck and dont know where to go next
<Yautja_Cetanu> I asked a question a while ago and got no response :(
<Yautja_Cetanu> haven't seen any activity for an hour ish
<Cappy> yeah tell me about it, you'd think with 191 people in the chan, there'd be a pretty good chance of a response
<Yautja_Cetanu> do you know anywhere else to go?
<Yautja_Cetanu> I'm trying to set up an apache virtual host, so its a fiarly noob question
<Cappy> i can only assume you've googled the hell outta it.
<Cappy> its been a long time since i setup apache manually, so i cant really tell you
<Cappy> probably somewhere more apache-ish
<Cappy> #apache
<Cappy> try #httpd
<Yautja_Cetanu> I've done some googling
<Yautja_Cetanu> but the problem is that I'm such a noob
<Yautja_Cetanu> the I don't really know which of the google results are in the right direction
<Cappy> i'd ask in #httpd, they can probably point you in the right direction at the very least.
<Yautja_Cetanu> Most tutorials assume you have a dns server or going to set up multiple IPs, I want to have the virtual server on a different port
<Yautja_Cetanu> which I've done on IIS
<Yautja_Cetanu> cool
<Yautja_Cetanu> thanks
<Cappy> so you want to do servername:80 for one site and servername:81 for another etc?
<Cappy> ive been working with this: http://ubuntuforums.org/showthread.php?t=202834 but i get a feeling it needs updating to karmic standards... otherwise im just being brain dead and missing something simple.
<Yautja_Cetanu> yeah thats what I'm looking for
<Yautja_Cetanu> :(
<Yautja_Cetanu> Have you tried using something like ebox or webmin?
<Cappy> i cant talk to webmin unless i have a network connection
<Cappy> its installed and was working, but now that my wifi is dead, i cant talk to it (
<Yautja_Cetanu> oh yeah
<Yautja_Cetanu> you can't temporarily plug it in i guess?
<Cappy> yeah i can, but i dont remember seeing anything about wireless setup in webmin
<Cappy> at this point, if i knew it would work, i'd install a full desktop to the machine and get it up with wicd.
<Cappy> but i dont think thats going to work while wicd isnt running.
<Cappy> im about ready to ditch this for windows 98, at least i know i can make that work.
<Yautja_Cetanu> Why don't you go for the full ubuntu with a gui?
<Yautja_Cetanu> My general feeling has been that wifi is one of the banes of linux
<Yautja_Cetanu> but thats based on very little
<Cappy> i think i have it
<Cappy> dont ask me what i did, i have no idea
<Cappy> this is for a server, something i can turn on when i need to play, something i can plug in to power and have work from a room with no wired ethernet
<Cappy> anyway, looks like its working
<g-hennux> hi!
<g-hennux> i want cron to send me mails to some remote server, but without all the overhead of postfix, exim etc. -- what is the minimal setup i need for cron to be able to send mails?
<g-hennux> i created /root/.forward pointing to the correct address, but it seems to be ignored, and there's also no mail appearing in /var/mail/root, so i'm a bit puzzled
<g-hennux> do i need a sendmail executable, as provided, e.g. by nullmailer?
<volter> Hello!
<DanDare> Hello. I need to pay something to have ubuntu server LTS and itÂ´s 5 year security updates ?
<g-hennux> DanDare: no
<DanDare> g-hennux, thanks
<g-hennux> DanDare: 10.04 will be the next LTS release, afaik
<sherr> g-hennux: what about ssmtp - simple smtp - sends only?
<volter> I've got wrong permissions on /dev/null on a virtual root server. They are 600 instead of 666, and it's not caused by udev.
<DanDare> and normal Ubuntu Server distros (not LTS) will have at least 18 months of security updates? I mean, this really works ?
<DanDare> g-hennux, yeah, im reading about... for April
<g-hennux> sherr: so what is the method that cron uses to send mail? e.g. with python's smtplib module, i guess i don't need any mta, just because python speaks SMTP. so i was wondering, what backend cron uses to send mail
<sherr> g-hennux: cron will use sendmail or equivalent for non-local mail e.g. postfix, ssmtp etc.
<DanDare> Sorry to ask this but im just sarting with Ubuntu Server. Im a Debian user. In few words whatÂ´s the main advantage of Ubuntu Server compared to Debian ?
<sherr> in fact - try just "mail -s subject <addr>" (heirloom-mailx)
<g-hennux> sherr: ok, now i installed ssmtp, but then local delivery won't work any more. i.e. "mail root" will give me "relay access denied", because the next server in line won't accept mails for "root@mymachine"
<palt> I'm having some HW problems with a server. Just before christmas one of the two system driver (in a raid) failed. I bought a replacement and got it working again. Now the other drive seems to be failing, giving me lots of error messages in dmesg. However, one strange thing is that the new drive got kicked out of the raid just now, and the old drive are still in it, but having lots of error messages in dmesg
<sherr> g-hennux: root should be dealt with by /etc/aliases - local delivery to a named user i.e. you
<palt> Is there someway to check if it is some other hardware issues, like IDE controller or something?
<DanDare> palt, start trying to replace data cables (imo)
<g-hennux> sherr: /etc/aliases is not present. and "sendmail root" will try to connect to my mailhub to deliver the mail. that's not cool. i want mails for local users to be put in /var/mail/ and mails for non-local users to be transported via my mailhub
<sherr> g-hennux: have you configured ssmtp?
<g-hennux> sherr: yes
<DanDare> palt, or same error disks on second IDE to see if they got errors
<sherr> g-hennux: I suggested it but don't use it (I use Postfix). This page : http://www.linux.com/archive/feature/132006
<sherr> says to have a "root=" line to grab root's mail.
<palt> swap the discs and see if I get the error from the swapped disc?
<sherr> g-hennux: http://linux.die.net/man/5/ssmtp.conf - root option
<g-hennux> sherr: ok, now got it working as it should, i guess
<g-hennux> thank you!
<palt> bah, I hate hardware errors ;P
<sherr> g-hennux: no problem.
<sherr> palt: Also check SMART health status on both disks - smartctl
<palt> sherr: thx :) I'll try that :)
<DanDare> well, Ubuntu seems to be really making a difference
<DanDare> I plugged an USB cam and it just works
<DanDare> itÂ´s the plugÂ´n play in the linux world
<uvirtbot> New bug: #524909 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.3 failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/524909
<spiekey> Hello!
<spiekey> does anyone know what i am doing wrong with my chroot here? http://pastebin.com/d75705542
<Tommy89> How can i update just php to the latest version.. on ubuntu 8.04
<spiekey> oh, i know
<spiekey> dont use quotes ;)
<zroysch> mount: wrong fs type, bad option, bad superblock on /dev/md2,
<zroysch> if i try mounting my md device and get this is the data lost?
<Q-FUNK> hi! is there any standard place to disable apt-check from the login loop?  it seems that it often hangs, which result in ssh login never completing.
<AdamDV> 'lo
<AdamDV> Anyone feel like sharing a couple spamassassin rulesets?
<larsemil> after a successful creation of a kvm machine with vmbuilder is there any reason it should not show up in virsh?
<larsemil> there was no xml file created
<martin-> there should be a xml file
<martin-> which you import using the command define in virsh
<uvirtbot> New bug: #516867 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: subprocess post-installation script returned error exit status 75" [Undecided,Invalid] https://launchpad.net/bugs/516867
<larsemil> martin-: it was not created for some reason
<larsemil> martin-: the disk image was created and the run.sh but not any xml file
<martin-> strange
<martin-> never used vmbuilder though
<larsemil> martin-: http://pastebin.ca/1803873
<ruben23> hi i got problem, when i browse its very slow getting the page sometime getting time out, and im using squid for proxy any suggestion where should i look at.
<DanDare> Okay, this link is broken: http://tinyurl.com/ubuntuserv
<DanDare> This one works: http://tinyurl.com/ubuntuserver that redirects to http://www.lalitkapoor.com/blog/2008/06/30/ubuntu-server-desktop-autologin/
<ruben23> hi i got problem, when i browse its very slow getting the page sometime getting time out, and im using squid for proxy any suggestion where should i look at..
<AdamDV> ruben23: Try about:confgi in mozilla nad disable ipv6
<DanDare> The various brands of Ubuntu distros shares the same codename? I just donwloaded and installed US so itÂ´s Karmic Koala what i have ?
<DanDare> I installed Ubuntu Server and my IP is from Brazil. Just installed phpmyadmin and itÂ´s interface cames with portions of it in BR-portuguese language. I want all the system in english. WhatÂ´s the Ubuntu Server automation proccess that take care of this? Where to look to set default language for the system?
<DanDare> Well, I choose english at installing time...
<isaquealves> DanDare: Check /etc/environment
<DanDare> allright, thanks. Just found this https://help.ubuntu.com/9.04/serverguide/C/ that sounds usefull also
<DanDare> environment file just says: PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
<DanDare> I have everything as en_US.UTF-8 on 'locale' exept LC_ALL= thatÂ´s blank
<DanDare> phpmyadmin package says "... and its fully internationalized and localized in dozens of languages"
<DanDare> so most probably thatÂ´s just phpmyadmin stuff
<nijaba> DanDare: take a look at the preffered languages your browser sends to your server...
<DanDare> nijaba, ok thanks.
<nijaba> DanDare: if on Firefox Preference -> content -> languages
<ruben23> any relation with proxy problem with this page display when loading gmail, or just and ISP problem..>? ---> http://i50.tinypic.com/2euorrq.jpg
<DanDare> nijaba, changed that and it works now, thanks. Anyway thereÂ´s a pulldown menu on the main phpmyadmin page that let you choose language... I was just being so stupid and not seeing that...
<AdamDV> tbc: !
<tbc> Hey AdamDV. How's it going?
<AdamDV> Good Good, and you?
<tbc> Got online to deal w/email, do some surfing and thinking.
<AdamDV> lol
<uvirtbot> New bug: #525041 in php5 (main) "Apache serves PHP files without parsing them" [Undecided,New] https://launchpad.net/bugs/525041
<DanDare> uvirtbot, can i try to replicate this running on VM ?
<uvirtbot> DanDare: Error: "can" is not a valid command.
<DanDare> allright
<DanDare> :)
<guntbert> DanDare: most users whose nick end in -bot are ...
<guntbert> *nicks
<DanDare> yeah :p
<DanDare> uvirtbot make me a sandwich
<uvirtbot> DanDare: Error: "make" is not a valid command.
<DanDare> bah
<KurtKraut> I've experienced this bug #525041 while visting some websites.
<uvirtbot> Launchpad bug 525041 in php5 "Apache serves PHP files without parsing them" [Undecided,New] https://launchpad.net/bugs/525041
<KurtKraut> I think I've seen this twice
<DanDare> This bug file means that... installing php on a fresh setup with minimal configurations? I mean, thereÂ´s a lot of web servers around loading php pages correctly
<DanDare> a bug may be hard to spot as caused by a conjuction of facts anyway
<DanDare> and this is annoying, after changing permissions of some MySQL user using phpmyadmin i got "Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.", cant log anymore on phpmyadmin, and it was working.. i dont touched anything on the config files
<osmosis> anyone want to sponsor getting Django 1.2 into lucid?  https://bugs.launchpad.net/ubuntu/+source/python-django/+bug/505440
<uvirtbot> Launchpad bug 505440 in python-django "django 1.2 for lucid" [Undecided,New]
<kklimonda> zul: can you comment on bug 505440 when you are awake? I've asked you a question there without noticing that you are not subscribed :)
<uvirtbot> Launchpad bug 505440 in python-django "django 1.2 for lucid" [Undecided,New] https://launchpad.net/bugs/505440
<ChmEarl> my initrd.img for karmic server guest (9.10) is over 7 MB. it should be no more than 3MB
<ChmEarl> kvm guest
<ChmEarl> first attempt to run mkinitramfs failed to boot new initrd.img
<ChmEarl> in initramfs.conf I set modules=dep  (was most)
<ChmEarl> can I take the list from lsmod and add it to the /initfamfs-tools/modules ?
<kklimonda> lifeless: I've asked zul about django not because of his comment but because he was going to asses the risks and gains of getting it into lucid - I was wondering whenever he has found time to do it. :)
<ehnde> if i uninstall the lamp stack will that remove all of my configuration files too?
<ehnde> i'm considering reinstalling because i cannot get my php scripts to run
<ehnde> any php i put in is viewable in the html source
<AdamDV> ehnde: Not unless you run apt-get remove --purge
<AdamDV> ehnde: Try starting your php with <?php instead of <?
<skuldGoddess> so i recently installed spamassassin on my postfix mail server.  I'm thinking something isn't quite right...I don't seem to be getting my mail now.  I noticed in the config that sendmail is in the config, yet, i don't use sendmail at all.
<skuldGoddess> I see this in /etc/postfix/master.cf:  spamassassin unix - n n - - /usr/bin/sendmail -oi -f ${sender} ${recipient}
<skuldGoddess> I... guess everybody is busy eating dinner? LOL
#ubuntu-server 2010-02-21
<skuldGoddess> can anybody help me with spamassassin + postfix?
<uvirtbot> New bug: #525109 in postfix (main) "while abort an installation process" [Undecided,New] https://launchpad.net/bugs/525109
<uvirtbot> New bug: #523862 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/523862
<ChmEarl> nam-myoho-renge-kyo
<ChmEarl> ciao
<sacarde> hi
<sacarde> I try to configure xdmcp on ubuntu8.4server
<sacarde> I installed xorg + fluxbox + xdm
<sacarde> someone experienced with this?
<Callum__> http://repos.srb2.org/HNI_0079.JPG my baby
<mealstrom> you should use some extra light sources or blink :P
<Callum__> heh, it doesn't stay there, I just pulled it out there to do a decent wiring job...notice you can
<Callum__> 't see much wires in that photo =P
<Callum__> they're all tucked around the nooks and crannies of the rack for maximum airflow and that shit...most of the time right now that rack sits in a toilet with a fan in it, it has to be there for the moment because we are moving it downstairs in the building in a couple of months time but we have to have SOMEWHERE to put it where we can minimize the noise
<Callum__> the loudest thing on that rack by far is the radio transmitter (the big thing up the top)
<Callum__> drowns out the servers, hard drive enclose and the signal exciter (machine below the transmitter) noise quite easily
<Callum__> enclosure*
<Callum__> http://repos.srb2.org/HNI_00030.JPG =P
<Callum__> http://repos.srb2.org/HNI_00020.JPG the UPS (1500VA) is under max load with everything turned on
<Callum__> the servers (and the computers being served by it) all run Ubuntu
<Callum__> those two machines running Server Edition 9.10, one running general-purpose 9.10 and two running Ubuntu Studio
<mealstrom> nice, any portable diesel generator at backyard?
<Callum__> no unfortunately, we don't have the money for anything flash like that as we're a non-profit organisation with most of our equipment being donated =P the radio-related stuff is brand new though
<Callum__> however if power does go out, the UPS should hold everything for about 30 minutes.... I don't need so much time as I live pretty much 30 seconds away =P
<mealstrom> we ve got 4 UPS 1000(VA) for about 2-3 hours with no power plugged. But when light goes away for 4 hours -- its disaster. And we cannot put there some diesel generator cos of "close distance to houses" too much noice at 2 a.m. or so
<Callum__> I see... we're the same, the radio station (where that rack is located) is in the middle of a shopping center
<Callum__> you would think with car engines being so quiet they'd have quiet generators too
<mealstrom> my friend has got 2.4 kV generator ... it sounds like a tank
<dotancohen_> You can put a muffler on a generator
<dotancohen_> I don't know why they don't come with them, though
<Callum__> Yeah...
<dotancohen_> It doesn't kill the power really, but it is a bit expensive considering the cost of the whole thing
<dotancohen_> And it takes a bit of space, and it gets _hot_
<Callum__> 2.4kV is somewhere between 5-10hp =P or something
<dotancohen_> By the way, car engines aren't really so quiet. Open the hood and pull some of the plastic away. If it's got a chain driving the cams, it's loud
<mealstrom> yes. it is cheaper to buy another 4 UPS.
<mealstrom> but we work with wood and there is some rules with fire protection. And we should put them backyard or something like that/
<mealstrom> car engines with air cooling ? )
<Callum__> heh
<mealstrom> they sounds like tank too )
<Callum__> well, they're quiet considering what little cars do to drain the noise outside
<Callum__> generators could have endless amounts of soundproofing and exhaust muffling on them without any problems
<maxagaz> how to check on which /dev is assigned my webcam ?
<mealstrom> lshw -short ?
<sacarde> can you help me to configure xdmcp on ubuntu-server?
<maxagaz> mealstrom, no...
<maxagaz> dmesg returns this : /devices/pci0000:00/0000:00:1a.1/usb4/4-1/4-1:1.0/input/input10 when i plug it
<mealstrom> g  dmesg | less
<mealstrom> oh
<mealstrom> look here dev/v4l/by-id
<mealstrom> /dev/
<mealstrom> and check /dev/video0
<Maleko> can anyone give me a iptable rule to limit the number of outgoing connection to particular ip destination
<Davedan> can I rotate a log file maunally?
<sacarde> can you help me to configure xdmcp on ubuntu-server?
<twb> sacarde: X -query <terminal-server's-ip>, you're done.
<sacarde> I try this
<sacarde> but i dont view anythings
<twb> And what did the logs say?
<sacarde> I use ubuntuserver as server
<sacarde> I configure xdm
<sacarde> I view: netstat -an| grep xdm --------> port 177 is open
<twb> You configured Ubuntu as the X server, or the app server?
<sacarde> I install xorg on ubuntuserver
<twb> OK, so xdm and all your apps are installed on the app server, right?
<sacarde> yes
<twb> What is the output from X -query <IP>?
<twb> If it doesn't work, you should get some kind of error output
<sacarde> X :1 vt8 -dpi 100 -query 192.168.1.3
<sacarde> _XSERVTransSocketOpenCOTSServer: Unable to open socket for inet6
<sacarde> _XSERVTransOpen: transport open failed for inet6/arch64:1
<sacarde> _XSERVTransMakeAllCOTSServerListeners: failed to open listener for inet6
<sacarde> XDMCP warning: INET6 UDP socket creation failed
<ivoks> argh
<ivoks> ipv6
<sacarde> I blacklisted ipv6
<ivoks> there's nothing on vt8?
<sacarde> no
<twb> Why the fuck is it trying to use UDP over IPv6?
<twb> sacarde: what version of ubuntu?
<RoyK> sacarde: why did you install X on your poor server?
<RoyK> why not?
<sacarde> 8.4
<twb> RoyK: well, firstly because he's giving it an IPv4 address
<twb> But I guess it might be because he's not -nolistening?
<twb> sacarde: so "lsmod | grep ipv6" is empty?
<sacarde> now, yes..... I try to load this module
<RoyK> hm... yeah
<sacarde> ah
<RoyK> wierd
<sacarde> in my client system..... I not have ipv6
<twb> sacarde: you need to look at your log files, on both systems
<ivoks> X :1 -query localhost
<ivoks> does that work on app server?
<twb> sacarde: your basic technique is correct, so something must be misconfigured.
<twb> ivoks: you're assuming there's an X server on his app server :-)
<ivoks> i think ipv6 error are not errors
<sacarde> how can I remove ipv6 from ubuntuserver?
<sacarde> no?
<twb> I agree, I suspect the IPv6 stuff is spurious.
<twb> It usually is
<sacarde> ah
<ivoks> just notification that ipv6 isn't available
<twb> (I ran off on a bit of an anti-ipv6 tangent before.)
<sacarde> I try loading ipv6 in client too
<sacarde> but I havent errors.... bu I dont view anythings
<sacarde> but I read:
<sacarde> XDMCP fatal error: Session failed Session 179920002 failed for display 192.168.1.20:1: Cannot open display
<twb> sacarde: Xorg said that?
<ivoks> that's an real error
<sacarde> yes
<twb> sacarde: is xauth installed on both ends?
<sacarde> mmm
<twb> sacarde: if you have firewalls, do they have the appropriate gaping holes?
<sacarde> no firewall
<twb> I wonder if it's worth just forcing a (non-XDMCP) remote connection, to test it
<twb> X :2 & ssh 192.168.1.20 -f env DISPLAY=192.168.1.30:2 xlogo
<twb> Where 192.168.1.30 is your X terminal
<ivoks> bah
<ivoks>   Clustered snapshots are not yet supported.
<ivoks> fsck
<sacarde> Error: Can't open display: 192.168.1.20:2
<twb> sacarde: you're starting X by hand?
<twb> sacarde: i.e. not via xdm, gdm, xinit, or anything else
<sacarde> no
<twb> Well, no wonder it fails, then.
<sacarde> in runlevel 2 I start xdm
<twb> All those wrapper things disable remote X for your protection
<sacarde> ?
<sacarde> I check hosts.allow and deny
<twb> This has nothing to do with tcpwrappers
<sacarde> no?
<ehnde> anyone know of any good guide for lighttpd+sqlite+php ?
<heath|OTG> Hello, I'm trying to learn / configure iptables as a router / gateway. So far I have the router set to accept ssh which is working fine and it allows traffic through from other machines on the network but I can't ping any outside address from the router itself
<heath|OTG> it's as if eth0 doesn't pass it's traffic through to the wan eth1
<merianos> Hello .  .  .
<Jeeves_> heath|OTG: Have you configured NAT?
<merianos> I need your help please . . . :)
<merianos> I'm new on Linux and I use an ubundu desktop
<merianos> I like to setup a system for development with LAMP
<merianos> This part is already set it up
<merianos> What I like to do now is to setup BIND
<merianos> I want to use domain name for each of my local domain names
<heath|OTG> Jeeves_: I had a bad DNS entry
<merianos> Any person to help me please ?
<Jeeves_> heath|OTG: Ah, ok.
<Jeeves_> merianos: Just ask your question, and someone will help, or not
<merianos> Ok then . . .
<heath|OTG> merianos: you don't need bind for that just configure your host file if it is just for one machine
<merianos> How to setup BIND for custom domain names in my localhost only, not shared domain names in my network
<merianos> Ah ok . . .
<merianos> where is located the host file in Ubundu ?
<heath|OTG> /etc/hosts
<merianos> and then how can I build Virtual Hosts for Apache ?
<Jeeves_> merianos: see /etc/apache2/sites-enabled/000-default
<heath|OTG> you will need to create configs in /etc/apache2/sites-available. there should be a default
<heath|OTG> once configured you enable it with a2ensite siteconfigfile
<merianos> slowly slowly :)
<merianos> I'm new on linux . . .
<merianos> first day that I'm using it :)
<merianos> Ok now . . .
<merianos> I found the hosts file . . .
<merianos> In example if I will use the domain www.testdomain.ext
<merianos> how will I setup a virtual host on apache ?
<merianos> in hosts I will add the record 127.0.0.1 www.testdomain.ext
<merianos> what is the setup on apache for test ?
<merianos> i mean the testdomain virtual host
<merianos> Have I to make a copy of default file in /etc/apache2/sites-available and then rename it to the domain name I like to use ?
<merianos> in www.testdomain.ext ?
<merianos> and then enable it by using a2ensite www.testdomain.ext ?
<merianos> Any help please ?
<merianos> Somebody to help me ?
<merianos> None ?
<heath|OTG> merianos: that should work fine and remember to change the path to the web root
<heath|OTG> merianos: please understand that must of us in here are working as well
<merianos> :$ sorry :)
<merianos> I try to paste the file and I can't
<merianos> how to change the permisions ?
<heath|OTG> sudo nano -w file_you_want_to_creat
<tarvid> after karmic upgrade, i am battling named failure
<tarvid> any hints on where to start?
<tarvid> resolve queries from outside but not locally
<tarvid> resolv.conf has nameserver localhost
<tarvid> works with hard address
<d4n1> hey, how can i access the phpmyadmin page, is there supposed to be something inside www in /var/www?
<qman__> d4n1, the distribution phpmyadmin page is located elsewhere, but should be accessible with http://yourserver/phpmyadmin/
<d4n1> qman__: well, ive tried that, which i expected to work, but it doesn't so i don't know if i did something wrong/
<qman__> I don't have one accessible right now, but I believe it's in /usr/share/phpmyadmin
<qman__> and it should have created or modified your site config in /etc/apache2/sites-available
<d4n1> ok, if anything ill check sites-available out
<qman__> a lot of packaged web software works that way in ubuntu, such as torrentflux
<uvirtbot> New bug: #525435 in samba (main) "utf-8 characters cause permission denied error" [Undecided,New] https://launchpad.net/bugs/525435
<uvirtbot> New bug: #525395 in backuppc (main) "Missing dependency to libtime-modules-perl" [Undecided,Confirmed] https://launchpad.net/bugs/525395
<tprankd> I'm using ircd-hybrid.  I'm able to connect to 127.0.0.1, however when I'm trying to connect to a domain that points to the server IP, the connection is refused.  How can I set it up so I can connect from an external computer?  port 6667 is open
<qman__> tprankd, you probably have to configure the daemon to listen on your LAN IP
<qman__> if your machine is 192.168.1.5, try connecting to that from inside
<qman__> if it doesn't work, you have your answer
<tprankd> hmm cannot connect to the lan IP
<tprankd> How would I make it listen on .7?
<VSpike> can anyone tell me when you should use vga= and when you should use video= on the kernel boot line?
<VSpike> I can't find the right search recipe because they are both such common words
<sherr> VSpike: I think vga= gives you a video "mode" i.e. resolution, and video= loads a video device driver
<qman__> tprankd, There should be a "listen" directive somewhere in the configuration file. Change it from localhost or 127.0.0.1 to your LAN IP, restart the service, and everything should work.
<tprankd> qman__:  Thanks!  Do you know where the configuration file is for irc-hybrid?
<tprankd> I was looking in /etc/irc-hybrid
<qman__> I don't know about that one in particular, but you're looking in the right places
<qman__> there should be a main config or a network config, something like that
<VSpike> sherr: thanks
<ChmEarl> using karmic 9.10 as VM manager, what size initrd.img is about right? its 7MB now. I need to rebuild it
<ChmEarl> looking at initramfs.conf for hints
<heynow> I've got a dell box t310 that 8.04 will not install on - doesnt find nic or the cdrom - however 9.10 installs well. If I install and configure 9.10 will i be able to upgrade to 10.4 and pin it there for the life of 10.4?
<sherr> heynow: yes
<VSpike> Hm. I had a booting box, and then I followed the instructions at http://harrison3001.blogspot.com/2009/09/grub-2-graphical-boot-tips-to-set.html and now it doesn't seem to boot
<VSpike> I can get the grub menu (and it is at 1024x768 as I requested) but whatever boot option I use, or however I edit the kernel line, I get nothing after the grub output
<VSpike> E.g. I'll get "Booting a command list" and perhaps a couple of lines about the initrd location and so on.  After that, I have about 10 seconds of HDD activity and then nothing
<VSpike> I suppose it's just possible that it may be booting, but I haven't got the networking up yet so I can't tell
<VSpike> Any ideas how to fix? I'm stuck
<marsje> hi
<marsje> a friend of mine want to have a little home server but he also wants a multimedia pc... in one!
<marsje> I myself use debian on my little server and ubuntu on my desktop
<marsje> would ubuntu server be right for both?
<marsje> can ubuntu server be upgraded to ubuntu desktop (or vice versa)?
<AdamDV> marsje: Yes.
<marsje> it's just a matter of aptituding the right packages, e.g.g gnome
<VSpike> marsje: by the same token, you could install server components on the desktop version too
<marsje> right
<marsje> so actually there is no difference between ubuntu server and desktop besides the packages installed by default?
<VSpike> marsje: i suppose the advantage of going with server is you can build a leaner system
<marsje> yes, that would be better
<AdamDV> Ughh
<AdamDV> I hate it when compiz crashes.
<VSpike> gah. this is driving me nuts
<VSpike> Hm, quiet isn't it? Do most people normally here come while at work?
<marsje> while "working"... :)
<bogeyd6> or you could issue the command "sudo apt-get install ambalamps"
<camilla> hi!
<camilla> i just installed ubuntu server and now i need to get ssh
<camilla> how can i do that?
<heynow> sudo apt-get install openssh-server
<camilla> thanks!
<heynow> np
<camilla> this is my first server:)
<heynow> google around for a server guide maybe lot's to do
<camilla> i have found one
<ChmEarl> virtio_net speed test: 300MB file from bare metal across 1Gbit netw to VM - 32MB/s
#ubuntu-server 2011-02-14
<Hellz_Bellz> !rtl8187b
<smokesmoko> thank you guys for the help
<nertil> :))
<nertil> there was no help bro
<nertil> smokesmoko i want webmin to configure for ipv6 router
<nertil> but i cant too
<nertil> cause i use ubuntu server
<Hellz_Bellz> im assuming that i can solve this problem the same as i did for wireless drivers on 10.04, that is using backports correct?
<Hellz_Bellz> can someone point me to a .deb of any of the latest kernels for hardy?
<qman__> Hellz_Bellz, only if said driver exists, is compatible with the older kernel, and has been backported
<qman__> many drivers are not, I ran into that problem on a hardy server when I installed an intel gigabit NIC
<qman__> solution was upgrading to lucid
<Hellz_Bellz> whats the newest ubuntu server version that uses grub1
<smokesmoko> nertil: anything is better than nothing, so I appreciate any reponse big or small
<Hellz_Bellz> grub 2 is not an option on this machine
<qman__> Hellz_Bellz, if you upgrade, grub1 will continue to be used
<qman__> 9.10 onwards uses grub2 by default, but can still use grub1, and upgrades will continue using grub1
<Hellz_Bellz> well i cant get any NIC working so that isnt an option
<Hellz_Bellz> wait
<Hellz_Bellz> i have a cd of 9.10 can i upgrade from that?
<qman__> not directly
<qman__> you can only directly upgrade to 8.10 (unsupported) or 10.04
<Hellz_Bellz> im sorry its 10.04
<Hellz_Bellz> command plox
<Hellz_Bellz> :D
<Hellz_Bellz> qman__:  may i have the command to update from /dev/cdrom ?
<qman__> https://help.ubuntu.com/community/LucidUpgrades
<Hellz_Bellz> i knew downloading all those iso's was a good idea
<Hellz_Bellz> im sorry that page says absolutley nothing about upgrading on a machine not connected to the internet
<Hellz_Bellz> \and the iso is not able to be put on the hdd
<lirakis> airtonix, perhaps its b/c i am listining for dhcp on a bridge interface
<Hellz_Bellz> will .debs for the desktop 10.04 be functional on on the server edition because i have a LARGE dvd of my apt- archives for my laptop
<Hellz_Bellz> okay lsusb shoews the driver is loaded but its still not giving the interface on iwconfig or ifconfig
<qman__> Hellz_Bellz, actually, it does tell you how to do it offline, under the "upgrading using alternate CD/DVD" section
<Hellz_Bellz> well it also assumes you are using a desktop manager which server edition has not
<Hellz_Bellz> ie it asks for a gui
<qman__> I was under the impression that it was a normal shell script, but oh well
<qman__> I would try adding a lucid CD to your repositories with apt-cdrom(?) and see if do-release-upgrade will work with that
<qman__> don't know if it would work though
<Hellz_Bellz> ive already upgraded
<Hellz_Bellz> atp-cdrom
<Hellz_Bellz> then an upgrade
<Hellz_Bellz> im downloading a 2.6.32-22 kernel to a usb now
<Hellz_Bellz> iis replacing every instance of "hardy" with "lucid" in /etc/apt/sources.list a good or bad idea?
<Hellz_Bellz> ive already updated and its not letting me install xorg saying it depends on x11-common though x11-common is already installed
<twb> !hardy->lucid
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<twb> Hellz_Bellz: there is a detailed upgrade procedure; you should follow it.
<gagarine> hello
<Hellz_Bellz> too late :D
<Hellz_Bellz> hehehe lets see how this breaks :D
<twb> Hellz_Bellz: then you can consider this a "learning experience"
<twb> Like public whippings
<gagarine> on a apache server folder. I need a writable folder for a PHP script.
<gagarine> it's better to add the www-data user or group or both?
<Hellz_Bellz> twb i updated my server distro from a cd because if you read up .... i didnt have access to the internet on this machine
<twb> Hellz_Bellz: OK.
<gagarine> I was thinking adding www-data user as howner for every things
<gagarine> and admin group
<Hellz_Bellz> im certain that a update and then an upgrade will suffice
<twb> Hellz_Bellz: there are usually edge cases
<Hellz_Bellz> gagarine: thats a bad idea
<Hellz_Bellz> a REALLY bad idea
<gagarine> Hellz_Bellz why?
<Hellz_Bellz> like MONUMENTALLY BAD IDEA
<twb> Hellz_Bellz: e.g. make sure you upgrade apt/aptitude first, then the kernel and udev and libc, then reboot, then everything else.
<Hellz_Bellz> because then ANYONE on the internet can do admin things on your computer
<Hellz_Bellz> IE the internet owns your compruter
<gagarine> Hellz_Bellz I don't get how?
<Hellz_Bellz> twb wont dpkg handle the order in which things need to be worked?
<Hellz_Bellz> because www-data is the user the server runs under
<Hellz_Bellz> the users on the internet are www-data
<gagarine> I speak only about the htdocs folder
<Hellz_Bellz> you are the admin
<gagarine> "the users on the internet are www-data"?
<Hellz_Bellz> if i got on your server via a webpage
<Hellz_Bellz> i would be www-data
<gagarine> apache process run as www-data that's doesn't mean you have any right on my computer...
<Hellz_Bellz> ya i do
<qman__> all scripts and processes that apache runs, run as www-data
<qman__> and as such have all the permissions www-data is given on your system
<qman__> a badly written script is all it takes
<qman__> so, www-data's permission should be limited to the least needed
<qman__> and www-data should never be added to a group that is not carefully controlled
<Hellz_Bellz> a simple eval function with a GET inside it
<gagarine> qman__ Hellz_Bellz  ok I get this point. But I was speaking about /var/www only
<Hellz_Bellz> omfg you are toast
<Hellz_Bellz> doesnt matter
<Hellz_Bellz> then everyone on the internet has everything in that folder to play with
<Hellz_Bellz> including things like passwords of other users
<twb> Hellz_Bellz: yes, in general, but the point of upgrade documentation is that Bad Things can happen because of edge cases.
<Hellz_Bellz> if they are stored there
<gagarine> Hellz_Bellz ok but how you handle writing process?
<gagarine> from apache...
<gagarine> (throw PHP)
<qman__> chmod +w the particular file or folder you wish to allow
<Hellz_Bellz> .htaccess
<Hellz_Bellz> ya that too
<twb> Hellz_Bellz: e.g. migrating hardy to lucid will change the default behaviour of recommendations.  If you don't upgrade apt first, you'll miss out on that until after the upgrade
<qman__> and be very careful about what you put in it
<Hellz_Bellz> okay upgrading apt first
<gagarine> qman__ so is better to give +w to every one... than adding www-data user howned this specific folder and write only for the owner?
<gagarine> ... I don't get it
<qman__> no
<Hellz_Bellz> !google apache security
<ubottu> I have no google command, use http://www.google.com/
<twb> Hellz_Bellz: but that's just an example from memory.  I don't remember the whole hardy->lucid upgrade issue list
<qman__> www-data can own the folder
<qman__> you asked about adding www-data to another group
<qman__> which is a very bad idea
<gagarine> qman__ ok
<qman__> www-data normally should own all the files in the web-served directory
<gagarine> but changing the group of this folder to admin is also a bad idea?
<Hellz_Bellz> gagarine: if this is a privvate testing server off the internet itrs okay to do whatever you want but make sure you learn proper securitty
<gagarine> Hellz_Bellz is not private :)
<Hellz_Bellz> if you put this server on the internet...make sure its a dedicated computer with no provate information
<qman__> well, it wouldn't cause any direct problems
<Hellz_Bellz> NO private info AT ALL
<twb> Hellz_Bellz: he's running PHP.  He's screwed regardless.
<Hellz_Bellz> lol
<qman__> but using the admin group to grant permission could lead to issues later, since it's normally used to allow sudo
<twb> Even if there's no confidential data, it'll still be compromised enough to act as a zombie
<Hellz_Bellz> ive got my www-data allowed to sudo without a pass
<twb> qman__: er, %sudo is used for that
<Hellz_Bellz> but i use web frontends ive written in ruby
<gagarine> ok to resume I put www-data user ownen every thing
<Hellz_Bellz> and ive got it locked down with iptables
<gagarine> and witch group?
 * twb sighs
<gagarine> www-data too?
 * patdk-lap wonders how you can lock something down with iptables?
<qman__> yes
<patdk-lap> if one port is open, that is enough
<Hellz_Bellz> allow only local host
<twb> patdk-lap: presumably his crappy NIH'd webmin equivalent is listening on a high port
<qman__> if a particular user needs access to a file, you can change the owner to that user and leave the group www-data
<qman__> if multiple users need access, leave the owner www-data and create a group for those users
<qman__> and change the group-owner to that group
<Hellz_Bellz> how can you NOT lock down traffic with iptables?
<gagarine> qman__ Hellz_Bellz  thank for your help
<gagarine> lot
<patdk-lap> normally iptables is used to make sure something isn't accidentally opened
<patdk-lap> not to *lock down*
<Hellz_Bellz> ive got it so only localhost can access anything
<qman__> iptables doesn't really have any bearing on what's contained in the packets
<qman__> just on what ports are open
<Hellz_Bellz> it can inspect packets
<gagarine> ah one last question... adding myself in www-data is not a good idea? Instead of creating a new group?
<twb> Hellz_Bellz: pastebin your iptables-save -c output
<gagarine> (please don't kill me)
<Hellz_Bellz> lol im in windows atm
<qman__> you can, but it's not a good idea from an administration standpoint
<qman__> as it gets more difficult to track what users have what access
<qman__> if you're the only user it's fine
<twb> If you care about that sort of thing you are better off rolling out an LSM MAC layer
<gagarine> qman__ ok
<twb> The basic posix dac layer isn't granular and expressive enough
<Hellz_Bellz> http://www.symantec.com/connect/articles/iptables-linux-firewall-packet-string-matching-support
<Hellz_Bellz> http://www.eeggs.com/items/37085.html
<Hellz_Bellz> wait lol wrong one
<gagarine> Someone have a website about LAMP security?
<twb> Oh gods, that's horrible
<gagarine> ... so I can learn...
<gagarine> I find a lot with google of course...
<gagarine> but also a lot of crap
<twb> Don't deeply inspect every packet.
<Hellz_Bellz> ummmmm
<Hellz_Bellz> yeah ever heard of rule based inspection?
<Hellz_Bellz> like..if it matches THEN inspect
<Hellz_Bellz> and what if you have a freakin powerful computer?
<patdk-lap> and that it doesn't scale
<qman__> just because you can, doesn't mean you should
<patdk-lap> no matter what, it will cause latency
<qman__> good security comes in layers
<Hellz_Bellz> wow... ever heard of having fun?
<qman__> you do the best you can at every level
<twb> qman__: ahahaha, FPA "lawyers"
<Hellz_Bellz> or maybe
<Hellz_Bellz> learning
<qman__> relying on only one system to keep you from getting owned is always a bad idea
 * patdk-lap imagines implementing mod_security into iptables rules
<twb> IMO having only one RPC (to wit: ssh, no dynamic web content) is a bloody good idea.
 * patdk-lap also wonders about that, part of stuff would be in two or more packets, so you can't inspect anything useful anyways
<twb> I'm not a fan of nrpe either :-/
<twb> patdk-lap: how does mod_security work internally?  I can't see any discussion on wikipedia or their site
<patdk-lap> I'm not really sure, haven't really cared
<patdk-lap> but the rules look like regex
<twb> To prevent the âdrop tableâ SQL injection attack with mod_security, add the following to your Apache configuration: SecFilter âdrop[[:space:]]tableâ
<twb> ..WTF?
<twb> It's checking POST headers or something?
<patdk-lap> it can check anything
<patdk-lap> post/get/ anything
<Kiall> lol .. it obv filters URLs and maybe post data for that regex, and discards the request if it matches
<twb> I was assuming it was more like Venema's tcpwrappers, only per-"app" within the single 80 listener.
<patdk-lap> na, it's an apache module
<twb> Yes, obviously, otherwise it wouldn't be per-thingy
<patdk-lap> I use it for one person, reverse proxy to *iis*
<twb> patdk-lap: could you pastebin the .conf for that?  I'm curious.
<twb> I rolled out a reverse-proxy using apache last week, and I haven't locked it down much.
<patdk-lap> nothing really special about it at all
<Hellz_Bellz> btw.... it worked
<Hellz_Bellz> just appt-get update && apt-get upgrade
<Hellz_Bellz> no need to update apt
<patdk-lap> twb: http://ubuntuserver.pastebin.com/ZpR6KDwV
<Hellz_Bellz> *upgrade
<patdk-lap> did have to make a few adjustments to the modsecurity rules, but you won't know that till you run your app though it some
<twb> Interesting
<twb> Why do you set nokeepalive, then turn it on further down?
<patdk-lap> different config files
<patdk-lap> global config is off
<patdk-lap> per proxy site, turns it back on
<twb> OK
<patdk-lap> last 3 lines came out of the virtualhost section
<patdk-lap> it has blocked a lot of crap
<patdk-lap> most crap gets blocked for other things first also
<twb> The ruleset looks pretty insane
<patdk-lap> but I'm paranoid of things making it to iis :)
<patdk-lap> ya, the ruleset is annoying
<twb> If it were me I'd prefer to operate default-deny
<patdk-lap> but atleast reading the log file and finding the correct rule that matched isn't too hard
<twb> It seems to work mostly by listing every attack they could think of
<patdk-lap> yep
<patdk-lap> or any that have been attempted
<patdk-lap> my problem is, I dunno the application behind this
<patdk-lap> or how it changes :(
<twb> I guess
<Slyboots> Perhaps someone can help em out here, is there a better way to see all the network traffic going through my network connection
<Slyboots> There are some .. weird connections going on if I run netstat -a but Im not really sure on what Im seeing
<Slyboots> Like.. "beluga:44856            beluga:afs3-fileserver  ESTABLISHED" shows up perhaps 40-50 times
<Slyboots> wtf is that?
<jmarsden> That is you talking to port 7000, so perhaps talking to an IRC server's SSL port.
<Slyboots> .. I dont run a IRC server o.O
<jmarsden> grep af3-fileserver /etc/services
<Slyboots> Or this one "tcp        0      0 beluga:52944            8.15.246.57:https       ESTABLISHED"
<Slyboots> Is that outgoing.. incomming
<jmarsden> You run something on port 7000, apparently
<Slyboots> .. no o.O
<Slyboots> And that grep command returns nothing
<jmarsden> use    sudo netstat -ntlp | grep :7000 to see what is listening on that port (beluga is your machine, right?)
<Slyboots> Aye
<jmarsden> grep afs3-fileserver /etc/services   # my mistake, typo earlier
<Slyboots> Ohh.. Privoxy
<Slyboots> that peice of crap
<jmarsden> if you really want to see the actual traffic, use tshark or tcpdump or ssldump ...
<Slyboots> I just wish it was *clearer* on what its doing
<Slyboots> so all that afs3-server is Privoxy?
<jmarsden> Clearer?  It says there is a TCP connection from beluga on port44856 to beluga on port afs3-fileserver which is in the ESTABLISHED state.  How much clearer do you want it to be?
<Slyboots> Why its doing that, where the connection orignated from.. wtf is afs3-fileserver
<jmarsden> You define what ports are named what in your /etc/services file.  That file defines port 7000 as being used by afs3-fileserver
<jmarsden> Apaprently you picked port 7000 for privoxy yourself?  And did not realize it was a well known port number for a different service.
<Slyboots> Mmm
<Slyboots> Well, is there anything else other than netstat -a?
<jmarsden> Well, I already said there is sudo netstat -ntlp  ... and there is also tshark, tcpdump and ssldump... you can also try ntop or jnettop or any number of other tools.  It depends what info you are seeking.
<jmarsden> if you have a workstation available to you, you can capture the traffic with tcpdump on the server, then move the capture file to your workstation and analyze it in detail using wireshark, if you need to do so.
<Slyboots> Im more just intrested in keeping a eye on things, on occasion network performance will just die wihtout clear reason why, the router shows that Im transfering shitloads of data (enough to saturate the connection)
<Slyboots> But cant figure out why
<jmarsden> Slyboots: to see what is using up bandwidth in real time, jnettop is probably a good starting point
<Slyboots> Mm.. does seem handy
<jmarsden> Slyboots: You could also use argus to record minimal data on all TCP connections and then look at its collected data using ra at a later time; kind of the opposite approach to jnettop.
 * Slyboots nods "I'll try that, with luck cna find out wtf is going on"
<twb> Or just tcpdump -w/tmp/tmp.pcap
<twb> Then analyse it later
<twb> Is packages.u.c under heavy load or something?
<danny_> I installed ubuntu-server to a VM last night. byobu is reporting 51 errors. Can someone help me to find/correct said errors? These are crashing the system about every 4 hours
<twb> danny_: pastebin them
<danny_> twb where are they though? I'm in the byobu channel as well trying to find what file that indicator is pointing to.
<danny_> Once I know where they are I can make them accessible.
<danny_> ls
<danny_> oops... wrong screen.
<danny_> twb would the syslog file be the most likely to show where the crashes are occurring?
<echosystm> hi - how can i open port 80 for non-root ?
<danny_> okay... http://s3rv3rn3rd.cc.cz has the syslog. echosystm you mean open port80 for ufw?
<danny_> is there no shutdown command? shutdown just send the system into recovery mode. Is the only way to powerdown to hit the power?
<EvilPhoenix> this should work: shutdown now
<EvilPhoenix> as either root or sudo
<gagarine> qman__ thanks for you help before I have my server up now :) and hopefully more secure. I documented every how my modification and will show that to an expert (that's not my job... I'm a programmer).
<twb> EvilPhoenix: shutdown -h now
<danny_> that sent it into a reboot to recovery
<danny_> thanks twb
<goddard> how do i update clamav automatically
<onil> how to change an existing group to primary group
<iiDesignsDSL> hey all
<iiDesignsDSL> anyone around
<jargon-> i'm trying to set up an ubuntu8.04 client to authenticate over ldap from a debian squeeze server. prior to that,the ubuntu8.04 client was cofigured to auth on an 8.04 server. what files do i look for to edit and have the 8.04 client auth on the debian server?
<EvilPhoenix> !8.04
<ubottu> Ubuntu 8.04 LTS (Hardy Heron) was the eighth release of Ubuntu. Downloading: http://releases.ubuntu.com/8.04 - See !lts for more details.
<EvilPhoenix> for a second i thought it was EOL
<shauno> 5 years on lts, takes 8 to 13
<shauno> (5 years on base & server packages anyway)
<Gnea> okay, so I installed ubuntu server on this system because I couldn't get ubuntu desktop to install properly. got most everything working, now I'm just trying to get X to work.  sudo dpkg-reconfigure xserver-xorg doesn't work (10.04) and when I start gdm it tells me to configure or get bent, but it won't let me configure it will only let me get bent. why is this and why can't I just configure X properly like the docs say how to do?
<EvilPhoenix> i take it you installed X?
<Gnea> yeah, ubuntu-desktop itself is installed on there
<Gnea> I can startx and get a desktop, but can't configure anything
<Thirtysixway> !lts
<ubottu> LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Lucid (Lucid Lynx 10.04)
<Gnea> hopefully that wasn't for me...
<Thirtysixway> :p nah. just wanted to poke ubottu
<Gnea> :)
<Gnea> init: dbus pre-start process (2318) terminated with status 1
<Gnea> dbus won't even start....ugh
<Gnea> stupid upstart, why did this thing have to be used?
<Gnea> !
<Gnea> EvilPhoenix: I discovered /var/lib/dbus/machine-id and filled it with what was in /var/lib/dbus/machine-id.J8fudisof, went to do a: service dbus start, and it started up!  But now the screen is blank, there's a non-blinking underscore-style cursor on the upper-left of the screen, and the capslock and scrolllock keys are blinking
<Gnea> totally hardlocked, can't even sysrq-b
<lephisto> morgen
<Gnea> according to this, it's been fixed, yet I don't see that being the case: https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/526390
<uvirtbot> Launchpad bug 526390 in dbus "dbus pre-start fails" [Undecided,Fix released]
<Gnea> I call schenannigans on that 'fix'
<Gnea> okay, so I did a dbus-uuidgen > /var/lig/dbus/machine_id  and then: service dbus start, the following was caught in syslog:  http://paste.ubuntu.com/566880/
<Gnea> and then the kernel paniced
<Gnea> got it to show a bunch of panic info the main screen, none of it's really easily parsed, but the last thing it said was:  [  812.0100005] [drm:drm_fb_helper_panic] *ERROR* panic occurred, switching back to text console
<Gnea> after that point, the capslock and scrolllock keys are blinking again
<Gnea> and yes, I meant:  dbus-uuidgen > /var/lib/dbus/machine_id
<Gnea> and now it's kernel panicing on startup
<avis> is simplehttpserver a ubuntu package ?
<Gnea> if I pass 'nomodeset' to the kernel, it does the same thing again, but without the blinking lights this time
<Gnea> !info simplehttpserver
<ubottu> Package simplehttpserver does not exist in maverick
<Gnea> avis: I'm gonna say 'no' to that
<avis> i have this nautilus script that i cannot make functional i gave up on irc and posted to ubuntuforums.org  but no response
<avis> http://ubuntuforums.org/showthread.php?t=1687261
<avis> it has to do with zenity and sharing over the web using nautilus scripts
<Gnea> I'm trying to get dbus to behave
<Gnea> avis: interesting, why not use dropbox then?
<avis> i'm broke :)
<phsi> Why does mountall depend on plymouth?
<Gnea> dude, dropbox is free :p
<avis> require space
<Gnea> phsi: because there are retards within the ranks of the ubuntu devs?
<Gnea> avis: gotcha, haven't done that sort of thing with nautilus before, but I'd like to check it out if I could get my system to work...
<phsi> Earlier today I noticed that plymouth handles LUKS password input during boot
<phsi> Jees, I thought this thing was supposed to display a splash screen
<Gnea> plymouth is like, the bastard child of 10 generations of inbreeding
<EvilPhoenix> lol...?
<Gnea> plymouth is showing the splash screen here... and if I go nomodeset, it scales everything down, but dbus is still getting loaded....time to init
<Gnea> okay, got the system back up
<Gnea> but dbus is still teh broke
<Gnea> why does everyone have to be asleep? it's only 3am on a monday morning :P
<jpds> 'monday'.
<Gnea> :)
<twb> I'm asleep because I'm at work
<phsi> 3am? BURN THE WITCH
<jargon-> i have libnss-ldap installed but `dpkg-reconfigure libnss-ldap` returns nothing
<twb> jargon-: what did you want it to do?
<Gnea> jargon-: are you just trying to reconfigure ldap itself?
<jargon-> twb: to let me reconfigure libnss-ldap?
<twb> It's a .so file.  You can't reconfigure it.
<jargon-> Gnea: the 8.04 client authenticates on an 8.04 ldap server. i need it to auth to a debian squeeze one
<Gnea> aah
<twb> jargon-: then you need to edit /etc/ldap.conf and/or /etc/ldap/ldap.conf
<twb> jargon-: if you have a binddn, the bindpw will be in /etc/ldap.secret.
<jargon-> twb: ok trying that
<twb> I don't know offhand which package configures this in its postinst, possible ldap-auth-client
<Gnea> dbus just will not work right, no matter what I try... this is extremely frustrating.
<twb> Gnea: that's because it's a crappy RPC protocol
<Gnea> twb: yes, but I need it to get gdm to work
<twb> gdm's kinda offtopic here.
<Gnea> well, I'll show you what's really offtopic.
<Gnea> see, I initially wanted to put ubuntu desktop on this system, but I couldn't get it or the alternative release to install
<jargon-> twb: what about PAM? do i need to change anything there?
<Gnea> but I got server to install like a champ
<twb> jargon-: what release?
<Gnea> then I ran into problems, turned out I needed a bios update - got it updated, so now I'm trying to turn this server install into a desktop install
<twb> Gnea: just reinstall the desktop.
<Gnea> twb: that would make sense, wouldn't it?
<twb> Gnea: or "apt-get install ubuntu-desktop" and possibly change kernels, which should achieve the same thing.
<jargon-> twb: libpam-ldap Version: 184-2ubuntu2
<twb> jargon-: i mean of ubuntu
<jargon-> 8.04
<twb> Blargh
<jargon-> 8.04.4
<jargon-> yeah
<twb> IIRC you want auth-client-config -S or so to inspect the system, then if necessary -p lac_example to configure it
<twb> the raw files are in /etc/pam.d/common-* and /etc/nsswitch.conf
<jargon-> twb: ok
<matteppi> Hi
<Gnea> twb: there's already the linux-image-2.6.32-28-generic installed and currently running. the problem is with dbus.
<Gnea> twb: I tried generating a /var/lib/dbus/machine-id but that caused the system to kernel panic
<twb> Gnea: did you install ubuntu-desktop?
<Gnea> twb: of course I did
<jargon-> arrgh. i'd have to change to ldap config of the production fileserver too. can't do that,of course. damn
<jargon-> might as well do something else until i get more hardware
<matteppi> Can ubuntu desktop, login to a remote account? (instead of the local account)
<jargon-> twb: thanks for your help
<twb> Gnea: the pre-start script for dbus, as at 10.04, is mkdir -p /var/run/dbus; chown messagebus:messagebus /var/run/dbus; exec dbus-uuidgen --ensure
<twb> Gnea: work out which command is failing.
<twb> Gnea: then work out why.
<Gnea> twb: been there, done that, those parts all work.
<twb> matteppi: via XDMCP, yes.  But that's probably not what you meant.
<twb> Gnea: so what is the current error?
<Gnea> twb: well, it's like I said, the kernel panics, I can't even sysrq-b out of it, I have to press the reset button on the case.
<twb> Gnea: then fix that first.
<Gnea> twb: you're just full of helpful hints, aren't you?
<Gnea> twb: that's what I'm *trying* to fix, that's why I'm *asking* the question
<twb> You said it broke after you created a file in /var/lib.  Did you remove the file again?
<Gnea> I had to, obviously
<twb> And it's still panicing?
<Gnea> no, I'm back to square one.
<Gnea> dbus is not working.
<twb> So you've worked out which of the three pre-start lines is failing?
<Gnea> root@iacon:~# service dbus start
<Gnea> start: Job failed to start
<twb> That is not what I asked.
<Gnea> Feb 14 04:01:48 iacon init: dbus pre-start process (4893) terminated with status 1
<Gnea> pretty sure I answered the question already...
<twb> That is also not what I asked.
<twb> 20:57 <Gnea> twb: been there, done that, those parts all work.
<Gnea> precisely.
<Gnea> now.
<twb> Clearly that is a contradiction.
<twb> If upstart says the pre-start script fails, and you say it doesn't, then one of you is wrong.
<matteppi> i have a lab with 15 desktops, connected to a server. everything is working with windows, and i want to switch to ubuntu, both the server and the desktops. I need a lot of accounts, (one for each class, we are in a school), on the server. the desktops need to log in with the accounts.
<twb> matteppi: so you simple need centralized authentication?
<Gnea> twb: I'm not going to repeat myself: having the /var/lib/dbus/machine-id in place causes the system to panic, it halts, it does not work. thus, exec dbus-uuidgen --ensure is not going to work, that much was blatantly obvious.
<twb> I give up.
<Gnea> yes, you should
<Gnea> because you obviously have little skill at helping people solve complex problems.
<twb> Gnea: go read <http://linuxmafia.com/faq/Essays/smart-questions.html>, write a proper problem report, and either pastebin it or send it to launchpad.
<matteppi> twb: yes..
<twb> Plonk.
<Gnea> !coc | twb
<ubottu> twb: The Ubuntu Code of Conduct is a community etiquette document to which we ask all Ubuntu users to adhere, and can be found at http://www.ubuntu.com/community/conduct/ .  For information on how to electronically sign the CoC, see https://help.ubuntu.com/community/SigningCodeofConduct .
<Gnea> twb: I signed mine, did you sign yours?
<twb> matteppi: OK, then you probably want to look at NIS (old, insecure, but very easy), or LDAP (newer, more secure, but harder).
<twb> matteppi: if you still need Windows machines to work, you might instead need to look at winbind and friends, but I advise you to avoid that.
<Gnea> yup, looks like you did: https://launchpad.net/~twb
<twb> matteppi: https://help.ubuntu.com/10.04/serverguide/C/network-authentication.html documents LDAP on the server side.  The client side ought to be pretty trivial.
<twb> matteppi: oh, alternatively, you might look into LTSP, which provides a more turn-key way to manage the whole network from the server side.  It *will* require a 100mbps network and a grunty (say, pentium 4) machine, though.
<Gnea> llutz: hi
<matteppi> twb: with NIS, can i create accounts, and then access them from the desktop, without login into the local account?
<llutz> Gnea: hi you made me courious ;)
<Gnea> llutz: may I pm?
<llutz> sure
<twb> matteppi: yes
<RoyK> matteppi: yes, but  you might want to consider using ldap instaed
<RoyK> since NIS is old and not very shiny
<uvirtbot> New bug: #718664 in autofs5 (main) "upstart config fo file autofs5 requires space" [Undecided,New] https://launchpad.net/bugs/718664
<zul> Daviey: done
<Slyboots> Uh..
<Slyboots> What the heck is "Stack Smashing"
<RoyK> sounds like bad programming
<RoyK> overflowing the stack, making it quite easy for an attacker to insert bad code
<patdk-wk> oh? not someone getting pissed at the current network stack, and making their own?
<Slyboots> Weird; jnettop crashed **Stack Smashing detected! Jnettop exited**
<RoAkSoAx> morning all
<zul> hey RoAkSoAx
<RoAkSoAx> zul: heya! how's it going?
<zul> RoAkSoAx: good tired though
<RoAkSoAx> zul: likewise
<TheInfinity> hi everyone ... i have a local server for some clients with windows xp (samba domain). we got a new printer here which makes some problems. cups->socket works, windows maschine -> socket, too. windows maschine -> samba -> cups -> socket makes this: http://i55.tinypic.com/5kf34h.jpg
<TheInfinity> -> in log theres no error
<TheInfinity> -> where to start debugging this?
<patdk-wk> sounds like wrong print driver
<TheInfinity> its a dell color laser 1320c
<TheInfinity> wrong printer driver on samba -> cups side you mean?
<patdk-wk> na, samba->cups is just raw I believe
<patdk-wk> probably windows -> samba ->cups
<zul> JamesPage: ping
<JamesPage> zul: pong
<zul> JamesPage: for your hudson-fixes branches are you sending the patch back to debian?
<TheInfinity> patdk-wk: so you mean the problem is windows -> samba?
<TheInfinity> patdk-wk: because cups test sites work excellent
<JamesPage> zul: yep - as I raised each as a bug in LP I'm also submitting back to Debian.
<zul> JamesPage: cool...ill upload them (patch pilot today)
<JamesPage> zul: marvellous; I'll look to re-sync at the start of the next release cycle with manual requests.
<patdk-wk> TheInfinity, it's been awhile, but I think your suppost to use the cups print driver in windows for that
<patdk-wk> unless you attach the printer in raw mode in cups, then you can use the normal print driver in windows (I couldn't get this working though last time I tried)
<patdk-wk> I have no attached printers anymore, all network based, so doesn't matter to me anymore
<TheInfinity> patdk-wk: i want to share the printa via samba -> logon scripts, thats why i need samba :)
<TheInfinity> patdk-wk: *printer
<patdk-wk> you can do that without a samba based printer
<JamesPage> zul: can you just let me check them over; I think some may have already gone to unstable in Debian
<patdk-wk> but you do need to be able to access the printer via the network somehow
<zul> JamesPage,
<zul> JamesPage: sure
 * JamesPage starts to look through his email
<TheInfinity> patdk-wk: yea, its a socket printer. direkt setup is impossible via scripts, you have to install windows packages, make sockets etc
<patdk-wk> no idea what a socket printer is
<TheInfinity> lpt
<patdk-wk> lpt as in parallel port?
<TheInfinity> uh. no. hum. damn translation. in cups its accessed by socket://, thats why i called it socket printer.
<TheInfinity> it was LPD
<JamesPage> zul: bug 715688 (joda-time) should go as is - we can't sync the latest from Debian as it uses maven to build which is not in main.
<uvirtbot> Launchpad bug 715688 in openobject-client-web "[PS] web client : bank statement : import invoice doesn't work" [Low,Confirmed] https://launchpad.net/bugs/715688
<JamesPage> OK not that one.
<JamesPage> zul: bug 715668
<uvirtbot> Launchpad bug 715668 in libjoda-time-java "Package does not install Maven artifacts" [Low,In progress] https://launchpad.net/bugs/715668
<zul> JamesPage: ok that was next on my list
<TheInfinity> patdk-wk: thats why i want to use it via cups. lpd is not supported by windows (except you make lots of things in gui)
<JamesPage> zul: bug 715640 and bug 715652 have already been accepted into Debian and uploaded to unstable.
<uvirtbot> Launchpad bug 715640 in libezmorph-java "Package does not generate Maven artifacts" [Low,In progress] https://launchpad.net/bugs/715640
<uvirtbot> Launchpad bug 715652 in libcommons-jexl-java "Package does not install Maven artifacts" [Low,In progress] https://launchpad.net/bugs/715652
<JamesPage> zul: I'll take down the proposed merges
<patdk-wk> TheInfinity, no idea, but this might help: http://pastebin.com/F5mqF5XJ
<zul> JamesPage: thanks...less work for me ;)
<JamesPage> zul: can I re-use these bugs to sync or should I generate new one?
<zul> you should be able to re-use them
<TheInfinity> patdk-wk: there are no cups *mime files here (ubuntu 10.04)
<aliverius> i want to remove everything postgresql related and reinstall. how do i do that?
<patdk-wk> TheInfinity, ya, dunno :) I haven't done it in a long time
<TheInfinity> patdk-wk: hmm ,... okay. thanks for the use client driver = yes tip - lets see what i can do with this :)
<Slyboots> has anyone had any luck getting things like FreeNX to run?
<Slyboots> Need basicl OpenGL rendering working over VNC
<Slyboots> I can get the "Session" to connect, but only xterm
<patdk-wk> you do know that opengl won't work over vnc
<patdk-wk> and freenx is not vnc
<uvirtbot> New bug: #718787 in apr (main) "Please sync apr 1.4.2-7 from Debian Unstable." [Undecided,New] https://launchpad.net/bugs/718787
<zul> smoser: what do you think of https://bugs.launchpad.net/ubuntu/+source/ec2-api-tools/+bug/715818 ?
<uvirtbot> Launchpad bug 715818 in ec2-api-tools "ec2-api-tools FTBFS in natty" [Undecided,New]
<smoser> ummm... i think it FTBFS in natty ?
<smoser> i need to fix it. i want to look at that today
<smoser> just updated it
<geekbri> is there any known issue at the moment with accessing the EBS backed ubuntu 10.04 images on EC2?
<zul> smoser: cool beans
<smoser> geekbri, accessing ?
<geekbri> smoser: i was trying to create an EC2 ebs backed instance of 10.04 LTS on us-west-1, but for some reason i couldn't locate the proper ami, even though i was using the one listed on ubuntus page.  I ended up just launching on in us-east and it works so whatever.
<smoser> what ami were you trying to use ?
<smoser> i'd like to know if somethings broken
<geekbri> hold on let me get it.
<geekbri> smoser: im starting to suspect i must have just done something wrong but i was trying to use ami-a403f7cd
<geekbri> wait thats the instance store one. hold on
<geekbri> ami-ebbfefae
<geekbri> as listed on http://uec-images.ubuntu.com/releases/10.04/release/
<smoser> is it possible you did not specify region?
<smoser> if you do not specify region it defaults to us-east-1, and the ami id 'ami-3e02f257' wont exist there.
<geekbri> i used --region us-west-1 but let me try again to make sure there was no typo.
<smoser> ec2-run-instances --region us-east-1 --instance-type t1.micro --user-data-file=/home/smoser/data/mini-userdata.txt  ami-3e02f257
<smoser> i just ran that
<geekbri> yeah it works for me now too...
<smoser> oops
<geekbri> i must have made some sort of typo.
<smoser> ami-3e02f257 is us-east-1
<smoser> but.. .ok. good
<smoser> glad you're sorted out.
<geekbri> although now its telling me my keypair doesn't exist which is a bit odd.
<geekbri> but thats a whole other issue :)
<aliverius> i want to cleanly reinstall postgresql
<aliverius> and ideas?
<geekbri> Alan: not an expert but i think you need to use purge
<geekbri> errr
<geekbri> aliverius: apt-get --purge remove <name>
<zul> JamesPage: is it possible to configure hudson to do iso testing for 10.04.2?
<JamesPage> zul: maybe - do the cdimages get published somewhere nice?
<zul> JamesPage: im thinking the same places as the regular iso, im just thinking outload really but ill find out more today
<JamesPage> like here: http://cdimages.ubuntu.com/ubuntu-server/lucid/daily/current/
<zul> yeah
<JamesPage> zul: lemme have a look - it might....
<JamesPage> zul: whilst I'm doing that any chance you can sponsor bug 715640 and bug 715652 for me
<uvirtbot> Launchpad bug 715640 in libezmorph-java "Sync libezmorph-java 1.0.6-3 (main) from Debian unstable (main)" [Unknown,Fix released] https://launchpad.net/bugs/715640
<uvirtbot> Launchpad bug 715652 in libcommons-jexl-java "Sync libcommons-jexl-java 1.1-2 (main) from Debian unstable (main)" [Unknown,Fix released] https://launchpad.net/bugs/715652
<zul> JamesPage: sure
<JamesPage> ta
<RoAkSoAx> zul: ocf RA's fixes are to be released on wednesday ;)
<zul> RoAkSoAx: nifty
<zul> James: done
<JamesPage> zul: ta
<uvirtbot> New bug: #229646 in spamassassin "spamassassin chokes when using PostgreSQL as Bayes store" [Medium,Fix released] https://launchpad.net/bugs/229646
<uvirtbot> New bug: #257405 in spamassassin "cron.daily job results in "error: GPG validation failed!"" [Medium,Fix released] https://launchpad.net/bugs/257405
<HackeMate> hello
<HackeMate> i have configured a webdav server but it wont enable the https
<HackeMate> just http
<HackeMate> http://pastebin.com/fLje9Dtf
<HackeMate> it's the apache config file
<HackeMate> i have created the certificate and it exists
<HackeMate> i try to access the web and i receive an error like this: firefox cant establish a connection with the hostname
<HackeMate> without 's' works
<zul> hggdh: ping are you still using my SRUtracker?
<hggdh> zul: I am _still_ to move it over to QA
<zul> hggdh: ok because its broken right now i have to fix it...ill let you know when its working again
<hggdh> zul: heh, no problems at all :-)
<azizLIGHTS> how to check if lightttpd has user dirs enabled or not
<llutz> check if mod_userdir is activated azizLIGHTS
<azizLIGHTS> yes.. how to check this
<llutz> azizLIGHTS: grep lighttpd.conf or mods_enabled
<azizLIGHTS> how i can check if mod_userdir is enabled or not
<azizLIGHTS> oh
<azizLIGHTS> ty
<llutz> conf-enabled
<azizLIGHTS> this should be under server.modules ?
<llutz> yes
<llutz> azizLIGHTS: or "ls -l /etc/lighttpd/conf-enabled/10-userdir.conf"
<azizLIGHTS> ls: cannot access /etc/lighttpd/conf-enabled/10-userdir.conf: No such file or directory
<llutz> azizLIGHTS: so if its not enabled in lighttpd.conf, its not enabled at all
<SpamapS> azizLIGHTS: you can't make a toast with water.
<azizLIGHTS> oh so what precodure to take to enable userdirs
<azizLIGHTS> *procedure
<azizLIGHTS> stop lighttpd how?
<llutz> ln -s /etc/lighttpd/conf-available/10-userdir.conf /etc/lighttpd/conf-enabled/ // service lighttpd restart
<llutz> && not //
<bobg> i am am writing a set of two packages that configures a machine to use our company ldap server for authentcation. package 1 uses debconf-set-selections in the preinst to set values for ldap-auth-config (including debconf/priority=critical). package 2 predepends on pkg 1 and depends on ldap-auth-config. The result is that ldap-auth-config still prompts me with its default values, but if I accept defaults, the /etc/ldap.conf file end up wi
<bobg> th the values that I specified. So if I could just suppres the dbconf prompts it would be fine
<JamesPage> hggdh, zul: http://hudson.qa.ubuntu-uk.org/job/lucid-server-amd64_lvm/1/console
<JamesPage> this *should* run against the ISO image of your choice; just testing it now....
<JamesPage> bear in mind that we have never run the automated ISO test suite against lucid - only maverick +
<zul> muhahaha
<hallyn> kirkland: qemu-0.14.0 is built at ppa:serge-hallyn/virt, and running just fine on my workhorse laptop
<kirkland> hallyn: i'll install that just as soon as I finish this email
<hallyn> i'll need to ask bdrung to verify that capslock does what he wants there
<hallyn> kirkland: cool, thanks
<RoAkSoAx> hallyn: after last week's update of kvm the load is not that high anymore, though now couple of last week ISO's hanged during installation and that couse 100% CPU utilization
<hallyn> RoAkSoAx: this is on natty?
<hallyn> (host)
<RoAkSoAx> hallyn: yes
<hallyn> RoAkSoAx: you might just try out ppa:serge-hallyn/virt which has 0.14.0
<hallyn> RoAkSoAx: (which will be going into natty hopefully really soon)
<RoAkSoAx> hallyn: ok! cool! ;)
<uvirtbot> New bug: #718868 in beautifulsoup (main) "Sync beautifulsoup 3.2.0-1 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/718868
<JamesPage> zul, hggdh: well that seemed to work just fine!
<hggdh> heh
<hggdh> JamesPage: BTW -- did you get my message that the hudson server was hit by an OOM?
<JamesPage> hggdh: yes - nearly missed it; it did that once before; not sure why but a reboot seems to sort it for a few months
<JamesPage> not ideal....
<hggdh> but workable ;-)
<JamesPage> agreed
<hggdh> JamesPage: also there are some updates to be installed on the server. I did not run any because I was unsure on dependencies with Hudson
<JamesPage> its pretty neutral so should be OK; however we may want to consider a switch to Jenkins at some point in time.
<staale> anybody know who I can make www-data echo to /dev/ttyUSB0 ? I have added the group dialout, and it is working when I su www-data
<JamesPage> hggdh: hmmm - may have just confused things as the changes I made to make the lucid regression ISO test work are not thread safe!
<SpamapS> staale: when is it not working?
<hggdh> uh-ho
<staale> when I use system, exec, passthru from php
<JamesPage> hggdh: may be OK....
 * hggdh crosses fingers and toes
<hggdh> JamesPage: BTW, I added a view for Lucid amd64
<JamesPage> hggdh: also need to bear in mind that the preseeds are for natty not lucid - they should work as I don't think anything has changed significantly.
<JamesPage> nice
<JamesPage> I think we need a design review and session at UDS to take this forwards; we need a nice way of maintaining preseeds on a per-release basis outside of the main iso-testing codebase.
<SpamapS> staale: and what does happen? an error? silent failure?
<hggdh> JamesPage: Agrred
<hggdh> s/rre/ree/
<JamesPage> :-)
<staale> @Spamaps apache log: /var/www/shs/test.sh: line 4: /dev/ttyUSB0: Permission denied
<JamesPage> hggdh: I pushed a new branch of ubuntu-server-iso-testing to trunk
<JamesPage> hggdh: it has a new script - setup-hudson-regression.py - which takes two params - the URL of the hudson server + the URL of the ISO to test.
<JamesPage> hggdh: it will reconfigure if the test already exists.
<hggdh> cool
<Slyboots> Anyone acny suggestions for a decent file-manager for linux? (cli)
<hggdh> *very* cool
<JamesPage> hggdh: ./setup-hudson-regression.py --help will give you the other options - they need to match the details for the ISO url or it will break.
<SpamapS> staale: interesting... maybe do a 'whoami' right before that and make sure you are who you think you are at that point in the script execution.
<JamesPage> hggdh: fast not elegant today - may refine tommorow....
<hggdh> JamesPage: fast is good enough, elegance depends on time :-)
<JamesPage> hggdh: agreed - we can always refactor when we have decided where to go with this project next.
<hggdh> JamesPage: yes, even more given that this is growing without bounds
 * RoAkSoAx batalling with OCFS2 again :(
<Slyboots> Right now Im using mc, but its kidna.. crap
<staale> SpamapS: it says www-data for both bash /var/www/shs/test.sh in console and system("bash /var/www/shs/test.sh" ); in php
<mtkorb> When I get to the login screen on Ubuntu Server 10.04, it's printing "MASQUERADE: lo ate my IP address" over and over. Anyone know what this means?
<jmarsden> mtkorb: bug #117303
<uvirtbot> Launchpad bug 117303 in linux-source-2.6.20 "lo ate my ip address" [Undecided,Won't fix] https://launchpad.net/bugs/117303
<SpamapS> staale: thats very weird then! what are the perms on /dev/ttyUSB0 ?
<staale> SpamapS: crw-rw---- 1 root dialout 188, 0 2011-02-14 18:39 /dev/ttyUSB0
<staale> SpamapS: tried with o+wrx, but nothing
<zul> JamesPage: so how would I push an ISO to hudson
<mtkorb> jmarsden: I don't have that script on my machine so the launchpad bug doesn't apply.
<SpamapS> staale: ahh did you stop/start apache after adding www-data to dialout?
<SpamapS> staale: group memberships aren't picked up until a user logs in, or is su'd to.
<staale> Spamaps: nice, thank you very very much :D
<SpamapS> staale: always a pleasure.
<Roasted> anybody good with radius certificates? I think I have the server done but I'm a little stuck on the CA part....
<uvirtbot> New bug: #718902 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/718902
<Roasted> anybody good with radius certificates? I think I have the server done but I'm a little stuck on the CA part....
<hallyn> kirkland: feh, of course now lucid wont boot (vgabios i assume)
<hallyn> kirkland: out for lunch, will be updating bioses later
<Roasted> anybody good with radius certificates? I think I have the server done but I'm a little stuck on the CA part....
<SpamapS> Roasted: you should probably try another channel and/or a mailing list before you start re-asking a question every 30 minutes.
<Roasted> tried another channel. free radius has literally 0 talk
<Roasted> so, here I am. Thanks. :)
<uvirtbot> New bug: #718188 in dovecot "dovecot won't be restarted after failure" [Low,Triaged] https://launchpad.net/bugs/718188
<smoser> jjohansen, are you around ?
<jjohansen> yep
<jjohansen> smoser: whats up?
<smoser> you built a kernel for hardy
<jjohansen> yeah
<smoser> and pasted links, but i dont think there were any modules
<jjohansen> oh, hrmm right I need to kick off that portion separately
<jjohansen> give me a bit, I'll kick it off and let it build
<ivoks> happy valentine :) i love you all
<RoAkSoAx> lol
<RoAkSoAx> ivoks: happy valentines to you too
<RoAkSoAx> lol
<zul> ivoks: no you dont :)
<genii-around> Roasted: You might want to look at the README in /usr/share/doc/freeradius/examples/certs/
<ivoks> zul: but i do :)
<Roasted> I pretty much have it memorized by now, genii-around
<Roasted> but thanks for the idea.
<zul> ivoks: fine...then fix dovecot ;)
<ivoks> zul: what's wrong with it?
<genii-around> Roasted: Does /etc/freeradius/eap.conf  point to wherever you put the certificate?
<zul_> ivoks: dovecot-postfix messes with the configuration file when you update postfix.
<Roasted> genii-around, I'm trying to generate the certificate first.
<zul_> ivoks: 717298
<Roasted> genii-around, all of the guides I found on freeradius, to put it bluntly... suck. And I found one that was a little more descriptive, so I was using this guide from ground up. But it won't take my command I'm trying to issue it
<ivoks> bug 717298
<uvirtbot> Launchpad bug 717298 in dovecot "dovecot-postfix upgrade overrides main.cf" [Undecided,New] https://launchpad.net/bugs/717298
<smoser> jjohansen, could you just upload to a ppa ?
<jjohansen> smoser: no
<smoser> is that possible ? or do these have to be spun more manually
<smoser> suck
<ivoks> zul: well, yes, we could add a warning
<genii-around> Roasted: If you are in that dir where the REAME is, all the files to make your cert are there. If you follow http://wiki.freeradius.org/Certificates those files are in  /usr/share/doc/freeradius/examples/certs/
<ivoks> zul: but the point of the package is to override all settings
<smoser> jjohansen, could you then please update what needs to be done at https://wiki.ubuntu.com/UEC/Images/Publishing ?
<smoser> i know in the end we get it into ubuntu-on-ec2 ppa, but i'm not sure of how it gets there.
<jjohansen> smoser: well yes it is possible but its going to a long time to get anything out of a ppa
<smoser> well, in the end it needs to get to one
<Roasted> genii-around, I'm doing this by command line. The command I am issuing (as per the guide) is not working.
<jjohansen> smoser: hrmm, okay I'll talk to smb about it
<genii-around> Roasted: You just need to issue: sudo make          in that dir. Then you can either leave the certificate in there or move it somehwere else. Either way you need to then edit the eap.conf file to point to where it is. Then restart freeradius
<Roasted> genii-around, hang on a second. what does sudo make do? I'm trying to generate a cert from ground up with a command through openssl. what would sudo make do for me?
<genii-around> Roasted: You need to use sudo to execute the certicate-making script in /usr/share/doc/freeradius/examples/certs/ because regular user does not have write priveleges in that directory
<genii-around> Roasted: From the freeradius wiki page I already referenced: "make" .. "And the new certificates will be generated. There is no need to run any special OpenSSL commands."
<Roasted> genii-around, lol... so wait... are you telling me sudo make *IS* the cert making command?
<genii-around> Roasted: Exactly
<Roasted> What's the trick to it? Do I just have to be CD'd into that cert directory for sudo make to take on that usability?
<Roasted> because when I think sudo make I don't think "oh hey it makes certificates"
<genii-around> Roasted: There is a Makefile in that examples directory which creates your certificate when you issue the: sudo make
<Roasted> genii-around, what the... you gotta be kidding me. if it's that easy I'm going to be so angry.
<genii-around> Roasted: But since it will create it in the directory in which you issued the command, you then need to tell the main config file for your cert ( which is eap.conf ) where to now look for it
<Roasted> genii-around, yeah, that just requires editing it with gedit or something and changing hte path though, right?
<genii-around> Roasted: Yup
<Roasted> genii-around, looks like I got an error
<Roasted> genii-around, I can't paste from vmware but I'll retype best I can.
<Roasted> writing new private key to 'server.key' .................. problems making certificate request. error (insert long code here) encoding routines:ASN1_mbstring_ncopy:string too long. Make: *** Error 1
<genii-around> Roasted: Check the clients.cnf file in the examples directory and make sure it has proper 2-letter countryName  value (eg: the top-level domain name for your country), and that the value countryName_min is set to 2. then try the make again
<Roasted> genii-around, client.cnf in examples or in the actual freeradius dir under /etc?
<genii-around> Roasted: In examples. Since that is where the script is drawing the values from to make the certificate
<ivoks> does anyone know why logrotate rotates postgre logs with 'copytruncate'?
<Roasted> countryName just says "match"
<Roasted> hmm...
<uvirtbot> New bug: #251139 in apr (main) "backport apr 1.2.12 to Hardy" [Undecided,Won't fix] https://launchpad.net/bugs/251139
<ZacLnxNewb> Hello
<ZacLnxNewb> I'm trying to install another hard drive, and I've been able to mount it
<ZacLnxNewb> I editted Fstab but upon reboot I had some sort of error
<ivoks> mistakes in fstab are dangerous
<ZacLnxNewb> ivoks: I noticed. :D
<hallyn> jdstrand: does tests/qemuxml2argvtest failing in libvirt ring a bell?
<ZacLnxNewb> ivoks: I think the problem is that I put "ext3" for the type instead of "ntfs"
<ivoks> :)
<ivoks> then boot in recovery mode and fix it
<ZacLnxNewb> ivoks:  I was given conflicting results, one program said the drive was "ext3" and another "ntfs"
<ZacLnxNewb> ivoks: Could you possibly help me through this process?
<ivoks> if you didn't format it, i doubt it's ext3
<ivoks> sure, boot into recovery
<jdstrand> hallyn: no. not at all. that sounds like a potential problem
<ZacLnxNewb> I just did a fresh install >.>  I'm experimenting with different configurations
<hallyn> jdstrand: well, if i parse this right it's on test 'cpu-exact2', and this is on armel
<Roasted> genii-around, is match an acceptable answer?
<jdstrand> hmm
<ivoks> you can boot into recovery by choosing that option in the boot loader
<ivoks> aka grub
<jdstrand> hallyn: istr something with armel, but not that
<ZacLnxNewb> Choosing that option when booting with the CD ?
<jdstrand> hallyn: makes me curious if the linaro qemu is being pulled in, but other than that, nothing springs to mind
<hallyn> i wonder if that thing is actually testing the libvirt monitor
<hallyn> oh
<ivoks> ZacLnxNewb: no, from disk
<genii-around> Roasted: No. CA for Canada, DE for Germany, AU for Australia and so on
<hallyn> hm, no qemu on the system actually
<ZacLnxNewb> ivoks:  I don't get a boot menu when I boot
<Roasted> still getting this darn error genii-around
<hallyn> eh, when in doubt clean up and re-try build
<ZacLnxNewb> ivoks: I only get a menu when I boot using the CD
<ivoks> ZacLnxNewb: hold shift (ubuntu 10.04+)
<ivoks> ZacLnxNewb: or Esc (ubuntu <10.04)
<ZacLnxNewb> ah
<ZacLnxNewb> ivoks:  sudo blkid returns
<ZacLnxNewb> ivoks:  /dev/sdb1: UUID="b52edc28-264b-4869-9899-436197c5ea03" SEC_TYPE="ext2" TYPE="ext3"
<ZacLnxNewb> ivoks: but I think the drive is NTFS
<uvirtbot> New bug: #520977 in apr (main) "Requires non-existant libuuid.la" [Undecided,Fix released] https://launchpad.net/bugs/520977
<ivoks> just boot into the rescue and then you'll comment out your line
<ivoks> then we will go from there
<ZacLnxNewb> ivoks:  I've already reinstalled freshly the system
<ZacLnxNewb> ivoks: Nothing important lost. :p I'm just learning
<ivoks> hahaha cause of the wrong line in fstab?
<ivoks> i see you are switching from windows :)
<ZacLnxNewb> ivoks: months ago. >.>
<ZacLnxNewb> ivoks:  I've been running a fairly secure server for quite sometime, I decided to reinstall and reconfigure stuff faster, cleaner, etc
<ZacLnxNewb> ivoks:  How can I reliably tell whether the drive is ext2 ext3 or ntfs?
<ivoks> ext3 is ext2 + journaling
<ivoks> every ext3 can be mounted as ext2
<ZacLnxNewb> Actually, I'm happy to format this drive, but I left it as ntfs because I thought it needed to be that for samba shares or something
<ZacLnxNewb> ivoks: What file system would you suggest?
<ivoks> ZacLnxNewb: for linux server? ext3
<ivoks> for bigger disks (1+ TB) xfs
<ivoks> just because it fscks faster :D
<ivoks> and mkfs is faster
<samael6> what is the recommended option in the ubuntu menu
<jevidl> in the past at least, xfs was pretty sensitive to mishandling, ie improper dismounts in the case of a power outage, things like that. If there's no battery backup, it might be better to use ext3/4
<uvirtbot> New bug: #604753 in linaro-toolchain-misc "[eglibc] process shared mutex's fail on armel v7 (thumb)" [High,Confirmed] https://launchpad.net/bugs/604753
<njin> Hello to all, i've assigned this bug report to linux package, is it right ? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/712382
<uvirtbot> Launchpad bug 712382 in linux "10.04 Software raid unbootable - HP Proliant G6 server - 2 X 500 GB drives / 2 X 250 GB are always fine - pretty major bug" [Undecided,New]
<ZacLnxNewb> awesome, so formatting the drive to ext3
<ZacLnxNewb> next is adding the uuid to fstab. :D
<ivoks> yes
<ZacLnxNewb> do I just add this line?
<ZacLnxNewb> uuid mountpoint type
<ZacLnxNewb> is that enough to mount it?
<ivoks> no, that's a broken line
<ivoks> uuid mountpoint type options 0 0
<ivoks> options can be just 'defaults' for start
<ZacLnxNewb> ah, hey
<ivoks> 0 0 - don't break the boot if fs is broken
<ZacLnxNewb> I appreciate the help
<ZacLnxNewb> I'll be back in 20 minutes, need to pick up brother from school
<ZacLnxNewb> Thanks
<ivoks> np
<samael6> whats the best option in the menu
<ivoks> menu?
<pmatulis> samael6: please be more specific
<samael6> the installation menu when you start the process
<ivoks> jevidl: that's past ;)
<ivoks> 'Install'? :)
<samael6> how are you lost i just  explained it very clearly
<pmatulis> samael6: choose "Install Ubuntu"
<samael6> and then what i wanna know when i install the server
<pmatulis> samael6: you want to know what?
<samael6> whats next in the installation
<mdeslaur> ivoks: re: dovecot, please take a look at bug 715056
<uvirtbot> Launchpad bug 715056 in dovecot "invalid ssl-certificates in /etc/postfix/main.cf after security upgrade" [Undecided,Confirmed] https://launchpad.net/bugs/715056
<mdeslaur> ivoks: it's not supposed to overwrite settings on upgrade, but there's (IMHO) a bug in the postinst script
<ivoks> hm
<mdeslaur> zul: ^ that's the correct bug #
<pmatulis> samael6: https://help.ubuntu.com/10.10/serverguide/C/installing-from-cd.html
<ivoks> yes, configure always replaces certificate
<jevidl> ivoks: sure. I haven't used it in a while, but I know that for a while it was a pretty big problem. I usually just go for ext4 anymore, though once btrfs is stable in linux that'll be my new favorite :)
<ivoks> jevidl: it was a problem in 2.6.16-2.6.18
<ivoks> iirc
<ivoks> if [ -z "$2" -o ! -e "$POSTFIX_BCKFILE" ]; then
<ivoks> iirc, $2 is new version that's being installed
<mdeslaur> ivoks: it will hit "-o ! -e "$POSTFIX_BCKFILE" 100% of the time
<ivoks> ah, right
<ivoks> my bad
<ivoks> instead of move, we should cp with timestamp
<mdeslaur> ivoks: yeah
<ivoks> and then copy /etc/postfix/main.cf to $POSTFIX_BCKFILE
<mdeslaur> zul: I'll let you and ivoks sort it out
<ivoks> mdeslaur: thanks
<mdeslaur> ivoks, zul: thanks!
<ivoks> i'll have to look at the whole postinst
<ivoks> Firefox should have notification "Too many tabs starting with 'Bug'"
<samael6> what about under the package tasks what are those options im confused
<ivoks> what confuses you?
<samael6> look under package tasks
<ivoks> i've done at least 200 server installs, but i don't know exactly what's written
<ivoks> iirc, there are 'LAMP', 'openssh server' 'cups printing server', etc...
<ivoks> DNS server, Mail server... etc
<samael6> for a social networking website what do i pick
<ivoks> you know what LAMP is?
<ivoks> many social websites run on LAMP
<samael6> what do the other options do
<ivoks> if you don't know what mail, printing, dns and cloud are... well, then those don't mean anything
<samael6> oh ok
<ZacLnxNewb> I know what lamp dns cloud, openssh, print cups and stuff are. :D
<samael6> is it ok that i install the pc without the server what would happen if i did
<axisys> how do I fix cylinder overlap here http://pastebin.com/3xf8qiFB .. this is a fresh server install LTS
<ivoks> axisys: sda1 is /boot?
<axisys> ivoks: yes
<ivoks> axisys: quick and easy; copy all from /boot to /root/boot_backup; umount /boot ; fdisk /dev/sda and delete sda1 ; create new sda1, mount it as /boot and copy data back
<axisys> ivoks: ok
<ZacLnxNewb> ivoks: here's the line I'm putting into fstab
<ZacLnxNewb> ivoks:  UUID=500fb029-28dd-4e3a-a7e1-55def6a8e930 /drive/ ext3 defaults 0 0
<ivoks>  /drive
<geekboxjockey> ive enabled apache2 rewrite to point to another page using a 301, i remove the settings, restarted the server and its still doing so
<geekboxjockey> any ideas, is there some rewrite cache?
<ivoks> there's no rewrite cache
<ivoks> cache is in your browser
<ivoks> test with w3m, it doesn't cache :)
<ZacLnxNewb> rebooting
<ZacLnxNewb> Success!
<axisys> ivoks: did not quite work.. i recreate the /dev/sda1 using fdisk /dev/sda and mkfs.ext2 and blkid /dev/sda1 in fstab and copied the data back to /boot and mounted fine.. reboot takes me to grub rescue>
<axisys> it is not in production
<axisys> i can rebuild the system.. unless there is another option
<axisys> boot from live cd and reinstall grub ?
<ivoks> ah, update-grub was needed too
<ivoks> you can boot install/live cd and choose rescue broken system
<axisys> ivoks: anyway to bring it back from grub rescue> ?
<ivoks> there is, but i'm not sure with grub2
<ivoks> let me see something
<axisys> grub rescue> ls show (hd0) (hd0,2) (hd1) (hd1,1) (hd2)
<axisys> i have three disks
<axisys> sda, sdb and sdc
<ivoks> insmod part_msdos
<ivoks> insmod ext2
<ivoks> set root='(hd0,msdos1)'
<ivoks> linux /vmlinuz-(hit TAB) root=/whatever/is/your/root ro
<ivoks> initrd /initrd.img-(hit TAB)
<axisys> hitting tab gives me nothing..
<ZacLnxNewb> ivoks: Do you know how I can make a shortcut to another directory
<ZacLnxNewb> so that user's home directories have a folder they can go into that's actually a folder on the new drive?
<axisys> /whatever/is/your/root <-- is it / or /dev/mapper/blah ?
<ivoks> axisys: /dev/mapper/blah
<axisys> ok.. i got that one.. but vmlinuz does not expand with tab
<ivoks> ZacLnxNewb: of course (ln -s)
<axisys> may be look into another LTS server
<axisys> and pick up the vmlinuz from there
<ivoks> axisys: doesn't expand?
<axisys> ivoks: no
<ivoks> are you sure you didn't add /boot?
<ivoks>  it's /vmlinuz-something not /boot/vmlinuz-something
<axisys> yep... not /boot in there.. typing exactly you said
<ivoks> try with /boot then :)
<ivoks> maybe grub2 doesn't have autocompletion
<axisys> ivoks: probably
<RoyK> ivoks: iirc it has
<ivoks> it has
<ivoks> axisys: https://help.ubuntu.com/community/Grub2#Fallback%20mode
<ivoks> ls (hd0,0)/*
<ivoks> why isn't there hd0,1 in your ls output
<axisys> i am trying with live cd now
<kirkland> hallyn: okay, i'm just now getting to installing your qemu-kvm 0.14 package
<kirkland> hallyn: which PPA is it in?
<kirkland> hallyn: you have like 30 PPAs :-)
<ZacLnxNewb> ivoks:  zachary@ZACSERVER:/storage/home/zachary$ cd public -bash: cd: public: Too many levels of symbolic links
<ivoks> ZacLnxNewb: what did you do?
<ZacLnxNewb> I made a directory on the drive
<ZacLnxNewb> home
<ZacLnxNewb> and made two directories in that, public and zachary
<ZacLnxNewb> I linked public into zachary
<axisys> so just run grub-install /dev/sda1 (/boot) ?
<axisys> ivoks: ^
<ivoks> axisys: no
<ivoks> axisys: update-grub
<ZacLnxNewb> and I linked zachary into /root/home
<ZacLnxNewb> but trying cd public
<ivoks> axisys: grub is already installed (on /dev/sda)
<ZacLnxNewb> gave me that error
<ivoks> what? :)
<axisys> ivoks: done.. let me reboot
<ivoks> axisys: check /boot/grub/grub.cfg first
<axisys> ivoks: looks fine
<ZacLnxNewb> ivoks: did you get what I said?
<ivoks> ZacLnxNewb: not really but i see mistakes
<ivoks> can you paste the commands you used on pastebin?
<ZacLnxNewb> ivoks:  I made a home directory on the drive with "zachary" and "public" in it, and linked public into zachary
<ZacLnxNewb> ivoks: and then linked zachary to the home directory on the system drive
<ivoks> commands please
<ivoks> cause what you said makes no sense
<ZacLnxNewb> k one moment
<ZacLnxNewb> ivoks:  I can't paste the commands
<ZacLnxNewb> ivoks:  I have the system drive, and the 2nd hard drive
<ivoks> you mounted 2nd drive as /storage?
<ZacLnxNewb> on the new second hard drive, I created a directory labeled "home" in which I created a "public" directory, and a "zachary"
<ZacLnxNewb> ivoks:  Yes
<ivoks> that's bad practice, but ok
<ivoks> so
<ZacLnxNewb> ivoks:  What's better practice?
<ivoks> mkdir /storage/home
<ivoks> mkdir /storage/home/public
<ZacLnxNewb> yes
<ivoks> mkdir /storage/home/zachary
<ivoks> ok
<RoyK> ivoks: mkdir -p :P
<ivoks> what's next?
<ZacLnxNewb> then ln -s /storage/home/public /storage/home/zachary
<ivoks> wtf? :)
<RoyK> ZacLnxNewb: mount -o bind is better
<ivoks> what? why? what are you trying to do?
<uvirtbot> New bug: #709944 in apr (main) "package libapr1 1.3.8-1build1 failed to install/upgrade: le paquet libapr1 est dÃ©jÃ  installÃ© et configurÃ©" [Undecided,Invalid] https://launchpad.net/bugs/709944
<ZacLnxNewb> ivoks:  basically have the home directories on the 2nd hard drive, and have a public directory that all the users can access
<ivoks> then don't do that
<ivoks> move your home to /media/storage (but mount the disk there first)
<ivoks> change home path in /etc/passwd (command is vipw)
<ivoks> and you are done
<ivoks> as for public, just create /media/storage/public
<ivoks> and chmod 1777 /media/storage/public
<ivoks> that's it
<ivoks> or mount second disk as /home
<ivoks> :)
<ivoks> axisys: is it working?
<axisys> ivoks: nah.. its cool
<ivoks> ?
<axisys> ivoks: it is not in production.. i can just rebuild it
<axisys> before I was getting grub rescue> .. not I get grub>
<ivoks> :/
<ZacLnxNewb> ivoks: I personally want the disk to remain as storage
<axisys> but sinc emy root is LVM .. grub does not recognize it
<ivoks> grub2 is new to me too
<ZacLnxNewb> ivoks:  Why is it bad practice to do what I did though?
<ivoks> axisys: but /boot is on ext3?
<axisys>  /boot is ext2
<ivoks> axisys: on /dev/sda1
<axisys> ivoks: yes
<ivoks> then grub should see it
<axisys> the tab completion works now.. but i cannot point to a lvm disk
<ivoks> ZacLnxNewb: http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/index.html
<axisys> ls from shows the lvms but it says unknown fs for root.. which is ext4
<ivoks> axisys: eh? you type in root=/dev/mapper/volumegroup-logicalvolume
<axisys> ivoks: yes
<ivoks> axisys: and initrd after that?
<axisys> ivoks: no
<ivoks> hehe
<ivoks> lvm module is in initrd
<hallyn> kirkland: ppa:serge-hallyn/virt
<ivoks> 22:19 < ivoks> linux /vmlinuz-(hit TAB) root=/whatever/is/your/root ro
<ivoks> 22:19 < ivoks> initrd /initrd.img-(hit TAB)
<axisys> ivoks: oh ok.. let me try again..
<RoyK> hrmf... so, three full ZFS VDEVs, slow-as-fuck fileserver, replacing 21+1 2TB drives soon with 3TBs, adding some 2,5TB worth of SSDs for L2ARC, some quick SSDs for SLOG, this will take some time...............
<ZacLnxNewb> ivoks:  Well, I'm going to have it remain storage, I guess I'll just chnage the home directories to be on the storage
<RoyK> zfs is fine, that's for sure, until the shit hits the fan
<ivoks> ZacLnxNewb: ok
<axisys> so run it like this?
<axisys> insmod part_msdos
<axisys> insmod ext2
<axisys> set root='(hd0,msdos1)'
<axisys> but my root is lvm
<ivoks> root in grub is not linux root
<ivoks> it's the root where grub config is
<axisys> ivoks: so I shoudl type set root=(hd0,1) instead
<ivoks> yes
<axisys> not set root='(hd0,msdos1)'
<ivoks> in my grub.cfg it's msdos1
<axisys> oh ok
<ivoks> why is that, i'm not sure
<ivoks> probably cause insmod part_msdos
<RoyK> msdos ftw!
<RoyK> no memory protection, no fancy memory management...
<axisys> everytime i install a ubuntu-server from a cd iso, I need to modify the installation with hit F6 and remove quiet  and add console=ttyS0,9600n8 to finish the install from serial.. how do I modify that line and re-iso the image ?
<axisys> my servers iloms have a way to install or boot from remote iso.. but usually the gui is slow when installing remotely.. i rather do it from cli ..
<ivoks> i've done it only with pxe installer
<axisys> ivoks: with pxe .. i have to have a dhcp on same network .. little difficult .. ilom -> cd iso works better..
<axisys> we have servers all over the country..
<axisys> all our servers have iloms
<axisys> if i know which file has that command.. i could modify and re-iso it and give that a try
<ivoks> axisys: on install cd there's isolinux dir
<ivoks> in it there's text.cfg
<axisys> cd /mnt/isolinux .. i am in there.. let me find the file
<axisys> oh.. its in that dir
<axisys> found the append line
<ivoks> you could also modify isolinux.cfg so that default is text.cfg instead of vesamenu.c32
<axisys> thanks
<axisys> ivoks: even better
<ivoks> but test it with kvm or something
<ivoks> i've never tried changing default
<axisys> ivoks: yep..
<axisys> i guess i need to add a serial on top .. so even the menu shows up in serial.. instead of blindly hitting enter twice
<axisys> let me find the syntax for that
<axisys> i will test it in virtualbox .. so to make a iso .. just mkisofs .. correct ?
<ivoks> https://help.ubuntu.com/community/InstallCDCustomization
<ivoks> skip to Burning the CD
<axisys> ivoks: thanks a lot :-)
<axisys> nice.. i could make changes to the preseed too
<axisys> creating all these LVMs take a while
<axisys> i have to do the same for two other servers
<ivoks> instead of serial, i like to start network console and just ssh into installer
<axisys> ivoks: how?
<axisys> ivoks: you mean with dhcp ?
<axisys> or pxe rather ?
<ivoks> no...
<ivoks> you kickstart/preseed everything before partitioning
<ivoks> and add anna/network-console to kernel line
<ivoks> you have to preseed password
<ivoks> https://help.ubuntu.com/community/Installation/NetworkConsole
<ivoks> installer starts, sets the network, language, keyboard, hostname, all that
<ivoks> and then starts sshd
<axisys> wow!
<axisys> let me check it out
<ivoks> you can ssh to it
<ivoks> and then get the console in the installer
<ivoks> or just continue installation
<uvirtbot> New bug: #719056 in sg3-utils (main) "Sync sg3-utils 1.30-1 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/719056
<kirkland> hallyn: using the qemu-kvm, qemu-common, seabios, and vgabios from your ppa:
<kirkland> $ kvm -m 1024 -smp 2 -hda natty-server.img -vga std
<kirkland> kvm: pci_add_option_rom: failed to find romfile "vgabios-stdvga.bin"
<kirkland> hallyn: same for -vga vmware
<kirkland> hallyn: -vga qxl dumps me to the qemu monitor, strangely
<kirkland> hallyn: yeah, we just need to add a few more *.bin to debian/install: http://paste.ubuntu.com/567155/
<marks> Hey all, i am having some Apache issues, i can't access my site without the WWW, can anyone give me a hand at debugging this?
<BigRedS> marks: you probably need a ServerAlias without the www
<BigRedS> assuming you don't already have one
<marks> BigRedS, how would i go about adding that? To HTTPD.conf?
<jkg> my first guess would be /etc/apache2/sites-available/default
<jkg> just under the line that says ServerName www.bigred'sdomainname, hopefully :-)
<kirkland> RoAkSoAx: testdrive -u file.img is broken (again)
#ubuntu-server 2011-02-15
<BigRedS> marks: it's wherever you've configured the servername. Normally you'd have a file for it under /etc/apache2/sites-available/, sometimes in 'default'
<jkg> except I got the parties in the conversation back to front. *cough*
<marks> BigRedS, and jkg, it is, lets see it, one moment
<RoAkSoAx> kirkland: grrr give me a sec
<axisys> ivoks: was away.. in the bus.. checking the link now
<RoAkSoAx> kirkland: what's the error message though?
<kirkland> RoAkSoAx: http://pastebin.ubuntu.com/567165/
<marks> BigRedS, and jkg, an alias without, WWW?
<RoyK> anyone ever tried using SLOG with zfs-fuse?
<BigRedS> marks: yeah
<BigRedS> exactly the same as the ServerName line, but ServerAlias in place of ServerName, and no www.
<jkg> marks: do you have a line like "ServerName www.whatever"? if so add a line under it, "ServerAlias whatever"
<BigRedS> the www is just another subdomain as far as apache is concerned - it has no special meaning
<marks> No i don't, and odly, my HTTPD is empty.
<RoyK> wtf am I in this channel
<BigRedS> marks: apache's central config file is now /etc/apache2/apache2.conf
<BigRedS> but sites are in /etc/apache2/sites-available
<hallyn> kirkland: yeah, i'll get that in the build, thanks.  (I'm trying to debug test break libvirt 0.8.7 on armel first)
<BigRedS> marks: httpd.conf is kept for compatibillity, but not used
<jkg> RoyK: it's the glamour and the excitement, isn't it?
<BigRedS> marks: you need to get the ServerAlias in the right VirtualHost, though, else it wont work
<marks> Its the global one i need to edit
<RoyK> jkg: not really
<BigRedS> marks: the global what?
<BigRedS> the default site is /etc/apache2/sites-available/default
<marks> The global domain, like not a hosted one. Would that be in the apache2.conf?
<BigRedS> the core not-site-specific config is in apache2.conf
<kirkland> hallyn: with that, vmware and std work
<BigRedS> marks: no. /etc/apache2/sites-available/default
<kirkland> hallyn: still no go with qxl
<kirkland> hallyn: did we need to add a configure option to qemu for that?
<RoAkSoAx> kirkland: not my fault this time :P :) what does 'file ./natty-desktop.img' show you?
<kirkland> RoAkSoAx: $ file natty-desktop.img
<kirkland> natty-desktop.img: QEMU QCOW Image (v2), 6442450944 bytes
<hallyn> kirkland: no, i didn't see a configure option for qxl
<hallyn> looked...
<kirkland> hallyn: k
<RoAkSoAx> kirkland: in maverick and before it used to show "QEMU Image" instead of "QEMU QCOW Image", and that's why it doesn't recognized as an image
<marks> BigRedS, can i show you a pastebin of what i have? I don't think its right.
<hallyn> kirkland: seriously?  -vga std works?  with a lucid image?
<kirkland> RoAkSoAx: okay, just look for "s/qemu/i"
<kirkland> hallyn: sorry, no, natty guest
<BigRedS> marks: yeah, go for it
<hallyn> kirkland: just to sanity check, debian/install did not previously exist right?
<marks> BigRedS, http://pastebin.com/fW6WEVC1
<kirkland> hallyn: uh, in what? vgabios?
<BigRedS> marks: is that the virtualhost you want displayed at your domain? Just to check, do you have DNS records for both the www. and the normal domain in place pointing to that machine?
<kirkland> hallyn: right, "make install", I think, handles it today
<kirkland> hallyn: perhaps it's the Makefile that needs to be patched
<hallyn> kirkland: no, i just mean - you created a new debian/install file right?
<marks> BigRedS, how so what do you mean
<BigRedS> marks: So long as you've not specified a ServerName or Alias with that domain, that's the vhost that should be displayed
<kirkland> hallyn: i did not
<BigRedS> marks: what's the actual domain name you're using?
<kirkland> hallyn: i built locally, and sudo cp'd the files into the place qemu expects, as a temporary hack
<marks> I'm using http://tm0.org
<marks> Which doens't work without WWW
<RoAkSoAx> kirkland: will upload tomorrow. Will also include the Messaging Indicator :)
<kirkland> RoAkSoAx: rock ;-)
<kirkland> RoAkSoAx: oh, do one more thing ...
<RoAkSoAx> kirkland: sure
<BigRedS> marks: works for me
<kirkland> RoAkSoAx: create a $HOME/.cache/testdrive/kvm.log
<kirkland> RoAkSoAx: that appends each kvm message run
<kirkland> RoAkSoAx: sometimes, I want to lookup the kvm message i used to launch a vm
<kirkland> RoAkSoAx: and use that again
<BigRedS> marks: though now I can't get a dns lookup for it?
<RoAkSoAx> kirkland: ok cool
<kirkland> RoAkSoAx: like when -u file.img breaks ;-)
<marks> BigRedS, That might be my configuration
<BigRedS> marks: both work for me, I suspect it's something local to you :)
<RoAkSoAx> kirkland: sure thing. Been wanting to add more logging support. I guess it is about time :)
<marks> BigRedS, is it possible that domain propingation was slower on one? I did recently add another domain in webmin without WWW
<kirkland> RoAkSoAx: cool
<BigRedS> marks: it's possible
<BigRedS> you can use the 'host' command to see the current records as far as your machine is concerned
<kirkland> RoAkSoAx: perfect, thanks!
<kirkland> hallyn: okay, no rush, tomorrow or this week is fine
<BigRedS> marks: hosts tm0.org     for example
<kirkland> hallyn: would be nice to do it before our meeting on Wed
<RoAkSoAx> kirkland: no probs ;)
<kirkland> hallyn: btw, will you be able to make it to that Happy Hour?
<marks> That might be it, i'll try through some proxies, thanks BigReds, and i will try the hosts
<hallyn> kirkland: I'm not sure.  I"ll try
<kirkland> hallyn: RoAkSoAx: take care dudes, time to give the wife some attention for V-day ;-)
<RoAkSoAx> kirkland: enjoy!!
<hallyn> ttyl
<iclebyte-work> i have a server which won't reboot
<iclebyte-work> any ideas?
<marks> BigRedS, wonderful, it is just propinigation, thanks so much for your help?
<axisys> ivoks: so you need another person at the site to build the network before you can continue ?
<axisys> ibm watson is in jeopardy now!
<BigRedS> marks: Ah, perfect! No problem!
<iclebyte-work> i have an ubuntu system which will not listen to shutdown -r now or init 6 - anything else we can try?
<BigRedS> iclebyte-work: is it doing anything at all?
<iclebyte-work> it says it's shutting down but it wont go down
<h00k> So, I'm new to postfix, I'd like to set up postfix through gmail. I saw it references /etc/postfix/main.cf, but I have /etc/postfix/master.cf, is this still relevant and/or is the wiki up-to-date?
<twb> define "through"
<h00k> sorry, the wiki references /etc/postfix/main.cf
<BigRedS> iclebyte-work: at a guess, it's waiting for a service to finish. what's at the end of syslog?
<BigRedS> h00k: postfix uses both files
<h00k> twb: as in...use google as an smtp relay, from what I understand.
<BigRedS> and more
<h00k> BigRedS: okay, so it is separate.
<iclebyte-work> BigRedS, nothing relevant to a shutdown
<h00k> BigRedS: Because the wiki was old, I wasn't sure if the file had been changed from main to master
<twb> Hm, that should be trivial except for having postfix know your gmail username and password.
<twb> Also gmail might still rewrite your messages so they all appear to come from you.
<h00k> twb: that's okay, I don't mind
<BigRedS> h00k: ah, main.cf configures most of postfix, master.cf how it interacts with other apps
<twb> Personally I use msmtp for this purpose.
<h00k> twb: I'm setting up Nagios for the first time
<h00k> BigRedS: ah, makes sense.
<BigRedS> iclebyte-work: I'd start looking at each service you're running, see if any are crashing/crashed for some reason
<BigRedS> iclebyte-work: have you a real-life monitor on it?
<hallyn> kirkland: heh, my first attempt at fix didn't work.  No worries, I'll do it later.  (For vgabios)
<twb> h00k: apt-get install msmtp-mta
<twb> Then put something like this in /etc/msmtprc http://paste.debian.net/107660/.
<twb> Then you can either put the password in cleartext in ~/.netrc or /etc/msmtprc, or type it every time.
<hallyn> all right, fixed
<h00k> twb: would I be able to use that through Nagios?
<twb> AFAIK nagios uses mail(1) which uses sendmail(8) which is the interface msmtp-mta provides.
<h00k> twb: okay, and what would the syntax be if I included the password in /etc/msmtprc?
<twb> 1 grunt nagios3: Warning: Attempting to execute the command "/usr/bin/printf "%b" "***** Nagios 2.6 *****\n\nNotification Type: PROBLEM\n\nService: HTTP\nHost: soy.cybersource.com.au\nAddress: soy.cybersource.com.au\nState: +WARNING\n\nDate/Time: Mon Feb 14 14:44:40 EST 2011\n\nAdditional Info:\n\nHTTP WARNING: HTTP/1.1 404 Not Found - 466 bytes in 0.004 second response time" | /bin/mail -s "** PROBLEM alert -
<twb> soy.cybersource.com.au/HTTP is WARNING **" +support@cybersource.com.au" resulted in a return code of 127.  Make sure the script or binary you are trying to execute actually exists...
<twb> ...I get a lot of those because mail(1) isn't installed on grunt yet :-/
<twb> h00k: I don't know, the manpage does.
<twb> h00k: if it's not obvious ask again
<h00k> twb: roger.
<h00k> twb: I tried testing without specifying a password, I'm getting a reply of: http://pastebin.com/60qxMh5Q
<h00k> twb: (after I actually type in my password)
<twb> h00k: did you type in your password?
<h00k> twb: yep. Also, /etc/msmtprc is http://pastebin.com/UUMwubR2
<twb> That's saying you typed it wrong
<twb> "server message: 535-5.7.1 Username and Password not accepted."
<h00k> It lies!
<twb> Shrug
<h00k> twb: I'll futs around more, thanks for the alternative, though!
<h00k> twb: it still looks like it's using PLAIN authentication and not TLS
 * h00k googles
<twb> h00k: run it with -v
<twb> h00k: perhaps you don't have ca-certificates installed?
<h00k> twb: I do,
<h00k> twb: and -v gave me the same thing. hmm.
<twb> Then I dunno
<twb> "method PLAIN" probably means it's doing cleartext passwords *inside* the SSL tunnel
<twb> As opposed to e.g. doing digest without ssl, which sends an MD5 hash of your password that any MITM can see
<h00k> http://pastebin.com/AcdkU2jv
<h00k> twb: turns out I'm an idiot. my email was wrong.
 * h00k facepalms
<h00k> twb: thanks for the assistance.
<goddard> how do i run a cgi file?
<twb> goddard: execute it.
<goddard> do i have to put it in a special place?
<goddard> i have a cgi bin
<twb> No.
<twb> Executables are executables.
<goddard> i keep getting a 404 error
<twb> goddard: you're using a browser?
<goddard> i mean 403
<goddard> yeah its a emailer
<twb> Well, if you're doing it via HTTP then you need to set up your httpd correctly.
<goddard> ive enabled cgi
<goddard> ok almost got it i think
<goddard> got a 500 error now
<goddard> any ideas how to fix this?
<twb> I'm replacing a host that was serving some simple static HTML content, plus webalizer.  Apparently the functional requirement for the latter is "when we make a press release, we want a rough idea of how many people looked at it".  What's current best practice to meet such a requirement?  My emphasis is on simplicity and security.
<twb> My current inclination is a cron job along the lines of grep -c 200.*/press /var/log/apache2/access.log >/var/www/hits.txt.
<goddard> arg i got an inclination to break this computer rarrrr
<thesheff17> twb: I attach my companies web site to google analytics.  It is just some small javascript.  They have something called campaigns where you can just append some variables to the end of the url for tracking.  It is really useful for what you are talking aobut.
<twb> Yeah, that's what $boss suggested
<twb> My main objection is that google already has too much power :-/
<thesheff17> haha true...I also use awstats if it is just a static page you are creating
<thesheff17> it is basically just runs against your access.log file like you said
<twb> Okey dokey.
<nandemonai> piwik is another option.
<VastOne> test, anyone please respond
<AnAnt> Hello, I suggest to have kerrighed (http://www.kerrighed.org/) in natty+1. That would most probably require adding another kernel flavour.
<twb> "Kerrighed is a Single System Image operating system for clusters. Kerrighed offers the view of a unique SMP machine on top of a cluster of standard PCs."
<twb> ...so plan9 cpu pooling is fashionable now?
<AnAnt> twb: plan9 cpu pooling ?
<AnAnt> what's that ?
<AnAnt> twb: nevermind I found about it on wikipedia
<AnAnt> http://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs
<ivoks> axisys: no, i preseed network configuration
<Sparsh> Can someone help me with some ipconntrack / connections through firewall issues
<Sparsh> http://monitor.wingify.com/munin/visualwebsiteoptimizer.com/lb1.visualwebsiteoptimizer.com.html#Network
<twb> Sparsh: are you using iptables-restore?
<Sparsh> I am not sure, its default ubuntu 10.10 settings. How can I find out
<Sparsh> twd: I dont know.. How can I find out
<twb> Sparsh: if you don't know, then you aren't
<twb> Sparsh: how ARE you loading firewall rules?
<Sparsh> twd: I am not doing anything. all I did was ported a ubuntu 10.10 64 bit image, install nginx on it, and thats it
<Sparsh> I need to make all other changes to it
<Sparsh> twb: eveything is default as of now, but I want to change it to get more out of my servers
<twb> Sparsh: then you have no firewall
<Sparsh> twb: suggest me a good firewall
<twb> There only is one firewall: netfilter.
<Sparsh> twb: this server would be front end and will get around a billion requests per month
<twb> There are a bunch of wrappers around it to make it more "user friendly"; Ubuntu's recommended one is ufw.
<twb> Because I know what I'm doing, I prefer to write the ruleset by hand and call iptables-restore on it before the network comes up/
<Sparsh> okay
<Sparsh> I dont want to ask you a lot of questions but would love to read about all these things in more detaisl... what all should i read about to get a complete knowledge of whats happening to my server and how can i optimize it,
<Sparsh> BTW, I just did this
<Sparsh> root@li235-57:~# sysctl net.ipv4.netfilter.ip_conntrack_max
<Sparsh> net.ipv4.netfilter.ip_conntrack_max = 65536
<Sparsh> I guess 65536 is not enough for my server
<twb> If you don't have a firewall, then you aren't tracking connections in the first place
<Sparsh> but my munin graphs show
<ivoks> nginx?
<Sparsh> http://monitor.wingify.com/munin/visualwebsiteoptimizer.com/lb1.visualwebsiteoptimizer.com.html#Network
<ivoks> as a proxy
<ivoks> ?
<Sparsh> yes
<Sparsh> nginx as reverse proxy
<twb> http://paste.debian.net/107682/ <-- that routes a whole /24, and it doesn't get anywhere near the default conntrack limit.
<ivoks> and the problem is...?
<ivoks> i just see that you have a problem, but i don't see what the problem is
<ivoks> s/see/read/
<Sparsh> yes, even I dont know the exact problem but I want to be sure
<Sparsh> that the server is fine
<Sparsh> and configured properly
<Sparsh> and can handle 700-800req/second with nginx
<Sparsh> and wont have any ipconntrac related issues / or firewall issues
<twb> Sparsh: if you want to test that, then make 800 requests a second and see what happens
<Sparsh> I tried that
<ivoks> it can
<Sparsh> and ipconntrac stopped
<Sparsh> its visible in munin
<ivoks> it can handle much more than 800req
<Sparsh> if you look http://monitor.wingify.com/munin/visualwebsiteoptimizer.com/lb1.visualwebsiteoptimizer.com.html#Network
<ivoks> atm, your server is idle
<Sparsh> at the moment, this server is behind another nginx
<Sparsh> just because it gave some problems which munin recorded
<ivoks> it could be problem with a munin plugin
<Sparsh> It is behind another nginx right now: http://monitor.wingify.com/munin/visualwebsiteoptimizer.com/dev1.visualwebsiteoptimizer.com.html
<Sparsh> well.. the actual numbers of server are kinda same
<ivoks> of 2GB, you only use 0,4GB of RAM
<ivoks> traffic is at the peek 6mbit/s
<ivoks> cpu is idle
<ivoks> load is 0.1
<twb> Sparsh: are you suggesting that the gaps in http://monitor.wingify.com/munin/visualwebsiteoptimizer.com/lb1.visualwebsiteoptimizer.com-fw_conntrack-day.png are points where your host stopped responding to HTTP GETs altogether?
<Sparsh> No, that didnt happen
<Sparsh> it was still responding but became slow
<Sparsh> time_wait increased
<twb> I don't understand what the problem is
<Sparsh> I dont know how to debug
<Sparsh> I can increase traffic again but should know what a/ how to debug whats happening
<Sparsh> http://monitor.wingify.com/munin/visualwebsiteoptimizer.com/lb1.visualwebsiteoptimizer.com-fw_conntrack-day.png  is this graph normal?
<ivoks> so you had a problem?
<twb> I don't know.  I'm a sysadmin, not a webdev.
<ivoks> response time was bigger?
<Sparsh> yes
<Sparsh> so the situation is
<ivoks> is the http load time plugin working?
<ivoks> it says that load time is 0s
<Sparsh> no, I more keep and eye on response time using external services like pingdom
<Sparsh> all I want to make sure is,-
<twb> IMO don't bother doing anything until users start actually complaining
<twb> I mean, obviously they're ALWAYS complaining, but wait until they start complaining about THIS
<Sparsh> well.. if i put a lot of traffic to this server directly, and point DNS to it
<Sparsh> I want to be confident
<Sparsh> that this can face that much traffic
<Sparsh> there is another server which is old now, which is doing all teh traffic
<twb> Sparsh: why?  Are you building a hospital call center website or something?
<Maleko> i have a question about renice. if you have a process that consumes large cpu resource and you launch another cpu demanding process with lowest priority, would it still affect eg slow down the first process even in a bit?
<ikonia> Maleko: the OS will balance it, but yes, it will still take a slice of the cPU
<ikonia> Maleko: it won't queue it
<Sparsh> twb: no,
<ivoks> but if you have modern cpu, with multiple cores
<Sparsh> twb: it serves a javascript which is included in other websites and I dont want them to sloe down
<twb> AIUI each process gets a slice of the CPU time, and the scheduler uses nice to decide what proportion
<ivoks> Sparsh: next time use varnish :)
<Sparsh> I am using Varnish
<Sparsh> as well.. got 2 servers
<Sparsh> nginx is reverse proxy as I dont want all the requests to hit varnish
<twb> ivoks: unfortunately that requires you to install cc on the host :-/
<ivoks> twb: ?
<twb> ivoks: varnishd calls sh -c 'cc -o/var/tmp/vclXXXXXX.o /var/tmp/vclXXXXX.c' before dlopening it
<twb> Rather than parsing /etc/varnish.vcl, it turns it into a C translation unit and compiles it.
<ivoks> Sparsh: http://us.generation-nt.com/answer/bug-565565-munin-node-plugins-fw-conntrack-fw-forwarded-local-cause-severe-network-lags-big-firewalls-help-168991771.html
<ivoks> ah, cc as a compiler :)
<ivoks> Sparsh: http://munin-monitoring.org/ticket/843
<twb> ivoks: try http://bugs.debian.org/565565 -- same content, canonical location
<ivoks> interesting bug
<twb> Sounds like a kernel misfeature
<twb> In any case, calling conntrack -S instead will DTRT, it says
<twb> ivoks: what did *you* think "cc" meant?
<ivoks> Command & Conquer :)
<twb> Sheesh
<ivoks> Creative Commons
<ivoks> :)
<ivoks> C.C. from Santa Barbara tv show
<twb> Admittedly I was talking about C&C networks (nowadays more like C3I) today, and I could see that going bad the same way...
<huats> morning
<uvirtbot> New bug: #719239 in mysql-5.1 (main) "Debconf should give a warning about .my.conf" [Undecided,New] https://launchpad.net/bugs/719239
<teddymills> how does one install new kernels in ubuntu-server ?
<TheInfinity> apt-get update / upgrade?
<Japje> if its available from the repositorys it will be apt-get upgrade'able, or you can compile your own kernel
<qman__> kernels won't install from just an upgrade, you need dist-upgrade or full-upgrade
<_ruben> apt-get dist-upgrade in case there's been an abi bump in the kernel package
<qman__> since it requires installing new packages
<teddymills> apparently linux-image-2.6.35-22-virtual is alerady installed, I am using 35-25, I need to switch back to 22...how can i do that ?
<apw> teddymills, the answer would depend how you are consuming it, is this xen, kvm, ec2?
<teddymills> Ec2..i see /boot/grub/grub.cfg    with the grub entries...isnt there a grub command to say what entry to use? or does it take the first i nthe list ?
<teddymills> default=0, and it is loading 35-25 (not what I  want)  35-22 kernel is number 4..counting from 0..so if i set default=4 that should work
<teddymills> or it could kill the ec2, very bad  :(
<teddymills> i think it will play it safe on this one, and do it on a test instance first. the instance can wait a day. it will take many people a week to put the instance back together
<uvirtbot> New bug: #719260 in openssh (main) "X509 support for openssh" [Undecided,New] https://launchpad.net/bugs/719260
<axisys> ivoks: do you have a blog or link with some more details? I wish that link has some examples for newbies
<jo-erlend> I'm installing the LAMP task in 10.04. Three times, it asks me if I want to set a password for the MySQL root user. Why?
<pmatulis> jo-erlend: it checks 3 times during that particular install whether root has a p/w
<jo-erlend> yes, but why do I have to answer the same question over and over?
<pmatulis> jo-erlend: you input a p/w and it asks again you mean?
<jo-erlend> I chose not to use a password. It continues its work, and then it asks me for that password again. I choose not to use one, and a little while later, it asks again.
<pmatulis> jo-erlend: right, i saw the same just yesterday.  probably if we put in a non-blank p/w the first time it would not prompt again
<pmatulis> jo-erlend: but you'll need to verify that to be sure
<zul> JamesPage: i noticed you added the amd64 lucid tests can you add the i386 ones as well
<ivoks> axisys: details for what?
<hggdh> JamesPage: we are running out of disc space on hudson...
<RoAkSoAx> morning all
<patdk-wk> hggdh, call up dallas then
<hggdh> patdk-wk: will keep that in mind ;-)
<zul> hggdh: are you guys still suffering from winter armageddon
<hggdh> zul: not anymore, but it is still cold -- 70F/18C
<hggdh> :-)
<zul> yeah thats cold...:P
<JamesPage> hggdh - I'll take a look at the space issue - I can prob make a minor amend to the package to make it a bit more economic
<Roasted> Hey there guys. Trying to set up a certificate with freeradius. I'm generating it from a server.cnf and client.cnf file. I'm curious if anybody knows which values I'm supposed to edit in these files prior to running sudo make (which makes the certificate)
<hggdh> JamesPage: meanwhile I am claning up a bit of space so that Hudson can run again (right now it seems it died a most horrible death)
<JamesPage> gah - sounds nasty.
<JamesPage> do we have anything in the artifacts created by each build that could be compressed as well?
<RoAkSoAx> hggdh: here it is 14C/47F
<hggdh> JamesPage: certainly the d-i syslog, each goes from 500K- 1M
<hggdh> RoAkSoAx: now *this* is something... Miami, is it not?
<JamesPage> OK - I'll update the config to compress this file post test execution.
<RoAkSoAx> hggdh: yes Miami
<hggdh> JamesPage: also, how about just keeping the last 'n' runs?
<hggdh> ('n' to be discussed)
<hggdh> JamesPage: a good candidate, probably, is the console output
<JamesPage> that would be good as well - that would be a Hudson thing rather than usit but it should be possible
<JamesPage> hggdh: are you bouncing it at the moment?
<hggdh> JamesPage: I will in 3 min, just finishing applying updates (Hudson was dead on the water, anyway, 503 error)
<hggdh> prolly something about wanting some space to write something or other, rather picky programme
<JamesPage> :-)
<hggdh> JamesPage: rebooting now
<JamesPage> hggdh: let me know when its back up - I can then re-config the jobs to make then kinder on disk space.
<JamesPage> I'll also push a new version of the package to the PPA later today to help as well (removing the build number from the workspace directory - no longer needed)
<hggdh> JamesPage: well, it is up, but still sick
<JamesPage> lemme log in and take a look - alot of the jobs will be holding artifacts that they should not be.
<axisys> ivoks: well.. do you setup a dhcp in same network?
<hallyn> kirkland: let me knwo if you see any more problems with my vgabios package;  if not i'll go ahead and clean them up and put them on p.c.c for you (with fixed changelogs) to dput
<ivoks> axisys: of course
<hallyn> kirkland: drop-off duty, bbl
<axisys> ivoks: ok
<khalid_> someone I can be in form of the asterisk server
<ZacLnxNewb> Hey
<ZacLnxNewb> I found a program that can play music on my server's audio speakers
<ZacLnxNewb> and it allows me to stream my music to any device across the internet
<ZacLnxNewb>  :D
<RoAkSoAx> kirkland: ping
<JamesPage> hggdh: man where those installer logs taking up alot of space!
<hggdh> JamesPage: yes... amazing what we do for data, is it not?
<JamesPage> hggdh: its still compressing by there is more than 50% free space in the filesystem now.
<hggdh> JamesPage: super!
<hggdh> JamesPage: now, why does it return a blank page on the web?
<JamesPage> hmm - I don't have that issue
<hggdh> perhaps cache on my side. I will clear it
<hggdh> no, it's just firefox misbehaving. All is kosher now
<RoAkSoAx> kirkland: never mind :)
<kirkland> RoAkSoAx: here now
<kirkland> hallyn: go ahead and push them all to p.c.c
<kirkland> hallyn: i'll pick them up, build locally, test, and upload
<axisys> ivoks: is there a way to record my lvm create operation.. so I can put that in preseed ? I already built a box with lvm2 .. is there a way to generate a pressed for disk parition section based on the lvm2 I already have on a machine otherwise?
<JamesPage> hggdh, zul: I've created i386 versions of the lucid regression ISO tests in Hudson; I've not run them yet but looking at the amd64 versions they should be OK.
<ikonia> axisys: you can make lvm map files
<hggdh> JamesPage: thank you
<zul> JamesPage: cool ill run them this afternoon thanks!
<axisys> ikonia: how to do I do it
<axisys> ikonia: ?
<ikonia> axisys: look at vgexport
<ikonia> be very careful
<axisys> ikonia: these are not production systems yet
<ikonia> ok, don't be careful
<axisys> ikonia: lol
<RoAkSoAx> kirkland: bug #717643
<uvirtbot> Launchpad bug 717643 in qemu-kvm "package qemu-kvm 0.13.0 noroms-0ubuntu12 [modified: usr/share/man/man1/qemu-user.1.gz] failed to install/upgrade: trying to overwrite "/usr/bin/qemu-system-ppc64" wich is also in package qemu-system 0.13.50-2011.02-0-0ubuntu1" [Undecided,New] https://launchpad.net/bugs/717643
<axisys> ikonia: ok.. not following .. vgexport will just export my volume.. when i run vgexport -a .. it says rootvolg0 has active logical volumes
<ikonia> axisys: you can't export while the volumes are active, you want to look at the -m option
<ikonia> I think -p -s -m $mapfile rootvolg0 will allow you to do it while the volume is active
<ikonia> rusty with this on Linux
<ivoks> axisys: you can, but it's not automatic; you'll have to write the rules your self
<axisys> ikonia: let me try that.. sorry was on the phone
<axisys> ikonia: vgexport does have -p or -s or -m option
<axisys> ivoks: there is an example lvm on line 66 here http://pastebin.com/xXxx0n3q
<axisys> what are those numbers .. like 500 10000 1000000000
<axisys> may be I change them to something like mine..
<axisys> i got those example from http://www.pro.instalinux.com/cgi-bin/coe_profiles.cgi
<RoAkSoAx> hggdh: Now that you guys testing candidates for 10.04.2. shouldn't http://iso.qa.ubuntu.com/qatracker/dllist be updated?
<ivoks> axisys: i'm not sure... i always partition disk manually
<hggdh> RoAkSoAx: I do not have access to it; additionally I am not familiar with the procedures... sorry
<hggdh> but I think it will get updated very soon
<ivoks> axisys: http://debian.ues.edu.sv/compartidos/neozerosv/ciberues/partman-auto-recipe.txt
<Roasted> So I just generated a CA for use with FreeRadius, but I'm curious - is there a specific directory I'm supposed to put it in or does it do it automatically?
<RoAkSoAx> hggdh: ok thanks ;)
<hallyn> kirkland: oh, can you show me a debdiff for your fix for qemu-ppc64?  (I still don't see that in my local archive)
<hallyn> kirkland: actually i had two more questions:
<hallyn> kirkland: 1. do you think we should make a symlink /usr/share/qemu/seabios.bin
<uvirtbot> New bug: #717853 in php5 (main) "apache2 crashed with SIGSEGV in _zend_hash_add_or_update()" [Medium,New] https://launchpad.net/bugs/717853
<hallyn> kirkland: 2. I'm linking the vgabios bins into /usr/share/kvm.  Do we prefer that, or /usr/share/qemu?
<disco> hello
<disco> Is there anybody here who tried to install GNU/Linux (Ubuntu Server, Debian) on a HP ProLiant ML330 G6 server ?
<axisys> ivoks: thanks for the link.. i guess i should partition them manually too.. cuz.. most of the time same partition does not apply to two systems same way..
<disco> I have some hard disk performances issue. Indeed the NCQ doesn't seem active and this means quite big latency
<axisys> ivoks: thanks for the link
<kirkland> hallyn: hmm, good questions
<hallyn> I'm using /usr/share/kvm figuring that's "our playground"
<kirkland> hallyn: yeah, i think that's right
<hallyn> the seabios symlink hasn't been created before, so I assume noone has wanted it
<kirkland> hallyn: ideally, we'll use the same bios bins as qemu-linaro
<hallyn> kirkland: say, waht does a red '4!' at the bottom middle of my byobu screen mean?
<kirkland> hallyn: 4 updates available
<hallyn> ah
<kirkland> hallyn: man byobu; /updates_available
<hallyn> thx
<kirkland> np
<kirkland> hallyn: 1 x ! means normal updates, 2 x !! means some updates are security-critical updates
<hallyn> it's not my box so I shoud probalby shut that notifier off :)
<kirkland> hallyn: (which won't happen while Natty is under development, but rather after it releases the security team gets going on natty security updates)
<kirkland> heh
<hallyn> kirkland: do you have a debdiff for the qemu-ppc64 manpage fix?
<hallyn> kirkland: it doesnt' look like you've pushed the fix...
<kirkland> hallyn: um, i thought slangasek committed that?
<hallyn> doh!
<hallyn> not near as I can tell
<hallyn> kirkland: packages of the source files are on people.canonical.com/~serge: qemu-kvm_0.14.0+noroms-package.tar.gz  seabios_0.6.1.2-package.tar.gz  vgabios_0.6c-2ubuntu2-package.tar.gz
<hallyn> now to hopefully finish up with libvirt.  Just in time for libvirt-0.8.8 to be released, too!
<hallyn> jdstrand: people.canonical.com/~serge/libvirt_0.8.7-0ubuntu1-package.tar.gz afaics addresses all your previous feedback, and builds on arm, ppc, and amd64
<zul> hggdh: i just kicked off a bunch of lucid-i386-tests
<hallyn> uh, though scp appears to have stalled, so: libvirt_0.8.7-0ubuntu1-package.tar.gz will have it in a few minutes :)
<hggdh> zul: perfect, thank you
<Roasted> So I just generated a CA for use with FreeRadius, but I'm curious - is there a specific directory I'm supposed to put it in or does it do it automatically?
<kirkland> hallyn: okay, uploaded seabios and vgabios
<kirkland> hallyn: working on a few things in qemu-kvm
<hggdh> zul: I scheduled the remaining jobs on i386
<kirkland> hallyn: what is -rw-r--r-- root/root      2971 2011-02-09 07:22 ./usr/etc/qemu/target-x86_64.conf
<kirkland> hallyn: and why is it in /usr?
<zul> hggdh: good good
<hggdh> smoser: there?
<smoser> here
<axisys> need some help with accessing the serial port of the guest os from host
<axisys> i have the serialport setup to com1 / host pipe / create pipe and path is /tmp/vbox-serial
<axisys> minicom: cannot open /tmp/vbox-serial: No such device or address
<axisys> srwxr-xr-x 1 iqbala iqbala 0 2011-02-15 12:19 /tmp/vbox-serial
<axisys> so virtual serial port is created during the guest os start
<axisys> minicom -D /tmp/vbox-serial is not working from host os
<jdstrand> hallyn: thanks!
<hallyn> kirkland: good question - and it's in 0.13.0 too
<kirkland> hallyn: okay, weird
<kirkland> hallyn: i'm not going to block on it, but i'm trying to fix it
<hallyn> kirkland: looks like Makefile just does that for us with
<hallyn>         $(INSTALL_DATA) $(SRC_PATH)/sysconfigs/target/target-x86_64.conf "$(DESTDIR)$(sysconfdir)/qemu"
<smoser> hggdh, ^
<hallyn> (presumably sysconfdir is messed up)
<kirkland> hallyn: hmm, yeah, it should go to /etc, not /usr/etc
<kirkland> hallyn: maybe it's just DESTDIR that needs to be dropped
<hallyn> kirkland: haha, they meant to do /usr/local/etc/qemu
<hallyn> no, can't drop DESTDIR!
<kirkland> hallyn: hmm, that's weird too
<hallyn> nah, /usr/local is just like that :)
<hallyn> question is, is qemu-kvm on our builds expecting it in that localtion
<kirkland> hallyn: right, well, we can hack it with a mv in debian/rules
<kirkland> hallyn: there's a few of those in there
<hallyn> but (a) what is the right place and (b) will qemu get upset
<disco> It looks like I've some bad performances on a HP server. bonnie++ gives 82 Mb/s in writting and 150 Mo/s when reading. However when the test is processed there is big latency. ie. when saving a file from Vim it takes about 5-10 seconds to save it and gives control back. NCQ is activated. Server is a HP ProLiant ML 330 G6. And I'm testing ubuntu-server version 10.10 x64.
<disco> Any resources somewhere to debug this ?
<kirkland> hallyn: /usr/local/etc/ is empty here
<kirkland> hallyn: and is qemu even using it?
<hallyn> dunno
<hallyn> that file has had only one commit: the one adding it to the file
<hallyn> s/it to//
<kirkland> hallyn: these are weird
<kirkland> hallyn: http://pastebin.ubuntu.com/567412/
<kirkland> hallyn: these are keeping me from being able to build/rebuild/rebuild
<hallyn> kirkland: weird:
<hallyn> lrwxrwxrwx  1 kirkland kirkland    51 2011-02-15 11:07 *.bin -> /tmp/serge/qemu-kvm-0.14.0~rc1+noroms/pc-bios/*.bin
<axisys> how do I tell isolinux.cfg to pick text.cfg as default?
<axisys> this is the default isolinux.cfg
<axisys> http://pastebin.com/BkLKsfFj
<axisys> looks like it takes text.cfg as the default.. i am just not sure how it knows to pick text.cfg as default
<hallyn> jjohansen: git://kernel.ubuntu.com/jj/ubuntu-natty.git actually looks quite nice to me.  DIdn't see any problems yet.
<jjohansen> \o/
<hallyn> jjohansen: I do wonder what might happen if some rogue admin does a setxattr on trusted.ecryptfs while someone has the file mounted and open...
<jjohansen> uh yeah that is something I haven't tested
<jjohansen> I actually have a couple small changes I am testing that I need to push up
<warren_> Hey everyone! I am kinda a newbee with linux, I was wondering if there is someone out there who might be able to help me set up CGI webserver. I allready got apache installed and I have PHP installed but for some reason my CGI is not working. I appreciate the help
<hggdh> zul: do not reboot mepedak right now
<zul> hggdh: k
<SpamapS> warren_: typically PHP is used with mod_php, not CGI
<zul> SpamapS: right but some hosting companies still use cgi
<warren_> I understand, I was just kinda letting you know where I was at.
<SpamapS> warren_: if you install the libapache2-mod-php5 package that will make your server execute php scripts
<warren_> It is a home server
<warren_> my PHP alrleady works
<SpamapS> zul: some *ridiculous* hosting companies you mean
<warren_> I am trying to get CGI scripting up and running
<warren_> instead of CGI what do you all think I should use?
<zul> SpamapS: right the one i worked for did
<SpamapS> warren_: ahh.. do you have mod_cgi enabled?
<warren_> I do not think so
<warren_> I installed the right app forcgi
<SpamapS> zul: a friend of mine who inherited a bunch of CGI customers when he bought another hosting company just moved them all over to fastcgi .. they run the fastcgi daemon as themselves and mod_proxy uses a map rule to send requests to the right fastcgi daemon.
<SpamapS> zul: went from 10 servers for 500 users to 2 servers for 500 users.
<warren_> how would I enable mod_cgi?
<zul> SpamapS: i was in the late 90s and zeus was the webserver
<SpamapS> warren_: simplest way would be a2enmod cgi
<warren_> is that the package?
<SpamapS> warren_: you will probably also want to read the manual for mod_cgi and add ScriptAlias or other stanzas to your configs to make it work exactly right
<SpamapS> Whoa
<SpamapS> whats happening on Freenode today?
<incorrect> i am thinking about putting ubuntu on my usb drive and turning my disk array over to my vm's
<Guest95985> spamap5: thanks
<Guest95985> for your help
<kirkland> hallyn: okay, qemu-kvm uploaded
<kirkland> hallyn: see the changelog for the extra stuff i fixed
<Gangsta> I AM IMMUNE TO BANS!
<Gangsta> I have 100s of networks
<Gangsta> !opos
<Gangsta> !op
<Gangsta> !ops i am immune
<Pici> nope.
<chrism0dwk> Hi all!  Can anybody here help me with an LDAP/Kerberos question or two?
<chrism0dwk> The $1M question:  Is there a standard way to add a user in an LDAP+Kerberos setting /without/ having first to add the LDAP record, then having to add the Kerberos principle?
<warren123> anyone know what the up and coming new webstie scripting language is? I am just getting into it and want to language I should learn
<warren123> know*
<chrism0dwk> And: why should 'su' stop working after I have switched to Kerberos authentication?
<uvirtbot> New bug: #719546 in euca2ools (main) "Missing port number in EC2_URL treats whole URL as host" [Undecided,New] https://launchpad.net/bugs/719546
<zul> hallyn: got a sec?
<hallyn> zul: what's up?
<zul> hallyn: what is the lxc-basic.conf in your lxc-libvirt-scripts directory
<hallyn> zul: it's processed by lxc-create to set some container defaults
<zul> hallyn: so you need lxc-create in order to use libvirt with lxc?
<Sophia23> how can i remove the following message from the bottom of the index page?  "Apache/2.2.16 (Ubuntu) Server at 47.132.244.256 Port 80"
<hallyn> zul: no, it was just how i was starting
<zul> Sophia23: search for ServerTokens on google
<uvirtbot> New bug: #719547 in euca2ools (main) "euca2ools doesn't parse EC2_URL correctly" [Undecided,New] https://launchpad.net/bugs/719547
<hallyn> zul: in fact, now with the lxcguest package, you should be able to just debootstrap and then install lxcguest package
<zul> hallyn: ok
<zul> hallyn: its starting to annoy me sometimes when i try to connect to the console the container just disapears after i disconnect from it
<hallyn> zul: yes.  there is an open bug for that assigned to soren :)
<zul> hallyn: oh...which bug number is that?
<hallyn> and it was one reason why i wanted to write the libvirt-lxc2 driver
<hallyn> zul: bug 668369
<hallyn> oops, it's not assigned
<uvirtbot> Launchpad bug 668369 in libvirt "closing libvirt-lxc console kills container" [Medium,New] https://launchpad.net/bugs/668369
<hallyn> (this came out of last uds)
<zul> ah ok..
<zul> apparently thre is a patch
<hallyn> where?
<zul> hallyn: http://www.redhat.com/archives/libvir-list/2010-June/msg00688.html
<zul> ah that patch has been already applied
<zul> hallyn: so should i not be using libvirt for this since it seems to be kind of wonky?
<Sophia23> @zul, can not find which file contains the settings, its not in the main apache config
<hallyn> zul: isn't uec pretty much based on libvirt?
<hallyn> zul: if this blocks you, then I may have to move the libvirt-lxc2 driver creation back into natty cycle (i'd marked it 'proposed')
<zul> hallyn: this is openstack actually i rather have a working libvirt dirver for lxc though how much effort does it take?
<hallyn> zul: i've never written such a driver before, so i'd estimate two otherwise-uninterrupted days
<zul> hmmm
<hallyn> zul: but the q is, does the console thing block you?
<zul> hallyn: yeah because you get to get console output for some of the eucadrivers to work
<hallyn> hm
<zul> eucadrivers = euca tools
<hallyn> yeah that sounds like a problem
<zul> im leaning towards using the lxc tools
<hallyn> how?  is that feasible?
<hallyn> if it is, then that's the wya to go
<hallyn> my driver would just be a wrapper aroudn thsoe tools anyway
<zul> really the driver in openstack just calls the user land tools
<zul> it just makes it a bit more complicated :)
<b0gatyr> hi everyone, I have virtualbox running a 64 bit guest OS (win7) but i've noticed that if I lock my ubuntu box and then come back a few minutes later virtualbox will no longer be open like if it crashed..what can cause this?
<guntbert> b0gatyr: I try to avoid creating such a condition - I always suspend the VMs before the host
<zul> hallyn: im just not sure how the lxc.mount = stuff works
<b0gatyr> guntbert: can I just pause the VM?
<guntbert> b0gatyr: could already help, though I usually <host>Q them
<b0gatyr> guntbert: n00b question, when i do <host> q I get 3 choices if I want to suspend I need to pick "save current state" ? dont see suspend anywhere
<guntbert> b0gatyr: yes, thats the one (btw virtual box support is to be found in #vbox :-))
<hallyn> zul: I assume you are using a full debootstrapped image right?  so you shouldn't need to do much with the config.  just do lxc.mount = /var/lib/lxc/<container>/fstab
<zul> hallyn: cool that will make it lot more easier
<hallyn> zul: easiest is to do a 'lxc-create -n natty -f /etc/lxc-basic.conf -t natty' and look at the resulting example under /var/lib/lxc/natty1
<hallyn> cause yeah the terminology is not amenable to sight-reading, too much re-use of words like root and mount
<RoAkSoAx> zul: likewise-open package by upstream right?
<axisys> got it! becasue text.cfg is the only place where install is labeled and isolinux calls install by default if nothing is typed
<axisys> learning so much about syslinux
<zul> RoAkSoAx: yep
<RoAkSoAx> zul: so it is ok to have the changelog versioning like "likewise-open (6.0.0.53010-3) natty"
<RoAkSoAx> if upstream itself is providing a fix
<zul> RoAkSoAx: yeah i dont see why not
<rtdos> somebody from this channel just sent me a private message but i closed it out before i could reply ?
<RoyK> not me :P
<RoAkSoAx> zul: so I thought :). Could you sponsor bug #716615 then, please?
<uvirtbot> Launchpad bug 716615 in likewise-open "likewise-open 6.0.0.53010-2 fails to build" [Undecided,New] https://launchpad.net/bugs/716615
<Kooothor> hello, what is the signification of a package name followed by {a} when installing new software ?
<guntbert> Kooothor: {a}utomatically installed because of dependeny
<Kooothor> guntbert: ok thanks :)
<guntbert> Kooothor: you're welcome :-)
<zul> RoAkSoAx: unless you find someone ill do it tonight when i get home
<Kooothor> kthxbaÃ¯
<RoAkSoAx> zul: no worries. I subscribed it to ubuntu-sponsors either way. Though some people don't like the -X versioning instead of -0ubuntuX
<axisys> anyidea why ubuntu installation is not reading my preseed file .. in my isolinux.cfg I showed where the preseed file is http://pastebin.com/X1AWbeU8
<axisys> in my preseed my i define the language, locale and few other things.. it is still asking me those during install
<zul> RoAkSoAx: ok done....gone for real now
<RoAkSoAx> zul: cool thanks ;)
<ZacLnxNewb> hi
<ZacLnxNewb> What's the best DNS updater client?
<ZacLnxNewb> I've been searching for awhile
<MTecknology> wasn't there some way to do the fastest mirror thing from cli?
<MTecknology> or do I need to install synaptic on my server and use ssh -X?
<RoyK> apt-get update && apt-get dist-upgrade
<RoyK> or do-release-upgrade if you want to jump to a new distro level
<MTecknology> RoyK: my question wasn't how to update though..
<RoyK> MTecknology: apt-get update && apt-get dist-upgrade
<MTecknology> or s/update/upgrade/
<RoyK> dist-upgrade will take you to the latest release of your major version
<RoyK> do-release-upgrade will take you to the next version
<MTecknology> read my question again please..
<MTecknology> I want to know how to use the fastest mirror feature in synaptic from the command line
<MTecknology> !info netselect
<ubottu> Package netselect does not exist in maverick
<MTecknology> !info apt-spy
<ubottu> Package apt-spy does not exist in maverick
<MTecknology> !search netselect
<ubottu> Found:
<MTecknology> :(
<MTecknology> hm... I found https://github.com/hychen/getfastmirror but that seems to not work...
<MTecknology> maybe there isn't a way to do it?...
<jiboumans> smoser: http://ubuntu-smoser.blogspot.com/2011/02/migrating-to-pv-grub-kernels-for-kernel.html
<jiboumans> smoser++ # awesomeness
<hallyn> kirkland: well bug 693341 resurfaced
<uvirtbot> Launchpad bug 693341 in qemu-kvm "FTBFS armel due to memory exhaustion" [Low,Confirmed] https://launchpad.net/bugs/693341
<hallyn> we want to build the x86 emulators for all arches from qemu-kvm, right?
<kirkland> hallyn: ah, yeah, we need to reintroduce your fix
<kirkland> hallyn: please propose a merge for lp:ubuntu/qemu-kvm, and i'll upload right now
<hallyn> kirkland: it's not just that fix
<kirkland> hmm
<hallyn> so long as you don't object, I think all of the 'ifeq(DEB_HOST_ARCH,X)' lines need to go back into debian/rules
<hallyn> kirkland: in other words, I propose we revert all but the second-to-last and third-to-last hunks of https://pastebin.canonical.com/43411/
<hallyn> anyway, i'm heading outside.  I'm hoping my kernels finish building tonight so I can finish some tests late
<hallyn> bbl
<twb> Being arm, I guess you can't just slap another 8GB of RAM into the buildd?
<kirkland> hallyn: cool
<sirderigo> hi people. i am going insane with a Ricoh SP 3200sf, Â¿is it possible to get it working anyway?
#ubuntu-server 2011-02-16
<kirkland> hallyn: "all but the XXX hunks" ... that's hard to read;  just send me a diff or a branch :-)
<axisys> ivoks: do you have a same isolinux.cfg file that works... I cannot seem to make ubuntu installation read the preseed file ..
<axisys> ivoks: posted my question here
<axisys> ivoks: http://comments.gmane.org/gmane.linux.ubuntu.server/5034
<nertil> is it posible to play games in server?
<Pici> nertil: sure, the bsdgames package has a bunch of cli games, and nethack is always fun.
<Pici> !info moon-buggy
<ubottu> moon-buggy (source: moon-buggy): Drive a car across the moon. In component universe, is optional. Version 1.0.51-9 (maverick), package size 210 kB, installed size 376 kB
<pmatulis_> related to 'moon patrol'?
<Pici> If I'm remembering correctly, its similar.
<pmatulis_> i remember the arcade game
<imthenachoman> hey guys. any recomendations on which firewall to use. I was thinking Shorewall?
<twb> There is only one firewall: netfilter.
<twb> Everything else is a (theoretically) "user friendly" layer on top of netfilter.
<imthenachoman> okay. i see. then which "user friendly" layer do y'all recommend?
<twb> If you don't want to learn, and you have simple needs, try ufw.  If you have complex needs AND you prefer to learn a wrapper instead of how to do it yourself, you can try shorewall.
<twb> IMO shorewall only pays off if you have a whole machine room and a big bag of exceptional cases.
<imthenachoman> right now i am learning in a virtualbox ubuntu server install. eventually, i am going to get a VPS hosted webserver. so i want to learn something i can use for those
<twb> For my network, with seven networks, about thirty hosts and a single router, I just use iptables-restore directly (on the router); the ruleset is only 86 lines long.  It would be substantially longer in shorewall.
<twb> Because netfilter has simple sequences of arbitrary rules, but shorewall's rules are rigidly structured into tables.
<imthenachoman> well i am thinking if i am using a vps hosted service, then i might not need firewall
<imthenachoman> so i dont know...not gonna learn it if don't need it
<shauno> be worth checking with your host on that one. most do recommend a firewall on a vps
<EvilPhoenix> you definitely need a firewall on a VPS
<EvilPhoenix> most VPS hosts put an internet-facing IP to the VPS
<EvilPhoenix> and thus its visible to the entire internet and thus vulnerable to attacks
<hallyn> kirkland: why did you take the '-s' option out of debian/rules?  it won't matter for arm builds, but just wondering why
<kirkland> hallyn: i don't think i did;  probably in slangasek's change?
<fakhir> is there a recommended bandwidth graph application? mostly concerned with HTTP traffic.
<hallyn> kirkland: ah. hm.
<hallyn> kirkland: http://launchpadlibrarian.net/64430687/debdiff  should fix the arm build failure
<yellowblue> Im true gangsta
<yellowblue> !ops
<kirkland> hallyn: uploading/sponsoring now
<kirkland> hallyn: done
<_1094kms> I just did an 'iptables -F' and ubuntu 10.04 doesn't respond anymore - that should't happen right?
<twb> _1094kms: wrong.
<twb> _1094kms: that is by design, and your lesson today is "do not use iptables(8); use iptables-restore(8) (or iptables-apply)".
<_1094kms> I guess that is a lesson - I don't have remote access :-) Does it shut down the iface?
<twb> No, it flushes all the rules.
<_1094kms> so why is it completely dead now? - just did an nmap from a remote machine and it doesn't respond at all.
<twb> In a "default deny" environment (which is the only workable way to run a firewall), that will result in all packets being dropped.
<_1094kms> strange - I tried the same command on my dev server and no problems.
<twb> That's obviously because your dev server has a weak or nonexistent firewall
<_1094kms> Will I have to reapply some rules manually or will a reboot suffice?
<twb> iptables -F only affects the running system
<_1094kms> kk - I guess the rest will have to wait till tomorrow - thx twb for that lesson :-)
<twb> Unless you have an on-shutdown script that dumps the ruleset into a persistent area, a reboot should revert your change
<_1094kms> I don't actually know where those rules came from. There was nothing in the if.up scripts
<lifeless> SpamapS: hey, how is cassandra packaging atm?
<twb> _1094kms: most likely someone has done "ufw enable".
<twb> _1094kms: otherwise, something like shorewall or iptables-persistent might be installed.
<_1094kms> I will check it out as soon as I get access back.
<semanticpc> in bash script how do I redirect my output of a command inside the bash script to a file ?
<kaushal> hi
<SpamapS> lifeless: re cassandra packaging.. its about 60% from the archive.. 40% bundled jars..
<SpamapS> lifeless: 0.7.1 came out yesterday... 0.7.2 should be out tomorrow to fix the huge bug introduced.
<SpamapS> lifeless: I still have my doubts about their ability to support users long term.
<SpamapS> lol.. status.aws.amazon.com is down
<lifeless> SpamapS: do we have an alternative ready-to-roll for in-dc use?
<SpamapS> lifeless: one that supports as many general use cases as Cassandra? no.
<lifeless> whats the one that hadoop can run directly from
<SpamapS> I think there are quite a few more focused scalable data stores out there... cassandra's power is its flexibility.
<SpamapS> HDFS
<SpamapS> yeah its pretty good
<lifeless> thats right
<SpamapS> or HBase
<SpamapS> they're related
<lifeless> HBase, thats the one
<lifeless> is it in use inside canonical atm?
<SpamapS> don't think so, but I could be wrong
<havoc74> Good morning!
<uvirtbot> New bug: #719833 in openssh (main) "ssh upstart job fails to actually bring up ssh" [Undecided,New] https://launchpad.net/bugs/719833
<havoc74> I'm new to server admin and have a few questions. First I've got an IBM x235 with 2 36gb drives and 3 72gb drives. What kind of RAID setup would be best?
<_ruben> a common setup would raid1 over the 2 26g disks and raid5 over the 3 72g disks .. tho it all depends on your needs/wishes/etc
<_ruben> oh he'd left already :p
<ZacLnxNewb> hi
<ZacLnxNewb> I'm having trouble with DDclient
<ZacLnxNewb> Can anyone suggest anything?
<ZacLnxNewb> to use as a dynamic ip address updater?
<huats> morning
<uvirtbot> New bug: #719898 in logwatch (main) "logwatch does not report cron events" [Undecided,New] https://launchpad.net/bugs/719898
<lephisto_> ahm
<lephisto_> https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/719333
<uvirtbot> Launchpad bug 719333 in lvm2 "CLVM not locking LV's properly even when set to "exclusive"" [Undecided,New]
<lephisto_> can anyone please care?
<lephisto_> .. rendering ubuntu lucid unusable for cluster usage
<lephisto_> (except you wanna ruin the whole datacetnter)
<lephisto_> dumdidumdidum
<lephisto_> no one cares, really?
<lephisto_> i'm uncertain what to do
<lephisto_> ww
<twb> Wait for someone to triage the ticket, I imagine
<aliverius> $ sudo smartctl --attributes --log=selftest --quietmode=errorsonly /dev/sdb
<aliverius> Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
<aliverius> # 1  Extended offline    Completed: read failure       40%         0         2780828360
<aliverius> this means i have a faulty disk right?
<patdk-lap> or a bad sector that hasn't been relocated
<twb> patdk-lap: yes
<twb> If a self-test fails, start shopping for a new disk
<twb> The other error threshold stuff in smartctl is more paranoid, I tend to only look at self-test results
<aliverius> patdk-lap: twb so it is serious or can i take other measures?
<aliverius> lke letting the disk relocate the sector...
<twb> aliverius: go buy a new disk
<aliverius> i will rma that one
<aliverius> for the second time
<aliverius> i was going to rebuid the raid 1
<aliverius> i havent done it before so at least let me educate myself before sending it back!
<patdk-wk_> aliverius, you can attempt to make the disk relocate it, by writeing to that sector
<patdk-wk_> in my experiance though, it doesn't work well, and just rma it
<aliverius> i will rma it
<aliverius> afterall i forced it to work:
<aliverius> when i first connected it it was doing some spinning noises and the system couldnot detect it at boot
<aliverius> so i gave it a little kick
<aliverius> and that fixed the problem:P
<aliverius> if either the bad sector was created by me or it was there already, i will rma it
<aliverius> i just did the smart test in case i could avoid it
<patdk-wk> hmm, you can't create bad sectors :)
<twb> patdk-wk: open the drive up in a dusty workshop
<patdk-wk> twb, in normal usage :)
<patdk-wk> sure, a hammer always works :)
<twb> shake it, then
<patdk-wk> twb, normal usage by people >5years old :)
<twb> Hmm, why is my custom linux-image .deb 438MiB wide?
 * patdk-wk always perferred his binarys long, vs wide
<twb> Because dbg
<twb> When you copy Debian's .config, you get -dbg turned on, but upstream's make deb-pkg doesn't know about it
<twb> No wonder I needed like 12GiB
<aliverius> can you guys help me rebuild the raid 1 array?
<twb> Do I look psychic?
<JamesPage> hggdh, zul: I just completed a minimal virtual install ISO test case - it all looks OK but the kernel installed is -generic-pae rather than -virtual
<zul> for lucid or natty?
<patdk-wk> twb, yes
<twb> Funny, that's not what you thought.
<JamesPage> zul: lucid
<zul> JamesPage: weird ill try today
<RoAkSoAx> morninh sll
<compdoc> who is this sll person of which you speak?!
<uvirtbot> New bug: #720071 in munin (main) "munin-node amavis spam stats" [Undecided,New] https://launchpad.net/bugs/720071
<b0gatyr_> anyone with a trimonitor setup?
<RoAkSoAx> kirkland: ping?
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland: Howdy!! Do you think we should ship the second stage action for powersave by FF? Anything else you'd like to see in PowerNap before that date?
<kirkland> RoAkSoAx: hmm
<kirkland> RoAkSoAx: i have not tested the 2nd stage yet
<kirkland> RoAkSoAx: don't enable it by default
<kirkland> RoAkSoAx: but if you're happy with it, then sure, ship it by FF
<RoAkSoAx> kirkland: haven't yet implemented it :)
<kirkland> RoAkSoAx: oh, well, don't rush it
<kirkland> RoAkSoAx: PowerNap is looking *awesome* for Natty as it is
<kirkland> RoAkSoAx: i thought of one thing this week... (forgotten it at the moment)
<RoAkSoAx> kirkland: PowerNap in natty indeed rocks!!
<RoAkSoAx> kirkland: when it comes back to your mind just let me know. Btw. where you able to figure out why things failed in your case?
<kirkland> RoAkSoAx: it's working great now
<kirkland> RoAkSoAx: oh, i remember
<kirkland> RoAkSoAx: we do need a powerwake-now utility
<kirkland> RoAkSoAx: that does a pm-powersave false
<kirkland> RoAkSoAx: and fixes the state in powernapd
<kirkland> RoAkSoAx: it should really just send a signal to powernapd
<kirkland> RoAkSoAx: and let powernapd handle it
<kirkland> RoAkSoAx: and then we need to call that in the powernap upstart script on pre-stop
<kirkland> RoAkSoAx: so that if someone does "sudo stop powernap", it will undo the powersave state
<kirkland> RoAkSoAx: otherwise, things get a little out of wack, if your system is powernapping, and then you kill powernapd from upstart
<RoAkSoAx> kirkland: ok cool. Yeah I'll add the powerwake-now tool today
<kirkland> RoAkSoAx: powerwake-now should be a *really* simple shell script, that just sends SIGUSR1 or SIGUSR2 to powernapd
<kirkland> RoAkSoAx: powernapd needs a handler for SIGUSR2
<RoAkSoAx> kirkland: yeah, will be exactly the same as powernap-now
<lephisto_> re.
<edge> I'm having trouble finding the documentation on adding things to the startup on 10.10. Does anybody have that handy? i want to start some services at boot.
<hallyn> edge: you're looking for upstart documentation
<hallyn> SpamapS: ^ where would you say a beginner should start looking?
<uvirtbot> New bug: #711809 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/711809
<edge> hallyn: having the name helps thanks. I didn't know what ubuntu called that system
<RoAkSoAx> SpamapS: ping?
<RoAkSoAx> kirkland:
<RoAkSoAx> kirkland: http://paste.ubuntu.com/567721/
<Frenk> Hey, I have a question. One person with a certain IP cant connect to the server. I cleared denyhosts, and iptables -L |grep IP doesnt show it
<kirkland> RoAkSoAx: don't "exec" that
<kirkland> RoAkSoAx: i don't think you want to "exec" that
<kirkland> RoAkSoAx: and drop the full path
<RoAkSoAx> kirkland: oki
<kirkland> RoAkSoAx: just use "powerwake-now" in pre-stop
<kirkland> powerwake-now || true
<RoAkSoAx> kirkland: alright. Anyways, when powerwake-now is issued, then powernapd will evaluate if it is in powersave mode. If it is, it will take recover action and restart everything. if not, will do nothing
<Frenk> Where do I have to look?
<SpamapS> hallyn: re startup docs, upstart.ubuntu.com
<Frenk> Hey. I have a IP adstill ipress and the person cant access services on the server. Even ping does not work. For all others it does work well. There is no entry in deny-hosts or iptables. Any suggestions?
<RoAkSoAx> kirkland: it seems that I'll have to put an sleep 2 or so in the pre-stop part. Otherwise, the daemon will stop before actually taking recover action
<lephisto> re.
<hggdh> smoser: do we have an ec2 kernel for Karmic proposed?
<smoser> hggdh, no. you want me to spin a karmic with --proposed to get kernels uploaded ?
<hggdh> smoser: yes, please
<Frenk> Hello,  I need your advice! I can not connect to a server, even I can not ping the server. I can tracoroute it and it ends one ip-adress before my server. then the connection is timed out. I cleared hosts.deny and all ip-table rules. The laptop can access any other website and service. =(
<smoser> hggdh, karmic-server karmic-server-uec-20110216 is being built
<smoser> maybe 8 hours until it is completely published
<hggdh> smoser: thank you
<hggdh> smoser: btw, did you spin a hardy-proposed also?
<bluethundr> I am attempting to add a route to ubuntu 10.10 server but so far unsuccessful
<bluethundr> http://pastie.org/1571401
<bluethundr> I would appreciate any help you may provide
<smoser> hggdh, hardy is diferent.
<smoser> i need to get a ppa build of the kernel from jjohansen
<smoser> hardy is a mess for this
<jjohansen> smoser: why a ppa over the build that already exists for hardy?
<smoser> or, if i can get a non-ppa build of the ec2 kernel for hardy, i'll collect the kernel and ramdisk and put them in -sandbox
<smoser> well, for one, at the moment, no modules
<smoser> but for two, we need it in the ppa
<smoser> i think it is probably best to do it with -sandbox at first until we've tested, adn then push it to our ppa when its good (at which point hardy builds will pull from it)
<jjohansen> smoser: right but what is going wrong that we need a new ppa verses using the regular build
<smoser> but, from jjohansen i need a linux-modules
<smoser> so, nothing really i guess.
<RoAkSoAx> kirkland: /win 4
<kirkland> RoAkSoAx: ?
<RoAkSoAx> kirkland: happens to me all the time
<RoAkSoAx> kirkland: sry. anyways, just finished with the changes to powernap. You can test now and upload if everything looks good :)
<kirkland> RoAkSoAx: cool;  will be later this evening
<kirkland> RoAkSoAx: i'm virtual sprinting today on something else ;-)
<RoAkSoAx> kirkland: no worries :) I have cluster stuff to work on anyways :)
<uvirtbot> New bug: #720210 in qemu-kvm (main) "Ubuntu 10.10 guests don't boot with natty qemu-kvm 0.14-rc1" [Undecided,New] https://launchpad.net/bugs/720210
<ahasenack> hey, is there a ppa for euca2ools? I'm on lucid and have 1.2-0ubuntu10.1
<ahasenack> the eucalyptus site has a debian repository, but not ubuntu, I might try that
<zul> hggdh: im going to re-install cempedak
<fullstop> Hi all.  I'm setting up NFS4 between a few hosts following this guide: https://help.ubuntu.com/community/SettingUpNFSHowTo
<fullstop> I have it working.  I'd like to allow group read / write between hosts, but I'm having permission problems.
<smoser> hggdh, kernels/ramdisks for hardy are on their way up to ubuntu-testing buckets
<smoser> i'll pastebin you something when i have it
<hggdh> smoser: thank you
<JamesPage> zul: did you get a change to look at the lucid minimal install?
<zul> not yet but i will
<hggdh> JamesPage, zul: looking at it (free time)
<JamesPage> hggdh: thats great - thanks.
<JamesPage> hggdh: I'm never sure which kernel should be installed for which type of install
<smoser> hggdh, jjohansen just fyi, i updated https://wiki.ubuntu.com/UEC/Images/Publishing as to how to collect the hardy kernels and ramdisks
<lenios_> does anyone know where (if available) to find how well a package has been tested?
<smoser> hggdh, http://paste.ubuntu.com/567816/ <--- kernels and ramdisks are there
<hggdh> JamesPage: it got hit by a time out (80 min, and nothing). I will run it by hand and see what gives
<hggdh> smoser: thank you
<RoAkSoAx> zul: I have cluster-agents almost ready. Will have it ready after lunch
<smoser> for haryd, you'll just have to launch an instance with that kernel and that ramdisk
 * RoAkSoAx lunch
<zul> RoAkSoAx ac
<sp00fz> can anyone tell me what does boot flags mean during encryption setup ?
<JasonMSP> Im running a postfix, dovecot, mysql combination on my server.  Any good recommendations for an admin/gui tool?
<Saturn2888> does anyone know which IRC channel I can use to get help with the ftp application? I'm trying to move a directory recursively from my machine to an FTP host. It's a long story, but I can only do it over FTP so I'm trying my best to use the put or send commands to do it, and those are only going to work with files, not directories
<hallyn> dont' suppose you can make a tarball of it, xfer that, and extract it at the other end?
<genii-around> Saturn2888: Have you tried something like mput -r *
<hggdh> smoser: which AMI should I use?
<smoser> http://uec-images.ubuntu.com/releases/hardy/release-20100827/
<Saturn2888> mput? oh lemme try. genii-around from command line or ftp>? I was trying ncftpput just now and that didn't work either.
<genii-around> Saturn2888: It's a command you can use from inside ftp
<Saturn2888> genii-around: yeah, doing that now
<Saturn2888> genii-around: local: -r: No such file or directory
<Saturn2888> haha
<Saturn2888> genii-around: it works w/ wildcards I think. I did /* and it started, but it's making the remote locations the same as local which is causing it to mess up
<genii-around> Saturn2888: Well, depending on how many directories you have you might want to just do it manually. like use mkdir, cd into it, then use mput with full pathname and wildcard to put all from local dir named foobar into remote dir you just made called foobar , etc
<genii-around> Apologies on lag, work got quite busy
<Saturn2888> genii-around: I'm doing more tan 500 files :P
<Saturn2888> than*
<genii-around> Saturn2888: But roughly how many nested directories?
<Saturn2888> genii-around: it's okay, I used Windows :P. A lot easier that way
<Saturn2888> it was a lot. 5 deep
<genii-around> Too bad they don't let you use scp
<EvilPhoenix> eewwwww...Windows....
<EvilPhoenix> >.<
<Saturn2888> genii-around: I know! Haha. but actually, it was  ton of really small files and transferred really slowly over SFTP but was quick over FTP (trying to move over to a new server with SFTP, but have to use FTP for now)
<Saturn2888> genii-around: thanks though :)
<kirkland> hallyn: can you take a look at Bug 720210 ?
<uvirtbot> Launchpad bug 720210 in qemu-kvm "Ubuntu 10.10 guests don't boot with natty qemu-kvm 0.14-rc1" [Undecided,New] https://launchpad.net/bugs/720210
<kirkland> hallyn: possible regression
<hallyn> yeh I saw it go by
<hallyn> did notice he's using -vga vmware, but haven't reproduced yet
<hallyn> does 'bzr revert -r3006' revert *to* commit 3006, or revert commit 3006?
<hallyn> ah, i see
<hallyn> kirkland: -vga vmware with a natty image fails similarly for me.  Waiting for a maveirck iamge to clone to test separately
<kirkland> hallyn: $ kvm -m 1024 -smp 2 -hda natty-desktop.img -vga vmware
<kirkland> hallyn: works like a champ
<kirkland> hallyn: what's most impressive is that it can do 2360x1770 resolution ;-)
<kirkland> hallyn: and qemu scaling actually let's that fly!
<kirkland> hallyn: on my 1280x800 x201 :-)
<hallyn> funky, for me it just failed
<RoyK> just use virt-manager :)
<kirkland> hallyn: oh
<kirkland> $ dpkg -S /usr/share/qemu/vgabios-vmware.*
<kirkland> dpkg: /usr/share/qemu/vgabios-vmware.bin not found.
<kirkland> dpkg: /usr/share/qemu/vgabios-vmware.debug.bin not found.
<kirkland> hallyn: i manually copied those into place yesterday
<hallyn> haha
<hallyn> phew, that makes more sense then
<kirkland> hallyn: okay, we need qemu-kvm to put those symlinks there
<kirkland> hallyn: drop me a merge request and i'll upload ASAP
<kirkland> hallyn: or a debdiff
<hallyn> hm?  no, if you use the real package i think they'll get installed
<kirkland> hallyn: huh?
<hallyn> i have those files
<kirkland> hallyn: what do you have in /usr/share/qemu/*vmware* ?
<hallyn> /usr/share/qemu/vgabios-vmware.bin  /usr/share/qemu/vgabios-vmware.debug.bin
<kirkland> $ ll /usr/share/qemu/vgabios-vmware.*
<kirkland> lrwxrwxrwx 1 root root 29 2011-02-15 12:09 /usr/share/qemu/vgabios-vmware.bin -> ../vgabios/vgabios.vmware.bin
<kirkland> lrwxrwxrwx 1 root root 35 2011-02-15 12:09 /usr/share/qemu/vgabios-vmware.debug.bin -> ../vgabios/vgabios.vmware.debug.bin
<hallyn> /usr/share/qemu/vgabios.vmware.bin  /usr/share/qemu/vgabios.vmware.debug.bin
<kirkland> same/same?
<hallyn> yes
<hallyn> I vividly remember creating debian/links for just that reason
<hallyn> kirkland: feh, vmware uses VBE
<kirkland> hallyn: hmm
<kirkland> hallyn: interesting
<kirkland> hallyn: okay, well then perhaps the reason that mine's working is that I installed Ubuntu Server and then apt-get installed ubuntu-desktop
<kirkland> hallyn: so perhaps my grub is running in a legacy/server/non-vbe mode?
<hallyn> kirkland: i dunno, bc like i say i was able to run natty with -vga std before
<hallyn> kirkland: doh!
<hallyn> kirkland: it wasn't natty, it was lucid
<hallyn> kirkland: so that seems to confirm that roland's is a dupe of our -std vga bug
<kirkland> hallyn: mkay
<kirkland> hallyn: can you mark that bug confirmed, then
<kirkland> or dupe it
<lullabud> i'm configuring a syslog server and i noticed the directive to enable --MARK-- messages... what are they useful for?
<hallyn> kirkland: i commented that it's probably a dupe, but haven't yet marked it dupe
<kirkland> k
<b0gatyr_> hi guys, kinda unrelated but dunno where to ask I remember a shell tool that allows you to keep track of your to do's but forgot the name.. any clues?
<kirkland> b0gatyr_: rtm?
<kirkland> b0gatyr_: remember the milk?
<hallyn> oh, there are shell tools for that?
<lullabud> also, i'm digging around looking for the new approved way to configure remote syslog, but i can't find it.  all i see is that -r is deprecated, but there's nothing listed for the new method.
<b0gatyr_> kirkland: not exactly, there was a shell tool to keep track of your to do's that you can even ssh into and check ur tasks but forgot .. however the site you suggest is not bad at all
<airtonix> gcal
<hallyn> my kingdom for a grub tree that's bisect-safe
<RoyK> bisect safe?
<RoyK> what is that in English?
<hoechste_zeit> lullabud: if you have --MARK-- every 20 minutes, you know with this accuracy until when your server was alive.
<kirkland> hallyn: you might ask in #bzr what are the tricks to doing a bisect
<kirkland> hallyn: i bet the have some
<kirkland> hallyn: or lifeless might indulge you here ...
<smoser> zul, ping
<zul> smoser: yessssssss?
<hallyn> kirkland: yes, i asked about the bzr-bisect plugin.  no anwers :(
<hallyn> answers
<smoser> why is there a linux-xen at https://launchpad.net/~ubuntu-on-ec2/+archive/ppa/+packages
<hallyn> kirkland: but i'll just do it manually.  just wish i wouldn't keep bricking systems with bad builds
<zul> smoser: thats from long long ago delete them
<smoser> i suspect that is not the same as the linux-xen package in hardy
<smoser> really ?
<zul> nope they arent
<zul> those were just the kernel that i was using when i was doing the images
<smoser> so where is the kernel supposed to come from for hardy images
<zul> actually it might have come from there, did you guys update the kernel since?
<kirkland> hallyn: snapshot, dude
<smoser> i don't actually think so, no
<kirkland> hallyn: when i'm doing something like that, i'll often cp the disk image to /tmp (which is tmpfs for me in memory)
<kirkland> hallyn: keep a golden master
<kirkland> hallyn: and create a victim
<zul> smoser: interesting
<RoyK> Someone told me link aggregation won't speed up a single connection - is this really so? I thought link aggregation was done on the link level, and if so, the data should flow over both, or all, links without regards to IPs or MAC addresses...
<kirkland> hallyn: do my test, then rm the victim, and cp the gold master back to a new victim for each test
<kirkland> smoser: are you going to review lynxman's merge proposal at https://code.launchpad.net/~lynxman/cloud-init/puppet-mcollective/+merge/49819 ?
<zul> smoser: is your new hardy images booting?
<smoser> idont know why i didn't see that, kirkland
<smoser> zul, no. they go straight to terminated
<RoAkSoAx> zul: what else do I need to get configured in dhcp for it to work with cobbler?
<zul> smoser: erm...
<zul> RoAkSoAx: we always used dnsmasq
<zul> smoser: does the new image work with the old kernel?
<RoAkSoAx> zul: lol! cause my config is preconfigured for dhcpd
<zul> RoAkSoAx: not sure im trying to help put out a fire right now
<smoser> zul, we're trying old image new kernel
<hallyn> kirkland: of course i have a snapshot :)
<hallyn> but it means bzr bisect wouldn't work since that state gets lost
<zul> smoser: heh you know that last time i touched the hardy xen kernel stuff for ec2
<hallyn> kirkland: but that's not even what i was talking about.  but if a particular commit results in a 'grub' that is just plain broken, that throws off the bisect algorithm.  (so again, just as well that i'm doing manual loose bisect, bc git-bisect does not deal with that well)
<kirkland> hallyn: ah, gotcha
<lullabud> re syslog forwarding, found some great documentation on the rsyslog site - http://www.rsyslog.com/doc/rsyslog_reliable_forwarding.html
<JasonMSP> i've got postfix installed and it works fine but I want to reinstall from scratch again. apt-get install postfix doesn't push me to the install page because it knows it is already installed.  How can I override and tell it to do it again?
<lullabud> dpkg-reconfigure postfix ?
<lullabud> JasonMSP: ^^
<jkg> quick stupid apache question: I have a "NameVirtualHost *" at the top of sites-available/default, which then contains a <VirtualHost *> container, with a ServerName and several ServerAlias lines. in sites-available/myotherdomain I have a <VirtualHost *> container with a ServerName and a ServerAlias. am I missing something stupid?
<RoyK> apt-get install win7
<RoyK> jkg: remove the default
<jkg> on starting apache, I get a warning "[Wed Feb 16 22:28:38 2011] [warn] NameVirtualHost *:80 has no VirtualHosts", and visiting the 2nd site gives me a blank front page or 404s for internal pages, so it looks like the docroot for that Vhost is /srv/www -- it is configured as /srv/www/otherdomain/htdocs
<jkg> the default is a live site.
<RoyK> jkg: then rename the default to a named one
<lullabud> jkg: what's not working right?
<RoyK> I've seen issues like that a few times
<lullabud> jkg: oh, actually, shouldn't you configure your second site with <VirtualHost *> and then ServerName  ?
<RoyK> no idea why, but in some circumstances, the default takes over
<RoyK> just create a dummy for the default
<jkg> RoyK: that behaves exactly the same :-/
<jkg> oh I just dissite'd the default, renamed the file 'default' to 'apps' and a2ensite'd that.
<RoyK> what is the servername? serveralas?
<RoyK> jkg: pastebin the config
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jkg> is this enough? http://paste.ubuntu.com/567880/
<RoyK> jkg: no </VirtualHost> there
<lullabud> jkg: shouldn't you have a default site set up with no ServerName alias as a default catch-all?
<jkg> there is a </VirtualHost> at the bottom of each file -- sorry, I kept it to just the top of each file to avoid boring you with the rest of the config
<jkg> lullabud: I don't think so; I don't want it to respond to other names...
<RoyK> jkg: just pastebin it all
<RoyK> jkg: if you have a security issue, that should be fixed, not hidden
<lullabud> jkg: if you don't want it to respond to all then why do you have namevirtualhost * ?
<jkg> um. good question!
<RoyK> lullabud: namevirtualhost * is not about responding
<RoyK> it's about giving a name
<RoyK> ServerName and so on is about responding
<lullabud> that's inside of a <virtualhost> though, this was outside, defining the default.
<jkg> http://paste.ubuntu.com/567881/ # full config
 * RoyK sends lullabud into the RTFM part of the world
<lullabud> http://httpd.apache.org/docs/2.0/mod/core.html#namevirtualhost
<lullabud> that part of the world?
<lullabud> yeah, i'm there.
<RoyK> jkg: don't add them there - create new files in /etc/apache2/site-enabled
<jkg> (obviously I've concatenated the 4 files together, so the Include sites-enabled/ is moot... unless that is the broken line, in which case it is intended to include everything I've put below)
<RoyK> and symlink those to /ect/apache2/sites-available
<jkg> RoyK: I have -- sorry, for simplicity I concatenated the 4 files
<jkg> this is how Apache will read them anyway, right?
<RoyK> jkg: and btw, ServerAlias takes several arguments, just list them, space separeted
<RoyK> separeted, even
<lullabud> RoyK: you're right, namevirtualhost is different than i though, specifying the IP#'s to listen on, not a domain list to respond to.
<jkg> it definitely seems that when I hit it with a hostname not defined in what was the 'default' config (now explicitly called something else, but still with a ServerName) the DocRoot is /var/www as defined in apache2.conf, not as defined in my second VirtualHost container -- as if the second container (or sites-enabled file) isn't being read at all.
<RoyK> lullabud: nameserverhost checks the host: header from the incoming HTTP request, not the IP
<RoyK> as in
<jkg> FWIW, apache2ctl configtest just gives that one warning and says Syntax OK
<RoyK> GET / HTTP/1.1
<RoyK> Host: karlsbakk.net
<jkg> the exciting part of all this is, it worked great on 10.04, and 8.04, and someone persuaded me to migrate these sites tonight to our 10.10 box... and claimed to have tested it :-/
 * jkg gives up, renames /etc/apache2, drops in the entire config from the 8.04 box and marvels as it all just works
<jkg> god knows what was wrong, I can't see a difference :-/
<jkg> thanks for the help investigating, anyway!
<RoAkSoAx> zul: what should I submit for you to sponsor the new upstream release. The <new-release>.orig.tar.gz and <new-release>.debian.tar.gz ? (given that there's no .diff.gz)
<RoAkSoAx> zul: or should I manually create a diff between <old version>.dsc <new-version>.dsc and post that too?
<uvirtbot> New bug: #720440 in cloud-init (main) "/etc/hosts is updated based on /etc/cloud/templates/hosts.tmpl" [Undecided,New] https://launchpad.net/bugs/720440
#ubuntu-server 2011-02-17
<BuenGenio> hello
<BuenGenio> is anybody aware on the state of apt-get working through proxy?
<Patrickdk> BuenGenio, it uses http, why wouldn't it work perfectly?
<BuenGenio> export http_proxy="http://proxy:3128"
<BuenGenio> Err http://us.archive.ubuntu.com/ubuntu/ maverick/universe csstidy i386 1.4-3
<BuenGenio>   Unable to connect to localhost:3128: [IP: 127.0.0.1 3128]
<Patrickdk> well, that says it's using the proxy just fine
<BuenGenio> I'm running a proxy on localhost:3128
<Patrickdk> that says your proxy is not accepting the connect
<BuenGenio> well, Firefox and telnet think otherwise
<BuenGenio> telnet localhost 3128
<BuenGenio> Trying ::1...
<BuenGenio> Connected to localhost.localdomain.
<Patrickdk> ::1 != 127.0.0.1
<BuenGenio> Unable to connect to localhost:3128: [IP: 127.0.0.1 3128]
<BuenGenio> != Unable to connect to localhost:3128: [IP: ::1 3128]
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<RoAkSoAx> SpamapS: ping?
<DoctorPepper> hi guys
<RoyK> DoctorPepper: you're that old rtfm guy, right?
<DoctorPepper> uh !!!!
<RoyK> :D
<smoser> hggdh, fyi http://uec-images.ubuntu.com/server/karmic/20110216/ is there. that has --proposed enabled
<mathiaz> jiboumans: Hi!
<jiboumans> hey mathiaz
<smoser> hggdh, just verified it has 2.6.31-307.27 installed
<smoser> and that it boots.
<mathiaz> jiboumans: do you have any idea for starting two memcached daemon on the same box?
<jiboumans> mathiaz: different ports
<mathiaz> jiboumans: yeah
<mathiaz> jiboumans: different ports
<mathiaz> jiboumans: i was wondering about the init script
<jiboumans> since it's all cli arguments, that's pretty straight forward
<mathiaz> jiboumans: it seems that only one port is supported
<mathiaz> jiboumans: are you using the default init script?
<jiboumans> mathiaz: yeah, the init script's lame that way
<jiboumans> mathiaz: but trivial to do using start-stop-daemon
<jiboumans> or puppet's service { }
 * mathiaz nods
<jiboumans> mathiaz: no i'm not running memcached atm actually
<jiboumans> using redis
<jiboumans> which comes with a config file and i'm running it from puppet, not init.d
<mathiaz> jiboumans: so when an instance is booted, the first puppet run will actually start your daemons?
<jiboumans> yes
<mathiaz> jiboumans: interesting...
<jiboumans> ensure => running basically
<jiboumans> also, krunit can be useful here
<jiboumans> 'sv once $service'
<jiboumans> no need to check for status, runit will do it
<mathiaz> jiboumans: with ensure => disable?
<jiboumans> how do you mean disable?
<mathiaz> jiboumans: in the puppet service definition
<mathiaz> jiboumans: there is an option to make sure a service is enable/disabled at init time
<jiboumans> i'm not sure why you'd want it disabled
<frandieguez> hi all, I'm trying to run an app with PHP5 on apache 2 using the Gettext extension but I have a little issue: I have all running but only works for locales installed in the system (that one included in locale-gen -a) and if I want to add more languages I have to install language-pack-xx-base. How I can fix this?
<frandieguez> Sorry, my development ubuntu server is running Maverick (the version doesn't matter, always fails)
<twb> frandieguez: you don't HAVE to use language-packs
<twb> locale-gen zh_ZH.UTF-8
<frandieguez> twb: great! let me try it
<frandieguez> twb: sorry but it is not working for me... I have issued locale-gen zh_ZH.UTF-8 and made a copy of es_ES translations (that works well) to zh_ZH but not work.
<frandieguez> twb: locale-gen with zh_ZH is superfast, for the rest of languages take a little time
<mathiaz> jiboumans: so IIUC memcached doesn't support a configurationf ile
<mathiaz> jiboumans: it only supports command line switches?
<mathiaz> SpamapS: ^^?
<jiboumans> mathiaz: that's right
<mathiaz> jiboumans: great - thanks!
<jiboumans> look at the init.d script, i'm quite sure it's start-stop-daemon based
<jiboumans> which makes it trivial
<mathiaz> jiboumans: well - the start-stop-daemon is actualy calling another script
<mathiaz> jiboumans: that parses the memcached.conf file for all the options
<jiboumans> mathiaz: how silly
<mathiaz> jiboumans: yeah - I  may turn that into an upstart job
<mathiaz> SpamapS: kirkland: are upstart jobs still the way to go in Ubuntu?
<jiboumans> mathiaz: conversion schmonversion
<jiboumans> you can do 'screen memcached -p 1234' and it works
<jiboumans> give it a name (memcached_1234) and run it 'unless => "screen -ls | grep memcached_1234"
<jiboumans> it's *that* simple
<mathiaz> jiboumans: nice
<jiboumans> mathiaz: why run multiple memcacheds btw?
<jiboumans> mathiaz: and you might want to look at redis for some neat features and also memory saving optimizations
<dasilva333> hey guys ive tried much research still no luck, any one willing to help? im getting this error when i try to do df -h 'Stale NFS file handle'
<dasilva333> also helpful:
<dasilva333> root@TonidoPlug:/etc/init.d# umount /dev/sdc1
<dasilva333> umount: /dev/sdc1: not mounted
<dasilva333> root@TonidoPlug:/etc/init.d# mount /dev/sdc1 /media/SeagateNTFS/
<dasilva333> mount: according to mtab, /dev/sdc1 is already mounted on /media/SeagateNTFS
<dasilva333> root@TonidoPlug:/etc/init.d# ls /etc/mtab
<dasilva333> ls: cannot access /etc/mtab: Stale NFS file handle
<twb> !partners
<ubottu> Canonical's partner repositories provide packages a location for software vendors to publish applications. The repo itself can be added by running this in a !terminal: Â« sudo add-apt-repository "deb http://archive.canonical.com/ $(lsb_release -sc) partner" Â»
<marshall> hey ubuntu server
<dasilva333> hey
<marshall> anybody use ec2?
<dasilva333> not me, hey marshall do you think you could help me with my problem?
<marshall> sup?
<dasilva333> well whenever i try df -h i get 'Stale NFS file handle
<smokesmoko> what kind of problem r u having dasilva333?
<dasilva333> df -h 'Stale NFS file handle'
<dasilva333> root@TonidoPlug:/etc/init.d# umount /dev/sdc1
<dasilva333> umount: /dev/sdc1: not mounted
<dasilva333> root@TonidoPlug:/etc/init.d# mount /dev/sdc1 /media/SeagateNTFS/
<dasilva333> mount: according to mtab, /dev/sdc1 is already mounted on /media/SeagateNTFS
<dasilva333> root@TonidoPlug:/etc/init.d# ls /etc/mtab
<dasilva333> ls: cannot access /etc/mtab: Stale NFS file handle
<dasilva333> thats what i get
<smokesmoko> what kind of drive is it, cd or harddrive?
<dasilva333> its an ntfs drive, it just suddenly happened
<dasilva333> ive tried various solutions on google but no luck
<smokesmoko> got important data on it?
<nandemonai> I've gotten that before when a NFS server has died. Do you have any NFS shares mounted as well?
<dasilva333> if i reboot into my other linux OS the drive works fine
<dasilva333> if i plug it into the my windows box it also works fine
<dasilva333> so its the OS thats for sure
<dasilva333> how do i check what NFS shares are mounted on it?
<dasilva333> heres a helpful article if you guys could help me with it
<dasilva333> http://sysunconfig.net/unixtips/stale_nfs.txt
<nandemonai> Have you rebooted?
<dasilva333> yes many many times
<nandemonai> Ok forget I said anything then. Sounds like a bug.
<dasilva333> ive tried a, but im not sure hwo to use it with -O option so that doesnt work
<nandemonai> Rebooting will drop any stale shares so it's not that.
<dasilva333> how can i reinstall or reset the part of the system that is not working?
<nandemonai> So this is happening with a USB drive eh? Very odd.
<dasilva333> yeah its a usb drive
<dasilva333> i basically think my fstab or mtab is corrupted somehow
<nandemonai> I'd boot it with a live CD and check out the files.
<nandemonai> You could be onto something with a messed up fstab or something. Other than that I have no idea I'm afraid.
<dasilva333> i ran a chkdsk on windows and it passed through fine, im pretty sure its not the files
<nandemonai> Usually that error relates to a nfs share that has stopped responding.
<dasilva333> http://sysunconfig.net/unixtips/stale_nfs.txt how do i do option a. or b. in that list?
<nandemonai> Oh I meant your fstab etc sorry.
<nandemonai> B will already have been done unless something is trying to use it on boot.
<dasilva333> i tried booting into my other OS, deleteing /etc/mtab and then booting back into it w/o any luck
<nandemonai> a. something like: sudo mount -O /dev/sda1 /mnt/point
<dasilva333> is there any other file i could possible delete to 'reset' my problem?
<nandemonai> Again though reboot should sort all that.
<smokesmoko> Hi, to recreate mtab try command:
<smokesmoko> sudo cat /proc/mounts > /etc/mtab
<smokesmoko> have u tried that?
<dasilva333> yeah i tried that
<dasilva333> i get Stale NFS file handle whenever i do anything relating to mtab
<nandemonai> I'd boot a live CD and suss out the mtab and fstab files from there.
<nandemonai> I guess it's possible they're completely corrupted but I'm guessing ;)
<dasilva333> ok but how do i 'suss' them out?
<smokesmoko> u could fsck your drive, but becareful
<dasilva333> like just rm -rf /etc/mtab or what?
<dasilva333> i cant fsck an ntfs drive
<nandemonai> Look at them in a text editor from a live CD.
<dasilva333> ah ok
<dasilva333> good idea
<nandemonai> Do you even use NFS shares on said system?
<SpamapS> mathiaz: yes upstart job would be the way to go, and memcached should be trivial to do.
<mathiaz> SpamapS: well - trying to do it with upstart from lucid
<mathiaz> SpamapS: running into issues with log files
<mathiaz> SpamapS: and forks as well
<mathiaz> SpamapS: http://paste.ubuntu.com/567960/
<mathiaz> SpamapS: isn't happy
<dasilva333> nope
<SpamapS> mathiaz: err.. I would just use it w/o forking and pipe to logger
<dasilva333> i dont even know what NFS is rly, so im not sure why my NTFS drive is complaining about that
<mathiaz> SpamapS: http://paste.ubuntu.com/567961/?
<SpamapS> mathiaz: drop the expect fork and the -d
<mathiaz> SpamapS: using an exec statement?
<SpamapS> mathiaz: and if you want to be careful... add a post-start that makes sure memcached is listening
<mathiaz> SpamapS: or a script block?
<SpamapS> mathiaz: you can exec blah | something else
<mathiaz> SpamapS: oh - nice
<SpamapS> mathiaz: script is only for multiple commands
<dasilva333> ok mount -O revealed something interesting
<dasilva333> http://pastebin.com/1a0YTimE
<dasilva333> line #12 is bad somehow....
<SpamapS> mathiaz: basically exec just gets evaluated by the running shell as is
<Roasted> just curious, if you're running ubuntu server with no gui, how do you share out printers?
<SpamapS> mathiaz: also make sure you stop on runlevel 1.. you don't need memcached in single user :)
<dasilva333> can i do sudo cat /proc/mounts > /etc/fstab?
<SpamapS> Roasted: cups
<SpamapS> Roasted: or samba+cups
<Roasted> SpamapS, ahh, through a web based gui right
<twb> dasilva333: only if you want to break the system
<ZacLnxNewb> hi
<ZacLnxNewb> What's the best torrenting daemon?
<SpamapS> Roasted: thats helpful for configuring them, yes.. but you can do it w/o the gui even. :)
<Roasted> ZacLnxNewb, I like deluge.
<dasilva333> twb: how would i do it then pls?
<twb> dasilva333: do what?
<dasilva333> how do i rebuild fstab
<ZacLnxNewb> Roasted: I was using deluge until I screwed up the configuration
<Roasted> ZacLnxNewb, so redo the config to default??
<ZacLnxNewb> Roasted:  then it just ran in the background and I was too lazy to figure out how to fix it. :p
<ZacLnxNewb> Roasted: and I decided to freshly install my entire server and try a different configuration.
<SpamapS> mathiaz: feel free to submit that upstart job as a bug on memcached. :)
<mathiaz> SpamapS: hehe
<mathiaz> SpamapS: seems like it's working !
<mathiaz> SpamapS: now is there a way to have stdout log to a logger and stderr log to another one?
<mathiaz> SpamapS: for now I do 2>&1
<SpamapS> mathiaz: note that it will fire the started as soon as it has exec'd .. which Keybuk would be careful to point out could create a race condition with dependent jobs
<SpamapS> mathiaz: :( no
<SpamapS> mathiaz: but realistically.. the messages should distinguish themselves appropriately, and you probably want to see all of them anyway
<dasilva333> ok i just booted onto the same system using a live cd and i checked out the mtab file on the bad OS and its empty, can i do a cat /proc/mounts > /media/OriginalDrive/etc/fstab ?
<dasilva333> interesting i tried it and i get an input/output error on the drive
<qman__> the drive is probably bad then
<ZacLnxNewb> Roasted: Hey, where is the deluge config file stored?
<qman__> could be a loose cable or bad controller too, but same general thing
<dasilva333> well its a usb drive, my boot drive is a usb drive, can i just run fsck on it?
<dasilva333> how do i force unmount ? im getting the device is busy
<qman__> input/output error is not an error with the filesystem, it's an error with the hardware
<qman__> umount -l
<qman__> l for lazy
<ZacLnxNewb> qman__:  do you know anything about deluge?
<qman__> nope, I use torrentflux
<dasilva333> qman__ hwo can it be an error with the hardware if its just a simple cruzer usb drive?
<dasilva333> unless you mean the actual server...
<qman__> dasilva333, loose connector, bad USB port/header/controller, bad drive
<qman__> anything along the chain
<dasilva333> ah ok
<qman__> but that type of error is a hardware error
<elbow``> I am trying to get FastCGI installed on my server, all ive found on ubuntu is mod_fcgid
<thesheff17> elbow: for php?
<elbow``> perl
<thesheff17> I believe you just have to enable the mod_perl for apache2
<elbow``> I dont want to use mod_perl
<thesheff17> ah sorry you should be able to do apt-get install libfcgi-perl
<dasilva333> THANK YOU SO MUCH GUYS!!! *HUGS ALL AROUND*
<dasilva333> ok so thanks all your ideas and help i was able to resolve my problem
<dasilva333> how i ended up fixing it was simply booting into the live cd and running fsck on the original drive, it found a whole bunch of inode errors, rebooted and it was fine
<ZacLnxNewb> does anyone use deluge?
<ZacLnxNewb> where is the configuration file used to say, change the port I access deluge from?
<ZacLnxNewb> myserver.com:8112 to myserver.com:602
<ZacLnxNewb> Roasted:  you there still?
<RoyK> win 11
<ZacLnxNewb> damn it, now deluge doesn't work
<ZacLnxNewb> RoyK: Willing to help me again? :p
<RoyK> for wj
<RoyK> for what?
<ZacLnxNewb> RoyK:  I just installed deluge, I restarted my server and was able to connect using the web ui in the browser through 192.168.1.250:8112
<ZacLnxNewb> RoyK:  in the deluge settings through the web ui, I changed the port from 8112 to 602
<ZacLnxNewb> RoyK:  then rebooted the server again, and now everything is inaccessible through http
<RoyK> aorrt - mp
<RoyK> no odea
<ZacLnxNewb> RoyK: actually, seems the website portion jsut started working
<ZacLnxNewb> RoyK:  can't connect to deluge at all though
<RoyK> I thought I wss to lose a 35TB pool today
<RoyK> lots of messups
<ZacLnxNewb> RoyK: ouch
<RoyK> so I'm not too ast answering
<ZacLnxNewb> What the hell is this? "~/.config/deluge/"
<pmatulis_> looks like a hidden configuration file
<ZacLnxNewb> can someone help me fix whatever deluge has done to my server?
<uvirtbot> New bug: #720513 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.9 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/720513
<uvirtbot> New bug: #697934 in exim4 (main) "Merge exim4 4.73~rc1-1 (main) from Debian experimental (main)" [Undecided,Fix released] https://launchpad.net/bugs/697934
<twb> Anybody have experience with journalled quotas (-ousrjquota=aquota.user,jqfmt=vfsv0)?
<twb> I just noticed that repquota isn't seeing any changes when I create new files, and it was some time ago (back when journal-less usrquota was in use instead.)
<MTecknology> root@liber:/var/spool/exim4# mailq      0m  1.6K 1PpzH3-00065K-QO <> *** frozen ***      www-data@liber.profarius.com      <-- any ideas what might be setup wrong?
<MTecknology> or more details- http://dpaste.com/425569/
<twb> 19:36 <twb> Never mind, I found the problem.  For some reason quotaon(8) isn't being run at boot.  Fucking ubuntu garbage...
<MTecknology> so... if I send an email to me@profarius.com from a web server that hosts the profarius.com website... it sends it to /var/mail/michael instead of to my email address
<MTecknology> the header even holds the right "To: field"
<huats> morning
<MTecknology> huats: howdy
<twb> This patch is necessary to make Lucid handle journalled quotas correctly!  http://paste.debian.net/107916/
<eagles0513875> hey guys quick question is a cloud limited to running virtual machines or can for instance a dedicated server be put in the cloud
<gnuyoga> whole idea of cloud is self provisioning â¦ doing that with a bare metal is possible but for that
<gnuyoga> you can use something like cobbler
<twb> "Cobbler is a Linux provisioning server that centralizes and simplifies control of services including DHCP, TFTP, and DNS for the purpose of performing network-based operating systems installs."
<twb> ...so, it's dnsmasq.
<twb> "Cobbler is a small and lightweight application (about 15k lines of Python code)."
<lephisto> morgen
<twb> ...whereas dnsmasq is 17kloc *including the TFTP, DNS and DHCP servers*.  Silly RH users!
<eagles0513875> gnuyoga: whats cobbler?
<eagles0513875> humm
<gnuyoga> eagles0513875: http://www.ubuntugeek.com/ubuntu-linux-provisioning-automation-with-cobbler.html
<eagles0513875> thanks :)
<ttx> Any chance you could set up a tarball job for nova-bexar on Jenkins ? I'd like that set up before we start approving the post-release BMPs
<ttx> soren: ^
<ttx> aw
<ttx> wrong channel
<jibel> Daviey, hallyn , Hi. you marked 2 server tests as started yesterday, can you change the status on the tracker if it's done. thanks.
<eagles0513875> thanks for the link gnuyoga :) will have to give cobbler a shot :)
<bencer> could anyone from server team have a look at #720564, that blocks me in trying to upload new ebox/zentyal packages to natty
<bencer> it's just a simple sync from debian
<eagles0513875> bencer: that would have to be asked in ubuntu+1 as that is natty support
<bencer> eagles0513875: is ubuntu+1 an irc channel? don't have many experience on ubuntu dev workflows
<eagles0513875> ya it is
<bencer> just saw it, thanks
<bencer> well seems that it got already accepted
<bencer> Build well, sync request ACKd
<bencer> ** Changed in: libredis-perl (Ubuntu)
<bencer>        Status: New => Confirmed
<eagles0513875> bencer: :) patience is the key
<plm> Hi all
<plm> anyone know what package in Ubuntu hjas the "pdo sqlite driver"?
<plm> I try with apt-cache search but not sucesss
<TeTeT> plm: maybe php5-sqlite: /usr/lib/php5/20090626+lfs/pdo_sqlite.so
<TeTeT> plm: I used apt-file search pdo | grep sqlite for that output
<soren> $ apt-cache search pdo sqlite
<soren> php5-sqlite - SQLite module for php5
<soren> php-db - PHP PEAR Database Abstraction Layer
<plm> TeTeT: so I have that installed..  But I have this error: [Thu Feb 17 08:45:59 2011] [error] [client 192.168.0.30] PHP Fatal error:  Uncaught exception 'PDOException' with message 'could not find driver' in /var/www/web/classes/csql.php:88\
<plm> A complete error is here http://dpaste.com/425885/
<soren> plm: "/var/www/web/db..." looks odd.
<TeTeT> plm: I'm afraid I know nothing about this error
<Daviey> jibel, ack
<plm> soren: TeTeT solved. I restart apache after install php5 module, but now after install sqlite driver...
<TeTeT> plm: ah, great that it works now
<Daviey> jibel, The reason i haven't passed it yet, was because i wanted to question postifx being installed on a plain server install.  I don't remember that being in 10.04.
<Daviey> and a running network service by default is a new feature.
<uvirtbot> New bug: #720638 in net-snmp (main) "snmpd crashes with segfault (libnetsnmpmibs.so.15.1.2)" [Undecided,New] https://launchpad.net/bugs/720638
<Daviey> jibel, duh... it's because i did the RAID-1 install.
<Daviey> marked as passed
<jibel> Daviey, thanks for your help in testing.
<Daviey> hallyn / jdstrand: Are either of you planning a libvirt merge soon?
<Daviey> jibel, np.. I intended to do more, but seemed to already have pretty good coverage!
<jibel> Daviey, indeed, the results are pretty good.
<hallyn> Daviey: i handed jdstrand 0.8.7, but it's looking like 0.8.8 has mostly papercut bugfixes so we may just want to immediately jump to that (it just came out today)
<hallyn> bia
<hallyn> biab
<jdstrand> hallyn: I haven't reviewed it yet, if you are keen on doing 0.8.8, feel free to give it to me and I'll review it instead
<hallyn> jdstrand: only bc it looks like it might fix bug 720426
<uvirtbot> Launchpad bug 720426 in libvirt "libvirt fails to run vm's with virtio disks and a kernel" [Medium,Won't fix] https://launchpad.net/bugs/720426
<hallyn> uh, hm, then again i guess it might not :)  but lemme see how trivial that bump is
<hallyn> RoAkSoAx: so yeah, as of yesterday I suddenly have the same disk io woes you have.  to the point thta it made me stop working when the family went to bed bc laptop fan kept going off like a fighter jet
<ivoks> kirkland: congrats ;)
<kirkland> ivoks: :-)  thanks
<jdstrand> hallyn: fyi, I think my temperature issues in the guests unstable bug are bug #716528
<uvirtbot> Launchpad bug 716528 in qemu-kvm "kvm 100% when performing apparently IO operations" [Medium,Confirmed] https://launchpad.net/bugs/716528
<jdstrand> hallyn: so I guess put me in the me too camp there
<jdstrand> (and I just did in the bug)
<jussi> would it be even remotely safe to install a maverick package on a hardy server? (ie. http://packages.ubuntu.com/maverick/libemail-sender-transport-smtp-tls-perl)
<Daviey> hallyn / jdstrand: That is good news, i noticed it bumped from experimental to unstable.
<ivoks> Daviey: hi, how are you?
<Daviey> ivoks, Hello sir!  Not too bad.. how are you keeping?
<ivoks> Daviey: hanging :) by a thread :)
<Daviey> ivoks, heh... so...... mail stack... how is it doing for natty? :)
 * ivoks walks away :)
<Daviey> lol
<ivoks> Daviey: i'll look at it in next couple of days
<ivoks> i still don't have natty dev environment
 * ivoks runs away :)
<Daviey> ivoks, that is good... Feb 24th... Feature Freeze :)
<ivoks> pih
 * hallyn hates guis
<JamesPage> Daviey: hows the euca dhcp issue in natty coming along?
<Daviey> JamesPage, funny you ask...
<Daviey> JamesPage, no good progress at the moment..
<Daviey> I don't think upstream will land a configuration option.. I'm currently writing a wrapper to just check it /will/ work.. If it does, i'll change it in code.
<Daviey> JamesPage, why do you ask?
<JamesPage> Daviey: bug 717166
<uvirtbot> Launchpad bug 717166 in eucalyptus "Broken with v4 isc-dhcp-server in Natty" [Undecided,New] https://launchpad.net/bugs/717166
<MadHaTTer_777> hey ppl i need some support with ubuntu 64-bit server 10.10
<MadHaTTer_777> can anyone help?
<Daviey> JamesPage, thanks.. i've just confirmed it
<JamesPage> Daviey: same issue yes?
<Daviey> JamesPage, yeah, sadly
<MadHaTTer_777> my issue has been going on for about a week and its a pain
<MadHaTTer_777> problem after problem
<MadHaTTer_777> but now im near the end of fixing it at least
<JamesPage> MadHaTTer_777: well you are in the right place - whats your problem?
<MadHaTTer_777> ok im trying to install a usb modem their software didnt work so i got some code online tweaked it and edited the wvdial and widial files now
<MadHaTTer_777> its a usb flip flop device btw the code i was talking about is to get it to change mode
<MadHaTTer_777> now in terminal it gives me 2 dif errors at random
<MadHaTTer_777> when i wvdial
<MadHaTTer_777> i get "--> Cannot open /dev/ttyUSB0: device or resource busy
<MadHaTTer_777> 3 times
<MadHaTTer_777> the other error is where it tells me to add the option of pppd in wvdial.conf
<MadHaTTer_777> how do i fix these?
<RoAkSoAx> morning all
<JamesPage> hey RoAkSoAx
<MadHaTTer_777> wth?
<MadHaTTer_777> anyone know how to fix these errors?
<apw> someone was talking to me about nbd, and we had two issues, first that the second open deadlocked (now resolved) and a second which was bad opens r/w of a r/o device which was failing
<apw> can anyone remember
<ogra> apw, i bet that was stgraber
<apw> ahh thanks ... wanted to know what happened to the userspace changes ... seems the kernel change may have been temp reverted cause of the userspace carnage, but i do wnat to make sure its getting fixed
<MadHaTTer_777> ANY IDEA HOW TO FIX MY PROBLEM?
<MadHaTTer_777> also i have another problem once these 2 r fixed
<MadHaTTer_777> something wrong with apt
<MadHaTTer_777> hash sum mismatch
<JamesPage> MadHaTTer_777: so I guess that you are referring to drivers for the USB modem with regards to the code you got online
<JamesPage> MadHaTTer_777:  whats the make/model of USB modem you are using?
<MadHaTTer_777> so what can be done about it?
<MadHaTTer_777> it wont help
<JamesPage> MadHaTTer_777: well maybe not but I like to have the full facts before commenting on something...
<MadHaTTer_777> acs franklin wireless cdu680 p/n du6800-014-ac ive been through all the usuall
<MadHaTTer_777> the manu site was last updated around the time of ubuntu 7.4
<MadHaTTer_777> the isp told me they dont even use the software that comes with the modem cause it doesnt work 4 sht
<MadHaTTer_777> brb i need a smoke
<MadHaTTer_777> bk
<MadHaTTer_777> u there james?
<JamesPage> MadHaTTer_777: yep
<Sheepherd> hey guys im bout to set up a ubuntu server and got a teacher that tells me that installing servers virtually with VMware vSphere is the best way. is he right?
<Sheepherd> i mean he says security is better and hes prolly right but isnt a virtual server more error-prone due to incompatibilities?
<Sheepherd> because its another layer that has to work perfectly
<MadHaTTer_777> so can u help me?
<JamesPage> MadHaTTer_777: I'm drawing a blank at the moment; I can't find anything more than you have already found;
<JamesPage> it looks like a driver issue of some description
<zul> ill upload a new cobbler snapshot tomorrow
<JamesPage> MadHaTTer_777: have you seen this - https://custsupport.alaskacommunications.com/app/answers/detail/a_id/304/~/installing-the-mobile-broadband-cdu-680-on-linux
<MadHaTTer_222> back
<JamesPage> MadHaTTer_222: have you read this - https://custsupport.alaskacommunications.com/app/answers/detail/a_id/304/~/installing-the-mobile-broadband-cdu-680-on-linux
<MadHaTTer_222> yes thats garbage
<MadHaTTer_222> and im past that anyways'
<MadHaTTer_222> i can get all that feed as described there its after that i get the problems
<JamesPage> fair enough; I'm just refreshing on wvdial - not used it in a LONG time
<MadHaTTer_222> ir seems like its a problem with pppd
<MadHaTTer_222> in the one error it says to use the option in wvdial.conf to specify the pppd
<ikonia> MadHaTTer_222: this is the channel for ubuntu server, you stated earlier this was a problem on your deskop
<MadHaTTer_222> no ikonia it is a problem in ubuntu server 64 bit as i stated earlier
<ikonia> my mistake, I thought you said it was a problem with your desktop in the other channel
<MadHaTTer_222> i did temperoraly install the desktop on it but plan to remove it once finished
<MadHaTTer_222> kubuntu i belive its called
<ikonia> no, that's a desktop
<ikonia> not a server
<MadHaTTer_222> im new to linux as i said
<ikonia> so please don't ask for desktop support in here
<MadHaTTer_222> no its a server
<ikonia> no, kubuntu is a desktop
<MadHaTTer_222> like i just said i temp installed a desktop on the server
<MadHaTTer_222> ik
<ikonia> ok, so it's the server os with a deskop
<MadHaTTer_222> yes
<ikonia> great, no problem
<JamesPage> MadHaTTer_222: so there are some differences between a normal desktop install and a server install - for example the kernel is different
<JamesPage> this is not a normal device to be installing in a server so that could be the issue; you could try running a desktop live cd to see if that makes any difference.
<MadHaTTer_222> yes i am using ubuntu server 64 bit
<ikonia> JamesPage's great advice, there are additional modules available for the desktop kernel
<ikonia> MadHaTTer_222: try the desktop install
<ikonia> may help when reporting the bug that you have tried on both desktop and server kernel
<JamesPage> if it still does not work suggest that you report a bug against ubuntu for this device - see https://wiki.ubuntu.com/ReportingBugs
<JamesPage> You can run the a live cd without installing Ubuntu which means that you current server install will remain intact.
<MadHaTTer_222> that would be nice
<MadHaTTer_222> also u know anything about a prob i get with apt
<MadHaTTer_222> hash sum mismatch
<JamesPage> I think the pppd issue is a red-herring - you should only need to specify this if the install of pppd is non standard which it is not in Ubuntu
<MadHaTTer_222> what u mean?
<ikonia> MadHaTTer_222: could you show me the output of uname -a on your machine please ?
<MadHaTTer_222> non standard not in ubuntu?
<JamesPage> It is installed in /usr/sbin/pppd which is standard
<MadHaTTer_222> yeah just a sec i gotta ics it through this machine
<ikonia> no problem
<JamesPage> For you other issue try running sudo apt-get clean - sounds like you having a corrupt .deb or suchlike
<JamesPage> s/having/have/
<MadHaTTer_222> i cleaned it and auto cleaned it already didnt work
<MadHaTTer_777> http://pastebin.com/stQulvqx
<ikonia> MadHaTTer_222: that is an empty paste
<ikonia> oops
<ikonia> MadHaTTer_777: that is an empty paste
<MadHaTTer_777> theres what u wanted ikonia
<MadHaTTer_777> or not
<MadHaTTer_777> lol srry
<MadHaTTer_777> i quit?
<MadHaTTer_777> again?
<ikonia> please post the info I asked for
<MadHaTTer_777> still dont belive me on the ver huh i am im just bringing the other come in the irc now
<ikonia> what ?
<MadHaTTer_777> http://pastebin.com/stQu1vqx
<b0gatyr_> question, when mounting a windows share do you guys still use the credentials file and change permissions to root?
<MadHaTTer_777> brb i dont think it will let me on the irc using 2 comps and the same ip for both
 * EtienneG page kirkland
<kirkland> EtienneG: yo
<EtienneG> kirkland, ehw and myself (well, mostly ehw) went through the bug related to the proposed likewise-open SRU
<EtienneG> kirkland, https://bugs.launchpad.net/bugs/534629 and friends
<uvirtbot> Launchpad bug 534629 in likewise-open "AssumeDefaultDomain does not work" [Medium,Fix committed]
<ikonia> !info linux-image
<ubottu> linux-image (source: linux-meta): Generic Linux kernel image.. In component main, is optional. Version 2.6.35.25.32 (maverick), package size 5 kB, installed size 32 kB (Only available for i386 amd64 lpia all armel)
<EtienneG> kirkland, that's the branch you reviewed last December during your patch pilot
<kirkland> EtienneG: right
<MadHaTTer_333> k now im on the ubuntu machine
<MadHaTTer_333> http://pastebin.com/stQu1vqx
<EtienneG> kirkland, when you have a minute, would you mind having a look and see if it can be sponsored?
<ikonia> MadHaTTer_333: ok, so you need to update your kernel to the current version, that's a good start
<EtienneG> kirkland, if there's anything missing, just let us know, we'll fix it
<ikonia> MadHaTTer_333: always better to log a bug on the current kernel
<hallyn> is anyone here using ipmi who could test+verify the proposed fix for 473332 so I can request the patch to be merged?
<RoAkSoAx> SpamapS: around?
<hallyn> that is, for bug 473332
<uvirtbot> Launchpad bug 473332 in openipmi "Startup failed to load ipmi_devintf module" [Low,In progress] https://launchpad.net/bugs/473332
<hggdh> anyone able to test 10.04.2 iSCSI for http://iso.qa.ubuntu.com/?
<MadHaTTer_777> can u hear me now?
<ikonia> MadHaTTer_777: yes
<MadHaTTer_999> sorry again
<MadHaTTer_999> these modems suck
<MadHaTTer_999> so how do u update the kernel
<MadHaTTer_999> apt-get update what?
<patdk-wk> normally dist-upgrade
<MadHaTTer_999> thanx
<jmarsden> MadHaTTer_999: sudo apt-get update && sudo apt-get dist-upgrade
<MadHaTTer_777> wtf is with my modems i efin hate my shty isp
<MadHaTTer_777> its updating now
<MadHaTTer_777> gonna be bout 10 mins
<robbiew> Daviey: JamesPage: kirkland: RoAkSoAx: smoser: SpamapS: zul:  hallyn:  can anyone help with 10.04.2 iso testing?
<robbiew> skaet_: is waiting on us
<kirkland> robbiew: sure thing;  i synced them last night
<robbiew> :/
<kirkland> robbiew: i'm on it now
<JamesPage> robbiew: yep - I'll pickup some more now
<_1094kms> I'm at a loss to find out where my firewall records (iptables -L) come from. apparmor uninstalled, ufw disabled, nothing in /etc/network ... where else can they be??
<MadHaTTer_777> ohh the hash sum mismatch from what i can tell i think its cause my isp stamps the packets and screws it up any way around this?
<smoser> robbiew, i'm patch-piloting right now, but i can later. i'll check in with kirkland after lunch on it.
<robbiew> thnx all
<Daviey> robbiew, hmm
<Daviey> robbiew, I thought the coverage was good?
<MadHaTTer_777> brb im gonna have another smoke while this updates
<Daviey> robbiew, The JeOS test cases are not required aiui
<SpamapS> RoAkSoAx: here now.
<Daviey> hallyn, any update on http://iso.qa.ubuntu.com/qatracker/result/4995/265 ?
<sjm> where can I report a bug in ubuntu (tzdata)?
<Daviey> robbiew, other than that - i think we are pretty complete?
<zul> robbiew: hudson says its good with the iso testing of i386 if that helps
<robbiew> Daviey: I'm just relaying what skaet_ told me
<Daviey> robbiew, oh ok
<jibel> All, we are missing iSCSI test cases and marjo is experiencing a problem with i386 preseed.
<SpamapS> http://svn.php.net/viewvc/php/php-src/tags/php_5_3_6RC1/NEWS?revision=308400&view=markup
<zul> SpamapS: yes i track it regularily ;)
<kirkland> RoAkSoAx: who runs iso.qa.ubuntu.com?  I reset my password a few minutes ago and haven't gotten the email back yet
<kirkland> robbiew: ^
<SpamapS> zul: they had discussed getting 5.3.6 out very soon.. maybe we should shoot to ship it before FF
<hallyn> Daviey: no.  alas usb-creator-gtk did not serve me well
<hallyn> retrying as we speak
<zul> SpamapS: i was mulling over it...but it all depends when they release it
<SpamapS> zul: typically their RC cycles are really short
<kirkland> FYI, all, I'll take the RAID1 tests
<kirkland> can someone mark those as "started" for me?
 * kirkland can't login right now
<zul> SpamapS: ack.. well see how busy we get ;)
<_1094kms> if I have an entry in /etc/init/ufw.conf =
<SpamapS> zul: I know 5.3.6 fixes at least one really weird issue that I've been tracking where some SSL sites are inaccessible because the remote server doesn't support some feature that openssl added recently
<SpamapS> zul: if its going to happen, its going to be all you ;)
<_1094kms> sry - does it mean it starts automatically on ubuntu 10.04?
<Daviey> kirkland, i've done  RAID-1
<kirkland> Daviey: not i386
<kirkland> Daviey: according to the tracker
<Daviey> ah, good point
<Daviey> :)
<kirkland> Daviey: can you mark that one "started" for me?
<Daviey> kirkland, ack
<zul> SpamapS: cool about the openssl bug....not so cool about all being on me
<SpamapS> are you guys doing tests for 10.04.2 or latest natty?
<Daviey> SpamapS, lucid
<jibel> kirkland, Daviey JamesPage, hallyn   Can someone take care of i386 preseed and confirm if it's really broken
<RoAkSoAx> kirkland: dunno! I just reset the password myself less than half an hour ago
<RoAkSoAx> and it worked correctly
<kirkland> RoAkSoAx: how long did it take for you to get the email?
<RoAkSoAx> kirkland: it was instant
<hallyn> Daviey: so, this is sucking:  i had installed it under kvm just fine, but of course couldn't test kvm module loading there.  on my test laptop booted from usb, install hangs at /lib/partman/automatically_partition/50biggest_free/choices
<hallyn> Daviey: and i don't know if that failure is just bc of usb-creator-gtk
<RoAkSoAx> kirkland: note that you need to login with the user you selected rather than with your email
<kirkland> RoAkSoAx: lucky
<RoAkSoAx> kirkland: (i was trying to log in with my email too and didn't work xD )
<JamesPage> jibel: whats the current issue with the i386 preseed?
<Daviey> jibel, hggdh has marked preseed ok.... what issue did marjo have?
<JamesPage> jibel: as all of the automated ISO tests use preseed I'd not be to worried.
<Daviey> hallyn, yeah... seems there is a bug regarding usb-creator
<hggdh> Daviey: marjo got a d-i error on install: E: Package linux-headers-generic has no installation candidate
<jibel> JamesPage, Daviey we have +1 and -1 on this testcase, I'd like to confirm that its really good.
<kirkland> RoAkSoAx: aha, that was it!
<hggdh> which is weird
<Daviey> hallyn, https://bugs.launchpad.net/ubuntu/+source/usb-creator/+bug/645818
<uvirtbot> Launchpad bug 645818 in usb-creator "Unknown keyword in configuration file: gfxboot" [Critical,Triaged]
<RoAkSoAx> kirkland: they should really integrate it with openid
<Daviey> hggdh, do you have your preseed?
<RoAkSoAx> SpamapS: Is there any docs to create and test upstart jobs?
<hggdh> JamesPage: the minimal install is hosed on hudson
<Daviey> jibel, do you have the preseed that marjo used?
<kirkland> RoAkSoAx: no kidding!
<hggdh> JamesPage: after install it was 700+ MB in size, and with iptables set
<SpamapS> RoAkSoAx: Right now upstart.ubuntu.com and man 5 init are the best sources of information
<Daviey> kirkland, Federate single sign on is overated... i love maintaining seperate usernames and passwords everywhere... it's a hobby:)
<hallyn> Daviey: i don't think that's my problem, as i can boot fine, it's during the disk partitioning steps that it freezes
<hggdh> Daviey: yes, it is at http://people.canonical.com/~cerdea/preseed.cfg
<kirkland> Daviey: :-D
<jibel> Daviey, http://people.canonical.com/~cerdea/preseed.cfg
<JamesPage> hggdh: which builds? I can't see this issue.
<SpamapS> RoAkSoAx: as far as testing it.. well.. you really need to whole boot to happen to test if it starts at the right point and blocks what it needs to block.. so VMs are the best way to test.
<Daviey> hallyn, ah.... NFI then, sorry
<hallyn> Daviey: unless i'ts pissed off that i'm installing without network.  but that shouldn' tstall partman
<Daviey> hallyn, hmm.. installing without networking has been tested as successfull
<Daviey> ... but that was without libvirt
<Daviey> I'd imagine it would fail after disk setup... that is too early in the process to be relevant IMO
<hggdh> JamesPage: lucid server builds. I monitored it here -- installation is successful, but a *LOT* of packages are isntalled
<Daviey> hallyn, I'm guessing bad media tbh.
<hallyn> Daviey: i've done usb-creator-gtk twice on different (natty) hosts
<RoAkSoAx> SpamapS: so manually copying a job to /etc/init/ would not actually help?
<hallyn> Daviey: then i'm not sure i can do that test until i can get to the store and buy some blanks at lunch
<hggdh> JamesPage: http://204.236.234.12/view/lucid-server-amd64/job/lucid-server-amd64_virtual-host/lastFailedBuild/artifact/1/test-results/d-i-syslog.log.gz
<Daviey> hallyn, i mean, usb media problem?
<Daviey> Have another stick to test?
<hallyn> Daviey: no.  this one's brand new though
 * hallyn running to the store for some (*&$*% cds
<JamesPage> hggdh: thats not a minimal virtual install - that's a virtual host test - I would expect it to be more that 500M!
<hggdh> JamesPage: oh joy, I cannot even _read_
<JamesPage> hggdh: still does not look that good
<JamesPage> as it timed out....
<hggdh> yep. Do you set, anywhere, iptables?
<MadHaTTer_777> alright its done updating
<MadHaTTer_777> now the wvdail is giving me the error --> cannot open /dev/ttyusb0: device or resource busy
<JamesPage> hggdh: don't think so.
<MadHaTTer_777> i need to sleep ill be back soon its 720 am
<froggymana> Hello. I recently compiled nagios and followed the guide for setting it up, but now I want remove that so I can use the packaged version which I just found out about
<MadHaTTer_777> bye for now thanx
<froggymana> Anybody familar with nagios?
<ikonia> froggymana: sure
<hggdh> zul: do not reboot cempedak now, I am setting a UEC install
<zul> hggdh: k
<ikonia> !ops | MadHaTTer_777 using offensive language in channel and in pm and a bad attitude, banned from multiple channels
<ubottu> MadHaTTer_777 using offensive language in channel and in pm and a bad attitude, banned from multiple channels: Help! Channel emergency! soren, lamont, mathiaz or tom
<MadHaTTer_777> ??? ikonia r we good now?
<MadHaTTer_777> or r u trying to have me banned from yet another channel?
<KB1JWQ> MadHaTTer_777: Please remember the code of conduct.
<MadHaTTer_777> yeah i think ikonia forgot to mention i was apolagising and thanking him
<KB1JWQ> Take it to PM please.
<MadHaTTer_777> lol goodnight all
<RoAkSoAx> SpamapS: would you say this would be a good approximation of upstart job? http://pastebin.ubuntu.com/568297/
<SpamapS> RoAkSoAx: whoa.. thats a big one :)
 * SpamapS suspects that is not the first time RoAkSoAx has heard that
<SpamapS> RoAkSoAx: hrm, almost.. let me tweak it a little..
 * SpamapS wishes paste.ubuntu.com had a 'new paste from this one' button
<SpamapS> RoAkSoAx: http://pastebin.ubuntu.com/568303/
<SpamapS> RoAkSoAx: so two things.. 1) start on started networking is too early if you have dhcp interfaces, since 'ifup -a' will return immediately
<SpamapS> which actually means I did it wrong again..
<SpamapS> and it should probably be start on net-device-up IFACE!=lo
<RoAkSoAx> SpamapS: ok cool. will try it out
<SpamapS> RoAkSoAx: anyway, 2) the logic on whether or not to start the daemon is only needed in pre-start .. you don't want to re-run that stuff when the daemon respawns or is restarted, for instance.
<RoAkSoAx> SpamapS: right, I did the pre-start thing and it still started the dameon regardless
<SpamapS> RoAkSoAx: questions: Does the current package ship a /etc/default/corosync ? Also, does the daemon work without a real network? (meaning lo)
<RoAkSoAx> of wether the validation was successful or unsuccessful
<SpamapS> RoAkSoAx: right, note that I also did 'stop'
<RoAkSoAx> SpamapS: yes the package ships /etc/default/corosync and the daemon needs to work with networking up
<RoAkSoAx> SpamapS: first time it boots, 127.0.0.1 should be up and that's it
<RoAkSoAx> SpamapS: but after being configured, it needs to start after the iface(s) have their IP addresses
<SpamapS> RoAkSoAx: so if you do 'start on net-device-up IFACE!=lo' then it won't be started until a real iface is up
<RoAkSoAx> SpamapS: ok cool!! thanks. Will test it
<SpamapS> RoAkSoAx: hopefully this will be simpler when we abstract it a bit and you can just say 'start on starting network-services'
<RoAkSoAx> SpamapS: yeah, it indeed needs some improvements
<kirkland> JamesPage: looks like you're on "Install (JeOS on KVM)", right?
<JamesPage> kirkland: yep - for amd64?  Just waiting for my iso download to complete
<kirkland> JamesPage: k
<kirkland> hallyn: did you complete http://iso.qa.ubuntu.com/qatracker/result/4995/265?
<kirkland> hallyn: looks like you started that yesterday
<hallyn> kirkland: as i just old Daviey, no
<hallyn> kirkland: usb-creator-gtk messes up the image
<hallyn> kirkland: and i have no cds
<kirkland> hallyn: okay
<kirkland> hallyn: i'll take that one
<hallyn> kirkland: awesome, thanks.  I thought I was running out 20 mins ago to buy cds, but felt compelled to reproduce another bug first
<kirkland> hallyn: heh, don't buy cds :-)
<hallyn> kirkland: well i've got to, this is ridiculous :)
<hallyn> i've got two on a shelf at the old place, but that doesn't help this morning
<hallyn> kirkland: went ahead and deleted my 'result', thaks
<hallyn> thanks, that is
<Daviey> hallyn, don't stress over it... at least you know of an issue testing for alpha3 testing :)
<hallyn> yup i am to be prepared for the next round :)
<RoAkSoAx> SpamapS: the upstart job seems to be working amazingly. thanks for that one ;)
<SpamapS> RoAkSoAx: cool!
<SpamapS> RoAkSoAx: make sure to test the reload command
<ivoks> SpamapS: any news about cloning in upstart?
<ivoks> clonning even :)
<SpamapS> ivoks: as in, the expect fork bug that fails to see clones as forks?
<ivoks> SpamapS: yes
<SpamapS> ivoks: none.. but I'm talking w/ jhunt_ right now about upstart bugs
<ivoks> RoAkSoAx: ^
<ivoks> so that upstart job isn't working amazingly... it doesn't work at all :)
<RoyK> backing up 25TB over a gigE link takes some time.... :P
<jkg> feel my pain, trying to back up 100GB over ~300kbps ADSL upstream... :P
<hallyn> never understimate the bandwidth of a station wagon full of mag tapes
<JamesPage> kirkland, hggdh, zul: I'm guessing that my minimal virtual install should end up with a -virtual kernel? (as described in ISO test case)
<zul> thats my belief as well unless something has changed
<patdk-wk> hallyn, why? just a 4gig usb stick would be faster, in rush hour traffic :)
<hallyn> young whippersnappers
<JamesPage> OK well this is odd - the linux-image-virtual package is installed but uname -r returns 2.6.32-28-server
<patdk-wk> heh, a single lto1 tape? :)
<patdk-wk> jamespage, that is normal
<patdk-wk> -virtual is a meta package (alias)
<JamesPage> OK then the ISO test case needs to be updated as it says otherwise  - hggdh?
<patdk-wk> or check it with dpkg --get-selections | grep -virtual
<patdk-wk> and see if it's installed
<patdk-wk> hmm, linux-virtual maybe, - will probably freak grep out
<hggdh> JamesPage: I just found the same -- -v irtual is installed, but uname -r returns -server
<ivoks> SpamapS: RoAkSoAx doesn't trust me, please tell him that until clonning works in upstart, upstart shouldn't be used for corosync :)
<JamesPage> hggdh: it passes the test in every other way except uname -r :-)
<ivoks> fwiw, that bug is reported cause of the issues with corosync
<SpamapS> RoAkSoAx: ivoks is right.. or corosync needs a foreground option
<ivoks> :)
<uvirtbot> New bug: #720856 in euca2ools (main) "euca-describe-groups should be euca-describe-group" [Undecided,New] https://launchpad.net/bugs/720856
<Maleko> anyone knows the formula that 'nice' uses to determine amount of cpu time to allocate to a process?
<RoAkSoAx> ivoks: lol I do trust you, I just said I;m working on pacemaker 1.1.4 and corosync 1.3.0 which is NOT shipped in Natty
<hggdh> jamespage: the question now is should it be -virtual, or -server? Who can answer that, foundations?
<jamespage> hggdh: or kernel?
<hggdh> jamespage: aye, kernel, of course. I guess ;-)
 * jamespage goes to ask on #ubuntu-kernel
<hggdh> Daviey: uec is tested, correct?
<Daviey> hggdh, yes - simple topology only
<Daviey> hggdh, if you wanted to do multi-host... that would be good. :)
<kirkland> jamespage: yeah
<zul> hggdh: hey can i reboot?
<jamespage> ok so that answer was that for lucid its -server; but for maverick + its -virtual
<hggdh> zul: yes, sorry
<hggdh> jamespage: test updated with the caveat
<jamespage> hggdh: \o/
<hggdh> :-)
 * jamespage thinks he might need to cut back on the coffee
<jamespage> hggdh: I think thats OK for amd64 but i386 is different again; -generic-pae
<jamespage> hggdh: looking at the seeds on the ISO's this would make sense.
<hggdh> oh bloody hell
<hggdh> jamespage: are we defaulting to always install -pae?
<binaryhat> qman__, u around?
<jamespage> hggdh: thats what the preseeds on the i386 iso say
<hggdh> jamespage: so... back to ask somebody? Now it should be foundations, right?
<hggdh> or kernel again?
<jamespage> kernel again
<jamespage> (I think)
<hggdh> just asked there
<jamespage> saw
<jamespage> hggdh: guess it was a question for foundations then!
<hggdh> jamespage: heh. well, we bait, and see who bites
 * patdk-wk likes to bite
 * hggdh takes the bait off the water
<hggdh> cjwatson: what capabilities are looked for in i386 (on install) to decide if it is a standard kernel, or a -pae one?
<patdk-wk> -virtual always instealls pae
<patdk-wk> atleast on lucid :)
<cjwatson> hggdh: don't have time to turn it into prose right now, but look in base-installer/kernel/i386.sh
<hggdh> cjwatson: good enough, thanks -- a pointer is very nice
<cjwatson> unfortunately the server installer does always install -pae right now; this is a known bug, namely bug 227869
<uvirtbot> Launchpad bug 227869 in base-installer "Server installer should not use -server kernel for non-PAE CPU's" [Medium,Triaged] https://launchpad.net/bugs/227869
<cjwatson> one of these days ...
<binaryhat> qman__, i just got a new psu and ran mem test and it still shuts off. im at loss
<RoAkSoAx>  /win 3
<hggdh> jamespage: this was on the JeOS on KVM, right?
<jamespage> yep
<jamespage> I documented this in the test result in the test tracker
<kirkland> robbiew: how are we looking?  looks like JeOS on ESX is the only thing untested now....
<robbiew> kirkland: yeah...and I wonder if that needs to be "mandatory"
<patdk-wk> JeOS?
<patdk-wk> show me the page and I'll test on esx 4.1
<patdk-wk> or 4.0 if you wish
<kirkland> RoAkSoAx: i'd think that it's an optional case
<hggdh> kirkland: we are trying to find someone with Windows to test it
<kirkland> hggdh: k
<RoAkSoAx> kirkland: hugh?
<patdk-wk> with windows to test what?
<hggdh> patdk-wk: installing 10.04.2 on ESX (VMWare's)
<patdk-wk> both iso's ubuntu server 386 and 64?
<patdk-wk> ah, I'm firuing out that website
<patdk-wk> heh, just didn't make sense to me at first
<hggdh> yes, both
<hggdh> patdk-wk: you are my hero :-)
<patdk-wk> boot the cd == ubuntu server cd?
<zul> hggdh: doesnt the lab have esx?
<hggdh> zul: IDK
<hggdh> patdk-wk: yes
<jo-erlend> can Ubuntu boot from a software raid5 now? I'm particularly interested in 10.04.2, but all information is good :)
<patdk-wk> I think grub2 can, but I doubt your bios can
<jo-erlend> I hardly believe that bios cares about that.
<patdk-wk> why? the bios has to pick a drive to boot
<jo-erlend> yes, and?
<patdk-wk> and if the drive it picks doesn't have the mbr on it
<patdk-wk> it won't boot
<jo-erlend> ... What does that have to do with raid?
<patdk-wk> you really have no clue how raid works do you?
<jo-erlend> I think that Linux cannot be booted without an MBR in any case. Is that wrong?
<patdk-wk> linux can boot without mbr, linux doesn't care
<patdk-wk> but your bios does
<hggdh> Daviey: running uec separate install now
<jo-erlend> patdk-wk, sure.. So I'll duplicate the MBR, which obviously is far outside of any raid setup.
<jo-erlend> can grub boot a raid5 now?
<patdk-wk> you need to duplicate grub on all disks
<patdk-wk> not just the mbr
<patdk-wk> hmm, actually, it looks like grub supports that already, looks like it installs itself to all mbr's
<jo-erlend> ... Listen. I know how to setup boot from RAID5. I do not know if grub supports it in 10.04.2, which is what I'm asking.
<tabularasa> Anyone build an NDT server on 10.10 ?
<Daviey> hggdh, super
<patdk-wk> hggdh, all pass, except the -virtual (-server/-generic-pae), and amd64 uses 520mb diskspace, and i386 using 506mb
<hggdh> patdk-wk: can you please update the test entries? It passes, but please mark your findings. I will update the test steps to point out the -pae thingie
<hggdh> patdk-wk: and THANK YOU!
<patdk-wk> testing one more thing (cause I want to see it fail) :)
<patdk-wk> tested both lsi logic parallel and sas, and flexible and e1000
<patdk-wk> oh nice :)
<patdk-wk> vmxnet3 + pvscsi worked also :)
<patdk-wk> atleast for the installer, so far
 * RoAkSoAx goes for lunch
<patdk-wk> nice, that works also :)
<hggdh> patdk-wk: cool! please ping me when you have the test results posted, if you do not mind
<patdk-wk> posted
<robbiew> EtienneG: thnx for the help!!!!
<binaryhat> my pc still shuts off after running stress test
<kirkland> lynxman: ping
<EtienneG> robbiew, for what it is worth, you're welcome!  :)
<ahasenack> hey guys, any hint about this vlan error?
<ahasenack> [Thu Feb 17 19:57:11 2011][004568][EUCADEBUG ] StartNetwork(): params: userId=admin, netName=1b1155a5-d139-4d1a-9527-563364bdbd89, vlan=2950, nameserver=127.0.0.1, ccsLen=1
<ahasenack> [Thu Feb 17 19:57:11 2011][004568][EUCAERROR ] vnetStartNetworkManaged(): supplied vlan '2950' is out of range (0 - 2047), cannot start network
<ahasenack> the vlan range set in the UI is NOT 0-2047, but 2950-2999
<ahasenack> so why isn't it sticking, or why is 2950 out of range?
<ahasenack> hmm
<ahasenack> I think I found it
<sparc> Hey, there seems to be a lot of tools surrounding packaging, and building, which is awesome.
<sparc> Are there any libraries that automate common tasks on might do in postinst?
<sparc> like adding users, or modifying config files
<sparc> my boss asked, to see if there were things i could re-use there
<sparc> (in my opinion, it seems like chef and puppet, are for those things)
<Giant81> ok setting up a syslog server with ubuntu-server, if I install syslog-ng and it removes rsyslog, and I set syslog-ng to only listen to a TCP stream, that will pretty much fark up my normal interal syslogs right?
<hallyn> sparc: given the barbaric nature of the postinst's I've seen, I'd assume not
<sparc> haha
<sparc> ok :)
<sparc> i'll try to write my own routines then, and see if it ends up being useful enough later, to post/share/etc
<sparc> thanks
<pmatulis_> Giant81: question #1, why do you want to get rid of rsyslog?
<Giant81> I don't, I think it did it by mistake
<pmatulis_> Giant81: question #2, why did you install syslog-ng?
<Giant81> I think apt thought I wanted to replace rsyslog, when I just wanted to install someting to get remote messgaes
<patdk-wk> rsyslog does remote messages
<Giant81> my understanding of the syslog servers is this... syslogd is basic and replaced with syslog-ng, rsyslog has more features of syslog-ng and is default on ubuntu-server
<patdk-wk> and syslog-ng and rsyslog don't get along
<Giant81> I guess I fell more comfortable with seperate syslog daemons one for internal one for external, but if rsyslog is easy to seutp I have no problems using it
<Giant81> I'll have to go back and do more reading
<pmatulis_> Giant81: you got it
<Giant81> I asked in a couple channels and nobody seem to have an opion but rsyslog vs syslog-ng I take it you're more of an rsyslog fan?
<patdk-wk> I'm using syslog-ng
<patdk-wk> cause I know how it works, and I know it can perform on the load I give it
<patdk-wk> I should convert to rsyslog, but just haven't had time to test it yet
<Giant81> I'm looking at about 800mb of syslogs /day
<patdk-wk> no, the amount of logs isn't the problem
<patdk-wk> the ammount of concurrent connections is (atleast for syslog-ng)
<zul> hallyn: so im playing around with lxc/libvirt/openstack a bit more and i got 4 instances running with lxc and it hasnt blown up yet
<Giant81> oh ok, I thought that was what you ment by load
<Giant81> I'm only looking at maybe a dozen devices concurrent so I should be fine with about anything
<patdk-wk> I'm doing about 3gigs per day
<patdk-wk> I think
<Giant81> is there some sort of compressed filesystem type I can use in linux?
<patdk-wk> sure, many, but I wouldn't
<Giant81> I know under windows I can set the compress flag on a folder, doesn't compress alot in comparison to an archive, but better than fat files on a volume
<Giant81> preformance issues?
<patdk-wk> have to use fuse
<Giant81> I plan to just cron a tar job to compress the previous days logs anyway
 * patdk-wk doesn't like fuse at all
<jsebean> why is my server hdd used space climbing?
<jsebean> pretty fast i thought
<jkg> because you're storing more data on it. obvious guesses would be log files, received mail, or downloaded packages.
<Giant81> myabe run a find for all files recently added?  not sure
<jsebean> im not storing more data on it
<Giant81> logs could be filling up etc...
<Giant81> something is getting generated somewhere
<jsebean> will go check, might have messed up somewhere
<hallyn> zul: cool, and this is calling out to liblxc's tools?
<hallyn> me, i'm playing with upstart for libcgroup :)  will be asking SpamapS to take a look soonish
<zul> libvirt and lxc
<zul> ill be doing a bzr branch for libvirt
<skaet_> help please,   could someone look at: https://launchpad.net/bugs/720865?
<uvirtbot> Launchpad bug 720865 in linux "kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)" [Undecided,New]
<skaet_> zul, kirkland, Daviey,  can one of you help?   ^^ Need to figure out the impact of this on the release.
<zul> jjohansen: ^^^
<zul> kirkland: ^^^
 * Daviey reads
<zul> skaet_: you might want to get the kernel team to look at it
<skaet_> zul,  thanks.   will do.
<Daviey> skaet_, agreed
<Daviey> at a push, it could be foundations related.
<skaet_> Daviey, ok, have started posting in the ubuntu-kernel channel...  ;)   will move on to foundations if necessary :P
<skaet_> thanks zul, Daviey :)
<Daviey> :)
<kirkland> skaet_: zul: i can try to reproduce it here
<jsebean> hi
<jsebean> does anybody know where to start to find out why my hdd used space is climbing about 10KB every 10 seconds, with no active users online?
<EvilPhoenix> system logging?
<jsebean> i narrowed it down to apache
<EvilPhoenix> oh well then its apache
<EvilPhoenix> because apache is a memory hog
<lynxman> kirkland: pong
<jsebean> when i disable apache the HDD space climb stops
<EvilPhoenix> jsebean:  yeah, i have a similar issue with apache
<kirkland> lynxman: was just going to point you to http://blog.dustinkirkland.com/2011/02/mcollective-now-in-ubuntu.html
<jsebean> its not climbing on ram, just my hdd space
<kirkland> lynxman: and mention that 1.0.1 landed
<lynxman> kirkland: oooh nice
<EvilPhoenix> 'cept i have about 3TB of data in a RAID0 config, so :P
<kirkland> lynxman: also, we need about ~5-6 manpages for the binaries in there, if you ever feel so inclined ;-)
<EvilPhoenix> jsebean:  you could try a different httpd
<jsebean> is taking 10KB of HDD space every 10 seconds
<EvilPhoenix> <EvilPhoenix> jsebean:  you could try a different httpd
<jsebean> how do i disable apache logging?
<lynxman> kirkland: I wouldn't mind doing that... btw I need sponsorship for the mcollective-plugin packages :)
<EvilPhoenix> jsebean:  you need logging for httpds, you know.
<kirkland> lynxman: sure ... where is the request?
<EvilPhoenix> jsebean:  i dont advise disabling logging
<kirkland> lynxman: oh, the cloud-init thing?
<jsebean> yes, but just tempoarly
<kirkland> lynxman: smoser is going to do that one
<EvilPhoenix> jsebean:  let me rephrase: I dont advise disabling logging even if it IS temporarily
<lynxman> kirkland: no request yet, I have the package ready but as said, need some sponsoring, was thinking that maybe zul or you would want it
<lynxman> kirkland: the cloud-init stuff is an addendum as well
<kirkland> lynxman: sure
<kirkland> lynxman: email it our way, or just put it on the ubuntu-server@ mailing list
<smoser> for cloud-init i'm waiting on lynxman to give me a config snippet for cloud-config
<smoser> (that would be good to have ... )
<lynxman> smoser: which I'll do tonight :)
<jsebean> will another httpd work with my htaccess files?
<lynxman> kirkland: will do! thank you :)
<jsebean> i turned off apache, but need some web server
<jsebean> the hdd climb has now stopped
<lynxman> kirkland: mcollective without the plugin collection is useful, albeit limited
<lynxman> kirkland: the plugins give it a lot of juice
<kirkland> lynxman: sure
<jsebean> so why would it be climbing in the first place?
<kirkland> skaet_: i just ran that test in a VM with no trouble
<kirkland> skaet_:         kvm -m 1024 -smp 4 -cdrom /local/virt/iso/lucid-server-i386.iso -drive file=/home/kirkland/.cache/testdrive/img/testdrive-disk-ciHH42.img,if=virtio,cache=writeback,index=0,boot=on -usb -usbdevice tablet -net nic,model=virtio -net user -soundhw es1370 -vga cirrus
<skaet_> kirkland, thanks!    Can you let them know in the #ubuntu-testing channel as well?
<guntbert> jsebean: hav you already found out what file is being written to?
<jsebean> thats what im trying to find
<jsebean> ive narrowed it down to be in the /var folder
<jsebean> but not in the www
<kirkland> skaet_: done
<jsebean> so it probably is a log file?
<jsebean> the ever growing file is a file in /var/log .... now to find out why and what file
<guntbert> jsebean: it will be definitely in /var/log/apache2
<jsebean> yes
<hallyn> kirkland: I used -m 512 and reproduced it
<hallyn> skaet_: ^
<kirkland> hallyn: oh, really ...
<kirkland> hallyn: skaet_: well, i think we advertise 384M as the memory requirement
<kirkland> hallyn: skaet_: so if we're failing with 512, that's certainly suboptimal
<guntbert> jsebean: so ls -l /var/log/apache2    should give a clue
<hallyn> kirkland: let me re-test with 1024 to make sure that's it
<kirkland> hallyn: k
<kirkland> hallyn: it's a nice, quick test
<jsebean> thanks
<kirkland> hallyn: btw, that preseed + instruction is the basis for the kvm-autotest stepfile, btw
<kirkland> hallyn: it should be enhanced to skip past the language selection, too
<jsebean> its my other_vhosts_access log
<kirkland> hallyn: that's a trivial 3 lines
<jsebean> the log gets written to every 2 seconds! why?
<jsebean> well im glad i know what it was :D
<hallyn> kirkland: so seriously, the preseeds have to script the answers for questions in order?
<kirkland> hallyn: no, order doesn't really matter
<kirkland> hallyn: it just has to answer questions
<kirkland> hallyn: which debconf picks up and overloads its internal database with key/value pairs
<guntbert> jsebean: look at the config - somewhere you will have told apache to log a lot
<hallyn> kirkland: i was wrong
<hallyn> kirkland: well, sort of
<hallyn> when i killed kvm and restarted, it booted
<hallyn> weird
 * hallyn switches to a preseed using his mirror...
<hallyn> i know, i know, i should intercept dns...
<jsebean> got the issue fixed
<guntbert> jsebean: what was the reason?
<patdk-wk> issue? we have issues?
<jsebean> i had about 3 chat users online. Chat refreshes every 2 seconds. It was logging every refresh (connection 200)
<jsebean> basically every hit on the site was being logged
<patdk-wk> that is what is suppost to happen :)
<jsebean> and with a fair amount of users on my forum and chat the log was growing fast
 * patdk-wk notes log rotation and compress :)
<patdk-wk> that stuff compresses *great*
 * RoyK notes that zfs yet hasn't come to linux
<Frenk> Hello. I have Spamassasin & Postfix installed. How do I see how spamassasin is hoocked into postfix?
<raubvogel> Frenk, it depends
<raubvogel> One way is to use amavis as the middleman
<raubvogel> another is to use  mailscanner
<raubvogel> I've done both
<raubvogel> and the third is to connect to postfix directly
<Frenk> raubvogel: no I dont have amavis/mailscanner. I just installed spamassasin
<raubvogel> This might give you ideas: http://www.debuntu.org/postfix-and-pamassassin-how-to-filter-spam
<raubvogel> See part 2, "3. Make Postfix call Spamassassin" to see how they talk to each other
<Frenk> raubvogel: thx
<Frenk> raubvogel: Using Postfix before-queue Milter support or After-Queue Content Filter for amavis?
<raubvogel> I want to say before. Check https://help.ubuntu.com/community/PostfixAmavisNew
<raubvogel> Ok, I am wrong
<raubvogel> It is after
<raubvogel> http://www.postfix.org/FILTER_README.html
<uvirtbot> New bug: #720996 in samba (main) "package samba 2:3.5.6~dfsg-5ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/720996
<raubvogel> (I think ;) )
<ivoks> SpamapS: i need your help :)
<ivoks> SpamapS: nah, ignore me
<ZacLnxNewb> hello
<ZacLnxNewb> does anyone know where this would be located on my server?
<ZacLnxNewb> "~/.config/deluge/ " ???
<ZacLnxNewb> and does anyone know how I can force deluge onto a port below 1024?
<_1094kms> ZacLnxNewb: ~ stands for your home directory, e.G. /home/username/.config/deluge/
<ZacLnxNewb> _1094kms:  I have a non standard home directory, and deluge seems to go awal when I try to change it's port
<_1094kms> ZacLnxNewb: you run it in client/server mode?
<_1094kms> maybe try a symlink to the standard home location. Otherwise I'd say it's more a deluge specific question
<ZacLnxNewb> _1094kms:  I have it installed as deluge-server with a deluge-webui
<ZacLnxNewb> hm
<ZacLnxNewb> _1094kms:  do you know how I can port forward so when I do domain.com:902 it accesses 8112?
<_1094kms> that sounds like NAT
<ZacLnxNewb> _1094kms:  I can't even find the settings, config file of deluge
<ZacLnxNewb> _1094kms:  it's not in it's ~/.config default directory
<ZacLnxNewb> not in  /root/home/zachary/.config/deluge/
<ZacLnxNewb> and not in root/storage/home/zachary/
<_1094kms> have you tried starting it with logging enabled? maybe it will tell you where to look
<ZacLnxNewb> _1094kms:  I've looked in the logs, no indication
<_1094kms> http://dev.deluge-torrent.org/wiki/Faq#HowdoIstartthedaemonwithloggingenabled
<_1094kms> there is a debug option, should be more verbose.
<RoyK> what dedup?
<ZacLnxNewb> [ -r /etc/default/$PKGNAME ] && . /etc/default/$PKGNAME
<ZacLnxNewb> RoyK:  I'm having trouble with deluge, first I can't find it's configuration file at all, it's default location is supposed to be "~/.config/deluge/"
<ZacLnxNewb> _1094kms:  RoyK  I did some tinkering around
<ZacLnxNewb> RoyK: _1094kms    " deluge-webui --help "  "sudo deluge-webui --port=902"  that seems to have worked
<_1094kms> ZacLnxNewb: you could also try to generate a config file with the GTK Interface and copy the config file to the server.  Maybe the webgui is limited in it's abilities.
<ZacLnxNewb> RoyK:  _1094kms  nevermind, still having issues.  doing that got the webui port to what I wanted, and I can access the webui now, but it seems that the  daemon isn't running now
<ZacLnxNewb> RoyK:  you have any ideas?
<ZacLnxNewb> _1094kms:  gtk interface?
<_1094kms> the interface you run on your desktop. If I remember correctly you can start it two ways, as server and standalone.
<ZacLnxNewb> _1094kms:  I don't use that interface
<ZacLnxNewb> _1094kms:  In this case the webui is basically the ui
<_1094kms> maybe you can install it on your ubuntu desktop and just use the file.
<binaryhat> whats the best way to execute stress command? im doing stress --cpu 1 --vm 1
<ZacLnxNewb> _1094kms:  I use Windows 7 to manage my server via putty
<_1094kms> Then it's not an option unless you maybe install a quick ubuntu vm install in vbox or virtualmachine.
<_1094kms> which is fun but sounds like a bit of overkill :-)
<_1094kms> ZacLnxNewb: have you tried #deluge ? It seems well visited and I think they probabloy have more detailed knowledge for specific questions.
<ZacLnxNewb> thanks, I will try them
<Adman65> can you use ** with logrotate, example /apps/**/*.log ?
<ZacLnxNewb> _1094kms:  on the other hand, no one's answering
#ubuntu-server 2011-02-18
<_1094kms> ZacLnxNewb: in app channels not everyone is looking all the time - you might have to wait some time.
<hallyn> SpamapS: w00t!  your libcgroup/libvirt waiting job seems to be working like a charm
<jo-erlend> is MX record always required for mailservers, or only if the mailserver is handling mail for another domain?
<twb> Strictly speaking, MX records are not necessary.
<twb> In practice, you will probably get significantly better results by deplying MX and SPF records.
<pmatulis_> jo-erlend: an MX record is required for servers that want to receive mail from the internet at large (the public).  it tells smtp clients where to send mail for any given domain
<twb> pmatulis_: isn't the default to fall back on the A record?
<pmatulis_> twb: i never heard of that
<twb> I'm probably wrong
<pmatulis_> twb: an A record is for a host, not a domain
<twb> "If no MX records were present, the server falls back to A, that is to say, it makes a request for the A record of the same domain."
<twb> http://en.wikipedia.org/wiki/MX_record
<twb> pmatulis_: SMTP is for hosts, too
<twb> pmatulis_: this modern trend of most hosts not having MTAs is an abberancy
<pmatulis_> twb: ok, thanks for that
<twb> "Only resolvable, fully-qualified domain names (FQDNs) are permitted when domain names are used in SMTP.  In other words, names that can be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed in Section 5) are permitted, as are CNAME RRs whose targets can be resolved, in turn, to MX or address RRs."
<twb> That's 5321 (nee 2821)
<twb> jo-erlend: so short answer is: you don't have to, but we recommend you do.
<Roxyhart0> hi There, I im doing backup with rsync but it stop to work in the middle apparently because long size files, somebody know how to solve or run rsync to copy big files?
<jo-erlend> twb, thanks.
<jo-erlend> I just installed Ubuntu on my desktop, using a mdadm raid and lvm on top of that. I use three 1.5GB disks and now I see /proc/mdstat tells me it'll take 22000 minutes to complete. It's running at 1MB/sec. Is that normal after an install?
<twb> 1MB, no
<twb> Not for onboard SATA ports and 3.5" 7200 drives
<twb> For external USB drives or something, those numbers wouldn't surprise me
<thesheff17> anyone know if it is possible to browse sub directories through apache2?  I have no problem seeing the files but it won't display any of the sub directories in the browser.
<jo-erlend> twb, that's what I thought. Any idea how I'll proceed to figure out the problem?
<twb> jo-erlend: dunno, iostat, smartctl short self-tests, swap in a new SATA cable, etc.?
<twb> thesheff17: have you turned on directory indexing?
<jo-erlend> twb, oh.. Actually, I did notice that one of the sata cables were looking a little strange.
<jo-erlend> twb, do you think a faulty cable could slow things down without causing other problems?
<thesheff17> twb: checking now
<twb> jo-erlend: it's easy to swap in a new one, so do so
<twb> jo-erlend: also recommend turning on write-intent bitmaps, so that you don't need to restart the sync every time you reboot
<Roxyhart0> Hi there I extended a logical volume using lvextend, when I do lvdisplay the new size look correctly, but when I do df -h still show me the old size. There is something that I need to do after/before lvextend?
<thesheff17> twb: DirectoryIndex looks like what apache2 defaults to when it his that directory like index.html.  Am I looking for another param?
<Devo-Kun> Roxyhart0: you have extended the size of the logical volume, and now you need to extend the size of your filesystem to match that additional space.
<Devo-Kun> RoxyHart0: It's as if you copied a partition to a larger hard drive without expanding it.
<Devo-Kun> Roxyhart0: assuming you're using ext2, ext3, or ext4 check out resize2fs
<thesheff17> :s/his/hits
<Roxyhart0> ok, i understand ...yes I am using ext3
<Roxyhart0> its not dangerous?
<Devo-Kun> Roxyhart0: I've done it, on my personal data, without a backup when I was feeling brave. If this is mission critical, go buy a cheap multi-Terabyte hard drive to backup the data on.
<Roxyhart0> yes, thanks so much...I am backing up again and then will do the resize
<Devo-Kun> Roxyhart0: good luck!
<smoser> jjohansen, did you get anything sorted out with zul on how to get a haryd kernel?
<thesheff17> twb: IndexOptions ShowForbidden jeeze this was it....found it in a really old forum...I guess it was because I was securing sub directories with .htaccess files.
<thesheff17> twb: w/ different username/pass
<twb> That reminds me, I need to disable .htaccess on my apache2
<zul> smoser: afaik still looking
<zul> RoAkSoAx: uploaded
<RoAkSoAx> zul thanks!!
<Roxyhart0> hi somebody know how I can set a linux server to send email but as client ?
<blackxored> hello guys
<blackxored> i'm on a dialup link outside work
<blackxored> i'm using openvpn
<blackxored> i'm having huge packet loss over this link, on my ISP's route it's almost no packet loss, whenver I turn the VPN in, then I've got this intermediate packet loss on different intervals and different times, does anybody at #ubuntu-server have a clue to point me in the right direction, if any, to fix this?
<blackxored> anyone????
<twb> mtu?
<willkessler> hello, i have an ec2 vs ubuntu server question if anybody's got any time
<thesheff17> willkessler: ask away
<willkessler> thesheff17: i've been getting some help in #ubuntu-cloud which might be more appropriate... although they basically just said switch to maverick
<iarp> I've got an issue with my sudoers file
<willkessler> thesheff17: i could ask you one thing, what's the best maverick AMI for ec2 as far as high-load web server starting point
<iarp> Today i logged into my server (which only has internal access and single user, me) to the message "iarp not in sudoers file ....". My old byobu session was still running to i connected to that and i can sudo all i want in here without errors, but now i'm worried if i close this session i will lose all sudo abilities, ever heard of this issue?
<thesheff17> maverick: why maverick vs lucid?  http://uec-images.ubuntu.com/releases/10.04/release/ here are the ami for lucid
<willkessler> flaccid suggested switching to maverick because of load issues my app is experiencing at random times, whcih do not correlate to app usage at all
<willkessler> however, i just read this comment that gives me great pause: http://alestic.com/2010/10/ec2-ubuntu-maverick#comment-484
<willkessler> allright, i might be forced to switch to centos... sigh!
<thesheff17> willkessler: are you experiencing problems with ubuntu in the cloud already with lucid?
<willkessler> thesheff17: correct, i am
<thesheff17> willkessler: hmmm...I run a couple web sites in the cloud but I guess I don't see the volume you are getting.
<thesheff17> willkessler: what is happening? during high load?
<willkessler> thesheff17: we have volume of about 3500 new users on a social game, per hour. between 3-6pm the cpu will spike from about 3 to 40-60
<willkessler> however, the number of users may only increase 10-20%
<willkessler> nothing is changing at the code level; the game does not write anything to the ebs-backed drives on the instance
<willkessler> the app only talks to mysql and redis, but neither reports any major load increase
<willkessler> so i am thinking, something about higher network traffic spikes a big cpu usage increase
<thesheff17> willkessler: is it apache2 that is spiking the load?
<willkessler> thesheff17: yes, it appears to be. so normally ifi were listening to myself here i'd say, fix your own )*@)#*@ app
<willkessler> but in this case, i don't think it's the app per se because I/O to the box isn't changing enough
<willkessler> (acording to iostat)
<willkessler> so i'm thinking, wow, something about 10.04 on ec2 has varying load during times of the day, all by itself
<thesheff17> willkessler: are you tuning apache?
<willkessler> thesheff17: we have heavily tuned it, yes
<willkessler> thesheff17: for example, we have a fair # of spares, but not so many to threaten to swap; we have carefully tuned keepalives to match the apps needs... and the thing is very consistent during most of the day
<willkessler> thesheff17: only during this "peak" time does it explode, but as i say, not because 30x the usage is happening
<thesheff17> willkessler: it does sound like an I/O issue maybe to the backend db....
<willkessler> thesheff17: a decent hypothesis, yes, although RDS does not report much by way of heavier activity either
<willkessler> ok i'll keep digging, thanks for your help!
<iarp> Whats the default groups for the first user on a fresh install?
<thesheff17> willkessler: well if the pipe is full on the network...then the db won't show higher load
<thesheff17> iarp: what do you mean on a fresh install? during the install you usually pick the username/password.
<iarp> thesheff17: i've somehow lost the ability to "sudo" outside of this byobu session.
<thesheff17> iarp: you should be able to ssh to root.
<iarp> thesheff17: what's roots default password?
<thesheff17> that is also set during the install of ubuntu server?
<thesheff17> how did you install it?
<iarp> it's been perfectly fine for months now until i logged in today, i can't remember anything i've changed for this to happen
<iarp> i just don't know what groups the first user/admin is in because i may have screwed that up, i'm currently in www-data and my own usernames group, are admins in any other groups that would grant sudo access
<thesheff17> willkessler: https://www.cloudkick.com/blog/2010/jan/12/visual-ec2-latency/ not good :-/
<thesheff17> iarp: well that isn't good....you may be able to find out the default username by see the /etc/passwd file.  Do you also have physical access to the server? You could recover the root password easily with a live cd.
<Roxyhart0> hi there, somebosy know how I can set sstmp using by default?
<iarp> thesheff17: i just started up a virtualbox idental to the server install, i've somehow removed the groups "adm, dialout, cdrom, plugdev, lpadmin, sambashare, admin" from my user. I'm guessing that happened when i was having permission issues last week.
<thesheff17> iarp: yea the default user during install is part of the adm group.
<jmarsden> iarp: the admin group is the one that determines sudo use, by default.  Is any user at all in the admin group?  If so, log in as that user and sudo should then work
<jmarsden> thesheff17: admin not adm
<iarp> currently my only groups are "iarp, www-data"
<iarp> i was having issues last week with apache not being are to write to directorys and i must've forgotten -a on my usermod's -G
<jmarsden> iarp: Then your current user cannot run sudo.  So, check what otherusers on the machine exist and which ones are in the admin group.
<jmarsden> iarp: For example, try    grep ^admin /etc/group
<iarp> "sudo usermod -a -G adm,dialout,cdrom,plugdev,lpadmin,sambashare,admin iarp" and we're back in business, thanks.
<iarp> grep ^admin /etc/group - "admin:x:111:iarp,www-data"
<jmarsden> Why is www-data in the admin group?  I'd rate that a security risk.
<iarp> i'm not sure, it's being removed
<thesheff17> willkessler: a couple more things to check is during high load what is the latency?...are all the ec2 instances in the same zone?  Just for testing maybe trying running the database on localhost so the apache2 doesn't have to go out to the network.  Build a layer  in front of apache2 like squid to reduce load on apache2.
<jmarsden> iarp: OK.  Now you are "safe", you might also want to consider adding a user iarpbackup who is in the admin group and who has a password you will remember...
<thesheff17> Roxyhart0: I would read here: https://help.ubuntu.com/community/Postfix
<iarp> jmarsden: Well now that i know what i've gone and done i'll be extra careful next time i mess around with adding/removing groups
<thesheff17> iarp: Yea I rarely have to mess with the default groups ubuntu comes with.  If you need apache to write to a dir just do chown -R www-data:www-data /pathToDir/ assuming apache2 is running under www-data.
<MadHaTTer_777> hello everybody
<MadHaTTer_777> im back as promised
<MadHaTTer_777> hello ikonia
<MadHaTTer_777> hello jamespage
<MadHaTTer_777> how r ya'll tonight?
<MadHaTTer_777> so can ya'll help me with my problem tonight?
<MadHaTTer_777> i updated the kernel last night to the newest ver
<MadHaTTer_777> and still having the wvdial.conf pppd option problem along with the /dev/ttyUSB0 device busy problem
<uvirtbot> New bug: #721108 in exim4 (main) "Regression in 4.71-3ubuntu1.1 (lucid) when using macros" [Undecided,New] https://launchpad.net/bugs/721108
<quentusrex> Anyone able to assist debugging a networking issues on a new server?
<MadHaTTer_777> anyone here?
<TeTeT> yes
<MadHaTTer_777> can u help me fix this http://pastebin.com/DL92R0Vp
<TeTeT> MadHaTTer_777: haven't touched PPP in ages, sorry. Where is this log from? pppd?
<MadHaTTer_777> yes
<MadHaTTer_777> yeah it seems like no one has used pppd or wvdail in forever thats what everyone tells me
<TeTeT> MadHaTTer_777: is /dev/pts/5 a modem for real?
<MadHaTTer_777> pts/5?
<MadHaTTer_777> should be /ttyusb0
<MadHaTTer_777> thanx for pointing that out tetet
<MadHaTTer_777> do u know how i change that by chance?
<TeTeT> MadHaTTer_777: np, fear I'm not that helpful with such a problem though
<MadHaTTer_777> k
<TeTeT> MadHaTTer_777: guess 'pppd /dev/tty/usb0' or whatever the correct one is
<MadHaTTer_777> k ill try
<MadHaTTer_777> nope
<ikonia> MadHaTTer_777: have you logged the bug as suggested
<ikonia> MadHaTTer_777: have you done the testing work as suggested
<ikonia> MadHaTTer_777: have you detailed if the modem is supported by Linux, if so what versions/kernel/dependencies ?
<quentusrex> What could cause all http connection to not connect?
<quentusrex> I've setup a server and ping, and dns work
<quentusrex> but http connections fail
<quentusrex> as well as git clones fail to connect
<MadHaTTer_777> what testing work was suggested and ill tell u if i did it
<MadHaTTer_777> i dont log bugs until i am sure they are bugs and not just pebcak
<MadHaTTer_777> and the anwser to ur 3rd q is yes and yes
<ikonia> MadHaTTer_777:1.) confirm the modem is supported under Linux 2.) confirm it's dependencies/version requirements 3.) if 1 and 2 are positive test on the desktop kernel 4.) report bug if 1+2 are met and 3 fails
<ikonia> quentusrex: check the processes are running, check the routing, check the firewall rules, that's a good starting point
<MadHaTTer_777> u caught all im looking for is how to enter a little code in  wvdial-pipe right? and u want me to go through all that hell to figure it out?
<MadHaTTer_777> btw most of that cant be done anyways
<quentusrex> ikonia, I know something works because the kvm guests have working network connection
<ikonia> MadHaTTer_777: ok you have a choice, write the code yourself, or go through the bug reporting process
<ikonia> quentusrex: ahhhh kvm....ok, so that means your routing for the host rather than guests maybe off
<quentusrex> ikonia, probably
<ikonia> quentusrex: first few times I setup kvm I fell into some stupid routing traps with host/guest networking getting quite mixed up
<ikonia> I still fall into some now, even with more experience
<MadHaTTer_777> ok ikonia the code im talking about is probally 2 words long
<ikonia> so ?
<ikonia> how does that change anything ?
<MadHaTTer_777> its probally basic linux commands like pppd = /dev/ttyusb0 or something like that but not knowing linux to the extreme gives me a disadvantage which is why i am trying to ask someone who would know
<ikonia> MadHaTTer_777: have you checked the device is supported in linux, yes/no ?
<MadHaTTer_777> yes
<ikonia> ok, what are it's support requirements (Linux/kernel version)
<MadHaTTer_777> ubuntu the last known ver was 7.4 because the manufactor hasnt updated their site since before 7.4 came out
<ikonia> MadHaTTer_777: can you show me the link to the manufacture page please ?
<ikonia> (or tell me the device named/make/model and I'll look it up)
<MadHaTTer_777> franklin wireless mobile modem cdu-680 p/n blah blah 0014
<MadHaTTer_777> carrier ACS manufactor Franklin Wireless
<huats> rmoning
<ikonia> MadHaTTer_777: ok, I'm reading there is a 3rd party module needed for it, have you installed that MadHaTTer_777 ?
<MadHaTTer_777> ?
<MadHaTTer_777> where are you reading that?
<ikonia> on the FAQ page
<ikonia> http://www.franklinwireless.com/?doc=bbs/gnuboard.php&bo_table=faq1&wr_id=2
<MadHaTTer_777> im not seeing anything about a 3rd party module there
<ikonia> software installed, it's in the "Linux" folder
<ikonia> under "what software should I install"
<ikonia> OS support for that 680 is Windows
<ikonia> http://www.franklinwireless.com/?doc=bbs/gnuboard.php&bo_table=product&wr_id=4
<MadHaTTer_777> ohh that lol
<ikonia> so lets see, it  says it supports Windows, not linux
<MadHaTTer_777> yeah that software is garbage
<ikonia> well, there you go then
<ikonia> so you need to contact the vendor
<MadHaTTer_777> no ikona
<ikonia> yes
<ikonia> http://www.franklinwireless.com/?doc=bbs/gnuboard.php&bo_table=product&wr_id=4
<MadHaTTer_777> have u not listened to anything ive said over the last few days?
<ikonia> os support Windows
<ikonia> I have
<ikonia> There Linux support is nonsense they say they support ubuntu 7.1 and are testing 7.2
<TeTeT> yeah, sounds like nonsense
<ikonia> therefore anything beyond 7.1 (??? 7.l0 maybe)  is untested
<MadHaTTer_777> their software is crap so i compiled one that works much better from a script someone wrote and posted in the ubuntu forums
<ikonia> clearly it doesn't work much better as you're saying it's not working in here
<MadHaTTer_777> its not that that is having the problem
<MadHaTTer_777> its some of the linux files it uses
<ikonia> as I understood it you couldn't find the right device file for it ?
<MadHaTTer_777> i have properly tweaked and compiled that and rewritten the wvdial.conf and widial.conf but the pppd still needs to be tweaked so im looking for how to go about tweaking it
<ikonia> you don't compile wvdial.conf, so what are you talking about
<MadHaTTer_777> lol
<MadHaTTer_777> ik
<ikonia> and what is "the pppd"
<ikonia> if you know, why are you saying it ?
<ikonia> I'm not laughing, if you want help, communicate properly with information rather than random words such as compiled wvdialconf
<MadHaTTer_777> compile was referring to the code for the device that i forgot to mention in that sentance
<MadHaTTer_777> and its wvdial.conf
<MadHaTTer_777> ;P
<ikonia> MadHaTTer_777: right, where did you get the "code" for this device and is it a kernel module you built ?
<MadHaTTer_777> just a sec lemme find the link
<ikonia> no problem
<MadHaTTer_777> http://ubuntuforums.org/showthread.php?t=682596
<MadHaTTer_777> the code is at the bottom
<ikonia> MadHaTTer_777: when you built this code (I'm reading it now) what did it build ?
<MadHaTTer_777> well its a usb flip flop device between scsi flashdrive and ppp connection over port 110 on a cell band so this made it so i could switch between them then i rewrote as described in later pages on that post the wvdial.conf and such
<ikonia> MadHaTTer_777: no, what did it actually build
<ikonia> as it what is the name of the file it built
<MadHaTTer_777> i think it was changemode
<MadHaTTer_777> just a sec ill look
<MadHaTTer_777> yeah changemode
<MadHaTTer_777> oh and their old franklin software also used wvdial acording to the execute.sh
<ikonia> forget wvdial for a minute
<MadHaTTer_777> k
<ikonia> as I'm reading this the changemode binary swaps the device between a mass storage device and a modem device. Which makes it loaded the required kernel modules (and therefore create a device file)
<ikonia> when you put the device into "modem" mode, from what I read it does a check to see if the device is mounted (is your device mouted ?) then creates a device file for the modem, has that device file been created ?
<MadHaTTer_777> yeah like i said a scsi and ppp over cell band - no its unmounted
<MadHaTTer_777> yes
<ikonia> ok, what is the name of the device file that is being created
<MadHaTTer_777> sprintconfig
<ikonia> (for the modem)
<ikonia> that's not the name of the device file, what's the name of the device file it created in /dev
<MadHaTTer_777> ohh that
<MadHaTTer_777> as i recall ttyusb0?
<ikonia> ok as you recall, you need to be certain of that
<ikonia> MadHaTTer_777: reboot your machine with the device is "disk" mode, ls -la /dev > devicelist.out then change the device to a modem mode, then ls -la /dev > new_devicelist.out then diff the two
<a_ok> How do I know what lv is /dev/dm-4 ?
<MadHaTTer_777> hey ikona i just checked something and its actually on ttyusb2
<MadHaTTer_777> actually these readouts r kinda strange just a sec and ill send
<MadHaTTer_777> hmm
<MadHaTTer_777> gonna be hey ikon?
<MadHaTTer_777> -gonna be
<MadHaTTer_777> +ia
<twb> How do I know if my hardware has IPMI support?
<MadHaTTer_777> lshw? internet?
<twb> Or I guess just install ipmitool and see what it says
<MadHaTTer_777> hey ikonia see the reason im pretty sure its not the modem is it connects then when using the ppp0 interface it picks up all the dns addys then just kinda sits there
<MadHaTTer_777> yeah im sure trial and error would work to
<_ruben> twb: modprobe the various ipmi kmods and check dmesg?
<twb> _ruben: I ran sensors-detect for something else, and it apparently checked for IPMI stuff for me
<twb> Anybody know offhand if/what cpufreq module AMD Geodes use?
<chrislabeard> Is there any way to see why my server takes so long to load pages?
<chrislabeard> When local it takes a longer than normal amount of time to load
<ikonia> MadHaTTer_777: sorry, had to step away for a minute
<ikonia> MadHaTTer_777: if the thing connects and gets an IP, why are you using wvdial ?
<MadHaTTer_777> it connects using wvdial
<MadHaTTer_777> but hangs
<ikonia> MadHaTTer_777: what IP does it give you ?
<MadHaTTer_777> after the dns adresses
<MadHaTTer_777> i dont even know how to check that in linux
<uvirtbot> New bug: #721207 in openssh (main) "Dependance problem install openssh server" [Undecided,New] https://launchpad.net/bugs/721207
<MadHaTTer_777> whats the line?
<ikonia> MadHaTTer_777: can you pastebin the output of "ifconifg -a" please.
<MadHaTTer_777> i did
<MadHaTTer_777> i did
<MadHaTTer_777> i did
<MadHaTTer_777> wjefoad
<MadHaTTer_777> opps my bad didnt mean to flood
<MadHaTTer_777> i pm'ed it 2 u ikonia
<MadHaTTer_777> did u get it ikonia?
<ikonia> sorry, was away again
<ikonia> ah, I see it, one moment
<ikonia> MadHaTTer_777: ok, I think we are getting somewhere, can you pastebin the output of the following 2 commands please "cat /etc/resolv.conf" and then netstat -rn
<MadHaTTer_777> k didnt really feel like sharing ip's with everyone
<MadHaTTer_777> k
<ikonia> no, I fully understand that
<MadHaTTer_777> http://pastebin.com/K3P9WAK0
<ikonia> MadHaTTer_777: ok, so based on the IP you gave me I can see why nothing is working
<MadHaTTer_777> ok why?
<ikonia> MadHaTTer_777: if you look at that routing table, everything (0.0.0.0) is going out of 192.168.8.1 which is your ip on your eth0 card
<MadHaTTer_777> ok how do i change it in linux?
<MadHaTTer_777> ohh wait
<MadHaTTer_777> no thats not it :( duh
<ikonia> ?
<ikonia> what's not it ?
<Daviey> hallyn, Is http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604735 likely to be an issue for us?
<MadHaTTer_777> i currently have both hooked up how do u think im pastebin...
<uvirtbot> Debian bug 604735 in seabios "new version of seabios resolves "guest moved used index from ..." when using virtio-blk" [Important,Fixed]
<Daviey> hallyn, (I haven't attempted to reproduce it)
<ikonia> MadHaTTer_777: ok, what are you expecting to go out of the ppp interface ?
<MadHaTTer_777> well nothing i wanna switch it over
<MadHaTTer_777> but at the moment thats how i have it hooked
<ikonia> ok, at the moment then all your traffic is going out of eth0, that's why
<ikonia> you'll have to switch it so your default gateway is the ppp0 device for all traffic to go over it
<MadHaTTer_777> ok how do i do that ?
<MadHaTTer_777> eth0 unplugged now
<ikonia> well, the simple thing would be to disable your eth0 network, reboot and then ppp0 will become the default route when you start it up, other than that you can use "route add" and "route delete" to manipulate the routing table
<ikonia> (by disable I mean disable the interface, not just unplug it)
<MadHaTTer_777> i think ill go with the former and have a smoke with the wife while it boots
<MadHaTTer_777> brb
<MadHaTTer_777> nope didnt work wife wants me to come to bed will u be here tomarrow?
<hallyn> Daviey: no, we have qemu 0.12.5 in maverick, and natty has newer seabios
<hallyn> so shouldn't be
<hallyn> (and actuallly we have newer seabios in maverick)
<Daviey> hallyn, oh good.. thanks.
<twb> Anybody know much about writing custom collectd data snarfers?
<twb> I'm trying to teach collectd to graph the SNR on my ATM card by catting values from /sys/
<Daviey> hallyn, What was the status with the multipath merge?  You did tell me, but i can't remember what you said.. sorry.
<RoAkSoAx> morning all
<twb> OK, this is fucked up.
<twb> I have unqualified hostnames in /etc/hosts.
<twb> The host itself has 8 interfaces, so there are eight lines like "a.b.c.d alpha".
<twb> If I change *ONE* of those to "a.b.c.d alpha.cybersource.com.au alpha", then 1) "hostname -f" works; and 2) "getent hosts alpha" gives output like this: http://paste.debian.net/108062/
<twb> WTFingF, man
<twb> (And why can't I just bloody run "dnsdomainname cybersource.com.au" at boot or something...)
<hallyn> Daviey: status was cmagina had done some testing and found issues during FOFB, and asked me to look at the logs
<hallyn> cmagina: i did take a peek but saw nothing that i've not seen with the current version of multipath :)
<hallyn> cmagina: does current mp do better than the debian/experimental merged version?
<hallyn> Daviey: i might have to try the debian/unstable version...
<cmagina> hallyn: using the experimental version, the machine was constantly failing over while idle.  The current version we are using, 0.4.8, everything comes up ok
<hallyn> cmagina: oh, so you'd never done a failover in those logs?
<cmagina> hallyn: the experimental mp was a mess, causing IO errors and scsi eh to kick in, while the system was just idling
<cmagina> hallyn: nope
<cmagina> hallyn: both SCMs were powered on
<hallyn> jinkeys
<cmagina> hallyn: all that stuff was just from booting and idling after boot
<cmagina> yeah, not pretty
<hallyn> well trying an unstable merge is gonna be pretty low on my list the next few days
<hallyn> Daviey: did you ask bc you are needing it for something?
<hallyn> or bc feature freeze is coming up, i guess?
<twb> bc gets new features?
<twb> I thought it was just a calculator
<twb> Oh, you meant âµ.
<hallyn> :)
<twb> If you were IRCing from emacs you'd have bitchin' UIMs like TeX and SGML as well as boring ol' greek and katakana and such.
<zul> hallyn: do you want a debdiff for libvirt lxc fixes that i cherry picked from upstream or bzr branch?
<hallyn> zul: <shrug> whichever is easier for you
<hallyn> zul: if they're cherrypicked from upstream, then maybe we should just take a new snapshot?
<twb> BTW, I fixed my solos vs. collectd fight
<zul> hallyn: its just one right now but yeah there is a newer version of libvirt available but i dont know how that is going to set you back
<hallyn> zul: good point, i don't know thta i have time for that
<RoAkSoAx> hggdh: bug #711587
<uvirtbot> Launchpad bug 711587 in eucalyptus "powernap and Eucalyptus seem unable to reach an understanding" [High,New] https://launchpad.net/bugs/711587
<zul> hallyn: since i had like 3 lxc libvirt instances running and been consoling in and out all day yesterday and didnt have a problem with the patch i cherry picked
<hallyn> awesome
<zul> so im going back to libvirt ;)
<hallyn> hm, i was looking at several bugs, but i suppose i should be prioritizing merges right now?
<RoAkSoAx> hggdh: so what's the real deal there? :)
<zul> hallyn: depends on the merge
<hallyn> libvirt and multipath, at least
<zul> hallyn: if it fixes alot of bugs then i would do the merge and kill two birds with one stone
<zul> but thats just an opinon ;)
<twb> http://alioth.debian.org/~twb-guest/internode.png and extel.png
<hallyn> zul: no, the bugs are largely in older releases
<hallyn> hm, and then i was putting off the cap_syslog manage update, but i suppose it would be nice to get that into natty
<hggdh> RoAkSoAx: I am assuming this is a fluke; I will retest, with the new euca Daviey has uploaded
<RoAkSoAx> hggdh: I'm assuming this is powernap issue :)
<kirkland> RoAkSoAx: i think you might have killed "powernap now" support
<kirkland> RoAkSoAx: apt-get source eucalyptus
<kirkland> RoAkSoAx: grep -r powernap
<RoAkSoAx> hggdh: so, nodes go idle. powernap puts them to sleep when it shouldn/t?
<hggdh> RoAkSoAx: let me test it first with the new source
<kirkland> RoAkSoAx: and you should see how eucalyptus calls powernap
<kirkland> RoAkSoAx: eucalyptus does not use the power daemon at all
<kirkland> RoAkSoAx: it triggers its own sleeps and wakes
<RoAkSoAx> kirkland: yeah I saw it, :) powernap-now works.
<hggdh> RoAkSoAx: what I had was nodes going on powersave and euca losig reference to them -- not bringing them back up
<RoAkSoAx> hggdh: show me powernap's config
<hggdh> RoAkSoAx: but this euca was a bit unstable
<Daviey> oh goody
<hggdh> Daviey: this is before ypur 2.0.1
<hggdh> RoAkSoAx: no chance now, machines have been reconfigured for Lucid
<RoAkSoAx> kirkland: I think the issue is related to either powersave or that it monitors for other activity than rather kvm process (such as load and stuff)
<Daviey> hggdh, hmm.. i'm not confident it'll be fixed
<hggdh> Daviey: neither am I, but I am also not confident this is not a red herring
<RoAkSoAx> hggdh: will a 2 node setup in KVM allow me to test the issue?
<hggdh> as soon as I finish the SRU kernel tests I will reconfigure the machines for natty
<hggdh> RoAkSoAx: it should
<Daviey> hggdh, btw, would you mind leaving the machines running clean natty... would like to do some testing monday morning, whislt you are sleeping?
<Daviey> (assuming you  don't need them over the weekend)
<RoAkSoAx> hggdh: ok, I'll try to setup it up and see if I can reproduce. The thing is that in powersave mode, the machines keep running, so euca might think they are still alive or something like that
<hggdh> RoAkSoAx: it might. I am sorry, but this week was hell (and the previous)
<hggdh> Daviey: no prob. Just be careful not to step on zul, he is using cempedak
<zul> i should be ok Monday when im sleeping
<hggdh> RoAkSoAx: do you have access to these machines?
<RoAkSoAx> hggdh: no worries! :). I just wanna make sure this gets fixed so you nor me have any headaches later :)
<RoAkSoAx> hggdh: uhmmm I don't know actually
<Daviey> hggdh, wilco
<uvirtbot> New bug: #721295 in apache2 (main) "After setting up apache2 ssl error "ssl_error_rx_record_too_long"" [Undecided,New] https://launchpad.net/bugs/721295
<hggdh> Daviey: you want 2.6.38-4 or -3 as kernel?
<skaet_> smoser,  does https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/656646 still exist?
<uvirtbot> Launchpad bug 656646 in cloud-init "transient network/keyscan issues" [Low,Confirmed]
<smoser> skaet_, umm.. i cant say it doesnt.  but i also can't say that it wasnt transient network issues.
<smoser> its almost not reproducible and the bug is most likely *not* in cloud-init, but in either sshd or ssh client (ssh-keyscan).
<skaet_> smoser, yeah makes sense to have something around to catch the instances when its seen, to help figure it out long term.
<skaet_> smoser, to ease the tracking (so I don't have to ask about it again :/ ), can you assign it to yourself?
<smoser> sure
<skaet_> thanks.
<skaet_> :)
<uvirtbot> New bug: #721320 in exim4 (main) "DKIM-related failures should not end up in the panic log" [Undecided,New] https://launchpad.net/bugs/721320
 * zul wonders who subscribed the server team to exim bugs
<linuxtech> I think that panic log bug was fixed in Devian.
<linuxtech> Debian, not Dev...
<jjohansen> smoser: so I have built updated kernels and I can give you the debs, its not in a ppa or rolled back into the regular -xen yet
<smoser> they boot ?
<smoser> jjohansen, i dont think we have to "roll back into regular -xen"
<smoser> its not a necessary thing
<jjohansen> smoser: I haven't bundled them, but I assume so, its built with the modified build from the ppa
<hallyn> jdstrand: how do we feel about libvirt vbox support?  (debian builds it in)
<smoser> ok. well point me at kernel image, i'll upload to sandbox and we can test
<jjohansen> smoser: basically if they don't boot there is a regression introduced by a kernel patch
<jdstrand> hallyn: iirc, it needs a package in universe, so we can't build with it
<jdstrand> hallyn: otherwise, I'd be fine with having it
<smoser> jjohansen, k. so heres our plan
<smoser>  * jjohansen points smoser at i386 and amd64 kernel builds for linux-xen of hacked version
<smoser>  * smoser uploads to sandbox
<smoser>  * test sandbox kernels
<smoser>  * assuming success of sandbox kernel, ppa build in ubuntu-on-ec2
<smoser>  * populate kernel/ramdisk ubuntu-images-testing from ppa build for all regions
<smoser>  * profit
<jjohansen> smoser: they are at kernel.ubuntu.com/~jj/
<jjohansen> linux-headers-2.6.24-11-xen_2.6.24-11_amd64.deb
<jjohansen> linux-headers-2.6.24-11-xen_2.6.24-11_i386.deb
<jjohansen> linux-image-2.6.24-11-xen_2.6.24-11_amd64.deb
<jjohansen> linux-image-2.6.24-11-xen_2.6.24-11_i386.deb
<jjohansen> linux-modules-2.6.24-11-xen_2.6.24-11_amd64.deb
<jjohansen> linux-modules-2.6.24-11-xen_2.6.24-11_i386.deb
<smoser> jjohansen, thanks
<hallyn> jdstrand: gotcha, thanks.
<erichammond> Call me if anything else comes up.  I'll probably stay in Arcadia today.
<erichammond> oops. wrong channel
<Datz> hi, is there a way to tell if ubuntu server needs a reboot after upgrade without logoff and on?
<zul> Datz: if you have a kernel update or a libc6 update then you should reboot but otherwise no
<Datz> ok. I'm curious as to what triggers that message. recent updates did, and I dont think any of them mentioned above.
<Datz> libssl0.9.8 login openssl passwd wordpress wordpress-l10n
<Datz> were the updates I believe
<Datz> (anyway, was just curious. not to worry)  :)
<RoAkSoAx> zul: ping?
<zul> RoAkSoAx: what up?
<hallyn> jdstrand: people.canonical.com/~serge/libvirt_0.8.7-2ubuntu1-package.tar.gz has my merge attempt.  It built find on x86, arm build is still going
<jdstrand> hallyn: ack
<azertyu> hello there
<azertyu> anyone here ?
<thesheff17> azertyu: yes people are here...prob working do you have a question? just ask and if anyone can help they will respond.
<azertyu> yes
<azertyu> by doing : grep -R files1 /home/user i got a list of file named file1 which is present on my system, now i want to copy all file named files1 on a specific directory how to do ?
<azertyu> hello anyone there ?
<hallyn> azertyu: i'd do 'find /home/user -name "*files1*" -exec "mv" "{}" "destdir" \;
<genii-around> I suspect you'd just end up with the last file wherever you copied them, since all of them are named the same thing it will just keep copying one over, then replacing it with the next one it copies over, etc
<azertyu> are you sure about the syntaxe ?
<MrBalle> Hi!  I have 2 CPUs (Xeons) in my server but can't seem to get Ubuntu Server 10.10 to detect both even though BIOS does. Have changed kernel to a SMP one but still doesn't work. Need more info? Thanks!
<Abinadi> MrBalle: someone in #ubuntu just said that you might want to try your BIOS settings just to be sure some tweak in there has somiething to do with your problem
<thesheff17> MrBalle: what does cat /proc/cpu show you?  Ubuntu server should detect them all.
<thesheff17> cat /proc/cpuinfo I meant
<MrBalle> Adinadi: Yeah I know, just thought I'd check with people that might be more familiar with Ubuntu Server, since I can't access the server physically right now to play around with BIOS.
<IdleOne> MrBalle: could you pastebin the output of cat /proc/cpuinfo
<MrBalle> thesheff17: only shows one CPU..
<MrBalle> IdleOne: Sure, just a sec.
<MrBalle> http://pastebin.com/hmHXQGX3
<MrBalle> and here's uname -a: Linux ricer 2.6.35-25-generic-pae #44-Ubuntu SMP Fri Jan 21 19:01:46 UTC 2011 i686 GNU/Linux
<IdleOne> only shows processor: 0
<thesheff17> MrBalle: yea either it is a bios setting or you have been mislead about the hardware.
<MrBalle> IdleOne: yup...
<IdleOne> what thesheff17 said
<RoAkSoAx> win 3
<RoAkSoAx> arg
<RoAkSoAx> lol
<RoAkSoAx> marrusl: http://www.roaksoax.com/2010/10/high-availability-uec-clc-howto
<MrBalle> thesheff17: I'm sure I have two, I put them in myself so that's not the issue. And at boot it shows both CPUs. But I guess I should check BIOS when I have the chance.
<MrBalle> Thanks to everyone for the help!
<thesheff17> MrBalle: yea I'm sure there is a setting in there.  Especially if they are both physical cpu and one was added.
<marrusl> RoAkSoAx, I was looking at that!  Nice work!
<EtienneG> guys, was there any talk about IPv6 at the last UDS?
<marrusl> RoAkSoAx, any chance for HA on other components?
<RoAkSoAx> marrusl: I'm going to look into ha for the Walrus
 * hallyn out for long lunch, bbl
<RoAkSoAx> marrusl: hopefully by the end of alpha3
<marrusl> RoAkSoAx, nice.
<RoAkSoAx> marrusl: now you guys can test this in real HW and let me how it go :P
<uvirtbot> New bug: #721420 in clamav (main) "package clamav-base 0.96.5 dfsg-1ubuntu1.10.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/721420
<marrusl> RoAkSoAx, yep.  Sounds like fun.
<zul> EtienneG: not that i was aware of
<zul> EtienneG: but we should be in pretty good shape
<zul> there new cobbler snapshot
<Frenk> Hey, can anyone helm me to manage the following: I want my PC to connect to the Internet via a VPN Server. I have OpenVPN already on my laptop - what do I have to do on the server? Install OpenVPN, generate the key ... or whats the fastest solution? (atm its not much about security)
<jdstrand> Frenk: https://help.ubuntu.com/10.04/serverguide/C/openvpn.html
<aliverius> which one is faster /dev/random or /dev/urandom?
<aliverius> and which one is more random?
<linuxtech> I am migrating a 10.04 exim4/mailman server, years ago when i did this I used some load parameter to have incoming mail get a try back later response.  Anyone have any suggestions how I setup a temporary try later response?
<zul> hallyn: http://pastebin.ubuntu.com/568876/
<hggdh> smoser: there?
<smoser> here
<owen1> how to curl for specific file?
<smoser> and was just about to ping you :)
<hallyn> zul: that's it?  really?
<zul> hallyn: yeah from who i can tell
<hallyn> can you comment on that libvirt bug?
<hallyn> that's awesome
<owen1> where is the cache located in nginx? i want to flush it.
<RoAkSoAx> win 3
<RoAkSoAx> argh
<RoAkSoAx> lkol
<RoAkSoAx> kir:
<RoAkSoAx> sr
<RoAkSoAx> sry lol
<RoAkSoAx> kirkland: ping
<smoser> hggdh, you still there?
<hggdh> yes
<smoser> k.
<smoser> so i hvae a favor
<hggdh> shoot
<smoser> can you get a 10.04 cloud set up ?
<smoser> and right now i will work on getting kernels that boot for hardy up
<hggdh> it is still set on 10.04.3
<hggdh> .2 duh
<azertyu> 'find /home/user -name "*files1*" -exec "mv" "{}" "destdir" \; are you still there hallyn
<azertyu> ?
<smoser> hggdh, oh ?
<smoser> thats awesome.
<smoser> azertyu, that will flatten your files
<hggdh> smoser: I stil have it from the ISO tests... was going to blow them now, you got me at the right moment
<smoser> ok. i want to jump in and test something if you dont mind
<smoser> especially if its up and functional
<azertyu> flatten ?
<smoser> it will put them all into destdir
<smoser> not destdir/some/path/fy-file1-bar
<hggdh> no problem. Only thing is the topo is slightly changed: mabolo is the UEC, marula the walrus, santol the cc, sapodilla the sc, and soncoya the nc
<hggdh> smoser: ^
<smoser> hggdh, ok.
<RoAkSoAx> hggdh: Ok so I have a few ideas why powernap/eucalyptus don't like each other anymore
<azertyu> i have replace destdir by it's path ?
<hggdh> RoAkSoAx: I am all ears
<azertyu> have i to replace destdir by it's path ?
<RoAkSoAx> hggdh: ok so I just setup a natty eucalyptus (2 node), and I had to manually register the NC. But, watching at /var/log/eucalyptus/cc.log in the CLC, it shows as if the NC is down and keeps sending WoL's to the NC, however, the NC still appears down to the CLC
<RoAkSoAx> (CLC/SS/SC/Walrus)
<andreserl> every 10 seconds or so
<andreserl> argh
<RoAkSoAx> ok every 10 seconds or so
<RoAkSoAx> hggdh: that's in my case of course. So first, you'd have to verify that the NC is actually communicating with the (CLC/NC/SC/Walrus)
<RoAkSoAx> hggdh: it keeps doing this http://pastebin.ubuntu.com/568889/
<RoAkSoAx> every 10 secds
<hggdh> RoAkSoAx: I will reset the rig Tuesday and check then (smoser is using it now on 10.04.2, and Daviey will use it during the weekend/Monday)
<smoser> thanks hggdh
<hggdh> RoAkSoAx: but I remember the NCs satrted OK, then would not come back up
<hggdh> RoAkSoAx: what do you see on the NC logs?
<linuxtech> To answer my earlier question in case someone is looking for it... smtp_reserve_hosts = 192.168.1.2 and smtp_load_reserve = 0 get the 421 host.domain: Too much load; please try again later.  Then after I have the new server done, maybe 10 minutes once I am ready, the hubbed_host will deliver all mail to the new server, change dns and I am done I hope...s
<RoAkSoAx> hggdh: http://pastebin.ubuntu.com/568890/
<RoAkSoAx> that repeats itself over and over and over
<RoAkSoAx> I'm gonna check my NC and make sure it is working properly
<RoAkSoAx> hggdh: but I still think there might be another issue than we can discuss on tuesday, after you install it again and I take a look at it
<hggdh> RoAkSoAx: certainly. Do you see, in the NC logs, anything about it going on powersave?
<RoAkSoAx> hggdh: no nothing
<hggdh> weird
<RoAkSoAx> hggdh: it just tries to wake the server up all over and over and over again
<hggdh> RoAkSoAx: and you do see, in the syslog, powersave kicking in?
<MarkusT> Trying to install Ubuntu Server UCE (from packages) on a server with 4 static public IP addresses. I'm however unable to get /etc/network/interfaces right. I end up either unable to access the instances, or (if I change the IP setup) they don't start at all. How do I set this up? Here's what I've got so far for "interfaces": http://piratepad.net/OzICpkq6Le
<RoAkSoAx> hggdh: no nothing!! When you have the test rig up, I'll give you a powernap config for you to test so that we can discard if its that or it isn't
<hggdh> RoAkSoAx: deal
<RoAkSoAx> hggdh: unfortunately I can't really do much without appropriate HW, cause the issues I experience might also be related to network in kvm
<hggdh> RoAkSoAx: no problem, we will do it on Tuesday.
<RoAkSoAx> cool ;)
<owen1> from some reason my site is using old static files (css/images/js). anyone knows how to find the location where nginx cache my files/
<owen1> ?
<RoAkSoAx> hggdh: NC httpd-nc_error_log: apache2: symbol lookup error: /etc/eucalyptus/axis2/services/EucalyptusNC/libEucalyptusNC.so: undefined symbol: rampart_print_security_processed_results_set
<hggdh> RoAkSoAx: ugh
<Daviey> hggdh, good to see it's getting use
<hggdh> RoAkSoAx: I guess a bug is warranted for this
<hggdh> Daviey: don't you ever sleep? :-)
<azertyu> hello, this is just an example : i got 3 files on /home/user1, each  file respectivaly named file1, file2, file3,and also each file contain the word    linux_one linux_two linux_tree
<RoAkSoAx> Daviey: ^^ ideas?
<azertyu> by doing grep -R linux_ /home/user1 it display : linux_one linux_two linux_tree
<azertyu> i simply need a command that catch the linux_ attached word from each file and copy it on a specific directory
<azertyu> how to do ?
<azertyu> sorry on a specific file
<azertyu> how to do ?
<hggdh> azertyu: you are grepping the directory
<hggdh> grep -R linux_ /home/user1/*
<azertyu> yes that's works fine
<arrrghhh> hey all.  trying to run a server within a vbox vm.  i am behind a corporate firewall, and i'm having a heckuva time getting ubuntu server to 'see' the outside world.
<arrrghhh> i tried a static IP thru a bridged cxn, and it was able to ping within the LAN and DNS would resolve to an IP, but i still couldn't get the proxy to work...
<azertyu> once it grepping, i need a command that just only catch the word without the path and store on specific file how to do ?
<hggdh> azertyu: man grep -- it is an option to grep to just pass the file name
<hggdh> azertyu: probably -l
<hggdh> azertyu: oops. Not quite what you asked, perhaps. You need the file names that match?
<azertyu> no
<azertyu> you still don't get my point
<ghostlines> I'm having a problem booting my system when I boot without an external drive connected, although I specify nobootwait in my fstab. Anyone have any ideas why this happens?
<guntbert> azertyu: grep always prints whole lines, not single words
<azertyu> when i do grep -R linux_  /home/user1
<azertyu> it gives :
<azertyu> /home/user1/file1:linux_one
<azertyu> /home/user1/file2:linux_two
<azertyu> /home/user1/file3:linux_tree
<hggdh> and what do you want?
<azertyu> now i m looking for command, which is taking the " word " linux_one linux_two linux_tree on s
<arrrghhh> are you wanting to parse this data?
<azertyu> a specific file, let say gobal_file
<arrrghhh> something like sed?
<azertyu> no
<azertyu> just copy
<arrrghhh> sorry i missed the original requirements.
<azertyu> what ?
<arrrghhh> i missed your original request.
<hggdh> well. grep -h > results.lst?
<azertyu> azertyu>	when i do grep -R linux_ /home/user1
<azertyu> 	<azertyu>	it gives :
<azertyu> 	<azertyu>	/home/user1/file1:linux_one
<azertyu> 	<azertyu>	/home/user1/file2:linux_two
<azertyu> 	<azertyu>	/home/user1/file3:linux_tree
<guntbert> azertyu: if I understand what you want: try    grep -R linux_  /home/user1 > file_with_linux
<azertyu> what i mean is : is it possible to do something like : grep -R linux /home/user1 > global_file to able to copy just only the word without the path
<azertyu> yes
<hggdh> sigh.
<arrrghhh> lol
<hggdh> grep -h linux_ /home/user1/* > THIS_IS_THE_OUTPUT
<azertyu> yes
<azertyu> i got one part of my question
<azertyu> if i do vi file_with_linux
<azertyu> i got something like that :
<azertyu> azertyu>	/home/user1/file1:linux_one
<azertyu> 	<azertyu>	/home/user1/file2:linux_two
<azertyu> 	<azertyu>	/home/user1/file3:linux_tree
<hggdh> azertyu: please see my last post
<azertyu> i simply need to output just only the word, i mean linux_one, linux_two, linux_tree without /home/user1/file
<arrrghhh> azertyu, yes see his last post.
<azertyu> grep -l ?
<hggdh> grep -h
<hggdh> azertyu: 'man grep' shows all possible options
<smoser> jjohansen, :-( straight to terminated
<smoser> jjohansen, shoot. hold on.
<azertyu> super merci
<azertyu> thanks a lot
<azertyu> working now
<hggdh> de rien
<arrrghhh> so... anyone feel like helping me struggle thru proxy and network settings on a 10.10 VM?
<azertyu> thanks a lot hggdh
<uvirtbot> New bug: #721514 in samba (main) "Samba should be more selective when importing accounts" [Undecided,New] https://launchpad.net/bugs/721514
<luite> is there a some place to get a vmlinux type kernel image for 10.04 lts server? I need to boot one from a very old xen, which doesn't support bzImage
<smoser> a very old xen is not liekly to be able to boot any official kernel from 10.04
<luite> I've seen several tutorials with xen 3.2 that claim that it works, the pv interface should still support the older xen
<luite> but yes, the official kernel is a bzImage, which doesn't work. a vmlinux image should though (I hope :) )
<zul> smoser: words of wisdom?
<smoser> luite, where would you get a paravirt kernel for 10.04 ?
<zul> how convient....have a good weekend
<smoser> if you mean a pv_ops, i would have thought that "very old xen" would have meant that it wasn't going to run a pv_ops kernel
<luite> oh yes I guess I meant pv_ops :) it's xen 3.2.1pre that comes with hardy
<luite> vmlinuz-2.6.35-23-virtual should support pv_ops, right?
<smoser> it is, yes.
<luite> ok, guess I'll try to build my own from the sources of that package then
<smoser> jjohansen, can you get me that source deb ?
<smoser> the kernels appear to boot, but in order to test it fully, i actually have to rebundle...
<smoser> i'd like to let the ppa build your kernel and move on from there.
<jjohansen> smoser: I didn't build a source deb
<smoser> can you build one ?
<smoser> i can even give you access to upload it to ubuntu-on-ec2
<smoser> (
<smoser> (i'd prefer that)
<jjohansen> smoser: sure give me access to upload it and I'll do it, other wise I can shoot you a tar.gz
<smoser> jjohansen, ok. i think you should be good to upload there nhow
<jjohansen> smoser: okay, I'll give it a try
<smoser> jjohansen, were you able to upload?
<jjohansen> smoser: sorry not their yet, I'm regenerating the abi
<Mark__> hey all. I'm trying to run PHPSQLITECMS, and i have all its requirements installed, but i get an error saying i don't have a driver, i don't understand that
<Mark__> my link is http://tm0.org/
<hallyn> Mark__: so what's on line 30 of /var/www/cms/includes/classes/Database.class.php ?
<hallyn> not that i know a thing about php
<jjohansen> smoser: dput reports success
<jjohansen> smoser: I'll watch to make sure the build completes this weekend, if it fails for some reason I will fix and reupload
<hggdh> jjohansen: can you please ping me when the upload to ec2 is done? I still need to test it, and probably will do it during the weekend/Monday
<jjohansen> hggdh: hrmmm, I've never done the official upload to ec2, I may poke at it but it may have to wait for smoser.  We will see how the weekend goes
<hggdh> jjohansen: np, we will go with the flow ;-)
<raubvogel> I was reading https://help.ubuntu.com/community/IPMI and ended up confused: do you need openipmi *and* ipmitools or they are equivalent tools?
<smoser> jjohansen, it failed to build
<smoser> looks like bad config
<jjohansen> smoser: I'll look at it
<hallyn> cmagina: so, if you're game, a went ahead and tried to merge debian unstable multipath.  I may get a chance to install it mid next week, but haven't yet.  http://people.canonical.com/~serge/mp-merge-sid.tgz has the .debs
<hallyn> cmagina: (source is at lp:~serge-hallyn/ubuntu/natty/multipath-tools/merge-sid)
<cmagina> hallyn: i'll see if i can take a look this weekend
#ubuntu-server 2011-02-19
<joelg87> hi guys - anyone around?
<peernet> Hi Folks, has anyone successfully been running cpanel along with Ubuntu Server?
<uvirtbot> New bug: #721620 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.4 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/721620
<schelcj> i have a server failing at boot with a ureadahead exit status 5
<schelcj> this is 10.04 that i just did the updates on today
<schelcj> ureadahead seems to barf on my ocfs2 partition
<schelcj> after reading about what this does, do i need it on a server install?
<schelcj> if not what is the safe way to remove it with the only way to boot the system being the init=/bin/sh trick?
<CensoredBiscuit> Hello, I'm looking into headless operation how do I know if my servers ready?
<Datz> CensoredBiscuit: define ready :p
<patdk-lap> CensoredBiscuit, disconnect keyboard/screen, plug server in, and turn on
<patdk-lap> see if it works
<CensoredBiscuit> true true
<CensoredBiscuit> thanks patdk-lap
<jo-erlend2> I'm currently resyncing my mdadm raid5. I'm using 10.04.2. I haven't done any manual configurations. If I reboot... Will it start over, or will it resume where it was?
<uvirtbot> New bug: #721649 in rabbitmq-server (main) "package rabbitmq-server 2.3.1-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/721649
<thesheff17> I just got a notification from one of my production servers about a chkroot found in a java file.  http://pastebin.com/DrsiRyVG weird that it was on port INFECTED (PORTS:  45454)
<jo-erlend> I think I may have found the problem with the horrible disk IO performance I've experienced the last few days.
<jo-erlend> my disk is using 4K sectors and I read that it requires some special partitioning. If anyone has experience with that, I'd love to hear about it.
<jo-erlend> it seems that Linux doesn't know that it has 4KB sector size, and assumes 512B, which makes write operations very slow. Does that make sense?
<super-noob> Wanting to set up a mail server under Ubuntu LTS 10.04.  I've never done this under *NIX, so I'm not sure where to start.  I've used MailEnable, so I'm not completely clueless.  Specifically, I need a good guide/tutorial/howto that also includes setting up aliases that auto-forward to a specific account and also specifies how to configure the server to not allow mail through based on SPF records.  Also - Postfix or Exim?
<jmarsden> super-noob: I'm about to go to sleep, but try the dovecot-postfix package as a way to get started with an email server on Ubuntu.
<super-noob> Sleep.  Sounds nice.  :)  I'll give the dovecot-postfix package a shot.
<super-noob> Hmm...wants to uninstall exim4-base, exim4-config exim4-daemon-light...
<jmarsden> Well, sure, you can't have exim and postfix there at the same time :)
<super-noob> Okay.  Installed.
<jo-erlend> I need to manually create three partitions for use as space for raid with partitions that start and end with sectors that are divisible by 4. How do I do that?
<uvirtbot> New bug: #721722 in squid-langpack (main) "Sync squid-langpack 20110214-1 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/721722
<yellabs-r2> hello there, i have got a gift, three servers ProLiant DL360 G4p , are they still worth anything these day's , or are they out of time, what do you think ? , would they be okey for ubuntu kvm server ..
<yellabs-r2> Intel(R) Xeon(TM) CPU 3.40GHz
<greppy> yellabs-r2: as long as they have the support in the cpu for virt.
<TeTeT> yellabs-r2: think they serve fine, we use one of them for testing UEC and for that they are invaluable
<TeTeT> yellabs-r2: you can check kvm support with the 'kvm-ok' command
<yellabs-r2> great tip thanks
<yellabs-r2> forgot about that command .. :)
<yellabs-r2> do you need one of our servers ?
<yellabs-r2> is there an team in the netherlands for ubuntu testing that might need one of these servers ?
<yellabs-r2> ok, ill sort that out later, got to do some work, be back an other time .. thanks for the input , take care !
<otaku_coder> hi, a friend of mine has a server that's being hit hard by a SYN Flood attack and we're unsure how best to resolve this. I've enabled syn cookies and increased the buffer size but his sites are still being affected
<raheel> i need to  know how to limit the maximum "pages per job" using cups or lpadmin
<raheel> can any one help me how to setup the maximum pages PER JOB using cups or lpadmin
<[diablo]> afternoon all.. anyone using multipath please?
<havoc74> Anyone awake ?
<havoc74> If so, here's my question. I just picked up an IBM x235 (8671-KAX) - I need the ServeRAID ISO - every download link I find seems to be dead.
<havoc74> including IBM's site itself
<havoc74> ok, never mind - I found a working link - downloading now.....   thanks anyway!
<havoc74> later!
<raheel> guys really need help in setting the maximum pages per job
<raheel> need help to set max pages per JOB while printing to avoid accidental printing of huge amount of pages is it even possible
<raheel> hasnt anyone setup a print server before???
<jo-erlend> can someone _please_ help me partition my disk so that the first partition starts at sector 64? I've spent more than twenty hours trying to install Ubuntu without success.
<pmatulis_> joschi: use fdisk
<pmatulis_> joschi: sorry
<overrider> I am getting hardware ready to built a fileserver with 8 x 2tb Drives (raid5 or 6). What would be the most sane way of going about this since almost certainly once in a while one of these drives will need to be replaced or even upgraded. lvm?
<compdoc> by upgrading you mean larger drives?
<compdoc> raid handles drive failures, more or less. dont need lvm for that
<jkg> I tend to create a large RAID device and make it the sole physical in an lvm group, then create logical volumes on it
<overrider> I am wondering what will be the easiest to manage when a drive failure occurs, or, when in two years from now i run out of space, i want to throw in a few new 4tb drives.
<jkg> in terms of failures, RAID will handle that; LVM covers resizing later.
<jkg> although, I'd urge you away from RAID 5 -- the risk of a 2nd failure during a (lengthy!) rebuild on that size of array is pretty high
<compdoc> when you upgrade drives, you tend to replace them all at once - lvm doesnt help with that
<jkg> hrm no. I'm thinking of the case where you add extra drives (or a 2nd array), but yeah, you're right.
<overrider> If not raid5 then raid6. I also am not too happy with these 2tb drives, so i got enterprise grade ones which claim to have a higher time to failure.
<compdoc> have you had any 2tb drives fail? I have a new seagate that has one bad sector already
<overrider> Who knows. I just want to set it up once, then be done with it and have it stable. Not reinstalling or even rebuilding the System all the time because a drive fails and i am too dumb to recover from the failure, and get stuck with a non booting system.
<overrider> compdoc: yes i have had tons. Honestly, ever since Drives went larger than 320GB i am suspicious
<compdoc> what brands you use?
<overrider> I still have a Machine that runs on an 80GB Drive - don't dare to turn it off though. Just feels the smaller drives where more robust somehow.
<compdoc> well, fewer heads and platters does make them less complicated
<overrider> Oh no preference really. Maxtor, Hitachi
<overrider> yes
<overrider> Seagate also popular
<overrider> I mean, really there are just a handful of names in terms of drives out there these days
<overrider> Not sure whether Maxtor still exists even. Ah ok, Maxtor is now Seagate. :-)
<compdoc> I dont see as many hard failures as I used to. usually they just start to develope bad sectors. but I did have to replace a comletely dead one two days ago
<compdoc> customer lost some emails
<compdoc> and a few docs
<Odaym> what are the packages that are most commonly found on any Ubuntu server?
<Odaym> because i have a desktop Ubuntu on a pc, and i want to make it a server (since nothing differentiates a desktop Ubuntu from a Ubuntu server except the packages available on the latter..right?)
<compdoc> I use the desktop version as a server on a couple of computers. I like the gui
<Odaym> yes i am keeping the GUI i guess, but i want the packages that make any Ubuntu machine a server
<Odaym> apache..samba..what else?
<Odaym> SELinux?
<compdoc> I dont think there are any different packages, except that ubuntu server doesnt install the gui. I hear it might have some tweaks for running under a heavy load
<compdoc> I just use samba and rsync, so no sustained, heavy loads except for some large transfers
<syb> comdoc: I recommend buying single-platter drives. If high throughput and low power consumption is a concern then Samsung Spinpoint HD103SJ is still a good buy IMHO.
<syb> Odaym: Browse the output of running the command "tasksel --list-tasks"
<Odaym> ok
<compdoc> I have several Samsungs in a few raids. I like them, but Ive had several of them develop reallocated sectors
<Odaym> taskel not installed, syb :o
<syb> Odaym: It's a useful tool for quickly getting installed software to (re)configure a computer running Ubuntu (or Debian).
<Odaym> so i just apt-get install taskel?
<Odaym> tasksel
<syb> Odaym: Yes.
<Odaym> ok i will be right back, need to reboot for something
<syb> Anyone else here interested in improving the Ubuntu wiki documentation of KVM and vmbuilder?
<syb> I'm going to save a few changes to https://help.ubuntu.com/community/KVM/Networking - so that reading through works best with 10.04
<compdoc> when will you save?
<syb> compdoc: Will be at least ~30mins from now. I just wanted to let some interested ppl know so someone else reviews my changes.
<havoc74> good morning everyone!
<havoc74> I need help setting up my server (IBM x Series 235 8671-KAX). Is anyone familiar with this machine?
<havoc74> specifically the RAID configuration
<syb> I'm currently contemplating why https://help.ubuntu.com/10.04/serverguide/C/jeos-and-vmbuilder.html recommends config of Bridge networking by editing VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl in a working directory... instead of editing /etc/vmbuilder.cfg or ~/.vmbuilder.cfg OR create ./test-vmbuilder.cfg "run vmbuilder --c ./test-vmbuilder.cfg"
<Nafallo> havoc74: you most likely need to find the IBM bootable CD for configuring the array.
<thesheff17> syb: I'm not an expert on vmbuilder but I believe it just suggest doing that because of the templates buit into vmbuilder.  You can do all those other options you suggested.
<havoc74> I've got the bootable CD, it's syncing my first array now
<havoc74> the problem i'm having is I have 5 hd's, two 36.4gb, and three 72gb drives
<havoc74> the serverguide cd automatically setup the first two as a RAID 1, which is fine, but now it won't let me set up a second array with the 3 other drives as anything - I wanted a RAID 5 on the other 3 drives
<thesheff17> syb: My custom script I wrote for vmbuilder does the bridge in the command each time like this and works fine: --bridge=br0 Though sometimes I have multiple bridged adapters so I don't use the template system.
<syb> thesheff17: Someone has gone to the effort of adding variables into parsing of vmbuilder.cfg files. I disagree with copying the templates because a user won't get to benefit from improvements to those templates... it's like writing a new function instead of parsing variables to an existing tested function! :-)
<havoc74> I am a newb when it comes to setting up a raid, but I am a veteran system admin and programmer
<syb> thesheff17: Good Point re more complex network environment with multiple bridges. I think it is safe to assume that anyone running that should have the skills to figure out when using the templates isn't appropriate.
<compdoc> havoc74, setting up a raid is easy for most cards, since its done in the bios of the card. That system you have is different, so its not your fault
<thesheff17> syb: ah there is a --templates mytemplates command...don't know why you need that considering all the other commands already available but I guess it doesn't hurt. But like you said I would prefer everything under /etc/ for configuration.
<thesheff17> syb: I think another reason behind it is because vmbuilder has moved to building the virtual machine in the current directory.  This blew my mind after using it so long to find out this was the default case.
<havoc74> Well that is a hopeful remark compdoc, I'm glad to hear it's not me LOL - btw, i forgot to mention, the machine has integrated LSI 1030 RAID controllers
<havoc74> if that helps at all
<compdoc> they dont show a message at boot that says to press certain keys to enter the config?
<thesheff17> syb: also vmbuilder supports this cheetah template system that is why: http://www.cheetahtemplate.org/docs/users_guide_html/
<compdoc> I have a few LSI cards - theyre decent
<havoc74> i can't access a RAID setup config at boot. It doesn't mention one. Although, there is a LSI config that allows me to set up which array (or logical volume) is bootable, I can only access hardware level RAID configuration through the ServerGuide bootable cd so far, unless I'm missing something.
<havoc74> right now, the RAID 1 is synchronizing - it took 3 hours the last time
<havoc74> just about half way through now
<compdoc> if you can install the OS and boot it, maybe theres a LSI util that you can install that will let you set up the rest later.
<compdoc> the ServerGuide cd doesnt let you select the drives, or doesnt it have a raid5 option?
<compdoc> if the controller is built into the motherboard, it might not be able to do raid5
<havoc74> i haven't been able to install an os yet
<compdoc> they charge extra for that
<havoc74> and the serverguide doesn't let me select any raid types at all
<compdoc> heh, thats no good
<havoc74> it automatically selects a raid 1 when i select the two 34gb drivers
<havoc74> but, when i first go the machine, it did have a raid 1 and a raid 5 set up - and like an idiot, because i like to learn, i removed the arrays to set up new ones
<havoc74> i should have left it alone
<havoc74> i wanted to learn the process of setting up the arrays
<havoc74> lol i also picked up a BladeCenter that I haven't even turned on yet - thought i'd start with the smaller one lol
<compdoc> there must be some program youre missing thats used to set up the arrays
<havoc74> probably. I got this server from a friend who bought it not realizing it was a server
<havoc74> he got it used, it's missing all documentation and cds
<havoc74> took me 4 hours to find a link to the ServerGuide ISO on the IBM forums for my model
<havoc74> Ultimately, I want to install Ubuntu Cloud Server on this - I don't even know if it's possible yet
<havoc74> can you recommend a bootable cd to setup my raid that is better, or more functional than IBM's ServerGuide?
<compdoc> might look around at LSI's website
<compdoc> and google is your friend
<havoc74> yes it is
<havoc74> and trust me, i've been using google all week before i tried IRC - I like to figure things out on my own, but i couldn't find anything that was even close to my HD configuration
<compdoc> any idea which LSI controller? a model number would help a lot
<havoc74> LSI 1030
<havoc74> do you need more info on that?
<havoc74> BIOS: 5.03.10.00 - Firmware: 1.00.14.00 - Device Driver: 3.02.63.02
<compdoc> well, I found this the first hit on google:
<compdoc> We ran into this surprise with rx7620 system which has internal Ultra160 SCSI adapters (LSI1030).
<compdoc> These adapters don't support RAID. To mirror the volumes or RAID5 you need to use a software solution.
<compdoc> Hope that isnt true
<compdoc> this is from another hit:
<compdoc> he integrated RAID controller (such as an LSI 1030) is a standard feature on some IBM xSeries servers. This controller has limited RAID capabilities. With an integrated RAID controller, you can use the ServeRAID Manager to:
<compdoc> Configure two physical drives into a logical drive and assign it RAID level-1.
<compdoc> no mention of raid 5
<havoc74> ok, that is exactly my situation
<havoc74> at least I know for sure now that I wasn't missing anything during the ServeRAID config
<havoc74> does usually take 3 hours to sync two 34gb drives though?
<compdoc> that is a while
<havoc74> they are identical - maybe that's why
<havoc74> sorry, are not identical
<compdoc> is there a progress bar? is it close to complete?
<havoc74> the progress is at 59%, started at 10:07, it's 11:36 here now
<compdoc> I stay away from old servers if I can help it
<havoc74> yeah, I just can't afford a newer server
<havoc74> I'm just starting out hosting, I've got a few web host clients, a few SVC clients, one VoIP client, and I've got a counter strike server running for my 13 year old - all on a P4 Dell desktop (no HyperThreading). So when I had the opportunity to pick this up as cheap as I did, I jumped on it
<havoc74> I also picked up a BladeCenter for $1000.00, 12 blades, 2 have hot-swappable drive bays
<compdoc> that would be interesting to play with
<havoc74> yes, but I can't turn it on yet, I need to install a 240volt 2-phase line from my panel to power it up, and I have to upgrade my panel to 200 amps first LOL
<compdoc> ouch!
<havoc74> so it's been sitting in storage for 6 months now
<havoc74> I've actually got it up for sale, because it was suppose to make me money, but isn't, so the wife said it's gotta go unless I can get it up and running, or at least this x235.
<havoc74> The Dell desktop is old, very old.
<havoc74> and slow with only 513mb of RAM - and it uses RDRAM - expensive!
<havoc74> I'm just trying to quit the day job lol
<havoc74> ok, here's another question for you, after ServeRAID finishes, do I set up the logical volumes through ServeRAID, or through Ubuntu's partitioning?
<havoc74> right now, after syncing, it's going to have 1 logical drive, but I can partition that to logical volumes through ubuntu to set up root and swap, right?
<compdoc> after it syncs, it should be ready to have the OS installed
<havoc74> hopefully
<havoc74> it's at 69% now....  another hour or so and I'll find out
<havoc74> well, you've been very informative compdoc, thank you :)
<mxpxpod> I'm getting ready to install 10.04 Server on a Dell PowerEdge R515 with a PERC H700 RAID controller... do I need to set up software RAID in the partitioner?
<KB1JWQ> mxpxpod: If you've got a PERC why not offload to that?
<mxpxpod> KB1JWQ: I've only ever set up software RAID before, so I'm not sure how to offload to the PERC
<havoc74> Oh, one more question, considering all that I'm hosting, would it be in my best interest to switch to using Ubuntu Cloud instead of Ubuntu Server?
<KB1JWQ> mxpxpod: Thee's an option during the boot sequence to press a key to drop into RAID configuration.  From there the card presents one disk comprised of whatever RAID level you've set.
<havoc74> I could set up a virtual server for each service
<KB1JWQ> I'd do that and not worry unless you want software RAID for a particular reason, in which case I believe you've got to use the alternate installer.
<mxpxpod> KB1JWQ: ok. I had it come from the factory with RAID-10 set up, so that should just work (TM) out of the box?
<mxpxpod> how do I check if it's mirroring correctly?
<KB1JWQ> mxpxpod: I'd do the smart thing and VERIFY first. :-)
<KB1JWQ> In the RAID configuration pane.
<mxpxpod> KB1JWQ: heh, true
<KB1JWQ> Once you've gotten the server booted I believe there's a tool that Dell provides for the CLI to query that.
<compdoc> dont know much about the cloud, except theres a lot of hype about it
<KB1JWQ> YOu can use that to monitor RAID state.
<KB1JWQ> It does you no good to use RAID if you don't realize it when a drive craps out. :-)
<mxpxpod> KB1JWQ: exactly
<havoc74> compdoc: true, but I like to be as close to cutting edge as possible, and while there is a lot of hype on cloud servers, everyone seems to be interested in them
<compdoc> if you find a use for it, let me know
<havoc74> I think I'll stick to Ubuntu Server for now, I really don't have the experience to admin a cloud......   yet
<havoc74> maybe when I get the BladeCenter up and running, I'll set it up as a cloud server.
<Hypoglybetic> Hi.  I would like to setup a Proxy Server at home to connect to from work to get around their blocking of certain sites (my gmail).  I installed squid but it isn't working the way I intended.  Is squid the right program? If not, what program should I use?
<KB1JWQ> mxpxpod: I also point monitoring (nagios in my case) to watch it so I get paged if the array degrades.
<KB1JWQ> Hypoglybetic: Just for your use?
<mxpxpod> KB1JWQ: ok, so I just verified... it's set to RAID-10 in the H700 config util
<KB1JWQ> Squid is likely overhead, I'd use ssh tunnelling.
<KB1JWQ> mxpxpod: Yay!
<KB1JWQ> mxpxpod: I work with a few thousand servers at $DAYJOB, I REALLY don't want to spend my life logging into them all just to check disk state. :-)
<mxpxpod> KB1JWQ: agreed ;)
<mxpxpod> now, to find the dell monitoring software
<mxpxpod> so, with hardware RAID, it'll just look like one disk to the OS, right?
<Hypoglybetic> KB1JWQ, Well, yes
<Hypoglybetic> KB1JWQ, Maybe a friend or 2 for the purpose of accessing gmail.
<KB1JWQ> mxpxpod: http://tnt.aufbix.org/linux/perc and yes.
<KB1JWQ> Hypoglybetic: http://www.revsys.com/writings/quicktips/ssh-tunnel.html
<KB1JWQ> Hypoglybetic: Although rather than the long complex forwarding string I just throw DynamicForward 8080 under a Host Myserver stanza in ~/.ssh/config and then use localhost:8080 as my SOCKS5 proxy in my browser.
<havoc74> compdoc: thanks again for all your advice, i've gotta get going, need to get some things done while this finishes syncing. Take care :)
<Hypoglybetic> KB1JWQ, I am not sure if thats what I want.  I'm a beginner btw.  What I want is to use a web browser, go to my server and have it proxy to gmail.  At work I use windows machines I'm not allowed to install software on.
<KB1JWQ> Hypoglybetic: Ah, didn't realize. :-)
<sss> Can I run Java programs on Ubuntu Server? Is it suitable for running a Java-based multiplayer online game server?
<KB1JWQ> Hypoglybetic: https://help.ubuntu.com/7.04/server/C/squid.html
<KB1JWQ> Old doc, but still valid from what I can tell.
<Hypoglybetic> KB1JWQ, this is where I'm at http://173.65.117.170:8888/, and I don't understand how to use it or anything. :(
<mxpxpod> another question: should I make a swap partition or should I just use a swap file?
<KB1JWQ> Hypoglybetic: Looks like it mostly works. :-)
<KB1JWQ> Hypoglybetic: When I attempt to proxy through it I get Access Denied.
<KB1JWQ> If you go into your browser's network settings, you can set a proxy server.  That's the IP and that's the port you use.
<KB1JWQ> You may have to tweak squid to permit your IP range.
<Hypoglybetic> KB1JWQ, I'm getting "URL could not be retrieved" is that what you're getting?
<KB1JWQ> Or better yet use some form of authentication.
<KB1JWQ> Yes.
<KB1JWQ> The following error was encountered while trying to retrieve the URL: http://www.google.com/
<KB1JWQ> Access Denied.
<Hypoglybetic> Can I make this in to a web page or do I have to edit my browsers settings?
<Hypoglybetic> KB1JWQ, I have not specified an IP which I think means anyone can use it. . . .
<KB1JWQ> I think by default it doesn't turn into an open proxy.  Those are bad. :-)
<KB1JWQ> So everyone is by default denied.
<Hypoglybetic> KB1JWQ, You'd have to know I'm running a proxy, so I don't care? :D?
<KB1JWQ> Hypoglybetic: Oh yes, because those are hard to scan for. :-)
<KB1JWQ> Talk to #squid I suspect.
<Hypoglybetic> KB1JWQ, you people and your scanners
<Hypoglybetic> Alright, thanks for your help.
<mxpxpod> KB1JWQ: do I need a swap partition? or will a swap file do for a server?
<lirakis> where the devil does vmbuilder put the disk images of sytems it creates?
<lirakis> i looked all over in /var/lib/libvirt
<lirakis> didnt find anythin
<lirakis> and i already undefined the vm with virsh .. so the xml is gone
<syb> lirakis: Look in files in /etc/libvirt/storage/ where you might find clues to the path(s) libvirt could have created disk images in?
<lirakis> ls: cannot access /etc/libvirt/storage/: No such file or directory
<lirakis> :\
<lirakis> knew i shouldnt have just built the vm manually
<lirakis> *should
<syb> I have /etc/libvirt/storage/default.xml that defintes a storage pool called 'default' and the usual path: /var/lib/libvirt/images
<lirakis> syb,  yeah i checked /var/lib/libvirt/images and its empty now .... i dont know if my virsh undefine removed the image ...
<lirakis> that would be wierd
<lirakis> at this point .. its not a "big deal" .. it would just be an image sitting around on my system wasting a little space
<syb> lirakis: Then 'find' or 'locate' commands might be worth trying, if you remember the name of the disk image files.
<lirakis> well i know the hosts name ... dont konw if vmbuilder used some random name
<syb> lirakis: To check if you've got more than just the default storage pool run "virsh pool-list --all"
<lirakis> syb, nothing there
<lirakis> thanks for the help btw
<lirakis> running a find now
<lirakis> oh wtf
<syb> lirakis: no storage pool's definied at all might prevent you from using libvirt in the usual documented way.
<lirakis> it put it in my home directory
<lirakis> lol
<syb> lirakis: Well then, just as thesheff17 said a couple of hours ago "... vmbuilder has moved to building the virtual machine in the current directory.  This blew my mind after using it so long to find out this was the default case."
<lirakis> yeah i didnt see that comment
<lirakis> but .. yes .. that is crazy
<lirakis> /var/lib/libvirt/images .... standard location :\
<lirakis> any way
<lirakis> thanks for the help
<syb> lirakis: np. Go forth and virtualise! :-)
<lirakis> ... i got to do some reading on libvirt etc. and kvm and build these hosts my self
<syb> lirakis: I've been updating https://help.ubuntu.com/community/KVM/Networking to read like something written for Lucid instead of Jaunty.
<syb> Is ne2k_pci still the default network card in kvm (for Lucid)?
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<thesheff17> syb & lirakis: I have a hacked together python script to build virtual machines.  If you guys want to see it.
<lirakis> thesheff17, sure .. pastebin it and post the link
<thesheff17> sure
<thesheff17> The nice thing about it is you can build virtual machines in a loop...I schedule cron every night so I have a good 10 virtual machines to test with every morning.
<thesheff17> I'm not sure though there was a bug in the generation of the creating the .xml file...I'm not sure if that has been fixed.
<sss> Can I run Java programs on Ubuntu Server?
<thesheff17> http://pastebin.com/ lol
<thesheff17> sss: of course
<sss> Is Ubuntu Server suitable for running a Java Multiplayer online game server?
<thesheff17> sss: sure prob better then windows.
<sss> ok
<sss> thanks
<thesheff17> lirakis: I'm not the best programmer but this is what I have been using: http://paste.ubuntu.com/569269/ here is Vmbuiler.py it also requires Linux.py that I also wrote that just does basic stuff for linux: http://paste.ubuntu.com/569270/ You also want to have vmbuilder.partition in your current directory to specify hard drive sizes....you also want ot create boot.sh...boot.sh will automatically run once
<thesheff17>  the server comes up.  I inject my public ssh key into the /root.ssh/authorized_keys file so I an automatically log in.
<thesheff17> I also know it lacks doc strings which it is on my list to fix....I should just commit all this stuff to github.
<thesheff17> lirakis & syb: yes that bug still exists with creating virtual machines that are not raw devices....before you start your virtual machines modify the xml file in /etc/libvirt/qemu/ from <driver name='qemu' type='raw'/> to <driver name='qemu' type='qcow2'/>
<syb> Is it just me or is http://help.ubuntu.com/ offline?
<thesheff17> yup it is down :-/
<syb> ...just when I wanted to save my changes to https://help.ubuntu.com/community/KVM/Networking
<thesheff17> syb: looks like it is back up
<syb> OK. Done. I've hopefully updated the text in the KVM/Networking page to be more readable when using Lucid
<schelcj> is ureadahead required for ubuntu? ie; it's causing me series problems on a server install that i don't care about the boot time of so i want to remove it
<mxpxpod> KB1JWQ: thank you for your help earlier
<sss> Why 64-bit is recommended? I think my computer is 32-bit, does it matter?
<thesheff17> sss: it doesn't matter
<sss> ok. so 64-bit it is
<thesheff17> sss: 64 bit is better for supporting RAM greater than 4GB.
<EvilPhoenix> actually it does matter though.
<EvilPhoenix> if your computer can't handle the 64bit system
<EvilPhoenix> then it wont work correctly
<EvilPhoenix> i.e. your processor needs to eb able to handle the 64bit architecture
<sss> I have 1GB RAM and, I think, 32bit computer
<EvilPhoenix> if you are unsure as to whether your processor is 64-bit or not, you can use 32bit
<sss> I guess I should install the 32bit
<EvilPhoenix> all systems are at least 32bit
<thesheff17> EvilPhoenix: true. try 64 bit...if it doesn't work you have to use 32 bit.
<EvilPhoenix> ^ that
<uvirtbot> EvilPhoenix: Error: "that" is not a valid command.
<sss> I'll use 32 bit
<EvilPhoenix> go away bot >.>
<EvilPhoenix> thesheff17:  typically, as a rule of thumb in the tech world, when in doubt, 32-bit
<thesheff17> EvilPhoenix: ah ok...almost everything in the last couple years is 64 bit....I would hate to see a machine that has 64 bit but only using 32 bit software...just my 2 cents.
<thesheff17> EvilPhoenix: especially since sss is running java stuff.
<EvilPhoenix> thesheff17:  that i agree with
<EvilPhoenix> thesheff17:  oh god java stuff
<sss> I want to dual boot Ubuntu Desktop and Ubuntu Server, does it matter what to install first?
<thesheff17> lol
<EvilPhoenix> wait what?
<EvilPhoenix> sss:  you can install ubuntu desktop and put server software on it :/
<thesheff17> why would you want both?
<EvilPhoenix> sss:  you dont need both desktop and server
<sss> I just want to expirement with Ubuntu Server, maybe I'll use it in the future.
<EvilPhoenix> sss:  you can experiment with the packages on a Desktop install  too
<thesheff17> sss: you could install the server install and then just do apt-get install ubuntu-desktop and you will get the GUI stuff.
<EvilPhoenix> indeed
<sss> I want to be able to run Ubuntu Server without GUI
<thesheff17> sss: by default ubuntu-server doesn't have a GUI.
<sss> ok, I just want to know how to dual boot. I'll first install Ubuntu Desktop
<sss> Does Ubuntu Server edition allows me to specify on which partition to install?
<thesheff17> yea
<sss> btw, What will happen if I deleted all partitions on the computer and rebooted?
<sss> I am going to disconnect for a sec... brb
<sss> ...back agin
<RoyK> hm... new 65TB box coming up....
<sss> Is the difference between Desktop and Server edition is only the presence of GUI and default installed applications?
<jmarsden> sss: And the kernel is configured with different options, I am fairly sure.
<sss> ok, I was just curios
<jmarsden> sss: https://help.ubuntu.com/community/ServerFaq#What%27s%20the%20difference%20between%20desktop%20and%20server?
<sss> thanks
<azizLIGHTS> how do i login to ssh without password
<azizLIGHTS> what is hte way to do the keys
<jmarsden> azizLIGHTS: See https://help.ubuntu.com/community/SSH/OpenSSH/Keys
<azizLIGHTS> thx
<mxpxpod> I have a server I initially set up on 192.168.0.3 and now if I change its IP address to .2 it can't access anything outside of the local network... does anyone know what's going on?
<jkg> how did you change the address, just editing /etc/network/interfaces?
<mxpxpod> jkg: yeah, and then ifdown eth1 followed by ifup eth1
<jkg> can you put the contents of that file on paste.ubuntu.com?
<mxpxpod> jkg: http://paste.ubuntu.com/569375/
<schelcj> mxpxpod: likely missing the default route
<jkg> hrm, ok, and the gateway/netmask are as they were when it worked I take it?
<mxpxpod> jkg: yes
<schelcj> gateway line in the eth1 stanza
<mxpxpod> schelcj: it's there... check the paste
<schelcj> mxpxpod: just saw it
<mxpxpod> jkg: the only difference is that the address is 192.168.0.3 when it works and 192.168.0.2 when it's not working
<schelcj> mxpxpod: what does route -n say
 * mxpxpod checks
 * jkg makes mental note of "-n" option to route :)
<mxpxpod> schelcj: it looks the same for both IP's
<schelcj> mxpxpod: paste it
<mxpxpod> http://paste.ubuntu.com/569380/
<schelcj> jkg: -n works the same on most net related utils
<schelcj> mxpxpod: looks right, is there a NAT/IPMASQ box at 192.168.0.1?
<schelcj> or what is on eth0
<mxpxpod> eth0 isi going to replace the current router in the future
<schelcj> well this route table looks right and would do exactly what you are describing
<jkg> oh... there isn't something else on your network using .0.2 is there?
<mxpxpod> jkg: there was, but I took that interface down
<mxpxpod> s/interface/box/
<jkg> I wonder if something somewhere still has a bad arp entry, so associates that MAC with that IP
<schelcj> can you ping 192.169.0.1?
<mxpxpod> schelcj: yeah, I can ping .1
<schelcj> is there anything else on the network?
<mxpxpod> I don't believe so
<schelcj> so you have a router at .1 then?
<mxpxpod> yes
<schelcj> and you can't ping beyond that rotuer?
<mxpxpod> right
<schelcj> by hostname or ip?
<mxpxpod> ip
<schelcj> you can ping by ip?
<schelcj> but not hostname?
<schelcj> bet /etc/resolv.conf is empty
<mxpxpod> sorry, I can't ping anything at all (by ip or hostname) beyond the router
<schelcj> ah
<mxpxpod> the resolve.conf has entries
<mxpxpod> sorry, resov.conf
<mxpxpod> gah
<mxpxpod> resolv.conf
<mxpxpod> of course, those entries are beyond the router
<schelcj> hm, since you can ping the router i don 't think it's arp
<schelcj> but what does arp -an say
<jkg> yeah, I'd have said try rebooting the router, but it can't be if the router can respond to pings successfully, I'd say
<schelcj> but the router could have bad arp cache
<mxpxpod> there are 4 entries
<schelcj> jkg: yeah
<mxpxpod> I'm not going to type them out
<jkg> can't you c&p them into the pastebin?
<mxpxpod> hmmm, when I switch the IP over to .3, I only get one arp entry
<mxpxpod> jkg: when I switch over to .2, I can't ssh into the box
<mxpxpod> but arp -an gave 4 entries when it's at .2
<jkg> oh, you can't ssh in from locally either? (or, am I making a bad assumption that you're on the same network as the problem box)
<mxpxpod> jkg: this laptop is on the wireless on the same network
<jkg> right, and you can't get in from that when it's .2 either?
<schelcj> so router did work when laptop was at .3?
<jkg> (quick sanity check: what's the IP of the laptop?)
<mxpxpod> ok, I have server at .3, the laptop is at .51
<mxpxpod> router at .1
<mxpxpod> there was a server at .2, but I've disconnected that
<mxpxpod> I can't ping beyond the router from the server when the server is on .2
<mxpxpod> I also can't ssh from the router into the server at .2
<jkg> can you ping between laptop and server when the server is .2?
<mxpxpod> sorry, from the laptop into the server
<mxpxpod> jkg: yes
<jkg> both ways? (not that it should matter, but I'm pretty baffled here)
<mxpxpod> yes, both ways
<mxpxpod> I'm severely baffled ;)
<schelcj> has .2 been rebooted with the new interfaces file?
<jkg> my honest best recommendation, to my great shame, is to leave the server as .3 :P
<mxpxpod> schelcj: IIRC, yes, but I can do it again
<mxpxpod> jkg: that's how I'm feeling right now
<mxpxpod> schelcj: rebooting
<schelcj> .2 can ping 192.168.0.0/24 without problem
<schelcj> but not beyond that subnet?
<mxpxpod> schelcj: yes
<azizLIGHTS> i did "ssh-keygen -t rsa" but itasks me "Enter passphrase (empty for no passphrase):" . i thought keys are for password less logins?> why i have to enter a password? will this be asked of me every time i login using keys? i dont want password ,s it safe to not have pssword here?
<jkg> azizLIGHTS: well, if someone gets a copy of the key, they're compromised any accounts it's an authorised key for; that said, I use passwordless keys for automated backups all the time
<jkg> I wouldn't keep a passwordless key on my netbook that I'm entirely likely to get drunk and lose in a bar, but I'm OK with it on my desktop in the office with an encrypted /home
<azizLIGHTS> if they got my key they can see where im authorized to login with that key?
<jkg> no
<azizLIGHTS> they just know they can login somewhere with this
<jkg> but they can get that from, say, your shell history
<mxpxpod> schelcj and jkg: I'll just keep the server at .3... this is just ridiculous
<azizLIGHTS> ok this is for client, correct, ur speaking about/
<azizLIGHTS> ?
<jkg> mxpxpod: have you tried rebooting the router?
<mxpxpod> I thought I had... let me try it again
<jkg> azizLIGHTS: right, this is for the machine where you run ssh-keygen, where the private key lives
<mxpxpod> I'll lost my connection, so I'll see you on the flip side
<azizLIGHTS> if someone got the key of the client and saw the shell history and found the server, they can do login now on the server without password. (am understanding correct?)
<schelcj> mxpxpod: sorry, odd little problem
<jkg> mxpxpod: what, people don't IRC from permanently connected shell accounts?!
<schelcj> jkg: oh yeah, there are the gui clients, at least so i am told
<jkg> right but that's why we have irssi-proxy, surely ;)
<schelcj> jkg: wonder, would that handle bitlbee as well?
<azizLIGHTS> so what can u do, on the client? nothing?
<jkg> schelcj: don't see why not; I've not used bitlbee much (I didn't get on with it, and don't use IM much) but doesn't it just present itself as a regular channel?
<schelcj> it presents as another server
<jkg> azizLIGHTS: yeah that's basically the tradeoff. if you don't secure the key with a passphrase, you need to secure it in other ways or accept the fact someone who gets hold of it has compromised other accounts as well (which may be an acceptable trade-off...)
<azizLIGHTS> when this happens, and u have access to the server that you connect to from client, what can u do on server to prevent access
<jkg> remove the key's authorisation (in ~/.ssh/authorized_keys) when your laptop gets stolen :-)
<echosystm> hey super cool dudes!
<echosystm> is ubuntu server secure out of the box, or are there some simple hardening tasks i should ideally do?
 * schelcj bbl - dinner
<azizLIGHTS> echosystm: pchg passwd for ubuntu user and suduo su and passwd for root?
<echosystm> what?
<jkg> !noroot | echosystm azizLIGHTS
<ubottu> echosystm azizLIGHTS: We do not support setting a root password. Please don't offer instructions on how to set a root password or ask for help with setting it. See !root and !wfm for more information.
<azizLIGHTS> ok sorry
<jkg> the root account is much safer with no valid password :)
<azizLIGHTS> jkg: the .ssh/authorized_keys has new "clients" (?) on each line?
<jkg> each line is the public part of a key pair, corresponding to a private key on the client.
<azizLIGHTS> jkg: any site that explain public key and private key awith respect to server and client and their .ssh/ dirs and files
<azizLIGHTS> in simple ways
<jkg> yeah I was just wondering that myself :) http://en.wikipedia.org/wiki/Ssh-keygen#Files_Used_by_SSH-Keygen_utility is a start.
<jkg> you probably only care about the last 2, of the 6 files described.
<azizLIGHTS> thanks
<jkg> (WP also has a half decent article about public-key cryptography, if the whole public/private thing is confusing)
<azizLIGHTS> WP?
<azizLIGHTS> can you link me to it plz
<jkg> http://en.wikipedia.org/wiki/Public-key_cryptography
<azizLIGHTS> ty
<jkg> right, I'm on call in 6 hours time, best grab some sleep. night folks!
<azizLIGHTS> bye kjg
<azizLIGHTS> jkg
#ubuntu-server 2011-02-20
<azizLIGHTS> do i need fail2ban and/or denyhosts if i disable password logins on sshd
<azizLIGHTS> how come i put client's public key on server? why dont i obtain public key of server into client? what is difference
<pmarchwiak> hi, I'm trying to perform a kernel bisection following the guide at https://wiki.ubuntu.com/Kernel/KernelBisection but I'm not seeing the debian-master dir after starting and thus can't set a test version #
<uvirtbot> New bug: #722007 in php5 (main) "php5-fpm is missing in natty" [Undecided,New] https://launchpad.net/bugs/722007
<jonrs> Hi... anyone here?
<jmarsden> jonrs: Just ask your real question and see who answers :)
<jonrs> thanks.
<lost4400> hu?
<jonrs> i'm trying to launch an ami image but not getting ssh... trying to find out if it's a problem with amazon or if the ubuntu image doesn't have ssh enabled... the image i'm using is ami-880c5ccd
<lost4400> ouch,, kante respondre
<sss> How do I know if I am connected to the internet?
<sss> I need help connecting to the Internet through a WEP connection
<sss> anyone here?
<ikonia> sss: what's up
<sss> Trying to connect to the Internet
<ikonia> ok ?
<sss> Trying to connect wireless to the Internet through WEP using DHCP, afaik
<ikonia> on ubuntu server or desktop ?
<sss> I can connect with Ubuntu Desktop but I don't know how with Ubuntu Server
<ikonia> I don't think ubuntu server has the wirless tools installed by default, and in honesty I don't know if all of them are available on ubuntu server (wirless network card modules I mean)
<ikonia> sss: how far along are you ?
<AtomicSpark> Can we please give a warning not to use tasksel on Ubuntu Server? I removed email and print server options and it pretty much just uninstalled half my server packages. Things that weren't even related. Irssi, ufw, etc.
<ikonia> AtomicSpark: I've never seen that, I'd log a bug for that quite urgently
<sss> I am trying to find a command that accept the hex digits code for the wireless network
<AtomicSpark> I was seeing the packages preparing to be remove and I was C-cing like crazy. :\
<ikonia> you just said that in #ubuntu-offtopic
<AtomicSpark> Yes.
<ikonia> so I'd log a bug for it
<sss> AtomicSpark, https://help.ubuntu.com/community/Tasksel says "WARNING: Use tasksel only to install tasks, never to remove any! According to https://launchpad.net/bugs/574287 it will remove each package in the list of that task (and possibly render your system unusable)."
<uvirtbot> Launchpad bug 574287 in tasksel "tasksel: forcefully removes packages when tasks overlap" [Undecided,Confirmed]
<AtomicSpark> sss: Thank you
<ikonia> looks like a valid bug, add your stuff to it if you think it helps
<sss> I don't have iwconfig command in Ubuntu Server, so I do think it doesn't support wireless connections by default
<ikonia> sss: you'll need the wireless-tools package for that
<sss> How do I get the package without Internet connection? Can I install them with a USB flash disk?
<ikonia> why are you doing this with ubuntu server if it works on ubuntu desktop out of the box ?
<ikonia> would it not be easier to use the desktop version that supports wirless out of the box /
<sss> I installed Ubuntu Server only for experimenting with it
<ikonia> ok, so it's the same OS as the desktop but with a few packages modified for enterprise server use, and a few packages removed
<ikonia> is there something specific in the server version you want/need/want to try
<sss> LAMP, Java, mail(?)
<ikonia> sss: that's all available on ubuntu desktop
<ikonia> you don't neve the ubuntu server install for that
<AtomicSpark> ikonia: Since it happens with all tasks, not sure adding which options I selected would help and I didn't have a "currently installed" package list handy. Oh well, been meaning to start fresh anyways. :\
<sss> Any way I can add packages without Internet connection?
<ikonia> sss: yes, but why ? it's easier to use the desktop version as it's geared up for desktop hardware use out of the box
<AtomicSpark> You'd have to have the alt cd or dvd handy and it's only packages from main.
<ikonia> sss: why make it hard on yourself as the chances are you're going to need more packages such as wifi card kernel modules,
<ikonia> the desktop and server install can do the same physical tasks, so why not just use the version that will work best for your hardware and needs
<sss> Does the Ubuntu Server Disk include the tasks packages or does it install them from the Internet?
<ikonia> sss: you need to install them from the internet
<sss> How do I install LAMP in Ubuntu Desktop (finally convinced me... lol)
<AtomicSpark> Hmm. I'm curious if you could apt-cd the server cd now.
<ikonia> sss: you install ubuntu desktop, then either use tasksel or install php/mysql/apache
<ikonia> AtomicSpark: I'm not %100 I believe you can
<ikonia> AtomicSpark: it should work the same as the desktop for the "main" packages
<AtomicSpark> Yeah I was thinking it should be the same as the Alt CD.
<sss> ikonia: I am now installing tasksel on Ubuntu Desktop
<ikonia> ok, well guess we are done here
<AtomicSpark> Tasksel sure does have a lot of packages listed for lamp.
<sss> "tasksel install lamp"?
<AtomicSpark> lamp-server
<sss> sudo tasksel install lamp-server
<sss> ok, It is now installing.
<sss> Where will it be installed?
<AtomicSpark> sss: You won't have a GUI tool for it.
<AtomicSpark> You put web stuffs in /var/www/
<AtomicSpark> You access the database either by using a GUI utility or phpmyadmin
<AtomicSpark> or command line if you're brave! :P
<ikonia> or simply the "mysql" command
<AtomicSpark> Yes.
<sss> How do I host PHP website? simply put files in /ver/www/ ?
<AtomicSpark> Mostly, yes.
<ikonia> sss: have you read https://help.ubuntu.com
<AtomicSpark> (the server guide is awesome)
<ikonia> sss: it's a good guide to the basics of ubuntu and how it works
<sss> ok. thanks
<sss> I installed LAMP. It shows HTML files correctly, but do not process PHP files
<ikonia> sss: have you read the document you where given
<ikonia> sss: you may want to take this to #ubuntu now that you are using the desktop version
<sss> ok
<Ztripez> is there anyway to change a devies uuid? i have 6 drives.. each crypted with luks and the mapped crypted devices are lvm:ed to one huge crypted parttion.. howver.. one of my sata cabels broke (for some strange reason) so i changed it.. all of sudden 2 of my crypted devices have the same uuid and the lvm halts (missing 1 disk). i know what the uuid  the luksdevice should have.. is there any way i can set the uuid to the correct one?
<Ztripez> aparently it's the PV:s i need to change not the luks
<Ztripez> ok.. so if i do a pvchange -u  /dev/mapper/sda1_crypted (witch is the one need to be changed) withc will create a new uuid for that drive.. will that break my lvm?
<Ztripez> well that didn't help at all lol
<hallooo> hallo kann mir jemand zum thema rechte weiter helfen ?
<hallooo> rechte vergabe!
<au> English
<hallooo> just english?
<hallooo> in this channel ?
<RoyK> yes
<RoyK> I guess there's an #ubuntu-de channel or something
<m_tadeu> hi....I want to know about vulnerabilities on my server...can someone advise me on an good audit tool?
<au> m_tadeu: chkrootkit, rklhunter
<m_tadeu> au, is there an automated one? I'm not very good at security issues
<remix_tj> m_tadeu: if you are not good at security issues every tool is useless
<remix_tj> you need at least to know what you're looking for
<uvirtbot> New bug: #722133 in ntp (main) "ntpdate script doesn't load configuration file" [Undecided,New] https://launchpad.net/bugs/722133
<RoyK>  
<syb> Grub or Grub2 as bootloader inside virtual machines running Lucid or Maverick?
<RoyK> afaik grub2 is the supported one
<RoyK> works for me
<syb> RoyK: I've just now (in a Maverick LiveCD) run a fresh incarnation of 'vmbuilder' command and it installed grub instead of grub2
<RoyK> it doesn't matter, really
<syb> Result: GRUB Loading stage2..
<RoyK> so long as the system comes up, either version will work
<syb> [stuck]
<RoyK> what virtualisation software?
<RoyK> kvm?
<syb> yep kvm. After seeing this error, I had shutdown the VM and mounted it's qcow2 disk images to chroot and  check/reinstall grub.
<syb> I'll try boot the VM from a LiveCD and replace grub with grub2 from within that instead of chroot'ing
<RoyK> syb: I'm using kvm quite a lot, servers installed with virt-manager
<RoyK> host is 10.04.2 LTS, guests varies
<wycks> anyone know how to add gpg keys to  for upgrading php from dotdeb.org, getting gpg error unverified signature
<Error404NotFound> how can i change the hostname that goes into logs? do i need to change hostname of the system? I just tried "hostname demo", after i rebooted i couldn't see the effects, i am using Lucid Lynx
<RoyK> Error404NotFound: /etc/hostname
<RoyK> Error404NotFound: change /etc/hosts and /etc/mailname as well
<Error404NotFound> RoyK: thanks, btw, whats the purpose of hostname command if its not meant for that?
<RoyK> Error404NotFound: the startup scripts uses the hostname command
<RoyK> Error404NotFound: it's the same with ifconfig and a lot of other commands - it sets values, but the config files chooses what to be used on boot
<jeeves_moss> how do I use mv to move files >1K?
<syb> RoyK: This bugreport someone else filed describes my problem exactly - https://bugs.launchpad.net/vmbuilder/+bug/612495
<uvirtbot> Launchpad bug 612495 in vmbuilder "Generated VM wont boot in 0.12.3-0ubuntu1" [Undecided,Invalid]
<iceflatline> jeeves_moss: I should think you could use the find command along with something like xargs
<jeeves_moss> ahh, ok, thanks
<jeeves_moss> iceflatline, when using a variable, you first use $<var name> = var, then in your scrip, you just use $<var name> wherever you want the var to go?
<hilarie> Hello, I am trying to try out ubuntu server edition, and I am quite new at this stuff, I followed the directions on http://www.webxpert.ro/andrei/2010/09/07/install-webmin-on-ubuntu-server-or-desktop-10-10-maverick-meerka/ to install webmin, and when I try to connect to my Virtual box, either by the hostename outputted from from the install https//:friendlyhostname:1000 or https://<ifconfigIP>:1000, it simply times out
<iceflatline> jeeves_moss: it's <varname> = <var>, then you call it in the script use $varname
<iceflatline> example: USER=iceflatline, then $USER in the script.
<weboide> Is there anybody available to take a quick look at bug 72207? we need to re-enable the PHP-FPM build.
<uvirtbot> Launchpad bug 72207 in compiz "window decorator crashes" [Undecided,Invalid] https://launchpad.net/bugs/72207
<weboide> I meant bug 722007
<uvirtbot> Launchpad bug 722007 in php5 "php5-fpm is missing in natty" [Undecided,New] https://launchpad.net/bugs/722007
<zerty> hello what is the default ftp server in ubuntu ?
<zerty> hello anyone there ?
<zerty> hello what is the default ftp server in ubuntu ?
<highvoltage> lots of people
<highvoltage> asking it more times won't make anyone want to answer more
<highvoltage> there's no ftp server installed by default
<highvoltage> the ubuntu server guide suggests vsftpd though: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/ftp-server.html
<highvoltage> oops, newer version here: https://help.ubuntu.com/10.04/serverguide/C/ftp-server.html
<zerty> weel i got this error during the installation of vstpd
<zerty>  postgresql-8.4
<zerty>  postgresql
<zerty> E: Sub-process /usr/bin/dpkg returned an error code (1)
<zerty> what i have to do ?
<highvoltage> there should be some more messages a bit higher that lead to the exit code
<zerty> just a sec
<zerty> http://paste.ubuntu.com/569771/
<zerty> lol
<zerty> lo
<weboide> zerty: first try this to see if any pending issues with apt need to be solved: sudo apt-get install
<highvoltage> zerty: it tries to install postgresql, and fails, there should be a log somewhere in /var/log with a postgresql log that might explain why it doesn't start
<weboide> highvoltage: dpkg says it's not configured yet in french
<highvoltage> zerty: if you're doing it in a chroot environment you'll probably have to mount proc first. if it's on some kind of test machine or VM make sure that networking is up
<highvoltage> zerty: indeed, that's because it tries to start postgresql as part of the configuration of it
<zerty> give me the right way
<weboide> highvoltage: I see I misread
<zerty> what i have to do exactly ?
<zerty> need one answer
<highvoltage> "check the logs and see why postgresql don't start" <- if you only want one answer
<zerty> ok
<zerty> is it on apache log  ?
<weboide> zerty: try looking in, there should be a couple of *.log files /var/log/postgresql/
<weboide> zerty: try looking in /var/log/postgresql/ sorry
<zerty> this is what i got : 2011-02-20 21:15:55 CET FATAL:  n'a pas pu acc?der au fichier de la cl? priv?e << server.key >> : Permission non accord?e
<zerty> what i have to do exactly ?
<zerty> 2011-02-20 9:15:55 p.m. CET FATAL: could not access? der file to Cl? priv? e "server.key>>: Permission not agree? e
<zerty> i mean where is that key ?
<zerty> the problem is since i start to upgrade my sys
<zerty> is that really necessary to upgrade system every time ?
<weboide> zerty: essaye de faire sudo dpkg-reconfigure postgresql
<zerty> ]# dpkg-reconfigure postgresql
<zerty> /usr/sbin/dpkg-reconfigure: postgresql est cassÃ© ou partiellement installÃ©
<txwikinger> Can anybody gove me a heads-up on howto configure kvm with ipv6 on ubuntu server?
<weboide> zerty: essaye: sudo apt-get install
<zerty> configuring kvm what is it means ? txwikinger
<txwikinger> zerty: I have ubuntu server running as a host to run VMs
<zerty> got the same result as like that : http://paste.ubuntu.com/569771/
<txwikinger> I got ipv6 from the datacentre and what to use the VMs with ipv6 as well
<zerty> oh you using kvm for your virtual machine ?
<txwikinger> zerty:  yes
<zerty> why you don't you vbox for the same task ?
<zerty> is it easy to manage  ?
<zerty> is it easy to manage
<txwikinger> well. I use virt-manager
<txwikinger> So yes it is easy to manage
<weboide> zerty: t'as bien taper juste 'sudo apt-get install' ?
<zerty> oui j'obtiens le meme rÃ©sultat que mon pastebin weboide
<zerty> Ã  la fin
<zerty>  postgresql-8.4
<zerty>  postgresql
<zerty> E: Sub-process /usr/bin/dpkg returned an error code (1)
<zerty> so see on the option txwikinger
 * Datz wonders if there is an ubuntu-server-fr
<Datz> !fr
<ubottu> Ce canal est en anglais uniquement. Si vous avez besoin d'aide ou voulez discuter en francais, merci de rejoindre #ubuntu-fr, ou #ubuntu-qc. Merci.
<Datz> guess not
<zerty> why you pack back to home ? ;) Datz
<weboide> sorry Datz it was actually easier in fr :)
<Datz> pack back home?
<zerty> me
<Datz> I am home :P
<zerty> i m talking about ubuntu-fr
<txwikinger> zerty: virt-manager does only do ipv4
<zerty> channel
<zerty> plz join #kvm txwikinger
<txwikinger> thanks zerty
<weboide> zerty: try  'sudo adduser postgres ssl-cert' and then try installing the package you wanted
<zerty> ok let me check
<weboide> zerty: I found this command from bug 382584
<uvirtbot> Launchpad bug 382584 in postgresql-8.3 "The PostgreSQL server failed to start: postgres not in ssl-cert group" [Undecided,Expired] https://launchpad.net/bugs/382584
<weboide> zerty: did that help?
<zerty> just checking
<mrothhh> anytool to move email from one imap server to another anyone got any sugeesstion
<greppy> mrothhh: imapfilter I think can do that.
<greppy> or if they are both Maildir, you can just copy over the directory structure, checking usernames and paths.
<Amgine_> question: is there a server configuration which might alter using /tmp? Trying to figure out why a user's site, hosted on ubuntu, would not have access to /tmp via php.
<jmarsden> Amgine_: check permissions of /tmp and also check any changes made to php.ini that could restrict where PHP is able to work.
<Amgine_> <hmms> Not sure the user has shell, looking jmarsden.
<jmarsden> The user?  Usually PHP web pages will execute as www-data under apache2, not as "user", unless you do extra work to configure things.  Does this issue apply to all web sites on your server, or only one?
<Ztripez> is ther any lvm2 ninjas here?
<Amgine_> Jmarsden: not my server, someone else's. The issue seems to have been a permissions issue, though I have no clue how the user (not root) was able to chmod 777 /tmp
<Amgine_> Must be a very strange host.
<qman__> Amgine_, one of my hosts let me accidentally chmod 000 some files with no way to undo
<Amgine_> If they are *your* files, yes, but not a system file?
<qman__> guess it depends on if the user is in its own VPS or similar, or just a user on a big multiuser setup
<Amgine_> Yah, I dunno... I'm not very knowledgeable, and am easily confused.
<CensoredBiscuit> Anyone here know anything about mpg123, I installed it then it claimed i didnt have pulseaudio so I installed that and It still wont work
<linuxtech> Anyone have an eta on the security updates for mailman on 10.04?
<boxybrown> is there a way to cancel a taskset install
<boxybrown> it brings up a curses progress bar, and doesn't recognize ctrl-c
<twb> boxybrown: in d-i, or after the initial installation has finished and you've rebooted and logged in?
#ubuntu-server 2012-02-13
<pangolin> kick me you fools
<pmatulis> ?
<fraterm> So... nmapping to generate a network map is what I'm getting ready to do.
<fraterm> using zenmap.
<fraterm> Good tool for the job?  Anything simpler / better that any experienced admins recommend?
<stlsaint> fraterm: nmap is great
<_johnny> hi. i've ruined my apt sources, and i'm using an old (karmic) ubuntu. can anyone help me get back on track (which currently just means getting build-essentials installed)?
<twb> Isn't karmic EOLd?
<_johnny> yes
<twb> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<twb> EOLd releases move to a different URL
<stgraber> hallyn: reported bug 931220 I just noticed when testing my new LXC host. Not sure if that's lxc or upstart's fault though.
<twb> old-releases.ubuntu.com or something
<uvirtbot> Launchpad bug 931220 in lxc "lxc.conf upstart job fails to spawn containers at boot time" [High,New] https://launchpad.net/bugs/931220
<twb> The wiki should tell you all about it
<_johnny> twb: perfect! thanks
<uvirtbot> New bug: #931220 in lxc (universe) "lxc.conf upstart job fails to spawn containers at boot time" [High,New] https://launchpad.net/bugs/931220
<_johnny> rats.. the last attempt to upgrade resulted in all essentials (crontab, (x)inetd etc) to be removed, and no way to restore lol. guess i have to do it the hard way :)
<twb> Learn to use aptitude to resolve conflicts
<uvirtbot> New bug: #931229 in lxc (universe) "lxc containers do not retain configured ip on container reboot" [Undecided,New] https://launchpad.net/bugs/931229
<_johnny> twb: conflicts is an understatement :)
<kklimonda> _johnny: wow, what kind of deamons are you keeping in your sources.list that they break upgrade that much? :)
<_johnny> kklimonda: hehe, not sure. needed to do a few low level installs because too many dependencies were broken, but got it working now :)
<uvirtbot> New bug: #931236 in keystone (universe) "keystone install is unnecessarily interactive" [Undecided,New] https://launchpad.net/bugs/931236
<webroasters> hi guys. quick htaccess question. I have the following code in a main folder: http://pastebin.com/vAUtyYVr   I want to reverse this inside of another sub folder. I mean, i don't want to guard against any of this inside  a sub folder. how do I do this>
<webroasters> ?
<qman___> webroasters, I don't know for sure, but I think you can just create another .htaccess inside that subfolder with the same filesmatch, but with 'allow from all'
<webroasters> yeah i just did that. it works. thanks man
<koolhead17> hi all
<tjaalton> kklimonda: which freeipa version are you building? the one on git should build
<twb> If you have root, everything that you would've put in an .htaccess file CAN and SHOULD go in /etc/apache2/, and htaccess should be disabled
<twb> Leaving htaccess enabled where non-root users can write to .htaccess is Bad Juju
<kklimonda> tjaalton: I build the one from git using packages from ubuntu-389-directory-server ppa on precise
<kklimonda> tjaalton: first it complains about libdirsrv-dev missing (it seems to be a part of 389-ds-base-dev now)
<twb> Why 389 instead of openldap?
<twb> Oh, it requires 389
<kklimonda> yeah
<kklimonda> tjaalton: I also had to patch some issues related to tighter gcc flags: http://paste.ubuntu.com/840047/
<tjaalton> kklimonda: oh right, I was running oneiric when building it the last time
<tjaalton> add a patch to git, I can send it upstream
<tjaalton> (did the same for 389)
<tjaalton> kklimonda: and I renamed libdirsrv* to 389-ds-base-{libs,dev}
<tjaalton> but didn't change it there, oops
 * twb has a knee-jerk reaction to starting package names with a number
<tjaalton> blame upstream :)
<twb> Anyway (C) libraries have a different package naming convention already
<twb> libfoo-N or so
<orated> Hello! I'm trying to configure /etc/samba/smb.conf file and I'm bit confused about users. Windows got a user xyz and Ubuntu got say abc. I have to useradd xyz and then smbpasswd xyz in linux to allow samba share access?
<qman___> you need smbpasswd -a to add the user to the smbpasswd database
<qman___> unless you implement ldap or something else
<qman___> then, provided the unix user has access to the directory and you haven't specified any restrictions on the samba share, that user will have access
<orated> How can I see the users added by smbpasswd?
<qman___> sorry, I don't know
<qman___> the default backend is tdbsam, that may help you google
<qman___> I do know the tdbsam files are binary, not plaintext
<orated> Secondly, you said unix user need to have access to the directory. Does it mean I have add new users in linux users as well as using smpasswd? I noticed that I had to useradd xyz and then also smbpasswd -a
<qman___> by default, yes
<orated> Well, that's
<qman___> there are ways to configure it to not behave that way but the default setup maps smb users to unix users
<orated> Is there an alternative to that?
<orated> ah-ok
<qman___> but that's getting pretty advanced
<orated> I find it annoying to add users in linux box so that it matches Windows login even if I won't be using it in linux
<qman___> easiest way, if you don't want them to have any other access, is to set their shell to /usr/sbin/nologin or /bin/false
<orated> -s /bin/true yes. Thanks that can be done
<orated> er
<orated>  /bin/false*
<orated> What are the alternative approaches to this?
<qman___> ldap or similar, or specifying which smb users have access in smb.conf
<qman___> I haven't actually done it myself so I don't know for sure what's needed
<qman___> you can add any users with smbpasswd -a even if they don't exist as unix users
<qman___> my best guess is they need world-permission if they don't exist as unix users
<orated> Yes, but it failed.. It gave this error - pdb_get_group_sid: Failed to find Unix account for xyz
<orated> Maybe I'm doing it wrong. Is there any other way to network Linux and Windows other than Samba?
<qman___> samba's the easiest, as it doesn't require installing software on windows
<qman___> but windows can install an nfs client
<qman___> server 2008 includes it as a feature, I think windows 7 does too but not sure
<orated> I'll try using inbuilt services for NFS in Windows  then
<orated> But that again may be limited to Windows releases Home, pro etc
<qman___> yeah, I don't know the details
<qman___> I think there are third party nfs clients but I'm not certain on that either
<orated> Alright, thanks for informing that nfs clients exists for Windows. I didn;t know that
<qman___> I know for a fact that 2008 includes an NFS client as an optional feature
<qman___> I think it's available on 7, but not sure
<twb> Windows' NFS implementation is probably crapper than Linux's CIFS implementation.
<twb> OTOH Linux has no working SMB2 client implementation yet AFAIK.
<kklimonda> tjaalton: hmm, pki-ca depends on pki-selinux but you've disabled building it
<tjaalton> haha
<tjaalton> touched that several weeks ago, can't recall what's going on there
<tjaalton> and regarding the lib naming. easily changed again if the policy requires it, though there were several examples of similar naming the last time i looked
<kklimonda> (and there is no pki-common-theme anymore, is it one of dogtag-pki-*-theme packages?)
<tjaalton> you're forcing me to look? :)
<kklimonda> :D
<kklimonda> ah, there are provides fields
<kklimonda> no need :)
<tjaalton> too many packages involved, so i've been tackling them in the dependency order, and pki & freeipa are the last ones
<tjaalton> yeah the ppa still has the faulty version, with versioned provides which isn't supported
<kklimonda> yeah, it's huge :)
<tjaalton> maybe I'll upload the packages in NEW to the ppa's too, so that it's easier to work on them
<tjaalton> oh right, the libs package just has the plugin lib, and -dev has headers for it, so the naming is right
<tjaalton> it's not in a public search path
<tjaalton> split only for 389-admin to build-dep on that, and not needing to install the whole ds
<tjaalton> kklimonda: i'll prepare 389-ds-base for the ppa. needs a dfsg tarball
<kklimonda> tjaalton: few beers, and dpkg --force-overwrite later, I've managed to install freeipa-server \o/
<kklimonda> ;)
<kklimonda> (libpki-silent-java and pki-silent both ship /usr/share/java/pki-silent-9.0.14.jar)
<tjaalton> wow
<tjaalton> I bet the setup script fails though
<tjaalton> it's a monster..
<kklimonda> yeah, and you've commented  acutil out :)
<tjaalton> haven't run it myself, but the client install needs hacks so same applies here
<kklimonda> :)
<tjaalton> i'd wish we had nss cert db already..
<kklimonda> now if only I haven't done it all on my desktop machine.. *whistles*
<kklimonda> I really should configure some more VMs for this stuff
<tjaalton> yeah they are really nice
<tjaalton> i have F16 on a vm, running freeipa. tested client against it last fall
<kklimonda> how much hacking did client installation script required for it to work?
<tjaalton> and an instance for an ubuntu server, but it's still WIP
<tjaalton> hmm hang on
<tjaalton> kklimonda: https://www.redhat.com/archives/freeipa-devel/2011-September/msg00408.html
<tjaalton> though most of it is now on the archive
<kklimonda> god, ipa-server-install is going to be such a pita :D
<kklimonda> it configures everything and assumes it's redhat ;)
<tjaalton> yeah the platform code isn't patched in yet
<tjaalton> for client you need at least 12) and 13)
<tjaalton> ok sbuild run of 389ds went fine, I'll upload it to the ppa now
<eyy1sup> Hello, I'm having trouble with crond service after upgrade 11.04 > 11.10, can someone please help me?
<linocisco> hi all
<linocisco> hi all. http://pastebin.ubuntu.com/840151/
<linocisco> hi all. http://pastebin.ubuntu.com/840151/http://pastebin.ubuntu.com/840151/
<linocisco> http://pastebin.ubuntu.com/840151/
<orated> Hello! How do I configure smb.conf to allow only hosts 192.168.1.100-192.168.1.110 ? I did man smb.conf but I'm not sure how to achieve this
<linocisco> http://pastebin.ubuntu.com/840151/
<kraut> linocisco: stop spamming!
<kraut> meh
<linocisco> kraut, no. i m not spamming
<kraut> sure!
<kraut> linocisco: http://lmgtfy.com/?q=W%3A+GPG+error%3A+http%3A%2F%2Fextras.ubuntu.com+marverick+Release%3A+The+following+signatures+could+not+be+verified+because+public+key+is+not+available%3A+NO_PUBKEY+16126D3A3E5C1192
<linocisco> kraut, it is real post
<jamespage> morning all
<linocisco> http://pastebin.ubuntu.com/840160/
<linocisco> http://pastebin.ubuntu.com/840160/. what do I do?
<kraut> linocisco: are you that stupid!?
<kraut> linocisco: did you read it in anyway?!
<linocisco> kraut, don't I have the right to post my problem?
<kraut> if you frist try to solve this problem on your own and if that's not possible you are welcome to ask here.
<linocisco> kraut, have you checked if those two posts are the same?
<kraut> the script writes down what you should do!
<kraut> Rather than invoking init scripts through /etc/init.d, use the service(8) untility, e.g, ____###service dovecot restart###___.
<kraut> did you READ that?
<linocisco> kraut, all  I have tried and only in the last time, I ask here. because I actually hate to get unwelcome response
<linocisco> kraut, . I can read english. I tried. not ok
<linocisco> kraut, it ended with " Reload: unknown instance:"
<linocisco> hi
<linocisco> i found '"telnet localhost imap2" is fine. but "telnet localhost pop3" got error. it is like toggle?
<Tixos> hi can someone please tell me a reason i may be getting access.logs like this  >   [12/Feb/2012:00:20:19 +0100] "-" 408 0 "-" "-"
<uksysadmin> Tixos, what is that machine doing? 408 is a timeout message.  You got some internal monitoring going on?  Maybe some load balancer?
<Tixos> not that i know of, the provider has some monitoring robot or something but dont know if that is the issue
<Tixos> should i turn off keepalive or soemthing? or adjust the timeout to test?
<Tixos> i didnt have the issues on centos
<Tixos> and i know configs are different across the OS's
<uksysadmin> no - its a login timeout - what modules do you have loaded? I am presuming this is apache, but never seen an entry without an IP before.
<Tixos> it has an IP, i didnt feel i should post it @?
<uksysadmin> oh - is it foreign to your network?
<Tixos> rewrite, ssl are about the only ones i have loaded
<Tixos> yes
<uksysadmin> I presume this is from a POST request to some form?
<Tixos> no its GET
<Tixos> happenening every 1-2 seconds
<Tixos> i just tailed with | grep 408
<Tixos> is there anyway to debug it further?
<uksysadmin> dig -x ip - do you recognise the address?
<Tixos> for the 408? or serverip ?
<Tixos> the access IP is just general traffic..
<Tixos> very strange thing is, i am moving from a centos server, i went to another ubuntu 10.04 server previosly, and looking at both sets of access.logs | grep 408, the CentOS has not a single 408 error... both ubuntus have many
<Tixos> so maybe a config issue?
<Tixos> the only different in my virtualhost file that i can see, is i am using Virtualhost *:80 on ubuntu, and Virtualhost domain.com:80 on centos
<Tixos> could this actually be causing it though? i mean in my Centos install, #NameVirtualHost *:80 is commented out, and in ubuntu by default in 'ports.conf' its uncommented?
<uvirtbot> New bug: #931342 in php5 (main) "XSLTProcessor::transformToXml(): runtime error" [Undecided,New] https://launchpad.net/bugs/931342
<Tixos> what about the apache module 'request timeout' ??
<Tixos> this doesnt seem to be enabled on my centos install
<Tixos> fixed....
<Tixos> whytf is that setup by default
<RoyK> damn - hpwdt doesn't seem to be in lucid :(
<uksysadmin> weird - what distro and version of apache?
<Tixos> ubuntu man thats why i am here :) 10.04, and latest version of apache that comes with it
<uksysadmin> Tixos, never used any distro apache to comment tbh - we roll our own and strip off stuff that's not needed - avoids these issues.
<Tixos> ?
<koolhead17> hi all
<jamespage> hey koolhead17
<koolhead17> hello jamespage
<koolhead17> i am trying to test diablo setup on multinode, on oneiric
<koolhead17> my glance and rabbitmq are running on saperate nodes, i am not sure what will i put in rabbit_virtual_host = / in my case inside glance.conf
<koolhead17> also i see keystone sausage in the bottom of the conf file, which makes me bit confusing
 * koolhead17 pokes zul :P
<Daviey> zul: have you fixed horizon CI?
<zul> Daviey: will do so this morning
<zul> havent started work yet
<Daviey> zul: i saw a commit, that was all
<zul> Daviey: ah ok
<zul> Daviey: maybe its the community fixing it ;)
<Daviey> ah, sorry, it was last Monday :)
<Daviey> zul: what happened with horizon 2012.1~e4~20120202.1300-0ubuntu1, *ubuntu2 then *ubuntu3?
<smb> zul, just to let you know, I opened bug 931425 and bug 931423 to have a place to track those two minor issues I found with the current xl stack.
<uvirtbot> Launchpad bug 931425 in xen "Cannot specify a default bridge with xen xl stack" [Wishlist,Triaged] https://launchpad.net/bugs/931425
<uvirtbot> Launchpad bug 931423 in xen-common "Use of vifscript requires full path unlike the example suggests" [Low,Triaged] https://launchpad.net/bugs/931423
<zul> Daviey: eh?
<MoleMan> Trying to boot from LVM. I've copied my root to an LVM and tried to set the fstab to mount the LVM, and run update-initramfs but it still seems to be booting to the original partition. Can anyone help?
<zul> Daviey: horizon is building again
<MoleMan> can anyone help with booting from LVM / mounting an LVM as root?
<smb> MoleMan, I'd probably check /boot/grub/grub.cfg and /etc/fstab whether they contain the uuid of the lv you want as root
<smb> At least change the one for the current kernel manually once
<smb> Though you probably need /boot to be a partition still...
<Daviey> zul: the packages in the archive differ from those in the packaging branch.
<Daviey> 2 x FTBFS's in the archive?
<zul> Daviey:  i just noticed and its been synched now
<zul> Daviey: now i have to fix keystone
<samba35>   i am using kvm on centos 6.2 ,i have installed another ubuntu 10.04  as a guest if i want to access ssh of guest kind of network i have to use -- i want to use guest from outside
<Daviey> awesome.
<MoleMan> GRUB should point to my boot partition, from where the initrd should know to mount the LVM, was my understanding?
<smb> MoleMan, Yes, grub should look in /boot for kernel and initrd, from there it looks for the uuid of /. But if you generate grub.cfg while / is still mounted from the partition, the scripts to generate the grub.cfg would pick that still
<smb> not to mention that /etc/fstab is not updated either. Not sure but that might get used by something as well (at least misleading mtab probably)
<MoleMan> I updated /etc/fstab to have the new root UUID.
<MoleMan> then ran update-initramfs to update the initrd.
<smb> MoleMan, Ok, but check /boot/grub as well, just to be sure
<MoleMan> smb: what am I looking for?
<smb> MoleMan, something like "search --no-floppy --fs-uuid --set=root 2eab68c5-c6fa-405d-a360-1f6f1690bbb3" with your current partition root's uuid
<MoleMan> yeah just saw that, would the easiest thing to do be boot a live CD, chroot and grub-upate (or whatever the command is)?
<smb> Or actually there are linux  "/boot/vmlinuz-*-generic root=UUID=xxx ro   quiet splash" lines later for the kernel
<smb> MoleMan, Ok, that should work too (like use alternate-cd and rescue mode)
<uvirtbot> New bug: #931448 in quota (main) "package quota 3.17-6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/931448
<smb> MoleMan, Then choose the lv as root and runn a shell in there to update-grub
<smb> MoleMan, The advantage of alternate (or server) cds is that you have lvm ready to use
<MoleMan> does the alternate disk have an easier rescue mode than using the desktop live CD and using terminal to manually mount everything and chroot?
<MoleMan> If so I'm going to get easily irritated... the server CD I had if it went to rescue mode had a very limited busybox?
<smb> MoleMan, In the sense easier that it guides you to mount and run a shell in a root of your choice and it has lvm to actually let you select the lv. Hm, I thought the server CD's rescue mode was the same as alternates
<smb> And it would give you a selection of partitions or lvs to mount as root and then execute a shell (ok then I usually type bash in there)
<MoleMan> Its strange, it seems as if its starting to install over the top because it asks for system names etc, which always worries me, give me a second I will try to boot the new server disc...
<smb> MoleMan, It does ask those things. Which could be confusing, but it should not ask about where to install
<MoleMan> smb: do you know why it asks for the hostname etc? does it actually matter what I put?
<smb> MoleMan, Just gives the current rescue boot that name. It does not matter that much really.
<smb> Don't think any service (like ssh) is started but I might be wrong there
<MoleMan> well I'm using YUMI multiboot and if I try to launch server it only gives me the install option
<MoleMan> not sure if its worth me burning a disc or just using the ubuntu desktop liveCD
<smb> Hm, don't know about that one. I normally either use a cd or put things on a usb stick with usb-creator
<smb> MoleMan, From the desktop life cd you would have to install lvm and then mount the fs yourself and do the chroot on your own. It should work the same
<MoleMan> yeah, I used to, then I started using YUMI MultiBoot because it means I can choose from god only knows how many different things I can install on one memory stick...
 * smb must admit he did not look at the life DVDs for a while in detail
 * MoleMan looks through heap of CDs on desk and in shoebox
<smb> or life CDs either
<MoleMan> the only server disc I have is 10.10 which gives you a limited busybox with 'bash like' commands... which is why I have been using the desktop and doing it manually as I wasn't sure what I was restricted to
<smb> MoleMan, Other option is to be daring and replace the uuid of the first kernel sections uuids (if there a multiple which would give a fallback). Actually the rescue a broken system boot should have been the same for even beyond Maverick
<caribou_> any upstart expert in the room ?
<Caribou> I'm seeing what looks like a race condition with the mongodb upstart start sequence
<Caribou> I've seen cases where the db daemon was starting databases before /var/lib/mongodb File system was mounted
<MoleMan> smb: do I need anything special in the options for the mount in fstab?
<smb> MoleMan, Probably depends on what you want to achieve. For root the default is errors=remount-ro...
<MoleMan> smb: yeah I just copied the ones from root, I was wondering if there were any others specific to LVMs but it doesn't matter.
<MoleMan> smb: more to the point: THANKYOU!!! IT WORKS!! been trying to sort this on and off for like a week...
<smb> MoleMan, No, there is no difference between a lv and a partition in that respect
<smb> MoleMan, Heh, good to hear :)
<MoleMan> adbauvjhgvlkjabsgfaqs;lbgr #rage#
<MoleMan> everything is owned by root #sob#
<smoser> smb, could you please take a look at https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/898373
<uvirtbot> Launchpad bug 898373 in cloud-init "fsck.ext3: Device or resource busy while trying to open /dev/xvda2" [High,Confirmed]
<smoser> slangasek is fairly sure nothing in user space at that point should have a device busy to stop fsck
<smb> MoleMan, That probably depends on how you created your copy.
<smb> smoser, looking
<smb> smoser, Oh wasn't that the one you mentioned in last weeks meeting?
<smoser> smb, yeah, there are kind of two parts to it
<smoser> one is that fsck is failing, claiming busy device (this one is instance-store i think).
<smoser> other part is bug 928990
<uvirtbot> Launchpad bug 928990 in cloud-init "fsck / dirty filesystem on instance is death" [High,Triaged] https://launchpad.net/bugs/928990
<smoser> which is unfortunately functioing as currently designed.
<MoleMan> right, so is there an option or something for cp to retain the owner + group settings?
<smb> MoleMan, cp -a should do it.
<MoleMan> ok thanks, I will do that later... for now, I'm going to see the GF. Thanks for your help...
<smb> MoleMan, Np, oh, actually cp -ax maybe (to only copy one fs)
<cwillu_at_work> I typically just use rsync for anything more complicated than a single file
<smb> smoser, Hm, wonder whether we could sneak in a fuser into the init scripts error path... But I need to take a bit more time for the logs first
<MoleMan> ok, I'll look into it and doublecheck when I get back, will look at rsync maybe
<MoleMan> cya
<jamespage> zul, Daviey, adam_g: for the openstack stable pre-commit testing
<jamespage> a) do we want to merge/maintain a verion history like we do for trunck testing
<jamespage> and b) upload to PPA?
<zul> a) yes b) yes
<jamespage> OK - just checking!
<zul> jamespage: no worries
<jamespage> zul: hmm - so the reason I asked about the branch for version history was that we are going to trigger on patch upload into gerrit
<jamespage> so we could end up with multiple entries for the same gerrit review - might get kinda messy
<zul> jamespage: yeah
<jamespage> hmm - I guess it does not matter that much
<zul> it doesnt matter to me i guess
<brendan0powers> jamespage: Hi, thanks for reviewing my package
<brendan0powers> jamespage: I have some questions though if you have time
<jamespage> brendan0powers, no problem
<jamespage> ask away
<brendan0powers> Ok, That bonjour exe file shouldn't have made it into the source archive
<brendan0powers> it was just there to help automate the windows builds
<brendan0powers> Is it possible to remove it from the .orig.tar.gz without incrementing the software version?
<jamespage> brendan0powers, yes - you can simple repack the orig.tar.gz and exclude files you don't want
<brendan0powers> Ok, and launchpad won't complain that the file changed?
<jamespage> brendan0powers, ah - now that is a different matter
<brendan0powers> I may be able to remove the package from launchpad completely
<brendan0powers> then re-upload it
<jamespage> brendan0powers, not in the same PPA I'm afraid
<brendan0powers> Ah, that's too bad
<jamespage> I suggest that we start using a bzr branch whilst we go through review
<jamespage> that way you can make changes incrementally without having to push to a PPA for me to be able to see them
<jamespage> so with regards to repacking the orig.tar.gz
<brendan0powers> The packaging info is already stored in a mercurial repo, is that OK?
<jamespage> brendan0powers, that's fine; in which case its probably worth referencing where the packaging source code is stored
<jamespage> in the debian/control file
<jamespage> brendan0powers, http://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-vcs
<jamespage> brendan0powers, is there a published source distribution of rsa?
<jamespage> i.e. a tar.gz that you could download and build
<brendan0powers> jamespage: No, only source packages, or the VCS
<jamespage> brendan0powers, can you point me at the Vcs location?
<jamespage> rsa/rds  BTW
<brendan0powers> jamespage: http://bitbucket.org/resara/resara-server
<brendan0powers> pacakges are stored in rds/packages/[ubuntu codename]
<brendan0powers> jamespage: although the precise stuff hasn't been pushed yet
<jamespage> brendan0powers, I see
<jamespage> so how are you generating the .orig.tar.gz at the moment?
<brendan0powers> jamespage: I have a script that does it
<brendan0powers> jamespage: also not commited:)
<brendan0powers> I will push everything in a few minutes
<jamespage> brendan0powers, so I notice that you have tagged releases in bitbucket which allows you to then download that commit point as a tar.gz
<jamespage> that would be acceptable as the orig.tar.gz - I do similar for a number of packages I maintain based on projects in github.com
<brendan0powers> jamespage: Ok, I will think about that
<jamespage> brendan0powers, that way you should be able to add a debian/watch file which can be used to download the orig.tar.gz - it can also run a specified script once downloaded to do any repacking required.
<brendan0powers> jamespage: repackaging?
<jamespage> brendan0powers, repacking - removing any files that you don't want in the orig.tar.gz
<jamespage> exe's for example :)
<Caribou> jdstrand: ping
<jdstrand> Caribou: pong
<Caribou> morning jdstrand !
<jdstrand> hi!
<Caribou> would you be interested in an update from my PXE/tftp issue of last week ?
<Caribou> if you have a couple of minute to spare, or I can email it to you
<brendan0powers> jamespage: Ah, that could be useful
<brendan0powers> jamespage: do you know where I could find documentation on that?
<jdstrand> Caribou: I can take a look; perhaps I can add something to help
<Caribou> jdstrand: well I think that I have sorted it out
<jamespage> brendan0powers, 'man uscan' is a good place to start
<jdstrand> Caribou: oh, excellent
<brendan0powers> jamespage: thanks
<jdstrand> Caribou: I'm definitely curious on what it was
<Caribou> jdstrand: it's interaction b/w firewall NAT rules & conntrack helpers
<jdstrand> interesting
<jamespage> brendan0powers, as you are endeavouring to get this into the distro is probably worth thinking about packaging versions separate from the 'upstream' version
<Caribou> jdstrand: privmsg
<brendan0powers> jamespage: I'm not sure I understand that
<jamespage> brendan0powers, OK you are packaging 1.1.0 of rds - which is the upstream version
<jamespage> the packaging is then appended to that - -0ubuntu1 or suchlike
<jamespage> by separating the packaging from the upstream codebase they can be versioned independently
<jamespage> -0ubuntu2....
<jamespage> when a source package gets uploaded to ubuntu it gets automatically imported into a bzr branch - in the case of this package it would be :
<jamespage> lp:ubuntu/rds
<jamespage> and then lp:ubuntu/precise/rds once precise gets released
<jamespage> you can say - well actually we manage the packaging source code for this somewhere else - thats what the Vcs-* fields are for in debian/control
<jamespage> but that is really a reference to the packaging source - not the upstream source.
<brendan0powers> jamespage: Ok, so you suggesting I store the packaging source somewhere else
<brendan0powers> Like, in a bzr repo on launchpad
<utlemming> hallyn: ping
<brendan0powers> and then use the debian/watch file to pull in the orig.tar.gz file?
<jamespage> brendan0powers, thats it!
<jamespage> brendan0powers, once the package gets imported into the bzr branch in launchpad
<jamespage> it will contain both the orig.tar.gz and the packaging
<jamespage> bzr uses tagging, branches etc to manage that
<hallyn> utlemming: yo
<utlemming> hallyn: so cloud-images and lxc -- I was playing with them the other day
<jamespage> brendan0powers, it means that you can bzr branch lp:ubuntu/rds and it will give you everything you need to build the package
<brendan0powers> jamespage: I still don't understand that part
<hallyn> utlemming: you're about to tell me you love it
<brendan0powers> jamespage: is there some documentation on that?
<utlemming> hallyn: I discoved two things we need to do if they are outside a cloud -- we need to set the locale to that of the host and we need to figure out hostnames...but otherwise I love it
<jamespage> brendan0powers, I think this is the latest - http://developer.ubuntu.com/packaging/html/index.html
<utlemming> hallyn: speficially, for the hostname situation, the container has the default hostname of "ubuntu", which then doesn't map to an ip
<jamespage> brendan0powers, I'd not worry to much about that for the time being
<jamespage> having a location to download the orig.tar.gz from and adding a watch file to your packaging would be a better place to start
<brendan0powers> jamespage: Ok
<hallyn> utlemming: you can specify a hostname by specifying a config file containering "lxc.utsname"
<hallyn> i.e. cat > lxc.conf << EOF\nlxc.utsname=mylxc\nEOF
<brendan0powers> jamespage: I'l probably have to create a new tag for the precise package, as I've had to make some changes to the build system
<hallyn> followed by "lxc-create -t ubuntu-cloud -f lxc.conf -n cloud1"
<jamespage> brendan0powers, OK
<brendan0powers> jamespage: I think I have enough to go on for now
<hallyn> utlemming: as for locales, I know nothing about them (C is my locale), but I know stgraber wanted something too
<brendan0powers> jamespage: thanks for your help, and I'll let you know when things are a little less broken:)
<utlemming> hallyn: the locale is easy...and I'll get you a patch for that
<hallyn> i don't particularly care, if you want to install the host's locale in both ubuntu and ubuntu-cloud templates, go for it
<hallyn> utlemming: cool
<jamespage> brendan0powers, feel free to ask questions both on this channel and in #ubuntu-devel - there is normally someone around to help!
<rbasak> jamespage: where did you get your reverse-depends script from? apt-file can't find it.
<jamespage> rbasak, ubuntu-dev-tools
<jamespage> rbasak, think that is new in precise tho
<rbasak> Aha, thanks
<jamespage> rbasak, I did a rebuild test over the weekend for openmpi
<jamespage> about ~30 packages failed to rebuild
 * jamespage goes to dig out the results
<rbasak> Would you happen to have the build logs handy, by any chance?
<rbasak> What's odd is that I can get boost-mpi-source1.46 to build if I do it by hand, even in a schroot.
<jamespage> rbasak, http://paste.ubuntu.com/840557/ summary
<rbasak> The other option is to add a new libopenmpi1.5 package.
<jamespage> rbasak, I seemed to be getting issues with a compiler openmpi provides not actually working - its was segfaulting
<jamespage> rbasak, that caused an early failure which then resulted in some un-installable package scenarios (failed rather than attempted status)
<stgraber> hallyn: the lxc/upstart issue seems to depend on what jobs you have + potentially timing of the boot
<stgraber> hallyn: I reproduce it every single time on a physical machine but can't reproduce in a VM
<stgraber> hallyn: I'm talking with jhunt about it though
<Tixos> hey, can anyone advise me on speeding up ubuntus apache configs? i am getting around 500k hits a day, and at the moment the request time is 15000ms/request! on CentOS its fine..
<Tixos> Request rate: 0.0 req/s (20211.4 ms/req)
<uvirtbot> New bug: #914392 in juju "LXC local provider does not respect 'series' (only installs oneiric)" [High,Fix released] https://launchpad.net/bugs/914392
<satyanash> Hi, I have a static Ip set up on a server, however after some time it'll automatically disregard the settings in /etc/network/interfaces and take an IP from DHCP ?
<SpamapS> satyanash: do you perhaps have network-manager setup to manage the device as well?
<zul> Daviey: lp:~ubuntu-server-dev/keystone/debian-merge/
<satyanash> SpamapS, I don't think I have NM installed..
<satyanash> SpamapS, unless it comes in the default server installation.
<SpamapS> satyanash: definitely not.
<SpamapS> satyanash: perhaps you have a leftover dhclient running from before you made the ip static?
<satyanash> The server has restarted several times before..
<satyanash> SpamapS, I think I remember installing nm on this server..
<SpamapS> satyanash: perhaps remove it. :)
<satyanash> SpamapS, what is the package called ?
<hallyn> stgraber: ok.  I suppose if we have to we can ship a script that closes fds > 2 (which it finds in /proc/self/fd) before starting the container
<hallyn> or provide a flag to lxc-start to not just complain, but close open fds
<stgraber> hallyn: yeah, jhunt gave me the needed changes to close the extra fd, I'll push that probably later today
<satyanash> SpamapS, aah.. Sorry, I dont have it installed, installed wicd-cli instead of NM earlier...
<koolhead17> hi SpamapS
<satyanash> Okay, I guess removing wicd should also be done..
<hallyn> changes to upstart, so those fds aren't needed?
<hallyn> stgraber: ^
<satyanash> SpamapS,  I guess I'll have to wait it out, since it changes randomly.. thanks though..
<SpamapS> satyanash: is dhclient running?
<stgraber> hallyn: nope, an hack in the job, we're still looking into what could be the cause of the upstart issue
<satyanash> SpamapS, yes,
 * satyanash kills dhclient
<rbasak> "warning: skipping optional Message Passing Interface (MPI) library."
<rbasak> Not a good warning to see when I'm trying to build boost-mpi-source1.46!
<dwbear> anyone here see CVE: CVE-2011-3639 its an apache mod-proxy vulnerability
<uvirtbot> dwbear: The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character.  NOTE: t
<hallyn> bleh
<smb> smoser, Not sure how relevant this is but I would read the init dependencies in a way that the mount of / should have succeeded before clould-init-local is started. Yet, the logfiles seem to mix output of the two like those did run at the same time
<Tixos>  hey, can anyone advise me on speeding up ubuntus apache configs? i am getting around 500k hits a day, and at the moment the request time is 15000ms/request! on CentOS its fine..
<SpamapS> satyanash: you may want to look at what is actually running dhclient
<Tixos> Benchmarking 159.253.141.242 (be patient)...apr_socket_recv: Connection reset by peer (104)
<Tixos> Total of 20 requests completed           < this is not normal!
<dwbear> uvirtbot: anything more ? bottom line seems to be the current patches don't were and we are still vulnerable.
<uvirtbot> dwbear: Error: "anything" is not a valid command.
<dwbear> anyone else not a bot have advice related to the apache proxy issue ?
<smoser> smb, the fsck that is complaining is about /mnt (not /)
<smoser> so that is after / is mounted (you'd think)
<smoser> but really, cloud-init is not at all involved in this.
<smb> smoser, Hm, well actually / would be mounted even before. Think that is done in init-bottom and then already pivoted before anything else. But I got confused about what complains anyway... :/
<smoser> right.
<smoser> clearly / is mounted/.
<smoser> but cloud-init is'nt really involved in this path.
<smoser> other than possibly forcing a intersection point in the boot on network and / mounted RW
<smb> So in the depth of cloud-init, do we have anything that would/could touch /mnt? Like scanning for uuids or so
<smoser> hm..
<smoser> smb, possibly... cloud-init does run 'blkid' but that (i think) should only happen on the first boot of the instance.
<smoser> and this is not the first boot.
<smoser> oh... wait.
<smoser> it could be related.
<smoser> we recently changed that to run every boot.
<smb> Ok, just wondering. It must be something that only takes a short time. Otherwise we would likely see it more often
<smoser> http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/cloud-init/precise/view/head:/cloudinit/CloudConfig/cc_resizefs.py
<satyanash> SpamapS, okay, will check process owner next time IP auto-changes..
<smoser> smb, that is what runs that runs blkid
<smoser> and we even explicitly tell it to not look at consult a cache
<smb> smoser, Hm, ok. Guess I try to see whether I can get it to reproduce even with a fake cloudinit locally. Then maybe try to add a bit of debugging to that part
<adam_g> zul: you hit this yet? tests started failing over the weekend because of it, http://paste.ubuntu.com/840651/
<zul> adam_g: not yet
<stgraber> hallyn: oh, just got my first clean boot on that machine, without changing anything...
<stgraber> hallyn: actually, no, I changed something, not sure that's the issue though, /me gets back to testing
<stgraber> (I turned off the ldap plugin in nss between the last reboot and this one)
<stgraber> hallyn: confirmed, turning on libnss-ldap in my test VM reproduces the issue
<mgw> within the context of cobbler/orchestra is there an 'accepted' way to handle named zones (or records) that are not directly created by cobbler?
<hallyn> stgraber: libnss.  that's caused troubles before...  with c/r.
<hallyn> in fact, it was the same issue.  couldn't checkpoint bc it kep topen fds into another ns
<stgraber> hallyn: yeah, in this case it looks like upstart uses nss at some point (usually pretty difficult not to) and keeps the ldap socket open as it's not marked SOCK_CLOEXEC
<stgraber> hallyn: I'm not sure whose fault it's though, might be nss, might be nss-ldap or even libldap
<hallyn> bleh
<stgraber> one of them isn't setting CLOEXEC
<hallyn> it might be a "feature"
<hallyn> i wont' object if you want to assign the lxc part to me and have me add the 'close-all-fds' option
<stgraber> hallyn: that'd be great, I'm having a difficult time closing these fds in shell, the code jhunt gave me doesn't work, even though it matches the manpage ...
<hallyn> stgraber: in fact maybe -d should just imply that option - you're not going to see the failure (iiuc) anyway, so no sense sending a warning and failing
<stgraber> hallyn: updated the bug, I guess making it a default for -d makes sense, yes
<stgraber> hallyn: took me my morning to track down that one but at least we know what it's now ;)
<hallyn> stgraber: thanks for that
<stgraber> hallyn: would have been a pain to debug post-release when people start deploying real servers (where LDAP is fairly common)
<hallyn> stgraber: well i'm not sure how many people will use the autostart - though i guess if i document it in the server guide, they're more likely to :)
<stgraber> well, I know I'll for all my servers and so will the Revolution Linux folks for all the customers they move from OpenVZ
<stgraber> these are production servers where each service or in some cases website runs in a separate container, in these cases you want everything back online after a reboot
<stgraber> people using lxc for development environments are indeed less likely to use the autostart though
<hallyn> bleh, reproduced bug 930430.  can't find where it does it, but do i think juju is doing it, not lxc
<uvirtbot> Launchpad bug 930430 in lxc "lxc-ls requires root access after deploying an LXC instance" [High,Confirmed] https://launchpad.net/bugs/930430
<gary_poster> hey hallyn.  Just discovered lxc-setuid when I was going to have to try and do something similar myself (I was intending to do something more limited, but if lxc-setuid is built-in that's compelling).  However AFAICT it is not working (I ran sudo lxc-setuid and then lxc-start -n whatever and it complained about insufficient privs, among other things).  Do you consider lxc-setuid supported, or not so much?
<hallyn> gary_poster: not so much
<hallyn> i consider it unsafe, in fact (since it doesn't add appropriate pam-cap controls over the inheritable capabilities)
<gary_poster> hallyn, cool.  thanks
<hallyn> gary_poster: if it's important to you, we can look into how to get it working better.  but i was sort of waiting until user namespaces are in, because those will remove a huge portion of the needed privilege
<hallyn> stgraber: were you going to hit bugs 925122 and 880968 ?  or should i?
<uvirtbot> Launchpad bug 925122 in udev "container's udevadm trigger --add affects the host" [Medium,Confirmed] https://launchpad.net/bugs/925122
<uvirtbot> Launchpad bug 880968 in ureadahead "ureadahead should not run in containers" [Low,Confirmed] https://launchpad.net/bugs/880968
<stgraber> I was actually wondering if we'd have any benefit in getting ureadahead working in a container but I guess not ...
<stgraber> I'll take care of these two today
<stgraber> hallyn: did you see my ifupdown upload?
<hallyn> no
<gary_poster> hallyn, maybe this is a "fools rush in..." sort of thing, but we are planning to have a more limited approach of a stupid simple C wrapper (a la http://paste.ubuntu.com/840736/) with setuid that makes the exact lxc call we need.  Since what we need is automated/repeated/identical that should work fine for us.
<hallyn> stgraber: great, thanks
<gary_poster> So IOW I don't think we need lxc-setuid now, thank you
<stgraber> hallyn: I added a new network-interface-container.conf emitting net-device-added for 'lo' in lxc and lxc-libvirt
<hallyn> gary_poster: sounds good
<gary_poster> cool
<stgraber> hallyn: this was needed because I discovered some jobs are "start on net-device-up IFACE=lo" and that even would never be emitted
<hallyn> stgraber: ah, cool.
<stgraber> *event
<hallyn> stgraber: heh, so which jobs were they?
<stgraber> munin-node is the one I noticed, probably others
<stgraber> hallyn: did you confirm we still get net-device-added for eth0 in a container without udevtrigger?
<hallyn> stgraber: i thought i did but can't swear by it now, actually
<stgraber> ok, testing again then ;)
<stgraber> hallyn: container doesn't boot with the change ...
<stgraber> looking into why now
<hallyn> no wait, i have a container i use every day which doesn't have udevadm trigger
<hallyn> and yes it has an ip address and boots fine.
<hallyn> (weird)
<stgraber> hallyn: and does it boot in less than a minute?
<hallyn> stgraber: yes, quickly
<randomuser> any idea why a default, network manager controlled interface would spam dhcp requests?
<hallyn> stgraber: http://paste.ubuntu.com/840762/  is its udevtrigger.conf
<stgraber> hallyn: I definitely didn't get an even for eth0 in mine ...
<stgraber> *event
<hallyn> oh, the event.  hold on
<stgraber> though my upstart job is wrong as I should call udevadm settle regardless and currently I don't
<hallyn> yeah there's an event
<eyy1sup> I'm having trouble with Upstart, as well, it won't start cron since the upgrade to 11.10, but the strange thing is "cron" won't start up manually neither
<SpamapS> eyy1sup: you should have a message in /var/log/syslog explaining what the exit code for crond was
<SpamapS> eyy1sup: one common problem is that cron ends up starting before NIS or OpenLDAP, which may be needed to enumerate users.
<SpamapS> eyy1sup: likewise if there are other sysvinit scripts supporting the users' home dirs, same problem.
<eyy1sup> SpamapS: but at least crond should respond to "sudo service cron restart", shouldn't it? In my case it won't respond to anything, also initctl returns nothing, as if it's not running :(
<stgraber> hallyn: http://paste.ubuntu.com/840778/
<hallyn> not sure 'exec' is needed before 'exit 0'
<hallyn> but looks good.
<smoser> smb, i would think that you could reproduce within kvm if you seed the image with cloud-init data and just keep rebooting.
<smoser> i just haven't had time to dig at it really.
<stgraber> hallyn: it's not, if you don't exec it'll take the exit value of the last thing called, in this case, udevadm or exit
<SpamapS> eyy1sup: in precise and later, that will work. But unfortunately, in << precise, 'service any-upstart-job restart' will not start it if it is not running.
<smb> smoser, I was hoping to do the same with xen. Though must admit that looking at the OVF doc (which I cannot use when using PVM as there is no cdrom) and trying to figure out how much I would need in seed/nocloud I would be rather motivated to apt-get purge cloud-init again. If not the bug was related to that.
<SpamapS> eyy1sup: status cron  should show stop/waiting
<hallyn> stgraber: huh?  'exit 0' should exit 0, no?
<stgraber> hallyn: yes, as I said, the 'exec' is NOT needed ;) though it doesn't make any difference either
<hallyn> stgraber: oh sorry, misunderstood you
<stgraber> hallyn: http://paste.ubuntu.com/840788/
<hallyn> stgraber: hm, but, that works?  in that case, won't the last thing called be a failed test?
<adam_g> zul: pingb
<zul> adam_g: whats up?
<stgraber> stgraber@castiana:~/Desktop/lxc/udev/debian$ ([ '1' = '2' ] && echo pass || echo failed) ; echo $?
<stgraber> failed
<stgraber> 0
<stgraber> hallyn: ^ so in the if statement itself should return 0 in that case
<hallyn> stgraber: but there the last thing was the result of 'echo failed', not of the test
<adam_g> zul: how did the CI packaging diverge from what we've got in ubuntu?
<stgraber> hallyn: good point ;)
<hallyn> stgraber: http://paste.ubuntu.com/840793/  (in dash)
<zul> adam_g: the temp_fix that you had on friday didnt get in when i did the upload and i added the libvirt-console patch on friday, today the libvirt-console patch got rediffed and the your temp-fix got merged upstream
<stgraber> $ if [ '1' = '2' ]; then echo pass; fi; echo $?
<stgraber> 0
<stgraber> hallyn: also in dash ;)
<adam_g> zul: but nova.conf is reverted to some old version, i dont know what else
<zul> adam_g: what are you seeing?
<hallyn> stgraber: interesting!
<kieppie> hi guys. hope everyone's doing well.
<kieppie> I could use some help, please - I've had a catastrophic failure on one of my server's drives (a WD caviar black), but I've manages to recover most of the important data (using the recovery remix) - fat help SMART did me.
<kieppie> how can I do a deep, thorough, comprehensive disk scan of the remaining drives do ensure they're healthy & to pre-emptively fix any other issues that might occur with them?
<adam_g> zul: http://paste.ubuntu.com/840796/
<zul> adam_g: i mean what failures are you seeing
<eyy1sup> SpamapS: status cron shows absolutely nothing, also my "runlevel" returns "unknown"... this upgrade really messed me up
<adam_g> zul: nova volume is broken
<SpamapS> eyy1sup: are you in a recovery shell?
<SpamapS> eyy1sup: and did the upgrade claim to have completed?
<zul> adam_g: how is it broken?
<adam_g> zul: because of the nova.conf changes in that diff, im not sure why those were merged
<SpamapS> eyy1sup: what did you upgrade from / to ?
<zul> adam_g: ah i think i know why
<zul> adam_g: because i merged upstream changes this morning...gimme a sec
<adam_g> zul: why did nova.conf flags change in that merge?
<zul> adam_g: because they arent using tgt as default
<adam_g> zul: yeah... so, the nova.conf merge was a mistake?
<eyy1sup> SpamapS: the upgrade said complete (without errors) and then I couldn't boot because of the /var/run move to /run, which I had to move the old structure to new and setup symlinks... then booting worked but half of the services (cron, proftpd, apache2) were not starting up.... while I could start apache and proftpd with the "service XXXX start", cron was not working like that
<zul> adam_g: well no it wasnt a mistake per say its just that their default nova.conf clobbered ours, just a sec
<zul> i assumed it was
<zul> adam_g: ok pushed, should be fine again
<adam_g> zul: k
<adam_g> zul: whered you push?
<SpamapS> eyy1sup: is this by any chance a vmware VM?
<zul> ubuntu-server-dev
<adam_g> ah, k
<eyy1sup> SpamapS: no, it's a standalone server actually, all upgrades have been smooth from 9.x onward... except last night when I upgraded from 11.04 to 11.10, I tried to force reinstall cron and upstart but to no avail
<SpamapS> eyy1sup: how did you do the upgrade?
<eyy1sup> SpamapS: with the 2 commands: sudo apt-get update; sudo apt-get dist-upgrade
<adam_g> zul: --use_deprecated_auth is still enabled, we disabled that
<SpamapS> eyy1sup: any reason you did not use the supported way, do-release-upgrade ?
<SpamapS> eyy1sup: granted, that *should* work
<zul> adam_g: pushed
<SpamapS> eyy1sup: but I suspect there was a missing dependency somewhere that broke the sequencing of the dist-upgrade
<eyy1sup> SpamapS: no reason at all, I've been using those 2 commands since I deployed this machine back in 2009... I did not know do-release-upgrade existed
<eyy1sup> SpamapS: when I try to upgrade again, it says "everything up to date", I also tried the apt-get to clean out dependencies and stuff... nothing unusual there
<stgraber> hallyn: hmm, actually, I can't upload these fixes just yet
<stgraber> hallyn: we need to have upstart built on all architectures first
<kieppie> how can I do a deep, thorough, comprehensive disk scan of the remaining drives do ensure they're healthy & to presumptively fix any other issues that might occur on my HDD's?
<hallyn> stgraber: is that just a matter of buildd build time?
<adam_g> zul: when jenkins runs a trunk build, it merges ~ubuntu-server-dev with ~openstack-ubuntu-testing. does it push that merge back up to lp:~openstack-ubuntu-testing?
<stgraber> hallyn: no, that's a matter of fixing upstart tests to pass on armel, armhf and powerpc
<zul> adam_g: yes
<adam_g> cool
<zul> adam_g: im in the middle of refactoring the tarball scripts
<hallyn> fun.  lemme queue up the song "this is gonna hurt"
<eyy1sup> SpamapS: it seems like a badly botched upgrade this time, I'm leaning towards a fresh install here
<SpamapS> eyy1sup: sorry that this is broken. :-/ if you have backups, I'd go back, and do it with do-release-upgrade
<SpamapS> eyy1sup: the /run transition has been particularly nasty.
<eyy1sup> SpamapS: any idea how to find out on which HDD is Ubuntu installed? I have 2 external HDDs and I don't want to erase them, just the internal HDD
<stgraber> hallyn: I'm pushing the changes to the packaging branches with a huge scary warning so people don't upload these two until upstart is fixed.
<SpamapS> eyy1sup: mount will show you what is mounted where
<hallyn> stgraber: does the warning include bug# for the upstart problem?
<SpamapS> eyy1sup: to be sure, you should note the UUID's of each device with 'blkid /dev/sdXX'
<stgraber> hallyn: I'm not even sure we have a bug# for it ;)
<hallyn> d'oh.  noone working on it then?
<stgraber> hallyn: I know it's pretty high on James' todolist though, that'll be fixed with the next upstart upload
<hallyn> ok
<stgraber> hallyn: well, it's been like that for a month or so ;)
<eyy1sup> SpamapS: only sda1 and sda5 return an UUID, others nothing... this just tells me the HDD"s unique ID, correct? How do I know where Ubuntu is installed?
<SpamapS> eyy1sup: from the mount command
<SpamapS> Filesystem     1K-blocks      Used Available Use% Mounted on
<SpamapS> /dev/sda4      153923360 132463536  13753456  91% /
<eyy1sup> SpamapS: seems cat /etc/fstab shows sda5 as my /boot
<SpamapS> eyy1sup: fstab shouldn't say 'sda5'
<SpamapS> eyy1sup: shuild say UUID=........
<SpamapS> eyy1sup: I suppose if your system is old enough it may have an older /etc/fstab
<eyy1sup> hehe, this system comes from 9.10, upgraded always
<eyy1sup> maybe 9.10 had an older fstab
<eyy1sup> SpamapS: /dev/sda5 on /boot type ext2 (rw) <- this is shown by mount... safe to assume sda5 is the Ubuntu HDD?
<uvirtbot> New bug: #931660 in rabbitmq-server (main) "package rabbitmq-server 2.6.1-1ubuntu4 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/931660
<stgraber> hallyn: hmm, actually I'm now sure how to fix ureadahead, it's currently starting before mountall and so before container-detect
<stgraber> hallyn: so adding a "and not-container" would just prevent it from starting completely
<stgraber> hallyn: did you ever see this in Precise?
<hallyn> stgraber: for now we can just have it duplcate the checks...
<hallyn> not sure.  maybe not.
<hallyn> stgraber: you mean dealyed shutdown?
<hallyn> stgraber: I think that went away because the kernel-supported reboot is tougher :)
<stgraber> yeah, I don't remember seeing a container hang at least since we have the new kernel and I can't reproduce the ureadahead error messags
<hallyn> i.e. it now kills any hanging tasks, whereas with the utmp helper it (the lxc monitor) waited for all tasks but init to exit
<stgraber> *messages
<hallyn> more rephrase:  the *kernel* kills any hanging tasks when sys-reboot is issued,
<hallyn> so the similar problem with ssh sometimes hanging will also be no problem
<stgraber> hallyn: would you be opposed to me marking this won't fix? AFAICT ureadahead is actually doing what it should and it's probably failing just as badly on a real system
<hallyn> stgraber: that's fine - the log issue will be fixed when we have syslog namespaced
<stgraber> hallyn: updated the bug
<Vancio> hello
<Vancio> can someone give me some info on postfix and mailx, please?
<Vancio> I have some questions i can't find solution...
<Jeeves_> Just try and ask :)
<Vancio> can postfix send an email directly or it needs an ISP's SMTP server?
<lamont> it is the ISPs SMTP server, quite often
<Jeeves_> Vancio: Both
<Jeeves_> if you unset smarthost, it will lookup mx records itselve
<Vancio> ok... thanks
<Vancio> :)
<hallyn> stgraber: I don't see your changes at ubuntu:lxc ?
<stgraber> hallyn: for?
<hallyn> oooooh -
<hallyn> i thought you had an lxc change too.  i didn't realizde it was only the upstart branch
<hallyn> nm :)
<stgraber> hallyn: right, no upstart changes, only pending one is in the udev branch
<stgraber> s/upstart/lxc/g
<hallyn> going out for a bit.  will think though the mount stuff. jjohansen: let's talk tomorrow?
<jjohansen> hallyn: sure
<kklimonda> tjaalton: how do you generate orig tarballs from the git repositories you use?
<kklimonda> (I can't use uscan --download-current-version to get 389-ds-base orig, as  http://directory.fedoraproject.org/sources/ returns 403)
<tjaalton> kklimonda: upstream provides them
<tjaalton> kklimonda: grab it from the ppa
<EvilResistance> i should disable 'ppa' highlights >.>
<EvilResistance> :P
<kklimonda> tjaalton: right, you've uploaded it already
<utlemming> hallyn: I've hit an odd thing...I'm not able to run locale-gen under a LXC container
<ejv> Hello, need help, my dmesg is filled with: "generic-usb 0003:051D:0002.0001: control queue full" making it IMPOSSIBLE to ask my APC UPS for any information. How do I fix this?
<stgraber> hallyn: ok, let's try this new lxc see if my containers start now ;)
<stgraber> hallyn: and it worked! thanks
<hallyn> stgraber: \o/
<hallyn> jjohansen: yeah I've been thinking about it, and i think the lack of remount restrictions is fine.  That's so long as mount restrictions either (likely) forbid bind mounts, or (unlikely) cause original pathname to be used by aa
<hallyn> (fine for 12.04 :)
<jjohansen> hallyn: err, its not a lack of remount restrictions per say.  it a lack of control of all the options available.  We will be able to control, mount, umount, remount, move, and pivot root.  Its whether some specific options in mount/remount are set
<hallyn> right.  long as i understand you, that's what i meant :)
<jjohansen> ah okay
<hallyn> so we can forbid remount, just not allow some remounts but not others.
<hallyn> don't answer that.  i'm not eloquent today
<jjohansen> hallyn: even can be selective on them
<X-tonic> Hey, I am newbie, and I would like to set up a SOCK5 server using ubuntu server. Could you tell me / link me on how do I go about this?
<hallyn> i'll wait for the debs and policy instructions :)
<jjohansen> okay
<adam_g> smoser: if you're around, where can i find the old eucalytpus stress test suite?
#ubuntu-server 2012-02-14
<smoser> adam_g, https://launchpad.net/uec-testing-scripts
<adam_g> SpamapS: ping
<SpamapS> adam_g: pong!
<adam_g> SpamapS: working thru some nova database issues again.. maybe you can shed some light on this to a total lamer (me). if i run the same set of db migrations against a MyISAM backed mysql server and a InnoDB backed server, i end up with two totally different schemas wrt foreign key constraints. myisam ends up the wild west, and innodb creates a schema that is tightly locked down.
<adam_g> see: http://people.canonical.com/~agandelman/schema/myisam/relationships.html
<adam_g> vs: http://people.canonical.com/~agandelman/schema/innodb/relationships.html
<SpamapS> adam_g: MyISAM has no such thing as FK constraints..
<SpamapS> adam_g: so its my guess that the code that does the migrating is just being weird.
<adam_g> SpamapS: hmm, okay this sounds more obvious that i thought :)
<SpamapS> adam_g: right
<SpamapS> adam_g: perhaps the migratino code is assuming that because the table is already there, that its relationships will just be there?
<adam_g> SpamapS: well, the big problem is that the migrations are being developed against sqlite, or at best, mysql+myisam (on oneiric).  there are assumptions made, yeah..
<adam_g> SpamapS: curious, did the switch to innodb by default come from debian, or us?
<SpamapS> adam_g: it came from MySQL 5.1 -> 5.5, which was done in Debian.. by me. ;)
<SpamapS> adam_g: and its truly the *ONLY* sane path to ever take. MyISAM is *crack*
<adam_g> SpamapS: i dont doubt that, just wonder how many others will have similar problems
<SpamapS> adam_g: perhaps the right thing to do is to open a bug against openstack that it should refuse to create tables in anything except InnoDB.
<adam_g> SpamapS: heh
<SpamapS> adam_g: and in migrating.. it should detect myisam tables and recreate *all* relationahips
<SpamapS> relationships too
<adam_g> actually, at some point in its migration it converts all tables to innodb
<adam_g> but im not sure how sqlalchemy handles that, though
<SpamapS> adam_g: right, so when it is doing that, it needs to say "oh crap, I'm converting from a table engine that has no relationships definable.. I need to re-create them"
<adam_g> yup
<uvirtbot> New bug: #931859 in nagios3 (main) "chown: cannot access `/etc/nagios3/resource.cfg': No such file or directory" [Undecided,Confirmed] https://launchpad.net/bugs/931859
<axisys> how do I check if a dir is mounted .. would be nice if we can count on a exit code or exit codes
<axisys> exit 32 seems to be when fails or already mounted .. from what I understand
<axisys> so hard to differentiate what really the mount problem is
<axisys> mount /foo; case $? in 0|32) run_bar;; esac did ran `run_bar' even though /foo failed to mount
<Stef2> 'morning. any1 on and willing to answer noob questions?
<Stef2> :)
<Stef2> ~o) included
<twb> !anyone
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<Stef2> it doesn't say in title if i can ask noob q and it is better to ask first. sorry for this. after i installed successfuly ubuntu 11.10 server without GUI i tryed separatly to install xubuntu gui. i don't know/guess it installed properly becouse some files in /lib/something didn't get "registered" properly. now i get an error an ubuntu start "The disk drive for /dev/mapper/cryptswap1 is not...
<Stef2> ...ready yet or not present". looked in here https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/527666 but it seems to be an old bug. the start process stops on Checking battery state... [OK]. what should i do to check what's wrong?
<uvirtbot> Launchpad bug 527666 in mountall "mountall blocks on timeout waiting for a partition, rather than supplying prompt and picking it up later" [High,Fix released]
<twb> Stef2: is this a fresh install?
<Stef2> yes
<twb> Reinstall from scratch.  Either install xubuntu to begin with, or install server and don't install a GUI.
<twb> We recommend learning to manage servers from the CLI; we discourage installing a GUI on servers.
<Stef2> installed server. restart. installed xubuntu. got error woth /lib/something. restart. server stops at Checking battery state... [OK]. ubove couple lines i get /dev/.. error
<Stef2> i somehow know that, but i guessed it will help me in learning process of CLI
<twb> I understand what happened but I can't diagnose it, let alone fix it, over IRC.  There is no point bothering since a clean install has no investment that will be lost (e.g. apps already set up, user data)
<Stef2> i understand and agree with u, but (no offense intended at any kind) i am the problem solver somehow. i try to understand what i did/miss so i can try nto to repeat the mistake. i understand and agree the GUI problem. i hoped some1 will point me to an place so i can look at the problem. hope i'm not missunderstood. thnx for the answer :)
<twb> The problem is probably just that mountall is crap, and when you tried to install xubuntu you missed some helper package that makes it work properly.
<twb> cryptsetup is normally used for block-level encryption (LUKS), but you are probably either using no encryption or per-file (ecryptfs) encryption, so I don't see how you're running into that.
<twb> upstart in general and mounting issues with upstart are a huge pain to debug
<Stef2> ai first install , installer asked me if i want to encrypt user files (my user files). and i choose yes
<Stef2> *at first install
<SpamapS> twb: should be easier with newer releases
<SpamapS> twb: but really, mountall isn't that bad.
<twb> It drove me batshit insane trying to boot off NFS on lucid
<SpamapS> twb: thats a use case that still doesn't really have a stakeholder in Ubuntu
<twb> IOW nobody is paying canonical to not fuck it up?
<SpamapS> We do lots of stuff that nobody pays us for
<twb> Because of course it Just Works under sysv init
<twb> And it was pretty painless under hardy for that matter.
<SpamapS> But yeah, its been pushed to the bottom of the pile a few times.
<SpamapS> twb: this would be something to bring up at UDS.. you just need a few interested users who are willing to be annoying about the bugs that need fixing and it will get done.
<twb> I do not deal well with meatspace
<SpamapS> Sad to say.. but I'm quite susceptible to the 'squeaky wheel' method of bug prioritization.. and so are many others in ubuntu-core-dev
<SpamapS> twb: just attend virtually :)
<twb> Wasn't UDS a in last November or so anyway?
<SpamapS> for precise yeah
<twb> Somebody invited me to florida and I was "noooo, I do not go near .us"
<SpamapS> twb: next one is in May also in .us .. in Oakland, CA
<SpamapS> then back to EU/US rotation
<SpamapS> twb: anyway, UDS is just a thought. Really.. if you want those bugs fixed you just need to ping me/slangasek/jodh .. we're quite responsive to the vocal minority when it comes to boot bugs
<twb> Righto
<twb> Part of the problem is that *my* machines run Debian, so while I deal with Debian problems as they arise, I only encounter ubuntu-specific issues after they hit LTS
<twb> (LTS being what my customers ask for, after I tell them they can't have RHEL.)
<SpamapS> twb: we fix the LTS from time to time. :-P
<twb> Yes, well, I don't turn backports on because I don't trust not to introduce new and exciting issues :-P
<SpamapS> https://bugs.launchpad.net/ubuntu/lucid ... only 116 open High importance bugs
<twb> RC status doesn't matter after the release amirite ? :P
<SpamapS> no such thing as "release critical" in Ubuntu. Critical means "the first things we deal with"
<SpamapS> unless our CDs eat your data or just won't boot.. we release on time (dapper, for example, did not ship on time, because it basically didn't work and needed 2 more months)
<twb> Hehe "release when its ready" vs "release when it's not ready"
<SpamapS> We release when *we* are ready... which is generally known to be about every 6 months
<SpamapS> twb: for the LTS we even cut new CDs after we fix the critical bugs that we couldn't get to by "release day"
<SpamapS> so it kind of works a little more like a Debian release
<tarvid> I have a neglected server on karmic, can't update. Should I attempt an upgrade to lucid?
<SpamapS> tarvid: yes
<SpamapS> tarvid: backup first
<twb> SpamapS: eh, I do my installs from netboot d-i anyway
<twb> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<twb> tarvid: second link there
<Stef2> started reinstall server. got at the point where installer ask me if i want to encrypt home directory. can i presume that my previous error started from the encryption part and now i should choose option to not encrypt my Home directory?
<twb> Recommend choose no, at least for now
<twb> If everything seems to be working you could try another reinstall and pick yes
<Stef2> thnx for the answer. i'll do that. first time i choose yes and it worked. got errors after i installed xubuntu
<SpamapS> Stef2: why aren't you installing *xubuntu* if you want xubuntu?
<twb> SpamapS: he wants a server with a GUI on it :-(
<twb> 17:33 <twb> Reinstall from scratch.  Either install xubuntu to begin with, or install server and don't install a GUI.
<SpamapS> server with gui.. hah
<SpamapS> saving yourself 1 day of frustration for years of slow, manual labor.
<Stef2> i didn't installed GUI from the first time. i got the error when i installed GUI separatly. but now i wont even try to install GUI anymore.
 * SpamapS feels the other way.. he wonders why his desktop has a GUI
<Syria> Hi, does this mena that guest additions are now installed? http://paste.ubuntu.com/841373/
<twb> SpamapS: mine doesn't
<twb> My local LUG asked me to give a talk on how to not cry like a little girl when using fbcon for everything, but I didn't want to go outside
<twb> Syria: dkms is just infrastructure
<twb> Syria: normally you would "apt-get install foo-dkms" to get a DKMS-based third-party kernel module called "foo"
<Stef2> would be better if i choose to install software like dns server, lamp server and so on separately or i should install them from start and configure after?
<Syria> twb:  I want to install guest additions so I can run CD Rom from the Windows virtual machine.
<twb> Syria: I don't know what that means
<twb> Stef2: I never pick anything like that until I know the server can actually boot
<Stef2> thnx for tip
<twb> Stef2: I don't like that UI anyway but you can rerun it later, it's called "tasksel"
<twb> Stef2: I prefer to just use apt-get/aptitude
<Syria> twb: I have a virtual windows machine and the host is ubuntu server 10.04.3 ... I want to read the CD from the virtual machine.. What shoud I do please?
<twb> No idea, I don't support Windows.
<Syria> Thank you.
<SpamapS> wow erlang takes a long time to build. :-P
<SpamapS> I always forget that :-P
<Syria> Somebody help me please... I have a windows virtual machine and it is hosted bu ubuntu server.. how can I read cd's thorugh the virtual machine?
<Jeeves_> Syria: That depends on your management tool
<Syria> Jeeves_:  Virtual Box not the ose edition.
<Jeeves_> Oh, no clue then :)
<Syria> Jeeves_:  Thanks.
<_ruben> most virtualization tools make it fairly trivial to provide cds to its vms, then again, i never used vbox either :)
<Stef2> !details
<ubottu> Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<Stef2> !gq
<ubottu> Are you sure your question allows us to help you? Please read http://www.sabi.co.uk/Notes/linuxHelpAsk.html to understand how to ask a 'better' question.
<Stef2> !poll
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<lynxman> morning o/
<jamespage> morning lynxman
<lynxman> jamespage: good morning sir!
<linocisco> hi every one
<linocisco> my ISP internet needs us to set proxy in browser to use internet. I would like to bypass this settings using ubuntu server.
<linocisco> how to accomplish?
<uvirtbot> New bug: #931978 in samba (main) "Update to version 3.6.3" [Undecided,New] https://launchpad.net/bugs/931978
<ludo89> Hi
<ludo89> i've got a question about tcpdump output on one of the interfaces of my firewall.
<ludo89> i've got this :
<ludo89>  11:59:46.827529 00:1c:2e:84:7e:00 > 09:00:09:00:00:67 Unknown DSAP 0xf8 Unnumbered, ui, Flags [Command], length 97
<ludo89> any idea of what "Unknown DSAP 0xf8 Unnumbered" means ?
<lynxman> ludo89: http://serverfault.com/questions/202777/what-do-unknown-ssap-and-unknown-dsap-mean-in-tcpdump
<ludo89> lynxman: Thanks a lot for your link !
<CasmoNL> Hi, even after removing sendmail (with apt-get, running Ubuntu 10.04), it's still running, is there any way to completely disable it? Googling didn't help me that much..
<koolhead11> jamespage: here
<jamespage> koolhead11, yep
<koolhead11> https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/841726
<uvirtbot> Launchpad bug 841726 in cobbler "Unable to netboot with dhcpd managed by cobbler" [Medium,Fix released]
<koolhead11> status says fixed released
<koolhead11> i have wasted almost whole day on thios
<koolhead11> and then found about this bug
<koolhead11> cobbler profile loads without any problem
<koolhead11> its cobbler system which got screwed up
<koolhead11> after i did cobbler sync
<koolhead11> jamespage: gimme few minute i will paste my cobbler config and dhcp template file
<koolhead11> poor virtulbox
<jamespage> koolhead11, ack
<koolhead11> so manage_dhcp: 0 inside /etc/cobbler/settings
<koolhead11> now when i added a system and later did cobbler sync
<koolhead11> i see something interesting
<koolhead11> inside my dhcpd.conf file :P
<uvirtbot> New bug: #932021 in mysql-5.1 (universe) "service mysql start hangs forever without any messages if the configuration is broken" [Undecided,New] https://launchpad.net/bugs/932021
<koolhead11> jamespage: http://paste.ubuntu.com/841616/
<jamespage> koolhead11, can I see a log of the sync please
<jamespage> also I don't think cobbler will actively stop managing you dhcp file
<koolhead11> jamespage: sure
<jamespage> i.e. it will leave stuff around that it created
<jamespage> koolhead11, are you running on precise or oneiric?
<koolhead11> oneiric
<koolhead11> jamespage: http://paste.ubuntu.com/841623/  cobbler sync
<jamespage> koolhead11, and what does you dhcpd.conf file have in it now?  I specialize mine quite alot for my local network topology/setup
<jamespage> koolhead11, I seem to have done:
<jamespage>         #filename "$iface.filename";
<jamespage>         filename "pxelinux.0";
<jamespage>         ## Cobbler defaults to $next_s
<koolhead11> jamespage: nopes its plain DHCP file with my dhcp network info and this "system" infos
<koolhead11> jamespage: yeah these options
<jamespage> koolhead11, so what exactly is not working for you?
<koolhead11> jamespage: gpxe/menu.gpxe
<jamespage> koolhead11, thats not going to work - thats the bug
<jamespage> you need to change:  filename "pxelinux.0";
<koolhead11> jamespage: yeah i did that, then did cobbler sync
<koolhead11> still no luck i will try again
<jamespage> koolhead11, so manage_dhcp: 0 inside /etc/cobbler/settings?
<jamespage> won't have any effect :-)
<koolhead11> gosh. lemme make it 1
<koolhead11> but in that case wont i have to add the same configs inside that file as well
<koolhead11> i meant dhcp.template
<jamespage> koolhead11, so if you tell cobbler to manage your dhcp configuration it will overwrite the dhcpd.conf file
<jamespage> so ONLY makes changes in dhcp.template
<koolhead11> jamespage: so i should remove all the configuration i added on dhcpd.conf ?
<koolhead11> and paste the same inside the dhcp.template file
<jamespage> koolhead11, you need to ensure that the cobbler dhcp.template contains all of the right configuration for your setup
<jamespage> + the fix for filename "pxelinux.0";
<koolhead11> jamespage: could there be some cache or something? am still getting same error
<koolhead11> shall i add a new system by removing this
<koolhead11> ?
<koolhead11> and test if it works
<melvincv> what does the -C option in tar do?
<TeTeT> melvincv: man tar,      -C, --directory DIR
<TeTeT>            change to directory DIR
<koolhead11> hola TeTeT :)
<TeTeT> hi koolhead11, how are you?
<koolhead11> am doing good how about you?
<Ursinha> I thought I would chair the meeting today, but that's not what the wiki page says...?
<Aerodonkey> What is this meeting about?  Sorry that I'm new here.
<Ursinha> Aerodonkey, it's the server team weekly meeting, where we discuss server related stuff :) and welcome :)
<koolhead11> Ursinha: how much time we have before it starts :)
<Ursinha> koolhead11, in 35 minutes, if calendar isn't lying to me
 * koolhead11 will grab his dinner in meantime
<Aerodonkey> I have problems when running Ubuntu instance on Amazon EC2.  May I ask questions here?
<Tixos> someone please please help me with page load times
<Tixos> getting some results of 20,000ms/request
<Tixos> cant figure it out
<Aerodonkey> what page? memory page, or web page?
<Tixos> its a web page, its defaintely apache causing it, the server response is very fast
<Tixos> i used 'httperf'
<Tixos> nothing to do with the web page btw, its default apache
<patdk-wk> what is the web page?
<patdk-wk> a static html file?
<Tixos> it was fine on centos, i feel its ubuntus default apache configs
<Tixos> yes it is static html
<Tixos> port 443 is fine
<patdk-wk> is it on the internet? can I test?
<Tixos> been testing for 2 days now lol
<Tixos> sec
<Tixos> ill PM
<Tixos> i also tried 'ab' apache benchmarking, horrific results lol
<Tixos> i would blame DNS as i have just changed servers, but using IP is just the same
<patdk-wk> na, it's physically on that system somewhere
<Tixos> try   ab -c 10 -n 100 IP   patdk-wk
<Tixos> server like 110ms, processing 10,000ms lol
<patdk-wk> why should I?
<patdk-wk> that doesn't prove or help anything
<Tixos> ok?
<Tixos> to me it proves its taking too long to respond?
<Tixos> no point in using a browser right? with caching etc, these two apps tell me better
<patdk-wk> what apache modules are enabled?
<Tixos> sec
<Tixos> 'default'
<Tixos> but let me get list
<patdk-wk> I dunno what default is
<Tixos> http://pastebin.com/TencnaS0
<Tixos> i disabled 'mod_reqtimeout, because it was causing lots of 408s because of this issue
<patdk-wk> what kind of server is this?
<Tixos> basically, its a brand new server, ubuntu 10.04LTS 'default' install
<Tixos> dedicated
<Tixos> its getting alot of traffic
<patdk-wk> did you try vmstat?
<patdk-wk> or iostat?
<Tixos> so i guess ubuntus default apache.conf isnt good enough
<Tixos> no, never heard of them
<patdk-wk> I dunno about good enough, I haven't had any issues with it
<patdk-wk> well, how do you ever locate an issue?
<Tixos> ive never had a problem in 2 years on centos
<patdk-wk> for all we know, your harddrive is dead
<Tixos> no man, it was fine before it received traffic
<Tixos> its happened on 2 ubuntu servers
<patdk-wk> harddrive overloaded then :)
<Tixos> i moved from one provider because i thought it was 'them'
<Tixos> turns out its ubuntu
<patdk-wk> do "vmstat 1"
<Tixos> or a config rather
<Tixos> ok sec
<patdk-wk> let it run for like 20seconds, and past it
<patdk-wk> pastebin it
<Tixos> http://pastebin.com/1MMjDYjy
<patdk-wk> hmm, now I can't connect
<patdk-wk> how about a, netstat -atn
<patdk-wk> that is going dump a lot of lines though
<Tixos>  should i | less it ?
<patdk-wk> na
<Tixos> or file output
<patdk-wk> netstat -atn | pastebinit
<Tixos> netstat -atn > file.txt
<Tixos> ?
<patdk-wk> pastebinit is lazy way :)
<Tixos> but thats what you mean right? lol
<patdk-wk> ya
<patdk-wk> I'm thinking you maxed out your apache connections
<patdk-wk> default is 256
<patdk-wk> and with a 15second keepalive I think
<patdk-wk> normally changing keepalive down to 1 second is good
<patdk-wk> it looks like you have enough ram to increase that 256limit also, if needed
<Tixos> yea i thought this, because i compared my centos httpd.conf, and the onyl difference really was the MPM settings for prefork
<Tixos> and also keepalive is off on that server
<Tixos> ill PM you link
<patdk-wk> ya, you need generic tuning
<Tixos> so keepalive = 1 is better than off?
<patdk-wk> keepalive off or 1sec will help it
<Tixos> could you guide me?
<patdk-wk> I would perfer 1sec
<Tixos> ok let me give it a whirl
<Tixos> should i up anything in perfork ?
<patdk-wk> cause it only wastes it for 1 sec, but then they get all the pictures and stuff quick
<patdk-wk> you have craploads of free ram
<patdk-wk> so probably safe to double the max
<Tixos> yes i know
<patdk-wk> maybe more
<patdk-wk> but I wouldn't put it higher than needed
<Tixos> the server is decent enough, so thats why i was lost, this is all a bit beyond me but i done alot of reading :P
<Tixos> i read 256 is the higher?
<Tixos> or is that for worker or something ?
<patdk-wk> I dunno, what one you have installed?
<patdk-wk> apache2-prefork, apache2-worker, ...
<Tixos> well, again lol by 'default' i didnt install either
<Tixos> but it has both sections in the config
<Tixos> same as centos does
<patdk-wk> how many apache2 programs do you see?
<patdk-wk> worker should have like 2-4
<Tixos> programs?
<patdk-wk> prefork will have like 200 or so in your server
<patdk-wk> ps ax
<Tixos> sec
<Tixos> /usr/sbin/apache2 -k start    there is about 100 of these?
<Tixos> maybe more
<patdk-wk> then your using prefork
<Tixos> ok
<Tixos> these are my centos settings, so i give these a go?
<Tixos> http://pastebin.com/i8Rz3ind
<Tixos> if you get the httperf time/request down i will love you forever :)
<Tixos> so far 4 people couldnt help :)
<Tixos> sidenote: what is the correct way to reload configs when changing apache.conf.   reload, restart or stop/start?
<patdk-wk> depends
<EvilResistance> Tixos, i'm unfamiliar with Apache, but if its anything line nginx's nginx.conf (which controls the instance of nginx and not the sites), i'd assume restart
<patdk-wk> I normally just restart
<EvilResistance> even when i was dabbling in Apache, i just used 'restart'
<patdk-wk> but doing a reload is alittle more friendly
<Tixos> yea i normally do
<Tixos> im not feeling friendly :)
<Tixos> so should i match those prefork settings patdk-wk ?
<patdk-wk> hmm?
<Tixos> let me pastebin both
<Tixos> these are 'defaults'
<Tixos> http://pastebin.com/HQRMPF2E
<andrew667> test
<EvilResistance> i very very rarely feel friendly towards my systems, so i just use 'restart' for misbehaving things and rehashes of the config (so to speak)
<patdk-wk> tixos, I would do this
<patdk-wk> StartServers 50
<patdk-wk> MinSpareServers 20
<patdk-wk> MaxSpareServers 50
<patdk-wk> ServerLimit 300
<patdk-wk> MaxClients 300
<patdk-wk> and keepalive at like 1sec
<patdk-wk> maybe increase the 300 to something larger if needed
<Tixos> patdk-wk:  your keepalive = 1 fixed it..
<Tixos> what are the pitfalls of this?
<Tixos> its fine... totally fine
<Tixos> Request rate: 4.3 req/s (234.3 ms/req)
<patdk-wk> it's not fine
<patdk-wk> it's *better*
<Tixos> same as google for me :P
<Tixos> yes i will fix prefork up like you say also
<patdk-wk> keepalive is how long a client can *tie up resources* on your server, while waiting for the next page request
<patdk-wk> before you had it off, so every thing needed a new connection, slow
<Tixos> no it was on, but set @ 15
<patdk-wk> making it 1sec, basically means, they can download the page, and images, and js,css,.. all in one connection
<Tixos> it was off on my centos server yes, but it was fast here
<patdk-wk> then a new page will take a new connection
<patdk-wk> so having it on, makes a page faster, but makes OTHER people wait
<patdk-wk> since you maxed out how many connections you could have at once (150), all waiting around for 15sec, no one could connect
<Tixos> yea, great man
<Tixos> thanks so much :)
<patdk-wk> your tests didn't see that, since you tests didn't use keepalive
<Tixos> so if there is noneed for keepalive at all, it can be turned off, but 1-2 seconds if always better in your opinion?
<patdk-wk> if you have webpages that are more than one item, (includes javascript, css, images, ...) I would keep it on
<patdk-wk> it makes them display faster for the user
<antihero> Hey, I can't install php5-memcached
<patdk-wk> plus, the more distance the user is from you, the longer it would keep your server tied up, without keepalive
<antihero> any ideas? (lucid)
<antihero> it's here http://packages.ubuntu.com/lucid/php5-memcached
<antihero> but apt-get says it has no installation canddiate
<Tixos> patdk-wk: would you use mod_reqtimeout, i disabled it, but it was installed by default, now this is fixed should i re-enable?
<Tixos> it was giving tons of 408 errors
<patdk-wk> I can't remember what it does
<brendan0powers> jamespage: Hi, I have some questions about the debian/watch file
<brendan0powers> jamespage: Aside from the man pages, I've fixed all of your comments
<jamespage> brendan0powers, hi!
<brendan0powers> jamespage: So, the watch file should point to a directory containing source releases?
<jamespage> brendan0powers, typically a http location for a tar.gz of the source release
<Tixos> ok, thanks patdk-wk  much love :D
<brendan0powers> I tried putting the exact file name I wanted, and got an error from uscan beacuse there was no pattern
<brendan0powers> jamespage: and bitbucket does not support listing tags, so i can't use a wildcard for the URL
<jamespage> brendan0powers, OK so that might not be practical then
<brendan0powers> I could host the source somewhere else, I guess
<brendan0powers> I mean, the .tar releases
<jamespage> brendan0powers, if it looking hard ATM then I suggest you document in a README.source file how to create the orig.tar.gz file manually.
<jamespage> that should be acceptable
 * jamespage is not an archive admin
<jamespage> brendan0powers, that could involve documenting how to clone from bitbucket and create the orig.tar.gz
<jamespage> which could be put in debian/rules
<mdeslaur> *sigh* looks like I have to push mysql 5.5.20 and 5.1.61 as security updates to our stable releases, as Oracle won't disclose what the security updates are :(
<andol> mdeslaur: Making MariaDB seem even more tempting?
<mdeslaur> andol: definitely
<SpamapS> mdeslaur: have they confirmed that 5.5.20 and 5.1.61 *actually fix the problem* ?
<mdeslaur> SpamapS: yes, those are the versions listed in the advisory
<SpamapS> mdeslaur: Ok, I have 5.5.20 ready to go in Debian, so I can push that into precise just so precise isn't vulnerable if you like.
<mdeslaur> SpamapS: yes, please, that would be awesome
<SpamapS> mdeslaur: Ok I'll upload 5.5.20 later today... cool?
<mdeslaur> SpamapS: yes, thanks!
<koolhead17> hi all
<hallyn> jjohansen: I'm going to go and review some userns patches (some = >100 of them :), please ping me when I should be testing a apparmor+mounts patchset
<jamespage> iamfuzz, hey - sorry but jenkins does not use gwt :-(
<iamfuzz> jamespage, I didn't think so, but Andy told me that so I got excited :-)
<iamfuzz> no worries, was just a stab
<jjohansen> hallyn: hrmm, well I am packaging up a first run of the ppa now, but there will be some revisions throughout the day.  I have full option matching that I am going to be testing and will roll out some time
<jjohansen> hallyn: so if you want to play it will be available in an hour or so but changes, but later might be better
<hallyn> jjohansen: ok, no problem - I"ll wait a bit, thanks.  just ping me when i should look :)
<jjohansen> hallyn: okay, btw full option matching means none of the limitations/concerns from the other day
<hallyn> \o/
<uvirtbot> New bug: #931584 in openldap "Upstart should close all non-standard fds before starting a job" [High,Triaged] https://launchpad.net/bugs/931584
<smoser> adam_g and Daviey , roaksoax looked at the big/small buckets thing.
<smoser> he would know more. but he asserted upstream bug on that.
<smoser> and i think that theh goal is to move to squid-deb-proxy, which wouldn't have these buckets (although maybe we could get them into s-d-p, as they are kind of nice, to have kind of one limit for ISOs and one limit for archive things).
<ivoks> adam_g: i'm not sure how to request a merge cause LP doesn't allow me; but if you are interested, take a look at lp:~ivoks/charms/precise/nova-cloud-controler/trunk; adds public_interface to FlatDHCPManager
<koolhead17> jamespage: you were correct :)
<koolhead17> am still at same issue!! :)
<smoser> utlemming, bug 932088
<SpamapS> lynxman: hey, I'm working on updating rabbitmq-server to 2.7.1 ..
<zul> SpamapS: pretty sure...its dependent on the rabbitmq-server
<SpamapS> lynxman: might that affect your stomp packages?
<zul> SpamapS: he might not be around either
<SpamapS> zul: true, too late.. well I'll take a look at them
<zul> SpamapS: k just wanted to give you a heads up
<med_> I think lynxman is in flight.
<uvirtbot> New bug: #932239 in samba (main) "Multiple Samba security vulnerabilities" [Undecided,New] https://launchpad.net/bugs/932239
<antnash_> Hi guys. Anyone able to give me any hints as to why my server becomes hideously unresponsive after being on for about 7 hours?
<antnash_> I have to power it off for 30s or so for it to actually come back to life, otherwise it hangs at bios while discovering disks
<SpamapS> antnash_: anything in dmesg? perhaps something is throttling due to temperature?
<antnash_> Hey SpamapS. How can I check it after a reboot?
<SpamapS> antnash_: great point. :)
<SpamapS> antnash_: perhaps hook up another box as a serial console
<SpamapS> antnash_: and make sure you boot with 'noquiet' so you get all messages on console
<antnash_> Hmm. Would if I had another box I could do it with, and knew how!
<antnash_> Of course the latter there is much less of a problem than the former
<antnash_> SpamapS, no way to check in system logs?
<SpamapS> antnash_: /var/log/syslog would potentially have stuff too
<antnash_> SpamapS, you were right. Throttling due to temp
<antnash_> Time to get a better cpu fan I think!
<zul> adam_g: im in the middle of the nova ubuntu/debian merge would you have complaints if i moved --connection=libvirt into the nova-{kvm,lxc,uml,qemu}.conf ?
<zul> im tryin to figure out how to handle the nova-xen/nova-xcp/nova-libvirt stuff properly
<adam_g> zul: thats where it should go, but there was a database migration that made it required that its defined on the node thats running 'nova-manage db sync'
<adam_g> zul: i think that might have changed, though, gimme a minute ill check
<zul> adam_g: k
<adam_g> zul: heres the bug https://bugs.launchpad.net/nova/+bug/921294
<uvirtbot> Launchpad bug 921294 in nova "Migration 074 should not need connection_type defined if no data is present (new installs)" [High,Fix released]
<zul> adam_g: k ill try it here first
<adam_g> zul: i think
<adam_g> zul: er, i think moving that is okay for new installs but not going to work for upgrades
<zul> great now i have blood dribbling from my ears ;)
<adam_g> read the bug
<adam_g> zul: does debian keep that flag in the nova-compute-*.conf?
<zul> no nova.conf
<zul> but i think debian might be a bit broken right now
<adam_g> zul: because they also support xcp?
<zul> adam_g: yeah
<adam_g> zul: that is why i raised the bug to begin with, i cant see how it'd be possible to support either without nova-common-{xcp, libvirt, etc} and corresponding compute packages.
<adam_g> zul: if the flag is only set on the compute packages, and compute is running on seperate nodes, a database migration from any other node will end up migrated for xen, even if compute nodes are running libvirt.
<zul> yeah im going to put off that problem for now and continue merging stuff here
<adam_g> zul: if its set globally in nova.conf, it can be run from any node, but to support other hypervisors, we'll need an entire new subset of nova packages (not just compute)
<zul> adam_g: agreed
<gary_poster> hallyn, I have a container that I can start with lxc-start but when I try to use lxc-execute it gives me an error: "No such file or directory - failed to exec /usr/lib/lxc/lxc-init" "invalid sequence number 1. expected 2".  In the dim past (http://comments.gmane.org/gmane.linux.kernel.containers.lxc.general/1734) you recommended copying over /usr/lib/lxc/lxc-init to the guest (so /var/lib/lxc/lpdev/rootfs/usr/lib/lx
<gary_poster> c/ for me).  That dir in the guest does not exist for me.  Do I need to start the container and install some packages there first, or do you have another suggestion?
<Degot> Hi, Is there a way to automatically copy files to just attached USB Stick/HDD?
<hallyn> gary_poster: stgraber's workaround is the best - install lxc in the guest
<gary_poster> hallyn, ok cool thanks
<stgraber> gary_poster: install it with --no-install-recommends though to avoid pulling dnsmasq, bridge-utils, ...
<gary_poster> stgraber, ok makes sense thanks
<chaos_zero> heya, i am looking to do something that might be impossible. anyone want to help me? =P
<chaos_zero> well i want to run a windows app in the "background" with no X.
<chaos_zero> has this ever been done?
<adam_g> zul: are you planning on just overwriting the orig.tar.gz for keystone with the ksl branch?
<zul> yes
<zul> im talking about it with anotherjesse on #openstack-dev so you might want to chime in
<adam_g> zul: if we could put that packaging somewhere other than the archive + the CI repo (a seperate openstack-ubuntu-testing PPA), id prefer to have some time ensuring its at least mostly working. otherwise we risk breaking CI for everything else
<zul> adam_g: yep
<adam_g> Daviey: you around?
<Daviey> adam_g: always
<Aison> somehow the mysql service is not starting
<Aison> when I do service mysql start it hangs forever
<adam_g> Daviey: wondering if its okay to transfer these WIs over to roaksoax: add SSL support to cobbler-enlist, add auto-generation of hostname when not provided by dhcp to cobbler-enlist, Hardware detection and inventory snippet. i believe he's already got the hostname one complete
<Daviey> adam_g: As roaksoax is owning that area of things, it probably makes sense
<Daviey> adam_g: postpone hw detection
<Aison> when I reinstall mysql-server-5.1 package, why is the file /etc/init/mysql.conf not reinstalled also?
<Aison> I deleted it
<uvirtbot> New bug: #932415 in cloud-init (main) "Cloud-config can not add PPAs with international text in their description" [Undecided,New] https://launchpad.net/bugs/932415
<Jeeves_> Aison: Did you purge when you removed it?
<Aison> Jeeves_, no, but now I did and it works ;)
<Jeeves_> Good :)
<Daviey> adam_g: still around?
<adam_g> Daviey: yea
<Daviey> adam_g: heya, how are things?
<adam_g> Daviey: decent. trying to work on bug 883988 but hitting some strange database locking issue that only seems to happen against mysql on precise
<uvirtbot> Launchpad bug 883988 in glance "db migration failing when upgrading glance - trying to create existing tables" [High,Confirmed] https://launchpad.net/bugs/883988
<adam_g> that seems unrelated to the bug
<Daviey> aww, crap.
<Daviey> adam_g: are you likey to have capacity to 'make green' CI testing before EOD?
<adam_g> Daviey: yes
<Daviey> adam_g: aww, that rocks.  I might back a start in a bit, but will not be able to finish in time.
<adam_g> Daviey: huh?
<Daviey> adam_g: sorry, i'll make a start - but i will not finish
<adam_g> Daviey: i see whats wrong
<adam_g> Daviey: deployments are timing out because, during installation, they cannot reach their mirror for whatever reason
<Daviey> free disk space? ;)
<adam_g> seems that lab is cut off from gb.archive.ubuntu.com, whic is what they're trying to reach
<adam_g> not sure exactly why
<Daviey> ah, no
<stiv2k> hmmm
<stiv2k> i created a new user on my server
<stiv2k> but when i see programs in ps aux that he started
<stiv2k> it just says user 1003
<stiv2k> not his name
<stiv2k> why?
<Daviey> stiv2k: Does, cat /etc/passwd , work?
<stiv2k> Daviey: yesh
<stiv2k> yeah*
<stiv2k> knightsrepair:x:1003:1003:,,,:/home/knightsrepair:/bin/bash
<stiv2k> ^
<Daviey> adam_g: do you see that archive.ubuntu.com is pinned to a mirror?
<Daviey> (that works)
<adam_g> Daviey: i just did that
<adam_g> rebooting one now
<Daviey> adam_g: I suspect that the IP address of gb.archive.ubuntu.com changed, and the firewall is based on IP address
<adam_g> Daviey: any idea what is setting the hosts to use gb.archive.ubuntu.com?
<stiv2k> Daviey: ?
<Daviey> stiv2k: check to see you can read /etc/passwd as that user.
<Daviey> adam_g: is this on test-01, or the nodes?
<adam_g> Daviey: the nodes seem to be attempting to install from gb.archive.ubuntu.com which is unreachable from both test-01 and the rest of the cluster
<Daviey> adam_g: so, test nodes use test-01 for dns resolution.  If the ip for archive.ubuntu.com in /etc/hosts works, we'll add an alias to gb.archive.ubuntu.com ; and we should be GOLD>
<stiv2k> d	ok
<stiv2k> Daviey: ok
<Daviey> adam_g: can you trigger a re-test
<Daviey> i think it should work now
<stiv2k> Daviey: i can read it
<adam_g> Daviey: just a sec
<bascotie> I setup an Ubuntu Desktop 11.10 Samba/FTP server. I can connect through ftp and share through samba fine but only when putting files ON the server, not pulling them off. I've tried port forwarding, playing with permissions,etc, but I still seem to get a permissions error. I am trying to connect from my Windows 7 machine to the Ubuntu Server.
<Daviey> bascotie: you might get more success from a samba dedicated channel.
#ubuntu-server 2012-02-15
<adam_g> Daviey: that did the trick, for now
<Daviey> adam_g: cool
<Daviey> adam_g: if that is the IP address that in punched through the wall, we should hardcode to it anyway
<adam_g> Daviey: ive not had any issue getting the archive before, not sure what happened
<bascotie> Lol they referred me to ubuntu-server but does anyone know a good Samba channel
<bascotie> found one, #samba =P
<bascotie> thank you
<ohdae> Hey, I'm looking for a way to back-up/mirror data between two separate Ubuntu servers. Looks like rsync is my best bet..any other ideas?
<SpamapS> ohdae: mirror and backup are not at all the same thing
<SpamapS> ohdae: but rsync is useful for both use cases
<ohdae> I didn't mean mirror == backup, i meant mirror and backup. I need the same exact content on both servers for specific folders, but I also need other specific folders to be backed up from one server to another
<ohdae> but yeah, SpamapS, rsync looks like the easiest way. well, with what is included that is
<twb> ohdae: rsync is a tried and true solution, I recommend it.
<twb> ohdae: you may wish to wrap it (or librsync) with one of the higher-level wrappers, like rsnapshot or rdiff-backup.
<chaos_zero> how plausable is it to run a windows type server program on ubuntu server?
<twb> rsnapshot is reasonable, but a bit stale -- I'm trying to get funding to overhaul it in the next few months
<ohdae> Can I explain the situation a bit? Maybe there might be a better solution, the rsync usage is just my guess..I've never performed back-up's across Ubuntu before, tbh
<chaos_zero> like, what is the most minimal x that i can get to use wine?
<twb> chaos_zero: zero.  It is a world of hurt.
<twb> chaos_zero: if there is any other option, choose it
<chaos_zero> well, i am trying to host a game server... i cant just reprogram it
<twb> chaos_zero: in fact it would probably be less grief to buy a windows license and run it in a VM, than to try to run a w32 app inside wine inside Xvfb
<twb> Oh, well, games. You probably have lower expectations ;-)
<ohdae> I have 2 servers. DNS for my domain points to both, round-robin. I am not currently using caching for the webservers, so both servers need the same content exactly to serve the website. But there is also data on each server (code, text docs, etc) that I would like periodically backed-up to the opposite server.
<chaos_zero> true
<ohdae> Does that change my needs at all? heh
<chaos_zero> its mainly used for mysql, apache, bind 9 but theirs planty of processing power not used
<twb> ohdae: website could be pushed with git; bind has the ability to magically sync between itself IIRC (look for "peer")
<ohdae> Hmm, sounds much easier than what I'm doing currently.
<twb> I guess if you have a fancy-pants website with php and mysql, plain git might not suffice.
<ohdae> Most of the content is static, so I update each page manually and then sftp the updated .html files to the opposite server
<SpamapS> ohdae: yeah I'd put the website in whatever your favorite VCS is (bzr, git, hg, svn ..etc) and pull the website from that. And then I'd backup the VCS somewhere else
<twb> rsync is definitely not the right option to keep *running* mysql instances in sync, because databases' files (usually) aren't coherent
<chaos_zero> so how do you go about running vm in ubuntu server if their is no X
<chaos_zero> ?
<SpamapS> chaos_zero: libvirt
<twb> chaos_zero: VMs don't need X
<SpamapS> chaos_zero: kvm, xen, virtualbox, even vmware, will all work fine w/o X
<ohdae> But I'm implementing nginx + php + twitter bootstrap, using mysql as a back-end to hold content (blog posts, etc)
<chaos_zero> but its windows...and you know how gui-based *windows* is...
<twb> SpamapS: except free version of vbox provides no means to get into the headless VM :-(
<ohdae> and creating a local-only submission page. so I think that will sovle my website-sync needs. But either way, I'll go check out rsync +librsync
<SpamapS> chaos_zero: kvm will expose the graphics hardware as a VNC server you can connect to
<twb> chaos_zero: kvm et al can export the guest's GUI via e.g. VNC
<twb> chaos_zero: and once it is installed, if the guest is actually running, the guest can speak whatever it likes (e.g. SSH or RDP)
<SpamapS> ohdae: you *really* need to have version control for your website
<chaos_zero> i am too much of a noob to get how this is going to work...
<SpamapS> ohdae: rsync will keep you in sync, but when one breaks, it will break the other one too on the next mirror cycle. ;)
<ohdae> hmm true
<SpamapS> ohdae: with VCS you can at least roll back
<chaos_zero> is their an apt-get for that which you would recommend. I would start researching from that
<SpamapS> ohdae: if you're a developer, I'd think you would already know that
<ohdae> Oh I know, I've jsut never bothered heh
<ohdae> Honestly, I have a sort of ghetto setup
<ohdae> and it just got out of hand
<adam_g> Daviey: fyi first test passed, second one deploying. should be sunny again soon
<twb> SpamapS: you'd be surprised how many incompetent coders are out there, even taking the average idiocy of PHP into it.
<ohdae> crappy stuff got built ontop of crappy stuff that shouldnt have been there to begin with
<ohdae> Now I have a cluster-fuck on my hands
<twb> ohdae: yeah it's called gnu/linux
<ohdae> hehe
<Daviey> adam_g: rocking, swift-milestone now green
<Daviey> (1.4.6 -> 1.4.7 transition)
<ohdae> Well...my "main" server is running Ubuntu..is running nginx, php, inspircd, silcd, mysql and it has ohh all of 5gb HD, 64mb RAM
<ohdae> It actually still runs pretty well lol
<SpamapS> Daviey: ready to chat 'bout rabbitmq?
<SpamapS> ohdae: thats not a server, thats a miracle.
<ohdae> SpamapS: Oh it's trucking along ;-)
<Daviey> SpamapS: hmm, sorta.
<SpamapS> ohdae: your cluster f*** is primarily due to you not being able to control change. VCS is the first step in that.
<ohdae> Honestly, it still runs pretty good. granted my nginx doesnt get a whole lot of traffic, but it's balanced between that server and my secondary server (which is MUCH better, stats-wise)
<twb> Last time I looked, I couldn't even successfully get through netboot d-i without at least 96MB of RAM.
<ohdae>              total       used       free     shared    buffers     cached
<ohdae> Mem:            54         51          3          0          1         15
<ohdae> :o
<chaos_zero> ok i have been reading a little...haha...anyway basically if you get virtualbox on ubuntu server you can connect and see the gui over a LAN to configure it then just let it run is that correct or an i totally off?
<SpamapS> twb: you can boot the cloud images w/ very little RAM. I'm sure 65MB will work.. though it will swap like a mother.
<SpamapS> chaos_zero: you're better off with libvirt and virt-manager if you want a GUI
<twb> SpamapS: yes, booting only needed 64MB (the kvm default), but to install I needed a little bit more
<twb> SpamapS: otherwise it claimed to finish installing but non-trivial packages weren't unpacked properly and it couldn't get through init, IIRC
<SpamapS> twb: right, so the downloadable cloud images would work fine. :)
<twb> SpamapS: oh, and of course I had no swap -- who still uses swap these days
<SpamapS> I'm one of those weirdos who things swap is more detrimental than the OOM killer
<twb> Particularly swapping to a virtual disk inside the VM.  That's silly!  Overcommit the VM's RAM and rely on the host OS to do a single layer of paging
<twb> SpamapS: don't install apps that are going to trigger the oom killer in the first place :P
<twb> I used to believe in swap until I went for like twelve months where every time I started swapping hard, I couldn't ssh into the system or even log in on the local tty.  So I said "fuck that noise" and I put up with the oom killer, because it's more likely to allow me in enough to either recover or at least trigger a clean reboot.
<chaos_zero> how an i supposed to do anything on a windows computer without gui
<SpamapS> twb: right, thats exactly how I see it too
<chaos_zero> from my exp the cmd is very limited compared to ubuntu
<Daviey> zul: python-novaclient is broken because the build process accesses ~/ which it should not.
<kklimonda> chaos_zero: there is power shell though
<Daviey> zul: Oddly, it worked when it access ~/foo but not ~/foo/bar.txt
<twb> kklimonda: monad can be a bit... special
<Daviey> zul: https://github.com/openstack/python-novaclient/commit/7601bef9ef70ce69f544e0ffda904a04552bc38c broke it.
<zul> Daviey: heh ok
<zul> Daviey: looked like it
<kklimonda> twb: meh, so can be sh ;)
<kklimonda> twb: I don't really have much experience with it though - I did write few scripts when I had to, but not much more
<chaos_zero> is their any package in the repository for the aformentioned libvirt?
<twb> I know a guy at MS who was adding all sorts of crazy shit to it in his spare time
<Daviey> zul: have ideas to work around it?  Make it respect (AS IT SHOULD!) a env variable?
<twb> Like readline
<zul> Daviey: not yet
<chaos_zero> the powershell does not seem suited for my needs
<Daviey> zul: if we could get it workng for EoD, we'd have a sunny day!
<zul> Daviey: people have already been complaining about the bash completion anyways
<zul> Daviey: heh im already eod
<twb> Daviey: explosive ordnance disposal?
<twb> zul: bash completion is now like 200% more awesome in sid
<zul> twb: thats nice it doesnt help the problem we are working on :)
<twb> bash-completion (1:1.90-1) experimental; urgency=low * bash-completion 2 preview: dynamic loading of completions
<twb> zul: sorry I guess I should read what you guys write as well as my own lines ;-)
<Daviey> zul: https://bugs.launchpad.net/nova/+bug/932468
<Daviey> twb: feels like it.
<Daviey> zul: geez, what is the time?
<uvirtbot> Launchpad bug 932468 in nova "python-novaclient hardcodes UUID_CACHE_DIR, this should respect some env variable" [Undecided,New]
<Daviey> zul: bash_completion doesn't interest me for automatic shell script build tools :)
<twb> Daviey: all the cobbler/nova/cloud-y stuff goes way over my head
<SpamapS> twb: like, libreadline, or readline-like behavior?
<twb> SpamapS: I don't remember
<SpamapS> twb: btw, whats the 200% more awesome bash completion thing?
<twb> SpamapS: 11:56 <twb> bash-completion (1:1.90-1) experimental; urgency=low * bash-completion 2 preview: dynamic loading of completions
<SpamapS> twb: doesn't have to parse all 50,000 lines of it at login?
<twb> Right.
<SpamapS> twb: nice
<twb> Although in my testing it still takes about two seconds to load it
<Daviey> twb: same here :)
<SpamapS> Ok, with the latest concerns over PHP 5.4.0rc7's signal handling.. I think we have to just consider shipping 5.3.10 .. :(
<mdeslaur> SpamapS: whatever you decide to ship, please make sure suhosin is enabled
<SpamapS> mdeslaur: definitely it will be
<mdeslaur> SpamapS: awesome, thanks! :)
<SpamapS> mdeslaur: I really want to ship 5.4 .. but it seems like their quality is just still too poor to ship .0's
 * twb struggles not to make more snarky remarks about PHP
<kklimonda> SpamapS: oh? we are not following debian on disabling it?
<SpamapS> twb: PHP is the Bernie Madoff of the language world. Eventually the pyramid will collapse.
<SpamapS> kklimonda: no
<twb> Madoff is some Ponzi scheme?
<SpamapS> kklimonda: quite the opposite.. I intend to put some effort into getting it merged into upstream next cycle (presumably for a "5.5" or "6.0" ..
<twb> Yep, I guessed right.
<kklimonda> SpamapS: that's a great goal
<SpamapS> twb: I'm not advocating that you watch TV.. but perhaps read news websites? ;)
<twb> Like I care about how fucked up the .us gets
<twb> As long as I keep giving you all my uranium and coal and such, you won't bomb me
<kklimonda> SpamapS: are there any plans to ship two flavours of php: one with suhosin enabled, and one without it?
<SpamapS> kklimonda: not yet no
<SpamapS> kklimonda: this decision, made in Debian, is pretty recent. We haven't really had time to discuss it in Ubuntu, so we'll stick with the way it is now.
<Daviey> adam_g / zul: Seen, http://pb.daviey.com/WON1/ ?
<zul> thats a new one
<SpamapS> wow.. it takes about 1G of space in /tmp to bzr merge-upstream on mysql-5.5's tarball
<adam_g> Daviey: is that from a jenkins job output or manual run?
<kklimonda> tjaalton: why are you versioning libpki-*-java files?
<Daviey> adam_g: jenkins output, bug 932480
<uvirtbot> Launchpad bug 932480 in openstack-ubuntu-testing "Race condtion when adding files to local archive" [Undecided,New] https://launchpad.net/bugs/932480
<SpamapS> kklimonda: I am inviting members of the Debian php team to join us in Oakland to talk about Suhosin and see if they're also interested in helping push it upstream.
<Daviey> adam_g / zul: We are back to Green on the master and those exposed through the jenkins mirror instance \o/
<twb> SpamapS: oh right no wonder you like swap -- you use bzr :P
<twb> SpamapS: I killed my system three times in a row trying to bzr clone Emacs' repo with "only" 1GB of RAM
<twb> (Of course it doesn't OOM until it has finished dl'ing all the patches, which takes about three hours)
<adam_g> Daviey: i suppose its possible two different build slaves are attempting to call reprepro?
<Daviey> adam_g: that is my theory on the bug
<SpamapS> twb: it takes a lot of memory to have a full graph of history. :)
<twb> SpamapS: well, git checks out the same repo in half an hour without OOMing
<twb> SpamapS: AFAICT it was because bzr tried to build the working tree in memory instead of as files
<SpamapS> twb: indeed, I'd expect that git does most things bzr can do faster. :)
<Daviey> adam_g: i suspect a for loop, with sleep ${i}s will solve it TBH.
<adam_g> Daviey: yeah...
<SpamapS> twb: and 99.9% of the time, just as correct. The 0.1% that git glosses over as "not the changesets you're looking for" costs *a lot* of performance and grief in bzr. :)
<twb> Damn, looks like I never cached my bzr rant back when I rant into that problem
<Daviey> zul: i'm not proud of myself, http://bazaar.launchpad.net/~ubuntu-server-dev/python-novaclient/essex/revision/23
 * Daviey EoD's.. nn all
<adam_g> Daviey: there was two horizon build jobs timestamped 8:00:29, one passed one failed. g'night
 * adam_g EOD
<uvirtbot> New bug: #932468 in python-novaclient "python-novaclient hardcodes UUID_CACHE_DIR, this should respect some env variable" [High,Triaged] https://launchpad.net/bugs/932468
<Daviey> jamespage: looks like, https://jenkins.qa.ubuntu.com/job/oneiric-server-ec2/ARCH=i386,REGION=us-east-1,STORAGE=instance-store,TEST=simple-user-data,label=ubuntu-server-ec2-testing/13/console is a harness failure.
<kklimonda> tjaalton: ah, it seems to be done by javahelper
<Muska> hi I'm having a problem with Ubuntu 11.10 detecting my sata drives on install.  I normally use ata_piix but I can't even load it using modprobe in a virtual terminal
<ruben23> guys i have installed iptables on ubuntu server, wher do i find the configuration file where i can write rules on it..any idea guys
<Muska> I extracted the initrd image and didn't even see any modules in there for sata
<Muska> ah ha problem solved.  fakeraid information was still on the drives causing them to be detected incorrectly *sigh*
<twb> ruben23: for Ubuntu you can use ufw for a simple interface.
<twb> ruben23: if you want direct management of the ruleset please discuss that on #netfilter.
<twb> ruben23: by default Ubuntu and Debian have no raw ruleset file (cf. RHEL's /etc/sysconfig/networking/firewall).
<twb> ruben23: the iptables-persistent package provides one such place, but you can also simply do it yourself, or as I said use a wrapper like ufw (or shorewall, or ...)
<twb> Re bash-completion, I just found a gotcha -- you have to purge it before dpkg -i'ing the sid version, or it gets confused and keeps all the bogus /etc/bash_completion.d/* conffiles
<linocisco> hi all
<linocisco> i have a internet device like wifi router
<linocisco> i dont know its console IP, how can I find using which ubuntu tool ? I dont want to reset that not to lose settings inside
<twb> linocisco: we don't provide support for appliances; contact the vendor.
<linocisco> twb, I am thinking if there are any smart tool like nmap
<sp4z> Hi i am trying to browse to a web page that has ssl enabled but its not connecting - does anybody know what packages are required to make that work? (i have ubuntu-server base with xfce4 on top using firefox)
<twb> sp4z: w3m and ssl-cert
<sp4z> tyvm
<twb> For GUI support try #ubuntu or #xubuntu
<sp4z> twb, are there any more? that hasn't done it.. its not a GUI problem as I can access https pages from my xubuntu box its only this ubuntu server box that has problems
<qman___> accessing web pages is a GUI thing, therefore a GUI problem
<qman___> try wget or links/lynx, should narrow your problem
<sp4z> rgr
<twb> sp4z: "w3m https://en.wikipedia.org/" should work fine with just those two packages.
<qman___> heh, never used that before, way better than links
<twb> qman___: w3m is the default on debian and ubuntu
<twb> qman___: if you're in an xterm or fbcon it also supports inline images (install w3m-img)
<qman___> cool, I'm impressed with the quality of the mouse support
<qman___> page layouts and colors are pretty good too
<sp4z> nah that doesn't work :S
<twb> sp4z: then you've done something wrong.
<sp4z> i'll reboot brb
<twb> Sigh.  Kids these days...
<sp4z> ??
<sp4z> zzz
<sp4z> i need to punch myself some times - jeeze that was stupid
<sp4z> my iptables were to strict on outgoing traffic
<twb> Sigh.  This server has been sittig on my bench for so long, I've forgotten what the login credentials are for it
<twb> And init=/bin/sh seems to make it hang after the pivot_root, and because it's "enterprise" hardware it takes five minutes to reboot it
<twb> And the fucking grub bullshit is in place so I have to hit shit/alt at EXACTLY the right microsecond or it skips the grub prompt :-////
<cloakable> can it boot from usb/optical?
<twb> Probably but then I have to mess about finding something that will boot and can talk the same version of md and lvm, &c &c
<twb> I shouldn't be obglied to do that simply to save 1s boot time on stupid ubuntu desktops, which is what the grub change was about
<twb> *obliged
<twb> OK, break worked, so now I can deal with the ramdisk
<twb> WTF, mdadm isn't in the ramdisk, and it's reporting different size disks.  Maybe this isn't even my machine...?
<twb> No, it definitely claims to be my machine
<twb> Looks like it's set up with two hardware raid arrays or something, graah
<z3r0n0id> ok so i just installed ubuntu 10.10 server; i set up ip, netmask & default gw. why can i ping the box but not ping anything form the box?
<radsouthern> hi guys I changed the vide card and nw my gui is nt working. Any siggestins?
<radsouthern> suggestins
<radsouthern> suggestions
<z3r0n0id> radsouthern: do you have tty1?
<radsouthern> 1 sec
<twb> It had six disks, but only four of them had running lights, because the other two were SATA not SAS.  Sigh, sigh and thrice sigh.
<radsouthern> k yes i just logged into it
<radsouthern> alt f1
<radsouthern> right
<radsouthern> ?
<z3r0n0id> ctrl + alt + # to switch between them, 7 is gui
<z3r0n0id> sorry F7
<radsouthern> k ill try that I had a gforce 5200 and i never culd get a reslutin over 640x480
<radsouthern> could
<radsouthern> there i fixed my o
<radsouthern> lol
<radsouthern> resolution
<z3r0n0id> radsouthern: it works?
<radsouthern> im useing the bult in graphics on the motherboard now
<radsouthern> thats what im trying to fix
<radsouthern> hold up ill see if it works
<radsouthern> no it didn't work bud
<radsouthern> maybe i need to reconfigure x
<radsouthern> what yah think?
<radsouthern> shoot
<radsouthern> i may need to remove them drivers from that 5200
<radsouthern> the 5200 is a better card
<radsouthern> but i never could configure the xorg file
<z3r0n0id> what card did you install?
<radsouthern> every time i tryed to put some modes in the config it would boot to a black screen
<radsouthern> nvidia 5200 fx
<radsouthern> the onboard one sux
<radsouthern> but i can at least get a resolution over 640 x480\
<z3r0n0id> read this it might help
<z3r0n0id> http://crunchbanglinux.org/forums/topic/7409/howto-nvidia-geforce-fx-5200/
<radsouthern> i have been reading about this for about a year
<radsouthern> ill look at it
<radsouthern> crunchbang screwed it up so bad i had to reinstall once
<radsouthern> i was doing it step by step
<radsouthern> then later in the forum it said well do this hahahha
<radsouthern> i had already hosed it
<radsouthern> another thing I don't think i ever turned the onboard one off
<z3r0n0id> radsouthern: sorry i cant help...
<radsouthern> what do you do z3r0n0id
<radsouthern> what kind of servers do you guys run in here
<radsouthern> I'm hst a lamp
<radsouthern> hosting*
<z3r0n0id> radsouthern: im trying to get my server up and working
<radsouthern> my amd box is funny turned
<radsouthern> i have had a lot of prbswith it.
<radsouthern> i may scrap it
<twb> When creating an LV, how do you tell it which PV to prefer?
<twb> Ah, after the VG
<twb> e.g. lvcreate --name LV1 /dev/VG0 /dev/PV1
<z3r0n0id> radsouthern: yea its making me really mad
<radsouthern> i have tried different distros on it some won't even run.
<rad_> take it easy man hope you get it worked out
<Tribaal> ll
<tjaalton> kklimonda: versioning? i don't follow
<koolhead17> jamespage: ping
<jamespage> koolhead17, pong
<jamespage> rbasak, please ping me when you start today
<Daviey> jamespage: heya
<jamespage> Daviey, morning sir!
<Daviey> jamespage: did you see my comment last night?
<jamespage> Daviey, racey local archive installs in openstack-ubuntu-testing?
<Daviey> jamespage: nah, but close :)
<Daviey> 01:46 < Daviey> jamespage: looks like,
<Daviey> https://jenkins.qa.ubuntu.com/job/oneiric-server-ec2/ARCH=i386,REGION=us-east-1,STORAGE=instance-store a harness failure.
<Daviey> jamespage: did you see i created a project?
<jamespage> Daviey: that was good thinking
<jamespage> we where at the point where we needed one
<koolhead17> hi Daviey  :)
<jamespage> Daviey: hmm - not really - https://jenkins.qa.ubuntu.com/job/oneiric-server-ec2/13/ARCH=i386,REGION=us-east-1,STORAGE=instance-store,TEST=simple-user-data,label=ubuntu-server-ec2-testing/console
<jamespage> dpkg failed to configure something in a big way
<jamespage> I've not seen that before
<jamespage> Daviey, BTW did you see this - https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/?
<melvincv> ?
<melvincv> oh, there's a network lag.
<Daviey> jamespage: hey! no i missed the overview - that is nice!
<Daviey> jamespage: is ec2 really as unreliable as our testing is currently showing?
<Daviey> As in, we have at least 1 failure per day :/
<jamespage> well...
<jamespage> at the moment the precise testing is failing in us-west-2 due to the archive mirror being hosed
<Daviey> right
<jamespage> we do see odd things like instances never starting
<jamespage> and on pre-oneiric we see some udev issues on first boot
<jamespage> bear in mind that only one ami test has to fail for the entire test to be marked red
<jamespage> on the dailies that is 1/28 AMI's
<jamespage> TBH utlemming and smoser are closer to the actual issues...
<Daviey> jamespage: right!  Thanks.
<RoyK> Daviey: sounds a bit strange to me that amazon would keep on making money if it was as bad as you picture it
<koolhead17> RoyK: you need to read there magical SLA TBH :)
<jamespage> RoyK, we launch a large number of instances over the period of a month so we are bound to see edge/race conditions more frequently
<jamespage> ~1700 pcm
<Daviey> RoyK: exactly.
<RoyK> pcm?
<Daviey> per calender month
<RoyK> k
<RoyK> Daviey: what do you use these for?
<RoyK> HPC?
 * koolhead17 found his juju instances coming up more easily using LXC then AWS
<jamespage> RoyK, thats just for validating that the official Ubuntu AMI's actually work :-)
<jamespage> none run for more that a few minutes
<RoyK> ok
<Daviey> koolhead17: you are the first to say that :)
<matti> :>
<koolhead17> Daviey: i tried all there zones, SpamapS was helping me and i ended up using LXC
<koolhead17> all my juju related work i am doing with LXC only :P
<Daviey> heh
<TeTeT> koolhead17: you do? any advice on setting it up? Tried it a while ago and couldn't launch instances at all
<koolhead17> TeTeT: i have a link for you then :d hold on :D
<koolhead17> TeTeT: askubuntu.com/questions/65359/how-do-i-configure-juju-for-local-usage  the magic :)
<koolhead17> but try it on oneiric/precious
<rbasak> jamespage: pong
<koolhead17> jamespage: seems like i will have to try precious as you suggested! :D
<TeTeT> koolhead17: thanks, bookmarked. will resurrect my kvm instance for it and check it out
<koolhead17> TeTeT: keep me updated incase your still stuck!! :D
<jamespage> rbasak, good morning!
<rbasak> hey
<jamespage> rbasak, so how is openmpi looking today?
<jamespage> rbasak, BTW I think this is the issue you are seeing - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658600
<uvirtbot> Debian bug 658600 in libopenmpi-dev "mpic++ etc fail when run with fakeroot" [Normal,Open]
<rbasak> Yeah, I spotted that - thanks
<rbasak> (when you linked the bug)
<rbasak> My last attempt was http://paste.ubuntu.com/842824/
<rbasak> I've been using yorick as it's causing a clear segfault. I suspect the boost build is doing the same thing but it's a bit more hidden.
<rbasak> What's odd is that I'm running the same command a second time and it isn't segfaulting
<jamespage> rbasak, anything on the upstream mailing lists/bug tracker about this sort of behaviour?
<rbasak> here's the script that generates it: http://paste.ubuntu.com/842825/
<rbasak> I've not looked
<jamespage> rbasak, fakeroot mpic++ works quite well as well
<Daviey> jamespage: is there a reason we didn't create a horizon precommit task?
<Daviey> 'stable'
<jamespage> nope
<jamespage> did not know it was in scope for pre-commit testing
<jamespage> thats why :-)
<Daviey> jamespage: well, i don't think it was - but we have jobs inbound, and would be good to take the donkey work out ;)
<Daviey> ie, https://review.openstack.org/3897
<jamespage> OK
<rbasak> jamespage: I didn't notice that until the debian bug this morning. If I can reproduce that it'll be easier to track down. But I'm also confused as to why my last test couldn't repeat the segfault.
<jamespage> I'll add it to the coniguration
<rbasak> I thought the segfault was deterministic
<jamespage> rbasak, it appears to be in something called opal_wrapper
<jamespage> just grabbing a crash dump now
<Smozius> Hey guys, I am running Ubuntu server in ESXi and I extended the HDD and rebooted but it still lists the original size on install, but fdisk shows the new size, how can I refresh it to make use of the extra space?
<jamespage> rbasak, bug 932628
<uvirtbot> Launchpad bug 932628 in openmpi "opal_wrapper crashed with SIGSEGV in calloc()" [Undecided,New] https://launchpad.net/bugs/932628
<Smozius> Image of what i'm talking about - http://i.imgur.com/XDnCB.jpg - it shows the usage of  /, which is 20GB, but /dev/sda is 42.9GB which is /
<jamespage> Smozius, whats the format of your filesystem?
<Smozius> ext4 i believe
<jamespage> Smozius, resize2fs would be your friend in this case
<Smozius> Can that be used in a production environment?
<jamespage> Smozius, it does the resize online
<Smozius> cool
<Smozius> so you can specify any size....what happens if the size doesnt match what the HDD is....
<Smozius> or partition is*
<jamespage> ah - one second - lemme look at you screenshot
<jamespage> Smozius, sorry - I assumed that you where using LVM
 * jamespage thinks
<Smozius> Think I should be using LVMs?
<Smozius> I've never used them before...
<jamespage> Smozius, I normally do on servers as it provides a bit more flexibility and you can span volumes over multiple disks
<jamespage> means you never resize an underlying device - you just add a new one and extend...
<Smozius> Yeah, the resize2fs isn't working out so well
<Smozius> its not detecting the additional sectors
<jamespage> Smozius, yes - that would be expected
<jamespage> the filesystem is limited by the size of the partition is resides on
<Smozius> Right, so LVMs are pretty good with snapshots I heard, is that right?
<jamespage> using LVM you can increase the size of the logical volume then resize the filesystem on it
<jamespage> Smozius, yeah - that is quite a nice feature - we use root filesystem snapshots in the test lab we have for openstack
<jamespage> makes reseting a test machine back to a know good state much quicker!
<Smozius> How about for a production email server?
<jamespage> Smozius, depends what you want to use the snapshots for
<jamespage> I guess you could create point in time snapshots of email data for backup purposes
<Smozius> I want to find an efficient hopefully free solution to do backups
<Smozius> thats easy
<jamespage> you could try bacula
<jamespage> not sure if/how it integrates with email solutions
<jamespage> what email software are you using
<Smozius> Zimbra
<Smozius> Can Bacula backup running root file systems?
<RoyK> yes
<RoyK> Smozius: anything can, really
<linocisco> hi
<RoyK> Smozius: but with zimbra, the database must be shut down
<Smozius> I had attempted at getting DRBD to network raid '/' but it wasn't having it
<RoyK> Smozius: there are various scripts out there to help backing up zimbra, it's not hard, but it's a bit more than just backing up ordinary files
<linocisco> i have an ISP which offers internet with the proxy settings in browser. I would like to share it to wifi without requiring wifi users to set proxy and port in browser. how to do?
<Smozius> Right.... I've seen them, they are messy =/
<RoyK> Smozius: if you can afford to take down zimbra during the backup, that's an easy way (which I use)
<Smozius> With Bacula?
<RoyK> which?
<Smozius> Or by coping the files?
<Smozius> The way you use....
<RoyK> oh
<RoyK> I don't use bacula on this system
<RoyK> but
<RoyK> it'd be the same thing
<RoyK> shutdown zimbra, backup zimbra using *anything*, start it
<RoyK> see the bacula pre/post scripts
<RoyK> but... gotta go... bbl
<Smozius> its just a matter of copying the /opt/ folder right?
<Smozius> lino are you getting the internet off of an ethernet cable
<Smozius> or your own wifi?
<RoyK> Smozius: just copy /opt/zimbra out somewhere
<RoyK> Smozius: rsync is nice
<Smozius> but how fast can you make that go when /opt/zimbra is over 17GB?
<RoyK> Smozius: so, stop zimbra, rsync -a /opt/zimbra /back/me/up/zimbra, start zimbra, let bacula handle the rest
<RoyK> Smozius: rsync is rather quick after the initial run
<RoyK> and the initial run can be done while zimbra is still running
<Smozius> So then why the need for shutting it down?
<RoyK> you can even do rsync -a /opt/zimbra /somewhere ; stop zimbra ; rsync -a /opt/zimbra /somewhere ; start zimbra
<RoyK> that way the first will copy all changes like emails etc, and the last rsync will copy the database files correctly
<RoyK> overwriting the ones from the first copy
<Smozius> Ah, i've never used rsync before, just scp a few times
 * RoyK pirate copies his own idea, changing his backup regime, and then sues himself for copyright infringement
<Smozius> lol
<RoyK> but... gotta go
<RoyK> catch you later
<Smozius> +(
<Smozius> =(
 * koolhead17 not feeling good about cobbler
<koolhead17> i downloaded precious server image from http://cdimage.ubuntu.com/ubuntu-server/daily/20120214/precise-server-i386.iso
<koolhead17> now when am booting it inside virtualbox am getting error "Please use kernel appropriate for your CPU"
<koolhead17> all other versions are running without any issue inside my Dropbox
<koolhead17> *virtualbox
<koolhead17> jamespage: Daviey ^^
<uvirtbot> New bug: #932680 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.14 failed to install/upgrade: subprocess installed post-installation script returned error exit status 139" [Undecided,New] https://launchpad.net/bugs/932680
<uvirtbot> New bug: #932681 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.14 failed to install/upgrade: subprocess installed post-installation script returned error exit status 139" [Undecided,New] https://launchpad.net/bugs/932681
<Aison> I'm using freeradius WPA peap authentication with my Wifi APs. In past this worked very good, now it stopped working
<Aison> freeradius outputs this message:
<Aison> [peap] <<< TLS 1.0 Alert [length 0002], fatal unknown_ca   TLS Alert read:fatal:unknown CA     TLS_accept: failed in SSLv3 read client certificate A rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca SSL: SSL_read failed inside of TLS (-1), TLS session fails.
<Aison> do anybody know what that could be?
<koolhead17> got it working, unlike other versions i have to enable PAE/NX
<koolhead17> :)
<xperia> hi all. i need to install * FlexUnit 4: http://opensource.adobe.com/wiki/display/flexunit/FlexUnit on my ubuntu server to test some stuff out. does anybody know how to do this best ?
<Tixos> hey, global DNS propagation can take 1 month?
<koolhead17> Tixos: few hours
<Tixos> 'can take 1 month'
<Tixos> or longer
<Tixos> as far as im aware max TTL can be 1 month?
<chilli0> hello, for some reason my headless server keeps on d/cing from the network the time frame of this changes. could be like 2h - 2 days. anyone know how to figure it out?
<jamespage> rbasak, I stuck a backtrace on bug 932628
<uvirtbot> Launchpad bug 932628 in openmpi "opal_wrapper crashed with SIGSEGV in __libc_calloc()" [Medium,New] https://launchpad.net/bugs/932628
<jamespage> rbasak, segfault occurs when "    if (stat("/dev/ummunotify", &st) == 0) {" is called
<rbasak> Interesting. That shouldn't make fakeroot segfault, AFAIK.
<jamespage> rbasak, fairly easy to test :-)
<rbasak> Yeah I tried that
<rbasak> $ fakeroot stat /dev/ummunotify
<rbasak> stat: cannot stat `/dev/ummunotify': No such file or directory
<rbasak> I'll do it properly in half an hour when I should have a dev environment again :)
<rbasak> I wonder if it's caused by something stepping over fakeroot's memory?
<jamespage> rbasak, might be
<rbasak> IIRC, fakeroot keeps pointers to the real functions persistently
<jamespage> I see
<rbasak> No it can't be that, it's calling dlsym, and calloc is segfaulting.
<rbasak> I think it's heap corruption. Debugging this could be interesting
<jamespage> well at least we have a few more pointers and a deterministic test
<rbasak> "a few more pointers" I see what you did there :-)
<jamespage> rbasak, :-)
<Daviey> *groan*
<jamespage> rbasak, I think this might be related to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531522
<uvirtbot> Debian bug 531522 in libopenmpi-dev "libopenmpi-dev: mpicc segfaults under fakeroot" [Serious,Fixed]
<jamespage> hmm - almost definately - the ordering of the checks is incorrect
<jamespage> if should check for FAKEROOT first
<jamespage> lemme try a patch
<rbasak> reading
<rbasak> "It seems to me that OpenMPI is at fault for doing crafty things like
<rbasak> "stat()" in the __malloc_initialize_hook()."
<jamespage> rbasak, 1.5.x introduced that stat BEFORE the check for FAKEROOT
<jamespage> I've re-ordered the checks - building now
<rbasak> Sorry jamespage, I'm a little behind you!
 * jamespage slows down
<jamespage> so if you read the code around line 746
<jamespage> (about 20 lines down)
<jamespage> it discussed running under FAKEROOT and makes allowances for it
<jamespage> this was OK in 1.4.x but 1.5.x introduced the stat on /dev/XX prior to the check for FAKEROOT
<jamespage> reading the comments this won't work (which is exactly what we see)
<jamespage> basically its a upstream regression of this fix - https://svn.open-mpi.org/trac/ompi/changeset/21493
<rbasak> OK, I agree
<jamespage> 4 cores + SSD burning the build now :-)
<jamespage> rbasak, that appears to work!
<jamespage> w00t
<jamespage> jamespage@hendrix:~/src/precise/openmpi$ fakeroot mpic++
<jamespage> g++: fatal error: no input files
<jamespage> compilation terminated.
<chilli0> Hey i'm back, i may have fixed it but not sure till it goes down i guess. but now i want to get my VPN working correctly, this is my error. http://pastebin.com/mfw4zZE7
<jamespage> rbasak, w00t yorrick builds!
<Daviey> adam_g: When you are alive for the day, any idea why precise-openstack-essex-deploy is failing?
<rbasak> jamespage: awesome!
<rbasak> jamespage: thanks, you did in a day what would have taken me a week. Probably because I would never have found that debian bug and had to rediscover it all.
<jamespage> rbasak, let me just gather my thoughts and I'll push a branch somewhere
<jamespage> rbasak, hey - no problem!
<jamespage> rbasak, so now that we have something that works we need to make that decision as to whether to transition the archive or have and openmpi1.5 package in universe
<rbasak> jamespage: yep - I'm not sure about the process here. Transitioning the archive would seem cleaner - in particular these are universe packages that we have no test stories for, so if we don't, will they ever be transitioned?
<jamespage> rbasak, agreed; they either transition or get removed from the archive.
<jamespage> this is the disavantage of doing it before debian
<rbasak> I suppose that they'd be transitioned when Debian does their transition, at which point we'd need to have deltas to manage the upgrade
<rbasak> I'm in favour of doing the transition then - if there are issues, then then can be fixed as people report them.
<rbasak> I think it's unlikely that we'd get much community testing before release anyway.
<rbasak> s/much/any/
<jamespage> rbasak, OK so we can validate that the packages that need to transition build OK - thats normal
<jamespage> plus1 maintenance team might be able to help with that
<jamespage> rbasak, I just pushed a branch containing the release from debian experimental plus my fix - its linked to https://bugs.launchpad.net/ubuntu/+source/openmpi/+bug/932628
<uvirtbot> Launchpad bug 932628 in openmpi "opal_wrapper crashed with SIGSEGV in __libc_calloc()" [High,In progress]
<jamespage> rbasak, going to get some lunch
<rbasak> ok
 * koolhead17 has precious running     // ..\\
<zul> Daviey: can you cowboy your fix for python-novaclient into the openstack-ubuntu-testing branch so we can catch anything else that your patch might fix/break please
<Daviey> zul: hang on, have i missed the workflow?
<zul> Daviey: i dont think we have a set workflow really
<zul> Daviey: but if we can get instant gratification...why not :)
<Daviey> zul: i should never need to touch ~openstack-ubuntu-testing, should i?
<Daviey> (or you, or anyone)
<zul> Daviey: well if you to test your patch right away and you are not a member of ubuntu-server-dev *cough* adam_g *cough* then you have to
<Daviey> zul: no, no, no
<Daviey> zul: adam_g needs his changes sponsored in, until he is going to apply for upload access.
<zul> Daviey: right but i dont want him blockin on me
<Daviey> zul: or any other ~ubuntu-server-dev or core-dev.
<zul> Daviey: right
<Daviey> zul: please, let's keep ~openstack-ubuntu-testing gated.
<zul> Daviey: no arguement from me
<zul> Daviey: can you add the patch to the ubuntu-server-dev branches then?
<Daviey> zul: why not?
<Daviey> zul: Hmm
<Daviey> zul: Why not just wait for it to land?
<zul> Daviey: so we can shake out any other bugs?
<Daviey> it's not a blocker, is it?
<zul> it isnt but we can be a good downstream if we can shake out any other bugs we find
<Daviey> zul: isn't that what future precommit is for?
<koolhead17> woahh, next_server and server is also automated in installation for cobbler in precious
<zul> Daviey:  sure but sometimes its good to be one step ahead and pro-active
<Daviey> jamespage / adam_g / zul: I just heard the plan to refactor tarball.sh.. What is this about?
<jamespage> Daviey: its becoming to rigid and complex in its current form
<jamespage> I wanted to re-use the function for the pre-comment testing for stable but as it stands thats asking a bit to much of it
<Daviey> jamespage: right, but is python the right fit for this?
<jamespage> Daviey: its as good as any - especially as the meta data is not that trivial
<Daviey> jamespage: ISTM that we'll be using it to either wrap shell, or added complexity of python libraries when the shell form is easier?
<jamespage> Daviey: to be honest I've not looked at in that much detail - zul and I discuss how the scripts should work not how they would be implemented
<jamespage> and what data we wanted in the meta-data to support both the build process and configuring jobs in jenkins
<Daviey> jamespage: ah, zul said it was being done in python.
<jamespage> alot of what we do is already written in python in the lab - the deployer and the jenkins configurator are for example
<zul> and since the jenkins uses config.yaml to configure the jenkins job, so in  my mind it made sense to use yaml and python
<Daviey> zul: *THAT* is justification :)
 * zul just finished his morning caffine fix :P
<Daviey> zul: heh, although - i'd rather we get tempest in use first .. before undertaking this.
<jamespage> Daviey: fine but we can't deliver pre-commit stable testing until we do the refactoring
<Daviey> jamespage: really?
<jamespage> thats one of the primary drivers
<jamespage> one/is
<jamespage> I stated to update tarball.sh for pre-commit testing
<jamespage> and the if/case clauses for determining what base version numbers should look like was looking stupid
<jamespage> so I stopped
<Daviey> jamespage: perhaps i'm missing the complexity, but can't we just fork tarball.sh until the new thing is ready?
<jamespage> Daviey: I think you are over estimating the complexity of what we are proposing in terms of refactoring
<jamespage> I'd rather spend time doing it so its a bit more maintainable than trying to hack something together based on a fork of tarball.sh
<jamespage> although my time/attention is elsewhere at the moment anyway
<rbasak> zul: do we need a test for that in CI? That get_console_output returns something?
<zul> rbasak: yeah
<Daviey> rbasak: that belongs in tempest, i'd say.
<zul> Daviey: alot of stuff belongs in tempest ;)
<rbasak> How do we need to track stuff that needs to go in there? A bug task?
<Daviey> zul: and tempest belongs in the CI :)
<zul> Daviey: ack
<Daviey> rbasak: I think it's not something that is going to fall of the plate :)
<zul> jamespage: is there anything blocking us from getting tempest working on the openstack-ci stuff?
<jamespage> zul: not sure TBH - adam_g would be best positioned to answer that question
<jamespage> sorry
<zul> jamespage: no worries just thinking out loud
<jamespage> zul: ack
<uvirtbot> New bug: #932787 in nova (main) "nova-compute: euca-get-console-output returns no data" [Undecided,Confirmed] https://launchpad.net/bugs/932787
<uvirtbot> New bug: #932788 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.10 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/932788
<Daviey> Hey, anyone want to help validate 10.04.4 point release?
<Daviey> one test outstanding!
<zul> people still use lucid? ;)
<uvirtbot> New bug: #932795 in python-boto (main) "update to boto 2.2.2" [Undecided,New] https://launchpad.net/bugs/932795
<brendan0powers> jamespage: Hi, I decided to just make a snapshot of the repository, and then point the watch file to the directory where I store it
<brendan0powers> For the next release, I will probably generate a release tarball, and move the packaging to it's own repository
<rbasak> Is there any reason why libguestfs/guestfish isn't packaged in Ubuntu? Or is it just that I can't find it? I thought nova did something like what libguestfs does?
<zul> it is
<zul> rbasak: apt-cache search libguestfs
<rbasak> Ah. I'm still on Oneiric. Thanks.
<rbasak> I feel an upgrade is imminent :)
 * zul is still running oneiric on desktop
<jamespage> zul, rbasak: chickens
 * zul has been called out
<zul> jamespage: i run it on the server though
<jamespage> brendan0powers, so that process needs to work for anyone - not just you
<rbasak> I haven't got round to it yet :)
<brendan0powers> jamespage: The snapshots are stored at http://www.resara.org/release-snapshots/, and I updated the debian/watch file
<jamespage> brendan0powers, right - so that can be parsed by uscan using a watch file
<brendan0powers> jamespage: right, although it doesn't download the archive now unless I force it too
<jamespage> if you add a get-orig-source target to debian rules then you can make it download and rename the tar.gz to the correct name
<jamespage> brendan0powers, it would be helpful if I could see the watch file now
<brendan0powers> Is it OK to just run uscan --force-download from the rules file
<brendan0powers> jamespage: https://bitbucket.org/resara/resara-server/src/06a5b06de1a2/rds/packages/precise/debian/watch
<brendan0powers> jamespage: or you can clone the repo hg clone https://bitbucket.org/resara/resara-server and look in the rds/packages/precise folder
<jamespage> get-orig-source:
<jamespage>     uscan --download-version $(DEB_UPSTREAM_VERSION) --force-download --rename
<brendan0powers> ok, so it get-orig-source called by the build system automatically?
<brendan0powers> jamespage: where does the DEB_UPSTREAM_VERSION variable come from?
<jamespage> brendan0powers, DEB_UPSTREAM_VERSION=$(shell dpkg-parsechangelog | sed -rne 's,^Version: ([^+]+).*,\1,p')
<jamespage> brendan0powers, some do - depends on how you build it
<brendan0powers> Ah, ok, so it's not provided by the build system
<jamespage> brendan0powers, ./debian/rules get-orig-source can of course just be run
<brendan0powers> jamespage: right, it's almost working, I need to fix up the snapshot a bit
<brendan0powers> jamespage: Ok, so now I have a debian/ directory with an watch file, and a way to get the original source
<jamespage> brendan0powers, great!
<brendan0powers> But, when you clone the repository, the precise/ fold only contains the debian/ directory, and nothing else
<brendan0powers> jamespage: should the source also be in that directory, or should I provide a way to extract the orig.tar.gz into the precise/ folder?
<Daviey> jamespage: not sure i've seen, https://jenkins.qa.ubuntu.com/view/Precise%20OpenStack%20Testing/job/precise-openstack-essex-deploy/18036/console , before?
<jamespage> brendan0powers, it not required
<jamespage> i.e. its fine to have a packaging only branch if that makes sense
<brendan0powers> Ok, I get a bunch of warning about ignored deleted files when I build the source package
<brendan0powers> The source package builds properly though
<brendan0powers> I assume that's a quilt thing?
<jamespage> hrm - hard to say without seeing it
<brendan0powers> Ok, I'm about to update the bug report with my changes
<jamespage> brendan0powers, OK - I'm out for the next day or so - I'll review on Friday is no-one else picks up in the interim
<brendan0powers> Ok, thanks
<brendan0powers> jamespage: Ok, all the changes to the repository have been pushed, and I just updated the bug report
<brendan0powers> jamespage: Thanks for all your help so far
<Daviey> utlemming: not in #ubuntu-devel?
<SpamapS> zul: have the tests run w/ RabbitMQ 2.7.1 yet?
<SpamapS> zul: I want to update erlang as well.
<zul> SpamapS: yeah they have been running with the openstack-ci the past couple of runs
<zul> SpamapS: no problems so far
<SpamapS> zul: sweet
<SpamapS> hallyn: bump.. I just filed a MIR on ceph, so you should be able to add ceph support to qemu-kvm now
<hallyn> SpamapS: filed?  or filled?
<SpamapS> hallyn: filed
<SpamapS> hallyn: hrm.. does it actually have to be in main for you to link to it?
<SpamapS> I just realized that..
<hallyn> :)
<kklimonda> tjaalton: the comment about versioning for java libraries was my fault - haven't read the package correctly
<kklimonda> tjaalton: I've started playing with ipa-server-install and it's failing spectacularly, as expected - done some hacking, and got it to configure ntp and tomcat6 instance, but it's going to take a lot of work to make it work - and some discussion with the upstream on how to patch distribution-specific things in a sane way
<smoser> rbasak, https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_Local_Hypervisor_.28Maverick.29
<rbasak> thanks!
<smoser> you should be able to read that and provide cloud-init with the data you want.
<smoser> wait
<smoser> not that
<smoser> https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_Local_Hypervisor_Natty_onward
<smoser> the code that makes the iso is in that 'make-iso' and 'user-data' is the user-data that you want to inject.
<rbasak> thanks
<SpamapS> Ooo, mysql cluster 7.2 released
<SpamapS> Perhaps we can resurrect it for precise
 * SpamapS goes off to look for its public bug tracker.. ... 
<jeffrey_> hi, has anyone installed ubuntu server on a computer with a AR8152 chipset NIC?
<adam_g> Daviey: half the cobbler profiles were set to netboot disabled, so juju was only getting half the machines it needed. ive got no idea how that would have happened, reenabled them. ill keep an eye on it
<Daviey> adam_g: golly.
<Daviey> thanks.
<Daviey> adam_g: How did you debug that?
<adam_g> Daviey: https://jenkins.qa.ubuntu.com/view/Precise%20OpenStack%20Testing/job/precise-openstack-essex-deploy/18036/console  toward the end of the juju debug, youll see some services have 'Machine: Pending' which means the provider never returned a machine, those should all be populated with host names
<Daviey> adam_g: right, but hwo ddi you determine it wasa cobbler issue - rather than just 'machine gone away | failed to bootstrap'
<adam_g> Daviey: it doesnt bootstrap, theres always a bootstrap node up. if that 'gone away', there would have been an error and little debug output. machines are shutdown and booted every deploy, so the others shouldn't go away unexpectedly
<koolhead17> adam_g: cobbler system?
<adam_g> koolhead17: yeah
<koolhead17> adam_g: hope i will get it working in precious tomorrow. have wasted 3 days already :(
<stgraber> hallyn: you were up pretty late last night ;) (just saw the comments in the qemu bug)
 * koolhead17 looks at Daviey conversation at #openstack :P
<zul> adam_g: if you missed my email new keystone snapshot in my keystonelight ppa
<hallyn> yeah.  let's hope upstream takes the bisect and runs with it
<Daviey> adam_g: right, sorry - overloaded the term
<ivoks> just a heads up; --public_interface should be 'bridge' interface, not eth0|eth1
<ivoks> lots of (official) docs seems to have an error there
<smoser> utlemming, http://paste.ubuntu.com/843365/ is new i think (at least to me)
<smoser> 'metrics' xml in the met serviceadata
<utlemming> smoser: I believe so.
<utlemming> smoser: Also, it looks like the m1.large got a bit snappier
<smoser> its also interesting to me that the've just shoved it into an older api date
<smoser>   http://instance-data/
<smoser> shows latest field in there is 2011-05-01
<smoser> i'm *certain* i would have seen that metric stuff since then.
<adam_g> zul: note - python-greenlet python-eventlet python-passlib are needed for that KSL package, just to get keystone-all to attempt to start up (still with errors, of course :)
<zul> adam_g: lovely :)
<adam_g> zul: im going to work on that today and put all the packaging work in a branch somewhere in lp:~openstack-ubuntu-testing i suggest we move the testing PPA there, and trigger per-commit builds like we're doing with everythign else
<zul> adam_g: agreed
<WinstonSmith>  
<smoser> rbasak, you were right. cloud-init is buggy with regard to string 'template' for manage_etc_hosts
<rbasak> smoser: thanks for looking!
<rbasak> smoser: I had tried 'yes' as well as I didn't quite follow which semantics I needed. It seemed to me that both would work in my case (no further cloning), but neither did.
<smoser> True would have worked.
<smoser> after next upload, this will do what you want:
<smoser>  #cloud-config
<smoser>  manage_etc_hosts: template
<smoser>  fqdn: superman.brickies.net
<smoser> (assuming of course that you want 'superman.brickies.net' as your hostname, which just makes sense)
 * Corey waves at jeffrubic and smoser 
<jeffrubic> smoser: we'd like to triage: https://bugs.launchpad.net/cloud-init/+bug/927795
<uvirtbot> Launchpad bug 927795 in cloud-init "add Salt support to cloud-init" [Undecided,New]
<jeffrubic> Corey is the debian maintainer of salt
<smoser> ah. hey, jeffrubic
<smoser> fix-committed.
<jeffrubic> we still need to address issue (b)
<jeffrubic> we == me
<smoser> right.
<jeffrubic> and (a) for that matter, but it's easy
<smoser> i fixed 'a'
<jeffrubic> cool, thanks
<jeffrubic> the debian package isn't currently supporting upstart yet, but I've got the script available: https://gist.github.com/1617054
<hallyn> zul: i'm goign to be doing a libvirt upload.  got anything to queue up?
<zul> hallyn: nothing here
<Corey> smoser: What does upstart change in the debian/ubuntu package?
<hallyn> zul: oh, if you have a sec, did you have any objections to my proposed change for bug 475327?  (in comment 6)
<uvirtbot> Launchpad bug 475327 in qemu "qemu -net nic -net tap does not start due to qemu-ifXXX scripts" [Low,Triaged] https://launchpad.net/bugs/475327
<zul> hallyn: none yet :)
<smoser> Corey, nothing really.
<smoser> just this:
<smoser> $ sudo service ssh start; echo $?
<smoser> start: Job is already running: ssh
<smoser> 1
<hallyn> silly me.  i was thinking that was in libvirt until i went to try and make the change :)
<smoser> the typical expectation of a debian package is that if you install it, it starts the service.
<hallyn> qemu is gonna have to wait until i figure out how to fix its libc-induced FTBFS
<smoser> so your install would have started the 'salt-minion' service presumably
<smoser> and then the check_call attempt to start it will exit non-zero
<smoser> at least it would if the package ever changed to being upstartified.
<jeffrubic> after copying the above script to /etc/init
<smoser> that make sense?
<jeffrubic> from where is check_call invoked?
<uvirtbot> New bug: #932991 in nova (main) "nova-api reporting missing images after upgrade" [Undecided,New] https://launchpad.net/bugs/932991
<smoser> jeffrubic, cloudinit/CloudConfig/cc_salt_minion.py
<smoser>      subprocess.check_call(['service', 'salt-minion', 'start'])
<smoser> i'm sorry if i'm not being clear.
<jeffrubic> ok, wasn't sure it it needed to be in the packaging too
<smoser> jeffrubic, well to behave more like a normal debian package, your salt package should ensure that it is running
<smoser> after install
<smoser> i'm not sure if yours does or not
<jeffrubic> Corey's baliwick
<smoser> or if your 'start' script would exit success if already running
<jeffrubic> the deb people are pretty strict, so I'd assume the non-upstart stuff is proper
<smoser> jeffrubic, i'm not sure if there is really strict convention on that
<adam_g> SpamapS: anything funky going on ATM with the mysql-server-5.5. packages in precise?
<henkjan> adam_g: there is some discussion on the ubuntu-server maillinglist to replace mysql-server with mariadb
<SpamapS> adam_g: yes
<SpamapS> adam_g: seeing crashes?
<SpamapS> adam_g: I think I need to switch back to building with gcc 4.5
<henkjan> adam_g: but no decision has been made on that afaik
<adam_g> SpamapS: no, i can't install it: http://paste.ubuntu.com/843460/
<SpamapS> adam_g: looks like the archive just picked up mysql-server-5.5 but not mysql-common
<SpamapS> adam_g: its possible thats because the i386 build failed.. which may be where the _all packages come from
<SpamapS> adam_g: I'm uploading a version that builds with gcc 4.5 again
<adam_g> SpamapS: yea. mysql-common is still at 5.5.17-4ubuntu6
<SpamapS> adam_g: 5.5.20-0ubuntu2 uploaded.. it will take a while to build/test.. :-/
<adam_g> SpamapS: thanks, ill keep an eye on it
<SpamapS> adam_g: specifically you need this one to succeed: https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.20-0ubuntu2/+build/3215214
<adam_g> rbasak: around?
<Ariel88> Hi
<adam_g> zul: ping
<zul> adam_g: pong
<adam_g> zul: the libvirt console pipe patch we have in precise. how was that generated?
<zul> adam_g: its been forward ported from oneiric
<adam_g> zul: it seems to be missing some things that explain bug #929780 and bug #932787
<uvirtbot> Launchpad bug 929780 in nova "console.ring files should not be world readable" [High,New] https://launchpad.net/bugs/929780
<uvirtbot> Launchpad bug 932787 in nova "nova-compute: euca-get-console-output returns no data" [Undecided,Confirmed] https://launchpad.net/bugs/932787
<zul> adam_g: im in the middle of refreshing it again
<adam_g> zul: oh, sweet
<adam_g> zul: who ported it?
<zul> me
<SpamapS> adam_g: amd64 built fine.. i386 should complete shortly
<adam_g> SpamapS: thanks
<uvirtbot> New bug: #933073 in python-keystoneclient (universe) "keystone-client tests fail on RHEL" [Undecided,Invalid] https://launchpad.net/bugs/933073
<SorlaK> hello everyone
<SorlaK> someone can tell how do i "see" the config in the ldap build in  with the 10.04 version
<SpamapS> adam_g: built
<SpamapS> SorlaK: http://launchpad.net/ubuntu/lucid/+source/openldap
<kklimonda> SorlaK: launchpad.net keeps logs of all builds
<SpamapS> SorlaK: you should see in there the list of versions available
<kklimonda> ah, direct link always better :)
<SpamapS> SorlaK: pick the version, then dig down into your architecture, and you'll see the build log
<SpamapS> SorlaK: you can also download the source package with 'apt-get source openldap'
<adam_g> SpamapS: saw that, thanks
<SorlaK> sorry look that i dint explain my self good enought, my bas english is my second leanguage and is rusty
<SorlaK> ......ok.......... really rusty
<SorlaK> what i mean was, in previus version of ldap there it was the slapd.conf file from there i was able to see wihs scheme, modules a overlays where handling the ldap
<SorlaK> but since know uses a dinamyc conf i have no idea how can i find this info
<kklimonda> SorlaK: it's still in /etc/ldap
<kklimonda> SorlaK:  it's just the files stored there are part of the LDAP database and should be edited with ldap tools
<kklimonda> SorlaK: but you can still view them, and even edit them by hand if you shut slapd first
<SorlaK> using cn=config? you said?
<kklimonda> yes
<kklimonda> you can read more about it for example here: http://www.zytrax.com/books/ldap/ch6/slapd-config.html
<kklimonda> and your ldap browser/editor should be able to access, and let you configure it.
<SorlaK> ok thanks i will give a try
<rbasak> adam_g: pong
<adam_g> rbasak: was wondering about the console fifo patch we have in precise/nova
<adam_g> rbasak: but i think its being sorted out
<tjaalton> kklimonda: yep
<tjaalton> Ã¤ppÃ¤
<tjaalton> Ã¤
<tjaalton> oops
<kklimonda> tjaalton: I did add some fixes to pki-core but I can't commit them after all - my acl gives me only read rights on other projects
<tjaalton> kklimonda: so you're not on collab-maint?
<kklimonda> tjaalton: apparently not, I've always assumed that it's enough to get access to one project to have it to all but I've had to misread something
<tjaalton> kklimonda: you could create a personal repo where i can pull from, or just apply for c-m :)
<tjaalton> it's just paperwork
<kklimonda> tjaalton: yeah, I should apply for c-m anyway - I want to keep one of my packages there anyway
<tjaalton> hmm so a lot to upload tomorrow
<tjaalton> oh well, rammstein was worth it
<kklimonda> oh? :)
<kklimonda> I guess rammstein is always worth it :)
<tjaalton> yeah just arrived home from the show, too tired to work on the packages tonight
<kklimonda> tjaalton: are you a DM/DD, or who did you ask to sponsor your collab-maint application who's working on freeipa in debian?
<tjaalton> kklimonda: email the diff to pki-core and i'll integrate it before uploading
<kklimonda> ok
<tjaalton> kklimonda: nope, i guess you can apply from alioth pages somewhere, can't remember
<tjaalton> there's noone else working on these packages (anymore) :)
<kklimonda> tjaalton: wait, I'll just upload branch to github - should be easier then sending patches
<tjaalton> yep
<tjaalton> anyway, too late for me now, i'll check those tomorrow
<kklimonda> tjaalton: https://github.com/kklimonda/pki-core-maint there are 4 patches now - first three are enough to install freeipa-server if I remember correctly, and the last one adds dependency on some perl lib required for setup to work.
<kklimonda> sure, good night :)
<kklimonda> It's also time for me
<tjaalton> yep, night!
<undecim> My server always hangs on "Unpacking x11-common" and the dpkg process ignores even SIGHUP. This doesn't happen with any other package
<undecim> Where is the dpkg .deb cache?
<kklimonda>  /var/cache/apt/archives/
#ubuntu-server 2012-02-16
<rbasak> adam_g: sorry, I got distracted. Yeah, I think zul's on top of it.
<medberry> Has anyone run Russell Coker's postal test (for testing mail servers)? I'm getting md5sum mismatches when running the rabid portion of the test.
<DyeA> hello all, I am configuring postfix on my server and going through the guide on help.ubuntu.com. In the section on configuring postfix it says - Replace 192.168.0.0/24 with the actual network and class range of your mail server. - being a dirty noob to this I don't know what that means... what should i do here?
<DyeA> and then, the actual pre-filled value in the config panel is 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128___
<twb> DyeA: pastebin the output of "ip a".  In particular, you're looking for IPv4 address ranged.
<twb> The pre-filled values are the loopback addresses, i.e. only the local machine will be able to send mail via your new postfix install.
<ovhan> hello , anyone here ever run a minecraft server off of ubuntu?
<twb> !anyone > ovhan
<ubottu> ovhan, please see my private message
<DyeA> twb:http://pastebin.com/jb1myQS5
<ovhan> twb , what did that message mean ??
<DyeA> twb: this eh? 205.186.157.117/32
<twb> DyeA: /32 is a single host
<twb> DyeA: the /N is called a "CIDR block"; look it up on wikipedia when you have time
<DyeA> not sure what that means?
<ovhan> well fine , my question is , HOW do i install a minecraft server on a ubuntu server, links would make me very h appy =)
<DyeA> i don't have a range?
<DyeA> twb: ok i will tonight
<DyeA> so just replace 128 with 205.186.157.117
<twb> DyeA: no.
<twb> Your paste is timing out here.
<DyeA> odd!
<twb> Try paste.debian.net
<twb> nm, works now
<twb> OK, you're an OpenVZ container?
<DyeA> ? media temple ve?
<twb> Please also pastebin output of "ip r"
<DyeA> crap i cant
<DyeA> i am being booted out the door
<DyeA> twb: thanks for the attemp to help!
<DyeA> i will come back to this
<sp4z> has anybody installed the cisco vpn client on ubuntu-server?
<SpamapS> adam_g: all good now with mysql?
<adam_g> SpamapS: yeah, thanks
<user10000> does "bridge_portprio eth1 1" or 100? make connection respond quicker?
<twb> user10000: I have no idea what you're talking about
<user10000> im setting bridge for my interfaces, and i dunno what bridge_portprio means
<ruben23> hi guys i ahve erro on instaling ubuntu server see this error ---> installer cannot figure out how to install base system. no installable cd-rom was found and no valid mirror was configured---> any idea guys..?
<twb> ruben23: what install medium are you booting?
<ruben23> DVD disc..
<ruben23> twb: DVD disc..
<twb> ruben23: what release are you installing?  Is the DVD drive connected via SATA, PATA, or what?
<ruben23> twb: any idea what could be the problem..?
<ruben23> its conencted with SATA II..- hdd
<ruben23> realease installing- Ubuntu server 10.04 LTS
<twb> ruben23: older releases cannot install from SATA CD/DVD drives.  I do not remember if that includes lucid.
<ruben23> so i need to used higher release..?
<twb> ruben23: you could try booting from USB key instead
<ruben23> twb: could this be write error....?
<ruben23> on the disk..
<twb> Unlikely
<twb> Download http://archive.ubuntu.com/ubuntu/dists/lucid/main/installer-amd64/current/images/netboot/boot.img.gz ; gunzip it; dd it onto a USB key.  That is a minimal image so you will need ethernet (not wifi) to complete the install.
<qman___> lucid can install from SATA CDs
<twb> qman___: OK, thanks.
<qman___> I want to say hardy could too, but that's near where the mark was
<ruben23> thanks guys, i will try nw with usb
<twb> ruben23: don't forget to dd it to /dev/sdz (the key), not /dev/sdz1 (the partition on the key).  This will, obviously, trash any data already on the key.
<DyeA> twb: are you still available for help?
<twb> If you don't mind me swearing at the same time
<twb> Grub is being even more of an annoying fucktard than usual
<DyeA> lol thats fine
<DyeA> twb: paste updated with ip r
<DyeA> http://pastebin.com/tVrXx9hV
<twb> wtf
<DyeA> ummm yes?
<twb> Your VM is weird
<DyeA> is it?
<twb> That's saying you have an IP of 205.186.157.117, and... something like a point-to-point peer, but not actually one, being 192.255.255.1
<twb> According to that your VE doesn't even HAVE a local network
<DyeA> ahhh (nods head knowingly)
<DyeA> well i have a second ve machine that I configured mail on, and on that one i just accepted the default value and it sends mail, but not knowing what the f is going on bugs me so I thought i would ask for help on this one
<DyeA> plus this one has a client site on it instead so even more reason to know whats going on with this one
<twb> If you're just making satellite nodes and not MTAs, just configure them to relay all mail the the smarthost
<twb> You probably don't even need postfix, just msmtp-mta
<DyeA> im not sure what you just said but its a standalone server not a "satellite node"?
<twb> DyeA: normally on a network you have one "real" MTA, and the rest just send all their mail to it.
<DyeA> ahh ok so if i had multiple servers I would install postfix on one and send mail from other servers through it?
<DyeA> or just have a dedicated mail server
<DyeA> Thats not my situation though, i have my personal server where I accepted the default value and mailing works and  I have this other one for work where I stopped in the middle of the install to figure out what the correct way to do it was
<DyeA> twb:Well thanks for giving it a go
<Daviey> smoser: your shell script, you didn't incremete uuid?
<smoser> i did
<smoser> calling uuid gets unique each time
<smoser> $(uuid)
<smoser> i dont insert the id field so it auto inccrements
 * Daviey installs uuid
<Daviey> that is better :)
<Daviey> smoser: what did you do to screw your devenv?
<smoser> i wiped it
<smoser> and assumed that i could re-run devstack
<Daviey> hah
<Daviey> smoser: no bottleneck for me
<Daviey> smoser: instance number i-585
<smoser> you *ran* 585 instances?
<Daviey> smoser: no, your code
<smoser> what times does it give for wget ?
<Daviey> real    0m 0.32s
<Daviey> smoser: re-running populate.sh
<smoser> hm..
<Daviey> smoser: yep, and still face
<smoser> face?
<Daviey> err, fast
<Daviey> smoser: it does grow fast with demand
<Daviey> smoser: the issue i think is that it just does not scale
<Daviey> while [ 1 ] ; do echo $(time wget http://169.254.169.254/2009-04-04/meta-data/instance-id -O /dev/null 2>&1 | grep real) &  done
<smoser> Daviey, .32 seconds is "normal" in my experience on my devstack systems.
<smoser> with a dozen or less instances (which is wnat i've only ever tested)
<Daviey> smoser: one instance, hammering the service..
<smoser> well that is just going to oom it or something.
<smoser> but thats not the issue IS was seeing.
<smoser> probably a valid DOS concern
<smoser> but not related.
<Daviey> sure?
<Daviey> I was suprised how quickly it grew
<Daviey> http://paste.ubuntu.com/843936/
<smoser> python -c 'import boto.utils; print boto.utils.get_instance_metadata();'
<Daviey> smoser: turns out cirros isn't the way of the future, has no python :)
<Daviey> i could run it from the host i guess
<smoser> your wile loop above is going to fork-bomb the instance
<Daviey> smoser: i killed it before it had a chance
<Daviey> that isn't the concern right now.
<Daviey> It's how quickly it grew makes me wonder
<smoser> wait.
<smoser> your first one was at 4 seconds there.
<smoser> well. i gues the others were in on it too.
<smoser> run it again
<smoser> after all things settled
<smoser> what is it?
<Daviey> http://paste.ubuntu.com/843938/
<Daviey> smoser: it just seems suspicious that it is starting to show numbers we are expecting
<smoser> i'm conused.
<smoser> it *is*
<smoser> anything over .3 is horrid
<smoser> you're seeing 4 second
<Daviey> smoser: yep, with concurrent hits
<Daviey> i think it's a scale issue
<smoser> well there is clearly a scale issue.
<smoser> but IS wasn't seeing that.
<smoser> there was no huge load
<smoser> they were fireing up 1 instance
<smoser> or 2
<smoser> or 3
<smoser> and serially inside that instance crawling the MD
<smoser> nothing like you're doing
<Daviey> smoser: i am not convinced
<smoser> Daviey, go to a canonistack instance *right now*
<smoser> and try it
<smoser> its 3 second return
<smoser> and there is no load
<Daviey> just running wget http:/etc & , UP enter, a few times i'm seeing 3-4 second requests
<smoser> do it serially
<Daviey> smoser: sure there is no load?
<smoser> why would there be?
<smoser> and elmo said ther ewas not.
<Daviey> hmm ok
<smoser> on canonistack
<smoser> you will consistently get 3 second
<smoser> or maybe 5
<smoser> do it in a loop
<Daviey> Is elmo no load and openstack no load compariable?
<Daviey> as in, ~5 concurrent GET's is 'no load' IMO, but not according to openstack
<smoser> i have no idea what you're saying
<smoser> do this:
<smoser> you're in cirros?
<Daviey> yes
<smoser> i=0; max=50; while i=$(($i+1)) && [ $i -lt $max ]; do time ec2metadata --instance-id ; done
<Daviey> 0.30s 0> 0.85s
<Daviey> varying 0.30s -> 0.85s
<Daviey> smoser: interesting... it does use amqp for each request.
<smoser> uhoh
<smoser> daviey is concerned that smoser might be right
<Daviey> in what regard?
<smoser> thats what i initally reported as the problem.
<Daviey> smoser: no, you said you were being spammed after running the sql?
<Daviey> smoser: I'm seeing civilised behaviour, http://pb.daviey.com/0QYZ/ .. msg contruct, msg send, msg recieve, handle. .. but that does not scale IMO.
<smoser> no. not after running the sql.
<smoser> hm... well i saw all sorts of those
<smoser> when i did a wget
<smoser> from the instance.
<Daviey> i wonder if it's possible to get a measurement of the amqp bus.
<Daviey> smoser: i need to EoD
<Daviey> o/
<smoser> good night.
<smoser> this sucks.
<linocisco> hi alll, I would like to set up wifi which do not require any wifi client's browser's to set proxy and port entry. what do I do?
<adam_g> smoser: sup
<smoser> i got it sorted.
<smoser> i was using devstack from https://github.com/cloudbuilders/devstack
<smoser> not https://github.com/openstack-dev/devstack
<linocisco> hi alll, I would like to set up wifi which do not require any wifi client's browser's to set proxy and port entry. what do I do?
<adam_g> smoser: wtf is openstack-dev?
<smoser> no idea.
<smoser> but it had what i needed
<smoser> :)
<adam_g> smoser: you're using the original keystone or KSL?
<smoser> KSL
<smoser> adam_g, openstack-dev is what 'stack.org' documents
<smoser> http://devstack.org
<adam_g> weird
<linocisco> hi alll, I would like to set up wifi which do not require any wifi client's browser's to set proxy and port entry. what do I do?
<adam_g> smoser: were you able to reproduce the crappy metadata response time?
<adam_g> im about to poke it on the CI hardware while its quiet
<smoser> not really. daviey seemed to see some issues with it under load
<smoser> but i really dont think its load that causes it.
<smoser> i mean *any* given request is taking 3 seconds
<smoser> adam_g, i've got to go to bed.
<adam_g> smoser: hmmm. its a lot quicker for me, 3s for a whole ec2metadata run, .035s a request
<adam_g> g'night
<linocisco> hi all, i have two ISP IPs,  172.10.10.1  and 172.20.20.1. THey can ping each other. I put 2nd ip (20.1) to wifi router WAN port and office uses local LAN network  (192.168.1.0). I can't ping from 1st ISP to local address. How can I make it ping using ubuntu server?
<Kismac> linocisco: what does arp say?
<josePhoenix> Has anyone else experienced this bug? It seems to still be open: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646620
<uvirtbot> Debian bug 646620 in unattended-upgrades "apt-get defunct when run on unattended-upgrades" [Critical,Open]
<josePhoenix> It seems to be describing exactly what's going on here.
<twb> Anybody remember offhand if lucid can drive an rtl8111e?
<soren> twb: You mean amd8111e?
<soren> twb: Or actually rtl8111e?
<twb> rtl8111e, the nic
<soren> I don't even see such a driver in Precise.
<twb> It's probably folded into rtl8xxx something
<soren> Do you have PCI ID's?
<twb> No I don't have the device yet
<soren> Ah.
<twb> rtl8xxx series is the realtek gige nics
<twb> usually on boards too stingy to get e1000s
<hallyn> stgraber: utlemming: need to test, but thinking of pushing lp:~serge-hallyn/ubuntu/precise/lxc/merge-utlemming-and-more tomorrow
<linocisco> Kismac no arp tested
<linocisco> does anybody tweak http://www.visionsystems.de/produkte/3175.html ?
<linocisco> anybody with EMRunner 5622 's experience?? it is ubuntu based settop box . nothing can be customized
<koolhead11> hi all
<RootChaos> i keep on getting these messages whilst trying to do apt-get update
<RootChaos> 99% [6 Sources bzip2 0B] [Connecting to security.ubuntu.com (91.189.92.167)] 1,262B/s 0sbzip2: (stdin) is not a bzip2 file.
<RootChaos> Err http://security.ubuntu.com lucid-security/universe Sources
<RootChaos> Sub-process /bin/bzip2 returned an error code (2)
<RootChaos> any ideas ?
<koolhead11> RootChaos: cat /etc/lsb-release
<RootChaos> DISTRIB_ID=Ubuntu
<RootChaos> DISTRIB_RELEASE=10.04
<RootChaos> DISTRIB_CODENAME=lucid
<RootChaos> DISTRIB_DESCRIPTION="Ubuntu 10.04.3 LTS"
<koolhead11> RootChaos: looks fine to me. can you ping machine security.ubuntu.com
<_ruben> RootChaos: you either have a misbehaving proxy in between, or the archive got corrupted (tho i really doubt it's the latter)
<RootChaos> root@nms:/etc/squid# ping security.ubuntu.com
<RootChaos> 64 bytes from bignay.canonical.com (91.189.92.167): icmp_seq=2 ttl=50 time=794 ms
<RootChaos> 64 bytes from bignay.canonical.com (91.189.92.167): icmp_seq=3 ttl=50 time=894 ms
<RootChaos> 64 bytes from bignay.canonical.com (91.189.92.167): icmp_seq=5 ttl=50 time=815 ms
<RootChaos> it could be proxy through
<RootChaos> ok, let me look into that part frist
<RootChaos> thanks
<RootChaos> eeeck, seems like a proxy issue
<RootChaos> routed traffic elswhere,, now seems to work fine
<RootChaos> Get:1 http://security.ubuntu.com lucid-security/main Packages [372kB]
<RootChaos> Get:2 http://security.ubuntu.com lucid-security/restricted Packages [14B]
<RootChaos> thanks guys
<_ruben> np :)
<linocisco> hi
<koolhead11> hi
<afuentes> suddenly all of my servers stopped showing /etc/motd.tail i noticed in some of the it got renamed to motd.tail.old... after a few minutes, it started working again
<afuentes> i googled a little bit the issue without luck...
<afuentes> can anybody clue me in what happened?
<linocisco> hi
<onekenthomas> niihau
<linocisco> hi
<phretor> "sudo mount -o rw,remount / -> mount: cannot remount block device /dev/sda2 read-write, is write-protected" - will I still be able to remount rw the / without physical access to the machine?
<_ruben> you'll need to figure out why /dev/sda2 is read-only
<kraut> phretor: there is a reason for write-protect
<kraut> phretor: dmesg should tell you why
<kraut> phretor: maybe broken disk or problems to access the disc, i.e. problem with your hba
<_ruben> in my experience it tends to be related to overloaded storage arrays causing too long delays, i tend to just reboot the vm and it'll be back to normal :)
<kraut> sure but i would double-check this because it could also another problem and he could be able to backup data at the moment
<phretor> kraut: http://paste.pocoo.org/show/551903/
<koolhead11> rabbitmq-server uses upstart isn`t it
<koolhead11> now when i do /etc/init.d/rabbitmq-server i get msg on screen "Stopping rabbitmq-server: RabbitMQ is not running rabbitmq-server."
<koolhead11> am using oneiric, going to test the same on precious now
 * koolhead11 wonders if anyone is here
 * RoyK wonders slightly about the best way to do a clean drive kill - this drive has been 'erronous' for some time, but not enough for warranty...
<koolhead11> RoyK: any idea where can i see info about a pkg as it uses upstart or sysv
<koolhead11> apt-cache showpkg  doen not mention tht
<koolhead11> :(
<afuentes> I make apt-get remove --purge dhcp3-relay, after that i dpkg -l dhcp3-relay and i get this --> rc  dhcp3-relay (r=removed, c=configurationfile)
<afuentes> why its not purging the package?
<Vivek> What is this new component called mass in the Ubuntu Orchestra Suite ?
<Vivek> https://wiki.ubuntu.com/ServerTeam/Orchestra
<Vivek> https://launchpad.net/mass says 'Page not found'.
<RoyK> hm... I have this disk here, 7200rpm, that fails sometimes, sometimes not, so in an attempt to reproduce things, I grab the drive while it's spinning and yank it hard to the side, repeat, suddenly I can reproduce the failure without any problem...
<uvirtbot`> New bug: #933480 in openssh (main) "Picks hmac-md5 over hmac-sha1" [Undecided,New] https://launchpad.net/bugs/933480
<stgraber> hallyn: looking
<stgraber> hallyn: looks reasonable. What happens if you have multiple network devices defined in your .conf or if you have none?
<stgraber> hallyn: also, one unrelated thing I noticed the other day, we should probably flush and re-generate the SSH keys when creating a container
<zul> Daviey: keystone should build in the openstack-ci now, it was missing a dep
<zul> er...once its re-enabled
<hallyn> stgraber: hm, if multiple nics, I guess my change will only assign a hwaddr for one?
<hallyn> yeah, really, i'm not happy with how i've got it
<hallyn> more to the point what if the user wants no network
<hallyn> suppose i could count the # of lxc.network.type entires inthe config file at create, but...  yuck
<hallyn> stgraber: what do you think?  should i just add one hwaddr entry, only if there is at least one lxc.network entry?
<stgraber> hallyn: I guess the safest is to add a hwaddr entry if there's exactly one lxc.network.type entry of type veth
<stgraber> hallyn: so then we don't have to worry about the corner cases, like 'none', 'phys' or any similar network option where you don't want to change the mac
<hallyn> and if there are more, assume the schlep knows what he's doing?
<hallyn> stgraber: new version pushed but not tested
<hallyn> stgraber: btw, the udev containers fix, that's the one still sitting in the packaging branch waiting on upstart fix for arm+ppc right?
<stgraber> hallyn: yeah, anyone with more than one network already had to read the manpage and do manual changes :)
<rbasak> jamespage: around? I have a build failure due to the -Wl,--as-needed thing but am struggling to understand the Debian wiki page in order to fix it.
<stgraber> hallyn: yes, I need to check that upstart built fine with the new version and if it did, upload udev
<hallyn> stgraber: btw i didn't understand what you actually meant about the ssh keys
<hallyn> oh you mean the host keys?
<stgraber> yeah
<stgraber> ok, so new upstart built on armel, but still not on armhf and powerpc ...
<hallyn> stgraber: would you want to do the same locale fix that utlemming did in ubuntu-cloud?
<hallyn> i forget where we left that
<stgraber> I think it'd be nice yes, but I won't have any time to look at it today :(
<hallyn> and by we i mean you doing the work and me back-seat driving
<hallyn> ok
<hallyn> so i'll test my new upload and push?
<hallyn> utlemming: ^ would like your confirmation that you hadn't made more changes
<stgraber> hallyn: yep, sounds good
<stgraber> hallyn: if the locale issue annoys me too much, I'll file a bug about it and fix it as bugfix post-FF
<hallyn> stgraber: last thing - ssh key injection (like ubuntu-cloud now does)?
<hallyn> i dont know if that's key to some people's automation....
<stgraber> hallyn: not having a non-C locale can in some cases give you data corruption in databases and makes perl complain a lot, so can probably be considered bugfix
<stgraber> hallyn: well, if all it does is copy a key to authorized_keys, it's simple enough and won't hurt to add
<stgraber> hallyn: I'm guessing people doing heavy automation probably either have custom templates or just cp stuff in the container directly ;)
<hallyn> you apparently didn't look closely at how many commits it took me to get the network thing right just now :)
<hallyn> stgraber: the ubuntu-cloud image doesn't append the authorized_keys, but overwrites it.  i guess that's fine though
<stgraber> hallyn: yep
<hallyn> all right i'll copy that code in to the same patch
<hallyn> thanks, ttyl :)
<stgraber> thanks for all the work, ... Feature Freeze day is crazy ... ;)
<hallyn> ff is when?  2100?
<koolhead11> Daviey: got few mintues
<Daviey> koolhead11: yah
<koolhead11> Daviey: its about rabbitmq-server package. http://paste.ubuntu.com/844508/  Is it a bug?
<koolhead11> i tried it in precious/oneiric both
<koolhead11> unlike other services it should say you have non-root privileges and use upstart i suppose
<koolhead11> *like
<Daviey> koolhead11: does it /actually/ stop the service?
<koolhead11> Daviey: no. just gives wrong information :(
<koolhead11> and it gives error message when i use it with upstart in non-root privileges
<koolhead11> so this /etc/init.d/rabbitmq-server <result> is incorrect
<Daviey> koolhead11: yeah, sounds like a bug - report it, and attach a patch
<koolhead11> ok. sir
<mastro> hi there: i installed ubuntu server, now Added on /etc/fstab a NFS disk. tested then rebooted.. at boot time it is not mounted but if I execut mount -a it get mounted so the configuration is fine. it's a virtualmachine receiving the eth0 IP from DHCP I only connect through SSH..
<mastro> no network manager nor gui installed
<mastro> I need the NFS disk to be mounted BEFORE the SSH server is brought up
<TeTeT> mastro: guess you can change the upstart ssh job to wait for mountall-net?
<mastro> TeTeT, ok.. but before that I need to make my NFS to actually mount at boot time so why isn't it mounting?
<mastro> TeTeT, https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/275451/comments/42 <--- is this still in place?
<uvirtbot`> Launchpad bug 275451 in sysvinit "nfs mounts specified in fstab is not mounted on boot. " [Undecided,Invalid]
<TeTeT> mastro: I doubt it, it's a very old bug and also invalid
<mastro> https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/275451
<TeTeT> mastro: what release do you use? oneiric?
<mastro> TeTeT, if you read it careful you see they just closed it because it was open since 2008
<mastro> Michael Thompson (mike-thompson) wrote on 2011-06-02: I as well have been plagued by this problem (NFS mounts failing on bootup) ever since upstart was introduced to Ubuntu.
<TeTeT> mastro: it's for sysvinit, mount is done via upstart now
<mastro> TeTeT, can you help me debug why this isn't mounting? I never had this issues.. first time using ubuntu server
<mastro> well.. first time with NFS
<TeTeT> mastro: maybe you want to check the mountall--net.conf and add some debugging info there. for example if the mountall script is still running when it is called
<mastro> TeTeT, hum.. ok let's try adding some "echo"
<TeTeT> mastro: not sure you'll see any echo. what about 'ps aux | grep mountall > /tmp/nfs-debug.$$'
<TeTeT> mastro: so you see in /tmp/nfs-debug.* if the mountall process was still running when the job was called
<mastro> TeTeT, apparently I fixed following a suggestion in #ubuntu, I added the _netdev argument in fstab
<TeTeT> mastro: cool, didn't know about _netdev actually
<mastro> TeTeT, never had to use _netdev in other system, do you know which software use it?
<TeTeT> mastro: man mount
<mastro> TeTeT, In other distro I didn't have to use it, I'm asking if this is something "new" or why on ubuntu it is needed, even the official nfs documentation do not say it is needed: http://nfs.sourceforge.net/nfs-howto/ar01s04.html
<TeTeT> mastro: I do not know. maybe it's a new mount option that is not available in older versions of mount
<mastro> TeTeT, I thought it was fixed but it's random...
<mastro> TeTeT, I tried to add mount /mnt/repos on rc.local logging on a file this is the output when failing http://pastebin.com/JV68NksG
<TeTeT> mastro: maybe a race between mountall.net and statd?
<stgraber> hallyn: yep, 21:00 UTC
<TeTeT> mastro: can you file a bug with this info and your problem on Launchpad against mount? maybe some developer has an idea
<mastro> TeTeT, no problem in creating the bug.. but I need a workaround :/
<TeTeT> mastro: maybe add an 'emit statd-started' to /etc/init/statd.conf and wait for it in mountall-net.conf
<TeTeT> mastro: I'm no upstart wizard, so you might want to check that first
<mastro> TeTeT, ok I'll open the bug then try
<mastro> TeTeT, sorry but.... how do I report a bug without Ubuntu CLIENT installed?
<TeTeT> mastro: use the webinterface, let me get the URL for you
<mastro> https://bugs.launchpad.net/ubuntu <--- I'm registered but I don't see how to create a bug from here, clicking "report a bug" bring me to the wiki
<TeTeT> mastro: I get timeouts on LP right now
<mastro> TeTeT, https://bugs.launchpad.net/ubuntu/+filebug/?no-redirect
<TeTeT> mastro: https://bugs.launchpad.net/ubuntu/+source/mountall/+filebug
<TeTeT> mastro: this way you file it against mountall, which hopefully is the correct package
<kklimonda> mastro: most of the time you should be using ubuntu-bug to report the bug
<mastro> TeTeT, https://bugs.launchpad.net/ubuntu/+bug/933575
<uvirtbot`> Launchpad bug 933575 in ubuntu "NFS not being mounted at boot time - rpc.statd is not running but is required for remote locking" [Undecided,New]
<mastro> TeTeT, sorry I read it after filing the bug
<mastro> kklimonda, I don't use ubuntu on my PC the only ubuntu I have are ubuntu server on some virtual machine with no gui
<mastro> kklimonda, and I think assuming an user will have the GUI installed when firing a bug is not very cleaver, what if the bug is in INSTALLING ubuntu in the first place?
<mastro> TeTeT, there is an /etc/init/statd-mounting.conf and it has this as header comment: description "Block the mounting event for NFS filesytems until statd is running"
<kklimonda> mastro: ubuntu-bug works fine without UI
<kklimonda> mastro: you can either use links, or if it does't work (it did some time ago, haven't tested it recently) you can copy url returned by ubuntu-bug and open it in your browser on another computer
<TeTeT> mastro: maybe it's not always working
<mastro> kklimonda, I don't see why
<kklimonda> mastro: it gathers some useful informations (like package version and all installed dependencies) that make triaging bug easier for developers
<mastro> kklimonda, also, it is not explained in the wiki page and it doesn't solve the issue if your client doesn't have ubuntu / the issue was in installing ubuntu
<mastro> TeTeT, :/
<kklimonda> mastro: yes, it doesn't solve all problems, that's why we have ?no-direrect - but it should be used as the last resort
<mastro> kklimonda, not very easy to find anyway
<kklimonda> yes, it's hidden at the end of the wiki page also for that reason - we just receive so much bugs, using apport makes it easier for us to process them
<mastro> TeTeT, I modified the package to mountall
<TeTeT> mastro: working now? if so add the work-around to the bug report please
<mastro> TeTeT, no not working
<mastro> TeTeT, I did it in a really ugly way, by a crontab entry that run at @reboot and a script that keep trying mount -a every 5 seconds until it find a file .check in the mount point
<mastro> :/
<TeTeT> mastro: hmm, if you want something quick & dirty, go the rc.local path. check if the mount is there and if not, mount it
<Vivek> Daviey: Are you around ?
<Vivek>  Daviey: https://launchpad.net/mass is showing me a Page not found message.
<Vivek> Daviey: Is this a new component in OpenStack ?
<mastro> TeTeT, that was my FIRST solution as you see in the bug report that DID NOT worked...
<mastro> kklimonda, is there a way to collect the bug report with that tool to a file and attach it to the bug report in a second time?
<mastro> kklimonda, for instance: ubuntu-bug --> choice 5 (other) --> Error: No package specified You need to specify a package or a PID. See --help for more information
<mastro> lol
<kklimonda> mastro: there is apport-collect for gathering additional info for the existing bug report
<kklimonda> mastro: and you can save data gathered by ubuntu-bug to /tmp instead of sending it to LP (if your server has no internet connection etc.)(
<mastro> kklimonda, what about the error above?
<kklimonda> mastro: you have to call ubuntu-bug with either package name or program pid for it to work
<kklimonda> mastro: that's what the error is saying
<mastro> kklimonda, and what if I don't know a package and have not any pid? anyway I used apport-collect https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/933575
<uvirtbot`> Launchpad bug 933575 in mountall "NFS not being mounted at boot time - rpc.statd is not running but is required for remote locking" [Undecided,New]
<kklimonda> mastro: if you don't know the package then you can't really report the bug anyway
<kklimonda> (reporting bugs against Ubuntu project isn't really helpful)
<undecim> I need a quick and dirty way to limit my server's bandwidth to a few KB
<undecim> momentarily*
<undecim> or perhaps limit IO on a given device
<undecim> but the latter might cause more problems for me
<TeTeT> mastro: any luck with modifying the scripts?
<mastro> TeTeT, ?
<TeTeT> mastro: for the nfs mount problem
<mastro> TeTeT, I'm not modifying any script anymore.. I'm fine with my workaround until the bug is fixed
<TeTeT> mastro: ok
<TeTeT> mastro: can you quantify in the bug how often the mount was absent and how often present?
<mastro> TeTeT, sure
<hallyn> zul: hey
<hallyn> zul: have you been using the libvirt 0.9.9?
<hallyn> (apparently i'm using it here and didn't realize it :)
<hallyn> zul: today's the last day to upload it, i think
<adam_g> smoser: can you please +1 this if this got you going last night: https://review.openstack.org/#change,4149
<smoser> its notmuch value, but ok
<adam_g> smoser: also i was playing with the meta-data handler last night. as it is, a single request turns into the handler gathering all metadata for instance from every possible source (db, amqp calls to network, compute, both), then returning only the bit that was requested.
<smoser> adam_g, right.
<smoser> that is known.
<smoser> (i didn't know it did ampq, and i assume that is the huge slow down)
<smoser> here...
<smoser> https://review.openstack.org/#change,809
<smoser> that needs cleanup
<smoser> but it has some benefits.
<smoser> adam_g, why does it do ampq ?
<adam_g> smoser: network_api.get_floating_ips_by_fixed_address(context, fixed_ip)  stuff like that and compute_api.* end up as messages on the queue
<tjaalton> kklimonda: got collab-maint already?-)
<adam_g> smoser: i was playing with api/metadata/handler.py last night, not anything in the ec2 pipeline
<zul> hallyn: yeah ive been using it, i dont think there is any big difference between the version we have in the archive and the ppa so I dont see the point
<hallyn> zul: ok, so we'll stick with 0.9.8
<hallyn> jjohansen: is apparmor able to filter bind to abstract unix socks based on name?
<hallyn> stgraber: have you used macvlan or vlan in containers?
<jjohansen> hallyn: not in precise
<stgraber> hallyn: nope
<hallyn> jjohansen: ok, thanks
<hallyn> stgraber: ok.  i'm looking for the easiest way to start a container and have it visible to other machines on the lan
<hallyn> i *assume* macvlan would accomplish that...
<uvirtbot`> New bug: #933656 in euca2ools (main) "euca-describe-instances --ipv4 does not include public ip address" [Undecided,New] https://launchpad.net/bugs/933656
<adam_g> zul: regarding bug 931236, the dbconfig-common stuff was taken from debian, no?
<uvirtbot`> Launchpad bug 931236 in keystone "keystone install is unnecessarily interactive" [Medium,Confirmed] https://launchpad.net/bugs/931236
<uvirtbot`> New bug: #578283 in asterisk (universe) "[needs-packaging] asterisk-moh-opsound, asterisk-core-sounds" [Wishlist,Fix released] https://launchpad.net/bugs/578283
<zul> correct
<uvirtbot`> New bug: #579045 in asterisk "[needs-packaging] openr2 -- MFC/R2 call setup library" [Wishlist,Fix released] https://launchpad.net/bugs/579045
<adam_g> zul: are there plans to do the same for other projects like glance/nova?
<zul> adam_g: it was in the back of my mind but im still mulling it over
<adam_g> hmm
<adam_g> is there a way of avoiding that using debconf?
<zul> adam_g: yeah you can probably set the debconf priority level
<adam_g> zul: ah, also: which is the correct place for KSL now: lp:~ubuntu-server-dev/keystone/essex or keystone/ksl ?
<zul> adam_g: essex
<adam_g> k
<zul> ill delete the other branch
<mtaylor> hey guys - if an oneiric server has been installed with byobu byobu/launch-by-default boolean true in its preseed, how do I globally disable it?
<mtaylor> (I know how to disable it per-user, but I'd like to know how to switch the system setting to what it would be if I'd set that preseed option to false)
<mtaylor> is it just a matter of deleting the file from /etc/profile.d?
<TeTeT> mtaylor: maybe you can try dpkg-reconfigure byobu and see if there's an option presented
<TeTeT> mtaylor: if the question is not raised, try different priorities (-plow, don't remember the others)
<zul> mtaylor: i think you can use byobu-config to disable it
<smoser> mtaylor, dpkg-reconfigure byobu ?
<smoser> yeah
<smoser> ah.
<smoser> duh.
<smoser> mtaylor, http://askubuntu.com/questions/63118/how-to-remove-bottom-information-panel-in-terminal-window-on-ubuntu-server-ami-i/63166#63166
<kirkland> mtaylor: yeah, dpkg-reconfigure byobu
<mjfork> anyone here expereinced an "Alias already defined" message from an include file in sudoers.d?  It is in the file a single time.  I cannot track down teh error
<mgw> i'm looking for some input on how to manage non-cobbler managed DNS in a cobbler managed BIND setup
<mgw> That is, DNS records that are not created by cobbler
<mgw> is there any provision for cobbler+bind for handling such dns records (cname, ptr, srv, etc)? Or should I just hack up named.template etc?
<gary_poster> hallyn, hi.  We had some times when sshd was not ready in lxc-start-ephemeral, so it would fail unnecessarily.  Graham Binns just gave us http://pastebin.ubuntu.com/844925 (see lines 143-164).  I have to run, but will be back in about 30--we can chat to see if we can get something like this included
<uvirtbot`> New bug: #933723 in bind9 (main) "resolvconf creating bogus resolv.conf file" [Undecided,New] https://launchpad.net/bugs/933723
<mgw> ok, so i've decided the best way to do what I'm trying is to add custom zone_templates in /etc/cobbler â but is there a way to get cobbler sync to pick up zone templates that don't have any host records?
<mgw> meaning, no systems that use that domain
<mtaylor> kirkland: thanks
<uvirtbot`> New bug: #933779 in lxc (universe) "lxc-start-ephemeral intermittently fails to connect to container" [Undecided,New] https://launchpad.net/bugs/933779
<smelo> Greetings channel.  Is there a Ubuntu way to reconfigure a base install? (re-ip, re-name, re-key). Something along the lines of `dpkg-reconfigure base-system`?  I've cloned a template and need to reset the ip, hostname, ssh keys
<uvirtbot`> New bug: #869635 in network-manager (main) "long delay at shutdown/reboot - network-manager doesn't close correctly" [High,In progress] https://launchpad.net/bugs/869635
<hallyn> gary_poster: looks reasonable.  thanks
<flagg0204> when using preseed files for automated installation is it possible to use  a custome location for a users homedirectroy, during the account creation part
<gary_poster> cool hallyn, thanks.  You probably saw I filed 933779 if you want to track it there.  Have a good night
<hallyn> gary_poster: thanks.  I'll upload that precise fix in probably 2 hours - gnight
<nevreiser> helo room. i have a concern about the alleged intended attack on the main DNS servers. can this UDP attack to spoof IP updates actually really work to disrupt network traffic or is here some way to block it ever being a problem?
<uvirtbot`> New bug: #933827 in samba (main) "smbd does not log anything to /var/log" [Undecided,New] https://launchpad.net/bugs/933827
<hallyn> gary_poster: fix uploaded
<neohippie>  hi, i've created a group and i have added my user to the group using 'sudo usermod -aG group username' but when i type 'groups' I don't show as a member of the group. Any ideas as to why?
<Daviey> smoser: nova ip addresses displaying is totally sckewed
<RoyK> what web server would you guys recommend for a small or tiny vm for use with php? nginx or lighty?
<Thermionix> nginx
<Thermionix> with php-fpm
<adam_g> Daviey: wrt to bug 933818 ?
<uvirtbot`> Launchpad bug 933818 in nova "public-ipv4 metadata url not working" [Undecided,Confirmed] https://launchpad.net/bugs/933818
<Daviey> adam_g: might be related, http://pb.daviey.com/Bmx4/
<Daviey> floating_ip is null, for some reason
<adam_g> Daviey: floating ips association doesnt update the iinstance info cache
<adam_g> (for some reason)
#ubuntu-server 2012-02-17
<Daviey> adam_g: it does,             i['dnsName'] = i['publicDnsName'] or i['privateDnsName']
<Daviey> and public is null, therefore using private.. so it's an issue higher in the stack
<adam_g> Daviey: in terms of that bug:  http://paste.ubuntu.com/845172/
<adam_g> Daviey: in api/ec2/ec2utils.py   avoiding that first attempt calls to the network driver for the actual info, and returns the correct floating_ip
<Daviey> adam_g: that function is failing?
<adam_g> $ echo $(curl -s http://169.254.169.254/2008-02-01/meta-data/public-ipv4)
<adam_g> 192.168.20.225
<adam_g> its not failing
<Daviey> adam_g: are you working on a fix for that?
<adam_g> according to the cache, the floating ip is not associated with the instance, its associated some time after the cache is populated
<adam_g> it gets an outdated cache hit
<Daviey> adam_g: i wonder if, my case, it's because i keep restartng the api service
<adam_g> Daviey: just trying to triage a bit
<adam_g> Daviey: what do you mean? whats restarting the api server do?
<Daviey> adam_g: where is the cache stored, ad flushed?
<Daviey> and*
<adam_g> Daviey: its stored in the database, see InstanceInfoCache(BASE, NovaBase) in db/sqlalchemy/models.py
<adam_g> Daviey: AFAICS, it only stores network info. im not sure if or when the proper place to update it is
<Daviey> adam_g: ah
<Daviey> adam_g: confirmed, that if i force a fallback - it returns the correct value
<Daviey> adam_g: therefore, i assume it used to faill, but now returns Null.
<Daviey> I'm guessing after the first attempt, it's cached.
<Daviey> adam_g: http://pb.daviey.com/bJ2Y/
<adam_g> Daviey: the ip info returned form those get_* functions is more than just the IP you want, it contains both fixed and floating. so an empty floating_ip list just means there are no associated floating_ips, which there aren't when the instance is created / cache initially populated
<Daviey> ah
<Daviey> adam_g: http://pb.daviey.com/qcQx/
<Daviey> adam_g: so the odd thing is, it IS cached after a successful run
<adam_g> Daviey: weird. a successful run, meaning, a fallback to the network_api?
<Daviey> adam_g: that is what i think
<Daviey> adam_g: new instance, without a floating_ip and the original one with http://pb.daviey.com/zO5j/
<Daviey> adam_g: so, run-instance produced a FAIL (expected, as it doesn't have an address at reserve time)
<adam_g> Daviey: ah, hmm. ill tryo with a fresh instance
<Daviey> adam_g: want my log from a fresh instance?
<adam_g> Daviey: nah, i think we're seein the same thing now
<Daviey> The first one shows a FAIL, then SUCCESS
<Daviey> http://pb.daviey.com/WfEA/
<uvirtbot`> New bug: #933818 in nova "public-ipv4 metadata url not working" [Undecided,Confirmed] https://launchpad.net/bugs/933818
<adam_g> Daviey: right, the bug is that it will never fail and refresh its cache, just because its not up to date with floating ip info
<Daviey> right
<adam_g> Daviey: so, with your version, what happens if you deallocate the address and allocate a different ip ? :)
<Daviey> adam_g: trying
<Daviey> sorry, went afk
<adam_g> Daviey: i think the whole meta-data handler needs a giant refactoring, it would solve this and (all of the) other problems
<roaksoax> Daviey: still around?
<Daviey> adam_g: http://pb.daviey.com/Tb4B/ .. see the logs inline
<Daviey> roaksoax: yah
<Daviey> adam_g: i'm not convinced it is floating_ip related
<Daviey> i'd expect to see a FAIL there...
<Daviey> adam_g: although... floating_ip is constantly null
<Daviey> adam_g: ah, interesting... the cache is present, but not 'correct'
<adam_g> Daviey: right, its not updated with floating_ips
<zul> adam_g: i just pused a new python-keystoneclient to the ubuntu-server-dev
<roaksoax> Daviey: pm
<zul> adam_g: argparse has been removed from the egg as well
<adam_g> zul: nice, thanks. hopefully ill finally be able ot try that soon
<zul> adam_g: ill upload it to the archive tomorrow
<adam_g> zul: just the client, right?
<zul> right
<adam_g> q!
<adam_g> q
<uvirtbot`> New bug: #927803 in postfix (main) "Fails to launch recovery menu when (at least) Postfix installed" [High,Triaged] https://launchpad.net/bugs/927803
<adam_g> zul: what PPA are the new keystone packages going to?
<zul> adam_g: it will be going in https://launchpad.net/~openstack-ubuntu-testing/+archive/openstack-ksl-testing starting tomorrow
<adam_g> zul: cool
<adam_g> zul: what time you doing the opentack snapshot?
<zul> adam_g: tomorrow morning
<adam_g> zul: https://review.openstack.org/#change,4149 <- i screwed pep8 with one freakin space on this, but hopefully it can get merged before
<zul> okies
<BuenGenio> is the PHP 5.3.10 update coming to 11.04/10 any time soon?
<twb> ARGH.  Grub you're causing problems *AGAIN*
<twb> I have this as a BCP: http://paste.debian.net/156590/
<twb> But guess what, it looks like triggers (including the kernel post-hook to rewrite grub.cfg) happen *AFTER* the dpkg post-invoke
<tewea> i have an external hard disck but i coudn't write to it  just iam using FAT32 fomat please help me?
<twb> Scratch that, it looks like apt.conf isn't reread between aptitude sub-runs.  Mea culpa.
<tewea> i have an external hard disck but i coudn't write to it  just iam using FAT32 fomat please help me?
<BuenGenio> is the PHP 5.3.10 update coming to 11.04/10 any time soon?
<twb> SpamapS might know, if he's awake.
<journeeman> Hi. I am running 11.10 amd64-server. I had installed xubuntu on the machine so, xserver got installed automatically. I need xserver to run as a daemon after startup so I can forward graphics over ssh but, I also need to have the default runlevel as Multiuser text, i.e. `3' in the old unix way.
<journeeman> How do I do this? Aprreciate any help :)
<twb> journeeman: we discourage use of GUIs on servers
<twb> runlevels 2 through 5 are identical on Ubuntu systems; "3 is text; 5 is GUI" is a RHism
<twb> To disable GUI on startup, find /etc/init/gdm.conf and comment out the start-on line, where "gdm.conf" may be xdm.conf or kdm.conf or similar.
<twb> ssh -X requires only the xauth program, not all of X.  xauth is in its own package as at 11.10.
<twb> If this is a fresh install, recommend you reinstall from scratch, and only install xauth and the specific app you want (e.g. firefox), but *not* the xubuntu-desktop or xorg or gdm packages.
<journeeman> twb: Okay. I uninstalled xubuntu later. Didn't uninstall lightdm or other X packages. This is not a fresh install. Can't afford to re-install. That's definitely the last option.
<twb> if your server is just hosting the X apps, which X confusing calls the "client side", you only need the X app, xauth and openssh-server.  You *don't* need the X "server" side, i.e. lightdm and xserver-xorg
<journeeman> Okay, cool.
<journeeman> Okay, I commented out the `start on' line in lightdm.conf. So that should not start GUI on startup, right? Will it start X though? How do I stop xserver from starting?
<koolhead11> hi all
<journeeman> twb: Thank you very much for the help :)
<koolhead11> SpamapS: do i have to add a diff repo to get the latest 5.3.10 pkg?
<koolhead11> got it, apt-pinning :)
<twb> koolhead11: the x server doesn't 'start' at all
<twb> Sorry, bad completion
<koolhead11> twb: np :)
<twb> journeeman: lightdm starts an X server, but for ssh -X the X server is running on the place you're sshing *from*
<journeeman> oh okay..
<journeeman> twb: Okay, got it. Removed xserver-xorg-* and allied packages as well as lightdm. Everything works great. Thanks. :)
<uvirtbot`> New bug: #934011 in postfix (main) "package postfix 2.7.0-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/934011
<jamespage> morning all
<jamespage> Daviey: around?
<jamespage> rbasak, hows openmpi looking?
<rbasak> good!
<rbasak> I needed one fix, a DSO-related thing
<rbasak> Apart from that the only issue was build-deps and ordering as I haven't quite got a streamlined transition testing system
<rbasak> Also I have news of a test suite, though I haven' tlooked at that yet
<jamespage> rbasak, so do you think we will propose a full transition? or just upload a 1.5 versioned package to universe?
<rbasak> jamespage: assuming that a full rebuild test succeeds, and I can operate the MPI test suite successfully, I see no reason why we shouldn't do a full transition - apart from the timing, but I don't think anyone would have done any more testing had we uploaded a transition earlier this cycle anyway.
<Fudge> hiq uick question, is the console available from live cd ubuntu-server
<rbasak> jamespage: but it may not be absolutely necessary - it just seems cleaner to me. What do you think?
<jamespage> rbasak, I agreed that its cleaner
<jamespage> we would probably push for the transition early next release anyway.
<rbasak> My doubts were about testing, and now that I understand that there is an MPI test suite, it doesn't seem to be so much of an issue.
<jamespage> rbasak, there is a transition tracker we can get this sort of stuff setup in which might help a bit
<rbasak> Oh, really? That would be helpful
<jamespage> rbasak, http://people.canonical.com/~ubuntu-archive/transitions/
<koolhead11> https://launchpad.net/bugs/934064
<uvirtbot`> Launchpad bug 934064 in horizon "Installing openstack-dashboard on Precise removes Keystone package" [Undecided,New]
<koolhead11> is it?
<rbasak> Just having a complete list of rdepends would be good. I'd like a recursive option to reverse-depends. I was going to write that today :)
 * koolhead11 is trying it out
<uksysadmin> koolhead11: I've just raised that bug
<koolhead11> uksysadmin: am testing it. i doubt it could be the case
<koolhead11> still
<koolhead11> horizon uses keystone :)
<koolhead11> uksysadmin: what is the pkgname 4 dashboard openstack-dashboard or openstack-horizon
<jamespage> rbasak, http://paste.ubuntu.com/845579/
<jamespage> I grabbed the codebase and tried it for openmpi
<jamespage> that at least gives us the transition order
<rbasak> jamespage: awesome, thanks! I found xdeb which can provide a build sequence, but that doesn't help with parallelism without using xdeb itself which doesn't use sbuild.
<jamespage> rbasak, once you are happy that we can transition and we have a FFE exception I suggest we ask to get this setup in the transition tracker
<rbasak> jamespage: I have a patch for blacs-mpi btw, that causes its rdepends to FTBFS
<rbasak> jamespage: I'd like to do a full rebuild test which should work better this time with the dependency information. I'll set it up today with parallel builds to speed it up.
<rbasak> jamespage: and then I'll get started on the test suite.
<jamespage> rbasak, are you installing the resulting artifacts?
<rbasak> jamespage: no, although I noticed that sbuild has a piuparts thing that can do that. Do you want me to enable it?
<rbasak> jamespage: I take it you're asking me to check if the generated debs are installable?
<jamespage> rbasak: that might be helpful with the FFE
<rbasak> OK
<jamespage> rbasak, no I'm saying that for later tiers of dependencies you will need to rebuild against the packages you just built
<jamespage> make sense?
<rbasak> Ah yes - I have been doing that
<rbasak> I modified my sbuild to use add a local repo, and have that pinned at higher priority
<rbasak> That's how I discovered the blacs-mpi problem.
<jamespage> right - I see
<jamespage> FYI the level 0 and 1 dependencies can be folder
<jamespage> mpi-defaults does not need to be rebuilt
<jamespage> *folded
<uksysadmin> koolhead11: openstack-dashboard
<uksysadmin> couldn't find one referencing horizon... lemme check again.
<uksysadmin> nope - openstack-dashboard it is, references a python-django-horizon
<Stef2> when i start ubu server some errors appear but they dissapear fast. how can i see all the text that appear on screen util ubu login?
<Stef2> *screen until
<Daviey> jamespage: always
<jamespage> Daviey, good morning!
<jamespage> late one last night?
<Daviey> jamespage: sadly, all too often
<koolhead11> uksysadmin: i can see keystone still there
<koolhead11> i dont think its a bug
<koolhead11> :)
<koolhead11> Daviey: am bit famous today!! :P
<jamespage> Daviey: I wanted your opinion on something in a new package I've reviewing
<jamespage> bug 930422
<uvirtbot`> Launchpad bug 930422 in ubuntu "[needs-packaging] rds Resara Server" [Wishlist,New] https://launchpad.net/bugs/930422
<jamespage> all-in-all its looking OK; however I'm uncomfortable about the embedded source of qtrpc2 in this package
<jamespage> Daviey, wanted to double check I'm not being irrational!
<Daviey> jamespage: you seem to be being quite thorough :)
<jamespage> Daviey: I learn't from the master of thorough!
<uksysadmin> gets removed on my setup :(
<Daviey> jamespage: Hah.. right, so - if it were me, i think i'd be tempted to, at this stage, just make the changes myself and upload
<jamespage> Daviey: with a FFE exception of course :-)
<Daviey> jamespage: it seems they went to the effort.
<Daviey> https://launchpad.net/~resaraserver/+archive/resaraserver/+build/2046346
<jamespage> Daviey: it looks so
<jamespage> hence my slight discomfort with it being embedded
<Daviey> jamespage: i'd get clarification on that, but the rest of the things i'd just change muyself.
<jamespage> Daviey: OK - I'll catch brendan this afternoon (he's east coast)
<jamespage> Daviey: can i get an FFE for this on #ubuntu-release or do I need to justify in the bug and sub ubuntu-release?
<Daviey> jamespage: Add ratonal on the bug, subscribe ~ubuntu-release.. and give me a ping. :)
<koolhead11> uksysadmin: gosh you are right :)
<jamespage> Daviey: OK - I'll get the rationale for the embedded qtrpc2 library sorted out and do so later today
<Daviey> jamespage: add [FFe] to the title
<Daviey> jamespage: sorry, rational for a FFe
<jamespage> Daviey: yeah - got that!
<koolhead11> uksysadmin: i installed keystone after installing dashboard and its telling me it will remove whole horizon. gosh
<Daviey> jamespage: groovy!
<uksysadmin> koolhead11: yup. bug :p
<koolhead11> uksysadmin: http://paste.ubuntu.com/845620/
<uksysadmin> confirmed then.
<koolhead11> yeah am adding my pastebin output there too in comment
<uksysadmin> great
<koolhead11> uksysadmin: am sure it would be fixed and in the pinned repo.
<uksysadmin> pinned repo?
<koolhead11> uksysadmin: https://help.ubuntu.com/community/PinningHowto
<uksysadmin> cheers
<uksysadmin> not sure I have a version I know works to pin though - does this suggest I install keystone, pin that and it won't get removed?
<uksysadmin> sounds like a fudge when it comes to dependency checking
<koolhead11> uksysadmin: i think this will keep you updated with the daily developments i suppose
<uksysadmin> true - will see how it goes.  I appreciate that essex on precise is a moving target.
<uksysadmin> keystone is getting a hammering in this release - dialogs boxes popping up asking user input, to getting removed by unrelated packages! ;-)
<koolhead11> essex/precise/precious == win!! :)
<uksysadmin> I for one is looking forward to the Randy Robin release in 2013 ;-)
<Daviey> rvba: Hey, do you have a moment?
<rvba> Daviey: sre, what's up?
<rvba> sure*
<Daviey> rvba: So, i wanted to run a patchset against you for django.
<rvba> Daviey: all rightâ¦
<Daviey> bug 905837 , has patches attached.. but differ from upstream.
<uvirtbot`> Launchpad bug 905837 in python-django "python-django 1.3-2ubuntu1.1 is incompatible with Psycopg2 2.4.2-1" [Undecided,Confirmed] https://launchpad.net/bugs/905837
<Daviey> rvba: specifically, from django.db.backends.postgresql.introspection import DatabaseIntrospection as PostgresDatabaseIntrospection , isn't removed.
<uvirtbot`> New bug: #934118 in nova (main) "Floating ips not available to instances after upgrade" [Undecided,New] https://launchpad.net/bugs/934118
<rvba> Daviey: I have some reading to do now :)
<Daviey> rvba: sorry!
<rvba> Daviey: That's ok ;).  I'll look into the patches.
<Daviey> rvba: thanks
<rvba> Daviey: I mean you just gave me some reading to do ;)
<rvba> Daviey: so you want me to make sure the patch is fine is that it?
<rvba> Daviey: The one proposed on the ticket.  Because the fact that it differs from the upstream patch worries you a bit.â¦ right?
<rvba> Proposed on the lp bug that isâ¦
<rvba> Daviey: just making sure because I'm kinda new to packaging (to say the least).
<Daviey> rvba: right!
<rbasak> jamespage: could you please review/sponsor bug 934138?
<uvirtbot`> Launchpad bug 934138 in blacs-mpi "libblacs-openmpi.so.1.1 does not declare its dependencies" [Undecided,New] https://launchpad.net/bugs/934138
<rvba> Daviey: cool, I'm on itâ¦
<Daviey> rvba: It's not really packaging problem, just that the proposed diff's are different to trunk
<rbasak> jamespage: (this is affecting rebuild testing but the bug is relevant to the current archive version too)
<Daviey> rvba: thanks!
<rvba> Daviey: right.
<jamespage> rbasak, why did you need to switch gcc -> ld?
<rbasak> jamespage: it did confuse me. gcc in that form isn't creating the desired result. To simplify things, I used ld, and it worked. I'm still baffled as to why it doesn't work using gcc, but all that line does is link object files, so ld would be more suitable anyway.
<jamespage> rbasak, ack
 * jamespage has discovered if my laptop fan runs harder it stops making a grinding noise!
<rbasak> jamespage: apt-get install cpuburn? :-)
<jamespage> rbasak, its still under warranty - raised a support call last night
<rbasak> I had an RMA for my laptop but failed to get round to backing it up, switching to my spare and sending it off in the 7-day window they gave me :-(
<Daviey> jamespage: 'grinding'.. crikey
<jamespage> rbasak, next business day onsite warranty is worth it...
<rbasak> hmm
<rvba> Daviey: the second patch on lp is the same as the fix 16520 on django.  The first patch is the minimal effort that needed to done for the second patch to apply successfully (it simply copies db/backends/postgresql/creation.py to db/backend/postgresql_psycopg2).  It's a very short "summary" of what happened between 1.3 and trunk.
<rvba> In django upstream, between 1.3 and trunk, the whole module db/backends/postgresql has been removed.
<rvba>  "from django.db.backends.postgresql.introspection import DatabaseIntrospection as PostgresDatabaseIntrospection" is still there because all this renaming/deleting has not happened in 1.3 and the first patch only took care of the file creation.py where the meat of the real fix (the second patch on lp or changeset 16250 in django) happens.
<rvba> Daviey: I haven't run the tests or anything yet but the fix seems very sane to me.
<rvba> Daviey: do you want me to run the tests & all or have you done that already?
<Daviey> rvba: ahh, so if i fold both patches into one.. you think it makes sense?
<Daviey> rvba: no, i'll run the tests.. don't worry about that
<Daviey> it was more the logic that didn't make sense to me :)
<rvba> Daviey: absolutely, like I said, the first is a summary of what happened to the Django code base between 1.3 and trunk (the minimal amount for the second patch to be applied).
<rvba> the first patch*
<Daviey> rvba: thanks :)
<jamespage> rbasak, you can still use gcc - but the -l's need to be moved to after the .o files in the command
<rvba> Daviey: Glad to help.
<jamespage> rbasak, http://paste.ubuntu.com/845710/
<rbasak> jamespage: aha, thanks! I thought it was an ordering issue from memory but tried it the wrong way round :)
<jamespage> OK if I make that minor change and upload?
<jamespage> I hit a similar issue with some hadoop stuff a few weeks ago
<rbasak> Sure, thanks! Sorry about forgetting update-maintainer too.
<jamespage> rbasak, np - sponsor-patch did that for me :-)
<rbasak> btw, are you sure that this will work? I haven't tested it now :)
<rbasak> Just testing it now.
<jamespage> rbasak, I just tested it and uploaded
<rbasak> jamespage: thanks. Just this second my test succeeded.
<jamespage> rbasak, http://paste.ubuntu.com/845713/
<jamespage> rbasak, please can you make sure that gets submitted back to debian
<jamespage> I would suspect they have the same issue
<rbasak> Interesting - I get something slightly different.
<rbasak> http://pastebin.com/vPvEc0BU
<rbasak> I wonder what libopen-pal is? Anyway I don't suppose it matters.
<rbasak> I'll file a Debian bug now.
<jamespage> rbasak, you know submittodebian?
<rbasak> I'd heard of it, but never used it. I shall use it now, thanks :)
<jamespage> saves alot of time!
<rbasak> jamespage: hmm. It's not going to work from the mostly-unconfigured with no functioning mail cloud instance I have the sources on! :-/
<jamespage> no
<Daviey> rbasak: no functionig mail ?
<rbasak> Daviey: not unless you appreciate emails from root@localhost and your spam filter allows them through, or I configure stuff correctly. The cloud I'm using has outbound SMTP blocked at the moment, too.
<Daviey> rbasak: configuring outbound isn't  challenge, and the key is that port 25 is blocked, not SMTP :)
<rbasak> Daviey: I don't want to put my outbound submission credentials on a cloud instance either!
<rbasak> (nor have I got round to automating it in some way)
<Daviey> rbasak: ah, i created a special user just for it.
<rbasak> Daviey: I don't have that luxury :)
<zul> morning
<jamespage> hey zul
<zul> hey jamespage
<smoser> rbasak, http://paste.ubuntu.com/845863/
<smoser> that works now with latest cloud image
<smoser> basically a much saner way than OVF manipulation to seed the image.
<rbasak> smoser: that's brilliant - thanks!
<smb> smoser, Awesome, this answers my question that I was thinking to ask about a minimal set of data for meta and user data. :)
<smb> smoser, Maybe one additional question about that: can the password that way set to be empty (just having nothing beyond the password:)?
<smoser> smb, are you asking if you can set an empty password ?
<smb> smoser, Yes, that was my intention
<smoser> it doesn't look like it.
<smoser> cloud-init just uses chpasswd
<smoser> and i can't get chpasswd to take an empty passwd.
<smoser> smb, are you wanting ssh login ?
<smoser> that can be done easily enough by inserting keys (which you can via user-data)
<smb> Ah ok. Well just trying to get an end result similar to ec2. Not really sure the pw there is empty actually or whether sudoers just allows anything without a pw
<smoser> smb, ah. yeah.
<smoser> sudoers for the ubuntu user does not require a password
<smoser> so what you want is to do something like this:
<smb> Up to now I did some sort of uncloudify and used "passwd -d ubuntu" which is wrong in several ways I guess. :)
<smoser> smb, http://paste.ubuntu.com/845895/
<smoser> use that to write your user-data and your ssh-keys will get imported.
<smoser> or use ssh-import-id
<smoser> (which can be used from user-data too)
<smoser> #cloud-config
<smoser> ssh_import_id: stefan-bader-canonical
<smb> I see. Ok. I'll giive those a try
<smb> thanks
<jamespage> hallyn, around? seeing and odd issue with lxc with duplicated mac addresses
<jamespage> hmm - maybe utlemming then?
<MTecknology> I'm trying to make a preseed file but getting stuck on the partitioning piece. I think I have everything else figured out. Any chance I could convince someone to take a peak at what I have? http://dpaste.com/704419/
<caribou> smb apw, I have a kernel question for you
<hallyn> stgraber: workign o nthe lxc server guide - i'm going to work on getting all the other templates to work too, as part of that.
<caribou> off the top of your head, would you remember any regression b/w Oneiric & Natty wrt the megasas module ?
<stgraber> hallyn: good luck with fedora ;)
<apw> caribou, not i
<smb> not from the top of my head
<caribou> The Oneiric installer is no longer to see the raid drives but it works well on Natty
<hallyn> stgraber: ya
<smb> caribou, Hm, I only remember some not yet supported cases for Lucid...
<caribou> apw: smb here is the contents of the syslog with DEBCONF_DEBUG=5 on both installs : http://paste.ubuntu.com/845931/
<caribou> it's using the same preseed file on both btw
<smb> caribou, Hm... wasn't that maybe the driver that renamed devices... or was that another thing
<caribou> I'll try the same with the precise daily build next week to compare
<smb> caribou, One of your final lines in the oneiric case seems to have a scsi4 found and bound...
<caribou> smb: yes, but after that there is nothing more and d-i goes ahead and ask which module should be loaded
<caribou> smb: wait, no, the lines were much further & diluted in the log, my fault
<smb> caribou, Right, so somehow the drive is not found, or none to say
<caribou> smb: here is the rest of the log : http://paste.ubuntu.com/845939/
<smb> caribou, Sorry got me a bit confused: is that oneiric or the natty one?
<caribou> smb: sorry, this is the follow-up of the Oneiric syslog
<smb> ah ok
<smb> hm. there is some disk info...
<caribou> smb: at the end it goes to SUBST disk-detect/module_select to ask for which module needs to be loaded
<caribou> smb: with Natty, it continues without asking anything
<smb> caribou, Yes. looks a bit weird. I see the info from the host scan, but not any sd devices being created
<uvirtbot`> New bug: #934256 in lxc (universe) "lxc-clone should replace/change hwaddr when cloning containers" [Undecided,New] https://launchpad.net/bugs/934256
<caribou> smb: could this be caused by a race condition because of the fact that the host scan happens much later in the Oneiric log than on Natty where it appears right after the module is loaded ?
<smb> caribou, Not sure. Actually it does not really seem to be "much" later. Just about one second after the messages about the adapter init
<smb> and that could be just becuase we were at the end of that second
<hallyn> jinkeys man pages need updating too
<michael_tn> good day all, is this the correct channel for orchestra/juju discussions?
<kirkland> michael_tn: sure
<michael_tn> :-)
<michael_tn> great,
<kirkland> michael_tn: this channel is a bit better for orchestra;  #ubuntu-juju is a bit better for juju
<michael_tn> we're experimenting with the build on some cluster hardware
<michael_tn> and i anticipate a bit of handholding may be required
<michael_tn> we have a pretty nice cluster we're repurposing to openstack
<michael_tn> we have orchestra up and are about ready to move on to juju, but were a bit unsure whether to go ahead and provision a group of nodes in orchestra before bootstrapping juju or to do it after
<jamespage> michael_tn, do you want to manage all of the nodes you have through juju?
<michael_tn> hmmm ...
<michael_tn> not sure, not considered that really
<jamespage> michael_tn, OK; so for the node that you want juju to manage they have to be in a certain class in cobbler (part of orchestra)
<michael_tn> the entire cluster is commited to openstack (two head nodes and 64 cluster nodes)
<SpamapS> michael_tn: you simply need to identify them in orchestra, and put them in the 'available-mgmt-class' that you defined in your juju environments.yaml...
<michael_tn> ok
<SpamapS> michael_tn: juju will do the provisioning
<michael_tn> juju will select those nodes at random?
<jamespage> michael_tn, at the moment yes
<michael_tn> ok
<michael_tn> should we instantiate a single node to bootstrap juju at the start or just let bootstrap pick one out of our group?
<jamespage> michael_tn, juju will pick one
<Daviey> SpamapS: would you be able to look at bug 934013 ?
<uvirtbot`> Launchpad bug 934013 in mysql-5.5 "Mysql fails to start after upgrade to precise" [Undecided,New] https://launchpad.net/bugs/934013
<michael_tn> ok, thanks, i'll spin up a few nodes and see if i can get juju bootstraped
<michael_tn> our WOL is not working so i have to go boot things by had :-\
<kyconquers> what does this error mean? http://pastebin.com/ANuDMQRR I have narrowed it down to one line, I am clicking on an input field.
<brendan0powers> jamespage: Hi, thanks for taking another look
<SpamapS> Daviey: I think I fixed that yesterday...
<SpamapS> Daviey: oh, no.. hrm.. thats the new version
<SpamapS> Looks like the apparmor profile is still borked
<Daviey> :(
<SpamapS> Daviey: I think its actually caused by incomplete /run migrations... but we should still be able to run things. :p
<jamespage> hey brendan0powers: thanks for doing those updates
<jamespage> brendan0powers, so - qtrpc2 - why do you need it within the rds packaging?
<jamespage> it could be packaged separately?
<Daviey> SpamapS: Make sure you thank lennart.
<SpamapS> Daviey: whoa wait.. this is weird
<SpamapS> Daviey: I think it may be a confflie transfer of ownership issue
<brendan0powers> jamespage: It could be, but rds is the only software that uses it(that I'm aware of), and since it lives in the rds VCS, it's released at the same time Resara Server is
<Daviey> SpamapS: This adds to my confidence of upgrade testing :)
<robbiew> heh
<jamespage> brendan0powers, so its part of rds? I think I'm misunderstanding how it relates to rds
<brendan0powers> jamespage: QtRPC was a library Resara developed for our last product, which was closed source. At one point, we posted a version of it on google code with an open source license
<jamespage> brendan0powers, ah - I see - so it versions and releases inline with rds
<brendan0powers> jamespage: But now, it lives in the Resara server repository, with an open source license
<brendan0powers> yes
<jamespage> brendan0powers, OK - look I'll do the updates to the package as I documented in the bug report
<brendan0powers> Oh, I'm already part way through that
<jamespage> brendan0powers, excellent!
<jamespage> brendan0powers, so the normal place to document things folk should understand about stuff like this is in debian/README.source
<jamespage> could you add a few notes while you are doing the updates?
<brendan0powers> Notes about what?
<brendan0powers> QtRpc?
<jamespage> brendan0powers, yep
<brendan0powers> Ok, I will do that
<jamespage> +1
<michael_tn> off to data center, bbiaw with more questions i imagine :-)
<michael_tn> thanks for the help!
<MTecknology> preseed files seem to be nice and well documented until it comes to partitioning.... :(
<uvirtbot`> New bug: #760443 in bacula (main) "Bacula installation fails at dbconfig-common stage" [Medium,Confirmed] https://launchpad.net/bugs/760443
<brendan0powers> jamespage: I'm not sure I understand the copyright stuff
<jamespage> brendan0powers, leave that with me then - I'll update
<brendan0powers> jamespage: I modified the 2 LGPL-2 licenses to be LGPL-2+
<brendan0powers> jamespage: ok, then all the issues should be fixed
<brendan0powers> I need to run i through pbuilder to make sure
<jamespage> brendan0powers, OK - let me know when you are happy
<jamespage> I'll re-clone and update as required.
<brendan0powers> jamespage: Ok, everything is pushed to the repo
<jamespage> brendan0powers, ack
<brendan0powers> jamespage: you can re-clone and take a look
<hallyn> jamespage: good catch on lxc-clone and hwaddrs :)
<hallyn> i'll add that to the HUGE SLEW of changes i'm doing today
<jamespage> hallyn, w00t!
<jamespage> took me a while to figure out what was going on
<hallyn> stgraber: fedora template pretty much working.  though repos aren't quite working after start...  more work to do
<Plizzo> I have an installation of Ubuntu Server 11.10 x64 which is freezing completely at random occasions. I've tried to modify the grub parameters, change kernel, running memtests, tailing logs, but nothing helps. Does anyone here know how to solve this?
<brendan0powers> jamespage: It seems there is an issue with the packages in the repo
<brendan0powers> jamespage: librdsserver1 is depending on librdslap, and not librdsldap1
<brendan0powers> It's not listed in the control file, so debhelper must be generating the dependency
<jamespage> brendan0powers, that maybe an shlibs problem
<jamespage> brendan0powers, shlibs.local
<jamespage> needs a tweak
<brendan0powers> forgot about that file
<jamespage> it kinda works i.e. it will install because librdsldap1 replaces librdsldap
<jamespage> brendan0powers, anyway I have to finish reviewing this on Monday  - thanks for all of the updates you have done to  the package
<brendan0powers> Ok
<jamespage> once I've confirmed it builds and installs OK I'll get the FFe and get it uploaded.
<brendan0powers> Awsome
<brendan0powers> I'll continue poling around a little more and see if I find any more issues
<brendan0powers> I'll update the bug report if I find anything
<adam_g> zul: thoughts on reenabling the libvirt console patch on CI?
<zul> adam_g: im trying it out locally still
<zul> adam_g: if im happy with it then ill re-enable it
<adam_g> hm ok
<Potatoe> I am sending sip packets to my server. On my server I am running ngrep on the interface where the packets are coming from. Some packets are not arriving in ngrep even though I see them on tcpdump leaving the remote site. What's odd is it's always the same packets that are being dropped. is there any filter that might drop packets before ngrep ?
<Potatoe> Can packets by dropped by the kernel before hitting ngrep or tcpdump ?
<rbasak> Potatoe: as far as I'm aware, no, provided that you're capturing on a real interface (not a bridge or something).
<rbasak> Potatoe: I'd use tcpdump on both ends with identical filters to verify.
<Potatoe> eth0 which is a nic on the moboard
<Potatoe> it says '0 packets dropped by the kernel;
<brendan0powers> jamespage: I have updated the repo with the shlibs.local fix, rebuilt the packages, and verified they install
<JanC> Potatoe: what type of traffic isn't seen by ngrep?
<Potatoe> SIP Packets
<Potatoe> but only some are disappearing, so it's not a nat issue
<RoyK> Potatoe: anything in iptables_
<Potatoe> No
<Potatoe> I reset everything iptables-save and see nothing
<Potatoe> accept by default
<RoyK> then kernel really shouldn't drop anything
<Potatoe> That's what I thought
<Potatoe> It's my understanding that ngrep/tcpdump shows data before it hits iptables
<RoyK> Potatoe: iirc before the filter table, yes, but not sure about the rest
<RoyK> Potatoe: anyway - what sort of software is this?
<Potatoe> Ubuntu 10.04 LTS with Kamailio 3
<Potatoe> I think it might be related to the ethernet bonding rules which I know little about
<patdk-wk> heh? your using bonding?
<patdk-wk> you better be very careful what mode you use, and make sure your nic's and switch supports it
<patdk-wk> plus whatever you talking to supports that mode also (for a few modes)
<Potatoe> how do I get the network card back into 'master'
<stgraber> hallyn: uploading udev now
<patdk-wk> unplug the other network cards?
<Potatoe> I tried to activate the bonding mode
<Potatoe> it didn't work
<Potatoe> now the network card won't work in non bonded mode
<Potatoe> it says 'RUNNING SLAVE'
<patdk-wk> heh?
 * patdk-wk might recommend learning how bonding works, before you go and use it
<Potatoe> I tried to activate bonding
<Potatoe> now nothing works
<Potatoe> I reset the interfaces script to what I had before
<Potatoe> and ran /etc/init.d/networking restart
<patdk-wk> that won't unbond
<patdk-wk> in fact, that is a horrible idea to do, ever
<Potatoe> how do I go back
<patdk-wk> this is what ifup/ifdown is for
<patdk-wk> at this point? reboot
<Potatoe> that fixed the original config
<patdk-wk> what bonding mode did you attempt?
<joren> Hey, I've got a serve rwith a raid setup that I just replaced a disk in, and it's taking for ever to come up now (been waiting 5 minutes so far.) I don't see any disk activity, and the last output was /dev/md1 clean
<joren> is there any way to get a more verbose output of what it's doing?
<jacobw> what model of raid controller is it?
<joren> software raid
<joren> maybe the array is just being slow, but it really doesn't seem to be hitting the disks at all
<joren> I'll give it a bit longer and then just remove the array from fstab I guess
<uvirtbot`> New bug: #934515 in python-novaclient (main) "--meta key=value cannot accept '=' in value" [Undecided,New] https://launchpad.net/bugs/934515
<uvirtbot`> New bug: #934534 in nova (main) "metadata ami-launch-index coming back off-by-one" [Undecided,New] https://launchpad.net/bugs/934534
<uvirtbot`> New bug: #934540 in bacula (main) "package bacula-common-pgsql 5.2.3-0ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/bacula/libbaccats.la', which is also in package bacula-common 5.2.3-0ubuntu2" [Undecided,New] https://launchpad.net/bugs/934540
<vindav> Hello, I am a Ubuntu 11.10 newbie gaining experience and have a new project in which I want to back up my local drive to my local network access storage drive (LaCie d2).  Can anyone provide a solution or a step by step process of how this can be achieved please ?
<vindav> I we'll if it can help the majority, 'Grsync' is the resident program that is used to accomplish the task I am looking to do to do local drive to a network access storage device.  I tested this out and found that I can do so far a single folder transfer with contents.  Now, if I can do multiple folders in a transfer with automatic timely transfers, I think we'll have something happening.  Any comment or advise ?
<Plizzo> I have a server running Ubuntu Server 11.10 x64 and that is randomly freezing, any help?
<Spanky> Plizzo -- Sounds like hardware crap to me...
<Spanky> Memory?
<Plizzo> Spanky: I did 23 passes of memtest, no errors
<Spanky> Try running off a LiveCD and do a few things...
<Spanky> Random freezing sounds like hardware....  These things can be a bitch to troubleshoot
<Plizzo> I know, I've been trying to fix it for weeks.. :(
<Spanky> See if the box runs 10.04LTS or run another server distro or WindowsServer or something and see what happens...
<Spanky> You got any spare boxes in the closet....
<Spanky> ?
<Spanky> You could try a forked off server like Zentyal or even try Debian Server or what not...
<qman___> if it freezes up without a kernel panic that's almost guaranteed hardware
<Spanky> Just doesn't sound like a Server OS issue when you have random freezes...
<qman___> even most freezes with kernel panics are hardware, but almost all freezes that are software will have a kernel panic
<Spanky> Yep...
<Plizzo> qman__: The logs are empty
<Spanky> This is a new install right?
<Plizzo> I've tried tailing all logs, but there are no irregulaatories
<Plizzo> Spanky, not entirely new
<Plizzo> I've had it since around new years
<Spanky> Ewww...
<Plizzo> And the problem seems to have started after I ran sudo update-grub
<Plizzo> the first time
<Plizzo> But at that time I had made no changes to the config file..
<Spanky> Can you try a new install on a separate drive and just check the hardware...?
<qman___> grub has no effect on the server while it's running
<qman___> only when it's booting
<Plizzo> Could the graphics drivers be causing this?
<Spanky> Grub 2 has been pretty solid for me on the desktop.  I don't multi-boot my server hardware though so I don't get into the wooly stuff there...
<qman___> without X, there aren't really any graphics drivers per se
<qman___> if you're running KMS or a framebuffer you can try booting with it disabled
<Plizzo> I run XBMC
<Plizzo> XBMC-Live
<Plizzo> But even without that and Xorg running, it still freezes
<qman___> recent versions uses KMS by default, try booting with the option 'nomodeset'
<Spanky> Yeah, I run Zentyal Server that uses LXDE and it's super low graphics overhead....  So even with X, not a lot of issues I've seen...
<Plizzo> qman__ I have nomodeset already
<Plizzo> I have an Nvidia 520 GPU in the server for 1080p decoding
<Plizzo> And vdpau drivers installed
<qman___> well, it could be a problem
<qman___> but like I said
<qman___> freezing up, if it's a software problem, almost always gives a kernel panic
<qman___> like, five nines
<Plizzo> Should I boot from a Live-CD usb and try having it on to see if it freezes?
<Spanky> I'm out.... I don't put big graphics boards in my server boxes.
<qman___> worth a shot
<Plizzo> Alright, thanks
<Spanky> As I suggested...  You have to nail down the problem... What server application you using that requires a NV 520?
<qman___> while it's not really wrong in any way, media centers are a bit outside the normal scope of this channel
<qman___> I'd bet money it's a hardware problem though
<Spanky> Yeah, most of us shiners are just running a file, print server and maybe some FTP or WWW....
<qman___> could try some sort of graphics card testing utility
<Spanky> Can you boot Ubuntu desktop on that puppy?
<Spanky> Live CD?
<hallyn> so to be clear, we're not in ff, but right now we're not in any sort of upload freeze (for bugfixes) right?
<hallyn> hm, lxc-start-ephemeral may need the macaddr fix too as lxc-clone did
#ubuntu-server 2012-02-18
<arosales> have a good weekend.
<mgw> how could i create a 'file' whose content will always be the output of some cmd
<mgw> ?
<mgw> without using cron
<mdeslaur> mgw: start a daemon that updates the file?
<mgw> mdeslaur: I supposeâ¦. any other ideas?
<mdeslaur> a dbus service?
<mdeslaur> I lack context
<mgw> I have a directory
<mgw> of files
<mgw> I need a yaml file that will be always up to date
<mgw> that lists the files in that directory
<mdeslaur> hrm, unless I'm missing something, a cron job would be a good way or else it gets really complicated :)
<mdeslaur> a daemon that has an inotify on the directory and that you communicate with using dbus or some other way?
<mgw> mdeslaur: yeah, i was looking at inotify
<mgw> I was hoping there was some fundamental file type I was missing
<mgw> I'm just going to execute a script to do it
<mdeslaur> mgw: named pipes?
<mdeslaur> you still need a daemon on the other end though
<vindav> Grsync you can count on for local drive back up to the your network in either its entirety or in segments.  Now to find out if it can do it on a scheduled basis or not, is the question.  Anybody know about how to go about that ?
<mgw> mdeslaur: I just discovered that puppet (for which this file is required) has a prerun script
<mgw> so I can create the file there
<mgw> thanks for the ideas!
<mdeslaur> cool!
<mdeslaur> mgw: np
<hallyn> aha - apparently, systemd REALLY wants /dev/shm to be mounted, or it won't do a thing
<hallyn> yay, i have a f16 container working
<hallyn> stgraber: ^
<hallyn> now what to do with it?
<hallyn> rm it i guess
<stgraber> wow!
<hallyn> took me hours to figure that out :)  it jsut wouldn't spit out any info at all.  and i thought strace was just being silly, but in fact it was telling me the problem :)
<ravenel> evening everyone
<ravenel> i have a question about an mdadm-based raid array im hoping someone might be able to point me in the right direction on
<pmatulis> !ask | ravenel
<ubottu> ravenel: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<ravenel> I have an mdadm-based raid array, and recently drive sda in this array failed. I replaced the drive, but now cannot boot--I get a "reboot and select proper boot device" error
<ravenel> Im thinking this is likely from my BIOS, complaining because the new, bare sda drive does not have anything, including an MBR, on it
<ravenel> Any suggestions on how to resolve? Can I just change the BIOS boot order without trashing the now degraded array?
<pmatulis> describe the array
<fluvvell> ravenel, this sometimes happens if the MBR is not written to both drives in your RAID array. as pmatulis said, describe the array to us. is it RAID1 ?
<ravenel> the array consists of three disks, sda, sdb, and sdc
<fluvvell> should find the first boot drive by itself. Mirrored?
<ravenel> there are three arrays--one raid-1 for boot, another raid-1 for /home, and a raid-5 data partition
<ravenel> when i setup the array, i did install grub to the MBR of all of the drives
<ravenel> sda is the drive that failed and was replaced with a currently bare drive
<fluvvell> if you can boot a recovery cd, you might get grub to write the MBR to sda
<ravenel> would it auto-detect the arrays?
<ravenel> should i just manually change the boot order in my bios to boot from sdb? or will that trash the arrays?
<fluvvell> depends what you boot with. Won't trash the array unless you tell it to. You might need to apt-get install mdadm and tell it to auto detect then rebuild. You *will* need to partition the sda drive
<ravenel> correct, once i can get it to boot, i will copy the partitions from sdb or sdc and re-add the drive to the array
<fluvvell> I would love to see some auto recovery tools to use with mdadm, but you have to do a fair bit by yourself
<ravenel> yeah :(
<ravenel> ok, so going into the bios and telling it to boot from sdb wont hurt anything?
<fluvvell> bios can't boot a drive that has 1. no boot active partition 2. no MBR
<ravenel> right, but it (should!) have both of those things... i set them up when i built the array... not sure why the BIOS didn't try to boot from the next disk when the first failed, but thats a problem for another day :)
<fluvvell> did you use grub?  Did you tell it to make the drive bootable?
<ravenel> yeah
<fluvvell> ok so have you set up the partitions?
<ravenel> no, not yet, sda is still bare, fresh out of the box
<pmatulis> ravenel: booting from a degraded array, that's not a given.  it's a cautious step to *not* do that automatically
<fluvvell> ok well you do have to set them up. There is IIRC a couple of ways of describing the arrays, one as sda sdb, and another as UUID.  The UUID method is more robust if you move the drives into different slots
<ravenel> gotcha
<ravenel> ok, so here is what i see my next steps as--feel free to correct!
<ravenel> 1) update bios to boot from sdb
<ravenel> 2) when booted, format sda-- sfdisk -d /dev/sdb | sfdisk /dev/sda
<qman___> boot from sdb degraded, create identical partition layout, add it into the arrays, and install grub to its mbr
<ravenel> 3) add partitions back to arrays
<ravenel> 4) install grub
<qman___> no formatting is needed
<ravenel> gotcha, thanks!
<ravenel> well, now to give it a try... and hope that i did in fact install grub to sdb and sdc! wish i'd taken better notes when i built this thing a few years ago...
<fluvvell> I've previously booted from a CD, created the partitions, installed grub to the new drive then rebooted into the degraded array.
<qman___> yeah, you can do it live too
<ravenel> fluvvell: is that any less risky than doing it off the booted array?
<qman___> not by any measurable amount
<ravenel> gotcha
<qman___> the only risk here is if sdb fails
<ravenel> right
<ravenel> then im hosed :)
<qman___> and both cases take roughly the same amount of time to replicate the data
<fluvvell> agreed
<qman___> and require the same disk activity from sdb
<ravenel> right
<ravenel> if i had to do it again, i think id make it raid-6 to protect against a drive failing during rebuild... with these huge drives, its a concern
<fluvvell> from a live boot cd you could always backup important data without starting the installed system.
<ravenel> the important stuff is all backed up already, thank god
<fluvvell> ok
<ravenel> backs up every night to another server
<fluvvell> ravenel, are you cooling your drives directly?
<ravenel> yeah, the case has a fan blowing right over them
<fluvvell> great.
<ravenel> ok, im going to go give this a try
<ravenel> thanks for the help!
<ravenel> hopefully i wont be right back with problems :)
<fluvvell> feel free to feedback your success.
<ndroftheline> hello
<ndroftheline> i'm a US Peace Corps Volunteer serving in a rural area in the Philippines and I'm looking for some help with planning out how to best leverage the available technology here
<ndroftheline> the school I work at recently received a donation of 11 desktop computers with quad-core processors and 4gb ram each.
<ndroftheline> i've been doing research about multi-headed linux and i like it, but the school is highly reluctatnt to abandon support for the MS Office family of programs
<ndroftheline> so i was thinking about turning one of those powerful systems into a linux server and running a virtual windows server. then the multi-headed linux clients could connect to the virtual windows server to use MS Office apps.
<ndroftheline> does that sound manageable?
<pmatulis> ndroftheline: effectively, the clients would be connecting to a windows server, regardless if it's being virtualized withing a linux system
<ndroftheline> that doesn't bother me, i'd be using the linux server as a file server as well
<ndroftheline> er, should that bother me?
<ndroftheline> i guess i could just run the windows OS directly on the server hardware
<ndroftheline> and use windows as the fileserver as well
<ndroftheline> which is better?
<pmatulis> ndroftheline: it depends on the workload.  if the windows server is consuming the vast majority of the hardware resources then it would be best to just run windows natively
<pmatulis> ndroftheline: if i were you i would first try to get rid of windows entirely
<pmatulis> ndroftheline: you could also run windows applications locally on each of the clients
<ndroftheline> true, but the clients will be running linux - windows doesn't offer a feasible multi-head setup
<pmatulis> if you're stuck with MS
<pmatulis> ndroftheline: no.  run Linux and the Wine framework.  you would need to check to make sure the MS s/w versions will run on the Wine you will be installing
<ndroftheline> my only problem with using wine is that my personal experience and the research i've done online indicates that many slightly less popular ms office apps aren't very stable under wine
<ndroftheline> for example, my school has curriculum teaching Publisher to the students
<ndroftheline> so i'd rather have it running as natively as possible, since the damn suite is unstable anyway, even running in a native environment
<pmatulis> ndroftheline: nothing much more i can help with then.  connect to the windows server via some kind of remote desktop session
<ndroftheline> yep that's the plan. but do you think it'd be better to run the windows server directly and also use windows as the fileserver or run windows inside linux and use linux as the file server?
<pmatulis> ndroftheline: i already answered that question
<pmatulis> 23:55 <  pmatulis> ndroftheline: it depends on the workload.  if the windows server is consuming the vast majority of the hardware resources then it would be best to just run windows
<pmatulis>                    natively
<pmatulis> and, yes, it is midnight here
<pmatulis> ndroftheline: so you would need to test stuff out to actually answer the question
<ravenel> guys, just wanted to let you know that it looks like my issues with my raid array are solved--thanks fluvvell, qman___, and pmatulis
<ravenel> forcing the BIOS to boot worked, its now rebuilding!
<ravenel> off to bed!
<uvirtbot`> New bug: #934763 in mysql-5.1 (universe) "package mysql-client-5.1 5.1.54-1ubuntu4 failed to install/upgrade: trying to overwrite '/usr/bin/mysqlaccess', which is also in package mysql-client 5.5.20-2" [Undecided,New] https://launchpad.net/bugs/934763
<ZorroT> is there an FAQ entry for "how to get language X to function with apache2 cgi handler" ?
<ZorroT> any apache2 ppl awake?
<datalay> about orchestra: cobler check can you help please, http://www.pastebin.com/w5iwAmPV
<datalay> how can i solve it
<RoyK> hi all. how can I reset a VM's config to allow duplicating it? thinking about UUIDs, mac address, ssh keys etc
<datalay> http://ubuntuforums.org/showthread.php?t=1927459 <-- this is my quesion
<datalay> http://ubuntuforums.org/showthread.php?t=1927459 <-- this is my quesion
<RoyK> guess what I asked about is http://libguestfs.org/virt-sysprep.1.html
<RoyK> datalay: you just said so...
<datalay> RoyK, i installed ubuntu orchestra with dns&dhcp support
<datalay> but i couldn't pass some of settings: when i typed: cobbler check .. u can see details in the post
<datalay> problem: One or more repos need to be processed by cobbler reposync for the first time before kickstarting against them:
<datalay> i dont know how should i process them
<RoyK>  
<uvirtbot`> New bug: #935004 in mysql-5.1 (universe) "mysql-5.1 version 5.1.58-1ubuntu4 FTBFS on i386 in precise" [High,New] https://launchpad.net/bugs/935004
<uvirtbot`> New bug: #935071 in drools (universe) "drools version 4.0.7-0ubuntu1 FTBFS on i386 in precise" [High,New] https://launchpad.net/bugs/935071
<uvirtbot`> New bug: #935190 in rabbitmq-server (main) "package rabbitmq-server 2.3.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/935190
<Tixos> hey, a few days back someone helped me with apache on ubuntu, being that response times were VERY slow. He fixed the issue for me by telling me to set KeepAlive to 1, which eradicated the issue. Now its back with vengeance ! Can anyone help me diagnose?
<Tixos> here is a pastebin output from 'ab -c 10 -n 100 http://serverip/'  ran from the server
<Tixos> http://pastebin.com/69DS1fCh
<Tixos> usually not much RAM is used, but currently  >    4037420    3851604     185816           total/used/free
<Tixos> also mysqld using upto 20% CPU, which is higher than normal
<uvirtbot`> New bug: #935442 in sheepdog (universe) "sheepdog version 0.2.3-0ubuntu1 FTBFS on i386 in precise" [High,New] https://launchpad.net/bugs/935442
<Tixos> brb
<uvirtbot`> New bug: #935490 in wss4j (universe) "wss4j version 1.5.8+svntag-1 FTBFS on i386 in precise" [High,New] https://launchpad.net/bugs/935490
<uvirtbot`> New bug: #935516 in genshi (main) "genshi version 0.6-2 FTBFS on i386 in precise" [High,New] https://launchpad.net/bugs/935516
<RoyK> hi all. anyone that knows a good test site for webserver performance testing?
<jamesd> RoyK, join #ubuntu, #linux and a few others larger channels... post a link to your site and later ask the people who looked at your site how the performance was... you will get far better feedback than you would from a single site testing your site...  one host is easy.. 500 visiters from around the world is much more real world
<RoyK> jamesd: wrong way around... I'm looking for a test load, as in a set of content to put on a server, to benchmark a few things locally - I guess I could you wordpress or something for the php test, but then, it won't be optimal because of all the possible performance issues with wp
<jamesd> RoyK, you could use wget to mirror a site, not sure how good it is at fixing all the links.
<RoyK> probably a bad idea :P
<yakster> can ne one give me an idea for a simple OS that is as light weight as possible, the only needed feature is wireless (intel wifi) and a full page web browserâ¦
<yakster> like run google chrome in a standlone system, with no window manager
<qman___> sounds like you're looking for a chromebook
<qman___> but you don't need X for a web browser
<yakster> I want it to be a web interface to sickbeard, couch potato, SABnzb, and such for the media center
<qman___> if you're just trying to save some performance, you should try lubuntu
<qman___> building a bare minimum system from scratch is harder than it looks and usually not worth the effort
<qman___> I run lubuntu on my T23s, and they can actually play 720p video at a visually acceptable rate
<qman___> pentium 3s with S3 graphics decelerators, in case you didn't already know
<ch33z> ah finally
<ch33z> Hello I have a few major issues
<ch33z> I am trying to set up VirtualHosts which I do have 2 sites and I have set up the VirtualHosts like it says to on Apache but, it still wont save it because it cant find a directory for it?
<ch33z> any ideas?
<ikonia> ch33z: have you read the https://help.ubuntu.com server section on how to setup apache
<ch33z> indeed sir
<ikonia> ch33z: apache on ubuntu is setup slightly different than generic apache configuration
<ch33z> o.
<ikonia> ch33z: this is documented in https://help.ubuntu.com server section.
<RoyK> debian/ubuntu uses a slightly different config scheme
<ch33z> well, ive read it through and through i am merely trying to set up a simple task just websites
<ch33z> a basic html website
<ikonia> ch33z: what part are you stuck with ?
<ch33z> virtual hosts
<ikonia> what about it ?
<ch33z> ie mulitple domains
<ch33z> how do i set them up?
<ch33z> ;0
<ikonia> it's documented in the site I've just given you I believe
<ch33z> and when I log off it says "not a qualified domain name 127.0.0.1"
<ikonia> ch33z: that is because you have not configured a hostname/ip address for it to listen on
<ch33z> I have 9 static ips and 12 websites
<ikonia> ch33z: again this is documented in the https://help.ubuntu.com guide which you have said you have read
<ch33z> i see..
<ch33z> thanks... for something i guess?
<ikonia> ch33z: have you read that website ?
<ch33z> yup
<ch33z> back to front
<ch33z> front to back
<ikonia> ch33z: ok - so what part of configuratin apache virtual hosts are you stuck with
<ikonia> ch33z: as that site walks you through it, I'm reading the pages now
<ikonia> so I'm stuck at how you could have read this site back to front yet missed the core apache config details
<ch33z> how exactly do i save  the virtual hosts?
<ikonia> ch33z: what do you mean "save"
<ch33z> o
<ch33z> well when doing sudo nano the directory
<ikonia> in what directory ?
<ikonia> what are you actually doing ?
<ch33z> it wont save it in the directory even though i am in it
<ch33z> apache conf
<RoyK> ikonia: probably reading porn :p
<ikonia> ch33z: tell me exactly what file you are editing
<ikonia> ch33z: and in what location
<ch33z> "no such directory" even though i am writing in it and saving it
<ch33z> kk
<ikonia> ch33z: exactly what file/path are you editing eg: /usr/local/test.txt
<ch33z> usr/local/apache2/conf
<ikonia> ch33z: ok - so that file is not a valid ubuntu configuaration file
<RoyK> ch33z: you didn't read the ubuntu docs....
<ikonia> and now I know you have not read https://help.ubuntu.com and you are wasting my time
<ch33z> o
<ch33z> hld on
<ikonia> ch33z: I refuse to progress help with people who lie to me, so good luck
<ch33z> sorry for that master.
<ch33z> *bows*
<RoyK> ch33z: stop that - we're trying to help here, but you haven't done as you say
<ch33z> I shall return then possibly my good sir
<RoyK> ch33z: and lies don't lead to anything good in particular
<RoyK> shuddup
<pangolin> ch33z: when asking for help it is unnecessary and unhelpful if you pretend to understand more than you do.
<ikonia> RoyK: that's uncalled for, please don't tell people to shut up
<ch33z> thanks, I will read more up on it then
<pangolin> there is nothing wrong with admitting that you are lost and don't know what to do
 * RoyK wonder what it takes for that to be 'called for', then
<pangolin> RoyK: in the Ubuntu community, nothing.
<ch33z> well, I have read this stuff and still dont get it.
<ikonia> RoyK: there is no situation where it is acceptable to tell a user to shutup,
<ch33z> ill read more though
<ch33z> so ikonia I tried sudo nano apache2.conf
<ch33z> do edit the virtual hosts there?
<qman___> no
<ikonia> ch33z: I'm not interested in progressing this further as I said, as I don't help people who lie/waste my time
<ch33z> i see..
<qman___> the virtual hosts are stored in their own configuration files in /etc/apache2/sites-available, as explained in the server guide
<qman___> which walks you through, step by step, setting this up
<ch33z> o
<ch33z> thanks
<qman___> please read it
<ikonia> this is all documented in https://help.ubuntu.com site
<ch33z> ah i think i found it...
<ch33z> sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mynewsite
<Tixos> hi qman___, was you here the other day when i was resolving a poor apache performace?
<Tixos> it fixed for a day or so, but not request times are crazy slow again
<Tixos> low RAM will cause apache to run slow?
<Tixos> 500mb free is low?
<Tixos> i need to find out if apache is using all that ram first
<qman___> no, that's plenty
<qman___> well, it depends on your load
<qman___> but, for example, I run a very low load apache server on a machine with only 256MB total, along with several other applications, without issue
<Tixos> hmm
<Tixos> im out of ideas
<Tixos> only thing that has changed was there was more RAM, it went down to 150mb before i restarted apache
<Tixos> where can i begin to debug this?
<qman___> I'd start where you started before
<Tixos> Benchmarking localhost (be patient)...apr_socket_recv: Connection reset by peer (104)
<Tixos> lol
<qman___> test to find out whether it's a problem with your server or not, by checking from a local net
<Tixos> like ?
<Tixos> i am running 'ab' and 'httperf' locally
<qman___> and the problem persists?
<Tixos> yes  >    Request rate: 0.1 req/s (13939.8 ms/req)
<Tixos> if it was you who helped me before, it went down to 230ms/req
<qman___> well, there has to be some setting that is different from default causing the problem, so step two is to compare your configs with bone stock configs and find what's different
<Tixos> no, it was 100% stock, before i changed keepalive to 1, and upped maxclients to 256
<Tixos> but i have put prefork back to stock now to test that, but its the same
<qman___> well, if it's not configs, it has to be environmental
<qman___> firewall settings, filters, something up with the hardware, conflicting software package
<qman___> running anything like that?
<Tixos> how can i check what exactly is using all my RAM? and no nothing like that, it was literally upped 5 days ago, and i installed nothing as such
<qman___> top
<Tixos> i did this   >   ps aux| awk '/apach[e]/{total+=$4}END{print total}'     and it outputs 30
<qman___> I forget what the key sequence is but RTM to find the sort by mem usage
<Tixos> i read top and free manuals
<Tixos> but there are many apache processes
<Tixos> with top and htop you can just click the %MEM and it sorts, but there are many processes
<qman___> that's both normal and configurable
<Tixos> i need a total
<Tixos> could mysql effect apache page load times? nothing else i can think of :(
<qman___> if you're loading data from a database, yes
<qman___> static html pages, no
<Tixos> hmm, mysqld is using 14-20% CPU
<Tixos> and maybe the RAM too
<qman___> that's definitely not normal
<qman___> you'd have to be making thousands of queries per second to get that high on average hardware
<Tixos> i probably am
<Tixos> i get alot of hits
<qman___> define "alot"
<Tixos> million/day
<qman___> then mysql is not really up to your task
<qman___> test with a static HTML page
<qman___> if the problem goes away, you have your answer
<Tixos> it doesnt
<Tixos> good point
<Tixos> it doesnt, the default apache page still has bad request time
<Tixos> about 5-8 seconds atm
<Tixos> compared to a few milliseconds a few days vback
<Tixos> question, i used this script  >  http://www.pixelbeat.org/scripts/ps_mem.py
<qman___> could be a compound problem
<qman___> how's your disk activity
<Tixos> it is saying total MEM usage is only 400mb
<Tixos> but free -m says 3GB is being used
<qman___> +/- buffers/cache
<qman___> that's the real application usage
<qman___> the top number is total, and should be nearly full all the time if your system is performing optimally
<Tixos> vmstat
<Tixos>  1  0      0 457152 138800 2383584    0    0     0    11    2    6  1  0 98  0
<qman___> that's saying 2.3GB is in cache
<qman___> which is normal
<qman___> buffers and cache should be using 'the rest' of your memory after applications
<Tixos> so if MEM is getting as low as 150mb, thats not an issue? so im looking in the wrong place here?
<qman___> run free -m
<qman___> ignore the first line
<qman___> the second line is what your applications are doing
<Tixos> used 1GB
<Tixos> free 2.9
<qman___> yeah, memory's not an issue there
<Tixos> hmmmmm
<qman___> check your % iowait with top
<qman___> if it's consistently high your disk subsystem is not fast enough
<Tixos> wat is that value called?
<qman___> it's at the top, %wa
<Tixos> hmm i dont see that
<qman___> third line
<Tixos> PR/NI/VIRT/RES/SHR/S/%CPU/%MEM
<qman___> above that
<qman___> Cpu(s):  6.4%us,  0.8%sy,  0.0%ni, 92.7%id,  0.1%wa,  0.0%hi,  0.0%si,  0.0%st
<Tixos> hehe sorry man
<Tixos> Cpu(s):  1.9%us,  0.3%sy,  0.0%ni, 97.8%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
<qman___> yeah, no problems there
<Tixos> so its apache config thats the issue here?
<Tixos> so i can safely put max clients to 256 etc again?
<Tixos> although if its not helping...
<qman___> either apache or something it's interacting with
<Tixos>  1286 mysql     20   0  382m  44m 7120 S   20  1.1 392:48.30 mysqld
<Tixos> 20% cpu, issue?
<Tixos> i looked at my.cnf, but didnt see anything i could really change
<qman___> what kind of CPU are you running
<qman___> for example, if you've got lots of cores at a low speed, that would be a normal measurement
<qman___> because it's 20% of one core
<Tixos> ah, yes i think it is, quad core
<Tixos> xenon, sec
<qman___> same thing if you've got power saving enabled
<Tixos> 8 cores with threading? htop says
<qman___> try setting it to full speed if it isn't already
<Tixos> yes that 20% isnt on 1 core
<qman___> cat /proc/cpuinfo to verify
<Tixos> thanks
<Tixos> Intel(R) Xeon(R) CPU E31270 @ 3.40GHz
<qman___> cpu MHz		: 2100.000
<Tixos> cpu MHz		: 1600.000
<qman___> if they're running at 800 or something that would throw all these numbers out the window
<qman___> so about half speed, it's using 20% of one from eight threads
<qman___> that's more normal
<Tixos> argh?
<Tixos> cpu MHz		: 1600.000
<Tixos> CPU is set at about half
<Tixos> sorry wrong window
<qman___> so, it's using 20% of one eighth of your CPU's power, while it's at half speed
<qman___> which is really not that much
<Tixos> na, htop splits the cores
<Tixos> shows about 2% on each
<Tixos> most of the time 1%
<qman___> it juggles the load around
<qman___> but the thread percentages are based on one core
<Tixos> hmm, what else is there left to check?
<qman___> in any case, from those numbers, doesn't look like a hardware issue
<qman___> unless it's a bizarre thing with the NIC
<Tixos> i am with softlayer, they are pretty decent
<Tixos> but i had same issue with ubuntu installed on another host
<Tixos> not with centos, so i think still that its configs?
<qman___> could be a kernel tuning thing too
<Tixos> can i paste you my apache.conf?
<Tixos> maybe its something obvious
<qman___> is this on real hardware, or cloud/vps
<Tixos> dedicated
<qman___> ok
<Tixos> its $200/m
<Tixos> so half decent
<qman___> yeah, just wanted to make sure
<qman___> cloud/VPS systems can introduce all kinds of bizarre performance issues
<Tixos> how can i select all from nano? :P
<Tixos> ah ill just stick it in public_html lol
<Tixos> maybe i need even more than the 256 max clients i said, i cant see how though?
<Tixos> i put back to 150 and im sure its even slower, we are talking 12seconds page load
<Tixos> just to load the .conf file
<Tixos> http://pastebin.com/Wt44p5EK
<qman___> well, a million requests a day, evenly spread, is 11/sec
<Tixos> it was pretty much getting the same hits while DNS was changing over though, and it was fine 2 days ago
<Tixos> lighting fast
<qman___> since they're probably not evenly spread, and since each hit is probably several requests
<qman___> you're un the hundreds per day
<qman___> err
<qman___> second
<Tixos> i pastebinned my conf
<qman___> oh, a DNS change?
<Tixos> maybe its keepalive settings still
<qman___> is your apache logging DNS names?
<Tixos> hostnamelookups = off
<Tixos> if thats what you mean
<qman___> ok
<Tixos> and the conf is just default apart from keepalive which i changed, as you can see
<qman___> why's your keepalivetimeout 1
<Tixos> someone here told me to set it to that
<Tixos> when i did, it fixed the issue
<qman___> did you try disabling keepalive altogether?
<Tixos> i think right at the beginning, but it didnt have effect, should i try it ?
<qman___> yeah
<Tixos> my centos httpd.conf was set to off
<Tixos> and that seemed ok
<qman___> it's enabled by default but if that setting affected it
<qman___> that's what to try
<Tixos> what are drawbacks of turning off?
<Tixos> let me switch off sec
<qman___> forces clients to make more connections
<qman___> the idea behind it is the client makes one connection, and it stays active for 15 seconds while it makes all the requests it needs
<Tixos> erm
<Tixos> locally
<Tixos> Request rate: 5489.9 req/s (0.2 ms/req)
<Tixos> :S
<Tixos> outside  >  Request rate: 0.3 req/s (3680.3 ms/req)
<Tixos> ah, because i just restarted
<Tixos> locally >  Request rate: 0.2 req/s (4288.0 ms/req)
<Tixos> so, once everyone has made connections again, it slows right down?
<qman___> high, but better
<Patrickdk> oh, having issues again?
<Tixos> i think in 10minutes it will be back above 20k
<Tixos> yea :(
<Tixos> what about my prefork settings?
<Tixos> they are default ubuntu
<Patrickdk> are you using php?
<Tixos> i am, but i am testing against a static HTML page
<Tixos> just a page with 'test' written on it
<Tixos> its a virtualhost, if that matters?
<Patrickdk> na
<Patrickdk> one thing that can make apache work a lot nicer
<Patrickdk> is to change php over to fastcgi, and change apache over to mpm-worker
<Patrickdk> but that isn't a *simple* thing to do
<Tixos> i read it, but not sure if that was the issue, and yes it looked compicated
<Patrickdk> well, it will fix some of your issue
<Patrickdk> static pages wouldn't be slow anymore
<Patrickdk> cause php pages won't get in the way
<Patrickdk> since they will be offloaded to php
<Patrickdk> instead of using the php build into apache (mod_php)
<Tixos> i pastbinned my apache.conf Patrickdk, and qman has ruled out alot of things already if you want to scrollback a little
<Patrickdk> but I thought we tuned it up some
<Tixos> yea, its back with vengance
<qman___> yeah, it could be that all your processes are busy handling php requests and thus can't return static pages quickly enough
<Tixos> so tune PHP?
<Patrickdk> that is what it was the other day atleast
<Patrickdk> well, between that, and keepalive keeping apaches busy being idle
<Tixos> or prefork?
<Tixos> keepalive is off now
<Patrickdk> ya, so now it can only be two issues
<Patrickdk> php taking too long
<Patrickdk> or clients downloading webpages too slow
<Patrickdk> increasing prefork stuff would fix that
<Patrickdk> if you have enough memory to handle it
<Tixos> what is max i can set to?
<Tixos> it was on 256
<qman___> if php is the problem, I think turning maxclients way up would make it slightly faster
<qman___> though not exactly the right solution
<Patrickdk> yep
<Tixos> im open for testing :)
<qman___> like a couple thousand
<Patrickdk> quick and simple fix, then handle looking into php more :)
<Tixos> wtf
<Tixos> i read over 256 is dangerous
<Tixos> lol
<Patrickdk> I run over 1000
<Patrickdk> but it depends on your memory
<Tixos> should i try and monitor ram?
<Tixos> its 4gb ddr3
<Patrickdk> take each one will use 20-30megs (cause of php)
<qman___> you've got over 2GB available
<qman___> so
<Patrickdk> as long as you don't swap, you can increase :)
<qman___> well, what's your memory at with 256?
<Tixos> i cant remember
<Tixos> let me switch over
<Tixos> what else do i need to up apart frmo maxclients?
<qman___> just the clients
<Tixos> before i put childerequests to 4000, i just copied my centos config
<Tixos> and startservers to 8 etc
<qman___> the reasoning is, each client handles a php request, then waits o nit
<qman___> so more clients means more simultaneous php requests
<qman___> if php is the problem this will improve performance
<Tixos> ok lets see
<Tixos> MaxRequestsPerChild   0
<Tixos> leave this?
<Patrickdk> that means never kill/restart one
<Patrickdk> that is better, IF you have no memleaks
<Tixos> right, so i want to monitor ram?
<Tixos> -/+ buffers/cache:       1022       2920
<Tixos> so i should see used grow to say 2GB?
<qman___> ok, and from your numbers before, around 500MB of that is apache
<qman___> so four times the number you're using should be save
<qman___> 1024
<Tixos> let me try that script again
<Tixos> 330.0 MiB +  30.4 MiB = 360.4 MiB	apache2 (165)
<Tixos> 165 processes?
<qman___> ok
<Tixos> lets give it 5
<qman___> 165 is using 360, 1000 should be safe
<Tixos> 419.2 MiB +  36.2 MiB = 455.4 MiB	apache2 (208)
<qman___> remaining consistent
<Tixos> upto 217 now, so it doesnt need the 256?
<Tixos> or it will grow and grow?
<qman___> it grows as needed, based on the other settings
<Tixos> i see
<qman___> the fact that it is growing means you're placing a load on it that needs more clients
<Tixos> thanks guys, learning is the best part :)
<qman___> which is also consistent with the theory
<Tixos> ok, upto 240 now,
<Tixos> 532.6 MiB +  43.7 MiB = 576.3 MiB	apache2 (256)
 * michael_tn waves to all
<michael_tn> anyone around to talk about ochestra/juju?
<Tixos> Patrickdk: / qman___ i must also increase ServerLimit ? which isnt even there on default ubuntu config
<qman___> from what I'm reading, yes
<Tixos> ok, i will try 1024 and see :S
<Tixos> lol
<Tixos> Patrickdk: what did you say you was using? and how much ram ?
<Tixos> maybe i need to look into worker MPM, but thats for another day i think
<Tixos> think it requires reinstall of apache
<Patrickdk> not a reinstall, but pkg change
<Patrickdk> and you can't use mod_php with worker
<michael_tn> nod, package/config change should set that
<Tixos> ok, if i set to 1024
<Tixos> should i learn StartServers etc?
<Tixos> or increase those
<Patrickdk> just do startservers at like 100 or so
<Tixos> really? lol
<Patrickdk> that is just how many it makes, when you START apache, like on server reboot
<qman___> yeah, it clearly needs them
<Tixos> i feel something is going to pop :P
<qman___> should make it run faster off the bat
<Patrickdk> if your running 300, a 100 to start is more than low :)
<Tixos> okies :)
<Tixos> boom!
<Tixos>     MinSpareServers       5    +    MaxSpareServers      10
<Patrickdk> I'm running worker, with 8 forks, and 150 threads each
<Patrickdk> probably want to widen that window some
<Patrickdk> minspare, 50, maxspare 100?
<Patrickdk> if you really need hundreds of them
<Tixos> i duno
<Tixos> :O
<Tixos> lol
<Tixos> lets try 25/50 ?
<Patrickdk> ok
<Patrickdk> that means there will always be 25extra ones ready to use
<Patrickdk> and no more than 50 extra ones
<Tixos> so you think higher if i have such a high maxclients?
<Patrickdk> it depends on your client usage
<Tixos> maybe they will use all 1024?
<Patrickdk> if they all spike at once, or if it's more even
<Tixos> o right
<Tixos> lets go 25/50 and see
<Tixos> and leave this, even though centos has 4000 set here      >    MaxRequestsPerChild   0
<Tixos> ok ill update you in an hour or so, should it really fill the 1024?
<Patrickdk> if you have other issues, sure :)
<Patrickdk> and if it's that bad
<Tixos> so it should never hit the 1024?
<Tixos> that would be 4000 hits per second? @ 250ms per request? maybe im totally wrong :P
<Tixos> Patrickdk: looking ok so far,  757.0 MiB +  58.9 MiB = 815.9 MiB	apache2 (359)
<yakster> can someone give me a hint how to mount a USB HDD connected to Airport Extreme base station?
<RoyK> [offtopic] what are the ubuntu irc guidelines for handling people that behave like either drunks or young teens, threatening with different unpleasent scenarias?
<RoyK> off the channel, after a small discussion _in_ the channel
<SpamapS> RoyK: That would be a violation of the Ubuntu CoC, and usually is dealt with by first asking them to stop, and then asking them to leave by way of the community council. If they haven't signed the CoC.. I'd think a kick/ban is appropriate.. but I don't know official policy. :)
<Cerin> hi, I just installed 11.10 on a barebones Asus RS100-E7 with integrated Aspeed graphics, and I can't get Xorg to start. All I get is the error "screens found, but none have a usable configuration. fatal server error: no screens found"
<Cerin> I've been Googling, but I can't find any resolutions. Does anyone know where I should look for a fix?
<SpamapS> Cerin: wrong channel? Xorg and servers aren't really something that should be used together. :)
<Cerin> SpamapS: I don't disagree. I only want to confirm it works, so that it's an option.
<SpamapS> Cerin: perhaps #ubuntu or #ubuntu-desktop would have better answers.
<Cerin> #ubuntu didn't have any suggestions
<SpamapS> Cerin: really, servers should never have X on them. :)
<Cerin> since it's an xorg specific issue, I thought I'd ask here
<SpamapS> Cerin: right, #ubunt-desktop has X experts usually
<Cerin> that's not really helpful :)
<Cerin> thanks
<SpamapS> Cerin: I'm trying to help you, by telling you, X will make your server less stable, and so, should not be installed.
<Cerin> SpamapS: yeah, I know. and that's probably what I'll do. I'm still a little new to a pure command line environment, so I was going to use X as a crutch for a while before I felt more comfortable, but since this issue looks unresolvable, I might just bite the bullet
<SpamapS> Cerin: what exactly will you get in the GUI that you are afraid to lose?
<SpamapS> Cerin: I'm genuinely curious
<GhostFreeman> If you're so concerned about not having a good degree of control w/o a GUI, there are tools like cpanel on Packages you can install to help admin your server
<SpamapS> ugh
<SpamapS> not cpanel.. ;)
<GhostFreeman> there's also Launchpad
<GhostFreeman> really though the Server Guide is concise about teaching you the commands you need and how to use them
#ubuntu-server 2012-02-19
<Cerin> SpamapS: that's a fair question. I'm really not sure. It's mostly little stuff, like when an update is available, I like being able to click through the packages, to read their descriptions and docs. I don't know of an easy way to do that from the command line.
<Spanky> Anybody using Zentyal?  (10.04 Ubuntu is the base...)
<SpamapS> Cerin: apt-cache show packagename
<Cerin> SpamapS: ?
<Cerin> SpamapS: that's a lot to type in for 30+ packages that need to be installed
<Cerin> in this case, pointing and clicking does save a lot of time
<SpamapS> Cerin: for i in p1 p2 p3 p4 ; do apt-cache show $i ; done   ;-)
<Cerin> What's the old cliche? When all you have is a hammer, all the world looks like a nail? :)
<JanC> Cerin: aptitude will let you read descriptions etc. from an ncurses UI
<SpamapS> Cerin: pointing and clicking saves time learning.. but ultimately, the CLI will be more efficient if you take the time to learn it.
<Cerin> SpamapS: I agree.
<JanC> Cerin: also, you can run X applications on your server, but display them on your desktop PC  ;)
<Cerin> JanC: Unfortunately, I can't get Xorg to start on my server. Does that require a local X server, or can the server use the remove X server?
<JanC> Cerin: only the computer on which X apps are displayed need an X server
<Cerin> JanC: Interesting, thanks.
<JanC> that's how a "terminal server" works
<JanC> at least on linux/X
<SpamapS> Cerin:
<SpamapS> oo
<SpamapS> oops
<SpamapS> Cerin: ssh -X yourserver
<SpamapS> Cerin: any X programs on the remove server will display on your local machine
<SpamapS> s/remove/remote/
<JanC> but in any case, try to learn how to do without that
 * SpamapS is having lag problems doh
 * SpamapS goes back to his weekend
<JanC> it's strange; even on Windows I used to use a lot of commandline tools  ;)
<Cerin> SpamapS: cool, thanks
<kklimonda> hmm, any idea how could I create a "private network" for VMs? i.e. network that has no connection to outside (neither NAT nor bridged)
<kklimonda> ah, I can just create a new network
<ChmEarl> kklimonda, is libvirt installed?
<kklimonda> ChmEarl: yes
<kklimonda> I just thought too hard about it
<ChmEarl> kklimonda, use default.xml as a template
<ChmEarl> usr/share/libvirt/networks/
<samba35> if i have to configure trunk on linux ,what change i have to make in eth1 ? VLAN=yes and
<kklimonda> I can actually use virt-manager -- network creation works with libvirt from debian
<kklimonda> (well, libvirt from debian on debian)
<myk_robinson> evening, all
<myk_robinson> Any of you using Ubuntu Server in a business settings? Curious to see what applications people are using it for
<Danny_Joris> Hi, I downloaded the musicbrainz VM and following the instructions here: http://musicbrainz.org/doc/MusicBrainz_Server/Setup
<Danny_Joris> I'm trying to get the IP address of my vm
<Danny_Joris> if I check with ifconfig, this is what I get for eth0 inet6 addr: fe80::a00:27ff:fe88:b42a/64
<Danny_Joris> Not really an address I can use
<kklimonda> Danny_Joris: then you don't have ipv4 address configured for some reason
<Danny_Joris> kklimonda: yeah, i see that eth0 is set to auto and dhcp
<Danny_Joris> network restart didn't help
<axisys> how do I enable ethernet over usb ?
<axisys> # lsmod | grep usb
<axisys> usbnet                 26212  1 cdc_ether
<axisys> usbhid                 47198  0
<axisys> hid                    95463  1 usbhid
<axisys> [403358.980300] usb 2-5: new high speed USB device number 17 using ehci_hcd
<axisys> [406343.382470] Loading kernel module for a network device with CAP_SYS_MODULE (deprecated).  Use CAP_NET_ADMIN and alias netdev-usbnet instead
<axisys> [406915.986903] usbcore: registered new interface driver cdc_ether
<axisys> still not showing in ifconfig -a
<uvirtbot`> New bug: #934704 in php5 (main) "php5 apache cannot use $_post read data" [Undecided,New] https://launchpad.net/bugs/934704
<pehden> net.org
<Cerin> I just installed Ubuntu Server 11.10, and I'm noticing boot up is taking forever, and was stuck for 10 minutes at "Stopping read required files in advance". Now it seems stuck at "Stopping anachronistic cron". Does anyone know why these would be taking so long?
<TheInfinity> hi ... one question. ubuntu server, apache + fastcgi + php + suexec. i want apache to create files with chmod 660 / 770. how to do this?
<RoyK> anyone tha knows if php fpm is available somehow for lucid?
<RoyK> TheInfinity: create modes can be set in the php call
<RoyK> TheInfinity: btw, mod_php might be easier/better than fastcgi with apache
<TheInfinity> RoyK: i prefer suexec security. :) ... fastcgi setup works excellent and really fast (just switched it, was a nice performance boost here) - but i like to have a rights management so then even with suexec not everything is writable for apache
<TheInfinity> RoyK: and i dont want to patch every software a client installs. so i need something which is set server-wide
<uvirtbot`> New bug: #936216 in apache2 (main) "Apache doesn't start if /var/log/apache2 is missing" [Undecided,New] https://launchpad.net/bugs/936216
<uvirtbot`> New bug: #936266 in postfix (main) "tls_append_default_CA and *_tls_CApath don't work" [Undecided,New] https://launchpad.net/bugs/936266
<sbarakos> hello there, my ubuntu server was recently hacked and aparently the guy that hacked it blocked all of the ports using iptables prolly, and now i cant access my HD using putty ssh connection, says connection refused on the port that i was previously using to access my server, could anyone help me with that?
<qman___> if it's not accepting connections, you need to get local access and fix it
<qman___> you can check if it has any ports open with nmap
<qman___> but honestly, with an attack of that scale, backup and format
<ikonia> sbarakos: you need to get someone local to access the machine
<ikonia> sbarakos: take it off the network, re-install the OS, move any data you feel you need, but check for compromises in the data you move
<ikonia> sbarakos: change all passwords and any private keys you have on your machine if you feel they are compromised
<sbarakos> well my machine is hosted by a company, so i guess their techs should do it, well in my CP i can use :rescue-mode to boot from, and when i boot it there i am able to login through ssh
<ikonia> sbarakos: you can't login in rescue mode
<ikonia> sbarakos: it won't boot onto the network
<ikonia> sbarakos: I'd advise you not to boot it onto the network if it's been compromised
<sbarakos> ok
<ikonia> sbarakos: the people who broke into it, could have all kinds of nasty stuff just waiting for it to be re-connected to the network
<sbarakos> no thats the thing, i loged through my vnc viewer before, and they still had the vnc viewer connection and same pass and my server connected to the network, with an open txt saying Itslovelol remember us
<sbarakos> we like tamper around
<ikonia> I would not trust it at all
<sbarakos> but then when i closed my vnc i didnt even thought that they would close my ports, and went for a hard reboot, and as u know the vnc viewer needs to be started again once rebooted
<ikonia> sbarakos: I wouldn't trust it at all, it's up to you what you do
<sbarakos> well since i cant even connect through ssh, it means that ill have to reinstall my OS
<sbarakos> thing is that i have some data in there which i propably need
<sbarakos> like my databases
<ikonia> deal with it when you visit the site
<qman___> backup your data and reprovision the server
<qman___> also, running VNC with standard password security is a Very Bad Idea (tm)
<qman___> it's transmitted in cleartext, limited to 8 characters, and is easy to crack
<ikonia> hence the server being compromised
<qman___> if you need VNC, you should secure it by not allowing direct connections from the internet, and using SSH tunneling or openVPN to get to it
<ikonia> firewall it to specific ip ranges
<sbarakos> yes that would be the best idea
<sbarakos> well its my first server and i am still in the learning process
<sbarakos> i guess everyone made mistakes and started off somewhere
<sbarakos> qman___: how can i backup my data and reprovision the server? without having access to it through ssh?
<qman___> you may need your provider to do it for you
<qman___> you haven't said what kind of hosting you have
<qman___> colo? dedicated? vps?
<qman___> managed or unmanaged?
<sbarakos> kimsufi
<sbarakos> from ovh
<sbarakos> i think its unmanaged dedicated
<qman___> ok, looks like you need to use their rescue system
<qman___> I don't know exactly how theirs works, but usually it's just a web interface into local access, sort of like an IP KVM
<sbarakos> ye they have a kvm
<sbarakos> i can actually netboot as rescue-pro or vkvm
<qman___> if possible you don't want to boot your compromised operating system
<qman___> just get access to the data so you can back it up
<sbarakos> ye but how can i get access to the data, since i logged through ssh for example in rescue-pro boot but it seems like its totally different interface
<qman___> probably mount your / to /mnt
<qman___> like mount /dev/sda1 /mnt
<yakster> can ne one help with a command for the following : recursively mv files containing extension avi, to a new directory?
<yakster> base directory is /downloads/complete/TV to new directory /downloads/complete/24
<michael_tn> good day all :-)
<michael_tn> any orchestra/juju folks around?
<qman___> !anyone | michael_tn
<ubottu> michael_tn: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<michael_tn> fair enough
<qman___> I personally don't know anything about that subject, but you'll get a lot better response stating your actual problem or question
<michael_tn> i'm working thru the orchestra/juju openstack guide (second time through it) and my build gets stuck when i begin to provision openstack services into the cluster.
<___MAX> Hi, i try to ssh my ubuntu 1010 server but the connection is refused on port22, i remove apparmor but no luck
<uvirtbot`> Launchpad bug 1010 in drivel "out-of-date" [Medium,Fix released] https://launchpad.net/bugs/1010
<___MAX> 	http://i41.tinypic.com/2ptxz5g.png
<ikonia> ___MAX: you are either firewalled or sshd is not running on the server
<ikonia> ___MAX: please don't cross-post your questions in #ubuntu and here
<___MAX> hi, ikonia always control , thanks i try the sshd
<michael_tn> my juju clients pxeboot, install then fail to build/reboot correctly
<sbarakos> qman___: i used the mount /dev/sd1 /mnt and did the same for sd2
<qman___> sbarakos, cat /proc/partitions or fdisk -l to see if it's there
<qman___> also, sd1 and sd2 are not valid devices
<qman___> but I'm guessing that's just at typo
<sbarakos> sda
<sbarakos> yes my fault sorry
<sbarakos>  8        0 1953514584 sda
<sbarakos>    8        1   10485760 sda1
<sbarakos>    8        2 1942498304 sda2
<sbarakos>    8        3     525920 sda3
<qman___> looks like sda2 is the one with your data
<sbarakos> how can i backup em?
<sbarakos> i got an ftp for backup
<qman___> have to mount it and access the data
<qman___> are you at a root prompt? #
<sbarakos> yes
<sbarakos> i am logged through ssh in rescue as root
<qman___> ok, type 'mount'
<qman___> if neither of those two is already mounted somewhere, mount /dev/sda2 /mnt, then all your files should be in /mnt
<sbarakos> qman___:
<sbarakos> copy  /dev/sda1 on /mnt type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered)
<sbarakos> copy  /dev/sda2 on /mnt type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered)
<qman___> ah, umount /dev/sda1
<qman___> both mounted at the same spot can lead to problems
<sbarakos> done
<qman___> now run 'mount' to verify
<qman___> and if only sda2 is mounted there, cd to /mnt and your root filesystem should be there
<sbarakos> i can see only sda1
<sbarakos> copy /dev/sda1 on /mnt type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered)
<qman___> ok, go ahead and umount both of them
<qman___> just umount /mnt a couple times
<qman___> then retry mount /dev/sda2 /mnt
<qman___> I'm guessing that's where your data is because it's the largest by far
<qman___> but your data could be on sda1
<sbarakos> ye it depends :s
<sbarakos> cant i mount both of them?
<qman___> yes, but you need to mount in different locations
<qman___> you could create /mnt/sda1 and /mnt/sda2, and mount to those locations respectively
<sbarakos> hmm mount point doesnt exist
<qman___> you have to mkdir them
<sbarakos> ok i did
<sbarakos> in cd
<sbarakos> i mean under ~
<sbarakos> its not important on where ill create em right?
<qman___> they can be anywhere, but that's what you have to specify as the mount point
<sbarakos> copy /dev/sda1 on /mnt/sda1 type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered)
<sbarakos> copy /dev/sda2 on /mnt/sda2 type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered)
<sbarakos> is that right?
<qman___> that's fine
<sbarakos> now how should i proceed?
<qman___> cd in there and find your files
<qman___> if they're there, back them up with your preferred method
<qman___> probably tar them up and ftp
<sbarakos> whats the command to tar them and then upload em to the ftp?
<qman___> well, 'ftp' is the ftp command
<sbarakos> but also dont forget i am in rescue so, would i be able to upload em?
<qman___> find out if you're online
<qman___> try to ping google or something
<sbarakos> it does
<sbarakos> command for tar is tar name.tar.bz2 folder ?
<qman___> you should read the tar manual to find out exactly what you want, but a simple gzip compressed tarball would go like this: tar czf /mnt/sda2/backup.tar.gz /mnt/sda2/path/to/my/files
<g0tcha> hey guys, ive been running ubuntu server as a virtual machine for a while, now i want to add a secondary network card. i added it in vmware so it has 2 network cards, but how can i enable the new added card on ubuntu server?
<guntbert> g0tcha: check with ifconfig or        ip link   if it is recognized by the kernel, then edit your /etc/network/interfaces appropriately
<sbarakos> what is the best command to transfer files from my computer to my server through ssh?
<sbarakos> wget?
<Patrickdk> heh?
<Patrickdk> wget?
<Patrickdk> normally scp or rsync
<Patrickdk> scp would be copy though ssh :)
<Patrickdk> rsync is nice nice :)
<Patrickdk> just nice :)
<sbarakos> so if i want to transfer from my c folder the rar named whatever.rar
<sbarakos> id do scp c:/whatever.rar
<sbarakos> in the terminal?
<hallyn> stgraber: my uptodate precise laptop keeps losing dns.  Though network is fine.  resolv.conf is unchanged.  i have to disconnect/reconnect wireless from n-m applet, then it's back
<Patrickdk> dunno, this isn't windows :)
<Patrickdk> there is no c folder/drive/...
<guntbert> sbarakos: scp source destination   - are you on windows?
<sbarakos> yes
<sbarakos> but my server aint
<Patrickdk> you probably should just use filezilla
<Patrickdk> it supports scp
<stgraber> hallyn: hmm, is dnsmasq crashing or just not answering?
<sbarakos> i am trying to do ftp ftp://myip:21
<sbarakos> it says unknown host..
<sbarakos> while if i run it from any other machine in a web browser
<sbarakos> it will popup asking username and pwd
<sbarakos> so noone?
<guntbert> sbarakos: Patrickdk told you already
<sbarakos> well i tried the scp
<sbarakos> and it doesnt work
<Patrickdk> it does, on unix
<Patrickdk> you didn't specify windows
<sbarakos> i am also trying to connect to my ftp but it says unknown host
<sbarakos> cant i just connect to my ftp?
<guntbert> sbarakos: use filezilla
<sbarakos> i have filezilla server
<sbarakos> but i cant connect to it through the putty terminal
<guntbert> sbarakos: you use filezilla as a client on your windows machine :)
<wonderman> hey, to use 'rotatelogs' in apache, i should use whatever location rotatelogs is in? ubuntu this is /sbin/rotatelogs?
<wonderman> /usr/sbin/rotatelogs
<wonderman> reading apache docs, they gives 3-4 different locations around different manuals
<wonderman> also, cronjobs, i am running this    >     0=* */16 * * * curl --silent "http://domain.com/file.php"
<wonderman> but its not working, must i run this as root cronjob?
<uvirtbot`> New bug: #936503 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/936503
<Cerin> How do you set Grub to automatically use the Xen kernel in Ubuntu? I tried setting GRUB_DEFAULT=saved, running update-grub, and then selecting the Xen kernel manually, but rebooting causes Grub to select the last non-Xen kernel.
<lifeless> wonderman: hi; not sure on the rotatelogs (ubuntu should rotate automatically), but for cronjobs that won't care about being root or not
<wonderman> hmm, lifeless they are not running though, i waited 2 days and nothing..
<lifeless> how do you know it is not running ?
<wonderman> because the php file is not executing
<MatBoy> guys what is a good alternative, opensource and free, with gui for puppet ?
<wonderman> i just did 'crontab -e'  lifeless, and added that line
<wonderman> nothing else i should do? i also restarted the cron server after it didnt work the first day
<MatBoy> mhh there are really no good clutser configfile management tools
<michael_tn> MatBoy: i'm experimenting with orchestra/juju at the momet
<michael_tn> but struggling :)
<michael_tn> would like to use them to stand up openstack on this old HPC cluster
<Psi-Jack> okay.
<Psi-Jack> I'm trying to resolve a MAJOR bug in Ubuntu 11.10's grub setup to where SOMETIMES (not always), the boot up default timeout doesn't appear, so it's sitting at the boot up doing nothing.
<qman___> stuck lshift key?
<qman___> more importantly, reproduceable on different hardware?
<MatBoy> michael_tn: mhh.. i have looked into that a long time ago... how does it work ?
<michael_tn> MatBoy: so far the orchestra build goes fine
<michael_tn> i'm having problems getting juju to deply services succesfully
<MatBoy> michael_tn: I think you can simply build something like it with a bunch of PHP scripts
<Psi-Jack> qman___: They're virtual machines.
<michael_tn> MatBoy: perhaps, but i'd like to see this work, have a few days invested it it and i think i'm close
<wonderman> qman___: thanks for the other day
<MatBoy> michael_tn: on 12 it's mainstream ? I hope this will be free and opensource in the future
<michael_tn> 11.10
<wonderman> great help :)
<michael_tn> its mainstream in oneiric as well
<MatBoy> michael_tn: I have a 11.10 machine :D
<Psi-Jack> qman___: Example, I just upgraded all my debian 6 hypervisor servers which run Proxmox VE 2.0rc1 (now, was beta2), And I run fw1, fw2, lvs1, lvs2 VM's in HA setup accross 4 physical servers. When I finished rebooting each physical server, one by one doing the host OS upgrade, I noticed fw1 and fw2 were stuck on the grub screen without a timeout.
<michael_tn> what i'm following: http://cloud.ubuntu.com/2011/10/ubuntu-cloud-deployment-with-orchestra-and-juju/
<Psi-Jack> All of my VM's run under kvm, which shutdown does a simple acpi signal to the OS to shut down.
<qman___> ah
<qman___> I wouldn't know where to begin with that one
<Psi-Jack> it's ACTING as if there's some setup involved with grub to not do a countdown if there was a failed boot, or a few boots occured in a short amount of time.
<Psi-Jack> Which if that's true, why the hell is it doing so, especially from an ubuntu-server installation? ;)
<Psi-Jack> I can see that being useful-ish, on a desktop platform, but never a server.
<MatBoy> michael_tn: ok, but what about juju ?
<MatBoy> michael_tn: will orchestra not be a landscape paid version ?
<michael_tn> MatBoy: donno, as of now juju is in mainstream as well
 * michael_tn is bootstrapping juju server at the moment
<Psi-Jack> http://ubuntuforums.org/showthread.php?p=11467684  this also shows other people are getting the same issue.
<Psi-Jack> Specifically with this: when I shutdown my server with "sudo shutdown -h now" command, it doesn't autostart on next boot
<MatBoy> michael_tn: what is the difference between orchestra and juju ?
<michael_tn> MatBoy: all a bit difficult for me, not really an ubuntu person, but at least its interesting :-)
<MatBoy> michael_tn: I eat, poe and ... ubuntu ;)
<michael_tn> lol
<Psi-Jack> Where does Ubuntu keep it's shutdown scripts, outside of /etc/init and /etc/init.d?
<michael_tn> orchestra manages the hardware infrastructures (dns/tftp/etc)
<michael_tn> juju provides services (nova, http, etc)
<michael_tn> at least that is how i perceive it
<MatBoy> michael_tn: ok, both webbased ? I mean GUI
<michael_tn> yup
<MatBoy> michael_tn: but you also can use juju seperate ?
<michael_tn> i would think so, if you provision your servers correctly
<michael_tn> https://juju.ubuntu.com/
<MatBoy> michael_tn: yes busy with setting up a new cluster I want to manage such way
<wonderman> Psi-Jack: if i setup a cronjob, say  >  1=0 0 * * * curl --silent --compressed "http://domain.com/file.php". i used 'crontab -e' to add it, then i restarted cron  'sudo /etc/init.d/cron restart'  anything else i need to do? because its not working :(
<MatBoy> most things I dev my own... bt running out of time
<michael_tn> same here
<michael_tn> and i am most familiar with centos based HPC clusters, not ubuntu openstack :-)
<Psi-Jack> wonderman: That forum posting says it's effected by "shutdown -h now" and "shutdown -P now", -h will cause grub to NOT have a timeout, while -P will cause it to have a timeout.
<wonderman> wrong name? :P
<Psi-Jack> Probably. :)
<wonderman> sorry, i directed the question at you, because you are active atm and probably can help
<MatBoy> michael_tn: OK... installing it :)
<Psi-Jack> I'm investigating other issues. :p
<MatBoy> michael_tn: i don't like the redhat way anymore since years
<wonderman> ive waited 2 days, to test this lol, because i cant see another way of finding out if it works
<wonderman> obviously i could make the cron shorter, doh!
<wonderman> dont need to be root to run curl do i?, the command works from shell
<yakster> ne one her know how to un-delete complete folders on a usb drive?
<rbasak> Psi-Jack: that sounds serious but I can't reproduce it. I just tried both "sudo reboot" and "shutdown -h now" five times in succession. grub (2) menu times out and boots each time. Although I am using a -virtual kernel. Do you have steps to reproduce?
<MatBoy> rbasak: use photorec
<MatBoy> yakster: ^^
<yakster> there not photos
<MatBoy> yakster: rtfm
<yakster> rtfm?
 * MatBoy slams his head
<yakster> nm
<MatBoy> yakster: use google!
<yakster> well thanksâ¦.
<yakster> I would have Never thought of thatâ¦.. I was looking for suggestionsâ¦.. but never mindâ¦.
<MatBoy> michael_tn: I think the provisioning might be nice :)
<Psi-Jack> rbasak: I'm trying to find ways to cause it to trigger now, actually.
<MatBoy> yakster: google on photorec
<MatBoy> damn, how difficult can it be
<michael_tn> MatBoy: yes, the orchestra part is nice
<Myrtti> MatBoy: that's not really helpful, if you have nothing else to say than "use google" or rtfm...
<michael_tn> even more so if you hardware can deal with wake-on-lan
<MatBoy> Myrtti: I have gave him photorec... we are not some sort of... take my hand and do it for me channel
<MatBoy> michael_tn: yes... with vmware it is for sure :D
<michael_tn> nod nod
<MatBoy> michael_tn: mhh... nagios ? ouch.... no!
<michael_tn> yes!
<michael_tn> lol
 * MatBoy is slamming his too heavy loaded ESXi box :D
<MatBoy> nagios is not what I have loved in years
<michael_tn> ganglia?
<MatBoy> michael_tn: what is the url or port it runs on ?
<MatBoy> michael_tn: zabbix ;)
<MatBoy> which I didn't like also :D
<MatBoy> it's all too much of "it"
<Psi-Jack> Blah.
<Psi-Jack> I can't seem to manually trigger it.
<MatBoy> ah... cobbler_web
<michael_tn> nod
<michael_tn> cobbler_web
<michael_tn> i'm out of here, later all
<MatBoy> michael_tn: just a sec
<michael_tn> lol
<MatBoy> michael_tn: can you add existing servers ?
<michael_tn> no
<michael_tn> well
<michael_tn> orchestra tftp boots/clean installs everything
<MatBoy> mhh
<michael_tn> nod
<MatBoy> michael_tn: where is juju located ?
<michael_tn> juju is not installed yet
<MatBoy> I have installed it ;)
<michael_tn> https://wiki.ubuntu.com/ServerTeam/OrchestraJuju
<MatBoy> ok
<MatBoy> thanks
<MatBoy> now go to bed... you have to work early in Holland ;)
<michael_tn> laterz
<Psi-Jack> Hmm
<Psi-Jack> I'm gonna install a non-production VM with 11.10, and see if I can somehow reproduce the issue with grub not auto-booting.
<rbasak> Psi-Jack: thanks for investigating. If you find a way to reproduce it, please can you file a bug and let me know the bug number so that I can test?
<Psi-Jack> rbasak: Absolutely.
<rbasak> Thanks!
<Psi-Jack> rbasak: It's a major issue that SHOULD be fixed before 12.04 LTS is out for sure. I installed 11.10 for my firewall and LVS directors because I intended to upgrade to 12.04 when it becomes available.
<||arifaX> I am on Ubuntu server 10.04, I have enabled the partner repository but still not sun-java6-jdk. Any ideas?
<infidel> i need help setting up a Dell PE2650
<LeChacal> infiedl: what part of setting up
<infidel> trying to figure out EMS. DRAC. BMC
<infidel> for remote monitoring
<infidel> do i  have to initially access via serial?
<infidel> is there a way to install the firmware through ubuntu?
<LeChacal> sorry i am not going to be a whole lot of help I have no experience with dells remote access systems
<infidel> thanks for listening
<pmatulis_> should just work
<diplo> infidel, not installed ubuntu on a dell for a long time but have you looked here ?
<diplo> http://linux.dell.com/
<infidel> yeah, seems like there are just for the newer servers
<infidel> but thanks
<diplo> as pmatulis_  last time i installed / set up a 2950 it all just worked from memory
<diplo> 26 is a bit older though
<infidel> it seems the only way to do it is on the older versions of RHEL and SUSE
<binaryhat> everytime i power up or reboot, grub does not automatically boot into the first option...i have to hit enter
<binaryhat> ??
<diplo> Done an upgrade recently binaryhat ?
<diplo> http://ubuntuforums.org/showthread.php?t=1598854
<diplo> Seen a couple of posts and all recommend sudo update-grub
<binaryhat> i have #GRUB_HIDDEN_TIMEOUT=0  thats y
<diplo> :)
#ubuntu-server 2013-02-11
<codepython777> anyone running cassandra here?
<azbyin> hi all.. i've got an issue where my apt-cache is not being updated
<azbyin> i.e. i see some packages that are newer than the ones it tries to download and fails
<azbyin> ok, now that i have found out that maverick is essentially dead. How would I possibly perform an upgrade to precise?
<bradm> azbyin: you'd have to upgrade to oneiric, then to precise
<azbyin> bradm, ok. how do I perform this upgrade: maverick -> oneiric -> precise
<bradm> azbyin: just a normal upgrade - using do-release-upgrade, or whatever you use normally
<azbyin> if I log into the syste remotely, it says: New release 'natty' available.
<azbyin> Run 'do-release-upgrade' to upgrade to it.
<azbyin> so i'm not sure if i want to run do-release-upgrade
<bradm> oh, yeah, you'll have to hit natty -> oneiric -> precise
<azbyin> omg!
<bradm> you can only upgrade from one release to the next, you can't jump any
<azbyin> and i need to do this remotely..
<azbyin> you reckon it will go smoothly?
<bradm> if you stay with LTS, ie you were on lucid, you could have gone to precise directly
<bradm> usually the upgrades are pretty good, but its not impossible for things to go wrong, depending on hardware etc
<azbyin> hardware should be bog standard. i don;t care about X at the moment. that can be fixed later. as long as it will leave the sshd running after the upgrade and reboot, i'll be set
<azbyin> and ofcourse the net config
<bradm> I've done lts upgrades in the past remotely, but never without some sort of fallback if things go horribly wrong
<azbyin> yeah, the fallback is a linux user sitting on the machine, heh
<azbyin> so i'll have to guide him like talking to a baby!
<bradm> its all about risk management - how bad is it if something goes wrong - there's never a 100% guarantee with these upgrades, since its impossible to know all the variables on the machine
<bradm> but you'd be best off most likely getting it to natty, then rebooting and making sure everything works, and then again with oneiric, then to precise
<bradm> its hard to say how a precise userspace would react with a maverick kernel
<azbyin> eh? precise userspace with maverick kernel?
<azbyin> i'm going to upgrade everything
<bradm> right, but I'm saying I'd reboot at the end of each upgrade
<azbyin> oh, you mean the do-release-upgrade will not update the kernel?
<bradm> it'l upgrade it on disk, you need to reboot for it to be running
<azbyin> as long as it sets up a new kernel and newer udev, etc. it should be fine with a reboot
<azbyin> ofcourse
<bradm> iirc it doesn't force a reboot
<azbyin> yeah, i'll perform a reboot. i'll killall daemons except for sshd and then perform the upgrade
<azbyin> but i'll have to complete backups which need to be done by the guy at the other end
<bradm> definately
<bradm> assuming that things might go bad is the best way to be ready for it
<azbyin> so i'm assuming only the lts releases and current supported releases are kept on archive.ubuntu.com ?
<bradm> right
<azbyin> i ask because for some reason au.archive.ubuntu.com (our local mirror, running on mirror.aarnet.edu.au) still has *almost* all the packages
<bradm> you can get the older releases at old-release.ubuntu.com
<bradm> ah, old-releases.ubuntu.com, I mean.
<azbyin> so wait, if i want a few packages installed, i can point my sources list at this server right?
<azbyin> the only thing to change will be the server name itself in the urls
<bradm> sure, perhaps change the file path in the urls
<bradm> https://help.ubuntu.com/community/EOLUpgrades has some details, bit old
<codepython777> does anyone know if this is safe/good to add: sudo add-apt-repository ppa:ferramroberto/java ?
<solitude88> anyone on ie?
<azbyin> bradm, is there an equivalent for extras.ubuntu.com as well?  i.e. archive.ubuntu.com -> old-releases.ubuntu.com    extras.ubuntu.com -> old-extras.ubuntu.com  or something similar?
<bradm> azbyin: nothing official, I think
<azbyin> umm.. ok
<azbyin> thanks for mentioning old-releases.u.c
<azbyin> i didn;t know about it. i'm going to install a few packages from there and hopefully the users aren't going to pester me for an "upgrade asap"
<azbyin> rather have it wait till I actually get physically to the machine
<bradm> azbyin: good idea, its always nice to be able to plan these things rather than rush into it
<bradm> azbyin: and of course, once you've done all the planning etal, it'll all go flawlessly on the day. :)
<azbyin> yeah, i really want be physically present for the upgrade (or rather clean setup process)
<azbyin> given that maverick is "ancient"
<bradm> it really is
<bradm> sticking with LTS is a good idea for servers
<bradm> otherwise you're upgrading every 6 months, or pushing multiple upgrades though.
<blkperl> or your still running jaunty in production and hating the guy before you for ever using it
<azbyin> lol blkperl
<blkperl> :)
<azbyin> bradm, would you happen to know if kubuntu has a similar old-  server with their packages?
<bradm> azbyin: can't say I do, sorry.  I don't use kubuntu myself
<azbyin> no worries.. thanks for the help
<blackjack> hy I use ubuntuserver as tporxy, I use 2 nic, nic nic leads to a second proxy, this is a picture, but I'm still confused http://uploadpic.org/v.php?img=3doJcpmFIQ
<blackjack> i use mikrotik to , any body can help my ?
<joshuafcole> Hey there. I've got a bit of a quandary. I was running a mass of updates on my server when I stopped home this weekend. It turns out, at least one of them required user-interaction. I don't have retty installed, and my old VNC program Guacamole is failing to actually VNC anymore. Any way to steal the process so I can finish the update, or failing that, safely halt it to resume in a new TTY?
<blkperl> joshuafcole: apt is pretty smart about failing to update, you should be able to kill the process and resume
<joshuafcole> blkperl: I suppose I'll go that route. I was hoping there was some wizardry I had missed along the way to avoid even a slight risk.
<joshuafcole> blkperl: Everything seems to have worked beautifully though. Thank goodness for super cow powers.
<Sendoushi> https://dl.dropbox.com/u/12956435/screen.png which layout should i use for altgr? i can't get [ ] nor { }
<zul> Daviey: hey can you check pecan?
<Daviey> zul: my pecan is fine, how is yours?
<zul> Daviey:  a little stale (python-pecan is the one im talking about ;)
<cfhowlett> !info pecan
<ubottu> Package pecan does not exist in quantal
<Daviey> zul: ah. :)
<jamespage> hallyn: updates to qemu-kvm look good re ISO image size - i386/amd64 now back undersize
<yolanda> jamespage, zul, i'm trying to check ceilometer api. It shows an access denied when i pass the keystone credentials. But for example "keystone catalog" with same credentials, works
<yolanda> any idea about what the problem can be?
<Daviey> zul: please push your changelog changes back to debian.. ktnx
<eagles0513875_> hey all
<eagles0513875_> how is everyone
<cfhowlett> eagles0513875_, greetings
<eagles0513875_> hows it going cfhowlett
<cfhowlett> no complaints.  what's your ubuntu query?
<X-Scorpion> Hello
<cfhowlett> X-Scorpion, greetings.  post your query.  pretty sure someone here has an answer
<X-Scorpion> I am having a problem when i join to windows domain saying "The server domain and kerberos realm must match the domain you are trying"
<caribou> jamespage: ping
<X-Scorpion> can anyone tell me how to join AD domain
<caribou> well, I suppose that someone else can answer : I've just SRUed bug #967410
<uvirtbot> Launchpad bug 967410 in samba "Windows clients cannot connect to shared printers " [High,In progress] https://launchpad.net/bugs/967410
<caribou> do you prefer a debdiff or a merge proposal for the fix ?
<eagles0513875_> any postfix experts in here as I am up a creek with this my email setup as I recieve emails incoming on my business domain with postfix but cannot send out emails from outlook
<eagles0513875_> anyone have any ideas. and if so i am more then willing to pastbin my postfix conf
<ikonia> eagles0513875_: #postfix
<eagles0513875_> ok
<jamespage> caribou: pong
<caribou> jamespage: howdy
<jamespage> yolanda: that would indicate that your client->keystone auth is OK - but you ceilometer configuration for keystone auth is not
<caribou> jamespage: I've just SRUed bug #967410
<uvirtbot> Launchpad bug 967410 in samba "Windows clients cannot connect to shared printers " [High,In progress] https://launchpad.net/bugs/967410
<caribou> jamespage: do you still maintain the samba suite (saw your Id in the changelog) ?
<yolanda> jamespage, now i have it working, the ceilometer.conf file wasn't right
<yolanda> now i have a working api, but that reports nothing
<yolanda> step by step :)
<jamespage> caribou: well I'm in the team that maintains it - and I've done the last few merges from Debian
<caribou> jamespage: just wanted to know if you preferred a debdiff or a merge proposal for the SRU
<smoser> kirkland, utlemming, just making a guess on the issue you saw on friday. a.) "out of inodes" could have caused that (i think). b.) the only other thing i can guess is block device write errors (ie thorugh the hypervisor on a dying node).  however, i would have expected dmesg comments to that effect.
<jamespage> caribou: ah - so you would like a sponsor ;-)
<jamespage> merge proposal please
<caribou> jamespage: well, I suppose that the SRU will  come your way, right ? (you or the team)
<jamespage> caribou: well it would probably end up in the sponsorship queue
<jamespage> caribou: (but a ping to me is acceptable :-))
<caribou> jamespage: well, I prefer to ask the receiving end what they prefer to receive :-)
<jamespage> caribou: ta
<jamespage> caribou: mp is good for me
<jamespage> but I can deal with either....
<caribou> jamespage: ok, I'll work on the MP. I already got the fix tested & packaged but I haven't done MP in a while.
<caribou> jamespage: it'll refresh my memory
<jamespage> caribou: ack
<hallyn> jamespage: cool
<caribou> jamespage: the fix is already in quantal & raring, so I suppose that I'll to the MP against the precise-propose branch
<mercsniper> is the server based oemconfig working in 12.04.1?
<jamespage> caribou: precise-updates
<caribou> jamespage: ah, ok
<zul> yolanda: pecan made it into the archive
<zul> jamespage: so the plan for eventlet is run the tempest locally before i install it locally and after
<jamespage> zul: coolio - I'd be tempted to throw it in the lab archive as well and test rebuild everything and run a deployment
<zul> jamespage: that works as well
<hazmat> jodh, does the upstart socket bridge support things like buffering connections if the underlying service providing the socket is restarted/upgraded?
<yolanda> zul, great!
<yolanda> any plans for wsme?
<zul> yolanda: will look at it again today
<yolanda> ok
<Guest87983> Hi! I am trying to install ubuntu 12.04.1 on IBM System X3100 M4 Server and would like to configure RAID1 with 2 x 500 gb sata hdd
<ikonia> Guest87983: they have a hardware raid controller in as I recall
<Guest87983> they have a fake raid in it but when I configure it and boot into ubuntu server installation it does not show up.
<Guest87983> does this have to do something with EFI?
<Guest87983> any help in this regards would be very much appreciated, i had already spent about 3 days without much progress.
<Guest87983> ikonia: any clue?
<ikonia> Guest87983: proably just doesn't have linux support for that card built in
<Guest87983> ok, but what about with software raid?
<ikonia> what about it ?
<Guest87983>  I am not able to set the physical raid  to bootable
<ikonia> ?
<ikonia> what has that got to do with software raid
<Guest87983> this is what I was trying to do. in the pratition setup I created a 500 mb for /boot and the rest for /
<Guest87983> I set it as physical partion for Raid
<caribou> jamespage: should I subscribe ubuntu-sponsor as well as sru-team for the Samba SRU ?
<ikonia> physical partition for raid ?
<ikonia> Guest87983: I'm sorry I'm not understanding what you are saying
<Guest87983> When I set the partition type to Raid and try to set it to bootable, the flag would not change
<Guest87983> ikonia: I guess I confused you using the wrong terminology, but what I meant was I am not able to set the raid partition to bootable
<Guest87983> so when the installation is done, i am not able to boot into the server
<ikonia> Guest87983: probably because it's fake raid
<ikonia> the fake raid needs the OS in place to assemble the disk
<Guest87983> ikonia: I did not enable the RAID option in the bios and am trying to install using the software raid option available in the ubuntu server installation
<ikonia> Guest87983: right so what's the problem ?
<Guest87983> When I try to set the partition to bootable the flag does not change to bootable and hence I am not able to boot after the installation is complete.
<nibbler_> Guest87983: just go to a console and use fdisk to set the flat
<nibbler_> flag
<Guest87983> nibbler_: When I restart the server after the installation, the server would not just boot into the OS, I would is acting as if nothing was installed.
<Guest87983> basically it is not able to find the boot partition or the mbr
<nibbler_> Guest87983: you made that perfectly clear. i failed doing so it seems. while in installation, or after booting some rescue system, flag the partitions of the disks (not the raid) as bootable
<yolanda> hi, i'm having this problem with keystone: keystone Authorization Failed: No connection adapters were found
<yolanda> any idea about that?
<Guest87983> nibbler_: I shall try that and get back if I have any problems
<koolhead17> hi zul
<zul> koolhead17: hi
<koolhead17> zul: how have you been sir?
<zul> koolhead17: good you?
<jamespage> hazmat: do you have time to help me debug that zookeeper test failure I mentioned last week?
<koolhead17> zul: am good. kind of trying to dig bit inside the filter scheduler and docs corresponding to it
<zul> koolhead17: ok
<koolhead17> zul: wassup with you? too much of packaging :)
 * koolhead17 bows to jamespage 
<zul> koolhead17: too much of everything
<koolhead17> zul: ** BEER **
<jamespage> koolhead17: hey!
<koolhead17> jamespage: i been lucky to understand bit about quantum finally :)
<jamespage> koolhead17: **\o/**
<jamespage> koolhead17: do you remember I was saying you could run maas virtually?
<koolhead17> jamespage: yes. i have maas/juju for next month in my plate
<koolhead17> jamespage: but i doubt you can run VLAN mode with it?
<koolhead17> tunnel will work fine
<jamespage> koolhead17: actually that might be possible
<koolhead17> jamespage: with some external SDN
<koolhead17> plugin?
<jamespage> koolhead17: I've been using openvswitch on the virtual host hosting maas (if that makes any sense)
<jamespage> and that can support VLAN etc.etc.
<jamespage> so its possible
<jamespage> koolhead17: https://code.launchpad.net/~virtual-maasers/charms/precise/virtual-maas/trunk
<koolhead17> jamespage: nice. now that means installing quantum is much much easier :D
<koolhead17> jamespage: once Grizzly comes in how many days it will take us to update our Juju Repo? Would love to blog with all install steps once Grizzlly relases
<jamespage> koolhead17: charms are already being updated
<koolhead17> awesome!!
<hallyn> sarnold: jdstrand: thanks for the vde2 input.
<jdstrand> np (for my part). sarnold did all the heavy lifting
<Hexi> anyone know if this openssl vulnerability has or will be addressed for 12.04 LTS?  http://www.openssl.org/news/secadv_20130205.txt
<jdstrand> Hexi: yes, it is actively being worked on
<Hexi> jdstrand: great thanks!
<jdstrand> eg: http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-0169.html
<uvirtbot> jdstrand: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169)
<vila_> utlemming: ping, hallyn told me to tell you my story,
<utlemming> vila_: uh oh....
<vila_> I'm setting up a kvm from a cloud-image and it hangs at [     0.0000] Console [tty1] enabled until I 'virsh console <guest>' and hit return on my physical kbd
<vila_> once booted if I remove ttyS0 from "GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0" it don't hang anymore at boot
<utlemming> vila_: where did you fetch the image from?
<vila_> utlemming: http://cloud-images.ubuntu.com/{vm.release}/current/
<vila_> for raring
<vila_> {vm.release}-server-cloudimg-{vm.cpu_model}-disk1.img
<vila_> for raring and amd64
<utlemming> vila_: can you write up a bug report for that?
<vila_> utlemming: sure
<vila_> utlemming: against which project ?
<vila_> utlemming: err, wait, I think there is one already, let me check
<vila_> utlemming: ha no, I also hit bug #1103881 but that's different
<uvirtbot> Launchpad bug 1103881 in upstart "cloud-final is never executed if upstart is upgraded during initialization of the image " [High,Confirmed] https://launchpad.net/bugs/1103881
<Techdude1011> blackberry + wpad - is it possible?
<vila_> utlemming: so, which project ? qemu ?
<utlemming> vila_: ubuntu for now
<utlemming> vila_: we need to dig on where the bug is
<vila_> utlemming: bug #1122245
<uvirtbot> Launchpad bug 1122245 in ubuntu "booting from a cloud image hangs until virsh console is used" [Undecided,New] https://launchpad.net/bugs/1122245
<vila_> utlemming: let me know if you need more info or help (this is part of a test setup I'm working so I have some automated tests that reproduce it (and are a pain so far as I couldn't find a way to automate that "return from the physical keyboard" part so far ;)
<smoser> zul, https://bugs.launchpad.net/ubuntu/+source/python-keystoneclient/+bug/1122146
<uvirtbot> Launchpad bug 1122146 in python-keystoneclient "python-keystoneclient conflicts with python-requests" [High,Confirmed]
<zul> smoser: fixed in bzr ill probably upload something today
<smoser> vila_, it would seem this is likely regressed from https://bugs.launchpad.net/ubuntu/+source/python-keystoneclient/+bug/1122146
<uvirtbot> Launchpad bug 1122146 in python-keystoneclient "python-keystoneclient conflicts with python-requests" [High,Confirmed]
<smoser> zul, https://bugs.launchpad.net/ubuntu/+source/python-keystoneclient/+bug/1122146
<vila_> smoser: wrong bug # ?
<vila_> smoser: or just wrong people ? ;-D
<smoser> vila_, well, yrou bug is fallout of that change. i would suspect.
<Nahita> Hey guys
<vila_> smoser: keystone involved in a bare cloud image ??
<smoser> vila_, unrelated.
<smoser> sorry.
<vila_> smoser: pfew
<Nahita> I was gone set up a IDS with pfsense and snort. Any recomendation on how much ram I would need on this machine? gone push 30MB/s
<smoser> ugh. villa, sorry... i meant to paste https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1016695 to you.
<uvirtbot> Launchpad bug 1016695 in cloud-init "add console=tty1 to cloud-image kernel boot parameters" [Wishlist,Fix committed]
<smoser> vila_,
<smoser> and python-keystone to ul
<smoser> ziul
<smoser> wow
<smoser> i cannot type
<vila_> smoser: ha, better, indeed, I saw that one a couple of days ago but wasn't sure how they relate, thanks, will mention it in my bug
<vila_> smoser: wow, you beat me to it ;)
<smoser> where does virt-install come from ?
<smoser> ah. virtinst. i'd never seen that. i like the cmdline syntax.
<vila_> smoser: sry, was afk, yeah virtinst
<chrish1> good morning
<chrish1> i have a virtual server with two defined nics
<chrish1> nic1 is used for management network and for PXE booting
<chrish1> nic2 is supposed to connect to the internet to provide packages from repos
<chrish1> i need both interfaces configured during install, nic1 static, nic2 dhcp
<chrish1> how can I make preseed configure both interfaces?
<genii-around> chrish1: http://ubuntuforums.org/archive/index.php/t-1713845.html looks promising
<chrish1> genii-around: I am going to try this, thanks!
<chrish1> that doesnt really solve my problem though, as far as I understand it this is about which interface gets selected during preseed, not about configuring more than one interface
<paco1> hello all!
<paco1> i have a question: how to convert "cpu user time" to "real time"? thanks in advance!
<smoser> paco1, not really possible
<smoser> where do you see "cpu user time" ?
<paco1> for example
<paco1> i use sa command
<sarnold> probably as opposed to cpu system time..
<sarnold> or nice time
<paco1> sa -u | grep paco | egrep "soffice.bin" > paco       3.02 cpu    49728k mem      0 io soffice.bin
<ztane> paco1: what do you mean by cpu user time, cpu user time is in cpuseconds
<ztane> *i mean what do you mean by converting?
<ztane> :D
<ztane> cpu user time is exactly that, the real amount of time that one cpu has worked for the process during its lifetime
<paco1> that's seems to be a strange time
<ztane> you just do not make sense, how do you convert seconds to seconds
<sarnold> paco1: what about those times don't make sense?
<zul> smoser/adam_g: im going to upload a new python-keystoneclient in the next couple of minutes to fix the requests stuff
<shauno> probably best if you ask what you're actually trying to achieve.  cpu time is a red herring.  eg, "ps -eo pid,cmd,etime" will give you elapsed time (etime)
<sarnold> paco1: did you expect openoffice to consume far more cpu? or far less?
<paco1> no, i would like to know the time i use my programs
<paco1> and what hour i open them and what hour i close them
<sarnold> aha! :)
<paco1> ;)
<paco1> if you have a solution....
<jacobw> hamster
<paco1> its for that i searched with sa, acct and ac command
<jacobw> http://projecthamster.wordpress.com/
<sarnold> paco1: ps -e -o pid,start_time
<sarnold> paco1: that of course only shows you the start time of currently executing programs
<shauno> if you're doing process accounting, the trick missing from your list is 'lastcomm'.  which will show you the last time a process was invoked, and how long it lasted
<sarnold> paco1: if you ran a similar command every few minutes, you could build a datastructure that knows when programs were running
<sarnold> shauno: awesome. :)
<shauno> ah, that uses cpu time too :/  I can only find etime for a running process.  awkward.
<sarnold> aww.
<paco1> etime?
<ztane> paco1: if you are talking about desktop usage, there is a program already in ubuntu...
<ztane> can track your active window too
<ztane> cant remember
<ztane> which one though
<RoyK> shauno: if it's about execution time, ps or top will help out
<shauno> lastcomm --debug has it, the 5th value is elapsed in hundredths of a second.  but that seems more accidental than intuitive
<shauno> ps has it while the process is running, not afterwards
<RoyK> well, yeah
<shauno> if he wants a start time & a finish time, it has to be post-mortem
<RoyK> use "time somecmd"
<sarnold> RoyK: he wants the system to collect the times of day that programs are run
<RoyK> oh
<RoyK> is there something like process accounting in ubuntu (or on linux?)
<paco1> sarnold: exactly
<sarnold> RoyK: there is, but it only knows about processes _after_ they die, and doesn't record the start time and stop time, iirc
<paco1> ztane: if you remember the name.... ;)
<shauno> I think you're going the right direction with acct, it's just not a very intuitive tool
<sarnold> the downside to acct is that it only knows about processes once they have died :)
<paco1> shauno: "it's just not a very intuitive tool"....yes, i see it...  :/
<sarnold> you just can't win. hehe.
<RoyK> I guess process accounting and perhaps using ulimit for some users may be good?
 * RoyK tried to use ipf for firewalling on openindiana and found iptables *very* nice and intuitive in comparison
<sarnold> RoyK: hehe, after my initial ipfwadm experience, I really _learned_ firewalling on ipf and pf. I never got the hang of iptables afterwards :(
<shauno> lastcomm shows it in the debug record, so the info is there /somewhere/ .. http://paste.ubuntu.com/1637201/
<RoyK> sarnold: hehe
<sarnold> shauno: nice :D
<shauno> 1000/1000 look like uid/guid, no idea what 3284 is, 17812 & 16334 look like the pid and the parent.  it's all there, just very terse
<RoyK> shauno: what's happening? a lost process eating cpu?
<shauno> paco1's query, I'm just looking to see if gnu acct has the answers he seeks
<paco1> shauno: thanks
<RoyK> paco1: what's happening? a lost process eating cpu?
<RoyK> paco1: sometimes a server is rooted and a rootkit is installed - it's not fun, but it happens...
<sarnold> RoyK: < paco1> no, i would like to know the time i use my programs < paco1> and what hour i open them and what hour i close them
<paco1> RoyK: no no, all is good. it's just for me
<RoyK> ok
<paco1> sarnold: yeah
<paco1> RoyK: i'm looking for ac, sa and like shauno said lastcomm
<zul> smoser: looks like we need a newer boto http://pastebin.ubuntu.com/1637239/
<zul> yolanda: ping where is wsme again?
<zul> yolanda: doh never mind
<paco1> lastcomm read the /var/log/account/pacct file?
<param__> Unable to connect internet by wifi in ubuntu server ?
<smoser> zul, what is test_api.py ?
<zul> smoser:  tests the ec2 api
<param__> Unable to connect internet by wifi in ubuntu server ?
<paco1> i did a test with soffice > 2.44 secs??
<paco1> with lastcomm command
<paco1> 2.44 secs > how to read that?
<smoser> zul, i dont think we need a new boto
<smoser> i think that commit just sucked
<zul> smoser:  could be
<smoser> https://review.openstack.org/#/c/19987/
<smoser> thats what did it
<smoser> specifically https://review.openstack.org/#/c/19987/6/nova/tests/test_api.py
<smoser> and it seems simply broken
<paco1> how can i interpret that result: 2.44 secs?
<sarnold> paco1: that's probably the CPU time taken
<sweettea> anyone familiar with this kvm error kvm: 1824: cpu0 unhandled rdmsr: 0xc0010001
<sweettea> the guests seem to be running fine
<yolanda> zul, do you still need me? sorry i disconnected for a while
<sweettea> but its still uneasy
<zul> yolanda: nope
<paco1> sarnold: ok
<sweettea> also, anyone use(d) sys_basher to test computer stability ?
<tasslehoff> I followed a howto and got Time Machine backups to my Ubuntu 12.04.1 server working (avahi + netatalk). Now "something" has happened so my mac can no longer see any afp-shares. I have no idea how to figure out where the problem lies. Anyone here that do?
<sarnold> tasslehoff: nothing beyond wondering if there are any informative error messages in logs on client or server :)
<tasslehoff> sarnold: nay, all seems normal. but, I managed to connect from osx to afp://<server-ip>, so I suspect the issue is on the mac-side.
<sarnold> I'm actually a little stunned that apple still supports the afp-style networking.
<tasslehoff> sarnold: I don't know much about it, but since Time Machine is so ... accesible I decided to try setting it up.
<tasslehoff> But, it won't take much trouble to make me use Crashplan or something else instead..
<sarnold> tasslehoff: well, they do different things :) crashplan for the fire, time machine for the dead hard drive.. hehe
<smoser> zul, can you easily test http://paste.ubuntu.com/1637380/
<smoser> i suspect that will fix it.
<zul> smoer: sure
<tasslehoff> sarnold: yup, except I only use crashplan locally, since transatlantic transfer speeds are abysmal
<zapotah> hi. is there a repo or such from which one could install the os from like in ie centos (http://mirror.academica.fi/CentOS/6.3/os/x86_64/)
<zapotah> tried scouring the repo but didnt find it there, tried finding references from docs too
<tonyyarusso> zapotah: you mean you're just trying to do a netinstall?
<zapotah> got firmware that can boot http
<zapotah> and i dont want to setup a local http boot server at this time
<zapotah> with centos its as easy as booting that dir from the firmware
<zapotah> just wondering if ubuntu repos or such have the same kind of thing somewhere
<jcastro> utlemming: if you've got time, let's talk juju on the vagrant images
<jcastro> zapotah: you're looking for the netboot directory? http://us.archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/
<jcastro> substitute release or arch of course
<zul> smoser: nope it doesnt
<smoser> zul, it surely can't fail the same way.
<zapotah> jcastro: that dir only contains the stuff to create your own boot server
<sarnold> zapotah: are you looking for the mini net-install disc?
<zapotah> no a http bootable repo dir or such, which im beginning to think does not exist for ubuntu
<zapotah> centos has such a dir on their repo mirrors
<zapotah> ie: http://mirror.academica.fi/CentOS/6.3/os/x86_64/
<zapotah> you can boot an install straight from that
<sarnold> zapotah: oh, they run a tftp node for you or something?
<patdk-lap> easy, ipxe and netboot
<patdk-lap> ipxe can easily boot from http
<zapotah> what patdk-lap said
<patdk-lap> still requires tftp or usb or something to load ipxe
<zapotah> ipxe is in the rom
<sarnold> patdk-lap++ :D
<patdk-lap> zapotah, not fun to do, but maybe doable :)
<zapotah> i think ill just jumpstart a httpd on the workstation next to me and extract the netinstall iso there....
<zapotah> kinda weird ubuntu doesnt have http boot on their repos, or im looking in the wrong place...
<jcastro> I am pretty sure I have done this before
<jcastro> I think we're in the wrong place
<zapotah> well im trying to find a ubuntu-server repo install dir so... :)
<zapotah> i know very well how to make my own http boot server (theres not much to do there though...) but wondering if there was an option
<zapotah> apparently such a convenient way to install does not exist for ubuntu... shame
<tyhicks> hallyn: Hey - Are there any known libvirt issues when upgrading from quantal to raring?
<tyhicks> hallyn: libvirt forgot about most (but not all) of my domains. The XML and images were still around so I was able to virsh define them again.
<tyhicks> hallyn: Additionally, I'm seeing some brokenness around the dnsmasq instances spawned by libvirt
<tyhicks> hallyn: I'm still debugging that, so I can't yet explain the problems very well
<hallyn> tyhicks: that should not have happened
<hallyn> tyhicks: is this fully uptodate raring?
<tyhicks> hallyn: yes, used update-manager to do the upgrade from quantal to raring last night
<hallyn> there was a network-manager bug which caused virbr0 to not get an ip address, but that's different
<hallyn> tyhicks: please file bugs, afaik those are not known
<hallyn> zul: ^ ring a bell?
<esuave> anyone know how i can get crontab -e to execute a commit to svn on :wq?
<tyhicks> hallyn: ok
<zul> hallyn: nope
<sweettea> here is a dumb question, how can i use apt-get to search for packages for me
<sweettea> on rhel
<sweettea> its yum list http*
<RoyK> apt-cache search ...
<hallyn> zul: also bug 1121917 sounds like a fun libvirt-lxc one
<uvirtbot> Launchpad bug 1121917 in libvirt "guest removes interface from host bonding interface when "infenslave-2.6" is installed in the guest" [Undecided,New] https://launchpad.net/bugs/1121917
<sweettea> wow how did I miss that on the man page
<sweettea> ty
<hallyn> stgraber: ^ did you mean to still have that assigned to you as it pertains to ifenslave?  or did you want to punt that altogether?
<zul> hallyn:  then dont do that :)
<sweettea> RoyK: is it me, or is that not on the man page
<RoyK> sweettea: I don't think the apt-get manpage lists apt-cache other than under "SEE ALSO"
<RoyK> no, it doesn't
<sweettea> Invalid operation search
<RoyK> apt-cache, not apt-get
<sweettea> ohh, my fault
<sweettea> thank you
<RoyK> np
<hallyn> zul: dont' do which, use libvirt-lxc?
<stgraber> hallyn: hmm, I should have unassigned when I moved it to libvirt
<zul> hallyn:  kind of :)
<RoyK> sweettea: to install apache, apt-get install apache2
<hallyn> stgraber: ok, wasn't sure if you were goin gto keep looking
<hallyn> thx
<RoyK> sweettea: perhaps some more if you want php and related libs
<stgraber> hallyn: I'm pretty sure I'm not doing anything obviously wrong in ifenslave-2.6 and in theory a container shouldn't be able to access the list of bond interfaces nor mess with its members. One case where that'd happen is if sysfs is mounted before the change of netns but we'd have seen other bugs if that was the case
<hallyn> stgraber: yeah i have no idea
<hallyn> will have to look later - i'd believe they're doing some new in libvirt
<hallyn> new being a codeword
<stgraber> #define new WRONG
<hallyn> i didn't say THAT
<ffunenga> hello, can somebody help me? http://unix.stackexchange.com/questions/64468/how-do-i-install-libgtk-3-dev-in-elementaryos
<sarnold> ffunenga: try "apt-cache policy libgtk-3-dev
<sarnold> ffunenga: .. and the same command for the other packages mentioned there
<sarnold> ffunenga: perhaps you'll be able to spot something with the output that helps you solve the situation
<ffunenga> sarnold, ok! I'll try it now
<sweettea> RoyK: thanks, I was more wondering on what I do when I forget the package name
<RoyK> sweettea: the search thing in yum sucks rather badly - apt-cache takes regex and works far better
<RoyK> and faster
<RoyK> using a local index instead of updating from the net on every search
<sweettea> like eix on gentoo
<sweettea> understood
<sweettea> ty
<sweettea> im migrating off rhel and its a learning process
<RoyK> I know
<RoyK> I've been forced to use more rhel/centos lately, and it's a learning process that too
<ffunenga> sarnold, this is what I get
<ffunenga> https://gist.github.com/ffunenga/4758116
<ffunenga> what does the code "500" means?
<sarnold> ffunenga: are you missing a 'precise-updates' line in your /etc/apt/sources.list file?
<ffunenga> sarnold, "cat /etc/apt/sources.list | grep precise-updates" does not return anything
<sarnold> ffunenga: take a look at the "Repositories" section here: https://wiki.ubuntu.com/SecurityTeam/FAQ#Repositories
<sarnold> ffunenga: you'll probably want to add -updates or -security or both to your apt sources.list -- and you'll want to make sure that you pick the ones that match whichever componenents you want (main, restricted, universe, multiverse) ...
<sarnold> ffunenga: .. (there may be better descriptions of the pockets and components -- you certainly don't need to understand everything in that section!)
<paco1> ztane: If one day you find the name of the soft (like you said: "if you are talking about desktop usage, there is a program already in ubuntu..."), advise me, please. thank you very much! ;)
<paco1> ....and thank you all for your help :D
<sarnold> paco1: bye :)
<paco1> sarnold: not yet for me ;)
<paco1> Just to thank you for your help
<sarnold> paco1: oh! okay :) hehe
<ffunenga> sarnold, omg! lol I had only security updates enabled...
<sarnold> ffunenga: woo :)
<ffunenga> I've enabled precise-updates, and now its finally working! lol I am noob, no doubt about it.
<sarnold> ffunenga: excellent :)
<paco1> sarnold: what do you think about dump-acct?
<paco1> dump-acct /var/log/account/pacct | awk -F'|' '{ print $1 $2 $3 $4 "|" $5 "|" $6 "|" $7 "|" $8 "|" $9 "|" $10 "|" $11 "|" $12 "|" $13}' | egrep "firefox|soffice"
<paco1> arrff....give me tambien cpu time.... :/
<sarnold> paco1: try this: dump-acct /var/log/account/pacct | awk -F'|' '{print $1 $11 "\t" $5/100 " seconds"}'
<sweettea> how does one save the current iptables rules so they will work upon reboot?
<paco1> sarnold: $5 > it's the "cpu time" you divide?
<sarnold> paco1: I dont think it is CPU time, but elapsed time
<sarnold> paco1: or, at least, shauno pointed it out as execution time, and a "sleep 5" shows "500" there...
<shauno> and if sleep(1) is using cpu time, we have bigger issues
<paco1> shauno: yep
<sarnold> shauno: hehe, yeah :D
<paco1> man dump-aact > --ahz  Use specified units of time to display data from other kernel versions and architectures.
<paco1> i don't understand that option....
<sarnold> paco1: the acct files record time in units of hz
<sarnold> paco1: some machines had 100 hz (ticks per second)
<sarnold> paco1: some had 60, some had 200, some had 256, some had 1000 ...
<paco1> ok! thanks!
<sarnold> paco1: so if you were reading an acct file on a different machine than the one that generated it, you might need to tell the tools what Hz had been in use on that system (yes, really!)
<paco1> ok!
#ubuntu-server 2013-02-12
<pndemc> How can I renice by process name instead of PID?
<RelenScotia> Hey everyone
<RelenScotia> so if I want to create a ubuntu server 12.04 LTS on OSX for a server
<RelenScotia> I should use the OSX tut for creating a bootable flash drive?
<railsraider> hi, i get this error: modprobe: FATAL: Could not load /lib/modules/2.6.32-311-ec2/modules.dep: No such file or directory
<railsraider> can it be fixed? or do i have to bring up a new server
<chmac> How do I enable apache / mysql to start on boot?
<chmac> I thought they did, but apparently they don't, arg!
<aguuu> Would anybody recommend a linux distro for amazon cloud services? I am a beginner to linux servers. I just want to install apache, php, maybe node.js and python, etc. Run my own DNS server.
<aguuu> Do you know how to use the free tier storage when creating a compute unit at amazon cloud?
<chmac> aguuu: You're on the ubuntu-server channel right?
<chmac> aguuu: ubuntu-server is a fine choice if you're looking for a generic server...
<chmac> Otherwise amazon spin their own distro I think, but I've always used ubuntu on ec2
<aguuu> yes i am
<aguuu> but i'm a little scared of not having the UI. is it easy to install?
<chmac> aguuu: Amazon will do all the installing for you, all you need to do is log in.
<aguuu> yes but then i have to install apache, php, etc etc
<chmac> You'll be able to log in over ssh and then you'll need to install services / etc with commands like `sudo apt-get install mysql-server`
<aguuu> hmm
<aguuu> is it easy enough to install X and VNC, etc? or should i start with ubuntu desktop instead?
<chmac> aguuu: Unless you have a burning need to get this up and running immediately with the least possible hassle, I'd suggest you buckle up and get ready to learn how to use the console...
<chmac> aguuu: The basic steps of installing are pretty simple, linode has some great howtos, so did the one that was acquired by rackspace
<aguuu> yes. that's what i plan to do
<aguuu> but just in case i struggle too much. is it easy enough to install all the desktop stuff?
<chmac> I don't know, I don't have any experience with running desktops on servers.
<chmac> aguuu: I'd guess it'll be easier to fix the issue with the terminal than to install a desktop
<aguuu> lol
<chmac> Whatever work is involved in installing the desktop is presumably equally or more complicated as installing whatever server tools you want...
<chmac> aguuu: slicehost, they had some great articles, if they're still online
<chmac> Otherwise linode still does
<aguuu> should i use ubuntu server 12.10 or 12.04 LTE ?
<cfhowlett> !LTS|aguuu,
<ubottu> aguuu,: LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server; with the exception of 12.04 (Precise Pangolin), which will be supported for 5 years on the desktop. The current LTS version of Ubuntu is !Precise (Precise Pangolin 12.04)
<aguuu> so. don't the updates for 12.04 make it exactly like 12.10? so why would one be supported and not the other?
<aguuu> if i do update the 12.04, will it become 12.10 ?
<cfhowlett> aguuu, 12.04 is 12.04.  You can update 12.04 to future point releases of 12.04 e.g. 12.04.1.  A distro release is required to upgrade to 12.10 ....
<aguuu> ohh ok.
<chmac> Just upgraded mysql-server and now I'm getting a ton of weird errors and mysql is not running properly.
<chmac> Anyone experienced the same thing when upgrading to the latest release on precise?
<zetheroo>  trying to install ubuntu server 12.04 here and it's failing at Select and Install Software
<zetheroo> it gets to trying to load tasksel and then fails
<rbasak> !details | zetheroo
<ubottu> zetheroo: Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<zetheroo> not sure what other info you need!? hardware? ... partitioning setup?
<rbasak> Please elaborate on "fails". The way in which it fails is crucially important to understanding your problem.
<zetheroo> gives a message saying something about going back to the install menu and trying again ...
<zetheroo> I have tried this with no success
<zetheroo> keeps failing at the same place
<rbasak> Please post the *exact* message. And now that I know you're getting back to the install menu, I know that I can ask you go select the "Save debug logs" option from the install menu you've been taken back to so you can post that as well.
<rbasak> Then somebody may be able to help.
<ogra_> also file a bug and attach the logs there
<zetheroo> I won't be able to post much since I will have to retype whatever I post :P
<ogra_> ?
<ogra_> do what rbasak said above ... save the logs somewhere, attach them to a bug
<zetheroo> Installation step failed! An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Select and install software.
<zetheroo> that is the full message
<zetheroo> what happens if I skip it?
<ogra_> your install will be incomplete
<ogra_> (and probably fail again in later steps
<ogra_> )
<rbasak> OK, so go to "Save debug logs" in the menu, and post those somewhere.
<ogra_> file a bug. attach the logs so someone can look at them
<ogra_> from the error text exposed in the UI its hard to judge what the actual error is
<hatake> what answer this What is the third word in the following list? elm odd not fruit drift snow heavy mindful
<hatake> ?
<zetheroo> I burnt another copy to CD and its working now :)
<ogra_> great
<Skaag> any way to reboot a server by simulating a reset button?
<jpds> Skaag: Like, REISUB?
<Skaag> I don't know what that is
<Skaag> I have a machine that doesn't respond to 'reboot' and I want to force reboot it
<RoyK> Skaag: press alt+sysrq and typs "S U B"
<RoyK> s/typs/type/
<Skaag> I connected via ssh
<Skaag> I'm
<RoyK> echo s > /proc/sysrq-trigger
<RoyK> will sync, then u will remount all fs read-only
<RoyK> then b will boot
<Skaag> thanks, trying
<Skaag> here goes nothing...
 * Skaag is crossing his fingers
<Skaag> the b caused the machine to immediately stop responding
<Skaag> hoping it is rebooting now :)
<Skaag> this is very good to know, I will make a note of that, and read more about /proc/sysrq-trigger
<Skaag> server is back online
<Skaag> RoyK: good stuff, thanks mate! :
<Skaag> :-)
<Skaag> if a filesystem is mounted, but read only, is fsck still not advised?
<Skaag> its warning is quite scary to say the least
<RoyK> Skaag: http://en.wikipedia.org/wiki/Magic_SysRq_key summarizes it
<Skaag> thanks!
<RoyK> Skaag: you can fsck a filesystem mounted read only
<RoyK> just don't do it if it's mounted rw
<jpds> Skaag: Like I said: REISUB. :)
<zetheroo> I would like to be able to do ssh root@machine ... but it says Permission denied, please try again
<zetheroo> I am used to doing this command on debian systems ... but it does not seem to work in ubuntu ..
<zetheroo> is it possible to get this working?
<RoyK> zetheroo: have you set a root password?
<RoyK> zetheroo: most people use sudo these days...
<ogra_> zetheroo, the root account is locked by dfault in all ubuntu installs
<zetheroo> RoyK: ah, no I did not
<ogra_> so you need to set a password or copy a proper key in place
<zetheroo> ok
 * ogra_ would recommend the use of sudo though
<RoyK> ogra_: password auth works too
 * RoyK too
<ogra_> especially on servers
<ogra_> RoyK, if you have a password ;)
<RoyK> indeed
<Skaag> can I go to single user mode via ssh?
<zetheroo> but there is an issue with not being able to ssh as root
<ogra_> Skaag, man telinit
<RoyK> Skaag: it may take down the network...
<ogra_> yeah, very likely
<alimj> Zetheroo: First enable root user, then check /etc/ssh/sshd_config and assure that it is allowed :PermitRootLogin yes
<zetheroo> if I ssh as the user and run virt-manager it will not connect to libvirt - as it needs root perms ... so I then do 'sudo su' which takes me to user root ... then I can't open virt-manager because X is running under the other user that I ssh'ed into the machine with
<ogra_> zetheroo, ugh, just use sudo as prefix of the command you want executed as root
<ogra_> no need for sudo su
<ogra_> and if you want to use X apps like that, prefix the sudo commend with DISPLAY=:0
<alimj> zetheroo: If you should run lot's of commands as root, try sudo -i
<ogra_> *command
<zetheroo> ogra_: ok, that worked ... dunno why I did not think of that  :P thanks
<zetheroo> alimj: what does sudo -i do?
<ogra_> surely safer than setting a root pw ... which opens an additional attack vector :)
<Kimmono> exit
<ogra_> zetheroo, man sudo ;)
<alimj> zetheroo: It will change to root until you exit
<ogra_> its a good manpage to know anyway
<zetheroo> alimj: ok thanks
<alimj> Anytime
<ogra_> "The -i (simulate initial login) option runs the shell specified by the password database entry of the target user as a login shell."
<ogra_> the -s option is also an intresting one
<zetheroo> how do I find out things like the version of qemu and libvirt running on my system? I tried 'dpkg -s qemu-common' but that does not give me the info I am looking for
<ogra_> dpkg -l
<zetheroo> that outputs : ii  qemu-common       1.0+noroms-0ubunt qemu common functionality (bios, documentati .....
<zetheroo> I see a package version .... but what version of Qemu is that?
<alimj> zetheroo: man dpkg. You can change the output of dpkg to include what you want
<ogra_> i dont think -common is so intresting seem what other qemu packages you have
<Skaag> I hate how long it takes to fsck a 1.5tb drive
<alimj> zethero: or use dpkg-query
<ogra_> COLUMNS=300 dpkg -l | grep qemu
<ogra_> (that will also widen the fields to see the full version string)
<ogra_> there should be something like qemu-system or qemu-kvm in the output
<ogra_> which will have the upstream version beofr the -XubuntuX part
<Skaag> is it possible to convert ext2 to ext3 or ext4?
<ogra_> ext2 and 3 only differ through the added journal in ext3 ... so yes, that one is easy
<ogra_> ext3 to ext4 is technically possible but a lot slower than a freshly formatted ext4 afaik
<Skaag> I'm wondering if this patch made it to production fsck: http://lwn.net/Articles/264970/
<Skaag> if ext3 fsck is indeed much faster, it's a good reason for me to convert an ext2 to ext3
<Skaag> especially for large drives where fsck.ext2 is painfully slow
<ogra_> who would use non journalled filesystems on a server anyway ?
<Skaag> it has some benefits, speed wise
<Skaag> (for certain scenarios)
<zetheroo> tried a number of commands and cannot see the actual version of Qemu running?
<ogra_> but you risk your data if there is a power outage
<Skaag> right
<ogra_> zetheroo, what did the command i gave you above output ?
<zetheroo> dpkg -l ... that?
<zetheroo> or COLUMNS=300 dpkg -l | grep qemu ?
<ogra_> right, the latter one
<alimj> zethero: Did you try dpkg-query?
<ogra_> you should have gotten a list of packages with their versions
<ogra_> the part before the first - is the upstream version
<ogra_> beyond that qemu has a -version switch to check it
<zetheroo> yes, but the version info is that of the Ubuntu package ... not of Qemu itself ... no?
<ogra_> ubuntu versions are the part after the -
<vila> utlemming: ping
<zetheroo> ii  qemu-common                                                           1.0+noroms-0ubuntu14.7
<zetheroo> so this means it's using qemu 1.0 ?
<ogra_> package versioning is usually $upstream-$debianrevision"ubuntu"$ubuntuversion
<zetheroo> that is ancient
<ogra_> it likely comes from the qemu-kvm package which was only recently merghed into mainline afaik
<zetheroo>  I was sure that Ubuntu was using qemu 1.2.x already
<ogra_> upstream would be 1.0+noroms ... debian version is 0 (which means the package isnt in debian) and ubuntu version is upload 14 security or SRU version 7
<ogra_> ogra@chromebook:~/packages/ubuntu-defaults-nexus7-0.52$ apt-cache show qemu|grep Version
<ogra_> Version: 1.3.0+dfsg-5expubuntu1
<ogra_> thats in raring btw
<zetheroo> I don't know where online I saw it ... but Ubuntu had qemu 1.2.x in there somewhere
<Skaag> ok, I like how simple it is to switch from ext2 <--> ext3 in both directions. very convenient.
<ogra_> qemu != qemu-kvm
<zetheroo> this is not good at all
<ogra_> ?
<ogra_> what is not good ?
<ogra_> teht the fork of qemu doesnt use identical versioning ?
<zetheroo> that Ubuntu uses such old versions of this stuff
<ogra_> qemu-kvm is way newer than qemu was at that time
<ogra_> it has recently been merged back into the qemu tree though
<ogra_> so in raring you will have no qemu-kvm ... in all former release there was qemu-kvm which had way newer code on x86 than qemu had
<zetheroo> I just don't know which version of Qemu is actually running here .. and if it's version 1.0 then that is terrible
<ogra_> you run version 1.0 of qemu-kvm
<zetheroo> we were hoping that Ubuntu was using slightly newer stuff than Debian ... but this seems to not be the case
<ogra_> qemu-kvm is several versions advanced of everything debian has for the same release cycle
<zetheroo> yes, and I have the feeling that that does not mean I am running 1.0 of Qemu ... but how does one find out what version of Qemu is running in qemu-kvm ?
<ogra_> dunno, read the changelogs perhaps
<ogra_> or upgrade to the developmebnt release where both packages were merged again
<nocturn> Hi all, I have a LVM group with a PV on iscsi that is gone
<nocturn> now, I get /dev/dm-5: read failed after 0 of 4096 at 0: Input/output error on all LVM commands
<nocturn> how can I fix this?
<nocturn> will the server survive a reboot?
<nocturn> I fixed it with dmsetup
<nocturn> dmsetup remove <stale volume>
<zetheroo> is there any way I can install Qemu 1.2.0 from the quantal repos onto a precise machine?
<zul> yolanda2: https://code.launchpad.net/~zulcss/nova/nova-asn1/+merge/147932
<yolanda2> zul, ok
<yolanda2> zul, done
<Sendoushi> hey guys. how can i set a static ip?
<greppy> Sendoushi: ask your ISP.
<zul> yolanda2: https://code.launchpad.net/~zulcss/keystone/keystone-fix/+merge/147952
<zetheroo> Ubuntu doesn't seem to like the init 6 command too much :P
<yolanda2> zul, why is that change?
<zul> yolanda2:  refreshes the config again
<yolanda2> funny
<yolanda2> ok, done
<marahin> Does Ubuntu have any built-in (OOTB) vnc server?
<zul> yolanda2:  next https://code.launchpad.net/~zulcss/python-keystoneclient/requests-patch-drop/+merge/147955
<yolanda2> done
<pmatulis> does anyone want to help improve the server guide?  i'm looking for helpers
<jamespage> pmatulis: yes
<jamespage> pmatulis: maybe mention it in aob in the server team meeting currently happending in #ubuntu-meeting?
<pmatulis> jamespage: alrighty
<hallyn> smoser: do you mind syncing spice 0.12.2-0nocelt2exp from debian experimental into raring?
<smoser> hallyn, i can do that for you i guess.
<zul> yolanda2: can you fix the quantum build please
<yolanda2> zul, ok
<yolanda2> will be nice to forget ceilometer for a while :)
<coolball1> hi
<coolball1> just installed
<coolball1> no gui
<coolball1> what can I do?
<genii-around> Everything.
<ogra_> coolball1, what do you want to do ? everything is possible :)
<genii-around> coolball1: https://help.ubuntu.com/12.04/serverguide/index.html
<genii-around> Hopefully you had some task in mind for why you wanted a server, like making a webserver, or sharing files, or so on. It helps to first have a goal before deciding which next step to take.
<negronjl> jamespage, ping
<coolball1> what if I want www.example.com to be a site on my server?
<coolball1> apache, dns, and a visit to godaddy?
<genii-around> coolball1: Maybe also a static IP
<yolanda2> i'm having a strange problem with quantum. It depends on python-cliff, which is added as dependency and installed. But some tests are failing with "No module named cliff" error
<yolanda2> any idea?
<yolanda2> zul ^
<rbasak> yolanda2: if you run python from the command line, then does "import cliff" work?
<yolanda2> rbasak, yes
<yolanda2> it's failing on the tests:
<rbasak> In what environment is the test that is failing running in?
<rbasak> As in dep8, or out of the source tree, or something else?
<yolanda2> http://paste.ubuntu.com/1640153/
<yolanda2> it's a run_tests.sh -N -P in the package build
<rbasak> Ah, OK. When you say it depends on python-cliff, did you mean build-depends? You'll need a build-depend if you're running the test suite from inside a package build and the test suite needs the cliff module
<rbasak> So it sounds like you need both a depend and a build-depend to me.
<coolball1> I cannot get a static ip
<yolanda2> let me check
<yolanda2> rbasak, it's only adding that as a build-depends
<yolanda2> so i should add a depends also?
<rbasak> yolanda2: if it's failing in the package build, a depends isn't relevant at that stage.
<yolanda2> it fails on the build, yes, on the run tests, but the build-depends is there
<rbasak> yolanda2: at this point I'd use --purge=none --purge-deps=none --purge-session=none options to sbuild, and then examine the session after the failure using schroot -l --all to get the session identifier and then schroot -r -c <session_id> to see why the import is failing in the build environment
<rbasak> yolanda2: assuming I understand your problem correctly.
<yolanda2> ok
<yolanda2> rbasak, Bad purge mode 'none' at /usr/share/perl5/Sbuild/Conf.pm line 493.
<rbasak> yolanda2: sorry. It's "never". For all three.
<yolanda2> oh, ok
<hallyn> smoser: saw the upload ack email - thanks!
<smoser> hallyn, i didn't upload.
<smoser> hm..
<smoser> looks like kirkland got it for you.
<hallyn> wowzers
<hallyn> kirkland: thanks :)
<yolanda2> rbasak, how can i check why that import is failing?
<rbasak> yolanda2: that's a bit hard for me to say from here. But I have one idea. Let me look it up.
<yolanda2> mm, i'm on the session now
<yolanda2> i see that python-cliff is installed
<yolanda2> but then if i execute python, and import cliff, it fails
<yolanda2> maybe is a problem with the package?
<rbasak> yolanda2: what I was thinking is more complicated than I remember
<rbasak> yolanda2: yeah it sounds like a problem with the package
<yolanda2> module should be in /usr/share/pyshared, right?
<rbasak> Something like that. Python module locations always confuse me
<rbasak> Try: strace -eopen python -mcliff and see if you can spot any difference to running that outside the environment with python-cliff installed. It should at least narrow down the paths.
<rbasak> You might need to run schroot -u root -r -c <session_id> in order to get a root session in that environment to install strace
<yolanda2> i'm on it
<jamespage> negronjl: pong
<yolanda2> rbasak, i tested, but module is not where it should be
<rbasak> yolanda2: is this in raring?
<yolanda2> rbasak, yes
 * rbasak takes a look
<rbasak> yolanda2: I see the problem. "dpkg -L python-cliff" in a schroot with it installed shows that it's not actually installing anything useful at all
<rbasak> yolanda2: it does this if I apt-get install python-cliff on a raring instance too.=
<rbasak> yolanda2: looks like python-cliff is completely broken in raring. In what environment did you see it work?
<yolanda2> let me retry, i think i did it on raring
<rbasak> yolanda2: looking at the changelog, zul upgraded a new python-cliff today, a few hours ago
<yolanda2> mm, seems that
<yolanda2> 0ubuntu2 works, but not 0ubuntu3
<rbasak> zul: I think it's completely broken. It only installs stuff in /usr/share/doc/python-cliff
<rbasak> Sounds like we need a dep8 test for python-cliff :)
<yolanda2> in sbuild i have Installed: 1.3-0ubuntu1
<yolanda2> that doesn't work
<yolanda2> in the schroot where i tested it was 1.1.2-0ubuntu2
<yolanda2> and that works
<MannerMan> Hello, I have some issues with Ubuntu 12.04 partitioning, Im using a 60gb SSD, and Ubuntu splits the disk really weird
<MannerMan> http://pastebin.com/3JWtqNC1
<yolanda2> zul, i send you the mp for quantum, it's pending on the cliff issue but the rest is working: https://code.launchpad.net/~yolanda.robla/quantum/grizzly/+merge/148032
<MannerMan>  /dev gets 16 gb etc
<zul> yolanda2:  looking
<MannerMan> On my virtual Ubuntu installs these partitions are around 500mb
<sarnold> MannerMan: what are the chances that those are tmpfs and you've got 16 gigs ram?
<MannerMan> sarnold: I got 32 gb ram
<sarnold> MannerMan: ah, right, the default is _half_ the ram. sigh. :)
<MannerMan> sarnold: :)
<MannerMan> Okey that makes sense
<MannerMan> Wonder why i'm only getting 24gb on /
<MannerMan> ESXi have been installed to this disk before, however I wanted to try out KVM
<sarnold> MannerMan: did /home or swap get the other ~30 gigs?
<MannerMan> I dont think so, you have the entire df -h output @ pastebin link
<sarnold> hunh.
<MannerMan> http://pastebin.com/3JWtqNC1
<sarnold> MannerMan: fdisk -l or cfdisk -l or whatever the newfangled way to see gpt partition layouts?
<MannerMan> sarnold: one sec
<MannerMan> sarnold: http://pastebin.com/2htN9T2U
<MannerMan> Something is messed up there
<sarnold> MannerMan: aha, that looks like 32 gigs of swap
<MannerMan> Nice :D
<sarnold> MannerMan: perhaps, in case, you wish to suspend-to-disk? :)
<MannerMan> I guess I need to do manual partitioning here
<rbasak> yolanda2, zul: python-cliff upstream have introduced a Makefile wrapper around setup.py that is confusing dh_auto_build
<MannerMan> I simply choosed to use the entire disk
<zul> rbasak: yeah i know...im fixing it now
<rbasak> zul: OK, I'll leave it to you then :)
<sarnold> MannerMan: yeah. that might not be an ideal use for this system :)
<MannerMan> sarnold: Indeed :)
<yolanda2> zul, are you able to fix it? do you want me to take a look tomorrow?
<zul> yolanda2: yes im looking at it now
<MannerMan> Reinstalling with manual partitioning, gonna give it like 2gb swap
<yolanda2> i need to leave for today, quite a long day
<yolanda2> i leave you the quantum mp and i can merge that tomorrow
<yolanda2> bye!
<zul> rbasak/yolanda: fix now
<F3Speech> Need help installing a HP Laserjet 1200 via a usb to serial adaptor using ubuntu server cli and cups cli or web interface! Currently Ive had it print a test page but network users couldnt print so I tweaked and now I cant even see the printer. Could really use a hand to point the way...
<jcastro> utlemming: wanna talk vagrant/juju?
<kirkland> hallyn: welcome ;-)
<belgianguy> so I was thinking of getting myself a VPS, but I need some sort of web-frontend for my client
<cliff__> Can someone help me configure my ubuntu server's network configuration?  I'm connected to a router that's not using NAT, and I'm lost
<belgianguy> is there such a thing in a PPA? like Plesk/CPanel etc
<iqualfragile1> i just want to make shure i did not make any mistake early on: im trying to set up a bind9 dns, when using nslookup host.example.com it gets me the right ip-adress (192.168.9.1) but when i try nslookup 192.168.9.1 it just tells me host. not host.example.com. is that wrong?
<iqualfragile1> ok, solved my problem on my own, thanks anyways
<Daviey> smoser: http://paste.ubuntu.com/1640714/ .. taken from the example.. if package_upgrade: true <- doesn't imply and _update, it will not do an upgrade as the apt listing is current.. right?
<smoser> i think upgrade might force update
<smoser> as it really should, Daviey
<RoyK> smoser: upgrade won't force update
<RoyK> update is another thing
<smoser> RoyK, the context was cloud-init
<smoser> where sanity was (i believe) ensured.
<RoyK> sanity is overrated
<smoser> upgrade without update is simply asking for failure to download packages removed from -updates (or developement cycle)
<smoser> (especially if this is an image that was made 6 months ago)
<belgianguy> anyone good experiences with web front-ends for Ubuntu Server?
<belgianguy> It's not for me, it's for a friend
<belgianguy> I myself am content with scp and Cacti
<belgianguy> eg Zpanel, anyone ever used that?
#ubuntu-server 2013-02-13
<sweettea> what does one use on a linux iptables masquerade router
<sweettea> to do QOS
<sarnold> sweettea: I've used this before: http://lartc.org/wondershaper/
<sweettea> tc?
<sarnold> traffic control
<sweettea> that is the first hit on google for
<sweettea> nice
<sweettea> how was the experience?
<sarnold> sweettea: quite good :) interactive stayed interactive...
<vedic> I have my server located at remote place. I would need to take real time backup of data coming to that server as another server at another location would need that. Is it good to use OpenVPN and then do rsync? or rsync itself is good enough. Security is important as it is customer's sensitive data. Also, for regular maintainance is it advice to use OpenVPN compared to ssh?
<melmoth> rsync can be easily tunnelled in ssh.
<melmoth> much more easy to set up compared to setting up a vpn
<vedic> melmoth: Would rsync + ssh provide almost real time data transfer? Data should not remain on the first server for more than 5 seconds
<melmoth> forget about it
<melmoth> you are looking for real time mirrorring sumthing, rsync is not the tool you are looking for
<melmoth> may be drdb, i never used it
<vedic> melmoth: Any other method for data transfer in real time? Each file is just 100 to 150 KB but there are about 30 files every minute
<melmoth> none that i am aware of (but there may be , this is not a problem i was ever confronted with)
<vedic> melmoth: Over a LAN, NFS can handle it but over internet, I don't have experience
<melmoth> well, not really.
<melmoth> if you set up a nfs server, your data will still be hosted only in 1 place
<melmoth> so there will be no replication of data, wich is what you say you were looking for.
<melmoth> if what you need is shared storage, then yes, nfs is one way to go
<bradm> vedic: maybe something like a clustered filesystem could do what you want
<vedic> melmoth: It will do if 2nd remote server is able to access the data available on first remote server but eventually it should transfer. If that is possible, transfer can be delayed for about 1 or 2 minutes
<vedic> melmoth: NFS at least will provide access to the resource on another server so I said NFS on LAN can handle that.
<melmoth> nfs will solve the 'several system can see the same data at the point in time' problem, not the "live backup of data" one.
<melmoth> (plus i m not 100% sure flock (2) is implemented in nfs. If you need concurrent access on file locked with flock, you ll probably a shared block device and clustered file system
<vedic> melmoth: ok
<vedic> melmoth: From your experience, can you comment how fast rsync can be made in starting data transfer? What would be typical delay if that is minimized
<melmoth> it depends :-)
<vedic> melmoth: Consider that you have the situation I mentioned
<melmoth> if i understand correctly, it is designed to compared both file (source and destination), and only trnasfer the delat between the 2.
<melmoth> so first time you launc it takes some times... Then it s a bit faster
<vedic> melmonth: yea, ideally
<melmoth> but it s not designed to be a live stuff
<vedic> melmonth: But in my case, its all new files every time
<melmoth> you run it every once in a while, and i guess you dont want to backup a live database file storage this way
<melmoth> vedic, i dont think rsync is what you are looking for, really.
<vedic> melmoth: Basically I want to transfer files stored in a directory as soon as possible and then delete that file from directory
<melmoth> no idea how to do that.... nor with rsyc, and even less with nfs.
<vedic> melmoth: So basically no such easy tools then looking at cluster file system
<melmoth> clustered file system is a file system you put on a _shared block device_ that several nodes access it directly
<bradm> vedic: even cluster file systems won't really do that, they're usually for keeping multiple copies of something, not one in a different location
<melmoth> it s kind of nfs, except what is shared is not a _fileysystem_, but a _block device_
<vedic> melmoth: I see
<Ravi> Hi My name is RaviTeja. I have a query..Could anyone please help... I had installed ubuntu 12.04 64-bit desktop edition in a machine. The hardware configuration of the machine is its a HP manufacture with, i5 processor 4 GB RAM and 250-GB Hard-disk. I installed lamp-stack in the machine and configured mysql database. This is for an local office purpose and a survey form is included in the document root of the apache. it will have
<Guest14403>  Now the question is is there any limit for concurrent connections for the machine? If so, how do i increase the concurrent connections?
<Guest14403> hi..Could anyone please help regarding this? Its bit urgent
<Myrtti> you got cut off at it will hav
<Guest14403> Some users reply back saying that the server is un-responsive.. There is no band-width restriction
<vedic> Why DSA is limited to 1024 on ubuntu? in FIPS 183-3, it is mentioned that it can go upto 3072
<andol> vedic: In what context? The default /etc/ssh/ssh_host_dsa_key?
<vedic> andol: yea, key gen
<andol> vedic: My *guess* is that it being a ssh thing, clients expecting a dsa host key to be 1024 bits. Not that I think there are many ssh clients around who aren't capable of at least prefering the rsa key instead.
<Masshuu> So I have a random issue. I setup a server on a spare computer I had here, I set a static IP but sometimes it reverts to DHCP for no reason.
<Masshuu> doing a ifdown -a && ifup -a fixes it
<jpds> Masshuu: /etc/network/interfaces ?
<Masshuu> relivant bits http://pastebin.com/nGV6kqUu
<Masshuu> though since I can't figure out how to modify the resolv.conf since it simply says it will be overwriten, im going to add this
<Masshuu>         dns-nameservers 8.8.8.8 8.8.4.4
<Masshuu> what happened to the simpler times
<jpds> Masshuu: dns-nameservers is what you're suppose to do.
<Masshuu> oh lol
<Masshuu> perhapse for some reason its still renewing every XX time
<jpds> Masshuu: Did you kill dhclient ?
<Masshuu> I duno but this should work if thats the case: apt-get remove isc-dhcp-client
<Masshuu> Lets get to breaking stuff. Its what I do best
<jpds> Masshuu: Removing the package doesn't mean that it's stopped running,
<jpds> Masshuu: ps aux | grep dhclient
<jamespage> ivoks: ping
<ivoks> jamespage: pong
<jamespage> ivoks: hey
<ivoks> jamespage: i have to relocate to my office right now; let me ping you in 30 minutes
<ivoks> is that ok?
<jamespage> ivoks: sure - I'll be around
<ivoks> great... brb
<ivoks> jamespage: back
<lwizardl> hello
<cfhowlett> lwizardl, greetings
<lwizardl> i'm looking at starting my own server for hosting a few small sites. but the issue comes to the dns nameservers. I was always told they was a bad idea to host on your own
<cfhowlett> lwizardl, as I understand it, using the google dns is the preferred default ...
<jamespage> ivoks: hey
<ivoks> jamespage: i just need some ceph expertiese, if you are willing to help :)
<jamespage> ivoks: I am
<ivoks> jamespage: for ceph 0.56, if one uses cephx auth, certificates need to be established, right?
<lwizardl> cfhowlett, so using the google dns is looked at the proper way but does that also handle the nameservers as in ns1.blah.tld?
<cfhowlett> lwizardl, sorry, I'm not qualified to give this level of advice.  please stay in channel and ask someone more informed ...
<lwizardl> cfhowlett, thanks :)
<jamespage> ivoks: yes
<ivoks> ok, let me rever back to none then, just to speed things up
<rbasak> lwizardl: I'm not sure what cfhowlett means by google dns. For a small number of servers, I'd just use whatever dns servers your dns registration provider gives you to use.
<lwizardl> rbasak, so like the godaddy nameservers and then point the site to the small server? it has been a few years since I last done this.
<rbasak> lwizardl: correct. Then set up an A record with godaddy with your server's address. But I (personally) wouldn't use godaddy. I've heard lots of people complain that it's hard to get anything done through their interface without having to say no to buying lots of extras
<lwizardl> rbasak, yeah i have switched almost all my domains from them. only have 3 left on them and they are going to be transfered in the next 2 months to my new registar
<Daviey> jamespage: In Austin, we hit bug 1123998 .. did we fix it locally, or just chmod?
<uvirtbot> Launchpad bug 1123998 in qemu "Can't launch VMs from virt-manager or virsh: Could not access KVM kernel module: Permission denied" [Undecided,New] https://launchpad.net/bugs/1123998
<jamespage> Daviey: hrm - maybe
<jamespage> lemme dig out the bug - hallyn was working on it - some sort of udev regression
<Daviey> jamespage: don't panic, i'm sure hallyn will pick it up.
<hallyn> jamespage: do you still see that?  If it's urgent I can work around it with manual getfaclin postinst.
<hallyn> But I need to talk more with pitti about the core udev bug
<hallyn> (i can't actually test right now - netinst images are not working for me)
<hallyn> but bug 1103022 is the one that really needs to get fixed
<uvirtbot> Launchpad bug 1103022 in udev "70-udev-acl.rules needs to put g+rw on /dev/kvm" [High,Confirmed] https://launchpad.net/bugs/1103022
<hallyn> I guess I'll dig through udevacl code today
<zul> smoser:  saw that bug you opened looking at it now
<jamespage> hallyn: agreed re the bug that needs fixing
<jamespage> it just stuffed my first raring+grizzly deployment
<hallyn> jamespage: do you want me to add getfacl to postinst for now?
<hallyn> in fact maybe I'll do that and get rid of the ugly udev rule - in postinst will be prettier
<hallyn> breakfast -biab
<jamespage> hallyn: its not mega urgent; I'd prefer to wait for the right fix assuming thats days and not wees
<jamespage> hallyn: have a nice breakfast!
<vedic> How to ensure that apt-get doesn't upgrade kernel? I have few libraries that are compiled for current kernel headers.
<vedic> security updates should be installed though
<vedic> How to ensure that apt-get doesn't upgrade kernel? I have few libraries that are compiled for current kernel headers. security updates should be installed though
<cwillu_at_work> vedic, might consider setting those packages up in dkms
<vedic> cwillu_at_work: It is for remote server. I would prefer that security updates happens automatically every week or less but package upgrade should not happen automatically
<cwillu_at_work> so don't include -updates in your package list
<BrEphraim> Here's my situation: I'm trying to migrate between hosting providers. It's an ecommerce site, so I need to have an instantaneous db changeover. In order to avoid DNS TTL-related lag time, I need the old server to automatically forward all requests to the new server. My problem is: the new server runs on a load balancer, and so is a CNAME record rather than a static IP. I am at a loss as to how to set up the
<BrEphraim> forwarding in this case.
<resno> BrEphraim: hmm, thats intersting. and im not the person to answer. but thats just interesting
<JesterJ85> quick question: I'm running ubuntu server in virtualbox. Is there a way I can just have it automatically start with the latest headers, instead of just giving me the choices with the countdown?
<MagicFab> JesterJ85, make countdown zero, it will go to default (latest)
<MagicFab> BrEphraim, why not schedule downtime? Check activity, there could be an easier solution even if you have a small window.
<alimj> BrEphrahim: First go with MagicFab solution. Downtimes are good for these kind of job. Also why dont you use two CNAMEs?
<resno> i was going to suggest that to
<JesterJ85> is there a configuration file that I can edit? basically I'm running it headless with an automatic start script that starts it when I start my computer...but sometimes it doesn't give a countdown...so it never starts
<BrEphraim> how would I use two CNAMEs?
<ikonia> BrEphraim: just set two CNAME records
<BrEphraim> accomplishing what, though?
<BrEphraim> the point is I don't want data going to two dbs simultaneously
<BrEphraim> need a clean break
<alimj> CNAME 1 record: example1.com -> example2.com, CNAME 2 record example2.com -> finalexample.com, final record: finalexample.com-> real IP
<BrEphraim> alimj: sorry, I'm still confused about how that would solve my problems in the case of people using stale DNS records
<alimj> Easy
<alimj> BrEprahim. 1st step. Set new server. Do not touch NS records
<alimj> BrEprahim. Set CNAME on old server to forard all request to new server, still do not touch mail NS records on registerer
<alimj> BrEphrahim. Finally modify NS records on registerar and update them to point to new server
<BrEphraim> alimj: so will setting the CNAME on the old server take effect immediately, even if ISPs have cached the old records, eg A record for the subdomain pointing to old server's static IP?
<alimj> BrEprahim: Yes, In order to be sure you can reduce TTL to a really short value such as 120
<alimj> BrEprahim. Change the TTL to 120 now, do it tomorrow
<alimj> Your server will be down just for two minutes
<alimj> Actually you can even avoid it
<alimj> But Two minutes should be OK
<alimj> Just to be on the safe side
<BrEphraim> alimj: ok. my knowledge is scanty, so I didn't know if the old server's local DNS would override the registrar's
<BrEphraim> thanks everybody
<zul> yolanda/jamespage: https://code.launchpad.net/~zulcss/python-swiftclient/final/+merge/148211
<vedic> Need advice. Currently I have one server that is 8 core Xeon with 8GB RAM. I can't get another server at least for next 8 months. I need to run database for my application. Is it good to run database inside VirtualBox (command line no gui as its on remote server), and keep application and database separate? or it is safe to run it along with application but allow access from localhost only. I already have ssh lock down the server.
<yolanda> ok
<yolanda> zul, done
<alimj> BrEphrahim. Just in worst case senario, if you decrease the TTL to just two minutes, you will have enough time to switch everything while the DB on first server is down
<BrEphraim> alimj: yeah, two minutes downtime is no problem
<alimj> BrEphrahim. I still recommend you to wait 1 day until your old DNS records on all DNS caches arround the world are expired.
<alimj> Then the new short lived new records with just two minutes will be effective
<alimj> BrEphrahim. and the next day increase the TTL to 14400 again. The very old value of 86400 is not recommended anymore
<BrEphraim> alimj: fortunately, I already reduced the TTL on saturday, so I should be good to go
<alimj> Then good luck
<alimj> BrEphrahim. You can still query some famous nameservers to check the current status of DNS records on them
<alimj> BrEphrahim. But if you reduced it yesterday, you are good to go
<BrEphraim> alimj: thanks very much, very grateful for all the help
<zul> yolanda: one more https://code.launchpad.net/~zulcss/python-novaclient/final/+merge/148214
<alimj> Anytime
<yolanda> zul, done
<zul> thanks
<hallyn> stgraber: on bug 1121917, when you tried to reproduce, did you create bridges extbr0 and intbr0?  how did extbr0 relate to bond0?
<uvirtbot> Launchpad bug 1121917 in libvirt "guest removes interface from host bonding interface when "infenslave-2.6" is installed in the guest" [High,New] https://launchpad.net/bugs/1121917
<hallyn> just bridge_ports bond0 in extbr0,
<hallyn> while intbr0 had no ports by default?
<stgraber> hallyn: nope, I went the lazy way, setup eth0 and eth1 in a bond, then created a container with two network interfaces attached to lxcbr0 and then installed ifenslave-2.6 in the container
<stgraber> hallyn: that was based on the assumption that the problem is with eth0 and eth1 in the container having the same name as those on the host was somehow triggering the removal from the bond due to uevents
<RoyK> anyone here that knows how I can place a bridge on top of wlan0 with wlan0 attached to a network with wpa2? wlan0 works well, but with the bridge, it fails badly
<hallyn> stgraber: ok, thx
<hallyn> RoyK: last i knew, wlan0 could not be bridged
<RoyK> oh
<RoyK> why not?
<hallyn> not sure
<qhartman> RoyK, hallyn, http://serverfault.com/questions/152363/bridging-wlan0-to-eth0
<hallyn> yeah http://kerneltrap.org/mailarchive/linux-ath5k-devel/2010/3/21/6871733 (linked from there) seems to give the best explanation
<qhartman> tl;dr - "Bridging doesn't work on the station side anyway because the 802.11
<qhartman> header has three addresses (except when WDS is used) omitting the
<qhartman> address that would be needed for a station to send or receive a packet
<qhartman> on behalf of another system."
<RoyK> qhartman: not that sort of bridging - I want to create br0 and set that as the primary interface for virtualisation use, just like I do with eth0
<qhartman> RoyK, even so, I think it's the same root problem
<hallyn> RoyK: i'd recommend looking at how libvirt and lxc set up virbr0 and lxcbr0
<hallyn> but if you want the better perf of a real bridge...  can't
<RoyK> heh
<RoyK> guess I'll get a longer tp cable, then
<Guest-1119> Hello, does anyone know what 1001 is?
<RoyK> that's a number, 1000 + 1
<qhartman> RoyK, could get a physical wireless bridge device and hook that to the eth on the server
<Guest-1119> Guest:x:1000:
<Guest-1119> ftpusers:x:1001:Guest
<RoyK> qhartman: no big deal
<Guest-1119> what does that mean ?
<RoyK> that's the UID
<RoyK> numeric user id
<Guest-1119> Ah
<Guest-1119> For some reason the user set up on vsftpd has access to root o_o
<RoyK> well, most users can access the root filesystem
<RoyK> unless they're chrooted
<Guest-1119> I chromed the acc
<Guest-1119> chrooted*
<Guest-1119> but it still accesses root :s
<RoyK> then you didn't chroot it
<RoyK> what ftp server?
<Guest-1119> a private one.
<RoyK> well, vsftpd, ncftpd, proftpd, ... ?
<RoyK> good old ftp, or sftp?
<pndemc> sftp
<RoyK> then read up on rssh
<Guest-1119> vsftpd
<RoyK> used as a shell to chroot users
<RoyK> vsftpd can chroot - it's in the config
<RoyK> Guest-1119: vsftpd can chroot users, but it won't stop them from logging in with ssh unless you're careful
<RoyK> ssh/sftp/scp/etc
<Guest-1119> RoyK, how do i stop a user from having access to anything other than his own directory and subdirectories?
<Guest-1119> as in, he can't click '..' in filezilla, he can't ssh
<RoyK> Guest-1119: rssh
<smoser> this is a pretty awesome bug
<smoser> https://bugs.launchpad.net/ubuntu/+source/cloud-initramfs-tools/+bug/1123220
<uvirtbot> Launchpad bug 1123220 in cloud-initramfs-tools "cloud-image VM causes kernel panic if image is resized" [Low,Triaged]
<escott> RoyK, Guest-1119 vsftpd has nothing whatsoever to do with ssh
<smoser> its 100% legitimate heisenbug.
<Guest-1119> escott, I didn't say it did
<smoser> if you attach a serial device to try to see whats going wrong, then it wont go wrong.
<utlemming> smoser: I am thinking that we probably should back out ttyS0 change
<escott> Guest-1119, the fundamental conflict in your question is this: the computer does not know what a "user" is. all it knows is that a process runs with a particular uid. if you block a users access to /usr/bin (and other folders) there are no binaries for them to run, and there is no way for them to exist on the system
<smoser> utlemming, both of those bugs are un-related to any change
<smoser> we've hat ttyS0 in the images since lucid
<smoser> the change was to add 'tty0'
<smoser> which actually changed nothing.
<utlemming> ah, sorry, that's what I meant, tty0
<smoser> (changed nothing with respect to these bugs)
<smoser> at least i'm pretty sure.
<escott> Guest-1119, you can chroot or (the more popular choice in todays world use virtual machines/containers) and drop a limited set of binaries in their lap, but you cannot deny them access outside of a folder without giving them something like a full system in that folder
<pndemc> chroot is a jail?
<Guest-1119> escott, ah, thanks, probably easier to use rash?
<Guest-1119> rssh*
<escott> Guest-1119, if you just want them to be able to upload/download files things like sftp can be easily chrooted (http://www.minstrel.org.uk/papers/sftp/). similar capabilities exist in ftp daemons
<escott> Guest-1119, i would not trust rssh unless you are very very careful in the construction of your whitelist
<Guest-1119> escott, so if I only want them to be able to ftp with vsftpd , if i chroot them they won't be able to log in via ssh?
<escott> Guest-1119, vsftpd has nothing whatsoever to do with ssh. its like asking "if i chroot them with ftp will they be able to brush their teeth?"
<escott> Guest-1119, i dont know?! Do they have a toothbrush?
<Guest-1119> .. But with the same username and password, can they login via ssh
<escott> Guest-1119, if you dont block them by making an independent modificiation in your ssh config they could login with a username/password via ssh
<escott> Guest-1119, some of these ftp daemons support shadow accounts or fake accounts. where it is not put in /etc/passwd but instead in /etc/daemon.conf
<RoyK> escott: he was talking filezilla and ssh, meaning sftp
<escott> Guest-1119, a fake account like that is not a real account so other applications like ssh/login don't know anything about it
<RoyK> escott: rssh works well with chrooting users for scp/sftp/rsync
<RoyK> and blocking ssh logins on the way
<escott> RoyK, i would not trust rssh. and i fail to see how rssh is related to vsftpd
<smoser> utlemming, i can confirm that boot fails without 'tty1' on the cmdline just as if it is there.
<smoser> the issue is that /dev/console gets assigned to a non-existant device, and any writes to stdout ('echo HIMOM') fail
<RoyK> escott: it's not related to vsftpd, but he said he's connecting with filezilla, which supports ssh. I would trust rssh, though, I'm using it in a 20k user environment
<RoyK> escott: better use rssh with ssh tunneling than using plaintext auth with ncftpd
<RoyK> ftp over ssh is mature, and secure
<RoyK> so is rssh
<escott> RoyK, i wouldn't disagree about sftp. i guess the question is what is Guest-1119's question
<RoyK> well, ask him (or her). I think I understood what (s)he said quite well
<Blinkiz> Hello. I have a new server with Supermicro motherboard, Network card Intel 82574L and 82579M. Problem is that I can not see ethX. It does not exist. shows up fine in lspci. lsmod shows no usage of e1000e driver. dmesg has info about ethX but nothing that seems alarming. Using 12.10 server
<Blinkiz> Someone that can help me troubleshoot this?
<Blinkiz> ifconfig ethX up does not exist. Ethtool -i ethX can not see any devices. (ethX = eth1, eth0, eth2 and so on)
<RoyK> Blinkiz: some boards have newer PCI IDs for commonly know cards. it might be the issue
<RoyK> bitfury: http://blog.krisk.org/2013/02/packets-of-death.html ?
<Blinkiz> RoyK, Hmm, interesting.
<Blinkiz> RoyK, Where can I see the PCI IDs for my network cards? lspci?
<RoyK> lspci -v iirc
<RoyK> lspci -vn
<sarnold> Blinkiz: http://communities.intel.com/community/wired/blog/2013/02/07/intel-82574l-gigabit-ethernet-controller-statement
<RoyK> Blinkiz: you can override the pci ids allowed for a driver in /sys somewhere
<RoyK> Blinkiz: ok, but I think it was related to supermicro - see the comments on that blogpost
<Blinkiz> Yeah, I want to find my PCI IDs and put it into a google search, if this is the problem, others will have it
<escott> Blinkiz, in newer kernels there is a new naming scheme for interfaces (coming from redhat) /dev/p#p# or some such that udev might map back to eth something
<Blinkiz> escott, It is? did not know that
<RoyK> bitfury: pastebin ifconfig -a
<escott> Blinkiz, thats my understanding https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/appe-Consistent_Network_Device_Naming.html
<Blinkiz> escott, Does this apply for me running 12.10?
<RoyK> Blinkiz: quite possibly
<escott> Blinkiz, i believe so.
<Blinkiz> Aaa, cool. I have a p4p1 interface!
<RoyK> :)
<Blinkiz> ifconfig -a did the trick, thanks RoyK
<Blinkiz> Did not know about that. Thanks escott  :)
<Blinkiz> Need to go, thanks for the help guys!
<pythonirc1011> is there a good partition size recommendation somewhere that I could use for partitioning a 4TB drive for ubuntu (its a raid 10).
<xnox> pythonirc1011: use lvm use manual paritioning -> in there choose partition free space automatically. it will give you a few options to do all in one or split.
<xnox> pythonirc1011: lvm will allow you to later adjust the sizes, manual partitioning will allow you to see the sizes and change them.
<xnox> pythonirc1011: if the box has loads of RAM the default swap size maybe way too large for typical use cases.
<plars> jamespage: can you (or anyone else here who might be set up for it) try the maas and iscsi tests on the 12.04.2 candidate images?
<hallyn> ivoks: hey, on https://blueprints.launchpad.net/ubuntu/+spec/servercloud-r-qemu, i was going to delete your TODO regarding vhost_net given bug 1029430.  were you planning on investigating that regardless?
<uvirtbot> Launchpad bug 1029430 in nova "KVM guests networking issues with no virbr0 and with vhost_net kernel modules loaded" [Undecided,Confirmed] https://launchpad.net/bugs/1029430
<dexterboy1106> I just got owncloud setup and put the share directory on my samba share as a folder I cant acces it through the share only with owncloud is there a way to add a  2nd user and group
<dexterboy1106> I want to be able to move files in and out of the owncloud directory with filezilla or a maped network drive share on windows is that possible
<foo> I just deployed new ubuntu server. authorized_keys for ssh isn't working. This is fairly basic, and I think it should work. Any tricks on ubuntu?
<mikal> foo: do you have encrypted home directories turned on?
<hackeron> hey, quick question - I need to install ubuntu server on about 50 hard drives or so. I have a little custom script to do it with debootstrap: http://pastie.org/6157544 and some other magic - but I'm stuck with automating the hard drive partitions. Anyone know of an easy way to create just 2 partitions, 1 swap that is 1GB and 1 root that is the rest of the available space?
<foo> mikal: hm, not sure - this was a rackspace cloud server install. How can I check?
<dexterboy1106> I just got owncloud setup and put the share directory on my samba share as a folder I cant acces it through the share only with owncloud is there a way to add a  2nd user and group
<dexterboy1106> I want to be able to move files in and out of the owncloud directory with filezilla or a maped network drive share on windows is that possible
<hackeron> anyone? - I need to install ubuntu server on about 50 hard drives or so. I have a little custom script to do it with debootstrap: http://pastie.org/6157544 and some other magic - but I'm stuck with automating the hard drive partitions. Anyone know of an easy way to create just 2 partitions, 1 swap that is 1GB and 1 root that is the rest of the available space?
<hackeron> maybe the code that does the "guided partitioning" in the ubuntu installer? - any ideas where I can find this code?
<p201> hackeron, what about FAI? http://manpages.ubuntu.com/manpages/precise/man8/fai.8.html
<adam_g> zul: ping
<zul> adam_g: yo
<adam_g> zul: did those precise rebuilds w/o python3 dependencies ever get sorted out?
<zul> adam_g: yeah i think i uploaded them
<hackeron> p201: interesting, thanks for that
<genii-around> hackeron: I used to do this in a preseed file with a gparted "recipe" but it's been a while
<adam_g> zul: ok. im gonna do some more rebuilds to get http://status.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/grizzly_versions.html more green
<hackeron> genii-around: gparted recipe?
<zul> ack
<zul> hackeron: why not do one hard drive and just dd the hard drive to copy it
<genii-around> hackeron: They explain better than I can at http://askubuntu.com/questions/129670/how-do-i-modify-this-preseed-snippet-to-partition-my-hard-drive
<hackeron> zul: that takes hours and there are different size hard drives
<hackeron> genii-around: they used a fixed size there, I want to use all available space
<hackeron> p201: fai looks way, way overkill - I just want to automate partitioning, debootstrap does everything else I need
<hallyn> stgraber: so I'm thinking the lxcpath option will be '-P|--lxcpath'.  sound reasonable?
<hackeron> any ideas where I can find the code used in the ubuntu guided partitioning during installation? - that does everything I need
<genii-around> hackeron: A more detailed explanation of the "recipes" is at https://help.ubuntu.com/10.04/installation-guide/i386/preseed-contents.html#preseed-partman
<stgraber> hallyn: yep, sounds good
<adam_g> zul: requests was the package that needed modification for precise build, right?
<zul> adam_g:  no it was one of the dependencies i forgot which
<zul> adam_g: i think it was oauthlib
<adam_g> zul: also, how do the packages from openstack-ubuntu-testing-bot end up getting pusehd to https://launchpad.net/~openstack-ubuntu-testing/+archive/grizzly-trunk-testing/+packages ?
<adam_g> zul: https://launchpad.net/ubuntu/+source/requests looks like this is the one that has all the python3 additions
<zul> adam_g: then thats is the one
<zul> adam_g: when the builds pass it gest dput locally and in the ppa
<adam_g> zul: where did you upload your modified requests package?
<adam_g> zul: that is true for the openstack packages that git triggered via git, but what about the dependency rebuilds ?
<zul> adam_g:  its done manually afair
<adam_g> erm
<zul> adam_g: requests is at https://code.launchpad.net/~zulcss/ubuntu/precise/requests/requests-ca
<Ben64> hey i have multiple ip addresses. when i try to route traffic from a certain address, it starts flooding arp requests, how can i stop that?
<adam_g> zul: oh, ok
<zul> adam_g: afair there is a jenkins that rebuilds sources and puts them in the local ppa
<zul> adam_g: erm...local archive rather than ppa
<adam_g> zul: puts em the local archive, yeah. guess it doesn't push to ppa
#ubuntu-server 2013-02-14
<adam_g> roaksoax: around?
<roaksoax> adam_g: not really :) whats up?
<adam_g> roaksoax: a week or two ago you said you were running into an issue with rbd commands blocking? did you ever find out the issue? seeing similar things atm with glance blocking in calls to librbd
<roaksoax> adam_g: yeah. TBH i didnt really find the issue... the next day i tried and issues were gone
<roaksoax> s/snd/the
<adam_g> roaksoax: hm, okay
<roaksoax> adam_g: check ceph.conf for the hosts to be configured correctly though
<roaksoax> adam_g: oh i think it was also related to the osd.. as in using the incorrect /dev/sdb instead of /dev/vdb
<adam_g> roaksoax: yeah, theres a connection between the client (glance) and the ceph node, just not much else happening. just librbd stuck in a lock
<adam_g> roaksoax: also, if you're still around. is deploying raring /w maas on quantal an option?
<roaksoax> adam_g: yes if you have the latest which should be in PPA
<adam_g> roaksoax: is that known to be a safe upgrade from 0.1+bzr1269+dfsg-0ubuntu1 ?
<roaksoax> adam_g: yes you should not have issues
<Fishscene> Greetings. Could someone link me to a tutorial on how to install and set up a DHCP server on Ubuntu server 12.10? I've gone through a couple of articles already and I've run into problems that don't make sense.
<sarnold> Fishscene: this should be similar enough to be worth a start: https://help.ubuntu.com/12.04/serverguide/dhcp.html
<Fishscene> Thanks sarnold, I'll give that a try.
<Fishscene> Nope. No good. Everything looks good, but my VM isn't getting an IP address
<mysteriousdarren> Fishscene: What software are you using?
<Fishscene> Ha! nvm. My VM wasn't on the same physical server as my DHCP server (I'm using a network that isn't connected to the internet or the rest of my network)
<Bourne> anyone have any tutorials
<Bourne> on connecting to wireless
<Bourne> front he command line
<Bourne> for 12.04 LTS
<greppy> Bourne: the easiest way I found to do that was to remove networkmanager and install wicd-curses or wicd-cli
<Bourne> but
<Bourne> I don't have access to the internet currently
<Bourne> I do have
<Bourne> well
<Bourne> ok
<Bourne> nvm
<sweettea> Bourne: you should be able to get the binaries via another medium
<Skaag> my /etc/resolv.conf keeps getting rewritten with: namserver 127.0.0.1
<Skaag> how do I stop this insanity? :)
<sam_> hi all, looking to setup my ubuntu server with 2 WAN interfaces, and would like to configure automatic failover - no load balancing necessary though if possible would be nice
<sweettea> Skaag: are you running networkmanager?
<sweettea> i think theres some dnscache daemon that runs with the newer versions of ubuntu
<sweettea> i forgot how I disabled it
<Skaag> no i'm on ubuntu-server, no gui here
<Skaag> it happens on boot
<Skaag> despite me not using dhcp
<Skaag> my primary nic is setup for "inet static"
<sweettea> networkmanager does not require gui
<sweettea> see if its running
<Skaag> checking
<Skaag> not running.
<sarnold> sweettea: dnsmasq?
<ivoks> hallyn: i'll test it by the end of this week, so no need to delete it
<maxb> ~>
<maxb> oops
<vedic> Is it possible to have one set of public/private keys for ssh user login and another set for backup purposes.
<vedic> with different user for ssh login and backup
<sarnold> vedic: with different users, it ought to be easy, look in sshd_config for Match and ForceCommand
<vedic> sarnold: I see
<vedic> sarnold: What is the usually pattern server admins have? Do they keep separate users for ssh login and task and another user for rsync?
<vedic> sarnold: This is from security point of view.
<sarnold> vedic: that's quite common, indeed
<dch> I've updated dbus config to allow users to run their own upstart jobs. Will they be able to run jobs at boot (e.g. `on started network and filesystem`) or do they need to be logged in interactively and do `start myjob`.
<ikonia> dch: thats an interestin setup
<ikonia> doesn't the call to upstart have to be made by root ?
<dch> ikonia: yes, I'm very pleased so far, except I don't see the job starting at boot, and people are tired of me rebooting it to check :D
<dch> basically you add an xml blob into /etc/dbus-1/system.d/Upstart.conf, and then users can put jobs into ~/.init/
<ikonia> but will that get picked up by the initial init of upstart...I didn't think so (I don't know, I'm half asking)
<dch> ditto. don't know.
<vedic> sarnold: ok
<hackeron> zul: Ended up doing this to partition: http://pastie.org/6161848 -- much easier than all other suggestions :)
<vedic> For remote server backup using rsync, there are various ways suggested to backup without compromising the backup server and remoter server. 1) sshd_config with Match and ForceCommand , 2) using command parameter in authorized keys. 3) setting remote user shell prompt from /bin/sh to rsync script . Which one is secure? and which one is often used by Server admin? My backup server will be managed by few guys I would hire and I don't want them to do anything on
<vedic> The nature of the backup is full server backup every day on a specific time (say everyday night 11:30)
<vedic> on incremental basis
<maxb> It doesn't matter which method of restricting the executed command you use, only that you do it
<vedic> maxb: security repercussion?
<koolhead17> devops and mysqldumop can`t stop posting it here http://devopsreactions.tumblr.com/post/43069215541/waiting-for-a-full-mysqldump
 * maxb chuckles and reposts to work's internal IRC :-)
<Plizzo> Hello! I have an issue with my server. I accidentally enabled ipv6 forwarding in /etc/sysctl.conf and after that my eth0 in /etc/network/interfaces was replaced with an interface called p6p1. I disabled the setting and enabled eth0 again, but it still does not work. When I run ifconfig -a eth0 is not found but only lo and p6p1. Please help me!
<rbasak> Plizzo: I think p6p1 is to do with biosdevname and nothing to do with ipv6.
<Plizzo> rbasak: But it only came after I enabled ipv6, and it has killed all internet connections on my server
<alimj> Plizzo: Wait a sec
<alimj> Plizzo: In /etc/udev/rules.d
<alimj> Plizzp: In 70-persistent-net.rules file
<Plizzo> alimj: Yeah
<alimj> Plizzo: Pastebin for us that file...
<Plizzo> alimj: I can't, only have physical access to the server, no ssh
<Plizzo> alimj: But it's blank, only comments
<Plizzo> alimj: Sorry, no comments even
<alimj> Plizzo: Are you sure? What files you have in /etc/udev/rules.d
<Plizzo> 70-persistent-cd.rules, and 70-persistent-net.rules
<Plizzo> as well as a README
<alimj> Plizzo: Are you sure that the 70-persistent-net.rules is blank?
<Plizzo> alimj: Positive
<Plizzo> alimj: It's just as if eth0 has been wiped clean, no trace of it.. only p6p1, and I wan't to get it all back :(
<rbasak> Plizzo: try biosdevname=0 as a kernel boot parameter
<alimj> Plizzo: rbasak is right. edit /etc/grub.conf and add biosdevname=0
<Plizzo> Hmm, okay
<Plizzo> grub.conf is blank
<alimj> Plizzo: Sorry, that is Redhat path
<alimj> In Ubuntu...
<alimj> ... should be  /boot/grub/grub.cfg if I am not mistaken
<ogra_>  /etc/default/grub
<ogra_> and run sudo update-grub afterwards
<Plizzo> Where do I add biosdevname?
<ogra_> GRUB_CMDLINE_LINUX_DEFAULT= is where you want to add it
<ogra_> GRUB_CMDLINE_LINUX_DEFAULT="splash quiet biosdevname=0"
<Plizzo> Why splash, quiet?
<ogra_> thats there by default
<ogra_> usually
<Plizzo> No, mine was blank
<ogra_> you indeed dont need it
<ogra_> ah, i'm on a desktop install here ...
<Plizzo> Aha! :)
<ogra_> so just add the new parameter there
<Plizzo> Alright, I've added the line and updated grub, what now?
<ogra_> reboot
<Plizzo> Rebooting now
<Plizzo> Waiting for network configuration...
<Plizzo> Why did my eth0 drop and p6p1 become added when I enabled ipv6 forwarding? :/
<Plizzo> It's still waiting for network configuration, give it another 30 secs
<Plizzo> Alright, I'm in, but it booted without network configuration
<Plizzo> What do I do now?
<ogra_> see if ifconfig has eth0 again
<ogra_> you might need to adjust /etc/network/interfaces
<Plizzo> ogra_: eth0 is back and I have an IP-address, but my other computers can't access it
<Plizzo> Weird
<Plizzo> Seems like it's dropping all inbound connections...
<Plizzo> No other device in my network can connect to it
<Plizzo> Now it works
<Plizzo> ufw was acting up...
<Plizzo> Thanks ogra_!!
<ogra_> great
<Plizzo> And ofcourse alimj and rbasak as well
<alimj> Plizzo: Good to here that it is working
<alimj> orga_: Good job
<Plizzo> Thanks :) Now I'm just trying to get name resolving working over my pptp VPN
<Plizzo> Do any of you know how to make it work?
<Plizzo> My VPN works just fine, and I have all forwarding and everything working good, but name resolving won't work
<Plizzo> I set the ms-dns to my gateway (10.0.1.1)
<alimj> Plizzo: And localip in /etc/pptpd.conf is also 10.0.1.1?
<Plizzo> localip is 10.0.1.250 as in my server IP
<Plizzo> alimj: I had it set to 10.0.1.1 but it caused my VPN to continously disconnect
<alimj> Plizzo: Why you do not use a public DNS for ms-dns? Any intranet DNS config?
<Plizzo> alimj: You mean like googles DNS 8.8.8.8?
<alimj> Yes
<Plizzo> alimj: I'm guessing my main issue is that I don't have a local DNS server :P
<alimj> or 208.67.222.222 208.67.220.220 4.2.2.3 etc
<Plizzo> OpenDNS?
<Plizzo> alimj: But that would not get me any local name resolving? For instance, being able to write lumen.local instead of 10.0.1.250 over VPN?
<alimj> Yes
<alimj> In that case, you will require a local DNS
<alimj> If you run intrant addresses rather than internet
<alimj> Plizzo: Do you have bind installed?
<Plizzo> alimj: Nope, I haven't actually installed bind but I'm looking at it. Thinking of setting up my raspberry pi as the local DNS though
<Plizzo> That ought to work, and if the routing goes through there the name resolving ought to work over VPN as well
<Plizzo> Or what do you think?
<alimj> It will work
<Plizzo> alimj: I noticed one thing now, I can't seem to connect to lumen.local locally
<ogra_> does the lumen machine have avahi-daemon installed ?
<ogra_> else the .local domain wont work afaik
<Plizzo> ogra_: Yeah, avahi is installed and it's always been working, until this thing happened with the ipv6 thing
<Plizzo> "ping: cannot resolve lumen.local: Unknown host"
<Plizzo> Avahi is running, and I tried restarting it
<Plizzo> Maybe I should do another reboot to get things running properly?
<Plizzo> ogra_: I still can't reach my server at lumen.local from other machines... But if I ping lumen.local from my server terminal it works
<ogra_> you ping that name or the IP ?
<Plizzo> That name
<Plizzo> And it resolved to 10.0.1.250
<Plizzo> But I fixed it
<Plizzo> Seems ufw was blocking it.
<ogra_> ??
<Plizzo> I typed sudo ufw disable and it worked again
<ogra_> and doe it still resolve to that IP ?
<Plizzo> Yeah
<Plizzo> lumen.local resolves to 10.0.1.250 locally as it should
<Plizzo> Not over VPN, but that's probably because I don't have any local DNS
<RoyK> Plizzo: locally, it uses /etc/hosts.deny
<RoyK> Plizzo: locally, it uses /etc/hosts
<RoyK> even
<ogra_> and falls back to the mdns client then
<ogra_> Plizzo, did that ever work from the pther machines ?
<ogra_> *other
<Plizzo> ogra_: Did what work?
<Plizzo> RoyK: I'm not working on the VPN now, I'm just working on my local network, where lumen.local did not work until I disabled ufw
<ogra_> Plizzo, pinging lumen.local
<ogra_> from the machines that dont work atm
<Plizzo> ogra_: Locally it did not work until I disabled ufw, but now it works on all machines
<Plizzo> Though not over VPN because I have no DNS for name resolving set
<Plizzo> And my gateway does not reoslve
<Plizzo> Do any of you know if you have to rebuild an RAID5 array when you grow it and add another disk?
<ogra_> Plizzo, and all your other machines have mdns clients ?
<Plizzo> ogra_: I'm not sure, I only have Apple machines, so I assume not
<Plizzo> ogra_: But it does not work from my work computer which is running Windows 7, so I guess not
<maxb> Plizzo: That would depend on exactly what you mean by "rebuild" and "grow"
<maxb> Increasing the overall size of a RAID-5 set certainly does require an intensive rearrangement of data
<Plizzo> maxb: I have an RAID5 array now consisting of three 2TB drives and I'm running out of space. I've added another disk to my server which I'm going to format now and append to the array.
<ogra_> Plizzo, well, .local is an mdns domain, the clients need to support mdns for it to work
<Plizzo> maxb: But I was thinking that I should probably do this overnight
<Plizzo> ogra_: Well it works fine in my network on all machines, but not over VPN
<ogra_> probably VPN doesnt forward mdns broadcasts
<Plizzo> maxb: As I thought, the RAID will need to restructure, and that will take time, right?
<RoyK> Plizzo: what sort of restucturing?
<maxb> Yes, a reshape operation over that much data will probably take many hours
<maxb> You can't really append to a RAID-5
<RoyK> Plizzo: oh, 3->4 drives in raid5?
<Plizzo> RoyK: Yeah, I want to grow the RAID to 4 drives
<RoyK> Plizzo: just mdadm /dev/mdX --add /dev/sdX
<RoyK> then --grow --raid-devices=4
<maxb> It's more like increasing the space available and then your data doing a long and intricate dance to new locations
<RoyK> perhaps possible in as single operation as well, but doesn't make any difference
<Plizzo> RoyK: So I add, and then grow, isn't that the wrong order?
<Plizzo> RoyK: I was thinking this:
<Plizzo> mdadm --grow /dev/md0 --raid-devices=4
<RoyK> that works after you've added the forth drive, yes
<Plizzo> Alright, so I first add, then grow? :)
<Plizzo> Okay
<Plizzo> Thanks
<RoyK> --add will add the new drive as a spare
<RoyK> --grow will move it to an active disk
<RoyK> the rebuild will probably take 10+ hours, perhaps more, depending on your drives, controllers etc
<Plizzo> RoyK: Okay, I see, thanks
<Plizzo> RoyK: Will start it overnight then
<Plizzo> RoyK: Should the new drive be formatted as ext4?
<Plizzo> RoyK: Because I'm going to prepare it now so I can start the process before going to sleep
<RoyK> no need to place a filesystem on it
<RoyK> or "format" it as you say
<Plizzo> RoyK: Alright, because you see I have two partitions on the disk currently, and I need to wipe those
<RoyK> it will add to the raid, which will get more space when it's done
<Plizzo> RoyK: But I just wipe the disk clean, and let mdadm handle the rest?
<RoyK> if you --add and --grow, everything will be overwritten
<RoyK> I'd recommend using the whole drive
<RoyK> not partitions
<Plizzo> RoyK: Even if the drive currently has a GUID table?
<RoyK> just use the whole drive, and md will overwrite the partition table, whatever format it is
<Plizzo> RoyK: I want to use the entire drive, but is there no need to remove the existing HFS+ and exFAT partitions on it first?
<Plizzo> RoyK: Alright, thanks
<RoyK> it'll be overwritten
<RoyK> just umount those first
<RoyK> :P
<Plizzo> RoyK: They're not mounted :)
<Haris> Hello all
<IdleOne> Haris: answer might be slower to come in here but someone will be along
<Haris> oneiric is not on archive.ubuntu.com or gb.archive.ubuntu.com anymore. I need it to complete my network installs for 3 boxes. What are my options
<Haris> IdleOne: ah, ok
<jpds> Haris: It is: http://gb.archive.ubuntu.com/ubuntu/dists/oneiric/
<Haris> jpds: the installer should be able to find that out on its own. it doesn't give me option to mention that manually
<zul> jamespage: ping whats leveldb for?
<jamespage> zul, reverse depends for ceph; provides local metadata storage for ext4 filesystem usage on OSD's
<zul> jamespage: ack
<jamespage> zul, I get the same issue on raring fwiw
<jamespage> it might be a localized sbuild related issue
<zul> jamespage: lemme check
<Haris> I get one INFO message in syslog saysing: **: mirror does not have suite symlinks
<Haris> I'm trying to install oneiric
<Haris> the installer is telling me bad mirror for archive.ubuntu.com and gb.archive.ubuntu.com
<Haris> 'bad archive mirror'
<Haris> is there a way to specify an alternate mirror or archive on the Internet to the "out of the box" netboot config that ships with oneiric server-amd64.iso ?
<zul> jamespage: builds fine here
<zul> jamespage: it was python-crypto that had the python3 stuff in it
<jamespage> zul, ack - I'll stuff it up to the PPA and check it out
<hallyn> ivoks: cool, perf info would be interesting (though we still can't enable it by default I don't think :)
<ivoks> hallyn: cause of the iptables?
<hallyn> right
<hallyn> it's trivila enough to enable with a variable in qemu-kvm.conf...
<hallyn> trivial
<ivoks> ok
<roaksoax> jamespage: alright! so crm_res_running basically checks if the resource is running
<jamespage> roaksoax, OK _ so if its not running you cleanup - but do you need to restart if it is running?
<roaksoax> jamespage: if it is not running (or has failed to start), then the resource well get cleaned up
<roaksoax> jamespage: clean up is more in-depth operation than a simple restart
<jamespage> roaksoax, and if its already running then do zip - right I see
<jamespage> roaksoax, in which case that does make sense to me
<roaksoax> jamespage: cool, that prevents from moving the resources to a new node after juju add-unit
<roaksoax> which is what was happening
<jamespage> roaksoax, good-oh
<jamespage> that makes alot of sense to me then
<roaksoax> jamespage: cooll, Now, a problem with keystone/mysql
<roaksoax> jamespage: keystoneclient.exceptions.ClientException: An unexpected error prevented the server from fulfilling your request. (OperationalError) (2003, "Can't connect to MySQL server on 'inst-021.virtual-maas.com' (111)") No
<roaksoax> ne None (HTTP 500)
<roaksoax> jamespage: specially see: inst-021.virtual-maas.com
<jamespage> roaksoax, actually I just saw something similar
<roaksoax> the problem here is that I do:http://pastebin.ubuntu.com/1651257/
<jamespage> roaksoax, I figured I broke something when I added a second mysql unit
<jamespage> but I don't really know what yet....
<roaksoax> jamespage: so it seems that the shared-db reslation is being run before the cluster/peer relation, which causes the shared-db hook to say "
<roaksoax> jamespage: so it seems that the shared-db reslation is being run before the cluster/peer relation, which causes the shared-db hook to say "I'm standalone, not clustered"
<jamespage> roaksoax, indeed - this is the early hook execution stuff I was wobbling on about
<roaksoax> so that means that the new mysql unit passes its host to keystone (instead of the VIP)
<jamespage> roaksoax, if you have a charm that responds in a -joined relation then it can potentially do that
<jamespage> roaksoax, might need to revisit the work that hazmat did on this bit
<roaksoax> jamespage: yeah.. so an ugly solution I was thinking is that if a VIP is defined, then make it start by default (say configure pacemaker/corosync only for the VIP), which would mean not enforcing 2 nodes at a minimum
<jamespage> roaksoax, that approach is still hook timing dependent
<roaksoax> jamespage: yeah so, we need to ensure that peer relationships are being run first
<jamespage> roaksoax, hmm
<hazmat> roaksoax, jamespage was having network issues.. you mentioned you want rel ordering? the standard mechanism of punting in a rel hook till nesc data is avail, doesn't suffice because
<hazmat> you don't know if there will be a peer?
<roaksoax> hazmat: so the issue is basiclaly juju add-unit mysql --> this causes the new mysql unit to say "I'm standalong and have no peers, let's take action accordingly"
<roaksoax> hazmat: so we thought that maybe when you add a unit, one of the first relationships that should be done is the peer relationship, before relating with any other external relationship
<hazmat> roaksoax, i'm missing a lot of context.. who has the peer relation?
<roaksoax> such as mysql
<hazmat> mysql?
<roaksoax> err keystone
<jamespage> it makes no difference - both keystone and mysql have the same challenge
<roaksoax> hazmat: so I do this: http://pastebin.ubuntu.com/1651380/
<jamespage> hazmat, basically both of those charms will respond in a -joined relation with access data
<jamespage> hazmat, but that hook may fire before the peer-joined hook does
<jamespage> hook(s) rather
<jamespage> hazmat, roaksoax: we could defer hook execution like we do with ceph until the right number of peers are present
<jamespage> and provide that through charm config
<jamespage> min-peers: 3
<jamespage> for example
<hazmat> so peer relations are added to a service at deploy time, but their not acted upon till at least one other unit of the same service shows up
<hazmat> so the reason for delaying the mysql add unit, is because you don't want ceph and keystone interacting with the second unit of mysql till its been setup as a slave?
<hazmat> er. till its peer relation with the other mysql units has been estbalished
<jamespage> hazmat, indeed
<jamespage> which is why the 'defer hooks' until peers == min-peers might work better
<jamespage> you could start a standlone with min-peers: 1
<jamespage> then juju set mysql min-peers: 3
<jamespage> juju add-unit -n 2 mysql
<jamespage> its a bit clunky but broadley works
<hazmat> jamespage, so service config is one way to tackle, ha on.. or min-peers.. .. so the issue though is that for the second mysql unit, that it has client/server rels firing.. hmm.. so the rel hook cache probably prevents the peer rel from being detected?
<jamespage> hazmat, I think the relation is detected; but not the members
<hazmat> it seems like if the second mysql unit could detect it has a peer rel, it could respond/not respond appropriately till the peer rel is done
<hazmat> hmm
 * hazmat pokes around
<jamespage> hazmat, yeah - but 'the peer rel is done' is hard to define!
<jamespage> unless you specify what that means outside of the relation i.e. through config
<zul> hallyn: ping
<roaksoax> in my particular case it doesn't really matter is the peer relation is done or not, the only thing needed is that there are peers to defer execution of XYZ
<roaksoax> jamespage: ^^
<hazmat> jamespage, isn't it a question of peer rel config established, and slave ok/data transferred?
<jamespage> hazmat, does the peer relation always exist - even when there is just one service unit?
<hazmat> jamespage, it does... i'm checking on the members
<jamespage> hazmat, I think what we see if that the relation-id is resolvable from first hook exec; but the list of units is not populated until the -joined hooks fire for each unit in the service
<jamespage> infact its is - I debug-hooked this  the other day to try to figure out what was happening!
<hallyn> zul: .
<zul> hallyn: have you seen this before? https://bugs.launchpad.net/nova/+bug/984996
 * hallyn hoping to get some lxc coding finished this morning, but watches zul pull him off course :)
<uvirtbot> Launchpad bug 984996 in nova "Instance directory does not exist: Unable to pre-create chardev file console.log" [Medium,Confirmed]
<jamespage> roaksoax, note that this restricts growing a cluster of service units; building a cluster and then relating actually works OK
<zul> hallyn: im quite good at that
<jamespage> as by then the cluster knows who is in charge!
<roaksoax> jamespage: yeah :)
<roaksoax> jamespage: ok so I just added a check for is_peered() (followwing my old approach), and it *seems* it works now. This simply counts the number of peers in the relationship
<hallyn> zul: no...  but weren't you saying nova likes to just rm -rf instance dirs at the drop of a hat (and host nbd)?
<zul> hallyn: it looks like to me that apparmor is preventing a chardev being created (im not sure) i did some googling and selinux has something http://www.redhat.com/archives/libvir-list/2010-June/msg00608.html
<hazmat> jamespage, yeah.. that's accurate we try to maintain a sense of orderly time for hooks.. ie.  only see things that it has been informed exists.. across rels though it could be made viable
<zul> hallyn: yeah thats fixed those this qemu
<hallyn> zul: i don't think that's it... see comment #3
<zul> hallyn: ok just checking :)
<hallyn> the disk dir is not there - -ENOENT, not -EPERM or -EACCESS
<jamespage> roaksoax, yeah - but that approach is still hook order dependent when growing the cluster
<Sendoushi> anyone knows where parallels shared folder (from mac) is?
<hallyn> zul: oh, now the bug mentioned in the last comment, bug 1123274, that may be...
<uvirtbot> Launchpad bug 1123274 in nova "Unable to pre-create chardev file when booting from volume" [Undecided,Incomplete] https://launchpad.net/bugs/1123274
<jamespage> roaksoax, maybe it runs alphabetically or something - lets just prefix the cluster hook names with 000-
<Sendoushi> on the ubuntu desktop it would be under desktop but... since i'm using -server
<roaksoax> jamespage: i'm doing this: http://pastebin.ubuntu.com/1651533/
<hallyn> but, logs needed :
<hazmat> jamespage, so it looks like members for cross rel hooks are requested fresh... ie. they should be accurate per time of execution.
<hallyn> :)
<roaksoax> jamespage: and that seems to have worked... so I'm re-deploying everything
<hazmat> roaksoax, jamespage do you have a unit log for one of these?
<roaksoax> hazmat: i'm re-deploying, I'll have one in a bit
<jamespage> hazmat, not sure I quite understand " ie. they should be accurate per time of execution."
<Sendoushi> how can i make a search on all the hard drive for a folder name?
<hazmat> i think i see the issue and a simple workaround, such that querying the peer from the second unit will always show the members.
<jamespage> hazmat, thats kinda what we are looking for
<jamespage> hazmat, I swear thats what you fixed up for me a couple of weeks ago and tested OK - but I guess hook order is non-deterministic....
<hazmat> jamespage, so i think the issue is that the second unit, gets a bunch of relations when its first starting up, and just executes them in somewhat arbitrary order..
<hazmat> jamespage, that issue was about cache coherency for relation-ids.. ie pure bug.
<jamespage> hazmat, indeed - so I see things like shared-db-joined, amqp-joined firing before cluster-joined hooks
<SpaceBass> hey guys, I have some 12.04 servers with eth1 configured as static in /etc/network/interfaces and yet every few hours they revert to DHCP
<hazmat> jamespage, yeah.. i can sort the peer rels first when multiple rels are present for the new unit which should give the behavior you want
<jamespage> hazmat, pleeeeassseee!
<jamespage> hazmat, that will save a whole load of defferred hook execution pain for growing clusters.
<hazmat> jamespage, ack, in progress
<hazmat> jamespage, roaksoax  lp:~hazmat/juju/peers-from-hurd
<hazmat> will put in review queue later today
<jamespage> hazmat, ta - I'll tear down and test again
<jamespage> SpamapS, around? something is tickling my brain about why ssl support is not turned on in the mongodb packages but I can't remember what it is....
<SpamapS> jamespage: IIRC its just too new
<jamespage> SpamapS, maybe - I though there was some license incompatibility issue but maybe not
<SpamapS> jamespage: if its gnutls, it should be a simple "turn it on". If it is openssl.. you need to verify that openssl will allow mongo to link.
<jamespage> SpamapS, yeah - that might be it - I think it needs openssl
<SpamapS> jamespage: if there's no libmongodb , I think only the mongo folk have to grant the exception, I misspoke.
<SpamapS> jamespage: as long as none of OpenSSL's symbols end up in a library linked by other things, you should be clear... since I assume MongoDB has granted a license exception for OpenSSL's weirdness.
<jamespage> SpamapS, mongo is part AGPL and part Apache-2.0
<SpamapS> jamespage: dual, or split into components?
 * SpamapS reads debian/copyright
<jamespage> SpamapS, some parts of the source code are AGPL, some are Apache-2.0
<jamespage> SpamapS, http://paste.ubuntu.com/1652108/ last two paras
<jamespage> SpamapS, well actually the source tree is misc others as well due to embedding v8, boost pcre etc. etc.
<agu10^> when I ping my server from itself, it responds with < 2ms. When i ping it from another computer, however, it doesn't respond and lags until about 10 seconds after. And it responds to the 49th ping request or similar. Any ideas what's happening?
<mysteriousdarren> what do you run for your personal server?
<jamespage> SpamapS, I think the Apache bits would be OK - but still researching the AGPL compatibility
<agu10^> mysteriousdarren: ubuntu server, at amazon compute cloud
<mysteriousdarren> agu10: thanks for the response
<SpamapS> jamespage: the bits that link libssl are AGPL
<jamespage> SpamapS, yeah - I just saw that as well
<jamespage> utils/net/sock*
<SpamapS> jamespage: you probably need to open a bug w/ 10gen to get them to grant the specific exception per http://people.gnome.org/~markmc/openssl-and-the-gpl.html and http://lists.debian.org/debian-legal/2004/05/msg00595.html
<SpamapS> jamespage: the issue is that Debian feels if you ship a binary and OpenSSL as "part of the OS" (which all packages are) then you are violating the terms of the GPL.
<jamespage> SpamapS, just getting to that point myself; I think you are correct
<SpamapS> jamespage: Ubuntu could take a different position, but IIRC, Ubuntu has never varied from Debian's position on that.
<jamespage> SpamapS, I think thats unlikely - thanks for helping my figure this out
<smoser> Daviey, jamespage anyone else, cjwatson is requesting some info on un-ran tests at
<smoser> http://iso.qa.ubuntu.com/qatracker/milestones/254/builds/37582/testcases
<smoser> and http://iso.qa.ubuntu.com/qatracker/milestones/254/builds/37583/testcases
<smoser> it would surely seem that we need to run those.
<jamespage> zul, fyi horizon is pretty stuffed in g2 - requests seems to be causing some issues;
<jamespage> I'll try with the trunk PPA's as well
<roaksoax> jamespage: we were experiencing horizon issues last week
<jamespage> roaksoax, I hit one issue in nova client and then a second with the version of requests we have in raring
<roaksoax> jamespage: yeah maybe its not really related... we were using precise and cloud archive
<jamespage> bug 1116740
<uvirtbot> Launchpad bug 1116740 in python-keystoneclient "request() got an unexpected keyword argument 'config'" [Undecided,Fix committed] https://launchpad.net/bugs/1116740
<roaksoax> nope we didn't see tha I think
<jamespage> I think the CA still has an older version - however I probably just fixed that
<jamespage> if fixed is the right work
<jamespage> smoser, hmm - OK
<smoser> jamespage, is that something you're near set up to do ?
<smoser> if you and i are on equal "that sucks" ground, then i can help. if its trivial for you, then i'd let you do it :)
<smoser> and for maas, maybe bother roaksoax
<jamespage> I can't do the maas ones
<jamespage> but I have most of the images synced
<jamespage> so could do some of the others
<jamespage> smoser, are we expecting a minimal virtual install to actually work with 12.04.2
<jamespage> ?
<RoyK> jamespage: why not?
<jamespage> RoyK, that kinda why I'm asking
<smoser> i think i'd have the same thought
<jamespage> I'll have to re-run the test case to confirm but my install looks a little bloaty re modules
<smoser> hm..
<jamespage> ~150M instead of 40M
<RoyK> ouch
<zul> jamespage: yeah there were conflicts in g2 between requests and horizon/clients/etc
<jamespage> frustratingly the automated tests for minimal-virtual are disabled
<plars> jamespage: saw that, not sure why
<plars> jamespage: I'm looking at them also, and installation goes ok but I'm wondering if the instructions at http://testcases.qa.ubuntu.com/Install/ServerMinimalVirtualInstall are accurate. I'm seeing that the kernel installed is -generic, not -virtual
<jamespage> plars, things have changed; same base kernel but with a smaller module set for -virtual
<jamespage> plars, I think the auto-test case was telling us the same thing as I see today in November
<plars> jamespage: is this related to the too much space taken up by minimal virtual installs that I was complaining about in https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1053770
<uvirtbot> Launchpad bug 1053770 in ubuntu-docs "ubuntu-server install takes up too much space" [High,Fix released]
<jamespage> hmm - not really
<plars> jamespage: It might be worth revisiting the minimums again at some point, but I wonder if it matters for anyone outside of the cloud installs?
<jamespage> that was about overall install size - this is about how many modules have been installed and which mixin of kernel we get
<smoser> jamespage, the original issue came about when the kernel packages changed names.
<smoser> i think
<plars> jamespage: but that could have been the cause of the overall size being large couldn't it? my virtual minimal install on i386 here is taking up about 758M, on amd64 a bit higher
<smoser> or something resulted in the installer not installing the -virtual kernel
<smoser> that seems still to be the case.
<smoser> if you do not get -virtual kenerl installed, then you're looking at 120M of modules that you dont [necessarily] need.
<jamespage> indeed
<jamespage> smoser, well I've seen it twice now
 * jamespage raises a bug
<zapotah> how did you configure the lacp hash to L2+L3 in /etc/network/interfaces
<zapotah> tried finding the related man page but failed miserably
<plars> jamespage: do you think this came about when we did the changeover to the quantal kernel? I don't recall the timing of that change for certain, but thats our best guess
<RoyK> zapotah: isn't that generated dynamically?
<zapotah> RoyK: apparently not
<zapotah> the switch is configured for L2+L3 (it unfortunately doesnt support L3+L4) but ubuntu doesnt recognize it
<jamespage> plars, maybe
<jamespage> bug 1125408
<uvirtbot> Launchpad bug 1125408 in ubuntu-meta "12.04.2 minimal virtual install is oversized" [Undecided,New] https://launchpad.net/bugs/1125408
<RoyK> zapotah: I thought you could only do a particular level...
<zapotah> i know thers a switch for forcing it but cant find the documentation
<zapotah> bond_xmit_hash_policy layer2+3
<zapotah> that should do it (or did it in the past)
<zapotah> the bond interface drops some packets as the hash algorithms are different on the host and switch
<RoyK> ouch
<RoyK> why not just L2?
<RoyK> lots of IPs on that interface?
<zapotah> its a trunk for 15 vms
<RoyK> ic
<zapotah> so, yeah
<zapotah> :)
<RoyK> zapotah: wouldn't 3+4 work better?
<zapotah> as i said the switch doesnt support that
<RoyK> oh
<zapotah> i would use it ofc if i could
<RoyK> riht
<RoyK> right
<hazmat> jamespage, roaksoax did the branch resolve/help the issue?
<jamespage> hazmat, looks like it
<hazmat> jamespage, excellent
<jamespage> I've managed to introduce 3 new keystone units into an existing cluster with stuffing everything up
<RoyK> what's the memory requirements for the minimal?
<roaksoax> hazmat: yeah it did indeed. Thanks!
 * hazmat gets it into the review queue
<hazmat> should be in the ppa by the weekend
<hazmat> hopefully tomorrow
 * hazmat realizes those are equiv statements ;-)
<RoyK> jamespage: just tried to setup a minimal ubutnu server + ssh - boots with 64MB
<RoyK> jamespage: oh, right, I installed the system first with more memory...
<sliddjur> on a class assignment we're supposed to make a backup system for users /home dirs, a webserver, a mysql database and a mail server. what would be a suitable backup software for this task?
<sliddjur> ubuntu server 10
<sarnold> sliddjur: take a look at duplicity and rsnapshot; they do different things, and since they're on different ends of the spectrum, it'll help you narrow down what you're trying to accomplish.
<RoyK> sliddjur: or just rsync, or perhaps bacula if you want to be a badass
<sliddjur> RoyK: im not a badass. im a student learning the basics :)
<RoyK> sliddjur: not meaning you're a badass, just saying it'll be a very good practical experience to setup bacula for backup
<RoyK> sliddjur: I've been using that for data sizes > 100TiB
<RoyK> it just works
<RoyK> although it takes a bit of time to learn the config
<sliddjur> RoyK: ok well i dont think its intended to use too much time to learn
<sliddjur> maybe a few days
<zapotah> plus the obvious benefit for an enterprise environment of having a windows node software available too (talking about bacula here)
<sliddjur> i guess ill look into rsync
<RoyK> sliddjur: take a look at bacula
<RoyK> sliddjur: it should be quite sufficient with a few days to learn the basics
<RoyK> sliddjur: and it can backup anything, really
<sarnold> sliddjur: be careful with the database .. I'm a bit leery of saying too much and giving away the point of the homework :) but data consistency is important with databases....
<RoyK> use postgresql
<RoyK> with the bacula database
<RoyK> mysql/sqlite are bad choices
<RoyK> postgresql can handle a *lot* more issues
<sarnold> RoyK: as a backend to bacula or as the source of the data to be backed up?
<RoyK> well, both
<RoyK> as a backend to bacula - check
<RoyK> as being backed up by just a file backup - check
<sliddjur> the database we already ave installed on our systems in class are mysql databases
<roaksoax> jamespage: still around?
<RoyK> mysql needs to be dumped before backed up
<RoyK> backing up a live mysql db is like asking for trouble if there's transactions going on during the backup
<sarnold> RoyK: no kidding, postgresql is easier to backup too? damn. I still wonder how mysql ever got off the ground... hopefully it's well on its way to pointlessness....
<sliddjur> do i need to stop the service completely_
<sliddjur> mysql that is
<RoyK> sliddjur: no, just mysqldump --all-databases ...
<RoyK> and backup that dump
<RoyK> not the db files
<RoyK> in bacula, you setup that as a post-run job
<RoyK> erm
<RoyK> pre
<RoyK> !
<RoyK> not post
<sliddjur> :)
<RoyK> sliddjur: bacula is divided into bacula director, sd and fd, sd being the storage, fd being the client, director being the boss, the director uses a database for its index - better use postgresql for that
<RoyK> sliddjur: and /j #bacula if you have more questions :P
<RoyK> sliddjur: really, start out with installing those on the backup target. after that, it's just configuration
<adam_g> zul: mind taking a peak at these? http://people.canonical.com/~agandelman/grizzly/ gets most of current grizzly dependencies up to date, short of requests. in the process of rebasing your changes against the newest version
<zul> adam_g: jamespage updated them this morning
<adam_g> zul: oh doh
<zul> adam_g: http://people.canonical.com/~jamespage/ca-updates-20130208/
<adam_g> hmm
<adam_g> zul: eventlet still needs an update. nova services now require the newer version. can you check mine and ill upload?
<adam_g> zul: that url is 404
<zul> adam_g: sure
<zul> adam_g: +1 for eventlet
<vedic> How to get pgbouncer latest version in Ubuntu 10.04? Ubuntu 10.04 repository seems to provide 1.3.1 version not the latest 1.5.4 . Note that I don't want to upgrade postgresql from 8.4 (i.e. in ubuntu 10.04 ) to Postgres 9.x . I just looking for pgbouncer latest
<RoyK> there might be PPAs for that
<RoyK> but upgrading to 12.04 might help as well
<RoyK> vedic: is there a reason you're sticking to 10.04?
<vedic> RoyK: I feel 10.04 is more stable than 12.04 and 10.04 server version has support till 2015. Using it in production server
<RoyK> ok
<vedic> RoyK: you know ppa link for that?
<RoyK> I use 12.04 in prod - works well - 12.04.2 means it's gone past its initial bugs...
<RoyK> google it
<RoyK> vedic: what sort of services do you have on this box?
<vedic> RoyK: No need to google. 10.04 works well for my use and is more bug free than 12.04
<RoyK> well, then find a ppa
<vedic> RoyK: if not src is always available
<RoyK> the problem with ppas is that they aren't very well supported
<RoyK> so if you want a stable server, better use something supported
<vedic> RoyK: if they are maintained by an individual
<RoyK> "an individual" as se
<RoyK> yes
<vedic> RoyK: postgres maintains pgbouncer development
<RoyK> one person
<vedic> RoyK: much more maintained than individual ppa. Well, want to end this discussion here. If you know the answer, pls write.
<RoyK> I'd use 12.04 over 10.04+PPAs any time
<vedic> RoyK: good for you
<RoyK> vedic: I just wonder why you think 12.04 is unstable, and why you think a ppa with 10.04 will be more stable, or better supported...
<vedic> RoyK: I didn't say 12.04 is unstable. Thats your inference.
<RoyK> well, you didn't answer the question
<vedic> RoyK: I did. ppa and os are two different things.
<RoyK> 12.04 os is stable indeed
<vedic> Enjoy it then. Good for you
<RoyK> the packages on top may perhaps less stable than those with 10.04, but it won't help to add PPAs
<RoyK> those are possibly the most unstable of all
<tgm4883> RoyK, I fail to see how a PPA could be considered "the most unstable of all"
<tgm4883> RoyK, that 100% depends on the person maintaining it (not to mention actual software bugs)
<RoyK> tgm4883: well, a package depending on a single person isn't something I would use in a server
<tgm4883> RoyK, PPA's can be managed by a team
<tgm4883> RoyK, all that aside, vedic, have you checked to see if what you need is available on the postgres repo?
<zul> adam_g: ping ill trade you a +1 http://people.canonical.com/~chucks/ca/
<vedic> tgm4883: I think I found it here. Going through it: http://wiki.postgresql.org/wiki/PgBouncer  -> http://wiki.postgresql.org/wiki/Apt
<tgm4883> vedic, yes, that is their repo
<tgm4883> vedic, looks like they have it http://apt.postgresql.org/pub/repos/apt/pool/main/p/pgbouncer/
<tgm4883> 1.5.4
<vedic> tgm4883: yay
<vedic> thanks
<tgm4883> yw
<adam_g> zul: +1
<zul> adam_g: thanks
<edve> Hi people
<edve> would anyone be able to give me a hand with squid proxy ?
<SpaceBass> hey guys, I have some 12.04 servers with eth1 configured as static in /etc/network/interfaces and yet every few hours they revert to DHCP
<RoyK> SpaceBass: installed as desktop machines?
<lifeless> SpaceBass: what is starting the dhcp-client process?
<Daviey> smoser: hey
<smoser> hey.
<RoyK> SpaceBass: network-manager is installed by default on desktop machines and override /etc/network/interfaces
<RoyK> SpaceBass: that will never happen on a server install
<SpaceBass> RoyK, I;m using server
<Daviey> smoser: you pinged me earlier
<SpaceBass> lifeless, I don't see dhcp running as a process
<RoyK> SpaceBass: a server won't ask for dhcp addresses if configured as static
<RoyK> SpaceBass: that's definitive
<SpaceBass> RoyK, beg to differ
<RoyK> SpaceBass: dpkg -l | pastebinit
<SpaceBass> RoyK, I wouldn't have believed it, if I couldn't reproduce it
<tgm4883> SpaceBass, is the /etc/network/interfaces files returning to DHCP?
<smoser> oh. jamespage took care of it.
<Daviey> smoser: ok, thanks.
<SpaceBass> RoyK, http://paste.ubuntu.com/1653539/
<SpaceBass> dhcp client is installed
<SpaceBass> tgm4883, don't see anything that would call DHCP, the original line is commented out: http://paste.ubuntu.com/1653546/
<SpaceBass> on the other servers, the original dhcp line is removed totally
<lifeless> SpaceBass: so if there is no dhcp client running,a nd  /etc/network/interfaces says static, what precisely do you mean when you say 'reverts to dhcp' ?
<SpaceBass> lifeless, every 2 hours (give or take) i lose my assigned static IP, the servers in question ping my DHCP server and request an address in the DHCP range
<SpaceBass> the only thing these all have in common is they are VirtualBox VMs (installed manually, not a downloaded appliance), but are otherwise stock 12.04 Server installs
<lifeless> SpaceBass: ok, when that happens, what does ps fax|grep dhcp show ?
<SpaceBass> lifeless, shows dhclient.eth0.pid running
<lifeless> SpaceBass: so dhcp client *is* running
<lifeless> SpaceBass: whats the full command line for it ?
<SpaceBass> dhclient3 -e IF_METRIC=100 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases -1 eth0
<zul> jamespage:  fyi just uploaded a new keystoneclient and novaclient to the CA to deal with the requests mess
<SpaceBass> lifeless, yeah, I stand corrected there, I was grepping incorrectly (looking for dhcp)
 * RoyK goes back to watching the angles' share
<lifeless> SpaceBass: I made that mistake too :P
<SpaceBass> :)
<lifeless> SpaceBass: ok, so, have a look in /var/log/syslog
<lifeless> SpaceBass: (and other logs...) see if there is anything in there about eth0 ?
<SpaceBass> syslog shows the dhclient actions: http://pastebin.com/BnGE0esE
<SpaceBass> I'd remove dhclient entirelyâ¦ but there's probably a better way
<lifeless> SpaceBass: so I'd start by killing dhclient
<tgm4883> SpaceBass, do you know what is starting it?
<lifeless> SpaceBass: sudo pkill dhclient
<lifeless> SpaceBass: if it was left running for some reason
<lifeless> SpaceBass: and the least time is 2 hours
<lifeless> SpaceBass: this would explain your symptoms
<SpaceBass> it's starting at startup, but not sure what's calling it
<lifeless> SpaceBass: secondly, as tgm4883 says, figure out what starts it
<tgm4883> SpaceBass, is it upstart?
<SpaceBass> will keep hunting down the mystery :)
<tgm4883> SpaceBass, pstree
<SpaceBass> ty
<hallyn> stgraber: do you think dropping support for ns_cgroup would be a problem?  (for new lxc)
<hallyn> well, i guess it could be problematic for backports to lucid
<stgraber> hallyn: would annoy me quite a bit as my phone runs 2.6.32 ;)
<hallyn> stgraber: and does it have clone_children support?
<stgraber> no
<stgraber> or I don't think so, let me check
<hallyn> stgraber: heck, maybe instead of suport ns_cgroup, we should be manually setting up cpuset
<stgraber> hallyn: yeah, my phone has the old school cgroups with the separate ns cgroup and no clone_children
<hallyn> stgraber: and by default is ns cgroup mounted?
<hallyn> well i think i'll stop using clone_children.  see how it goes
<stgraber> well, it's my script that setups the cgroups, so yeah, I'm mounting it
<hallyn> based on deployments you know about, would asking ns cgroup to not be mounted be a problem?
<hallyn> well, actually, i think i'll just ignore it for now and finagle it back in later if i need to (right now it's jsut a shortcut with rename anyway)
<peepsalot> what guidelines do you folks use for when to upgrade to the next version?  we have a server running 10.04 LTS, and thinking about going to 12.04, but not sure if its worth the trouble, could just wait till support is done one 10.04
<SpamapS> peepsalot: wouldn't you rather start planning your migration *now*
<SpamapS> peepsalot: 10.04 will be done in 2 years. You can take your time, start deploying on a test server, etc.
<peepsalot> SpamapS, is it feasible to upgrade in place or best to reinstall from scratch?
<SpamapS> peepsalot: I kind of think upgrading in place is only feasible if you have very few users and very few servers
<peepsalot> one server, 4ish users
<SpamapS> haha
<SpamapS> yeah upgrade in place
<SpamapS> you'll be fine
<peepsalot> do you have to upgrade each release in between or can it leapfrog them
<peepsalot> 4 upgrades at a time is a little worrisome to me considering issues i've had in the past with in-place upgrades
<sarnold> peepsalot: you can upgrade from LTS to LTS without hitting all the little releases in the middle :)
<peepsalot> ah ok
<sarnold> peepsalot: here's some community-made notes: https://help.ubuntu.com/community/PreciseUpgrades
<peepsalot> sarnold, thanks i was just looking at that page ;-)
<sarnold> aha :)
<peas> howdy... My Drupal site rendering is different when I'm logged in versus when I'm not logged in. I guess all of my content is not going thru the SSL layer. How do I fix this? Thanks for your time. I'm running Ubuntu 12.04 server.
<peas> Also, I'm using nginx webserver.
#ubuntu-server 2013-02-15
<lwizardl> hello
<ramsay_za> morning is there any way to setup mdadm raid arrays when juju bootstraps a server?
<elemay2> hi, im on ubuntu server 12.04 x64, i have 2 nics (both e1000 / Intel Pro 1000). These are configured as bond0, one of them is only getting 100mbps link. i changed the card already with another one and also changed the nw-cable, i also switched the ports on the switch. any hints for this?
<sveinse> I'm running 12.04 amd64 server (kernel 3.2.0-37-generic #58) on a VMware vCenter Server (5.1.0). I'm having regular problems with the kernel crashing. Invalid opcode 0000 in highmem.h:194. Ubuntu runs the latest VMWareTools. Any ideas?
<sveinse> Natty on the same datacenter does not show this behaviour
<vedic> How to disable single user mode login? or is there any way to protect colocated servers at remote place? (I do need server restart though)
<cnf> hi
<cnf> when using a preseed installation, is there a way to get the installer to ask confirmation for prefilled values?
<rbasak> cnf: you can avoid setting priority on the kernel commandline. Or set it to low for even more questions
<cnf> rbasak: how does that get me prefilled questions?
<cnf> i want no questions, except for network configuration
<cnf> and i want those fields prefilled with defaul values
<rbasak> Oh, I see. I'm not sure you can do that.
<rbasak> Questions you are asked are based on their priority
<cnf> hmm
<rbasak> Preseeding sets defaults in advance. I believe the two mechanisms are entirely independent
<cnf> i can get it to prompt for network settings
<cnf> but i would like to prepopulate for example our dns servers
<rbasak> Maybe there's another mechanism I'm unaware of
<rbasak> Why not just use DHCP?
<cnf> uhm, because there is no dhcp on our network
<cnf> at all
<cnf> anywhere
<rbasak> Put one in then :)
<cnf> why would we do that?
<rbasak> So that you don't have to input network settings
<cnf> we'd have to run maybe 50 dhcp servers
<cnf> not much of a solution :P
<rbasak> Crazy
<cnf> rbasak: probably about 200 physical machines (not counting customer machines) with in all 300 or 400 OSes running on 50ih vlans?
<rbasak> At that scale you should have everything fully automated then
<cnf> legacy is a horrible thing :P
<rbasak> Use a provisioning vlan with one dhcp server
<cnf> which entails switching around vlans left and right
<cnf> like i said, legacy is a horrible thing
<vedic> How to disable single user login to improve security of the server? What is the best practice?
<agu10^> I am unable to understand how to set up virtual hosts properly. Tutorials send me to edit DIFFERENT config files. This inconsistency troubles me. am I not supposed to have one file per virtual host at sites-available ??  tutorials make me edit httpd.conf, or add a new file "virtual.conf", or stuff like that. But i believe neither is the right approach. any clues? I have added a file at /etc/apache2/sites-available/potentialstudio.com .
<agu10^> .. but it's not doing anything
<cnf> rbasak: from #ubuntu-installer:
<cnf> <cjwatson> d-i name/of/question string value
<cnf> <cjwatson> d-i name/of/question seen false
<cnf> <cjwatson> https://help.ubuntu.com/12.04/installation-guide/i386/preseed-advanced.html#preseed-seenflag
<cnf> for future reference
<rbasak> Ah, handy
<rbasak> Thanks
<cnf> yeah, indeed
<jpds> vedic: What are you trying to do?
<jpds> vedic: Disable the recovery mode?
<vedic> jpds: Server is colocated and placed at remote location.  Just thought to increase its security if somebody try logging in as single user mode
<jpds> vedic: If they have physical access, there's not much you can do.
<vedic> jpds: yea, live cd is always an option.
<jpds> vedic: LiveCD, ripping the hard drives out.
<jpds> vedic: All I can really suggest is putting non-system files on an encrypted partition.
<jpds> But then every time the server boots, you'll have to manually mount that partition.
<vedic> jpds: I think that would stop running programs reading files. I have my codes and data text files in home dir and encrypting that would cause programs to not function properly
<jpds> vedic: Yeah, I'm thinking non-home dir encryption.
<hackeron> I'm trying to install ubuntu on a blank hard-drive connecting to an exiting ubuntu server. I have most of the progress figured out - but I cannot get it to boot. I just see a white blinking cursor and the grub menu never shows up. I think my partitioning code must be wrong: http://pastie.org/6173525 -- any ideas what is wrong with that?
<cfhowlett> hackeron, probably a grub configuration issue, i.e. grub has to be directed to the bootable media
<freesbie> hackeron: have you done a grub-install on the new disk ?
<hackeron> freesbie: yes, I did grub-install $DRIVE - it said installed without issues
<hackeron> freesbie: if I change the label from gpt to msdos - instead of a blinking white cursor, I get a reboot loop
<hackeron> cfhowlett: yes, this is what I'm doing with parted $DRIVE -- set 1 bios_grub on
<freesbie> hackeron: you may have to give it --boot-directory=DIR aswell
<hackeron> freesbie: but it's /boot which is the default :/
<agu10^> I can't get apache2 to start! root@domU-12-31-39-10-4A-43:/etc/apache2# service apache2 start
<agu10^>  * Starting web server apache2                                                  Action 'start' failed.
<agu10^> The Apache error log may have more information.
<greppy> agu10^: what do the logs tell you?
<agu10^> nothing at all
<agu10^> the last log was hours ago
<agu10^> when it still worked
<greppy> so there is nothing in /var/log/apache2/error.log?
<agu10^> nothing new. and nothing related to this failure
<agu10^> last log there is from 2 hours ago
<agu10^> a GET request
<greppy> is that where it is still configured to log to?
<agu10^> but now it's not even STARTING
<agu10^> yes, as far as i know, yes
<agu10^> i didn't change it
<greppy> agu10^: what about sudo apache2ctl configtest
<greppy> ?
<agu10^> Syntax OK
<greppy> got me then.
<greppy> I'd double check that the logs are still going to where you expect
<agu10^> how do i know?
<greppy> look in the configuration files in /etc/apache2
<bitnumus> Hi, im trying to install ubuntu-server, the installation failed at loading the CD-ROM stage, any way to find out why?
<agu10^> greppy, i did
<cfhowlett> bitnumus, any error messages?  also did you md5sum the iso?
<agu10^> ErrorLog ${APACHE_LOG_DIR}/error.log
<bitnumus> i did md5sum the ISO yea
<bitnumus> it failed 4 times, i tried formatting the USB to fat32 etc
<gregory58> Hello, I am following a Railscast(http://railscasts.com/episodes/335-deploying-to-a-vps) to deploy to DO, but I am getting a "bash: vim: command not found" error when I input "vim ~/.bashrc "
<cfhowlett> bitnumus, bootable cd/dvd? or usb?
<bitnumus> cfhowlett, USB
<bitnumus> using 'unetbootin'
<cfhowlett> bitnumus, easy check: different usb.  they do get squirrely ...
<bitnumus> hmm, not sure i have another one handy
<bitnumus> worth 00'ing it or something?
<cfhowlett> bitnumus, just format as normal I'd say
<bitnumus> yea i did that using gparted
<bitnumus> cfhowlett, i ran 'check disk integrity' and it fails on a file saying 'file failed the Md5 checksum verifitcation'
<bitnumus> Is there an alternative to unetbootin i can try, to rule that out ?
<hackeron> freesbie: I get this: # grub-install --boot-directory=/boot /dev/sdi
<hackeron> Installation finished. No error reported.
<hackeron> but when I try to boot, I just see a white blinking cursor and the grub menu is never shown - I think it is the partition table to blame
<cfhowlett> bitnumus, this is your downloaded iso?  if it failed download again.  I'd use the torrent for best results...
<bitnumus> cfhowlett, i downloaded it from releases.ubuntu.com
<bitnumus> and the md5sum of the download is correct
<cfhowlett> bitnumus, so on installation it reads an error?  the bootable usb is fragged.  do it again - perhaps with startupdiskcreator?
<bitnumus> im trying startup disk creator now
<bitnumus> i ran 'check disk integrity' and it fails on a file saying 'file failed the Md5 checksum verifitcation'
<bitnumus> it fails on loading files from CD-ROM
<bitnumus> it boots fine
<cfhowlett> bitnumus, you're reading inconsistent feedback ... clearly there's an error here.  either hardware or software fail...
<gregory58> Anyone know how to install vim on a Ubuntu VPS like Digital Ocean....I'm getting a vim: command not found error
<freesbie> hackeron: maybe it is, I remember having some problems with GPT and grub, had to make a bit of free unpartitioned space to make it work. but that was on virtual machines, afair I initiated grub from within a chroot on the disk-image
<cfhowlett> bitnumus, option?  install the mini.iso and download then add the packages you need via internet...
<cfhowlett> and don't use CD-rom?
<bitnumus> cfhowlett, ill try this startup disk creator and see what happens
<bitnumus> im not using a CD-ROM
<hackeron> freesbie: yeh, that's pretty much what I'm doing except not on a virtual machine - I'm doing chroot /tmp/target and then running the grub-install - I tried to leave the free space in my partitioning: http://pastie.org/6173525 - but it just wont boot :/
<bitnumus> thats what the installer calls it
<mah454> Hello
<mah454> I installed mysql in ubuntu 12.10
<mah454> but have not log in /var/log for mysql !
<mah454> How can enable mysql log ?
<andol> mah454: /etc/mysql/my.cnf
<mah454> andol: what line must change ?
<andol> mah454: That depends what kind of logging you want. Tried searching for the word log in the file?
<mah454> andol: mysql authentication (User Login or Logout)
<andol> Not sure about that particular case.
<agu10^> I try to create a new "default" website for apache2 but with the name "wildcard"
<agu10^> is it impossible to create it under a name other than "default" ???
<Daviey> zul: thanks for replying to the openstack list.
<zul> Daviey: no worries
<jamespage> zul: http://people.canonical.com/~jamespage/ca-updates/ review please
<jamespage> :-)
<zul> awesome-o +1
<Daviey> that was the fastest review ever. :)
<jamespage> ivoks, think I figured out some of those glance errors from the other day - haproxy had very low server/client timeouts
<jamespage> I suspect nothing happened for a bit so it killed the connections
<zul> smoser: ping
<smoser> hey
<zul> smoser: this is the dirty fix to get it going again http://paste.ubuntu.com/1658525/
<zul> smoser: im coming up with a bit more elegant solution ;)
<smoser> zul, is the issue that they're trying to use libvirt's mounting of disks ? as opposed to having nova set that up and providing libvirt with a path ?
<sliddjur> How do I list a packages dependencies? ubuntu server 10
<zul> smoser: thats the eventual goal i think
<zul> smoser: but the disk doesnt get copied to the instances directory right now because mapping is an empty arrary because blockinfo.py doesnt understand lxc block devices (hint: there isnt any)
<smoser> sliddjur, apt-get install --dry-run <package>
<smoser> will give you a list of what it would install for you
<smoser> apt-cache show <package>
<smoser> will show you its immediate dependencies
<sliddjur> smoser: apt-cache show package | grep Depends worked out well =)
<zul> smoser: but one of the problems i see with lxc block devices is that the domain gets created before the images get created and keys are injected
<smoser> well, we dont really care about injected keys.
<smoser> but we will probably need files to come from somewhere
<Eagleman> Is there being worked on a backport for libvirt 1.01+ ?
<ivoks> jamespage: ive tried without haproxy; same thing :-/
<iqualfragile> the ubuntu serverguide suggests using only ldap for authentification, is it safe to do so? (instead of using kerberos)
<iqualfragile> well, i guess not
<iqualfragile> but i like the idea of kerberos, will use it anyways
<jamespage> ivoks, same problem with horizon right?
<keithzg_> Rather random question, I'm using s3cmd to sync some backups and on every file I get "WARNING: path/to/file: Owner groupname not known. Storing GID-3342 instead." I'm inexperienced enough with S3 that I really don't know what that implies (otherwise the backups seem fine).
<NewNewb> Good evening/day/morning! Ive got issues with a game server running on ubuntu through wine. Problem is, I cannot connect to my game server - and I have no clue how to do error searching. Ideas?`
<sarnold> NewNewb: is the game server hosted on a different network than the clients trying to connect?
<NewNewb> Its on my LAN. and connecting through local IP, nor external works(for my friends). The server itself shows up in the game's server browser
<sarnold> NewNewb: are there any log entries in /var/log/ that look related?
<sarnold> NewNewb: does wine preserve enough of windows to have the windows event log that might also have information from the game server?
<NewNewb> I tried syslog, nothing at all. And I tried messages, also nothing, it just says "--MARK--" allt he time
<sarnold> NewNewb: windows allows any process to bind to "low ports", < 1024 -- Linux does not. a process must be privileged to bind to a low port...
<sarnold> that --MARK-- will become reassuring eventually :)
<NewNewb> ports of relevance here are 7778, 7777, and 27015
<Eagleman> Is there being worked on a backport for libvirt 1.01+ ?
<NewNewb> 7777 being the port external connections come through. 7778 lists the server (i think) and 27015 is a steam port... no clue what that one does :)
<sarnold> NewNewb: darn, there goes another potentially easy answer :)
<NewNewb> haha, ive been hitting up forums and google for two weeks now. I just suck at linux - and dont know how to do proper error checking :(
<aaa801> im running a java server (minecraft) in a screen session, every soo often the server goes down, when i open the screen session i find 19:28:19 [INFO] Unloading Player: Gremlin503
<aaa801> >Killed
<aaa801> root@ns3273339:/home/root/Voltz#
<aaa801> Does that mean something on the box is killing the process ?
<sarnold> is it always gremlin? :)
<aaa801> no
<aaa801> Out of memory: Kill process 14432 (java) score 859 or sacrifice child
<aaa801> Killed process 14432 (java) total-vm:38229524kB, anon-rss:30098300kB, file-rss:0kB
<aaa801> son of a..
<aaa801> Welp i think i juts found the issue
<sarnold> aha, you anticipated my next question :)
 * aaa801 walks off in shame
<sarnold> thgh, uh, one does wonder what java intended to do with 36 gigabytes of memory.
<aaa801> i only had it assigned 30gb
<aaa801> =/
<aaa801> how it managed to even get hold of 36gb is odd
<aaa801> im giving it 26g now
<sarnold> aaa801: sorry.... it had allocated 36 gigs, but used 28 or so...
<sarnold> is that expected for minecraft? o_O
<aaa801> for this server ye
<aaa801> 100 slots
<aaa801> mc is terrible for memory management + java is too
<sarnold> damn :)
<aaa801> still not sure it had allocated 36 gig
<aaa801> it was started with a max of 30g defined =/
<sarnold> aaa801: well, virtual memory that was allocated by potentially never actually used...
<sarnold> well, you can see the RSS there, it wasn't used.. :)
<aaa801> then whyd it kill the process
<aaa801> >_>
<sarnold> aaa801: how much RAM does the machine have?
<aaa801> 32gb
<sarnold> aaa801: does it run anything else that might have taken up 4-odd gigs?
<aaa801> shouldnt do, its got two ssd's in raid
<aaa801> software raid
<sarnold> aaa801: hrm. the kernel should normally only start killing things once it is in trouble.
<aaa801> let me open up top
<sarnold> aaa801: you could add some swap files ... dd to create them, mkswap to format them, then swapon to add them.
<aaa801> http://i.imgur.com/MabnN78.png
<aaa801> how is it managing to take up 31.6g
<aaa801> when its limited to 26g
<aaa801> -.-
<aaa801> sarnold, any ideas?
<sarnold> aaa801: well, right now it is only taking up ten gigs...
<sarnold> aaa801: oooh
<aaa801> oooh?
<sarnold> aaa801: hrm, maybe 'oooh' in a bit.
<aaa801> ._.
<sarnold> aaa801: perhaps the 31 vs 26 is just 1000 vs 1024 nonsense?
<aaa801> still shouldnt be that high when its on 26G
<sarnold> no, 28g at the most if that were it...
<sarnold> aaa801: okay, back to 'oooh'
<sarnold> aaa801: if you don't want to add some swap space, you could tweak /proc/sys/vm/overcommit_memory or /proc/sys/vm/overcommit_ratio to force memory allocations by java to fail when the machine really has run out of memory
<aaa801> swap space and ssds dont tend to mix too well
<sarnold> aaa801: yeah, I know what you mean. but it might not be used too frequently..
<sarnold> (you' have to chech with e.g. vmstat 1 once it is running again to find out)
<sarnold> aaa801: you can find details on the proc files in the proc(5) manpage
<aaa801> kk
<sarnold> (sorry I left that out earlier. sigh :)
<subman_> I have setup Munin according to the instructions found in the Ubuntu Server Guide and it works for the localhost only.  I don't seem to be able to see the data from the second server (munin-node).  Any ideas why this would be?
<zul> smoser: https://review.openstack.org/#/c/22065/
<yeats> subman_: check your syslog on the remote host to see if there are any messages from munin
<yeats> I would also see if there's a way to run munin's daemon in a debug mode
<smoser> zul could you put the trace in the bug ?
<smoser> the one that is there now.
<smoser> just for reference.
<zul> smoser:  sure
<smoser> https://review.openstack.org/#/c/22065/1/nova/virt/libvirt/blockinfo.py
<smoser> it might be better to return None in line 119 there.
<smoser> or maybe 'LXC'. the "" i'm afraid will just confuse things at some point.
<subman_> yeats, thanks, it was a hostname issue.
<smoser> zul, ^
<zul> smoser:  good idea
<zul> smoser: lets see what other people say as well I might be tied to the stake as well
<smoser> i should put my comment in a review
<ivoks> jamespage: yes
<iqualfragile1> is there some way i (well not i but someone who does not now too much about computers) can manage users wich reside inside ldap and kerberos?
<RyanLMul> Anyone run across an instance where 12.04 server stops communicating with DNS on another 12.04 intermittently?
<RyanLMul> Hi there.  Anyone on here?
<sarnold> RyanLMul: a few hundred .. I guess no one reading has seen what you've seen.
<aaa801> Remember children 99.99999% of people in the irc channel are idle
#ubuntu-server 2013-02-16
<RoyK> asdf
<keithclark> I've installed apache2 and confirmed it is working.  I then installed munin and munin-node but I cannot get http://localhost/munin to work in my browser.  It responds with 'Not Found' error.  I see the files are generated in /var/cache/munin/www.  Any ideas what could be wrong?
<xpistos> Hey guys. I installed lxde on an ubuntu server to do some testing but now when I reboot it goes right to the gui. How can have the xserver not start at boot up
<sarnold> xpistos: you can do that with an upstart override file: http://upstart.ubuntu.com/cookbook/#override-files
<genii-around> sarnold: Nice, I didn't know those even existed
<sarnold> xpistos: I put "manual" into /etc/init/lightdm.override and X no longer started on my standard desktop install; presumably something similar will do the job for you (I don't know lxde details, but lightdm seems likely)
<sarnold> genii-around: my opinion of upstart went way up once I found those :) I never much cared for the sysv symlinks, but the older upstart "just move the config file" didn't feel right either. this is simple and feels cleaner. :)
<xpistos> I thought I needed to change the run level
<genii-around> xpistos: Runlevels are the old way
<sarnold> xpistos: heh, back in the day you're right, you'd just change '5' to '3' in your inittab and be done with it :) but upstart changed things a bit...
<xpistos> so like "echo "manual" >> /etc/init/lightdm.override
<sarnold> xpistos: yes -- but make sure /etc/init/lightdm.conf exists first (no point disabling a service that doesn't exist.. :)
<genii-around> xpistos: That command won't work
<xpistos> nope no file
<genii-around> xpistos: You need like: echo "whatever" | sudo tee /etc/init/lightdm.override
<xpistos> tee?
<genii-around> ( replacing the "whatever" of course
<sarnold> xpistos: "no file"? have you configured your shell in a funny way that forbids >> from creating a file? o_O
<genii-around> xpistos: Yes
<xpistos> no
<xpistos> I just hadn't heard of tee before
<genii-around> sarnold: No, it's just an area his logged in user can't make a file to
<sarnold> genii-around: hrm. The error in that case is "permission denied".
<sarnold> OH!
<sarnold> xpistos: as in, /etc/conf/lightdm.conf doesn't exist. :)
<sarnold> err
<sarnold> sigh. time to quit. :)
<sarnold> xpistos: as in, /etc/init/lightdm.conf doesn't exist, right?
<sarnold> does /etc/init/lxdm.conf exist? if so, try "echo manual >> /etc/init/lxdm.override"  (or, if not logged in as root, use genii-around's neat trick, "echo manual | sudo tee /etc/init/lxdm.override")
<xpistos> didn't work gui still came up
<xpistos> the only thing in that file is "manual"
<sarnold> xpistos: this command ought to help you figure out which gui login widget you're using: service --status-all 2>&1 | grep dm
<xpistos> lxdm
<sarnold> xpistos: wjat
<sarnold> what's in your /etc/init/lxdm.override file now?
<xpistos> rebooting after trying the lxdm.override
<xpistos> the only thing in that file is "manual" but it did work this time
<sarnold> yay
<xpistos> reboot and it is working
<xpistos> Thanks guys
<xpistos> Not I have to get oracle and sql developer plus installed
<sarnold> xpistos: oof. good luck. :)
<sarnold> (me, I'd use postgresql and be happy..)
<frojnd> Hi there
<cfhowlett> frojnd, greetings
<frojnd> :)
<frojnd> What a pleasant welcome :)
<frojnd> I just found out that google doesn't provide free custom domain mails anymore
<frojnd> Therefor I have to setup one mail server on ubuntu sever, only that I hadn't done anything like that before :)
<cfhowlett> email server on ubuntu is a fairly common task as I understand it.  Never done it myself but ...
<histo> frojnd: There are some good howto's on the net like woraround.org/ispmail  NOTE this is for Debian but it explains everything step by step so you will understand it. Someone took this very same tutorial and made a Ubuntu howto on howtoforge.com/howtos/email
<frojnd> histo: first link is broken
<frojnd> histo: I like understand stuff so I don't mind reading...
<ruben231> hi guys i have installed ubuntu server 12.04 LTS but the mysql version it have is mysql 5.5 how do i downgrade it to mysql 5.1
<ruben231> any idea guys
<histo> frojnd: Hold up sorry let me find it
<histo> frojnd: http://workaround.org/ispmail
<histo> sorry typo
<ruben231> :'(
<ruben231> guys help how do i downgrade mysql 5.5 to mysql 5.1 please help
<ikonia> ruben231: why would you do that
<ikonia> ruben231: the aim is to use the version supplied by the distro
<ruben231> ikonia: --->an application wont load and run with mysql 5.5
<ikonia> ruben231: which application is this ?
<ruben231> vtigercrm
<ruben231>  ikonia:vtigercrm <--------------so many issue when mysql 5.5 is used
<ikonia> don' know that product, sorry
<ruben231>  ikonia: it just need mysql 5.1  but i ahve mysql 5.5 how do i downgrade it
<ikonia> you can't
<ikonia> that's why I'm trying to understand the issue
<ikonia> ruben231: you'd need to find an external repo that contains the version you want, for the distro you're running
<ruben231> ikonia: so ill just remove compelte mysql 5.5..? or ther eis automatyed downgrade
<ikonia> ruben231: sorry, did I not just say "there is no downgrade"
<ikonia> ruben231: what version of ubuntu are you using
<ruben231> im using ubuntu server 12.4 LTS 64bit
<ruben231> 12.04 *
<ikonia> ruben231: ok - so that ships with a mysql package in the repo
<ikonia> ruben231: that is the version ubuntu provide for your version
<ikonia> ruben231: so if you want an older version, you need to find someone who has built a package of the version you want for 12.04
<ruben231> yes and how do i downgrade it
<ikonia> ruben231: are you reading what I'm typing ?
<ruben231> ok so find a built package with mysql 5.1 and remoev mysql 5.5..?
<ruben231> any idea where i can get this
<ikonia> it probably doesn't exist
<ruben231> :'(
<zAo^2> can someone help me installing server?
<zAo^2> I got "Your installation CDROM couldnt be mounted"
<RoyK> booting from cdrom?
<zAo^2> Yes
<zAo^2> But Im wondering if the CDrom is a internal USB drive..
<RoyK> hm
<RoyK> should work anyway
<zAo^2> since fdisk is not available, I cant see the drives
<RoyK> cat /proc/partitions
<zAo^2> lsmod gives me usb_storage though
<RoyK> shouldn't matter how the cdrom is connected
<zAo^2> hm. /proc/partitions is empty? :S
<RoyK> bad sign
<zAo^2> Yeah. The internal SATA drive should contain Openelec
<RoyK> zAo^2: can you try with a thumb drive?
<zAo^2> RoyK: installing you mean?
<zAo^2> RoyK: at first there was a USB drive connected and the installer tried to install from it...
<RoyK> yeah, installing from a thumb drive is usually faster too
<zAo^2> Server installs are fine from cd
<RoyK> well, sure
<RoyK> just trying to come up with alternatives that may help
<zAo^2> RoyK: sorry, thanks :)
<zAo^2> Booting with cdrom-detect/try-usb=true
<zAo^2> Didnt work. Log shows: Looking for install device ''
<RoyK> try a pen drive
<darkray> i want to  set up a dhcp server of ip address 151.2.10.127 which leases ip address to it's client in the range 10.2.10.100-10.2.10.200. could anyone help me ?
<RoyK> !dhcp
<ubottu> dhcp is Dynamic Host Configuration Protocol, a protocol for automatic IP assignment from a router. Ubuntu uses dhclient as a DHCP client but other ones (and DHCP servers too) can be obtained from the !repos. More info at http://en.wikipedia.org/wiki/DHCP
<RoyK> oh
<RoyK> darkray: apt-get install isc-dhcp-server
<RoyK> and then configure it
<RoyK> it's pretty simple
<darkray> RoyK: yeah, it's pretty simple,if you lease ip address in 151.2.10.0 network. but i want to lease ip address in 10.2.10.0 network
<darkray> do u know how to do that ?
<RoyK> well, first of all, two NICs
<RoyK> then setup NAT
<RoyK> then configure DHCP on the one with RFC 1918 address
<RoyK> erm
<RoyK> configure the dhcp server to serve that network
<darkray> RoyK: i m doing all this in vmware
<darkray> and i've only one interface eth0.
<RoyK> then add another
<RoyK> it may be possible with a single nic, but it'll be ugly
<darkray> can't i do it w/o adding another iface
<darkray> ?
<darkray> doesn't matter how ugly it looks
<darkray> pls tell me how to do it
<RoyK> it's no problem having a dhcp server serving addresses outside of what's used on your network
<RoyK> but it's not pretty
<darkray> then pls tell me how to do it, i would be really grateful
<darkray> RoyK : ?
<RoyK> well, google isc dhcp or read the manual pages, or at least start with looking through the config file
<RoyK> it's not hard
<darkray> i've done all that
<darkray> but didn't find anything useful
<qman__> you should add a second interface for the LAN side
<qman__> in the real world you would never configure it like that
<RoyK> qman__++
<RoyK> darkray: really, you need separate network for the dhcp part
<qman__> even if you had them on the same wire they'd be on different VLANs
<qman__> which would use separate virtual interfaces
<darkray> qman_: i am practicing this because i've to configure this server in my office
<darkray> so pls help me
<RoyK> darkray: then add a new nic
<RoyK> separate vlan
<RoyK> clients on that vlan
<qman__> exactly
<qman__> it won't help to set it up wrong because that's not how you're going to do it later
<qman__> you need two NICs
<darkray> qman__: could it be done using dnsmasq ?
<qman__> darkray, it could, just as it could with isc-dhcpd
<qman__> but I won't help you do it the wrong way, you need to add a second virtual NIC
<darkray> qman__ : thanx,
<darkray> i've done it by adding a second virtual NIC
<darkray> but still want to try and do it using only one NIC.
<RoyK> why?
<RoyK> it doesn't make sense
<darkray> RoyK: just experimenting
<RoyK> it still doesn't make sense
<subman> I just added a printer to my Ubuntu server and CUPS found it well enough.  I just tried to print to it and the access log says Job successful-ok, but nothing actually gets printed.  Any ideas?
<subman> Actually if I look at the 'Jobs' section of the cups web interface I see:  Tree connect failed (NT_STATUS_BAD_NETWORK_NAME)
<sash1> hi to all, i need help with problem regarding access database on samba, can anyone help?
<RyanLMul> Any help is appreciated:  Server 12.04 on VM - one of three installed.  eth0 stops communicating intermittently.
<RyanLMul> dmesg | grep eth0 shows ADDRCONF(NETDEV_UP): eth0: link is not ready
<RyanLMul> restart of networking brings it right back to life.
<RyanLMul> sometimes just trying to ping something will work.
<RoyK> RyanLMul: what sort of vm?
<RyanLMul> running ESX5.1
<RoyK> ok
<cocoa117> anyone have idea how to make Ubuntu 12.04 server pick up eSATA hard disk? the BIOS can see it, and the eSATA drive have been tested working in different machine with eSATA port running ubuntu 12.04
<cocoa117> but under ubuntu 12.04 server, it just won't pick it up
<hackeron> hey, I'm trying to run /usr/sbin/debootstrap --arch amd64 quantal target but getting: E: Couldn't download dists/quantal/main/binary-amd64/Packages -- any ideas?
<hackeron> tried adding --verbose but it doesn't show anything, just I: Retrieving Packages
<hackeron> I: Retrieving Packages
<hackeron> any ideas?
<hackeron> E: Couldn't download dists/quantal/main/binary-amd64/Packages
<hackeron> oh, had no disk space left, heh
<dingo> in my gui router config web page it will give me the ip, mac and device name. i have been trying to get the device name using nmap but all i can get is the ip and mac, the device name says unknown. how can the router know but not nmap? i have looked at host discovery for nmap but none of the options i have used(almost all, for host discovery, at this point) come back with a device name. i know there has to be a way...please help
<maxb> The router's name may be, and probably is, entirely irrelevant for the correct functioning of networking, unlike IP and MAC. There's no guarantee or need that it be remotely discoverable at all.
<dingo> maxb: sorry if i was confusing, i am refering to the device names of devies attached to the router
<maxb> dingo: In that case, I can take a pretty good guess that the only reason your router knows those is because it participated in the DHCP exchange with those devices. NMAP didn't, so doesn't.
#ubuntu-server 2013-02-17
<dingo> maxb: thanks for clearing that up.
<mattwj2002> hey guys
<mattwj2002> :D
<dandkburt> does the support also includ eapache here
<mattwj2002> !ask dandkburt
<mattwj2002> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<mattwj2002> it doesn't hurt to try in my opinion
<dandkburt> how do I set up vhost for apache2
<mattwj2002> what version of ubuntu?
<dandkburt> whats the command to find out
<dandkburt> lol
<dandkburt> i don't remember
<mattwj2002> :P
<mattwj2002> http://httpd.apache.org/docs/2.2/vhosts/
<mattwj2002> uname -a
<mattwj2002> that may work
<dandkburt> already tried that
<mattwj2002> lol
<mattwj2002> cat /etc/apt/source.list
<mattwj2002> or is that sources
<mattwj2002> :-/
<mattwj2002> that'll show you the name in the apt-get stuff
<dandkburt> lol
<dandkburt> 5 lines
<mattwj2002> yeah
<mattwj2002> what is the name though
<mattwj2002> for example Precise
<dandkburt> for the ubuntu
<dandkburt> its the newest one on Chicogovps
<dandkburt> I think it is 11.05
<dandkburt> or somthing
<mattwj2002> 11.04?
<dandkburt> might be
<mattwj2002> well anyways....try that link
<maxb> 'lsb_release -a' is the command you're looking for
<mattwj2002> thanks maxb
<mattwj2002> maxb are you good at Apache?
<dandkburt> yes thanks max
<dandkburt> 11.04
<dandkburt> and that link only helps me a little
<dandkburt> i did all it told me
<dandkburt> and still nothing
<mattwj2002> I am not an Apache expert
<maxb> 11.04 is end-of-lifed already, you really should consider updating, probably to 12.04 which is a long term support release if you don't like upgrading every six months
<dandkburt> maxb
<dandkburt> I don't know if that is permitted with my vps host
<maxb> The problem with a question like "how do I set up vhost for apache2" is that it's too broad. It's difficult to answer with anything more specific than a pointer to a section of documentation. If you need further help, the key to effective use of IRC tech help channels is making your questions as specific and detailed as possible.
<dandkburt> k
<maxb> And if your VPS host doesn't provide a way for you to run an OS that has current security support...... they really really suck :-)
<dandkburt> i am looking for someone to assist me on it
<mattwj2002> how long is lts for?
<dandkburt> perminant
<maxb> New LTS releases happen every two years, each one is supported for 3 years generally, and 5 years in a limited server-oriented subset
<mattwj2002> thanks maxb
<maxb> https://wiki.ubuntu.com/LTS
<mattwj2002> 2017!
<maxb> Oh, apparently the 3y/5y split is old info, according to that wiki page.
<mattwj2002> w00t :)
<mattwj2002> yeah I see that starting with 12.04
<mattwj2002> 5 years is a long time O.o
<mattwj2002> that is like 500 years in IT :P
<maxb> It really is, but on the other hand, legacy systems refuse to die.
<mattwj2002> true
<mattwj2002> 14.04 will be the next lts?
 * maxb has inherited partial responsibility for a production MySQL 4.0 system :-/
<mattwj2002> oh my!
<mattwj2002> so you can say it really is a mysql
<mattwj2002> :P
<mattwj2002> you own it in other words
<mattwj2002> :)
<maxb> Whilst I don't think it's actually documented anywhere as ongoing fact, the "every fourth release is an LTS" convention has held true since Ubuntu LTSes were created
<mattwj2002> okay cool
<mattwj2002> that is what I thought
<mattwj2002> long live ubuntu!
<maxb> By 17.10 we'll have run out of letters :-)
<mattwj2002> haha
<mattwj2002> they will have to go back to a!
<tonyyarusso> maxb: We have a system at work that's running Solaris I think 9, on even older hardware.
<mattwj2002> O.o
<maxb> Yeouch, I think that beats even my Slackware 10 machines
<mattwj2002> is solaris even still around?
<tonyyarusso> We're working on killing it...slowly.
<tonyyarusso> mattwj2002: eh, not really.  Last release was 2011, but it's not nearly the player it once was.
<mattwj2002> what do unix when you can do linux!
<mattwj2002> :)
<mattwj2002> *why do
<mattwj2002> even companies like Google, Cisco and Juniper are adapting either freebsd or linux
<mattwj2002> Apple too
<thomas573> Hello, I'm following this tutorial (http://blog.sudobits.com/2013/01/07/how-to-deploy-rails-application-to-vps/) but when I try 'mv id_rsa.pub .ssh/authorized_keys' in my remote ubuntu server I get 'mv: cannot stat `id_rsa.pub': No such file or directory' Any ideas?
<holstein> thomas573: there is no file there
<holstein> thomas573: you are dealing with setting up ssh key access
<holstein> https://help.ubuntu.com/community/SSH/OpenSSH/Keys
<holstein> seperate the ruby from that.. this has nothing to do with ruby
<thomas573> IIs it because I typed 'mkdir .ssh' instead of 'mkdir ~/.ssh'?
<thomas573> holstein: Is it because I typed 'mkdir .ssh' instead of 'mkdir ~/.ssh'?
<holstein> thomas573: do you have a .ssh directory in your /home?
<holstein> you can look in / and see if its there
<thomas573> holstein: on my remote server?
<holstein> thomas573: i would just stop doing what you are doing, and read the ssh documentation
<holstein> thomas573: you are only setting up ssh key access.. you can do that and *then* get back to the tutorial
<thomas573> holstein: but I already have ssh on my local computer with bitbucket, i just want to upload it to my remote server
<holstein> thomas573: sure.. so you set it up on that server
<thomas573> holstein: What are the keywords I have to type?
<holstein> thomas573: i usually just follow that guide i dropped
<thomas573> holstein: Seems kind of information overdoing it, no?
<holstein> http://askubuntu.com/questions/61557/how-do-i-set-up-ssh-authentication-keys
<holstein> thomas573: not reall
<holstein> thomas573: you are setting up something that if done incorrectly, could be a security risk
<thomas573> holstein: Ok dokey, so just ssh-copy-id user@hostname
<holstein> thomas573: i would say, read up on what each of those commands do, and see what best suits your needs
<jack43> Hello, I am following this tutorial, but when I try to log in as deployer I get "ssh: connect to host 555.55.555.55 port 22: Connection refused" (http://matthewcopeland.me/blog/2012/09/29/grow-out-your-neckbeard-its-time-to-deploy-how-to-setup-and-deploy-to-a-linode-server/) but while I log in as
<jack43> Any ideas?
<cfhowlett> jack43, read what you posted.  I think you cut some of it off
<jack43> cfhowlett: Yea, just ignore the 'but while I log in as'....I was rearranging the sentence
<jack43> cfhowlett: I followed those exact steps in the tutorial and I get that error once I try to login as deployer
<jack43> cfhowlett: Any ideas?
<cfhowlett> jack43, I have to bunt on this one.  Servers are far from my area of expertise ...
<cfhowlett> jack43, stay in channel, ask again.
<jack43> sjefen6: Any ideas?
<jack43> Any help is appreciated.
<jack43> #vps
<jack43> #digitalocean
<jack43> #ubuntu
<cfhowlett> jack43, you mabye mean to type /j ubuntu or /join #ubuntu   ?
<jack43> I'm trying to install rbenv and ruby in my Ubuntu remote server, but I keep getting this: deployer@HostName:~$ rbenv bootstrap-ubuntu-12-04 -bash: rbenv: command not found
<jack43> Any ideas?
<ruben231> hi guyd any suggestion load balance two apache web server..? so share load..any idea guys
<melmoth> ruben231, haproxy ?
<ruben231> melmoth:any how to.>? i ahve two apache web server only
<melmoth> i dont know the details, but i think it s mainly about setting one config file where you give haproxy the ip of the apache server
<melmoth> and it take charge of balancing the requests. You ll have to read some doc to get the details
<sliddjur> So I generated a secret-key-ABC123.asc file with gpg . What are they for?
<andol> sliddjur: How did you generate that file? --export-secret-keys?
<sliddjur> in windows. because my server failed to do gpg --gen-key
<sliddjur> I just know I need to use these with duplicity. Im trying to figure out how it works :)
<sliddjur> Are they like ssh keys where u have a public and a private key?
<melmoth> yep
<andol> sliddjur: Yepp, the regular use of gpg is with public/private keys, even if you can do symmetrical encryption as well, which duplicyt also happens to support by the way
<andol> sliddjur: On the server you will be able to import exportered keyfiles using gpg --import. Nevertheless, it really wouldn't hurt to figure out why gpg --gen-key fails for you.
<sliddjur> "Not enough random bytes available.  Please do some other work to give the OS a chance to collect more entropy! (Need 283 more bytes)"
<sliddjur> andol: and it just stands there
<andol> sliddjur: I usually solve that by copying files around in a parallell shell.
<andol> (copying files around, and hence generating disk activity.)
<sliddjur> cp -R /var/ /asdf/ now
<sliddjur> well. doesnt seem like that was enough?
<andol> sliddjur: Then you do it again, and again? :) Preferably saving yourself some effort by putting in a loop
<sliddjur> How much data is 283 bytes?
<sliddjur> :S
<sliddjur> I mean how long time could it take
<andol> sliddjur: Not amount of data, amount of "true" entropy.
<sliddjur> I dont even know what entropy means
<andol> sliddjur: In this context, randonmess, even if I guess lack of order is a more general meaning.
<sliddjur> andol: so i should just keep the gpg app open wile doing all this randomness?
<andol> sliddjur: yepp
<sliddjur> andol: not rerun gpg?
<andol> sliddjur: As long as it still says it is waiting it is better to keep it running, or it will need to start needing entropy from scratch.
<jack34> when I run cap deploy:cold, I get this error message: PG::Error: ERROR:  permission denied to create extension "unaccent"  HINT:  Must be superuser to create this extension. Does anyone know how I can give my normal user superuser privileges?
<sliddjur> yepp it actually updated now. it needs 92 more bytes
<sliddjur> what the hell. now it needs more again. need 115
<andol> sliddjur: Because your key actually consists of two keys, so I'm fairly certain the jump is due to it generating the second (sub)key.
<sliddjur> andol: i am probably inside a virtual machine aswell. would that matter on my entropy levels?
<andol> sliddjur: Yes, in the context that it is less obvious how to trigger entropy-generation in a virtual machine, and that a virtual machine might have to share the physical machines entropy pool with other virtual machines.
<jack34> I matched all of my database.yml production information and still get this error after sudo cap deploy:cold - PG::Error: ERROR:  permission denied to create extension "unaccent" HINT:  Must be superuser to create this extension. Any ideas?
<jack34> #postgres
<sliddjur> andol: http://www.howtoforge.com/helping-the-random-number-generator-to-gain-enough-entropy-with-rng-tools-debian-lenny this worked . now i generated a key in two seconds
<andol> sliddjur: Yepp, generating "fake" randomness is a lot faster :) Often, but not always, it is also good enough. Depending on how paranoid/security concious you want to be I guess you'll have to decide whatever to keep rng-tools running or not.
<sliddjur> so where are my files ?
<sliddjur> andol: I uninstalled rng tools
<andol> sliddjur: ~/.gnupg/pubring.gpg and ~/.gnupg/secring.gpg. Usually you will only interact with those files indirectly, by calling gpg or so.
<sliddjur> its in my personal homedir. should i move it to /root since root runs dupliciity?
<andol> sliddjur: I would do that. While root can still read those files in your personal homedir it is unncesary for your regular user to have access to them in case they are only used by root.
<andol> sliddjur: Also, by having them in root's homedir they will be covered by being in the default path.
<duncan-nz> I've been trying to setup a samba server. I tried to generate an SSH key with Puttygen on windows. Now that machine still has access (and still says it doesn't recognise the fingerprint - I never worked out how to copy it over) but other machines on this network can't get access. Obviously I've done something wrong. Any ideas?
<duncan-nz> the serve is on ubuntu, but i'm trying to get access from my windows laptop.
<sliddjur> andol: after I moved the folder: http://pastebin.com/gX296SV4
<sliddjur> duncan-nz: you can copy files over winscp application
<sliddjur> with
<agu10^> What domain registrar would you recommend?
<jack34> I finally  finished this deployment tutorial (http://matthewcopeland.me/blog/2012/09/29/grow-out-your-neckbeard-its-time-to-deploy-how-to-setup-and-deploy-to-a-linode-server/), but when I type in the IP address in Safari, I get safari can't connect to the server. Any ideas?
<ikonia> jack34: probably because it's using host headers, which an IP won't contain
<ikonia> jack34: I assume you are using your own IP, rather than the example one in the document
<jack34> ikonia: Yes, I am using the IP from DigitalOcean VPS
<jack34> ikonia: What should I replace?
<ikonia> jack34: that's someone elses IP
<ikonia> jack34: (you are using the IP address in the document yes ?)
<jack34> ikonia: No, I'm using the one DigitalOcean VPS emailed to me.
<agu10^> What domain registrar would you recommend?
<ikonia> jack34: ok, so it's "your" ip address
<ikonia> jack34: first thing is check the web server is running
<ikonia> agu10^: anyone you want
<agu10^> why?
<ikonia> agu10^: why what ?
<agu10^> i don't want to use godaddy
<agu10^> they're the devil
<ikonia> agu10^: then don't use them, use what ones you like
<ikonia> jack34: I'm assuming you're trying to connect to the web service
<agu10^> i don't know any others. that's what i'm asking for
<ikonia> agu10^: google
<ikonia> agu10^: there are many
<jack34> ikonia: i finished everything in that tutorial and everything looked good until I tried opening my IP address in the browser....it says "Page not available"
<ikonia> jack34: first verify you can connect to the socket
<jack34> ikonia: I basically am trying to redeploy my heroku app to digital ocean
<jack34> ikonia: How do I do that?
<ikonia> jack34: what port are you trying to connect to ?
<jack34> ikonia: 3030
<ikonia> jack34: ok, so do a test where you telnet to the ip/port you are trying to connect to
<jack34> ikonia: how can I check the remote ubuntu server logs?
<ikonia> jack34: please do the test I asked
<jack34> ikonia: How do I do that telnet thing you're talking about?
<ikonia> jack34: .....really ?
<ikonia> jack34: telnet hostname(or ip) port
<jack34> ikonia: I'm a noob :(
<jack34> ikonia: It seems to have connected
<jack34> ikonia: SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1
<ikonia> jack34: what command did you use exactly
<jack34> telnet <IP ADDRESS> 3030
<ikonia> jack34: then why is ssh listening on 3030
<ikonia> jack34: ssh should not be listning on 3030
<ikonia> jack34: that appears to be why your webbrowser can't do anything with it - it's not running a webserver on 3030
<jack34> ikonia: How do I fix this?
<jack34> ikonia: I followed exactly what that tutorial told me
<ikonia> jack34: stop the ssh server running on 3030, bind your application/web server to 3030, so when a web browser hits it, there is something there
<ikonia> jack34: contact the people who wrote the guide
<ikonia> jack34: quickly scanning that guide, you should not be connecting on 3030
<ikonia> you should be connecting on 80
<jack34> ikonia: Which keywords to I type to stop the ssh server and bind the app/web server to 3030?
<ikonia> jack34: please check what I just said
<jack34> ikonia: In the tutorial it says: # Change your port access. Our Example uses 3030 Port 3030
<ikonia> jack34: yes, re-read what I've just said
<jack34> I think I know the problem now..
<jack34> one sec
<jack34> ikonia: Okay, so do I have to change /etc/ssh/sshd_config on my ubuntu server back to port 80?
<ikonia> jack34: no
<ikonia> ssh does no run on port 80
<ikonia> please re-read what I said
<ikonia> you should not be connecting directly on port 3030
<jack34> ikonia: I'm readin, I'm readin
<jack34> ikonia: Specifically, which directories and keywords to I need to input to make these necessary changes?
<ikonia> jack34: there are no changes
<jack34> ikonia: I'm new to VPS, coming from Heroku
<jack34> ikonia: I just need more specifics :(
<ikonia> you need to read what I've said
<jack34> Ok, lets break it down in steps
<ikonia> no, you need to read what I've said
<jack34> Step 1) stop the ssh server running on 3030
<ikonia> no
<duncan-nz> I am correct to be surprised that one of my machines can't get ssh access to my new server ... even though I haven't set up public keys? It should just connect and give me a login window right?
<jack34> ikonia: What then?
<ikonia> duncan-nz: sorry what ? can you try to explain that
<ikonia> jack34: I'm not saying it again.
<jack34> ikonia: Why are you so angry?
<ikonia> jack34: I'm not angry at all
<jack34> ikonia: You're talking in generalities as if I'm a VPS genius
<ikonia> jack34: no I'm not
<ikonia> jack34: this has onthing to do with "vps"
<ikonia> jack34: I suggest contacting the people who wrote that guide
<ikonia> jack34: if you are unable to follow the basic instructions I've given you
<jack34> I'm new to SSH too, I just need more specifics
<ikonia> jack34: they can support their own documentation
<duncan-nz> I've just set up a server (12.04) and for some reason this machine win machine with putty) can get an ssh connection and log in, but my ubuntu machine on the name network can't get in.
<ikonia> jack34: it has nothing to do with ssh
<ikonia> duncan-nz: sounds odd
<ikonia> duncan-nz: how are you conncting, by dns/host or IP
<jack34> ikonia: Which line of yours do you want me to reread>
<ikonia> jack34: none, I'm not going to tell you again
<duncan-nz> just typing the machines name on the network.
<ikonia> duncan-nz: try it on IP
<ikonia> duncan-nz: I suspect dns maybe failing you
<duncan-nz> so if i run ifconfig on the server am I looking for the ipv4 address?
<ikonia> duncan-nz: yes
<jack34> ikonia: I'm sorry I upset you. I really am new to this.
<ikonia> you've not upset me at all
<jack34> Usually I get specific helpful answers in this irc
<ikonia> jack34: you got specific help
<jack34> I'm sorry I've irritated you
<ikonia> you've not irritated me
<jack34> ikonia: Yes, they would tell me exactly what directory or keywords I would need to input and what it means
<Psi-Jack> jack34: However you're about to start. :)
<ikonia> jack34: I've given you specific informaiton from scanning through the doucment you are using
<ikonia> jack34: I've stated maybe 3 times you sould not be connecting to port 3030 with your browser
<jack34> jack34: Then how do I fix it?
<ikonia> fix what ?
<ikonia> you're connecting to the wrong port
<ikonia> you're connecting to the ssh port you use to deploy the app with your web browser
<ikonia> ssh is not a web browser application
<jack34> ikonia: So how do I stop connecting to the wrong port and connect to the right one?
<ikonia> jack34: you understand how web applications work ?
<jack34> ikonia: yes
<ikonia> jack34: right, so what port does a web browser normally connect to ?
 * ikonia waits why jack34 googles
<jack34> ikonia: port 80?
<ikonia> jack34: right,
<ikonia> jack34: so why are you tryin gto connect to port 3030 with your web browser ?
<duncan-nz> okay, so it was bcast (there was no entry called ipv4) so now it works. Why can one machine get in with the server name and the other only by using the IP address?
<jack34> I use Bing :)
<ikonia> jack34: the example shown in the document doesn't show a connection using 3030
<ikonia> duncan-nz: sorry what ?
<ikonia> duncan-nz: it was bcast ?
<duncan-nz> yup
<ikonia> what is bcast ?
<ikonia> broadcast ?
<ikonia> duncan-nz: there has to be an IPv4 entry
<ikonia> that's how it's on the network
<duncan-nz> sorry, i wrote wrong. there's line that says inet addr:192.168.x.xx Bcast 192.168.x.xx Mask:255.255.255.0
<duncan-nz> and the first one is the one i wanted.
<ikonia> duncan-nz: yes, that's your ipv4 address
<duncan-nz> Usually it's called ipv4, but now it isn't any more I guess with the latest ifconfig...
<ikonia> duncan-nz: it's never called ipv4
<duncan-nz> oh, sorry, that's ipconfig on windows.
<jack34> ikonia: I followed that tutorial exactly...and my IP address was working after I tested nginx..
<jack34> ikonia: I got the nginx page and everything
<ikonia> jack34: if you followed that tutorial exactly why are you pointing your web browser at port 3030 ?
<ikonia> when the example points it at 80
<duncan-nz> ikonia: tnx
<jack34> ikonia: Where does the example point to 80...I searched the whole tutorial t for the keyword '80' and nothing shows up
<ikonia> jack34: you're too lazy
<ikonia> jack34: it shows it in the screen shot
<jack34> ikonia: Are you talking about 96.126.100.112?
<jack34> ikonia: Isn't that his unique IP address though?
<jack34> ikonia: You're talking about this tutorial right: http://matthewcopeland.me/blog/2012/09/29/grow-out-your-neckbeard-its-time-to-deploy-how-to-setup-and-deploy-to-a-linode-server/
<ikonia> jack34: you said you knew how web applications work
<ikonia> jack34: he's typing 96.126.100.112 in his example
<ikonia> jack34: what port is 96.126.100.112 connecting to ?
<jack34> ikonia: port 80?
<ikonia> think about it
<ikonia> jack34: come on....yes
<jack34> ikonia: Ok, so how can I make my IP address do that?
<ikonia> jack34: I'm sorry, you really have no idea what you are doing or how web applications work
<ikonia> jack34: you need to conact the person who wrote that document and ask them to walk you through it
<jack34> ikonia: I'm dumb I know, but I'm not going to give up
<ikonia> I didn't say you where dumb, and I didn't say you sould give up
<ikonia> I asked you if you knew how web applications work....you clearly don't, so it would require me going through that doucment, then going through it with you step by step
<jack34> this VPS stuff is new to me, I come from a git push heroku background
<ikonia> jack34: this is nothing to do with vps
<ikonia> jack34: I suggest contacting the people who wrote that document, and explaining you'd like to go through it with them when they have some time free
<jack34> ikonia: I'll just google it then
<ikonia> jack34: sure, if you feel that will get the job done
<jack34> ikonia: I'm sorry I upset you
<ikonia> as I've said 3 times now
<ikonia> you've not upset me
<ikonia> perhaps listening will get you further
<jack34> ikonia: I will listen, try to reflect, analyze and be open to your criticism
<ikonia> why don't you just contact the author and ask him to talk you through it
<ikonia> then you can ask questions as you go along with anything you are not %100 clear on
<jack34> ikonia: The author doesn't care about folks like me, he's busy working for ThoughtWorks
<ikonia> jack34: have you asked ?
<jack34> ikonia: I'm just a vps noob, trying to migrate his rails app from heroku to digitalocean
<ikonia> jack34: remember when you said "you'd listen" ?
<jack34> I'm listening
<RoyK> jack34: what are you trying to do_
<RoyK> ?
<ikonia> jack34: how many times hav eI said to you "it's nothing to do with a vps"
<ikonia> RoyK: http://matthewcopeland.me/blog/2012/09/29/grow-out-your-neckbeard-its-time-to-deploy-how-to-setup-and-deploy-to-a-linode-server/
<ikonia> RoyK: he's followed it exactly....but not at all
<jack34> ikonia: thanks
<jack34> RoyK: I'm trying to get my IP address in the browser to work after I deployed, but I get a "page not found"
<jack34> RoyK: Everything seemed to deploy perfect though
<cloakable> I am seeing some truly weird behaviour in my /dev/disk/by-path in ubuntu server 12.10; both sda and sdb seem to be conflicting
<ikonia> jack34: with respect, based on the fact tha tyou where trying to connect to 3030 rather than 80 - your assesment of "everything deployed fine" isn't really valid
<RoyK> cloakable: pastebin `find /dev/disk-by*`
<cloakable> RoyK: sure
<jack34> ikonia: But that's what the author put in their deploy.rb file: set :port, "3030"
<cloakable> RoyK: http://paste.ubuntu.com/1672595/
<jack34> RoyK: Any ideas?
<RoyK> sorry, I don't see the conflict
<RoyK> jack34: well, basic ubuntu server setup docs are good
<RoyK> !guide | jack34
<ubottu> jack34: The Ubuntu server guide may be found at http://help.ubuntu.com/12.04/serverguide/C/
<jack34> RoyK: The page isn't loading in my browser, even though everything seems to deploy fine.
<cloakable> RoyK: how about here? http://paste.ubuntu.com/1672608/
<cloakable> How's that for a conflict? :)
<RoyK> ouch
<RoyK> dunno
<cloakable> I have in my system: sda sda1 sda2 sda5 sdb and sdb1
<RoyK> does it work if you use UUIDs?
<RoyK> no need to use /dev/whatnot if you have UUIDs
<cloakable> I was planning on setting a POLICY line in mdadm.conf, but that assumes a reliable /dev/disk/by-path
<cloakable> And uh... it's not reliable, obviously :P
<cloakable> Ah well, maybe it's a chipset issue. NM10/ICH7 SATA controller?
<RoyK> what's the policy thing in mdadm?
<cloakable> It allows you to set a policy on what do do with hotplugged disks
<ikonia> jack34: READ what he's saying
<ikonia> jack34: DEPLOY to 3030 - that doesn't mean point your web server at 3030
<ikonia> jack34: ssh is running on 3030 that's how the application is deployed, so just common sense says "pointing a web browser at an ssh server....won't do anything"
<cloakable> So you can basically tell it to take control of disks plugged into a defined range of ports, and do stuff with them
<cloakable> Like automatically replace a failed disk :)
<jack34> ikonia: Ah, so I have to change all my 3030 ports to 80 on the remote server right?
<ikonia> jack34: no no no no no no no no no no no no no no no no
<ikonia> jack34: how many times did I saw "no changes needed"
<ikonia> jack34: this is why I've stopped trying to help you as you don't listen
<RoyK> cloakable: ok
<RoyK> cloakable: I thought that was in by default
<cloakable> RoyK: nope, needs to be configured
<cloakable> the mdadm writers decided it wasn't a good idea for it to just grab disk without being configured :)
<RoyK> why do I like zfs? ...
<cloakable> So it'll assemble an array without configuration, but won't include fresh disk without being either configured to, or told to.
<jack34> ikonia: Okay so no changes needed, let me get that straight
<binarydog> does ubuntu-server have a different hardware detection than ubuntu? or does it only detect ethernet cards and no wireless cards?
<cloakable> I believe they use the same kernel and therefore same drivers
<RoyK> binarydog: the difference is minimal or non-existant
<cloakable> It looks like both the server and desktop use the same (generic) kernel now
<cloakable> So non-existent
<cloakable> linux-server depends on linux-generic, and linux-generic depends on the latest linux kernel
<binarydog> hm, because the server version does not find my wlan card (macbook air) but desktop does
<ogra_> you dont see it in ifconfig ?
<ogra_> or in "cat /proc/net/dev"
<RoyK> binarydog: what does iwconfig have to say?
<binarydog> i'm still at the 'detect network hardware' installation step. i'm going to try brcmsmac. that seems to be the right version
<ogra_> oh broadcome evilness
<binarydog> haha yeah, that's the one thing I still remember from my last try
<sliddjur> hello, i created gpg keys with sudo. now keys where created in private home folder. then i moved them to roots home folder. but gpg --list-keys doesnt show any keys
<escott> sliddjur, if you did sudo gpg --blah blah it was probably acting on /root/.gpg
<sliddjur> escott: i did sudo -s and then gpg keygen
<escott> sliddjur, so that should be messing with /root/.gpg
<sliddjur> escott: sudo -s all commands after that is run as my user?
<Masshuu> anyone here know how to work cset?
<escott> sliddjur, well sudo -s is probably wrong. sudo -i is what you wanted. but in a root terminal those commands run as root
<sliddjur> escott: sudo -i stays logged in aswell?
<escott> sliddjur, it starts an interactive terminal
<sliddjur> im not sure i understand what that means
<escott> sliddjur, usually sudo command just runs a command which is "non-interactive"
<escott> sliddjur, sudo -i starts an interactive terminal session with root privs
<duncan-nz> why is there an entry in .ssh/authorized_keys before I put one there?
<TheLordOfTime> duncan-nz, host-generated?
<TheLordOfTime> duncan-nz, is the server an Amazon EC2 instance, or a VPS somewhere?
<TheLordOfTime> or something else?
<duncan-nz> It's my own server just recently installed
<TheLordOfTime> huh, dunno then, but you can remove it normally without incident
<duncan-nz> okay, that's the important thing. I'll backup the file of course just in case.
<duncan-nz> now putty is not asking me if I recognize the fingerprint when i connect. Where is putty storing info about the keys i recognize?'
<zastern> Every time I try to change network settings by editing /etc/network/interfaces and then restarting networking i get - Running /etc/init.d/networking restart is deprecated because it may not enable again some interfaces - What is the proper way to reload network settings then?
<zastern> services networking restart gives a similar message
<lvmer> I'm having trouble with the error: No css library available.    But I have both libdvdcss2 & libdvdread4
#ubuntu-server 2014-02-10
<zgsppdale> Hi
<ruben231>  guys any idea i have issue install mariaDb somehow ---> http://pastebin.com/UEpxbs5K
<zgsppdale> How do I setup LAMP?
<swatson> Hello all.
<ruben231> hi guys
<ruben231> how do i make my nameserver permanent on ubuntu server 12.04 LTS, everytime i restart i re input it, the settign disappear when i manually put it on /etc/resolv.conf
<ruben231> any idea guys..?
<andol> ruben231: 1) Do it the resolvconf way by specifing dns-nameservers in /etc/network/interfaces 2) Do it old-school by removing the /etc/resolv.conf symlink, and making /etc/resolv.conf a regular file, which resolvconf won't touch.
<AnAnt> Hello, is there a tool to monitor traffic on the local network ? I need to find out which machine is hogging the network bandwidth
<olegb> tcpdump / wireshark ....
<olegb> ?
<AnAnt> olegb: thanks
<rbasak> iftop might be more useful to identify bandwidth users
<ws2k3> hello, i'm trying to get snmp running on my machine but when i do an an snmpwalk on localhst it gives me Many rules like ï»¿Cannot adopt OID in NET-SNMP-AGENT-MIB
<Mathias> any good dhcpv6 guides for ubuntu?
<Mathias> tried a couple, and failed hard
<w0rmie> i've some tftp server issues, when i installed a NFS server and i would to boot from server but i got a message such TFTP open timeout
<w0rmie> any idea?
<tomixxx3> hi, i have ubuntu 12.04.3 LTS, what package do i need if i want to use "inet dhcp" in "interfaces" file?
<tomixxx3> is it "dhcp-client" ?
<YamakasY> anyone an idea why service --status-all gives so many questionmarks ?
<TJ-> YamakasY: probably the sysV init scripts don't have a 'status' stanza
<YamakasY> TJ-: I have read something about it, but that is for that specific service ?
<YamakasY> TJ-: it's MySQL...
<TJ-> YamakasY: read the init script and see if it has a case for status... also, if the job is an upstart rather than sysV I think you'll get the same ? result
<YamakasY> TJ-: nope, not there
<hallyn> zul: bug 1228977, i'm goingto try cherrypicking all the v1.1.1-maint patches into saucy's libvirt right now.  (i assume you haven't touched that yet?)
<uvirtbot> Launchpad bug 1228977 in nova "n-cpu seems to crash when running with libvirt 1.1.1 from ubuntu cloud archive" [High,Confirmed] https://launchpad.net/bugs/1228977
<tomixxx3> i have re-installed ubuntu-server and now iam observing sth interesting: the browser firefox has saved the history it seems. oO
<tomixxx3> how is that possible? i have formatted the hard drive on which ubuntu-server was installed...
<TJ-> tomixxx3: Separate file system for /home/
<tomixxx3> hmm?
 * genii sips and ponders why this server machine has firefox installed to begin with
<rbasak> ubuntu-server? firefox?
<tomixxx3> rbasak: hehe, yes, i have installud ubuntu-desktop :D
<tomixxx3> rbasak: i need the deskotp, otherwise i get crazy
<TJ-> genii: I used to do that about Windows Server, too ;p
<tomixxx3> maybe, later on, i will uninstall it again, if everything is working, but for now ;)
<tomixxx3> so "/home" is never formmatted when re-install ubuntu?
<rbasak> IIRC, it's possible to re-install over the top of an existing system, and that won't touch home. But I may be wrong.
<tomixxx3> kk, interesting
<hallyn> zul: setting up a test of http://people.canonical.com/~serge/libvirt-saucy.debdiff
<hallyn> jibel: hi, are you able to run bin/auto-upgrade-tester following https://wiki.ubuntu.com/QATeam/UpgradeTestingSetup, on trusty?  the lack of distro_info python3 package is preventing me from doing so...
<zul> jamespage:  looks like subunit is "broken" its not including any egg info in the packaging, there tests fail
<jamespage> zul, where?
<zul> in the openstack-ci
<jamespage> zul, ah
<jamespage> on trusty?
<zul> jamespage: on trusty
<jamespage> rbasak, I synced some of your proposed mysql-5.5 changes to the 5.6 packaging that's inflight
<rbasak> Thanks!
<jibel> hallyn, hi, I removed the dependency on distro-info, it is committed in rev 84 of lp:auto-upgrade-testing
<hallyn> jibel: ok thanks, i'll try that
<tash> can someone tell me what files are in a pxe mirror/http/directory ?  I'm trying to setup some pxe boot stuff and am not sure what directory path to use for d-i mirror/http/directory
<zul> smoser: hey do you have a python example of simplestreams getting a newer image?
<smoser> zul, more context
<smoser> "getting a newer image"?
<zul> smoser: im writing a script that I want to check to see if there is a newer image available cloud-images.ubuntu.com and upload that to my glance server
<smoser> zul,
<smoser> Related blueprints
<smoser> https://code.launchpad.net/~smoser/simplestreams/example-sync
<smoser> that will just keep you in sync. ie, its the whole kitten-caboodle.
<zul> smoser: ok cool thanks
<smoser> see the readme for examples
<martinrame> hi, I'm trying to debug an external ssh connection. Basically I want to know if an external client *at least* is trying to reach my server. This is because the Sysadmin says everything is correctly configured, but I can't login using ssh.
<martinrame> BTW, I can use SSH when I'm inside the LAN-
<sarnold> martinrame: if you netcat to the hostname and port in question do you get an ssh banner? e.g. "SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1" ?
<martinrame> sarnold: let me try.
<martinrame> sarnold: no, no response.
<sarnold> martinrame: hooray :) that's a nice concrete thing to work with.
<martinrame> sarnold: if I use "nc -z -w5 IP PORT; echo $?" I get "1".
<sarnold> martinrame: do you get a "refused" or "timed out"? if timed out, that is probably a firewall configured to DROP packets.
<martinrame> sarnold: I don't get anything.
<rbasak> martinrame: I usually run tcpdump on the server, to see the actual port 22 packets coming in (or not).
<rbasak> martinrame: (with a filter to avoid seeing my own ssh traffic)
<martinrame> rbasak: yes, that was I was thinking about.
<rbasak> SpamapS: (missing the general MySQL description) well, you wrote it when you uploaded 5.5.22-0ubuntu1 :-P
<SpamapS> rbasak: you slay me
<SpamapS> rbasak: really.. this is the work of the flying spaghetti monster that you're doing.. thank you. :)
<rbasak> SpamapS: np :)
<axisys_> preseed/early_command downloads the shell script and feeds it to /var/lib/dpkg/info/download-installer.postinst .. I verified on virtual console 2 ... but it never run.. what gives?
<axisys_> d-i preseed/early_command string cd /tmp; wget ftp://192.168.1.242/download/early_command_lvm_raid -O early_command; chmod 755 early_command; echo /tmp/early_command installer >> /var/lib/dpkg/info/download-installer.postinst
<axisys_> something changed in precise? should I need to place that in some other file instead of in /var/lib/dpkg/info/download-installer.postinst
<jtran> hey all.  i have a bond1.2001 interface  , /etc/network/interfaces has a bond1.2001 stanza with a line that says "dns-nameservers 192.168.1.2 192.168.1.3" yet  resolvconf isn't populating /etc/resolv.conf with those nameservers instead is empty with just the two commented lines
<jtran> any idea how to troubleshoot this?
<sarnold> jtran: ugh, I wouldn't want to troubleshoot that. the first thing I'd do is probably fire up fatrace in one terminal to see file accesses, then run ifup and ifdown on that interface
<sarnold> I'm not sure what I'd do next, but I'd hope that something obvious would stick out :)
<jtran> sarnold:  cool thx for the tip.   'fatrace' eh?
<sarnold> jtran: yeah, fantastically awesome tool; strace and ltrace follow a process hierarchy, which is often more useful, but I'm not sure where exactly resolveconf gets kicked off for updates; so, I think watch "everything"  :)
<jtran> i like it!  thx again
<Ryan_Lane> is there any way to make upstart return a 0 exit status if stop is run for a service that's not running?
<Ryan_Lane> right now I'm getting a return code of 1 for cgconfig that isn't running, which is causing me some really annoying problems
<rbasak> Ryan_Lane: could you examine the output of status(8)?
<Ryan_Lane> status cgconfig
<Ryan_Lane> cgconfig stop/waiting
<Ryan_Lane> $ stop cgconfig
<Ryan_Lane> stop: Unknown instance:
<Ryan_Lane> uuuugggghhh. status's exit code is 0, even though the service isn't running
<med_> zul, go see your sis.... :^)
 * med_ ducks
<Dream> Hello
<Dream> Anyone online?
<LLKCKfan> 15:06:58.0398 0x1ea8  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35
<LLKCKfan> 15:07:02.0617 0x1ea8  ============================================================
<LLKCKfan> 15:07:02.0617 0x1ea8  Current date / time: 2014/02/10 15:07:02.0617
<LLKCKfan> 15:07:02.0617 0x1ea8  SystemInfo:
<LLKCKfan> 15:07:02.0617 0x1ea8
<LLKCKfan> I have some chicken strip that have already been cook and then freeze(where freeze when we go them) how can I heat them up on the stove?
<Dream> If I am using an LSI raid controller, should I use lvm as well?
<parallel21> can anyone recommend good format recovery software
<parallel21> for ext4 formatted drive
<bekks> Dream: Sure, why not?
<zerick> parallel21, well. testdisk is the best thing I know
<parallel21> zerick: Thanks, I'll give it a shot
<rostam> hi is it possible to take a hard disk from one system to another identical system and boot from it? I know there must be some changes specific to older system to be done (i.e. mac address). Is there a tool to do this? thx
<sarnold> rostam: what's your end goal?
<TJ-> rostam: Aside from any device-specific parameters (such as in "/etc/udev/rules.d/70-persistent*.rules") or specific kernel module parameters, moving should be relatively painless.
<rostam> sarnold,  I need to update a system in China which we do not have network access to it. So I want to ship the disk. thx
<sarnold> rostam: yikes, high-risk effort :)
<rostam> sarnold,  how could I regenerate the rule files?
<sarnold> rostam: do you have a local image of their hard drive?
<rostam> sarnold,  their image will be identical to what I have, except when I add some changes to the system, they will not have that.
<TJ-> rostam: empty the udev rules files; they'll be re-written on first start-up in the new system
<sarnold> rostam: sorry, I've never fiddled with the 70-persistent* files before.. they look straight forward enough, but if you don't know the macs, it'll be annoying
<sarnold> oh, nice
<rostam> TJ-, sarnold  thank you so much
<TJ-> rostam: Those /etc/udev/rules.d/ files are created by /lib/udev/write_{cd,net}_rules
<rostam> TJ-, so as you suggested I will remove the rule files before moving the disk to the next system.
#ubuntu-server 2014-02-11
<ruben231> hi guys...any idea how to install Ubuntu desktop on 50 desktop unit on one time only..? any idea..?
<sarnold> ruben231: investigate 'preseed files'
<omps> Hi all
<usr13> To switch from ubuntu-desktop to ubuntu-server, you'd just uninstall ubuntu-desktop.  Right?
<usr13> (After you edit /etc/default/grub and change GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"  to GRUB_CMDLINE_LINUX_DEFAULT="text" and then run sudo update-grub  Which will do away with GUI.)
<usr13> sudo service lightdm stop  and do  ^^^^^  and then sudo apt-get remove ubuntu-desktop
<usr13> Does that sound ok?
<TJ-> usr13: you don't need to remove "quiet splash" but it can help. "splash" is the trigger for the plymouth splash screen, "quiet" reduces the verbosity of the kernel messages
<shreezbot> I removed quiet splash and changed it to text and that worked well...
<usr13> TJ-: Ok.. so change "quiet splash"  to   "quiet text" ?
<usr13> TJ-: Is that what you recommend?
<TJ-> usr13: On servers I replace "quiet" with "debug" since I want to see as much as possible at boot-time
<usr13> ok   "debug text"  ?
<TJ-> usr13: I don't usually add "text" because if the VGA adapter is capable enough, I have it switch to a high-res graphics mode to get more text on-screen
<usr13> Oh, so all you need is "debug"
<TJ-> usr13: yeah, not need either, its just helpful if/when something goes wrong to see as much as possible
<usr13> Ok then, it would be sufficient to just remove  "quiet splash" ?
<TJ-> usr13: :) yes, as I said, its not necessary more a question of personal preference
<usr13> Yea, ok.  Thanks for the info...
<shreezbot> Crap, when I change it to "debug" the damn login screen comes up....  :(
<shreezbot> If I have it at "text" it goes to the console...
<TJ-> shreezbot: It will, if you've got lightdm installed and enabled
<usr13> shreezbot: Well, you have yet to uninstall ubuntu-desktop
<usr13> shreezbot: Right?
<usr13> Oh yea, you'd need to dissable lightdm.  Or uninstall it...
<shreezbot> usr13, Correct, I haven't uninstalled ubuntu-desktop yet...
<TJ-> "text" disables lightdm
<usr13> Yea that's what I thought.
<shreezbot> AHH!
<shreezbot> TJ-, So I can just uninstall lightdm?
<shreezbot> Do I need to uninstall ubunut-desktop also?
<TJ-> shreezbot: You don't need to, just override it
<usr13> TJ-: Yea, but he no longer needs any of it... right?
<usr13> So why not uninstall it.....?
<usr13> TJ-: I'm try9ing to think.... what is the scipt that starts all the GUI stuff?
<usr13> What's the name of it...?
<TJ-> usr13: "sudo service lightdm start"
<usr13> well yea,   sudo service lightdm stop  will dissable it, but only for one session.  Right?
<TJ-> yes
<usr13> It must be  /etc/init/lightdm.conf  that I'm thinking of... ?
<usr13> no, that's not it...
<TJ-> to disable services you'd do "sudo update-rc.d lightdm disable"
<shreezbot> TJ-, So when I configure grub to just use debug, when my server starts up, should I eventually get a console prompt?
<shreezbot> TJ-, It currently just sits there at "Stopping Mount filesystems on boot"...
<shreezbot> TJ-, I'm able to SSH into the server just fine though and do everything I need to do and all of my applications have started up correctly.
<TJ-> shreezbot: Yes, it sounds as it the getty jobs aren't starting the ttys
<shreezbot> TJ-, Weird...  It started doing that after I removed lightdm...  :(
<TJ-> shreezbot: check the /etc/init/tty{1..6}.conf scripts exist
<shreezbot> TJ-, Should GRUB_TERMINAL=console be uncommented in my /etc/default/grub?
<TJ-> shreezbot: the only other thing I can think of, is the kernel command-line's "vt-handoff..." option and plymouth splash screen stay on VT7. In which case pressing Alt+F1 should get you to the login on tty1
<usr13> Seems to me that it would be a lot easier to uninstall some stuff, particularly ubuntu-desktop
<usr13> I just found this:  http://www.darrinhodges.com/converting-ubuntu-12-04-lts-desktop-to-server/
<usr13> If you are permanently moving to server, uninstalling the packages that are no longer needed just seems like the thing to do.
<shreezbot> SWEET!
<shreezbot> usr13, I've looked everywhere for instructions like that...  :)
<usr13> Well, there you go....
<usr13> (My google-foo is working...)
<usr13> shreezbot: And set to "static IP and remove that pesky network-manager as well"
<shreezbot> usr, this damn thing is going to be a server yet!  :)
<usr13> Of course, if you have a router giving it a static lease, you only need to uninstall network-manager.
<usr13> because dhcp is default.  At any rate, from now on, just use the config file /etc/network/interfaces for network configurations
<usr13> http://www.cyberciti.biz/faq/setting-up-an-network-interfaces-file/
<usr13> Better one:  https://wiki.debian.org/NetworkConfiguration
<shreezbot> I get a message about "login:  mounall:  Disconnected from Plymouth" and no console....  :(
<shreezbot> I'm able to "CTRL+ALT+F2" to swap to tty2 and so on, but tty1 is hung up...  :(
<TJ-> shreezbot: ahhh, that is interesting
<shreezbot> TJ-, Tell me about it.
<TJ-> shreezbot: "ps -efly | grep tty1"
<shreezbot> TJ-, It says it is running
<shreezbot> /sbin/getty/ -8 38400 tty1
<TJ-> shreezbot: "grep DELAYLOGIN /etc/default/rcS"
<shreezbot> =no
<shreezbot> Shit, I broke my network removing the network-manager...  I'm wondering if that could be the problem...
<shreezbot> and of course I can't re-install the network-manager because I can't connect to the internet...  :(
<shreezbot> I maybe should have done that...
<shreezbot> shouldn't
<TJ-> shreezbot: The packages should still be in "/var/cache/apt/archive" so you can simply "sudo apt-get install network-manager"
<shreezbot> TJ-, I'm an idiot, so I purged them...  :(
<shreezbot> Looks like I can't get an IPv4 address for some reason...
<TJ-> shreezbot: You'll have to do it manually then "sudo ifconfig eth0 1.2.3.4 netmask 255.255.255.0" "sudo ip route add default dev eth0" and then add a DNS nameserver entry to /etc/rsolv.conf
<TJ-> shreezbot: How are you doing it? "sudo ifconfig eth0 up" then "sudo dhclient eth0&"
<shreezbot> I edited /etc/network/interfaces
<shreezbot> lol, I'm so fucking dumb sometimes
<shreezbot> I did a sudo -i not realizing that it changed my working directory to root
<shreezbot> So I created a file called interfaces there, which needless to say did fuck-all when I attempted to bring up the interface...
<shreezbot> Well, that wasn't it though...  It still isn't getting an IPv4 address...  :(
<shreezbot> Ok, I got it working now...
<shreezbot> Incidentally, that fixed my stupid "Disconnected from Plymouth" as well!  :)
<shreezbot> Sometimes I just have to fumble my way through...  :)
<sarnold> shreezbot: if you just want NM back, you can probably dpkg -i /var/cache/apt/something..
<shreezbot> sarnold, I actually don't mind it being gone now that I know how to properly configure /etc/network/interfaces...  :)
<sarnold> shreezbot: excellent :D
<shreezbot> sarnold, Yea, I'm super stoked now that I've converted this desktop installation to server...
<shreezbot> Been wanting a way to do that for a long time now...  :)
<TJ-> sarnold: if it's in /var/cache/apt/archive/ then you can use apt-get (which will resolve dependencies)
<sarnold> TJ-: that's nice but if the network is down, fixing the rest of it just to get it back could be a hassle
<sarnold> of course, in server land, life without NM is probably the best way forward anyway :)
<shreezbot> sarnold, Yep!  That's what I'm working toward...  This is a learning experience for me, so mission accomplished tonight!  :)
<shreezbot> I've learned about 30 new things tonight!  :)
<sarnold> haha, nice :)
<shreezbot> I'll say, you guys are amazingly helpful...  :)
<sarnold> TJ-: nice work :)
<shreezbot> So what do you guys recommend for monitoring Ubuntu?
<shreezbot> Mostly for thinks like CPU utilization, memory utilization and things like that...
<sarnold> setting up something like that has been on my todo list for ages. there's 'statistics' things like collectd and .. munin? and then there's service alerting things like nagios / icinga, shinken, and I just found out about assimilation project a few weeks back that looks pretty cool
<ruben23> hi guys i have 50 PC and we would liek to install desktop ubuntu on it any solutions to install it on network at the same time..? any idea..?
<ruben23> hi guys need help, just freshly install ubuntu server 12.04 LTS ----> http://pastebin.com/T2wbCMyn <--------------i get this error when i update
<ruben23> any help..?
<TJ-> ruben check the contents of the downloaded .gpg files, they're stored in /var/lib/apt/lists/ ... I bet you'll find they contain some HTTP proxy/cache message rather than the GPG signatures they should contain
<ruben23> TJ- what to do next..? after checking
<ruben23> this is the content --> http://pastebin.com/TKpBQeZz
<TJ-> ruben23: if the files contain bad data, fix the proxy/cache that is giving out that data
<TJ-> ruben23: You'll need to look *inside* those gpg files to see if they have valid contents. The "file" utility will help you there
<ruben23> http://pastebin.com/Ts9aEpZZ <----------------------my gpg file
<TJ-> ruben23: So now fix it
<ruben23> TJ-:  i tried putting it into DMZ on my router stil the same..any idea how to fix..?
<TJ-> Use the information from the server that is saved into those files
<ruben23>  TJ-: it ok now
<ruben23> thanks
<welly> Hello all. I've got an internal dev server which has been set up with public key authentication for ssh and password authentication disabled. I've edited sshd_config to disable public key authentication and enable password authentication but so far, no luck in logging in with a password. Am I missing something?
<welly> ah ha. it works now
<welly> :D
<rbasak> zul, hallyn: are you aware of the libvirt FTBFS ATM? I have a trivial patch for libvirt; do you mind uploading it at the same time, please? http://paste.ubuntu.com/6914206/
<rknol> hello there friends
<rknol> i've come across a rather unfortunate situation i'm afraid
<rknol> i don't know anything about the history of this server, i didn't set it up
<rknol> but i'm getting this error:
<rknol> https://dpaste.de/O26t
<martisj> morning
<dimitern> I'm not sure if it's the right place to ask, but I have a bug to fix in juju-core https://bugs.launchpad.net/cloud-archive/+bug/1240667, which includes setting a lower priority on the cloud-tools pocket during bootstrap, and then using --target-release with apt-get install to specify the exact archive to use (i.e. cloud-tools, not main)
<uvirtbot> Launchpad bug 1240667 in juju-core "Version of django in cloud-tools conflicts with horizon:grizzly" [Critical,In progress]
<dimitern> so the question is: what's the expected --target-release value format for cloud-tools? "precise-updates/cloud-tools" ?
<dimitern> i figured someone with more in-depth apt experience might know
<cfhowlett> !cloud
<ubottu> Ubuntu Cloud Infrastructure is a ready to deploy Infrastructure-as-a-Service (IaaS) based on OpenStack. See https://help.ubuntu.com/community/UbuntuCloudInfrastructure for further details.
<martisj> is sftp enabled by default with openssh?
<mardraum> martisj: with openssh-server, yes
<martisj> mardraum: I see.
<martisj> I can't seem to wrap my head around how to setup access via sftp to the apache document root and then have those files be accessible from www-data
<martisj> It should be trivial and I should know how to do this, but I don't :S
<mardraum> point apache and your user's home at the same place?
<mardraum> or just use cd commands to move around
<mardraum> sftp in, cd /
<mardraum> you are at root.
<mardraum> there are many ways you could do it, even a symlink
<mardraum> as for "www-data" sounds like you are struggling with permissions?
<martisj> mardraum: yes permissions indeed
<martisj> ls -al shows that the user and group is the same as my username and group
<martisj> demo:demo
<martisj> where demo is my username
<dimitern> any server guys available?
<ikonia> just ask the question
<dimitern> I asked some time ago
<dimitern> ikonia, the question is: what's the expected apt-get install --target-release value format, so it will pick packages from the cloud-tools pocket, rather than main?
<ikonia> sorry, I don't know the answer
<dimitern> ikonia, ok, sorry then
<ikonia> no need for sorry, I just don't know the answer
<rbasak> dimitern: it should be automatic, since versions in the cloud-tools pocket are higher than the versions in main. I think. Do you have a specific example where this is not working?
<dimitern> rbasak, yes, that's exactly the issue with bug 1240667
<uvirtbot> Launchpad bug 1240667 in juju-core "Version of django in cloud-tools conflicts with horizon:grizzly" [Critical,In progress] https://launchpad.net/bugs/1240667
<dimitern> rbasak, so I need to add cloud-tools with lower priority and redo all apt-get install commands in cloudinit to use --target-series "precise-updates/cloud-tools"
<dimitern> rbasak, so we won't mess with charms deployed on the same machine and trying to install packages from main, but now getting them from cloud-tools instead (i.e. django as described)
<rbasak> dimitern: I was unaware of that bug - thanks.
<rbasak> dimitern: so --target-series "precise-updates/cloud-tools" doesn't work?
<dimitern> rbasak, yeah, it's somewhat recent and came up when people started complaining openstack horizon is not working when deployed on machine 0 (on askubuntu.com)
<dimitern> rbasak, haven't reached that point, still writing the fix, it should work
 * rbasak wonders if lxc and mongodb could specifically be put in precise-backports or something.
<ruben231> hi guys
<martisj> HOw in the name of god do i upload files with sftp to apache docroot
<martisj> while still having the files owned by www-data
<shredding> I start a service like service "service solr start", which starts solr as daemon. But i want to see it's output.
<shredding> Is there a flag or so, to not-start-as-daemon?
<rbasak> martisj: easiest to focus on groups instead. Look up the directory sgid bit.
<rbasak> shredding: it's service-dependent. Look in /etc/init/solr.conf for what it does currently, and maybe at the solr manpage for how to change it. For debugging, it's often possible to run a daemon manually without going into the background, but that depends on the daemon.
<shredding> rbasak: thx
<martisj> rbasak: i'll look into it
<martisj> I keep getting permission denied public key,apssword
<martisj> it's the most diffuse message
<martisj> most frustrating indeed
<shredding> rbasak: Hm, it did not work, there is no solr.conf and the solr file itself is weird.
<shredding> I'm going to complain to the guy who set up the vagrant box.
<rbasak> shredding: oh, it must be a SysV script then. Try /etc/init.d/solr
<hallyn> rbasak: hm, that's not libvirtd, but every kvm vm that will have access to every uvtool backend.
<hallyn> oh, no, nm :)
<hallyn> looks good, thx.
<hallyn> zul: are you fixing up the ftbfs?  (comes from the nwfilter patch)
<xerxas> anyone using ubuntu cloud images ?
<xerxas> the disk seems to be 4 GB which is pretty small
<xerxas> with virtualbox, disk are (or can be) COW
<xerxas> and the documentation states it: http://docs.vagrantup.com/v2/boxes/base.html : "When creating a base box, make sure the user will have enough disk space to do interesting things, without being annoying. For example, in VirtualBox, you should create a dynamically resizing drive with a large maximum size."
<xerxas> utlemming: would it be possible to raise the disk size of vagrant boxes ?
<xerxas> utlemming: should I create on issue on launchpad ?
<caribou> any server meeting today ?
<arosales> caribou, I was thinking the same thing
<caribou> arosales: great minds... :)
<arosales> adam_g, is listed as the chair
<arosales> jamespage, smoser ^
<arosales> per https://wiki.ubuntu.com/ServerTeam/Meeting
<smoser> i'm not really here, sorry.
<smoser> :-(
<smoser> have to run.
<smb> Guess that is a no...
<smb> :)
<thesheff17> can anyone quickly let me know what the backup user does on ubuntu-server
<rbasak> thesheff17: not much, I don't think. The user is part of the base system. Perhaps something minor uses it; I don't know.
<thesheff17> rbasak: yea its weird my data center just called me...logged onto the server and the backup user was running tons of weird crap like httpd
<thesheff17> the only exposed service is ssh
<rbasak> thesheff17: sounds like your server might be compromised.
<thesheff17> rbasak: yea :-/
<BrixSat> hello
<BrixSat> im making a ssh server1 "tail -f /var/log/apache/error.log" >> /tmp/error.log
<BrixSat> but this keeps hanging when network flaps, is there a way to make it die when network flaps, so i can make a watchdog in cron
<rbasak> jamespage: I just looked at bug 1243076. AFAICT, upstream is dead, Debian is dead, and the code is fundamentally not ported to the Apache 2.4 API. OK to just drop the package (it's in main)?
<uvirtbot> Launchpad bug 1243076 in mod-auth-mysql "libapache2-mod-auth-mysql is missing in 13.10 amd64" [High,Confirmed] https://launchpad.net/bugs/1243076
<jamespage> rbasak, I would say so yes
<rbasak> OK thanks. I'll explain on the bug. It seems that many people think that it's required for a LAMP stack because they're cargo culting some instructions that install it for no useful purpose.
<xerxas> utlemming: just in case you see that here, I just created this : https://bugs.launchpad.net/ubuntu/+bug/1278989
<uvirtbot> Launchpad bug 1278989 in ubuntu "vagrant cloud images disk is too small" [Undecided,New]
<smoser> xerxas, you can just grow it.
<xerxas> ubuntu cloud images are not a package, and I cannot asign it to you ...
<xerxas> smoser: with ext2resize ?
<xerxas> smoser: that's not the way other boxes works ...
<smoser> do whatever operation you would do in virtual-box to make the disk bigger "physically" (ie, add 10G of zeros to it)
<smoser> and cloud-init will resize the root partition to take it.
<smoser> thats how things "should" work.
<xerxas> smoser:  these are vagrant boxes, it's supposed to abstract the use of virtualbox
<smoser> you'd rather people deliver you gigabytes of zeros ?
<xerxas> smoser: when you export vagrant base boxes they are supposed to grow
<smoser> heres the basic problem
<smoser> no matter what size utlemming thinks is "big enough".
<smoser> for some work load its not going to be big enough
<xerxas> smoser:  and no, I don't want people to download Gigs of zeroes, virtualbox manages the copy-on-write , it's written in vagrant docs, and commented in my issue
<xerxas> smoser: yes , but I used a lot of different boxes and all boxes generally built are 10 or 40 gigs
<smoser> so the better solution than making a box larger is to fix vagrant
<xerxas> smoser:  I'm not going to fix vagrant, and in the meantime, as we already deliver 4 gb boxes that are files that takes ~ 300 MB , we can easily grow to 10 Gb like most of people do
<smoser> vagrant needs to know how to grow disks.
<xerxas> or, we just can shrink the space de 300 MB
<xerxas> smoser: no it doesn't, virtualbox does it
<smoser> virtualbox certainly can do that.
<RoyK> xerxas: do you mean resize2fs?
<smoser> vagrant needs to learn how to tell virtualbox to do it.
<smoser> its the equivalent of:
<xerxas> RoyK:  no , virtualbox does it , you create a 10 Gb filesystem
<smoser>  qemu-image resize my.img 100G
<smoser> then magic is in place the rest of the way to do the right thing.
<xerxas> but It's just using the needed space on your disk
<smoser> vagrant is the thing that is missing function here.
<xerxas> don't know how virutalbox does it though
<xerxas> but this is something I saw a lot of time
<smoser> EC2, openstack, cloud-X, cloud-Y, .... all have this.
<xerxas> I have some contribution on vagrant (I think, small ones) and I'm using it for 2 years ...
<smoser> you just add zeros to the end of the disk.
<xerxas> smoser: gotta go , but I'll come back to you, or , can you comment the issue ?
<xerxas> I'm left, I'm late !
<xerxas> thanks!
<RoyK> xerxas: k
<Maddeth> Hey all, having an issue with NFS, anyone able to help?
<Maddeth> mount.nfs: mount to NFS server 'server:/directory' failed: RPC Error: Program not registered
<sarnold> Maddeth: iirc, nfs requires an rpcbind daemon or similar on both client and server
<Maddeth> sarnold: they both do, this is after a load of issues over the weekend, they worked before
<sarnold> Maddeth: hrm. are there any new firewall rules on either machine or routers between?
<Maddeth> on other servers I have just done /etc/init.d/nfs restart and that has cleared the same problems as shown here : http://www.whynix.com/2012/11/06/349/how-to-fix-mount-to-nfs-server-system-failed-rpc-error-program-not-registered/
<Maddeth> sarnold: nothing has been changed, and I can ping between the servers, no issues with DNS either
<sarnold> Maddeth: is it exportfs that shows you which filesystems are exported? (sorry, it's been a decade..)
<Maddeth> but, there is no nfs inid.d file, only nfs-common and nfs-kernel-server, sarnold also, the server is showing up in exportfs on the server I am tring to mount from
<sarnold> Maddeth: how the nfs server is started is different from distribution to distribution
<sarnold> Maddeth: nfs-kernel-server kicks off the kernel thread that does the nfs server work. maybe stop it and the nfs-common, then restart them both again?
<Maddeth> sarnold: have tried that a few times unfortunately, also bounced the server a number of times today
<sarnold> Maddeth :(
<Maddeth> sarnold: not been a fun week :) this is just the tail end of a shed load of issues I had over the weekend
<sarnold> Maddeth: cripes and it's only tuesday.
<sarnold> Maddeth: is there anything in dmesg or other logs?
<Maddeth> sarnold: replaced some switches, iSCSI dropped and we lost a raid disk, about 100 servers needed thier disks repairing
<Maddeth> sarnold: not anything useful
<sarnold> Maddeth eek. bad weekend indeed.
<sarnold> :(
<Maddeth> worked 10 - 3am Sunday, was in again at 7:20 on monday to fix more issues
<Maddeth> as in 10am - 3am
<Maddeth> sarnold: nearing the point where I give up and rebuild from scratch, need to update all out 10.04 servers anyway...
<sarnold> Maddeth: yeah at some point you've got to do what it takes to move things along. :/
<sarnold> Maddeth: before you do, it might be best to file a bug against nfs or linux, it might yet be something that can be found and fixed, even if not on a timeframe that's useful to you
<Maddeth> sarnold: been 5 hours at this already :) would have probably been faster to rebuild from the start
<sarnold> Maddeth: yeah, if only you'd known it was going to be a fight..
<Maddeth> sarnold: thanks for the help though
<sarnold> Maddeth: good luck
<Maddeth> sarnold: I got it working
<sarnold> Maddeth: oh? what was it?? :)
<Maddeth> nfs on the other server needed a restart -.-
<sarnold> nfs on a -third- machine needed to be restarted?
<Maddeth> sarnold: spent 6 hours looking at the wrong server :)
<sarnold> Maddeth: ah!
<Maddeth> sarnold: thought I would let you know :)
<sarnold> Maddeth: an easy mistake to make after spending 18 hours working under pressure :)
<Maddeth> true
<Maddeth> still a tiny bit annoyed at myself
<sarnold> Maddeth: thanks for the update :) now time to curl up under the desk and unplug the phone for a while, hehe
<Maddeth> haha
<Maddeth> sarnold: if only, got 20 servers that the backup's are failing now :)
<sarnold> Maddeth: oh jeeze. what a week. good luck!
<Maddeth> sarnold: it's all ok, last night for 4 days ;)
<Maddeth> sarnold: it's the other guys problem tomorrow!
<sarnold> Maddeth: woo!
<sarthor> Hi, Is there any easyway to connect ubuntu / machine with gui to openvpn? on the server there is pfsense, and it only export client for windows
#ubuntu-server 2014-02-12
<jkitchen> question: if I set up a 2 partition root, give one partition to /boot, and the other as a pv to an lvm vg... if I want to resize that partition/pv/vg later, can I do that online? (the root block device is a LUN from my san, so I can resize the block device itself)
<TJ-> jkitchen: Yes, you can use pvresize to expand/shrink the PV underlying a VG
<jkitchen> right, but what about the partition table
<jkitchen> this may actually be moot because it looks like ubuntu (at least 12.04) has no problems booting off of an lvm root with /boot inside the lv
<jkitchen> but it does look like partman is still creating a partition tabel
<jkitchen> rather than just giving the whole block device over to lvm
<TJ-> jkitchen: pvresize is used in conjunction with the partitioning tools
<TJ-> jkitchen: With LVM though you could, instead, just add another block device as a PV to the VG
<TJ-> jkitchen: no need to resize
<jkitchen> that still requires manipulating the partition table to add a new partition though, right?
<jkitchen> or are you saying expose another LUN to the vm just to add space? (ew)
<TJ-> jkitchen: not if you add a new block device... e.g. sdd2 >PV1 > VG  .... then later +sde > PV2 >vgextend VG /dev/sde
<jkitchen> yea, I don't want to have to create another lun just to add space. the SAN can grow a lun and we already do that with data volumes and such
<TJ-> jkitchen: alternatively, if you want to stay in one partition of one block device, make the PV the last paritition, so when you extend the block device, you just redo the sector count of the final partition, then do pvresize on that partition
<jkitchen> right now our root volumes are just direct partition tables on the disk, I'd like to just hand the block device to lvm and have it go nuts
<jkitchen> yea
<jkitchen> since it seems I can actually boot directly from the lvm with no problem, I may try to see if I can get partman to just use lvm raw on the block device without creating a partition table
<jkitchen> but something tells me that's not going to be easy :)
<jkitchen> I'll poke at it a bit
<jkitchen> right now it seems like it's creating the pv as the only partition, so resizing that one partition and then pvresizing should be fine, but I'd rather remove that one step if I can
<TJ-> you could do that if you create the base install using deboostrap followed by some config and tasksel
<jkitchen> I'm preseed installing
<jkitchen> https://gist.github.com/kitchen/ba72af4a48b94fb0f463 that's the relevant section of my preseed file
<jkitchen> I still need to answer a couple of questions in it, I'm adapting my existing template to lvm, but that does produce a bootable system
<jkitchen> (it just did, actually)
<jkitchen> and now I'm reinstalling with the questions answered so hopefully it goes full auto :D
<DeltaHeavy> Can anybody help me figure out why my PHP file tries to download to the client, rather than execute? https://gist.github.com/anonymous/af31d161f1b96b83fcfb
<DeltaHeavy> I'm using 12.04
<sarnold> teward: ^^^
<hitsujiTMO> DeltaHeavy: did you install libapache2-mod-php5?
<DeltaHeavy> hitsujiTMO: Why would I need libapache2-mod-php5 if I'm using nginx?
<hitsujiTMO> ahh, nginx not apache :P
<DeltaHeavy> Yar
<hitsujiTMO> DeltaHeavy: have you installed php-fpm?
<DeltaHeavy> Yep
<DeltaHeavy> However I get access denied when trying to read this file with sudo: /var/run/php5-fpm.sock
<sarnold> I'm surprised about the access denied; I figured you'd just get nothing until something wrote into the pipe..
<DeltaHeavy> Got it fixed. Needed to change the default MIME type
<hitsujiTMO> DeltaHeavy: try_files $uri =404 is serving the file. remove that line
<sarnold> are you sure it's a pipe?
<sarnold> teward: ah, nevermind, he fixed his problem :) thanks
<jkitchen> seems online partition resizing is not possible :(
<DeltaHeavy>  jkitchen Why not?
<DeltaHeavy> Should be
<jkitchen> DeltaHeavy: parted keeps wanting to try to resize the filesystem for me, even though it warns me not to do that (I don't want it to)
<jkitchen> all of the docs I've found searching for "ubuntu online partition resize" say it can't be done online
<DeltaHeavy> jkitchen: Extend it or shrink it?
<jkitchen> extend
<jkitchen> I increased the lun size. parted sees this free space
<DeltaHeavy> Can't you do it via SSH X11 tunneling, or fdisk via SSH?
<DeltaHeavy> I swear I've done it before
<jkitchen> I'd like to eventually automate this, so X11 ssh tunneling ... hah.
<jkitchen> didn't think about using just fdisk
<jkitchen> sec
<sarnold> I know I've used LVM to resize a filesystem before, back in 2002 or 2003. I was stunned it worked. :)
<jkitchen> oh for sure
<jkitchen> I do resize2fs on my bare block devices all the time
<jkitchen> this is my root block device, which is a single partition turned into a pv, turned into a vg with 2 lvs on it
<jkitchen> I just want to grow the partition so I can pvresize
<jkitchen> really, I'd prefer it not have partitions at all and just expose the pv directly
<TJ-> jkitchen: first change the PT with, say, fdisk, then do "partprobe /dev/sdX" to tell the kernel (check "cat /proc/partitions" before and after partprobe to be sure it was done)
<jkitchen> seems partman-auto-lvm creates a partition though
<jkitchen> TJ-: yea, but parted is giving me hell.
<DeltaHeavy> jkitchen: You NEED partitions. Even LVMs need them. EVERYTHING needs partitions.
<TJ-> DeltaHeavy: no, you don't need them, they're an anachronism
<jkitchen> DeltaHeavy: I have PLENTY of filesystems on bare block devices
<jkitchen> mkfs.ext4 /dev/vdb
<jkitchen> works fine
<DeltaHeavy> Really? I thought you needed them. Then again all I know is NTFS, EXT*, ZFS, and BTRFS.
<jkitchen> partitions just take a big block device and make them a bunch of smaller ones
<sarnold> DeltaHeavy: create a new zvol, then mke2fs on it directly -- no partitions needed :)
<DeltaHeavy> I know, I thought they were required for most (I thought all) filesytems
<jkitchen> DeltaHeavy: the filesystem doesn't care, it just sees a block device and writes to it
<DeltaHeavy> Damn...didn't know that
<jkitchen> /dev/vda1 is just as much a block device as /dev/vda :)
<jkitchen> anywho
<sarnold> fwiw, BSD systems have 'slices' instead, a separate partitioning mechansim that is different from the MSDOS-style partitions or GPT-style partitions..
<jkitchen> yea
<jkitchen> and solaris uses its on thing too (pre-zfs-root days)
<TJ-> jkitchen: "parted resize" looks like it tries to be clever. Why not instead "parted rm 2" then "parted mkpart primary x y" ?
<sarnold> and guess what, nothing checks that slices are entirely within a partition :) hilarity ensues..
<DeltaHeavy> I thought you needed the MBR pointing to partitions and such for the BIOS to really access that stuff or something of the sorts.
<jkitchen> TJ-: parted rm sounds scary.
<jkitchen> :P
<jkitchen> I'll try that though, sec
<TJ-> jkitchen: Why? a partition is only 16 bytes in the PT ... that's all rm touches.
<sarnold> it does -sound- scary though :)
<TJ-> I guess I'm getting blasÃª about it then, I do it so much
<jkitchen> DeltaHeavy: bios, perhaps. but GRUB stage 1 fits in MBR, loads stage 2 which has smarts about partition table types
<jkitchen> you can sorta think of lvm as "linux native partition table" but it's not.
<jkitchen> it's so much more
<jkitchen> MBR != partition table
<TJ-> lvm came from IBM AIX and the system360 and Z series , I think
<jkitchen> ahh ok
<TJ-> although the lvm tools on AIX are a poor relation to the Linux tools
<jkitchen> AIX.
<TJ-> I go with GPT now, GRUB 2 will install into an EF02 type partition of about 1MB for legacy boot, as well as having the EFI boot-strap in the EFI system partition
<jkitchen> oof. this is not great.
<jkitchen> I'm gonna take another approach :)
<MavKen> any downside of using 64bit ubuntu server on vps with 1 GB RAM? or should I go with 32?
<sarnold> MavKen: even though the 64 bit variant will waste some memory with pointers that are 8 bytes instead of 4 bytes, you'll have far more registers available and an extended instruction set, that should help programs run more quickly
<sarnold> MavKen: I'd install the 64 bit version
<MavKen> ok... I have 14 clients, all with small wordpress sites
<MavKen> I've always heard 64 does not provide any benefit if you have less than 4GB ram
<MavKen> thanks for the info
<MavKen> I am new to having root access... is cron job best way to have "apt-get update && sudo apt-get -y upgrade && sudo apt-get -y dist-upgrade && sudo apt-get -y autoremove" run every day at midnight?
<MavKen> and is that even a good practice?
<sarnold> MavKen: better is to use the unattended-upgrades package
<MavKen> sarnold, ahh..nice
<MavKen> is there a way to change the from address exim4 uses?  The tutorial I was following listed the last config screen, but my last screen was about splitting config into smaller files.  I want to change it from root@domain.com to webmaster@domain.com
<MavKen> I tried exim -brw webmaster@domain.com but it hasn't actually changed the from address
<sarnold> MavKen: probably better would be to change whatever it is that is sending the email to use the address you want
<MavKen> ok
<Lord_Set> Anyone here really familiar with MAAS running on 13.10?
<Lord_Set> Or should I try a different channel for MAAS/Ubuntu Cloud problems?
<bigjools> Lord_Set: #maas
<Lord_Set> Thanks
<freakynl> hi just installed ubuntu 13.10 on a server here and it doesn't automatically boot (get the grub menu - but no timer counting down and after 5 mins it still stands there - not really desirable for a server :))
<freakynl> Hi,
<freakynl> There's a small bug in targetcli. It's just a python file that needs to replaced. This has been affecting ubuntu since 11.10 or 12.04. It's still present in 13.10. Apparently nobody is interested in updating packages between releases. I'm not sure on how to progress... the bug has been open for over a year now
<adam007> well i setup some script (php) in hosting and it works, but why it not works on ubuntu server ?
<adam007> i just install apache, php and im following tutorial in net tuts
<freakynl> adam007: it doesn't work... why? what's not working? what does the error log report, etc. Unless you can bestow some serious mental powers on people they can't guess your issue
<cfhowlett> !details|adam007,
<ubottu> adam007,: Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<toyotapie> Hello. I wrote an init configuration file and dropped it in /etc/init/, how can I specify that the service can only start if openvpn is running AND the tunnel is up ?
<hitsujiTMO> !upstart | toyotapie check out the cook book. you need openvpn to fire events for that
<ubottu> toyotapie check out the cook book. you need openvpn to fire events for that: Upstart is meant to replace the old Sys V Init system with an event-driven init model.  For more information please see: http://upstart.ubuntu.com/
<joshu> Hi I need some advice. I have a local ubuntu server and a remote ubuntu server. I want to copy the whole local disk to the remote local disk. I'm thinking of booting the local server with the livecd, using dd to create a drive image and than scp to remote and restoring the image. Alternatively I'm wondering if rsync can do the job of copying directly thus skipping the dd image part.
<yeats> joshu: so is the goal to mirror the same data, or what?
<joshu> yeats yes correct the whole root volume
<rbasak> I usually use rsync for this task. You'll need to partition and make filesystems at the other end, and then reinstall the bootloader.
<rbasak> rsync -aH --numeric-ids, IIRC
<joshu> is the data encrypted during transport with rsync
<joshu> hmm gouging it seems as if dd is the way to go if I want exact copy of whole disk
<semiosis> jamespag`: ping
<jamespag`> semiosis, hello
<semiosis> hi!
<semiosis> just wanted to check in re: glusterfs MIR
<semiosis> i saw your comment, but didnt know what to make of it
<semiosis> people are asking me about gluster/qemu in ubuntu, idk what to tell them :)
<ABC-XYZ> Yeah you can use rsync with ssh
<ABC-XYZ> dd is usually pretty inefficient as it's a block level clone
<semiosis> joshu: dd if=/dev/foo | ssh user@host "dd of=/dev/bar"
<semiosis> joshu: or something like that :)
<joshu> hey semiosis you stalker :P Yep I found that exact syntax on server fault. thanks
 * semiosis everywhere
<disposable> has anybody had any luck with the default version of LXC in 12.04? When I take these steps (apt-get install lxc; lxc-create -n test01 -t ubuntu; lxc-start -n test01 -d; lxc-console -n test01), all I end up with is a blank screen that says 'Type <Ctrl+a q> to exit the console'. It's like the container never really starts. What am I missing?
<disposable> lxc-ls and lxc-info show it is running
<jamespag`> semiosis, once the mir is complete, we can enable the feature in qemu
<jamespag`> if we enable it now it just won't build until the mir completes which is not good
<semiosis> is that happening for trusty?  just a matter of time?  or possible it will miss trusty?
<jamespag`> semiosis, is being reviewed this dev cycle for trusty
<jamespag`> that's no guarantee it will actually get to main
<makara> i don't want to remember any passwords or passphrases beside the system login
<joshu> I'm having trouble with permissions when doing this dd if=/dev/sda | gzip | ssh -i xxxxx.pem ec2-user@xxxxxxx 'gzip -d | dd of=/dev/xvdb'
<joshu> I've tried adding sudo but then I get "sudo: sorry, you must have a tty to run sudo"
<semiosis> jamespag`: ok, thanks for clearing up my confusion!
<makara> i'm looking for an agent that can manage login keys for my servers
<semiosis> jamespag`: if there's anything i can do to help it along, you know where to find me
<makara> ssh-agent manages keys, but not passwords
<makara> joshu, try `sudo -i`
<joshu> didn't work :(
<makara> joshu, output please
<joshu> makara I solved it by using another ec2 instance. I think the AWS Linux AMI has some restrictions on sudo
<joshu> on Ubuntu it worked fine
<makara> joshu, did you create ec2-user?
<joshu> yes that user is crewted automatically
<bxz> is puppet completely broken in 13.10 or is it just me?
<Jewsus> 'ello everybody
<Jewsus> I have a question, does Ubuntu server's installation CD come with Realtek WiFi firmware?
<sarnold> Jewsus: dpkg -L linux-firmware | grep -i rtl  shows a handful of RTL wifi firmwares; seeded-in-ubuntu linux-firmware  gives me the impression that it is probably on a server CD
<Jewsus> kthx
<miseria> "la verdadera felicidad de un ser humano, se logra cuando deja de ser esclavo, de la avaricia y la codicia" bienvenidos: http://castroruben.com *temo_a_un_ser_sin_rival*
#ubuntu-server 2014-02-13
<teward> is there a reason ssh wouldn't try and serve my ssh key to a server automatically, when the filename is a custom filename?  it works fine when sshing to my servers from Ubuntu, but when SSHing to my servers from one of my other servers, it fails...
<sarnold> teward: check group ownerships
<sarnold> teward: ssh is super picky about who can read or write files, and it won't go to the effort of figuring out that you're theonly user in your group..
<teward> sarnold: *what* group permissions?
<teward> the permissions are 0600 user:user
<teward> (where the user has their own group)
<sarnold> teward: on everything :) key, authorized_keys, etc
<teward> sarnold: i checked...
<sarnold> drat.
<teward> sarnold: the same key file works *fine* when it's id_rsa / id_rsa.pub
<teward> but when it's a customized name, like, for me, since i have 4 different keys...
<teward> it fails
<teward> and ssh -vvvv shows it's never even *attempted*
<sarnold> teward: does your ~/.ssh/config contain match statements that match the host and say to not try?
<teward> sarnold: should i be concerned when ~/.ssh/config doesn't exist?
<sarnold> teward: no
<teward> sarnold: adding `IdentityFile ~/.ssh/keyfilename` to ~/.ssh/config worked
<teward> i guess i'll just need to add all the key files to that then
<sarnold> teward: or add them with ssh-add when you need them
<sarnold> your choice
<teward> true
<teward> sarnold: any idea why on a Desktop setup of $any_supported_ubuntu_release it automatically tries all the identity files in `/home/$USER/.ssh/` even though I haven't done ssh-add on those keys?  Or should I poke #ubuntu asking that?  (you seem to know the underlying ssh stuff though, hence the question)
<sarnold> teward: sorry, no idea there. :/
<teward> sarnold: meh.
<teward> it works now, so it's less of an issue
<sarnold> :)
<teward> thanks though
<MavKen> I have phpmyadmin installed on my vps, have 12 domains hosted.  How can I limit it so that phpmyadmin can only be accessed via my primary domain?
<iggi> Anyone have experience with multipath iscsi? Everything I can find says it is setup correctly, yet when I do a test only one NIC is ever used.
<_root_> hello
<_root_> I followed https://help.ubuntu.com/community/Postfix to set an mail delivery agent
<_root_> But i am at lost here because I have a cms needs SMTP server and port and SSL/TLS choice to send the verification emails and I have no idea what port i have for smtp or even if i have SMTP server
<_root_> could someone give a clue as to have should I do?
<caribou> _root_: did you look in the Ubuntu Server Guide ?
<caribou> _root_: there is a chapter on postfix
<caribou> s/chapter/section/
<_root_> caribou: which one you mean i am on https://help.ubuntu.com/community/Postfix
<caribou> _root_: this one : https://help.ubuntu.com/13.04/serverguide/index.html
<caribou> _root_: even better URL : https://help.ubuntu.com/13.10/serverguide/email-services.html
<_root_> caribou: is it the same as 12.4.04 LTS
<caribou> _root_: there is one for 12.04, just put 12.04 in the URL above
<caribou> who maintains the cloud-tools repo ???
<_root_> caribou: what you gave me is the same as https://help.ubuntu.com/community/Postfix that i used
<_root_> but still what are my smtp server value port and so on
<caribou> _root_: could be, I didn't check the content on both
<_root_> SMTP server should be localhost but what about port and which one do i use SSL/TLS
<caribou> _root_: don't know if that can help, but SSL/TLS default port is 465; but I'm nowhere near an expert in MTA setup
<TJ-> If you're using the localhost, then there's no reason not to connect on port 25
<catphish> if i need to run a much newer kernel on ubuntu 12.04 (because the default kernel has a lot of lxc functionality missing), would i be better off using linux-image-3.11 from the repos, or a mainline kernel from the kernel-ppa?
<TJ-> Use the LTS hardware enablement packs
<catphish> interesting, haven't see those
<TJ-> see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<catphish> so i likely want linux-generic-lts-saucy?
<catphish> actually that just depends on linux-image-3.11 which makes perfect sense
<catphish> thanks!
<adac> Does anyone experience problems with falsh player on ubuntu 12.04 desktop? I get a real high load average, even though memory and cpu are not used at all
<adac> this happens within firefox as well as chromium
<catphish> adac: i think this is probably the wrong channel, try #ubuntu
<catphish> adac: you may have disk IO issues
<catphish> that's the most common cause of high load, though flash could be doing something unusual
<adac> catphish, How can i debug a disk IO issue? is it hard to detect?
<catphish> "iostat -x 1" will quickly show you your disk usage %
<catphish> or top will show "%wa", the percentage of cpu time spent waiting for disk IO
<adac> catphish, here is a short excerpt: https://gist.github.com/anonymous/8974324 can you see a problem here already?
<catphish> adac: %util is 0% so it's not disk IO
<catphish> now run "top" and see what the various % at the top say
<adac> catphish, https://gist.github.com/anonymous/8974364
<catphish> your CPU load is reasonable, your load isn't "high"
<adac> catphish, isn't >1 already high?
<catphish> not particularly, i'd class that as "busy" but not problematic
<catphish> flash isn't particularly efficient
<catphish> use top see how much CPU flash itself is using
<adac> catpish it is about 13% it is not that much.
<catphish> adac: well i guess you have a few different things going on, but a load of 1.0 for an in-use system playing flash seems very reasonable
<stefg> Hello channel, is anyone in here using a SSD-cache like bcache/flashcache/dmcache/enhanceio and likes to share some experience? I have a spare 40GB SSD partition on my xbmc-box/NAS running 12.04/32bit with a 3TB raid 1 as storage and wonder if it's worth to use that 40GB of SSD as  cache.
<caribou> smoser: is there a way to tell cloud-init to use some squid-deb-proxy cache ?
<caribou> smoser: other than writing the entry in /etc/apt/apt.conf
<zul> jamespage:  oh so cinder needs a new dep
<rio_zenta> Hello folks
<rio_zenta> My VPS provider recently switched nodes and changed my IP address, after reconfiguring my domain records, I am still unable to access my domain at the new IP address. They recommended that I reconfigure networking, does anyone know what that means?
<mardraum> what's the domain
<mardraum> rio_zenta: they probably mean check you are really using the new IP. or did they do that all for you?
<rio_zenta> the domain is: platform.devcroo.com
<rio_zenta> I personally changed the ip address at my domain provider, but I am still unable to access the domain
<mardraum> is "192.3.180.54" the new IP?
<rio_zenta> mardraum: they changed the ip address for me.
<rio_zenta> mardraum: Yes, that is the new ip address.
<mardraum> did the gateway IP change as well? does the vm have internet access?
<mardraum> log into it with whatever out of band access they provide (eg vnc) and check the networking
<mardraum> in ubuntu, that is in /etc/network/interfaces
<rio_zenta> mardraum: I see that my provider is using SolusVM for the interface/control panel
<mardraum> does it provide some sort of "console" access?
<rio_zenta> mardraum: It has a link to VNC
<mardraum> great, are you logged into it?
<rio_zenta> mardraum: On the page that shows the VNC info, it has an address that is different to my IP address (with a port and password too). Is this the gateway IP?
<mardraum> no, that will probably be the vnc host
<mardraum> allowing you to connect to it and access your vm
<mardraum> you should use a vnc client to do so.
<rio_zenta> oh ok. Will I be able to access the VNC from the commandline?
<mardraum> the command line of what?
<rio_zenta> mardraum: I use linux as my client distro. The commandline being something like Terminal (the application).
<mardraum> you generally need some sort of software to connect to a VNC server
<mardraum> no, terminal won't do it
<rio_zenta> Okay so I need to find myself a VNC client
<highclasshole> Can you use anything other than vnc?
<highclasshole> perhaps ssh
<highclasshole> oh sorry I didn't follow the whole conversation my bad, is there not a browser based java client to connect to the console for your VPS?
<mardraum> java, ugh
<rio_zenta> highclasshole: I see that the interface on the web provides a plugin, which isn't visible to me because I am missing a java plugin ( :-( )
<highclasshole> just install that you should be good to go
<mardraum> just install a basic vnc program
<rio_zenta> after checking the plugins, it says I need to install the Java runtime environment
<highclasshole> yeah just install java on your local machine
<highclasshole> and then bring up the console
<highclasshole> nbd
<mardraum> don't encourage people to install java plugins, jesus
<highclasshole> really?
<highclasshole> I mean...
<mardraum> worlds most exploited browser plugin ever
<rio_zenta> highclasshole, I think I have java installed though. I suppose it has to do with the different javas (7 and 6 make java weird)
<highclasshole> only run applets from trusted sources
<highclasshole> and use shit like noscript
<highclasshole> if you need it, you need it, just be smart about it
<mardraum> don't enourage java. ever.
<highclasshole> oh man fun
<highclasshole> I work in a huge java shop
<highclasshole> so its a little funny for me
<mardraum> I'm specifically talking about the web plugin
<mardraum> it's nice your java shop is huge
<rio_zenta> After Java 7 came out, it probably confused developers too.
<mardraum> but don't encourage people to install that broken shit. Hell ubuntu only just managed to get the latest version in after missing a openjdk security version or two across versions dating back to 12.03
<mardraum> 12.04*
<rio_zenta> I'm confused about it too. Oracle is worse than MS.
<smoser> caribou, cloud-init supports 'apt_proxy' 'apt_http_proxy' and 'apt_ftp_proxy'.
<caribou> smoser: fine, thanks
<smoser> it also supports the more general 'apt_config'
<smoser> apt_config is just put whatevery you want and it will write that to /etc/apt/apt.conf.d/94cloud-init-config
<smoser> caribou, the best way to find out such things is to just grep liberally through
<smoser> doc/examples/cloud-config.txt
<caribou> smoser: yeah, I got that page on my browser
<cocoa117> how did someone setup IP like this, without a brocast address?
<cocoa117> eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
<cocoa117>     link/ether f2:07:01:ff:ff:fd brd ff:ff:ff:ff:ff:ff
<cocoa117>     inet 192.168.1.254/24 scope global eth0
<cocoa117>     inet 1.15.255.254/13 scope global eth0
<toyotapie> Can I run xinetd on a port not mentioned in /etc/services ?
<toyotapie> it keeps telling me 'service/protocol combination not in /etc/services'
<toyotapie> nevermind, I added type = UNLISTED
<cocoa117> is tcpdump be able to listen to traffic before firewall filter it?
<catphish> cocoa117: yes
<cocoa117> catphish, is it on by default?
<catphish> yes, tcpdump connects to an interface, so it sees everything on that interface before it gets in to the firewall
<cocoa117> catphish, great, got it, thanks
<Guest11875> hey ubuntu
<Guest11875> I've got an instance on EC2 running the latest ubuntu server, but it seems to think it's Ubuntu 12.04. When I do `lsb_release -a` it says 12.04, and when I do `sudo do-release-upgrade` it says "No new release found". what gives?
<shauno> Guest11875: LTS will consider itself current until there's a new LTS.  the setting is in /etc/update-manager/release-upgrades  Prompt=lts vs Prompt=normal
<shauno> Guest11875: otherwise 12.04 *is* the most recent LTS until 14.04 releases
<Guest11875> shauno: ahh I getcha
<Guest11875> is there any way to stop upgrades from constantly breaking my ldap auth?
<Guest11875> I always have to fix ldap authentication after doing an aptitude upgrade
<zul> hallyn:  ping
<hallyn> zul: .
<zul> hallyn:  we already have that aarch64 patch
<hallyn> zul: ok, cool.  we do seem to get a lot of redundant requests for those...
<hallyn> zul: did you get the ftbfs straightened out?
<zul> hallyn:  just uploaded it
<hallyn> cool, thanks.  fwiw dannf gave me a patchset to make qemu-user-aarch64 work as well, so we're doing pretty well for aarch64 in trusty
<zul> sweet
<hallyn> zul: now the big thing in the new libvirt is the nwfilter locking patch right?
<hallyn> i.e. no fix there for bug 1274995 ?
<zul> hallyn:  yeah im going to wait on that patch until the next release is out
<hallyn> ok
<zul> i think im missing something else with regards to that patch
<ruben231> hi guys i have 60 units and same specs wanted to install ubuntu desktop at one time, any idea how to do it..?
<SJr> With a static ip address setup how do I configure a dns server, I tried putting it in my /etc/network/interfaces file, but resolv.conf is empty. resolv.conf also gets rewritten by something on reboot, and I can't set chattr +i on it for some reason
<genii> ruben231: Probably then a pxe boot server and lots of switches
<sarnold> SJr: the resolvconf package is doing the re-writing; you can either work with it or uninstall it
<sarnold> SJr: check out the resolvconf(8) manpage, look for dns-nameservers
<SJr> Ah I was missing the s
<sarnold> fatal flaw of the silly thing, it's too easy to make pointless typos there because it doesn't match the syntax used elsewhere. sigh.
<sarnold> ruben231: investigate preseed files and investigate fai-quickstart
<smoser> hallyn, around ?
<hallyn> smoser: yup
<smoser> can you quick verify for me that if i run an lxc container, by defualt there is no cgroup limiting cpu or disk io or anything
<smoser> right?
<smoser> ie, it should have all the performance of the host
<hallyn> smoser: we don't set default  limits.  however, there is something about all tasks in a cgroup being scheduled as one entity
<smoser> hm.. i dont knwo what htat means.
<smoser> can i turn that off ?
 * knoxy is away: auto-away
<hallyn> smoser: no.  and I don't knwo if it depends on our chosen scheduler
<hallyn> might ask in #ubuntu-kernel.  it's possible it's nothing, i've just heard it mentioned somehwere
 * knoxy is back (gone 00:00:53)
<hallyn> smoser: but what it would mean is that if you  have 10 non-lxc tasks and 10 lxc tasks, the 10 lxc tasks would get as much cpu time as oen of the non-lxc taskss
<smoser> really?
<smoser> that sounds not good generally.
<sarnold> hallyn,smoser, I think you might be recalling the kernel's sched_autogroup_enabled feature
<hallyn> sarnold: is that off by default?
<hallyn> smoser: waht i can tell you is that a kernel build in a contaienr is much faster than kernel buidl in kvm on the same machine...  if that helps
<sarnold> hallyn: on by default, iirc
<smoser> hallyn, is it also faster on amd64 than a a 486 ?
<smoser> (ie, i would have expected that :)
<smoser> sarnold, can i turn it off?
<hallyn> smoser: <shrug>
<hallyn> i would've expectd it to be closer than it is
 * hallyn googles
<sarnold> smoser: echo 0 > /proc/sys/kernel/sched_autogroup_enabled
<hallyn> would have been nice if that was availalbe through /sys/fs/cgroup/cpu/cpu.*
<smoser> sarnold, thanks.
<smoser> hallyn, would i need to start a new container for that to take affect ?
<smoser> the change of sched_autogroup_enabled
<hallyn> smoser: don't thinkn so
<smoser> i suspect not
<smoser> yeah. ok.
<hallyn> looks like a global sysctl
<hallyn> i'm looking through /proc/$$/autogroup right now, trying to figure out what it means
<hallyn> someone forgot to write the Documentation/ for it
<hallyn> hm, does it require CONFIG_FAIR_GROUP_SCHED for that to make a difference?
<Joe_knock> Hello, I am trying to VNC into my VPS using RealVNC but I get this error: main:        unable to connect to host: Connection refused (111)
<sarnold> Joe_knock: do you have firewall rules on your host that would prevent it? does your ISP have firewall rules that would prevent it (see also amazon's "security groups")? Is the VNC daemon running on your host?
<Joe_knock> sarnold: I am not sure. I suppose there must be a firewall installed. What the VPS provider did was to move most of the nodes and change the IP addresses, since then I am unable to access my domain.
<hallyn> smoser: so does experiment show that it works?
<sarnold> Joe_knock: was your instance rebooted during the move?
<hallyn> I did notice a 3.12 bug report about setting it to 0 crashing the host, so i'm gun-shy :)
<Joe_knock> I think so sarnold. I've tried rebooting it myself from the web-based CP
<sarnold> hallyn: hahaha
<sarnold> hallyn: yeah...
<sarnold> Joe_knock: oh, okay, well that means it ought to have had a chance to re-bind to the correct IP on the way back up. perhaps it doesn't automatically restart?
<smoser> hallyn, i'll let you know in a bit. but i dont think i'll know for sure really.
<hallyn> ok - thanks
<Joe_knock> sarnold, I installed the JDK web-based plugin and now I am in VNC from the web-based JDK tool. Do you know how to reconfigure networking?
<smoser> since i'm not (by design) heavily affecting the outside-container
<sarnold> Joe_knock: ifdown <interface name> ; ifup <interface name>
<Joe_knock> interface name?
<sarnold> Joe_knock: yeah, whatever your network interface name is .. edit /etc/network/interfaces to make whatever changes you need to make..
<Joe_knock> sarnold okay I went into cd /etc/network and I see if-down.d and if-up.d
<sarnold> Joe_knock: those directories allow you to run scripts when interfaces come up and down
<Joe_knock> I see interfaces but I can't cd into it for some reason. Would it be a file?
<sarnold> yes, it is
<Joe_knock> So in order to reconfigure networking I need to run if-down first and then if-up ?
<sarnold> Joe_knock: be aware that when you run ifdown, it -means- it. you need to have an ifup command already queued up and ready to execute, or have access to the console via some other mechanism.
<Joe_knock> sarnold: I am currently accessing via VNC and there is no other way to get in (I tried SSH). Can you tie the 2 commands together?
<sarnold> Joe_knock: ifdown foo ; ifup foo
<sarnold> Joe_knock: some administrators will put an 'ifup' command in a cronjob or at job just incase..
<Joe_knock> sarnold, I can't seem to find the interface name. When looking in /etc/network/ the only name I see is "interfaces"
<sarnold> Joe_knock: "ip addr" should show you
<sarnold> Joe_knock: see "man 5 interfaces" for more information on that configuration file
<Joe_knock> damn this is confusing. lol
<sarnold> Joe_knock: what are you trying to accomplish? there might be a better way there..
<Joe_knock> sarnold, according to my VPS, I need to "reconfigure networking". in the web-based CP, it is a single button, but it keeps giving me an error, although the logs say it is complete. So now I am trying to do it from within the server itself.
<sarnold> Joe_knock: ah. it might be worth asking your VPS what your "reconfigure networking" is supposed to achieve :)
<Joe_knock> sarnold: The problem is that they don't communicate very well. I'm pretty much on my own (based on the price I pay).
<sarnold> Joe_knock: do you need to do this because they assigned new IPs?
<Joe_knock> Yes, they moved me to a new node and changed my IP address
<Joe_knock> sarnold: ^
<sarnold> Joe_knock: aha. so, you need to change your ip -- and maybe netmask? nameserver? -- in your /etc/network/interfaces file.. then bring the interface down and up and hope it works..
<Joe_knock> hmmm, I think I will be able to do that sarnold. So it is a 3-step process. Change interfaces file, find interface name and run if-up, if-down.
<sarnold> Joe_knock: right
<Joe_knock> sarnold: I checked interfaces file, all seems okay there. (showing new ip address, gateway, etc.)
<sarnold> Joe_knock: nice
<Joe_knock> sarnold: I left the QEMU window open and hit the "Reconfigure Networking" button to see what it is doing. It looks like it reset the server and logged me out.
<sarnold> Joe_knock: hahahahahahaha
<sarnold> sigh :)
<sarnold> well
<sarnold> so much for being 'gentle' about it..
<Joe_knock> sarnold, I think it is working almost all the way, but in the end it gives me an error message.
<Joe_knock> sarnold, well the least I can say from this experience is that it is taking me out of my comfort zone (and I am learning).
<Joe_knock> sarnold: It suddenly started working now :'D
<sarnold> Joe_knock: sweet! yes, it's great to be pushed a little bit from time to time; it's just nice if you get to plan for it when you've got some spare time to work on things..
#ubuntu-server 2014-02-14
<jrwren> the pvdisplay man page is wrong. *RAGE*
<jrwren> can anyone confirm for me. pvdisplay -c third output field is size in 512B blocks NOT size in kB?
<sarnold> I wonder if pvdisplay uses the same POSIXLY_CORRECT environment variable that df uses...
<jrwren> either way, the man page lies.
<bekks> jrwren: Thats correct. It's 512B units.
<jrwren> thanks bekks
<bekks> Tested on several systems here, not just Ubuntu.
<bekks> jrwren: You mind to create a bug?
<jrwren> i appreciate it greatly. thank you very much.
<jrwren> I was going to LP just now.
<bekks> jrwren: Could you provide the bug URL please, after bug creation? So I can subscribe.
<thumper> does anyone know how to find out the underlying filesystem for a directory or device?
<thumper> I know I can use 'df' to get from dir -> device
<thumper> but I want to ask "is this directory on a btrfs volume?"
<sarnold> thumper: I don't know of anything pre-built; your best bet might be to use df . to find the mountpoint and then look up the mountpoint in /proc/self/mounts. it doesn't sound fun..
 * thumper shrugs
<jrwren> bekks: https://bugs.launchpad.net/ubuntu/+source/lvm2/+filebug/dffddb12-950f-11e3-81c3-d485646cd9a4?
<thumper> probably better the proc fs than fstab
<thumper> /proc/self/mounts lists / as rootfs, not ext4
<thumper> actually
<thumper> just got pointed to "mount -l"
<thumper> which does list type
<thumper> do, "df ." gives me /dev/sda1
<thumper> then "mount -l " I can parse (relatively easily)
<thumper> I wonder how much the output of that has changed over versions
<sarnold> 'rootfs'? p_P
<thumper> precise is the same at least
<Queops> Hey everyone. If I have one public facing VPS with static IP, hosting a couple sites on a couple domains which entries should I have on /etc/hosts besides the localhost one?
<Queops> I know the hostname is usually there by default, associated with 127.0.0.1 but the hostname itself doesn't represent anything
<Queops> No domain or anything, which I can only assume it serves as purpose to some services
<Queops> or maybe I'm using the hostname wrong :)
<shauno> Queops: I don't believe apache cares
<Queops> I used to have a fully functional postfix and I remember putting my static IP there once, but I don't remember the reason for it anymore. I guess as a lone VPS with no other machines working with it the hostname pretty much doesn't matter right?
<shauno> mail might, smtp is a fickle beast.  but for hosting sites you just need vhosts setup in your httpd
<shauno> (I personally believe there's no such thing as a correct smtp setup, you're just trying to be broken in the same way as everyone else)
<Queops> yeh smtp is a pain in the butt :) specially the ram required to scan for virus and spam, that's why I'm using outside services now
<Queops> Thanks shauno
<TraderJoes>  Do any of you run Cisco Connect (admin program for Cisco/Linksys routers)?   I wondered if it works in wine or if I'll have to use the web based administration. I checked the wine database and it's not listed.
<TraderJoes> or if theres an ubuntu specific tool for such that might help. I didn't see any such thing in the cisco/linksys sites.
<_root_> whic one is better is handling and prevention in general what I am asking is which one works better ???  a)Postfix + Amavis-new + Spamassassin + Clamav  OR  PostfixGreylisting????
<z1haze> can someone please help me? is it possible to reinstall ubuntu via ssh? i dont have assistance from my server provider and the server is remote
<z1haze> i messed up the filepermissions by messing up a chown command for the root folder
<Repox> Hi. I realise that this must be both the wrong channel and that I'd might be using bullsh*t buzz words, but I'm hoping someone can point me in the right direction. I'd like to handle 'big data' in a business intelligence relation. I'm unsure what technologies for Ubuntu I'd be looking at. Currently I'm thinking of combining ElasticSearch and MySQL, but I'm unsure of this is the right combination.
<mregg> Need help with linux permissions on samba shared folders
<hxm> is webmin a good choice?
<Adri2000> no
<Adri2000> :)
<hxm> why is the best option then
<hxm> what*
<disposab1e> i have a precise server with 3.8 kernel and i would like to set a specific mac address for a bond0 (active-backup). when i use "hwaddress ether x:x:x:x:x:x" line in /etc/network/interfaces, it has absolutely no effect. server still boots up with an address randomly picked from one of its slaves. what is the correct way of setting a mac?
<ogra_> disposab1e, /etc/udev/rules.d/70-persistent-net.rules
<disposab1e> ogra_: udev rule for a virtual interface?
<ogra_> well, you asked where MACs are handled nowadys :)
<Patrickdk> heh? you don't set mac in there
<Patrickdk> it does set the nic name based on the mac there
<disposab1e> ogra_: you got it the other way around. that rule sets name for mac. not mac for name
<goiku> Hi, guys. Just a quick question, if I may. Am in the process of moving over from Redhat and have encountered this problem: http://hastebin.com/xowoyumudu.bash - I am sure it's a quick fix, but getting this server up needs to happen already and everything I have tried to far has not helped. Can I get a quick pointer, please? Thanks
<jnor> I have two connections: root and user1. As root, if i type "passwd user1" and change the password to 123456, then reconnect as user1 and try sudo and it says password is wrong
<jnor> this is so strange.. wtf
<hxm> hi, I send emails with "mail -s" from a script with root, but I dont want to see the root@domain, can I define a different alias?
<rbasak> hxm: I'm not sure if mail can do that. Have you tried "man mail" or looked further into its documentation? Another approach is to fix it in the MTA. Though usually, for root mail, that's not desirable.
<hxm> yes I tried, and there is no information about the sender
<rbasak> hxm: to override on a case-by-case basis, you could use "sendmail -oi -t" and write your headers directly in the script, including From:, Sender: etc as needed.
<hxm> i know, but the script I made requires root privileges for create some /etc/apache2/sites-available/ files and then send an email
<hxm> oh, um, i'll try that, thanks
<rbasak> hxm: I suggest that you minimise your use of root privilege. Create /etc/sudoers.d/ rules and individual scripts for the specific actions you need, and run the rest of it (including mail sending) as non-root.
<hxm> ok, thank you, I appreciate it
<hxm> by the way, what about webmin or openPanel, are those tools recommended?
<rbasak> webmin is apparently discouraged.
<rbasak> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<rbasak> No idea about openPanel.
<rbasak> I would suggest that you can use what you like, but the set of people who can help you with things will drop dramatically. I would use what your support channels are familiar with. If this *is* your support channel, then probably best not to use those.
<hxm> oh
<hxm> right
<yeats> hxm: webmin is probably fine, even though it's not officially supported - the way it does things *does* conflict with Debian/Ubuntu standards though
<genii> I think supposed to be ebox/zentyal for webgui now
<yeats> genii: cool - I'll check that out
<rbasak> rharper: I'm catching up on uvtool. --meta-data is in and I'll upload it shortly. I refactored your code quite a bit though.
<rbasak> Is there anything else I've forgotten about?
<rbasak> Oh - I fixed the template.xml thing for acpi etc too.
<DeltaHeavy> Hey, I have an nginx server running on Ubuntu 12.04, and as far as #nginx is concerned it's configured correctly. However when I try to run 'curl staging.decorgroupinc.com', I get 'curl: (7) couldn't connect to host'. Is port 80 probably being blocked? I flushed netfilter and changed all chain's default policies to ACCEPT. What else could it be?
<DeltaHeavy> Sorry, accidently parted.
<jpds> DeltaHeavy: Have you checked that nginx is correctly running with: "sudo netstat -lntp" ?
<DeltaHeavy> jpds: It appears to not be...I see sshd and mysqld but yeah...nothing on port 80
<TJ-> DeltaHeavy: If there are no netfilters rules blocking it, then the other thing to check is which IP addresses/interfaces nginx has bound to
<jpds> DeltaHeavy: Check the logs. :)
<DeltaHeavy> Awesome, I think this is it. Thanks!
<DeltaHeavy> Nope, nvm. Nothing in here. Those are errors from before =/
<TJ-> DeltaHeavy: You're sure the process is running? It hasn't silently failed?
<DeltaHeavy> TJ-: Process is running
<TJ-> DeltaHeavy: and bound to port 80 on the IP(s) you expect?
<DeltaHeavy> TJ-: netstat -lntp     doesn't come up with anything about nginx
<jpds> DeltaHeavy: But 'ps aux | grep nginx' shows it running?
<TJ-> DeltaHeavy: which suggests the process isn't binding to any ports, if the process is running
<rbasak> DeltaHeavy: are you running netstat as root? -p won't see nginx otherwise (but it should still see the port open)
<DeltaHeavy> rbasak: I'm running it under 'sudo -s'
<rbasak> And what about curl using the IP directly from the host itself?
<DeltaHeavy> https://www.refheap.com/c0383a26d60db41edf1e24beb
<DeltaHeavy> rbasak: Won't work, nginx isn't configured to return anything unless the actual server name is used
<TJ-> DeltaHeavy: So use a manual telnet session
<DeltaHeavy> TJ-: telnet staging.decorgroupinc.com 80
<DeltaHeavy>         gives me 'session refused'
<rbasak> DeltaHeavy: doesn't matter. Try it anyway. If nginx is working, it should give you something different from "couldn't connect to host" and that is useful.
<DeltaHeavy> connection refused*
<TJ-> DeltaHeavy: "telnet <ip address> 80"  ... "GET / HTTP1.1/" ...  "Host: <hostname>"  ... ""   ... ""
<DeltaHeavy> rbasak: Same result
<DeltaHeavy> Same with telnet
<TJ-> DeltaHeavy: So, the process isn't listening, so start the nginx deamon manually and make sure it is providing verbose output
<DeltaHeavy> Ok, trying to figure out how to start nginx with verbose
<TJ-> DeltaHeavy: "nginx -t" will test the config
<DeltaHeavy> Yeah, already did that a bunch of times, and just now again. All is fine. That's not starting nginx with verbose though.
<rbasak> DeltaHeavy: with the server IP, from the server machine itself?
<DeltaHeavy> rbasak: Yep
<TJ-> DeltaHeavy: pastebin the config
<rbasak> DeltaHeavy: then it's iptables or your nginx config.
<DeltaHeavy> iptables is disabled
<DeltaHeavy> Or all is set to ACCEPT ad a default policy with no rules
<rbasak> I suggest that you stop making self-defeating assumptions here, like "won't work" or "iptables is disabled". Clearly one of your assumptions is wrong, else you wouldn't have a problem. Describe exactly what you're typing, and exactly the results you see on the screen - not your own interpretations of these things.
<DeltaHeavy> TJ-: https://gist.github.com/anonymous/33b0ec963c479d22f629
<DeltaHeavy> rbasak: It's not self-defeating to say that iptables has all default policies set to 'ACCEPT' with no rules, or that my nginx 'won't work' because it won't.
<rbasak> Let's hope that somebody else can help you then.
<DeltaHeavy> Have my netfilter config here too - https://gist.github.com/anonymous/53c76863ae9004f4dc56
<DeltaHeavy> rbasak: I don't really understand why you're being so condecending...but whatever.
<TJ-> DeltaHeavy: Does nginx have permissions to read /usr/share/nginx/ ?
<jpds> It's not the firewall that's at fault here.
<DeltaHeavy> TJ-: It didn't, I just changed that with 'chown -R webdev:webdev /usr/share/nginx/'
<DeltaHeavy> Seems to not have done anything
 * jpds isn't sure if that was a good idea.
<rbasak> DeltaHeavy: http://www.chiark.greenend.org.uk/~sgtatham/bugs.html "If a programmer asks you for extra information, don't make it up! Somebody reported a bug to me once, and I asked him to try a command that I knew wouldn't work. The reason I asked him to try it was that I wanted to know which of two different error messages it would give. Knowing which error message came back would give a vital clue. But he didn't actually try it - he just mailed me 
<rbasak> DeltaHeavy: it's very frustrating when I try to help, but you knock me down because you don't understand why I'm asking. Sorry.
<jpds> DeltaHeavy: Well, looking at http://packages.ubuntu.com/precise/all/nginx-common/filelist - there's nothing interesting in that directory anyway.
<DeltaHeavy> rbasak: Whatever
<TJ-> DeltaHeavy: Did you look at "/var/log/nginx/error.log" for clues? How far does it get logging when it starts?
<DeltaHeavy> jpds: It's my document root
<DeltaHeavy> TJ-: I did, nothing is being written there.
<DeltaHeavy> Last error is when I made an error in my conf a few hours ago.
<jpds> Ew.
<TJ-> DeltaHeavy: so, you need to enable verbose logging of nginx to gain detailed information
<DeltaHeavy> jpds: I have multiple websites on this host, or plan to.
<jpds> Who keeps their docroot in /usr? That's what /var/www/ and /srv are for.
<DeltaHeavy> jpds: nginx does by default. Nothing wrong with it as far as I can tell
<DeltaHeavy> /usr/share/nginx/ makes a lot of sense IMO
<DeltaHeavy> TJ-: I was looking on how to get nginx to start with verbosity but I see no such option. Am I misunderstanding you?
<jpds> Makes no sense to me.
<jpds> Anyway. <opinion />
<jpds> DeltaHeavy: https://rtcamp.com/tutorials/nginx/debugging/
<TJ-> If the nginx process isn't shown to be listening on port 80, then something fundamental isn't configured
<DeltaHeavy> I'll look into jpds tutorial
<TJ-> DeltaHeavy: Have you symlinked your configuration files to "/etc/nginx/sites-enabled/" correctly  "ls -l /etc/nginx/sites-*/ | pastebinit"
<DeltaHeavy> Should be in the pastebin I linked you under 'Shell' - https://gist.github.com/anonymous/33b0ec963c479d22f629
<TJ-> DeltaHeavy: Nope, only "ls" not "ls -l"
<jpds> DeltaHeavy: Have you tried removing this line? "listen [::]:80 default_server ipv6only=on;"
<DeltaHeavy> TJ-: lrwxrwxrwx 1 root root  7 Feb 14 10:31 default -> default
<DeltaHeavy> lrwxrwxrwx 1 root root 25 Feb 14 10:46 staging.decorgroupinc.com -> staging.decorgroupinc.com
<jpds> DeltaHeavy: It's a link, onto itself?
<TJ-> DeltaHeavy: There's your problem
<DeltaHeavy> No idea why =S https://gist.github.com/anonymous/3dfced1c2943713f4c43
<TJ-> DeltaHeavy: If you used the command correctly...!
<DeltaHeavy> Fixed it
<DeltaHeavy> Getting this now, going to go about fixing it - 'Restarting nginx: nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 32'
<DeltaHeavy> Fantastic...it all works.
<DeltaHeavy> Thanks guys!
<rharper> rbasak: cool.  I don't think so. IIRC you already merged the fixes for when specifying a specific bridge name
<rbasak> hallyn, zul: shall I just upload http://paste.ubuntu.com/6914206/ then?
<hallyn> rbasak: yup
<hallyn> (i assume it didn't make it into zul's upload then?)
<rbasak> OK, doing it now - thansk.
<rbasak> It seems not.
<rbasak> hallyn, zul: uploaded.
<p3rsist> Hi guys. I want to run a command with user B env variables but with root permissions from a user A shell. How can I do it?
<sarnold> p3rsist: how do those environment variables get set? replicate those steps..
<p3rsist> Sarnold I want to run a command in user B environment but with root permissions from a user A shell. I know I can use sudo -i -u userB sudo -E <command>... I was wondering if there are other ways
<DeltaHeavy> Is pastebinit a potential security threat?
<TJ-> Not if you don't install it
<sheptard> allowing anyone to access the machine including yourself is a potential security threat
<DeltaHeavy> TJ-: Of course :p I'm wondering if I should uninstall it when I'm done with it, and reinstall it as I need it.
<DeltaHeavy> sheptard: Yeah, I just want to minimize things.
<sheptard> it's not a network service
<sheptard> and it's not installed suid...
<sheptard> and if you want to 'minimize things' run OpenBSD.
<sheptard> no holes in a default install in at least a week.
<TJ-> DeltaHeavy: Or you could do what I do: "sudo chmod o-x $(which pastebinit)"
<DeltaHeavy> TJ-: I only have one user on the server anyway
<TJ-> DeltaHeavy: But it's not different to having 'cat' available
<Atw> Question, I am having issues with environment variables/$PATH, it started with me getting a different PATH value (checked with 'printenv') on other accounts (example, ssh deploy@1111, printenv, PATH=/usr/local/rbenv/shims:..., then 'su User', printenv, PATH=/usr/local/sbins:..., then even changin back to 'su deploy' I'm stuck on this other PATH). I seem to have patched the problem by
<Atw> changing '/etc/environment' so now it seems like changing users gives me the path I want, BUT if I open a remote terminal from NAUTILUS while the server is mounted via ssh I still get sidelined on this other PATH I don't want? How can I stabliize my global PATH the right way?
#ubuntu-server 2014-02-15
<hallyn> rharper: hey, just checking - have you had any time to look at the uvtool-ification of auto-upgrade-testing package?  (I haven't, but wondering where to put it on my list)
<rharper> hallyn: I've not yet looked, I read your patch, but been blocked on other tasks
<hallyn> rharper: ok, thanks - ttyl
<Beatstreet> trying to move files from two simularily named folders to one location and mv command fails
<Beatstreet> I dont have the space for cp or rsync
<Beatstreet> trying to make /home/user/drive1/ARCHIVE and /home/user/drive2/ARCHIVE combine into /home/user/ARCHIVE
<Beatstreet> any help?
<sheptard> unionfs?
<Beatstreet> isnt that for different mounts?
<MertenNor> I just installed Ubunto Server ubuntu 12.04.4 server Iand I get this when it boots up: http://i.imgur.com/p4IjLaj.jpg?1
<MertenNor> anyone ? xD
<MertenNor> I just installed Ubunto Server ubuntu 12.04.4 server Iand I get this when it boots up: http://i.imgur.com/p4IjLaj.jpg?1
<JanC> MertenNor: please don't repeat questions all the time  :)
<JanC> something makes the kernel crash
<JanC> when it tries to mount the root filesystem, I think, but I'm no expert
<JanC> maybe earlier lines on the screen could help, not sure
<MertenNor> is there a way I can copy the boot sequence.. ?
<MertenNor> or whatever it is called xD
<JanC> if it happens very early during boot (before logs can be written to disk), you'd probably need a serial console for that (but the kernel developers are more likely to be able to help with that)
<JanC> also, isn't that a laptop?
<MertenNor> JanC yeah its a laptop.. xD I know
<JanC> well, 12.04 did already have generic kernel, so shouldn't matter
<JanC> ... I think
<MertenNor> ok.. ? I know knwo xD
<JanC> MertenNor: did you also try with other Ubuntu versions?  maybe even older 12.04 or with the older/original 12.04 kernel?
<JanC> oh, an maybe also test the hardware (memory, disk)
<yeats> !bootchart | MertenNor
<ubottu> MertenNor: bootchart charts your machine at boot time, to install >> sudo apt-get install bootchart << the graphic is in /var/log/bootchart after the next reboot
<MertenNor> I have only tried 12.04
<JanC> yeats: not very useful if the kernel crashes  :)
<MertenNor> how do I do that ?
<MertenNor> is there a guie anywere ?
<MertenNor> guide*
<MertenNor> ill brb (15-20 min) or so.. dinner..
<MertenNor> ill be in the channel.. so just post and Ill read later
<JanC> guide for what?
<yeats> JanC: oops - didn't have full context ;-)
<JanC> <MertenNor> I just installed Ubunto Server ubuntu 12.04.4 server Iand I get this when it boots up: http://i.imgur.com/p4IjLaj.jpg?1
<JanC> yeats: ^^^
<yeats> JanC: thanks
<yeats> looks like a hardware problem
<JanC> hardware problem or a kernel bug
<JanC> or maybe even a configuration/installation problem (as, apparently, the installer did boot)
 * yeats would rule out the former before trying to chase down the latter
<MertenNor> b
<MertenNor> JanC ^
<ruben23> hi guys anyone can help i have a ubuntu server but i wanted not to turn off the monitor..how do i set this. Thanks
<ruben23> any idea guys..?
<hitsujiTMO> ruben23: try: setterm -powersave off -blank 0
<ruben23> setterm: cannot (un)set powersave mode: Inappropriate ioctl for device
<ruben23> thats the error output..
<hitsujiTMO> ruben23: do you have an xserver instlled?
<ruben23>  hitsujiTMO: this will not work if i dont have x server installed, does it really need an x server installed..?
<hitsujiTMO> ruben23: no it doesn't work if you DO have an xserver running :P
<hitsujiTMO> ruben23: try just: setterm -blank 0
<hitsujiTMO> ruben23: there's also this option http://serverfault.com/questions/137728/how-do-i-permanently-disable-linuxs-console-screen-saver-system-wide
<ruben23> nothing happens now - just blank after i enter
<ruben23> would this work now..? since when i input setterm -blank 0 <----------- no error just blank
<ruben23> hitsujiTMO..?
<hitsujiTMO> ruben23: ahh, try: setterm -blank 10             again then
<hitsujiTMO> ruben23: as it, it just works for that session, so if you're having trouble switch to another tty
<ruben23> hitsujiTMO: still there
<ruben23> the monitor still shuts off..
<hitsujiTMO> ruben23: even on another tty?
<hitsujiTMO> ruben23: you should still be able to blindly type: setterm -blank 1
<hitsujiTMO> ruben23: you should still be able to blindly type: setterm -blank 10
<TJ-> ruben23: how about "setterm -powersave off" ? see "man setterm"
<ruben23> TJ-:  hi i tried that command already..
<ruben23> but nothing happen yet
<ruben23> any concrete solutions somehow please
<TJ-> ruben23: You first need to identify at which level the screen is blanking... is it the monitor DPMS, or a higher level?
<ruben23> how do identify this..? please help
<TJ-> ruben23: By investigating the system, reading documentation and investigating useful diagnosis tools
<ruben23> setterm -blank 0, this command i already set - the monitor that turns off is the local monitor connected diredctly to the server..
<ruben23> hi there guys i have ubuntu desktop when i plug in the headset the mic have very load echo sound very bad quality audio any idea how to correct this..?
<KristianDK> Hi there. I'm trying to install `language-pack-en` on a brand new ubuntu server installation (on ec2) right after apt-get update. I get E: Unable to locate package language-pack-en - is there something obvious that could be wrong?
<KristianDK> I did check /etc/apt/sources.list
<TJ-> KristianDK: Try "apt-cache policy language-pack-en"
<joshu__> how do you debug an init.d script which works fine when I execute it directly /etc/init.d/myscript start, but doesn't execute on boot?
<TJ-> joshu__: add logging to it in some way, it probably already calls the library log_message functions, you can add more or enable some VERBOSE or DEBUG switch in the script that already does more reporting
<joshu__> TJ- I have this in the case start switch "log_action_msg "Starting" but I don't know where to see this log message
<TJ-> joshu__: It should be syslog
<TJ-> joshu__: But if I recall correctly, most of those log messages go to the console at boot-time
<joshu> is grep -r word / the best way to search for any file contaiing "word" ?
<sarthor_> how to know in command prompt that my Linux is 32bit or 64bit
<bekks> sarthor_: file /bin/bash and uname -a
<sarthor_> bekks: uname -a
<sarthor_> Linux bbbutton 2.6.32-38-generic #83-Ubuntu SMP Wed Jan 4 11:13:04 UTC 2012 i686 GNU/Linux
<sarthor_> , is this 32bit?
<TJ-> "uname -m"
<sarthor_> TJ-: arch did same, thanks
<sarthor_> TJ-: but it says i686, not 32bit
<TJ-> You have to know your architectures :)
<TJ-> If you have "dpkg-architecture" installed (package dpkg-dev) you can look at DEB_{BUILD,HOST}_ARCH_BITS
#ubuntu-server 2014-02-16
<fishcooker> i have server that doesn't install xorg.. i want to disable input devices; mouse and keyboard.. what should i do?
<LeMike> thanks TJ- for your help in creating makefile yesterday. got it now and almost understood it ;)
<hxm> i dont get how spf works at all, in this case "v=spf1 ip4:192.168.0.1/16 -all" it accepts that range of ips, but what is that ip, of the server which sends the mail or the client who connects to the server?
<TJ-> hxm "SENDER" policy framework. The SPF record says that for this domain, these are the approved senders
<tomreyn> is debootstrap no longer a recommended means of installation?
<tomreyn> is there another method which you can use without serial console?
<tomreyn> (nor KVM)
<tomreyn> i'm looking at https://wiki.ubuntu.com/DebootstrapChroot but it seems kind of dated
<TJ-> tomreyn: I use it almost daily
<tomreyn> alright :)
<hxm> TJ-: thanks
<joshu> in /boot/grub/grub.conf I don't understand the two console parameters, e.g. ` console=ttyS0,9600 console=tty0`
<joshu> I'm trying to create my own AMI for Amazon, so I'm trying to understand the grub settings.
<stgraber> joshu: that tells the kernel to ouput its console messages to both the first tty as is the case by default (tty0) and to the first serial device with a speed of 9600bauds
<stgraber> I suspect console=tty0 is probably irrelevant on cloud hosting, console=ttyS0,9600 may be how the hypervisor gets to show you boot messages though (not familiar with amazon, but I suspect they have a way to get kernel boot messages from an instance, in which case, that's how they'd do it)
<joshu> stgraber thank you for explaining. I'm seeing different configs on different public AMIs. For instance on Amazon's own Linux AMI they have only `console=ttyS0`.
<joshu> some other AMI use hvc0
<stgraber> console=ttyS0 may be an equivalent of console=ttyS0,9600, assuming their kernel defaults to 9600bauds (which I think is part of the kernel build time config)
<stgraber> same goes with hvc0, recent kernel will usually show serial devices from an hypervisor as hvc0, while older ones may not know how to detect those and instead use the generic ttyS0
<joshu> If Amazon uses ttyS0 should I trust they are doing what's most appropriate for their platform and do the same?
<stgraber> no
<stgraber> it entirely depends on what kernel and kernel config you are using
<joshu> Ok I think I understand
<stgraber> if you use the same kernel they are, then yes, but if you use a very recent kernel, chances are that it'll be hvc0 instead. Same goes for the speed, it's probably best for you to always hardcode it to 9600 to avoid your kernel's config to potentially write faster than that
<joshu> stgraber You've been really helpfull! I made some changes and now I see all the boot messages! :D
<stgraber> cool, glad it helped
#ubuntu-server 2015-02-09
<pmatulis> ash_m: open a bug if something is unclear - https://bugs.launchpad.net/serverguide/+filebug
<jvwjgames> HI i need help
<jvwjgames> I can't Update anymore
<jvwjgames> error read this
<jvwjgames> Encountered a section with no Package: header
<jvwjgames> Problem with MergeList /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_multiverse_i18n_Translation-en%5fUS
<jvwjgames> The package lists or status file could not be parsed or opened.
<jvwjgames> Can't call method "policy" on an undefined value at /usr/bin/apt-show-versions line 56.
<jvwjgames> E: Problem executing scripts APT::Update::Post-Invoke-Success 'test -x /usr/bin/apt-show-versions || exit 0 ; apt-show-versions -i'
<jvwjgames> E: Sub-process returned an error code
<jvwjgames> root@jvwjgames:~# rm /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_main_i18n_Translation-en%5fUS
<jvwjgames> nevermind
<jvwjgames> i fixed it
<jvwjgames> if any has this problem use this command rm /var/lib/apt/lists/* -vf
<jvwjgames> and it will be fixed
<jvwjgames> you just need to do an update
<jvwjgames> an apt-get update that is
<ash_m> pmatulis: do you think it is unclear? -- is this an issue where I am just too lacking in experience to understand that part of the documentation?
<svetlana> How to upgrade from 14.04 to 14.10? do-release-upgrade does not pick it up.
<Sling> svetlana: what happens when you do that though?
<svetlana> Sling: it says it does not see any next release.
<Sling> svetlana: what does Prompt contain in /etc/update-manager/release-upgrades
<Sling> if you are currently not on an LTS release (which 14.04 isn't) and your Prompt is 'lts' then it won't upgrade, afaik
<svetlana> Sling: "lts"
<Sling> so setting it to 'normal' would fix that
<svetlana> Ok. Ta.
<Sling> you can always put it back to 'lts' afterwards to avoid getting non-lts releases later
<lordievader> Good morning.
<YamakasY> good morning!@
<YamakasY> whoops
<YamakasY> is this channel more alive again ?
<lordievader> YamakasY: More alive? Compared to when?
<YamakasY> lordievader, some weeks ago
<lordievader> YamakasY: Its allways about this active. It is nice and quiet, everything works ;)
<YamakasY> lordievader, hehe, yes better than #ubuntu, I got banned some days ago as IÂ´m not there that much and someone pinged me about Ubuntu finally running from on a rasp, those ops were freaking out it was untrue, we were forcing together and baf..
<YamakasY> strange channel these days
<YamakasY> IRC changed :(
<lordievader> Not really.
<lordievader> In my opinion anyways.
<YamakasY> lordievader, the #ubuntu channel is, it was dead for a while now we have ops there that want to answer a question before itÂ´s even asked... and all stuff is most n00bish
<svetlana> YamakasY: it is not like irc changed. More like irc channel.
<YamakasY> svetlana, yap true
<YamakasY> svetlana, you name :P I must ask are you a male or female ?
<YamakasY> *your
<svetlana> I manage to get answers when I want to still. What leaves me worried is that the distro contributes non-free stuff quite a bit. But I like spreading knowledge anyway and the way the channel is does not /get in the way/ of me doing so, so I'm happy.
<svetlana> I'm female.
<YamakasY> that is good! female in IT, finally not some male that takes a female name on iRC
<svetlana> Waiting on an upgrade to 14.10 now. It includes systemd by default, which is forced on me during the upgrade. Hopefully it boots; in that case I can figure it out.
<svetlana> I do not do IT as a job, only as a hobby.
<YamakasY> oh they are changing too now ?
<YamakasY> okay
<YamakasY> good hobby
<svetlana> I saydo not do a job in IT if you can. Most of the jobs result in proprietary output.  Consider non-IT job and do IT as a hobby.
<YamakasY> #ubuntu is really for hobby now it seems, the channel lacks
<YamakasY> I asked once something, #debian is better in those cases
<svetlana> I find it okay to ask in #ubuntu, it helps others to learn.
<svetlana> If they don't know, I reformulate the question, and eventually figure it out.
<svetlana> There was no Ubuntu question I had which would be impossible to address with the help of #ubuntu and the web, thus far.
<YamakasY> yeah but the way is wrong, the ops and some tard think they are king... they are just a number on this world to be honest
<YamakasY> you can google everything about Ubuntu these days
<YamakasY> much better
<svetlana> I think it is not as much problem with ops as persons. It is a problem of the channel being too big and too fussed about offtopic stuff.  If one invents a way to split it, it'll become okay. And yesh, more people helping in there would also help.
<svetlana> I am about to fall asleep. Through this dog slow internet and 1GB of upgrades.
<YamakasY> haha
<lordievader> Utopic does not run systemd by default, it has it installed due to udev.
<lordievader> Even 15.04 doesn't run systemd by default.
<YamakasY> okay, so it wonÂ´t be default ?
<YamakasY> ever ?
<YamakasY> I mean why do they want to switch ?
<Odd_Bloke> YamakasY: http://www.markshuttleworth.com/archives/1316 is sabdfl's blog post on the matter.
<YamakasY> Odd_Bloke, thanks! will read that after I fixed my primary key issue for MySQL
<svetlana> ah
<svetlana> now i should probably go learn what udev is
<lordievader> svetlana: Udev is the replacement for HAL. It's a hardware abstraction layer.
<YamakasY> oh yeah the Hal days and Videocards :S
<jamespage> rbasak, I find my memory around library soname bumps slightly hazy? do you have a moment to double check something for me?
<rbasak> jamespage: sure
<jamespage> rbasak, so the new corosync point release for vivid bumps libvotequorum from 6->7
<jamespage> fine
<jamespage> so I think that all I need todo is cut the new libvotequourum7 package, drop the 6 one and then update deps for transition support
<jamespage> although other than corosync, nothing else depends on this...
<rbasak> Ah, I hadn't addressed corosync yet. Thank you for looking at it.
 * rbasak is still working on MySQL :-/
<jamespage> rbasak, keep working in mysql :-)
<jamespage> rbasak, oh I took some time on my travels to look at dpdk as well
<rbasak> jamespage: agreed. I don't think you need to do anything else. As long as that's the only sover bump?
<jamespage> rbasak, as far as I can see yes it is
 * rbasak wonders why they're shared libraries in the first place
<rbasak> I suppose there might be out-of-archive builds against it.
<rbasak> Doesn't sound exactly like a point release though! :)
<jamespage> rbasak, yeah I was a little surprised
<jamespage> probably not a candidate for a MRE :-)
<rbasak> I suppose it's better that they bumped the sover than breaking ABI and not bumping anything at all.
<rbasak> Not that it would impact anything in this case!
<jamespage> rbasak, http://paste.ubuntu.com/10140929/
<jamespage> does that look sane?
<rbasak> jamespage: you might not need to Conflict/Replace libvotequorum5 any more as I don't see it in the archive.
<jamespage> rbasak, good point
<rbasak> jamespage: looks fine. There aren't any symbols files that need updating, do they?
<jamespage> rbasak, so just 6 required for upgrades - makes sense
<jamespage> rbasak, nope - checked that already
<rbasak> jamespage: I would prefer to test the binaries though - I guess you know how to do that better than me.
<rbasak> A dep8 test would be nice :-)
<jamespage> rbasak, a bit tricky with a single instance
<rbasak> Yeah. I wonder if we should start arranging amulet tests for this kind of thing.
<jamespage> rbasak, but even a basic package install test is useful
<rbasak> kickinz1 has a similar need with a postgresql clustering bug he's working on.
<rbasak> In all that free time you have, of course :)
<jamespage> rbasak, gnuoy has been working on that sort of stuff using mojo - we have the start of a full openstack ha cloud scenario
<jamespage> kills units, makes sure stuff is still functional etc...
<rbasak> That sounds good.
<rbasak> Now that we have generally good dep8 coverage or at least a plan where that's missing, I think this might be the next testing hole for general server packaging.
<coreycb> zul, jamespage: juno stable is all set for review.  cinder, neutron, and nova are dependent on this though - https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1419117
<Piffer_> In order to have crontab (root) execute a script, that stops a app, deletes a file, and starts the app again. When I run the script manually as root, it works fine. When cron runs it, the app is stopped, file deleted, but the app is not started. Are there any special tricks to have cron start an app?
<maswan> No, but the environment might be a bit different. Maybe something is not in the path when run from cron or something needs to be set?
<Piffer_> thanks, I think its a path issue.... that makes sense.
<Piffer_> maswan: Thanks, it was a path issue. I had added the folder to the path, but not the sub folder containing the config file.
<jamespage> coreycb, looking at you eventlet bump now
<jamespage> coreycb, made one minor tweak
<jamespage> convention is to use a point on the packaging version
<jamespage> 1ubuntu4 -> 1ubuntu3.1
<jamespage> tbh it did not really matter as vivid has a new upstream release
<jamespage> coreycb, are you good on how to specify that as the min version for the things that need it?
<coreycb> jamespage, did you mean 1ubuntu4 -> 1ubuntu4.1 ?
<jamespage> coreycb, no
<jamespage> the current utopic release version is 1ubuntu3 right?
<coreycb> jamespage, ah, right..
<jamespage> so just add a minor version bump
<coreycb> jamespage, got it. so is there a trick in debian/control for packages that use eventlet?  currently cinder has python-eventlet (>= 0.13.0)
<jamespage> coreycb, as you want to ensure that you get the right patch in packaging you need to extend taht
<jamespage> (hint: and deal with the cloud archive backport at the same time)
<coreycb> jamespage, something like... python-eventlet (>= 0.13.0-1ubuntu3.1~)
<jamespage> coreycb, +1 spot on
<coreycb> jamespage, Ok I'll make the updates to the openstack packages.  any idea when eventlet will be available for me to rebuild?
<jamespage> coreycb, well I suspect the SRU team will process all-in-one go
<jamespage> coreycb, so don't depend on it being in the proposed archive just yet - you'll need to work from a ppa for now I guess
<coreycb> jamespage, ok
<jamespage> rbasak, that corosync update works OK - although it did reveal a slightly nasty side effect of the upgrade
<jamespage> pacemaker needs a restart with the newer corosync version
<rbasak> jamespage: interesting. I suppose the right way would be arrange that inside postinsts somehow (not sure if that's allowed by policy directly though). But maybe not worth it?
<jamespage> rbasak, I'm actually pondering whether this is another ceph like think
<rbasak> I don't follow. ceph like thing?
<jamespage> rbasak, for ceph, the restart of daemons must be co-ordinated across a cluster, otherwise you get outage
<rbasak> I see
<jamespage> rbasak, so the package maintainer scripts don't stop/start anything during upgrades; that's up to the operator
<jamespage> rbasak, its still not ideal but its more controllable
<rbasak> Makes sense.
<jamespage> rbasak, the same might apply to a clustered system set
<jamespage> you want to upgrade the binaries, then restart the daemons in a controlled way
<rbasak> I suppose corosync/pacemaker is fundamentally a multi-server thing that packaging can't be expected to orchestrate.
<rbasak> So more controllable, with the packaging doing less, makes sense.
<jamespage> rbasak, I'll not poke at that for now
<jamespage> rbasak, tbh I think some of its due to the version bump which won't happen post release
<rbasak> ack
<hariom> Hi, I am using virtualbox for running Ubuntu 12.04 server edition. The command line screen is very small despite install guest addition. How to increase size of the command line screen?
<CiPi> Hello, i have a question, i have upgradedfrom 12.04 to 14.04, everything worked fine, but the only problem is that is booting on the old kernel, and how can i boot from kernel 3.13 ?
<CiPi> How can i boot from another kernel from terminal via ssh
<coreycb> jamespage, you mentioned something earlier about  "it did not really matter as vivid has a new upstream release".   what did you mean?
<jamespage> coreycb, oh - so the convention is to drop a minor point in - 3.1 for example
<coreycb> jamespage, right, I got that part -- but this is for juno-utopic so not sure what the relation to vivid was
<jamespage> coreycb, this would ensure that you would not conflict version wise with a pure packaging update in the later ubuntu release
<jamespage> utopic->vivid
<jamespage> upgrade path
<jamespage> coreycb, but vivid has 0.15 so its fine
<coreycb> jamespage, ok got it, thanks
<hariom> http://www.mikeplate.com/2011/11/08/change-virtual-console-resolution-on-ubuntu/
<CiPi> How can i boot from another kernel from terminal via ssh ?
<CiPi> I have kernel 2.6, and installed kernel 3.13
<CiPi> And after reboot is booting still from the old kernel 2.6
<CiPi> Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 2.6.32-042stab092.2 x86_64)
<CiPi> Damn :|
<rberg_> is that a VM getting its kernel from the host system?
<teward> CiPi: is the system a VPS or something?
<CiPi> Yes, is VPS.
<teward> CiPi: do you know if it's OpenVZ or not?
<CiPi> Yes, openvz
<teward> CiPi: that's why it won't update - it's likely inheriting from the host
<CiPi> Damn. :|
<dannf> hallyn: hey, not sure what your plans are for qemu in vivid, but if you're sticking w/ 2.1 would you consider this? https://github.com/dannf/pkg-edk2/commits/armvirt
<hallyn> dannf: i'm merging 2.2 this week
<dannf> hallyn: cool, then you should already have all those changes
<hallyn> dannf: if those changes unblock things pls feel free to push in the meantime though
<dannf> hallyn: nah, if you're confident about a 2.2 this week, i can wait. thx :)
<hallyn> dannf: i've got a ppa build of 2.2 so i don't *expect* any blockers
<dannf> hallyn: ah, where can i find that?
<hallyn> dannf: https://launchpad.net/~ubuntu-virt/+archive/ubuntu/virt-daily-upstream
<hallyn> (getting a bit crufty by this point i guess)
<dannf> thx
<coreycb> zul, I'm working on kilo MIRs and enabling tests for pylibmc.  the version is pylibmc (1.2.3-1build1).  should I change that to utopic?
<coreycb> sorry, to ubuntu
<zul> coreycb: yes
<coreycb> zul, ok
<soahccc> Can someone confirm my suspicion that this is the network driver? https://gist.github.com/2called-chaos/c800bdb2421d95c30b12
<GeekDude> soahccc: looks like a gist to me
<GeekDude> It says "WARNING at /build/buildd/linux-lts-saucy-3.11.0/net/ipv4/tcp_input.c"
<GeekDude> I'm no expert, but it looks like the tcp stack to me
<soahccc> GeekDude: That's how I came to my suspicion ;)
<mfisch> zul: is there a reason you dont put a Label: on the release file for UCA?
<mfisch> reference: http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/trusty-proposed/kilo/main/binary-arm64/Release
<mfisch> it would make my pinning much easier
<med_> we need bits of kilo and juno
<mfisch> what med said
<med_> http://us.archive.ubuntu.com/ubuntu/dists/trusty-updates/main/binary-amd64/Release
<med_> mfisch, ^
<med_> zul ^
<med_> vs
<med_> http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/trusty-updates/kilo/main/binary-amd64/Release
<mfisch> med_: here's the man page that talks about using labels: http://ccrma.stanford.edu/planetccrma/man/man5/apt_preferences.5.html
<med_> maybe jamespage knows how to get OVS from UCA/kilo while running UCA/juno
<med_> without just wgetting it (which does work fine)
<zul> mfisch: ermm...not sure why we dont
#ubuntu-server 2015-02-10
<rbasak> jamespage: may I have your opinion on bug 1411030 please? I'm not sure an SRU is appropriate, unless there is a special need here?
<YamakasY> ok, I can telnet to a webserver on 443 but not curl on it
<lordievader> Good morning.
<jamespage> zul, coreycb: bumping eventlent to 0.16.1 - new base for kilo-2
<ktosiek> I see a strange behaviour in DNS name resolving: I want to resolve a subdomain (say, api.blah.com). host api.blah.com says "connection timed out". host -r -a api.blah.com tells me there are 2 NS records for blah.com, and show A records for those NSes in ;; ADDITIONAL SECTION
<ktosiek> first of those IPs does, in fact, time out. But the second works
<ktosiek> shouldn't the resolver fall through to the second one?
<ktosiek> oh, and "dig api.blah.com" works instantly
<ktosiek> wait, no, dig only gives me an empty result
<ktosiek> dang it
<coreycb> jamespage, thanks
<coreycb> jamespage, zul:  can one of you take a look at this?  https://code.launchpad.net/~corey.bryant/ubuntu/vivid/pylibmc/enable-tests/+merge/249108
<coreycb> zul, jamespage : and this too please: https://code.launchpad.net/~corey.bryant/ubuntu/vivid/python-nose-exclude/enable-tests/+merge/249194
<rbasak> jamespage: opinion on bug 1411030 please?
<rbasak> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1411030
<rbasak> Ceph/Apache related
<jamespage> rbasak, hmm
<rbasak> jamespage: will need TB approval I presume. But is this something we want to pursue?
<jamespage> rbasak, I was aware to the switch upstream between fastcgi mods
<jamespage> rbasak, but not of this specific requirement
<rbasak> jamespage: other options are to require trusty-backports and put a newer Apache there, or to make users use Utopic or later, or to wait until the next LTS. I'm not sure I understand the background of which of these might be acceptable.
<rbasak> jamespage: for example, could we make the Trusty ceph charm pull from backports?
<jamespage> rbasak, the trouble is that upstream target 14.04 as a supported release
<jamespage> I can understand they don't want to hold and apache fork over and above ubuntus
<rbasak> This is where I get frustrated and rant again.
<rbasak> They target 14.04 because it's stable, but they want to change it?
<jamespage> rbasak, welcome to my world :-)
<rbasak> Instead of forking, they could use trusty-backports instead.
<coreycb> zul, jamespage: this needs a look too please: https://code.launchpad.net/~corey.bryant/ubuntu/vivid/python-elasticsearch/enable-tests/+merge/249195
<rbasak> That should be a better option than forking in all circumstances I think.
<rbasak> jamespage: on another note, I see that corosync migrated to vivid earlier. Is there any further testing you think we need to do?
<coreycb> zul, jamespage: can we bump python-django to 1.7?
<zul> ooo
<jamespage> coreycb, zul: I did take a peek at that
<jamespage> I think there was a requirement for a new MIR
<jamespage> but I had an outstanding question on how we deal with pypy related packages
<coreycb> jamespage, it's already in main, it would need a new MIR?
<jamespage> coreycb, new dep
<coreycb> ok
<jamespage> python-sqlparse
<jamespage> I have the merge from debian locally - but I ran out of time to look at the deps
<zul> jamespage:  newer python-migrates need that as well btw
<coreycb> zul, jamespage: good assumption that python-pip does not belong in main?
<zul> coreycb:  hehe...yes
<coreycb> zul, yeah, sphinxcontrib-pecanwsme has it in it's build-depends for some reason
<jamespage> coreycb, hey - re pylibmc
<jamespage> so - you need to run 'update-maintainer'
<jamespage> and I'd not wrap and sort on this one
<jamespage> it will make merging from debian harder in the future
<coreycb> jamespage, ok
<jamespage> coreycb, commented on MP as well
<jamespage> coreycb, you may want to try pylibmc in a PPA - I think it needs a running memcached to work properly (tests_
<coreycb> jamespage, ok
<coreycb> jamespage, yeah so pylibmc tests fail in ppa build but not in my local builds
<coreycb> jamespage, I think that must  be a false positive
<jamespage> coreycb, do you have memcached running locally?
<coreycb> jamespage, no and I'm running in pbuilder chroot but it doesn't actually have any test output other than "ran 21 tests ... OK"
<jamespage> coreycb, hmm
<jamespage> coreycb, I get
<jamespage> Ran 21 tests in 4.066s
<jamespage> FAILED (errors=11, failures=6)
<coreycb> weird..
<coreycb> zul, jamespage: I think this got lost in the shuffle, needed for juno - https://code.launchpad.net/~corey.bryant/ubuntu/utopic/python-eventlet/0.13.0-1ubuntu3.1/+merge/248960
<jamespage> coreycb, already uploaded
<coreycb> jamespage, thanks!
<baggar11> Anyone know how to get the fileinfo php extension installed on 14.04?
<Sling> baggar11: how have you tried to install it?
<SG-PXE> would anyone be able to help me with a PXE question? i want to install ubuntu via PXE using a downloaded local CD, currently the PXE goes out on the internet and pulls from the archive site
<Sling> baggar11: looks like this package is about 9 years old, I would strongly recommend not using it
<Sling> its removed from current php for a reason :)
<sarnold> hmmm, the php 'file' repository is practically the 'file' upstream these days
<xibalba> this message is presented to me upon login: /dev/xvda1 should be checked for errors : I dont have console access to this box, how can i force a fsck on bootup?
<Sling> xibalba: sixth field in each fstab line
<Sling> see man fstab
<xibalba> i found touch /forcefsck
<xibalba> 6th field is 0
<xibalba> i forgot what column that is
<Sling> so give the partition you want to check a '2' so its checked, the root filesystem probably has '1'
<Sling> this determines the order of checking
<Sling> (1 for first one, 2 for all others)
<Sling> 0 means never check during boot
<xibalba> ah thats right
<xibalba> interesting someone mentions the shutdown -F command but i didn't find it in the man page
<Sling> as usual more than 1 road to rome :)
<Sling> but the fstab method is pretty generic
<xibalba> that reminded me of the road map to moscow i was looking at the other week
<xibalba> doing a screen grab for iit
<xibalba> http://puu.sh/fKcmz/44957686b0.png
<Sling> :-)
<xibalba> all roads lead to a meglomanianc named putin
<baggar11> Sling: got any ideas on how to get the extension enabled?
<Sling> baggar11: nope, tried for a few mins, it wont even compile manually
<Sling> why do you want it in the first place?
<baggar11> https://github.com/snipe/snipe-it
<SG-PXE> would anyone be able to help me with a PXE question? i want to install ubuntu via PXE using a downloaded local CD, currently the PXE goes out on the internet and pulls from the archive site
<YamakasY> hi guys, I have unmet dependencies when I want to install openjdk-8 using the ppa
<YamakasY> I didn't had that yesteday
<YamakasY> *yesterday
<teward> !ppa | YamakasY
<ubottu> YamakasY: A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<teward> keep that in mind
<teward> (also, 'ppa' is ambiguous - you don't specify the PPA you use)
<YamakasY> yes but for openjdk8 you need it
<YamakasY> I don't have restricted in my repo's
<YamakasY> I might need that
<sarnold> why not just apt-get update && apt-get -u dist-upgrade && apt-get install openjdk-8 ?
<YamakasY> mhh I hav restricted
<YamakasY> because it can't ?
<YamakasY> 8 is not in the default repo's of 14.04
<sarnold> I thought you said you added someone's ppa with an openjdk-8 package?
<YamakasY> yap
<YamakasY> but I get unmet dependencies, yesterday I didn't
<YamakasY> so I wonder
<YamakasY> is there a recommended ppa for openjdk-8 ?
<YamakasY> I now use ppa:openjdk-r/ppa
<YamakasY> this is what I get:  openjdk-8-jre-headless : Depends: libnss3-1d (>= 3.12.9+ckbi-1.82-0ubuntu4) but it is not going to be installed
<YamakasY> I hate this, why is Ubuntu so far behind with java every time
<jpds> YamakasY: Because Oracle refuse to allow others to redistribute java?
<sarnold> YamakasY: wow, that doesn't look like it's been updated since september. there've been dozens of security issues found in java since then...
<sarnold> https://launchpad.net/~openjdk-r/+archive/ubuntu/ppa
<YamakasY> jpds: yeah oracle sucks
<YamakasY> sarnold: mhh
<YamakasY> ok need to to find a better ppa!
<YamakasY> sarnold: all are do damn old
<sarnold> YamakasY: you might have to deal with oracle's downloads directly on this one
<YamakasY> sarnold: no found one
<YamakasY> I want puppet :D
<sarnold> YamakasY: http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html
<budman> Any helpers in? Ive got an odd issue, ubuntu 12.04 or 14.04, install docker, run some containers and then reboot... The boxes hang on press s to skip or m for manual to mount /sys/fs/cgroup (then it repeats with other mounts including root etc..) eventually boots but everything is read only mode. I can livecd boot and mount the drive no issue read/write...
<budman> what am I missing ;)
<YamakasY> ok, this one works :D
<YamakasY> happy installing
<bdx> smoser: Are you around?
<YamakasY> why does ubuntu messes up from time to time with filling up /boot with kernels
#ubuntu-server 2015-02-11
<edenist> hi guys
<edenist> getting a really weird error here.... trying to diagnose a Size mismatch error with an apt-get update
<sarnold> edenist: are you using apt-cacher-ng?
<smoser> bdx, here now.
<smoser> whats up?
<edenist> oh man, thats right I am.... sigh....... I was wondering why my mds5sums were different, as when doing a wget of the deb manually, it was fine
<edenist> I'll clear the apt-cacher-ng cache
<edenist> thanks guys! should have realised the apt-cacher problem myself [its happened before..] derp
<sarnold> edenist: indeed, it took me hours to figure it out when it first happened to me.. second time, a day later, it was a quick apt-get purge and apt-get install squid-deb-proxy, and I've been happy ever since :) hehe
<SG-PXE> would anyone be able to help me with a PXE question? i want to install ubuntu via PXE using a downloaded local CD imagestored on the server running TFTP & Apache, currently the PXE goes out on the internet and pulls from the archive site. Apache is serving up the filesystem.squashfs for gparted
<sarnold> SG-PXE: the MAAS server does more or less exactly that; it might have the magic sauce you need in dhcp or something to tell the pxe-booted thing where to find the rest of the installer
<sarnold> SG-PXE: I hope this hint's enough, time for me to run
<SG-PXE> sarnold: i was hoping i wouldnt have to set up a MAAS server since that adds something extra ontop of everything
<lathiat> SG-PXE: you could run a local mirror fairly easily, you can enter the mirror during install
<lathiat> SG-PXE: when it asks for your country right at the top is an enter manually option
<lathiat> SG-PXE: you could also look at apt-cacher-ng as an alternative to using a downloaded cd
<sarnold> SG-PXE: yeah, I don't think you need the full MAAS server, but hopefully you can find the dhcp config its using withot too much hassle
<lathiat> that would be through a preseed file
<lathiat> but otherwise you can just enter it manually
<SG-PXE> lathiat: would a local mirror be hard to set up?
<SG-PXE> i was using this guide but since i already had apache serving up files for gparted i didnt want to have to install nfs https://help.ubuntu.com/community/PXEInstallMultiDistro#Ubuntu
<lathiat> you dont need nfs you can jus tmount the cd inside the apache root
<SG-PXE> would i be able to use fetch=<serverip>/ubuntu if i just put the cd in the apache root?
<lathiat> i am unsure which boot flag you need to use you'd have to test that yourself btu what i can tell you is you can choose 'enter information manually' at the top of the mirror country list
<SG-PXE> ok so if i understand right if cant find the right flag i would just be able to set the serverip as the mirror when installing ubuntu
<lathiat> right
<lathiat> there is a falg for it, i just dont know what it is, i would suggest trying otu setting it manually and if that works you can look at figuring out the flag
<SG-PXE> id have to keep if as an iso though right?
<lathiat> SG-PXE: well no, you could mount it, or copy the files out
<lathiat> SG-PXE: or you could create a complete mirror with one of the various tools for doing that, or use apt-cacher-ng to download and then cache the files for re-use in future installations.
<SG-PXE> ok i have already started to copy the files out, thanks lathiat
<lordievader> Good morning.
<farva_> can some one tell me how to locate the logs for connections made to my server machine?
<farva_> hopefully they are timestamped and show the number of connections made from each IP such as in netstat -ntu
<lordievader> farva_: What type of connections?
<farva_> we were ddosd and I got the IP of the person in question but I need to find the log to report them to OVH since it was an OVH machine that they were using
<farva_> unfortunately I am not very good with networking so I kinda fly by the seat of my pants trying to figure this stuff out
<lordievader> farva_: Individual connections are not logged (thank god), but if they targeted a service, like ssh, you might try their logs. For example ssh does log every login attempt.
<farva_> hmmm, well, they hit a game server so I am pretty sure they targeted a port
<farva_> and the IP in question
<lordievader> You can set iptables to log every connection but then you need HUGE disks to hold just the logs.
<farva_> I was afraid of that...
<farva_> when you say a huge disk...how big is huge, and can't I write a script to clear the logs every 48-72 hours?
<farva_> is there a way for me to pull up the output that I received when I ran netstat -ntu?
<lordievader> I've logged my input connections once. It was going fast. Of course it depends on how much of a target the machine is.
<lordievader> farva_: Netstat only shows current connections, for as far as I know.
<lordievader> What you could do is log the traffic to a specific port though.
<farva_> correct, I was not sure however if the system stores the information in a temp file or not
<jamespage> coreycb, zul: hey so for kilo-2 please can we update deps for new namespaceless oslo packages
<jamespage> we should end up with no reverse-depends on the python-oslo.* ones
<jamespage> coreycb, zul: http://paste.ubuntu.com/10172162/
<zul> jamespage:  context?
<coreycb> zul, do you have the oslo's covered?
<zul> coreycb:  yeah they are still in proposed though
<coreycb> zul, ok
<zul> jamespage:  ack
<zul> jamespage:  when you get a sec can you have a look at https://jenkins.qa.ubuntu.com/job/vivid-adt-nova/lastBuild/ARCH=amd64,label=adt/
<jamespage> zul, I am
<zul> jamespage:  thanks
<jamespage> I think its oslo.serialization
<jamespage> coreycb, I've picked your nova branch btw
<jamespage> dealing with the dep-8 test failure at the same time
<coreycb> jamespage, kilo?
<jamespage> coreycb, yes
<coreycb> jamespage, ok
<zul> jamespage:  i have dependency changes for nova as well so Ill wait until your done for nova and merge the branch im working on with yours and coreys
<jamespage> zul, nope its oslo.db
<jamespage> busted - fixing now
<zul> jamespage:  k
<jamespage> zul, fix uploaded - that may resolve the nova dep-8 test failure anyway
<zul> jamespage:  ack
<zul> new python-hacking uploaded
<jamespage> zul, meh - did that not need new flake8 + pep8?
<zul> jamespage:  nope :)
<zul> patched the requirements.txt
<jamespage> zul, I'm still not sure why we even need the dependency on hacking tbh
<zul> jamespage:  neither do  I really
<jamespage> zul, I reckon we can drop it
<jamespage> lint checking on build in distro is two steps late and valueless
<jamespage> infact we did drop it once - why is it back in?
<zul> jamespage: because the unit tests specifically uses it
<jamespage> really
 * jamespage looks at nova
<jamespage> zul, can't see it
<zul> jamespage:  nova/tests/unit/test_hacking.py
<coreycb> jamespage, I made a few debian/control updates to nova
<coreycb> pushed to my branch
<LeMike> This will be odd: We have a NRAID5 running with 4 drives, each 500GB (making 2TB in sum). First: RAID5 is about 3 drives... wtf? Second: If I remove 500GB and add 2TB, will it be 3,5TB? Or will it stay 2TB?
<LeMike> oh. no.  Raid5 is 4 drives. forget about it. but will the Nraid sum up?
<coreycb> zul, here's the list of version bumps needed - http://pastebin.ubuntu.com/10174150/
<coreycb> had you done anything for oslo.context?
<coreycb> zul ^
<zul> coreycb: python-oslo-context :)
<coreycb> zul, ah no period
<coreycb> zul, was that a mistake?
<zul> coreycb:  no its just the new oslo namespace thing
<coreycb> zul, all the other oslo's have a period still though
<coreycb> probably not an issue, just a name
<zul> coreycb:  not an issue
<a_ok> limits.conf obviously is just broken I have given up on it. Cgroups seems promising but only redhat and arch seem to have a clue on how to set this up. How can I have my apache processes limited to a certain amount of memory
<coreycb> zul, jamespage: hmm, so websockify is in nova/debian/control for juno but never made it to main
<zul> coreycb:  its in pydist-overrides remove it from debian/control please
<maswan> a_ok: yes, cgroups is the only working mechanism for limiting memory use
<coreycb> zul, ok, and do we want to do the same for kilo?
<zul> coreycb:  yeah ive already done that
<coreycb> zul, ok, ironic depends on it now too
<coreycb> I just ran the websockify tox tests and they are still bitrotting
<a_ok> maswan: How do I stet it up in 14.04? There is some documentation but they mention cgconfig.conf that seems no longer supporten
<coreycb> jamespage, I pushed a new nova again
<a_ok> maswan: I do seem to have a cgrulesengd but there isn't even an upstart or init script for it.
<maswan> a_ok: Dunno, we only ever use it through slurm and have it set them up, I think.
<jamespage> zul, coreycb: the nova dep-8 test failure is due to the eventlet bump required for b2
<jamespage> once we get b2 into the archive it should resolve.
<zul> jamespage:  ack
<coreycb> jamespage, that's good.  b2 == kilo-2?
<jamespage> zul, b1 uses eventlet.util which no longer exists
<jamespage> coreycb, yes
<jamespage> coreycb, whats the status in the juno stable update?
<jamespage> coreycb, that should prob be our focus - then we can complete kilo-2
<coreycb> jamespage, it's all uploaded so I guess I need to poke the sru team
<jamespage> coreycb, arges may be helpful :-)
<coreycb> jamespage, yeah :)
<arges> jamespage: yea i'm planning on looking at it today
<coreycb> arges, thanks
<arges> coreycb: should bug 1419117 be targeted against cinder instead of nova?
<arges> coreycb: and can you doublecheck my SRU justificationf or that bug
<coreycb> arges, well the fix is in python-eventlet but nova, neutron, and cinder need the updated eventlet so I've added those as affected also (if that makes sense)
<arges> coreycb: well as long as the uploads reference that bug correctly
<coreycb> arges, hmm, they may not
<coreycb> arges, looks like I need to reference the bug in cinder, nova, and neutron changelogs
<arges> coreycb: if it needs to be verified for all those packages then yes. But if the socket_timeout change only touches python-eventlet and cinder, then you might only need those two
<arges> coreycb: all in all, we just want to ensure this change doesn't regress and it fixes a testable bug
<coreycb> arges, Ok, updating the packages and will let you know when that's done (shortly)
<coreycb> description looks good, thanks for updating it
<arges> coreycb: ok let me know
<arges> zul: coreycb : so why were control files for packages updated with python-eventlet (>= 0.13.0-1ubuntu3.1~), specifically with the '~'. Is that to make it easier when you update the cloud archive?
<arges> since 0.13.0-1ubuntu3.1 will be in the utopic archive, seems like 0.13.0-1ubuntu3.1 would be sufficient
<arges> (>= version) that is
<coreycb> arges, yes exactly - cloud
<arges> coreycb: ok
<coreycb> it's for backporting to the cloud archive
<zul> coreycb/jamespage: Just about to do a test rebuild and will upload nova b2
<coreycb> zul, did james pick up my diffs?
<zul> coreycb:  afaik its oslo.db and eventlet fixes
<coreycb> zul, I can't find it, do you have a link?
<zul> nah
<zul> ill just park it after im done
<coreycb> zul, ok.  can you take a look when you have a moment?  http://pastebin.ubuntu.com/10176566/
<coreycb> arges, can you reject nova, neutron, and cinder and we'll upload the same version with updated changelog?
<arges> coreycb: sure
<arges> coreycb: ok done
<coreycb> arges, thanks
<coreycb> arges, neutron, nova, and cinder are uploaded now
<arges> coreycb: aye aye
<arges> coreycb: can you doublecheck the horizon upload... there is a _lot_ of code removed
<arges> coreycb: everything under xstatic is removed
<coreycb> arges, something went wrong
<coreycb> zul, ^
<coreycb> should have Diff: 107 lines (+24/-63) 3 files modified
<zul> arges:  can you reject that one then please
<arges> zul: will do
<arges> done
<farva_> so I recently aquired a machine that is far more powerful, and far beyond my scope of experience and I need to set a few things up that I do not understand
<farva_> first I need to make sure that I have 2 or my 3 drives raided to create 1 virtual drive, and I need my 3rd drive separate to use as my backup
<farva_> when working with OVH, do I install my OS first, or do I RAID my drives first?
<farva_> I am not sure how this works at all-I have never even setup a raid before
<lazyPower> Do we have PPC64el builds for MariaDB? according to our package matrix i'm not seeing it
<lazyPower> http://packages.ubuntu.com/search?keywords=mariadb&searchon=names&suite=utopic&section=all
<sarnold> lazyPower: yeah, packages.ubuntu.com is .. not always right
<sarnold> lazyPower: see this instead: https://launchpad.net/ubuntu/+source/mariadb-5.5
<arges> coreycb: ping me when you upload horizon. thanks
<bdx> beisner, coreycb: I am configuring charms for a multi-net OS deployment and have a few questions concerning network configs on neutron-api, quantum-gateway and nova-compute charms, would you mind if I ran a few things by you?
<coreycb> zul, can you let arges know when it's uploaded? thanks.
<arges> : ) should just ping both of you sorry
<arges> but yea that's the last piece of the puzzle
<coreycb> bdx, Hi, ask away, out network experts are EOD but we might be able to help
<coreycb> arges, np :)
<coreycb> arges, and thanks!
<bdx> My question is regarding the nova-compute configs bridge-interface, flat-interface, and bridge-ip.....could you.... or anyone really could elaborate on if flat-interface needs to have its own interface, and if bridge-ip needs to be unique per compute node, and in the same subnet?
<bdx> same subnet as other compute nodes bridge-ip
<coreycb> bdx, I'm not positive but I'd have to assume that you need 2 ports for flat-interface since it's defaulting to eth1
<coreycb> bdx, I'd assume the bridge ip should be different and same subnet, but again not positive.
<zul> coreycb:  yep
<bdx> Ok, that makes sense. It also has a default bridge-ip.....possibly this doesn't need to be unique between compute nodes because only local traffic is communicated here?
<bdx> But..NM ... that goes against the purpose of having a bridge.
<bdx> What you said makes sense..same subnet, unique ips.
<coreycb> bdx, I'd like to get your q's bounced off people who know what they're talking about though.  jamespage or gnuoy: when you are back, mind answering bdx?
<bdx> Great. Thank you.
<zul> coreycb/agres: re-uploaded
<farva_> I have been using Ubuntu 14.04 for the past 6 months, but have a chance to change my OS, does anyone suggest I move to 14.10, or even change it up and go with debian 8?
<pmatulis> farva_: what a question
<farva_> ikr xD
<farva_> I am a linux newb though, and so far what I gather is that I want LTS so ubuntu 14.04 is the way to go
<pmatulis> farva_: if you're a newbie then stick with an LTS for a few years.  then you'll be able to answer your above question
<farva_> I like that answer =]
<JanC> unless you really need 14.10 for some reason, 14.04 is better for a server
#ubuntu-server 2015-02-12
<jamespage> rbasak, morning - sage wants to discuss apache in 12.04 (and 14.04) with the proposed mod-proxy-fastcgi switch upstream in ceph tomorrow afternoon
<jamespage> are you around?
<lordievader> Good morning.
<koolhead17> sahara package is not available for ubuntu
<koolhead17> is it?
<koolhead17> http://docs.openstack.org/juno/install-guide/install/apt/content/sahara-install.html << As per the doc
<Kartagis> mkswap: /var/swap.img: warning: don't erase bootbits sectors on whole disk. Use -f to force. <--- should I be concerned?
<jamespage> rbasak, https://launchpad.net/ubuntu/+source/mysql-5.6/5.6.23-0ubuntu1
<jamespage> that's a big changelog entry :-)
<zul> jamespage:  did you have any changes for nova b2?
<jamespage> zul, nope - I rebased my power sync patch upstream
<rbasak> jamespage: :)
<rbasak> jamespage: it fails dep8 though. I still need to look at it.
<rbasak> (it passed locally :-/
<Kartagis> can you help me please?
<jamespage> zul, lets see if we can unstick proposed today
<zul> jamespage:  sure
<jamespage> zul, I think nova/eventlet is the primary cause
<zul> jamespage:  just uploaded a new nova
<jamespage> zul, I need something mindless todo so I'll work through some of the oslo. -> oslo- changes as well
<jamespage> at least in deps - not in core openstack packafges
<hallyn> smb: hey - have you looked in detail at the reply to "[libvirt] [PATCH/RFC] Add missing delta from Ubuntu to apparmor profiles" ?
<smb> hallyn, No, not yet. It was so long ago that I need to read up a lot. Which I thought of maybe doing next week when I finished up things I want to get done first
<coreycb> arges, just a reminder that horizon is uploaded for juno
<arges> coreycb: Thanks. I didn't check when I EODed yesterday
<hallyn> smb: ok thx
<arges> coreycb: ok done
<coreycb> arges, thanks!
<smoser> hallyn, around ?
<smoser> question on bug 1418221
<hallyn> smoser: here
<hallyn> i dont' care, you want me to add qemu-kvm link on ppc?
<smoser> it seems that a link of 'qemu-kvm' -> qemu-system-ppc64 would reportedly fix this.
<smoser> what do you think ?
<smoser> i wouldn't do it for ppc64 only. it would make sense for that link to point on all arch to "the default qemu"
<smoser> and apparently one such thing exists in fedora
<hallyn> ?
<hallyn> well qemu-kvm package exists on ppc64 and ppc64el,
<smoser> what does it do ?
<hallyn> ifneq ($(filter $(DEB_HOST_ARCH),ppc64 ppc64el powerpc),) install -D -m755 debian/kvm.powerpc debian/qemu-kvm/usr/bin/kvm
<hallyn> endif
<hallyn> what happens when you install qemu-kvm on ppc64el?
<hallyn> and who's the asshat who thought it should be ppc64le in some places and ppc64el in others
<smoser> dpkg arch is el. kernel arch is le.
<smoser> you have to blame debian for selection of that name for dpkg arch.
<arges> is it some kind of meta endian joke to have those different arch names?
<smoser> it is.
<arges> fun times
<smoser> "hey lets be funny by making pain for people!"
<zul> jamespage:  hey there shouldnt be a nova-compute.upstart.in anymore should there?
<arges> haha
<smoser> beisner, so how does qemu-system-ppc end up on a nova-compute node ?
<smoser> is that the nova-compute charm that installs it? it looks like maybe we might be able to just have it install qemu-kvm also.
<smoser> jamespage, ^ is that appropriate?
<beisner> smoser, i don't have the ppc64el compute node up atm, but will in a while.  then i can check into when/where it enters the picture.
<smoser> ok. thanks.
<jamespage> zul, there should be yes
<jamespage> conditional start on libvirt
<zul> jamespage:  ok just checking
<jamespage> smoser, I think its a dep from nova-compute-kvm
<jamespage> zul, ^^ - might be another change for you to include
<jamespage> but don't hold for it
<hallyn> smoser: ok if it turns out kvm is not being installed by qemu-kvm package pls let me know
<smoser> looks like the package nova-compute-kvm suggests qemu-kvm
<smoser> so it doesnt get installed by default
<smoser> hm..
<smoser> if we're going to continue to let libvirt depend on a symlink/shell-wrapper rather than more explicitknowledge of ppc64el, then we will need some way to ensure that users dont install libvirt and qemu-system-ppc64 without getting that link.
<beisner> smoser, fyi just kicked off ppc64 deploy;  will touch base soon.
<smoser> it really seems like just installing qemu-kvm will do it.
<smoser> so try that first (instead of symlink)
<beisner> ack
<jamespage> coreycb, zul: taskflow uploaded
<jamespage> 0.7.0
<jamespage> coreycb, zul: something in pypi has changed which means uscan and watch files are broken
<jamespage> its really annoying
<jamespage> zul, I see this as well
<jamespage> W: cinder source: virtual-package-depends-without-real-package-depends build-depends-indep: python-oslo-config
<jamespage> I thought the last fix I did for oslo-config should resolve that but apparently not
<zul> ergh
<mfisch> hey zul or jamespage whats the ETA on Juno.2 in UCA?
<jamespage> mfisch, we are working through it now
<jamespage> mfisch, probably all in by the end of next week
<mfisch> thanks
<jamespage> mfisch, quite a bit todo still
<jamespage> mir's and stuff will block mostly
<mfisch> we'll plan on moving to it when it lands
<med_> thanks jamespage
<mfisch> Openstack was forced to use mir also? ;)
<med_> sort of  but also sort of have a Get Out of Jail Free card
<med_> I guess if it brought in a dep that really needs to go NOT IN the UCA, that peice would have to be MIRed
<med_> not the space station, not the display, the MAIN INCLUSION REQUEST
 * mfisch was bringing up memories of being on the desktop side of things at Canonical
<jamespage> med_, mfisch - you guys wanted openstackclient in the UCA right?
<jamespage> its there now but under the same terms as universe
<mfisch> yep thats great
<mfisch> we're fine unsupported on it
<jamespage> we're about to annotate that archive in the same way as ubuntu as to what's supported by canonical and what's not
<jamespage> mfisch, good-oh
<mfisch> perfect
<med_> jamespage, many thanks!
<mfisch> what about labels for the repos?
<med_> Label: filterable in pinning
<med_> (in the Releases file)
<med_> hey jamespage trad511 has some OVS questions
<smoser> hallyn, having libvirt call kvm (or qemu-kvm) rather than appropriately named doesnt work.
<smoser> http://paste.ubuntu.com/10190884/
<smoser> due to apparmor denial
<trad511> jamespage: having a need in openstack ovs to set interface mtu, do l3 configs etc and wondering if the ubuntu /etc/network/interfaces ovs support is the "proper" way to do it.  also using puppet vswitch module through puppet-neutron
<rbasak> frediz, leitao: http://dep.debian.net/deps/dep8/
<rbasak> frediz, leitao: http://dep.debian.net/deps/dep3/
<rbasak> frediz: 1.4.0~rc1 < 1.4.0
<rbasak> s/-rc/~rc/
<hallyn> smoser: oh, interesting.
<hallyn> arges: ^
<arges> hallyn: whats interesting?
<hallyn> arges: the powerpc kvm script can't ever have worked bc of apparmor
<hallyn> well, not through libvirt
<arges> hallyn: yea i've usually modprobed manually
<hallyn> no, i mean /usr/bin/kvm (kvm.powerpc)
<hallyn> it calls awk which libvirt doesnt' allow qemu to do
<arges> hallyn: wierd. i swear libvirt on power8 was working for me last i tried it
<hallyn> trying to think whether we shoul dhave an apparmor sub-profile for kvm or not
<hallyn> arges: using libvirt?
<arges> hallyn: yea
<hallyn> so, we could update kvm.powerpc to use only shell-isms
<smoser> i dont even know if that is sufficient, hally.
<smoser> hallyn, i
<hallyn> or just add /bin/awk rmix, to the libvirt-qemu template
<smoser> i tried a while ago, and i think even the exec means loading a executable which wasnt in the profile that is crafted based on the xml.
<hallyn> smoser: that can't be, we do that now in /usr/binkvm
<smoser> oh?hm..
<hallyn> yeah the libvirt-qemu template grants exec permission to /usr/bin/qemu-system-ppc{,64}
<arges> hallyn: fwiw this is how I've been doing power8 kvm testing http://pastebin.ubuntu.com/10191161/
<smoser> sudo ln -sf qemu-system-ppc64 /usr/bin/qemu-system-ppc64le
<smoser> ^ that seems to me to maybe be the best thing at the moment.
<beisner> smoser, ok, we have a freshly deployed enviro up, ppc64el compute node w/ trusty hwe-u + kilo-proposed.
<beisner> qemu|libvirt|kvm  dpkg info to start:   http://paste.ubuntu.com/10191119/
<hallyn> arges: yes but uvt-kvm starts it as /usr/bin/qemu-system-$arch, not as /usr/bin/kvm
<arges> hallyn: then that makes sense why i wasn't hitting the issue
<smoser> beisner, oh fiddle.
<smoser> i forgot you had to use my ppa to get a 1.2.12
<smoser> as cloud archive is behind
<hallyn> smoser: so if you add /bin/uname rmix and /bin/cat rmix to /etc/apparmor.d/abstractions/libvirt-qemu, does that work?
<smoser> maybe. but i wouldnt htink you'd want to add cat.
<hallyn> why?
<hallyn> oh i meant awk
<smoser> i wouldnt want to addeither
<hallyn> feel free to update the scrip tinstead :)
<hallyn> mr sh
<smoser> i guess its nto that bad.
<smoser> i wouldn thtink youd want to add them as they're an attack vector
<hallyn> awk we could do with IFS< uname i don't know
<smoser> awk for sure can arbitrarily execute code
<smoser> would seem non-ideal from apparmor perspedtive, no ?
<beisner> smoser, shall i install these, should be pre-patch:  https://launchpad.net/ubuntu/+source/libvirt/1.2.12-0ubuntu2/+build/6955199
<hallyn> it'll remain confined
<smoser> right.
<thor77> any recommendations for a cheap hoster, where i can pay by bank transfer (from germany)?
<thor77> is there some offtopic-channel where i should ask this question?
<smoser> thor77, you mgiht get an answer, you might not. i dont know.
<thor77> Smark: k
<thor77> smoser: k
<smoser> vultr maybe , digital ocean, but i'm sure you cnsidered those.
<smoser> (i have no idea on bank payment from germany)
<smoser> beisner, well , those are built for vivid.
<beisner> sure enough!
<smoser> so they're not going to be nice. the value of my ppa was in gettin getting the cloud-archive backport for trusty.
<beisner> and kilo-staging in ca has 1.2.12-0ubuntu3 - which has the patch we want to not-try, correct?
<thor77> smoser: both doesnt provide pay by bank transfer :(
<smoser> beisner, well, that and it doesn't (staging) build ppc64el
<smoser> so thats not helpful :)
<beisner> oh fiddle indeed then.
<smoser> beisner, i'll build some.
<beisner> smoser, ok thanks - just holler.  will leave that deployment untouched.
<beisner> almost too many cpus for my screen.  http://i.imgur.com/LHeOa3u.png
<smoser> hallyn, http://paste.ubuntu.com/10191769/
<smoser> that is pure shell, but ditches the uname -m usage. which id ont thikn you want.
<Odd_Bloke> beisner: My favourite part of that is the swap; that'll make all the difference. ;)
<smoser> beisner, ok. so there are some debs in ~smoser/libvirt-builds on lescina
<hallyn> smoser: what does /proc/cpuinfo look like o npower?
<hallyn> eh, i won't second-guess you :)
<smoser> http://paste.ubuntu.com/10191988/
<smoser> oh. and hm..
<smoser> that is possibly something you dont want to parse with shell rpeatedly
<smoser> oh. but not so bad.
<smoser> as we get out early.
<smoser> but the uname stuff is lost.
<smoser> you were making decision based on kernel uname, an i dont know a good way to do that without using uname
<ewook> Gawd... So bored!
<hallyn> smoser: ok, i'm going to switch to yours then, thx
<smoser> what about uname thoug h?
<smoser> oops. and need trilaing ';' on that last case line
<hallyn> I see a trailing ;
<hallyn> smoser: well, i'm not sure 'uname -m' was the right thing ot use anyway
<hallyn> i.e. run uname -m under 'i386'
<smoser> it really should have 2 ';';
<smoser> er.. 2: ;;
<hallyn> oh
<smoser> for case
<hallyn> arges: http://paste.ubuntu.com/10191769/  does that look ok to you?
<hallyn> arges: btw, i've been assuming you came up with th eoriginal kvm.powerpc.  maybe i'm wrong? did infinity do it?
<arges> hallyn: i didn't do it
<hallyn> sorry then :)
<hallyn> mwhudson: \o
<arges> hallyn: so why would -ppc be the default instead of -ppc64?
<arges> seems like ppc64 hardware is the most common
<hallyn> dnno, for safety?
<arges> i guess ppc can be run on 64-bit kernel..
 * hallyn hops over to ubuntu-devel
<arges> hallyn: i guess i would have been lazy and just relied on grep instead of doing the read line loop
<hallyn> arges: grep not allowed by apparmor
<hallyn> but anyway smoser doesn't whimp out on leg day :)
<arges> hallyn: hmm... i might need to modify my virt-detection script then
<hallyn> isn't that only for the init script?
<hallyn> that doesn't run under apparmor
<arges> ah ok
<smoser> i dont know about qemu-systme-ppc being default. i
<smoser> i'd be fine to have ppc64 the default. unless theres some obvious system thing. that says otherwise.
<smoser> i really have no idea what that would be
<smoser> hallyn, what would you think about a symlink qemu-system-ppc64le to qemu-system-ppc64
<hallyn> smoser i've got some other things to push so for now gihtub.com/hallyn/qemu #ubuntu-dev has your current script.  we can update it there (i'll rebase later) as we ahve better ideas
<hallyn> smoser: i have no idea
<smoser> that would also fix our problem
<hallyn> seems fine
<hallyn> will there ever be a separate binary?
<smoser> it doens't seem like the direction
<smoser> ie, i dont knwo why there'd be a different binary
<smoser> when they're emulating the same system.
<smoser> ie, there really isnt a "ppc64el" hardware, and qemu is a hardware emulator
<hallyn> ok, i'll add the link
<smoser> hallyn, just to be clear, the link would be qemu-system-ppc64le -> qemu-system-ppc64
<smoser> "le" not "el"
<smoser> so we dont fall victim to that funny joke.
<hallyn> smoser: I added "usr/bin/qemu-system-ppc usr/bin/qemu-system-ppc64le" to qemu-system-ppc.links
<smoser> wait. thats wrong.
<hallyn> oh?
<smoser> $ ls -l /usr/bin/qemu-system-ppc64le
<smoser> lrwxrwxrwx 1 root root 17 Feb 12 19:00 /usr/bin/qemu-system-ppc64le -> qemu-system-ppc64
<hallyn> bc that should be 64?
<smoser> thats what we want.
<hallyn> s oi'm not sure if i ca nhave the .links entry just be "qemu-system-ppc64 usr/bin/qemu-system-ppc64le" or if the first should be prepended by usr/bin anyway
<hallyn> but i'll do a test build
<hallyn> after i add arges' other fix for 1414153
<beisner> Odd_Bloke, you'd be surprised.  I actually made it go swappy with 250-some instances fired up.
<Odd_Bloke> beisner: :D
<smoser> hallyn, did you drop my hack patch in your upload ?
<hallyn> smoser: which upload?
<hallyn> oh, no,  i'm still test-building.  should i drop it?
<hallyn> em
<hallyn> oh that's libvirt
<hallyn> no it's still in there.  so do yo uwnat me to do another upload droppin ghtat?
<smoser> hallyn, yeah, get rid of that patch. i never really intended for it to be included.
<hallyn> ok
<hallyn> sorry :)
<hallyn> the symlink should fix it?
<hallyn> smoser: look ok?  lrwxrwxrwx 1 ubuntu ubuntu      17 Feb 12 21:32 qemu-system-ppc64le -> qemu-system-ppc64
<smoser> looks good, hallyn
<nch_> hello, do you know any solution for setting up a dns name based ftp reverse proxy?
<sarnold> nch_: dns protocol doesn't include any server names, that's why there's no name-based ftp virtual hosting like you see with http
<nch_> sarnold: so it is impossible? :(
<sarnold> nch_: I've never seen it any done before..
<sarnold> nch_: ftp is a terrible protocol anyway; what are you trying to accomplish? there's probably something better out there anyhow
<nch_> sarnold: IÂ´m using pfsense for securing my internal environment and I have two webservers (one linux and one windows), and on both my customers can upload their content with ftp, so I want a reverse proxy for different internal ftp targets with one public ip, like a reverse http proxy
<sarnold> nch_: sftp over ssh ought ot let you get much the same thing done without using multiple IPs
#ubuntu-server 2015-02-13
<cluelessperson> I'm having an issue, ubuntu server is loading up to a blinking cursor suddenly for no reason
<cluelessperson> after gru
<cluelessperson> grub
<cluelessperson> hey guys, my server crashed and I need to retrieve the most recent mysql database
<cluelessperson> Can someone help me get this using my already running, right now, USB desktop LiveCD?
<sarnold> cluelessperson: I think it lives in /var/lib/mysql/
<cluelessperson> sarnold:   Welp, a user from ubuntu just helped me revive a dead hard drive long enough to grab them, yay
<cluelessperson> a month's worth of production data, saved
<sarnold> cluelessperson: nice! :)
<cluelessperson> God I can't wait until they set me up proper machinery lol
<cluelessperson> I'm using a shitty workstation in my cubicle as a server.
<cluelessperson> I have two departments complaining that the automation tools I wrote them aren't working
<cluelessperson> lol
<Patrickdk> oh, I just finished a harddrive recovery last week :)
<Patrickdk> I started it in september
<Patrickdk> using ddrescue
<Patrickdk> it hit a high of 400k read sectors marked as bad
<Patrickdk> managed to get that down to 11k
<Patrickdk> but it took 4 months to do that first pass :(
<acmehandle> Anyone here who may be able to help me trouble shoot a 405 post method not allowed error?
<Sling> acmehandle: sure, what httpd ?
<Sling> also how are you getting this error
<acmehandle> I'm running nginx, reverse proxying to django
<acmehandle> I'm experimenting with this example:  https://stripe.com/docs/tutorials/forms#
<acmehandle> but I'm trying a very simple form.
<Sling> acmehandle: what does the nginx error log say exactly?
<acmehandle> looking now
<acmehandle> Sling:  Unfortunately the nginx error log doesnt say much at all
<acmehandle> I'll give you the exact info in just one more momet
<acmehandle> moment
<Sling> it could be that the django backend is producing the error, but always worth checking the httpd logs first
<acmehandle> Indeed django says Method Not Allowed (POST).
<Sling> acmehandle: looks like this could be useful: https://docs.djangoproject.com/en/1.7/topics/http/decorators/
<Sling> but for more details, it's best to ask in #django
<Sling> since it has its own model/logic which I'm not 100% familiar with :)
<rbasak> frediz: around?
<frediz> rbasak: Hi Robie
<rbasak> frediz: hello! I just emailed.
<coreycb> zul, can you review?  https://code.launchpad.net/~corey.bryant/ceilometer/2014.2.2/+merge/249657
<coreycb> juno update
<frediz> rbasak: oh ok, checking
<zul> coreycb:  can you open up a bug about it and add the bug number
<coreycb> zul, yes
<zul> thanks
<coreycb> zul, bug added
<zul> coreycb:  coolio
<caribou> rbasak: it took a while but I just documented the --backing-image-file
<caribou> rbasak: https://code.launchpad.net/~louis-bouchard/ubuntu/vivid/uvtool/uvtool-lp1317266-doc-backing-img-file/+merge/249667
<rbasak> caribou: thanks!
<caribou> rbasak: well, I made a bunch of manpage editing for my own project & it reminded me of this one
<jsmith-argotec> any around with good pacemaker troubleshooting skills? Still getting "attrd: [5952]: ERROR: main: HA Signon failed" and cannot re-join cluster
<thor77> can someone give me an upstart-script to cd into a directory and then execute some command there that should run until "stop .." is run?
<sarnold> thor77: hope this helps http://upstart.ubuntu.com/cookbook/
<thor77> sarnold: no, it does not. http://paste.ubuntu.com/10208860/ i think this should work, but it does not. i run "start lutim" and i see... nothing, until i press strg+c, "status lutim" then says: "lutim start/killed, process 30067" can't find any log files in /var/log/upstart
<thor77> maybe it could work writing this into a bash-file and execute it with "exec /path/to/bash-file"?
<sarnold> thor77: what's 'carton'? is it in the path? try adding explicit full paths..
<thor77> which carton -> /usr/bin/carton, inserted it into the conf -> still doesnt work
<thor77> it would be very helpful to see the error somewhere
<sarnold> thor77: check /var/log/upstart/, there might be logs there
<thor77> sarnold: no
<thor77> there are no logs
<mbffff> hello! I am running Ubuntu 14.04 LTS 64bit server and Samba 4 is causing 100% cpu usage. Anyone else having a similar problem or ideas on how to troubleshoot?
<pmatulis> mbffff: bind strace to the smbd process?
<mbffff> hmmmm
<mbffff> ?
<mbffff> what command should I run
<mbffff> sorry, I only pretend to know everything...
<pmatulis> mbffff: try 'sudo strace -f -p $(pgrep smbd)'
<mbffff> alright gimmie 1 second, I am testing if the issue is isolated to one client.
<mbffff> should I pastebin the results?
<pmatulis> mbffff: i don't have time to analyze.  just trying to get you started
<mbffff> ok
<jsmith-argotec> I would the 2 minute version of how to decipher something meaningful from a strace too ;-)
<jsmith-argotec> *would love
<mbff> Ok, I found this error log http://pastebin.com/WR0iAFA5
<mbff> I can't figure out what the actual error is here
<pmatulis> mbffff: does problem reoccur if you restart?
<mbff> yes, I think I am good though
<mbff> I got help from #samba
<bekks> How did you solve that issue?
<jrwren> mbff: I've experienced the same thing. How did you solve?
<mbff> errr I am working on installing samba via sernet
<cluelessperson> I'm trying to reinstall ubuntu server, and the install gui tells me it cannot detect the hard drive
<cluelessperson> Does anyone know why?  It didn't do this yesterday.
<cluelessperson> bios looks like it says "no IDE fixed disk present" weird
<bekks> cluelessperson: So its a hardware issue.
<cluelessperson> bekks: may be
<bekks> cluelessperson: Obviously. You BIOS doesnt detect the drive.
<cluelessperson> bekks: It boots fine though.
<cluelessperson> into ubuntu server
<cluelessperson> bekks:   Lol.  I think dust got in the hard drive sata connection.  I replugged it several times, now it shows up
<cluelessperson> I'm having SO many headaches , I have the worst luck
<cluelessperson> sorry for being whiny
<rberg_> Hi anybody here have uefi pxe boot working? I switched to use syslinux.efi (64bit) and get the looping error "core_udp_sendto: stalling on configure with no mapping" looking t the source a comment above says this "Try to configure this UDP socket"
#ubuntu-server 2015-02-14
<halvors> Hi! I'm having issues with MYSQL.
<halvors> It's really slow, so i thought i would turn on the slow query log :)
<halvors> But when i uncomment the following lines in my.cnf, it just hangs when starting the mysql server.
<halvors> Also freezes.
<halvors> log_slow_queries        = /var/log/mysql/mysql-slow.log
<halvors> long_query_time         = 1
<hadifarnoud> is there a tool to clone my production server into a vagrant box?
<hadifarnoud> my phpinfo shows I have no PDO driver. how can I add them without installing mysql? I got nginx php-fpm
<ikonia> hadifarnoud: no need the mysql client
<ikonia> otherwise there is nothing to link against for the pdo access
<hadifarnoud> ikonia: sudo apt-get install php5-mysql ?
<ikonia> hadifarnoud: that will be the module
<ikonia> that should also depend on the mysql client/libs
<hadifarnoud> that's all I want ikonia. no need for mysql server.
<hadifarnoud> mysql client libs are fine
<samba35> i have setup pci-passthrought with kvm on ubuntu 14.04 ,i am some trouble with configure all nic with pci-passthrogth ,i am only able to add 1 interface (pci-e x1) but other intel interface (pci) not able to do passthrought
<samba35> do nic has to be passthroguth capable ?
<wiehan> I want to copy a large amount of files directly to my server's home directory (*no into another folder and then move it*). How would I do this safely without messing up permissions permanently
<Walex> wiehan: depends.
<wiehan> Walex, maybe I should just to it differently but what would be the best way of creating a writable share on my ubuntu-server
<Walex> wiehan: that "writable share" is a bit of a generic thing. You goal depends on what is the source and what is the destination and what method of communication you can setup between the two.
<wiehan> Walex the source is a hard drive in my desktop which I have tons of multimedia files which I want to send to the ubuntu-server for example with samba, as I selected to already install that on the setup of the server
<Walex> wiehan: one possible arrangement that can be descrbied vaguely as "writable share" is to setup NFS on the server exporting the destination directory, provide uid/gid mappings, and then mount the exported direcrtory on the client and copy with 'cp -a'
<Walex> wiehan: is the source an NTFS filesystem or a POSIX-style one? Is it on a MS-Windows system or a UNIX-like one? Can you login by SSH or FTP into the Ubuntu server? Do you need to do uid/gid mapping or only preserver "other"-style permissions?
<wiehan> Walex it is a drive from a linux server
<Walex> wiehan: copying "stuff" is easy, but your requirement is "without messing up permissions permanently" which implies preserving permissions and ownerships.
<Walex> wiehan: then perhaps the easiest way if you can SSH between source and destination is to use 'rsync -e ssh -i -axHOAX ...'
<Walex> wiehan: then perhaps the easiest way if you can SSH between source and destination is to use 'rsync -e ssh -i -axHOAX --numeric-ids ...'
<wiehan> Walex ty
<Walex> wiehan: you don't need the last two "AX" options unless you use SELinux or something that needs extended attributes.
<Walex> wiehan: you don't need the last two "AX" options unless you use SELinux or something that needs extended attributes or ACLs.
<zartoosh> HI I am using ubuntu 14.01.  I do not understand the output of this command: dkg --print-foreign-architectures: i386     Thanks
<Sling> zartoosh: you mean 14.10 and dpkg? :)
<Sling> it helps to be precise when asking questions ;)
<Sling> what do you expect to get from the command, and could you pastebin its output?
<zartoosh> Sling,  we are using 14.04. Our system is 64 bit, so I do not understand why it says i386 which is 32 bit? thanks
<Sling> zartoosh: https://help.ubuntu.com/community/MultiArch
<Sling> its so your 64-bit OS can handle 32-bit binaries
<zartoosh> Sling, thanks, one more question what the option "print-foreign-architecture" means?
<zartoosh> Sling, never mind, the answer  is in the same page you pointed out. Thank you.
<cluelessperson> Hey guys, I was wondering if anyone had a simple suggestion for complete HDD backup/image, maybe as a cron job?
<cluelessperson> IMAGE > datetime-name.img   in a cron job or something?
<JanC> cluelessperson: you would have to do that while nothing is changing your HDD/image, of course (i.e. with the filesystems unmounted)
<JanC> unless you have a layer below the block device that can handle this
<cluelessperson> JanC: hrm. :/
<bekks> Or use LVM and snapshots.
<cluelessperson> I'm trying to logout of ubuntu-server.  I get "There are stopped jobs"
<cluelessperson> jobs -l   shows   stopped  less /etc/passwd
<cluelessperson> What am I supposed to do about this?
<JanC> bekks: "LVM" is one example of "a layer below the block device", of course  :)
<bekks> Nope. It is a layer above the block devices, since it uses block devices as storage backends :)
<JanC> it's a layer between block devices (but below the one cluelessperson tried to backup)
<JanC> but I'm sure you are aware of that
#ubuntu-server 2015-02-15
<Patrickdk> zfs zvol snapshot :)
<wiehan> how do I let my ubuntu server 14.04 log in automatically?
<lordievader> Good morning.
<bibi-23> what happens if I disable root login for ssh on a remote server and I don't have any other user? Will the server be "lost"?
<bekks> bibi-23: By default, the root login is disabled on Ubuntu. And if you dont have any other user, yes, you will be unable to log in again.
<acmehandle> can someone suggest a backup software methodology?
<acmehandle> backing up a few directories
<lordievader> acmehandle: I like dirvish.
<lordievader> acmehandle: http://wiki.edseek.com/howto:dirvish
<Kartagis> why would I get No space left on device even though df -h reports 128gb free?
<andol> Kartagis: Inodes?
<Kartagis> andol: you want me to paste inodes output?
<ikonia> Kartagis: what file system / mount point is giving you "no space" warnings ?
<Kartagis> ikonia: ext4 and /
<ikonia> Kartagis: so do "df -h" and pastebin the ouput for me please
<ikonia> also please put the output of the command "mount" into the pastebin please
<Kartagis> ikonia: http://paste.ubuntu.com/10239631/ df -h http://paste.ubuntu.com/10239642/ mount
<Kartagis> ikonia: sorry I had already hit enter before your 2nd statement
<ikonia> Kartagis: what is ploop
<ikonia> that looks like a loop back device
<Kartagis> ikonia: VPS
<ikonia> I suggest talking to your VPS provider then
<Kartagis> hrm
<Kartagis> okay
<ikonia> it looks like the loopback device is over quota
<ikonia> Kartagis: I assume "sudo touch /test" will give you a "no space on device" error ?
<Kartagis> ikonia: not now, because I deleted some unnecessary stuff. I'll be sure to talk to the provider if it happens again, thanks
<rsully> I've tried 2 different USB sticks but disk verification has failed for both for efi.img
<Kartagis> what do I want to install for e-mail on service stop? nagios?
<ikonia> depends what / how you want to monitor
<Kartagis> I want it to e-mail me in case any service dies
<ikonia> "any" service ?
<ikonia> depends how many services you a looking to do, and your real needs
<Kartagis> mainly httpd or mysql
<ikonia> nagios is quite a large setup for something simple
 * Kartagis narrows it down to 2
<ikonia> is this for hosting a website by any chance ?
<Kartagis> yes, I provide hosting on my VPS
<ikonia> so a more logical step would be to check the website it up from an external source
<ikonia> that way if it's up - you don't care
<ikonia> if it's down  you can login and check whats up
<ikonia> otherwise it will get more complex
<ikonia> just get a page that does a "hello world" type page that queries the database"
<ikonia> constantly curl it
<ikonia> if you get a 404  (for example) alert you from the external host
<Kartagis> makes sense
<ExeciN> I am trying to download php 5.2.17 using phpbrew but it doesn't work https://gist.github.com/anonymous/2657c2db18cdd1484287 what am I doing wrong?
<ikonia> using php 5.2.17 using phpbrew - thats what you're doing wrong
<ExeciN> how can I install 2 versions of php and switch between them?
<ikonia> you don't
<ikonia> you use the ubuntu provided versions
<kujim> Hey guys, my built-in laptop does not work on skype after the installation. Any ideas why ? It works perfect fine on cheese
<kujim> anyone came across this issue before ?
<pmatulis> what is a "built-in laptop"?  this channel is about ubuntu server.  skype?
#ubuntu-server 2016-02-15
<picoleau> hi
<damascene> Hi, I'm trying to connect using virt-view to my kvm machine but it says "waiting for display 1" could you please help me to connect?
<lordievader> Is it allowed to connect to the vnc(?) server (over ssh)?
<damascene> lordievader, by who?
<damascene> how to enable that?
<lordievader> What virt-view does is ssh over to the kvm host and from there opens a connection to the vnc (or spice) server.
<lordievader> A firewall might easily disallow those connections.
<damascene> virt-viewer --connect qemu+ssh://user@192.168.1.10/system OVM2
<damascene> I think there is no firewall issue as when I change the name of the machine to a wrong name it says there is no machine
<lordievader> Does the firewall on the kvm host allow connections from localhost to 5900 (or whatever port the vm uses)?
<damascene> I'll check that
<damascene> I'm connecting from internal network
<damascene> so there is no connection problem
<lordievader> The loopback interface has nothing to do with the internal network.
<damascene> so I should just check if the port 5900 is open and nothing block in.
<damascene> ok
<lordievader> First check what port the vm is actually using.
<lordievader> Also, do you have the same problem with the virt-manager?
<damascene> I can run virt-manager on the server but not through ssh -X
<damascene> it does not forward it, and it gives no error
<damascene> lordievader, I opened the port in the firewall but that did not change things. I had the port shown as filtered before and after putting 5900 in the allowed ports
<damascene> however I noticed there is no password set in the vnc tab so I set a short one. it says the ip 127.0.0.1 the port 5900
<damascene> should I change vnc to spice?
<lordievader> You can run virt-manager on clients too.
<lordievader> Nah, vnc should work. You could try setting the vnc to the 192.168 address and connect with a regular vnc client.
<RoyK> hi all. trying to enable the watchdog on a raspberry pi2 here, I get this http://paste.debian.net/388577/
<RoyK> it works if I systemctl start wd_keepalive, but it'd be rather nice if it started automatically as well :P
<RoyK> #wrongchannel
<BlackDex> Hello there. I have setup a bonding setup with 2 seperate bonding interfaces which are both on different vlans. When i add an IP sometimes i can't ping the gateway of the subnet in that vlan. If i do a tcpdump, i see that the ping goes via the loopback instead of the correct virtual-interface (or physical interface for that matter). Have posted this same question on the ubuntu-forums also with some more details: http://ubuntuforums.org/showthread.php
<ertyu> hi there
<ertyu> questioN ?
<ertyu> when you got a service is down on a server suddently how to identify why ?
<BlackDex> ertyu: Check the logs
<phpcoder> hello
<phpcoder> is good to install 15.10 for a server?
<phpcoder> or is too new?
<RoyK> phpcoder: you can, but I'd recommend using LTS for servers, meaning 14.04
<phpcoder> RoyK, i thought the same
<phpcoder> but it has a very old packages
<RoyK> and then upgrade til 15.04.1 whenever that happens, probably late 2016
<phpcoder> like mysql 5.5
<phpcoder> :(
<RoyK> phpcoder: well, if you really need newer stuff, then why not
<RoyK> 16.04 will be released april 21, so not a long way off
<phpcoder> ok
<phpcoder> thanks!|
<spm_draget> I am installing remindmine from 14.04 on ubuntu. Passenger is used to access the ruby ab, but the app wants to install dependencies using bundler:  http://dpaste.com/0KHG1SR
<spm_draget> I assume installing stuff via bundler/gem is not a good idea if I want to keep the system clean
<sdeziel> spm_draget: I couldn't find a way to avoid pulling gems. Here is my install guide for Redmine on 14.04: https://sdeziel.info/redmine/index.html
<spm_draget> Couldn't it be possible that some gem is installed that also ubuntu tries to install via apt and results in conflicts?
<sdeziel> spm_draget: yes, conflicts are possible. In those cases, the gem versions will take precedence because they are installed in /usr/local/bin
<spm_draget> Well, it will not really be a conflictâ¦ but the version installed by apt will be simply ignored because the other one takes predesence
<leitao_> rharper, jgrimm: How should I proceed to upload debian/ppc64el images to images.linuxcontainers.org ?
<rbasak> stgraber: ^
<stgraber> leitao_: we just got ppc64el hardware again a couple weeks ago and will be adding this back into Jenkins once I have some time, likely after feature freeze
<stgraber> leitao_: note that the official Ubuntu images can be downloaded using lxd-images if using LXD or by using the ubuntu-cloud template if using LXC, those images do include a ppc64el build today
<leitao_> stgraber, good. I thought I should upload it manually. Thanks!
<stgraber> oh, crap, you said Debian, sorry
<stgraber> right, so yeah, no ppc64el Debian images today, hopefully we'll have enough CPU time on the ppc64el builder to build those too
<stgraber> though the builder being sponsored by Canonical, Ubuntu is obviously the top priority, so we may only build those weekly or something
<rbasak> stgraber: can you tell me how to tell lxd to use an http proxy to hit image.linuxcontainers.org please? I'm failing to find any docs on this.
<rbasak> http://ubuntuforums.org/archive/index.php/t-2308622.html is the best I can do and has no answer.
<leitao_> stgraber, right. Is there another way to push the images to images.linuxcontainers.org?
<stgraber> rbasak: just have http_proxy and https_proxy set in your envionrment
<stgraber> leitao_: no
<rbasak> stgraber: ah.
<rbasak> stgraber: it is set, but error: Get https://images.linuxcontainers.org:8443/1.0: Forbidden
<rbasak> I guess that's my proxy config.
<stgraber> rbasak: hmm, that'd be my guess, yeah, images.linuxcontainers.org is a static apache server so I don't think it even can return Forbidden :)
<rbasak> lxc remote add images images.linuxcontainers.org:443 worked.
<rbasak> I guess it listens on that standard port number too?
<rbasak> lxc image list images: seems to work too.
<stgraber> it does, yeah, apache is bound to both ports
<stgraber> I guess your proxy doesn't allow CONNECT to non-443 ports
<rbasak> stgraber: next, "lxc image list images:" shows me the jessie amd64 image I want to start, but lists no alias. So the only identifier it has is a fingerprint. But if I try "lxc launch images:860e3f4bfab7 jessie-test" then after a long delay I get "error: image doesn't exist". Is this supposed to work, and if not, how do I map a listed image to the launch command?
<rbasak> Sorry to bug you - if there are docs I should be using instead, then I'd be happy to read them but can't find anything.
<spm_draget> 'bundler' on 14.04 wants to pull gcc, ruby-dev and all sorts of things. Is this intended/needed?
<stgraber> rbasak: let me check, there sure should be an alias for it
<Odd_Bloke> spm_draget: I guess a 'bundle install' could pull in gems that require gcc and ruby-dev to build.
<stgraber> | debian/jessie/amd64 (1 more)   | ddfb4f30c17c | yes    | Debian jessie (amd64)   | x86_64  | 96.89MB  | Feb 14, 2016 at 7:32pm (EST)  |
<stgraber> rbasak: ^
<stgraber> rbasak: so lxc launch images:debian/jessie/amd64 jessie
<rbasak> stgraber: ah. http://paste.ubuntu.com/15078417/ is what I saw
<stgraber> rbasak: I'd have to check why starting from the short hash failed, my guess is that since the server isn't an actual LXD daemon, it's only got the fake fs tree setup for the full hash, not the partial one
<stgraber> rbasak: right, see line 7
<rbasak> stgraber: because of the really long output, I only noticed line 108, and wanted to launch that one.
<stgraber> ah yeah
<stgraber> we had folks who wanted access to the previous builds which we still have on the server (we keep 3) so we're exporting those two without aliases
<stgraber> then since most folks pipe the list to | less because it's so long, we made it so that all images with aliases show up first
<rbasak> I see. So I should be able to use the fingerprint like that, except there's a problem on the server which means it doesn't work?
<rbasak> "lxc launch images:debian/jessie/amd64 jessie-test" is hanging too.
<rbasak> I wonder if there's a different issue and I'll be told this image doesn't either in a moment.
<rbasak> Yup
<rbasak> "error: image doesn't exist
<rbasak> "
<rbasak> I wonder if that's proxy related.
<stgraber> let me try here
<stgraber> stgraber@dakara:~/data/code/lxc/lxd (stgraber/master)$ lxc init images:debian/jessie/amd64 jessie
<stgraber> Creating jessie
<stgraber> Retrieving image: 100%
<stgraber> rbasak: ^ so yeah, I'd blame your proxy :)
<stgraber> stgraber@dakara:~/data/code/lxc/lxd (stgraber/master)$ lxc init images:187f36b41c02 jssie1
<stgraber> Creating jssie1
<stgraber> Retrieving image: 100%
<stgraber> rbasak: also, note that the actual download is performed by the LXD daemon, so you must have http_proxy and https_proxy set in the daemon's environment too
<rbasak> stgraber: that's probably it.
<rbasak> Is there a standard way of doing that?
<stgraber> rbasak: I have no idea whether systemd respects /etc/environment, if it did, that'd be the easiest way. Otherwise, well, you'd have to write a unit override in /etc/systemd/system or something and then use whatever the environment stanza is in systemd (sorry, on a trusty system right now, can't check here)
 * rbasak tries
<Razva> does Ubuntu Server has any netinstall, like CentOS, so I can boot the machine from a virtual ISO then continue install from the net?
<bearface_> http://cdimage.ubuntu.com/netboot/14.04/
<maswan> Razva: Sure, just pxeboot the alternate installer - http://ftp.acc.umu.se/ubuntu/dists/xenial/main/installer-amd64/current/images/netboot/
<RoyK> Razva: ubuntu server installs most things over the net except the initial install
<patdk-lap> it can do the initial install over the net also, using the net iso/pxe/...
<igneus> hey, was wondering if someone would mind helping me with my new ubuntu server 14.04, having issues with picking up the NIC
<igneus> got a copy of the interfaces file and ifconfig here http://pastebin.com/QFuQ3H90
<tomreyn> igneus: ifup eth0 says what?
<igneus> let me check
<tomreyn> also look at dmesg -T | less, type (upper case) G to go to the end and look for relevant entries there, scrolling up as needed.
<igneus> ifup: interface eth0 already configured
<igneus> I'll check the dmesg now as well
<tomreyn> igneus: also try "service networking restart" (note this may disconnect you in case you are currently using this computer to chat here)
<igneus> yeah, I've tried "/etc/init.d/networking restart" which I believe is the same (correct me if I'm wrong), but I'll try it again
<tarpman> tomreyn, igneus: http://askubuntu.com/a/442333
<tomreyn> igneus: it's not the same for sure but may provide the same effect
<igneus> @tomreyn, I see, well "service networking restart" stated it failed to stop the job, and when it tried to start it, obviously it stated it was already running
<igneus> @tarpman, I'll give that a go
<igneus> well, "sudo ifdown eth0 && sudo ifup eth0" reported no such process and failed to bring up eth0
<tarpman> igneus: might be trying to delete a route (to the configured gateway) that doesn't exist. is there actually such a route right now? if not, commenting out the gateway line might get it through ifdown
<tarpman> igneus: that's a wild guess though.
<igneus> I see, well if I understand your question, when I "ping 192.168.1.1" it reports no known network, I'll give a go commenting out the gateway line, got nothing to lose lol
<tarpman> I don't think you understood my question.
<tarpman> you want to read the output of 'route' or maybe 'ip route'
<igneus> yeah, definitely did not understand that lol
<igneus> let's give those a roll
#ubuntu-server 2016-02-16
<igneus> updated the pastebin with the results (at the top) http://pastebin.com/QFuQ3H90
<igneus> though, I ran the same commands on my working Ubuntu-Mate VM (on this machine) and notice the server is missing some information, though I don't know the importance of it
<tarpman> i'm right, there is no route via 192.168.1.1
<igneus> sweet! .... what do we do about it? lol
<tarpman> like I said, comment out the gateway while you take down the interface
<tarpman> it can't delete a route that doesn't exist - that's the 'no such process' you got
<igneus> ok, so comment out the gateway line, then run "sudo ifdown eth0"?
<tarpman> yeah, then assuming that works, restore it before ifup
<igneus> gotch ya, here's hoping!
<igneus> ok, running ifdown with gateway commented out worked (I suppose) because it did not state anything, however, running ifup after removing the comment on gateway reported network unreachable
<igneus> so, using the interface dhcp setup plus the line "post-up route add default via 192.168.1.1 dev eth0" that allows it to almost get up, I can now ping the gateway, but cannot ping the server from another device
<tarpman> if it reported "network unreachable", it probably had a good reason for doing so ...
<igneus> so route now contains the gateway, but it also contains a record for "192.68.1.0" and "192.168.1.0", not sure where that false record/route is coming from
<tarpman> 192.68. sounds like a typo somewhere
<igneus> that's what I thought, but I do not see one in my interfaces file
<tarpman> 192.168.1.0 - traffic to things on the same subnet is direct, no gateway involved
<igneus> know of another place I might need to check out?
<tarpman> cruft left over from previous attempts?  did you ever try just rebooting with a sane interfaces file in place? ("sane" - none of this "post-up route" stuff :P)
<igneus> yes, I did
<igneus> I tried with a basic dhcp setup and the basic static setup from the pastebin
<igneus> I am considering too, given the time looking into this, of trying to just reload the ubuntu-server onto the HDD
<igneus> it's a fresh install, that was working, and when I moved the server, it decided to not want to work
<cpaelzer> good morning
<Razva> it seems that my LAN servers cannot detect MAAS DHCP. any ideas of how to debug this?
<Razva> dhcpd     6631  0.0  0.0  32916 13324 ?        Ss   13:04   0:00 dhcpd -user dhcpd -group dhcpd -f -q -4 -pf /run/maas/dhcp/dhcpd.pid -cf /var/lib/maas/dhcpd.conf -lf /var/lib/maas/dhcp/dhcpd.leases eno2
<Razva> eno2 being the LAN nic
<rbasak> stgraber: lxd seems to ignore http_proxy and https_proxy. I can't get it to hit the proxy server instead of going direct when launching an image.
<rbasak> http://paste.ubuntu.com/15090404/
<zants> hi
<Razva> is there any way for me to see what commands is executing a user via bash, real-time?
<BlackDex> Razva: `ps fauxww | less` but not that realtime
<stgraber> rbasak: hmm, I remember seeing code that was handling this, could be that it's not covering all code paths...
<med_> jamespage, what OVS version and kernel are you running in the OIL lab? We're having packet loss issues.
<med_> s/you/Ubuntu & Canonical/
<jamespage> med_, probably the same as you
<jamespage> med_, which ovs release are you on?
<jamespage> os release rather
<med_> trusty
<med_> +UCA
<jamespage> which pocket?
<med_> liberty testin (kilo in prod)
<med_> we've been using -proposed for this testing
<med_> we've tried a number of kernels and OVS including the xenial proposed kernel and wily
<jamespage> actually the kernel version might be more pertinent here
<med_> yep
<med_> we've tried the lts trusty kernel (3.0.13 series) the wily and the xenial proposed
<med_> kernels
<jamespage> I have a cloud where I'm running liberty with the wily 4.2 kernel - do you see errors with that combo?
<jamespage> med_, ^^ ?
<med_> checking
<med_> 3.19.0-32 showed the errors
<med_> jamespage, ^
<med_> so correction jamespage, the bulk of our testing has been with Kilo at this point, not liberty
<jamespage> hmm ok
<med_> but that kernel is correct (t, w, and x)
<jamespage> med_, so you saw the problem as a result of a kernel update? just trying to id the point when things changed for the worse
<med_> we started anaylysing the problem due to tenant complaints of lost packets.
<med_> kinf of an all out effort now. No real changes had occurred. Just better trained, more sophisticated tenants asking better questions with more data, jamespage
<frickler> is anyone working on a fixed release for https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html already?
<ubottu> sourceware.org bug 2016 in libc "argp --help infloop, via ARGP_HELP_FMT envvar" [Normal,Reopened]
<arrrghhh> hey all.  I have a cron.daily job setup to email me a 'status report' on the server - this works fine, but a few minutes after the report I sent I always get a second email about the "Reported file <x> generated in current directory" - how can I suppress this second email?
<rbasak> frickler: see #ubuntu-hardened. "no eta yet".
<jgrimm> meeting time
<jak2000> hi all how to use, ssh-keygen -t rsa -b 4096   ? i want use scp command without ask me a password, thanks
<cpaelzer> jak2000: that should give you the right details https://help.ubuntu.com/community/SSH/OpenSSH/Keys
<cpaelzer> jak2000: it is not only creating but also putting the key on the remote server which is the req for PW-less login (and scp)
<frickler> rbasak: thx for the pointer
<jak2000> cpaelzer i try connect ssh@ip and ask and ask me the password
<jak2000> why?
<arrrghhh> jak2000, did you disable password auth on the server?
<jak2000> wait pls
<jak2000> creating pastie
<arrrghhh> "PasswordAuthentication no" in /etc/ssh/sshd_config
<jak2000> in wich server?
<arrrghhh> on THE server
<jak2000> but i want work with ssh keys
<arrrghhh> we're just talking about a client and a server here
<arrrghhh> I know
<arrrghhh> so disable password auth
<arrrghhh> it'll force keys
<arrrghhh> jak2000, perhaps I didn't ask an essential question... are you using the key when you try to auth?
<jak2000> arrrghhh: http://pastie.org/10724337
<jak2000> here the steps...
<jak2000> see last step? ask me again the password, why?
<jak2000> need sisable password auth?
<arrrghhh> jak2000, you don't have to no
<arrrghhh> but that would force only key-based auth
<arrrghhh> sigh... I guess let me parse through all of this...
<jak2000> ok you see any BAD steps?
<arrrghhh> not yet
<arrrghhh> I don't do this every day tho, I setup keys on my server a year or two ago... lol
<arrrghhh> jak2000, did you check the troubleshooting section?
<arrrghhh> perms need to be right
<arrrghhh> if you do disable password auth I would leave a SSH session open in case it doesn't work
<jak2000> man in this case the host is swMAnzana right?
<arrrghhh> you tell me...
<arrrghhh> which is the client which is the server?
<arrrghhh> based on your paste, I would assume swManzana is the client
<arrrghhh> and svrChao1 is the server
<jak2000> i generate the key on swManzana
<arrrghhh> you also already had keys in .ssh
<arrrghhh> may want to rm .ssh and start over... although that shouldn't be necessary
<jak2000> ok
<arrrghhh> jak2000, also why did you ssh-copy-id -i?
<arrrghhh> I need to lookup what -i does... I don't see that in the guide
<arrrghhh> ah that is to specify the identity file
<jak2000> i want copy a file with scp, from swManzana to svrChaol
<jak2000> start over again
<jak2000> deleteing on swManzana, the dir: ~/.ssh
<arrrghhh> so wait
<arrrghhh> swManzana is the client or the server?
<jak2000> i want copy a file with scp, from swManzana(i think it the client) to svrChaol (i think is the server)
<arrrghhh> so the file is on swManzana?  I mean you can transfer the file in either direction using SCP I believe, just curious how you want this paradigm to work
<jak2000> yes the file is on swManzana
<arrrghhh> yea so SCP doesn't care really, you can flip local and remote and either upload or download depending
<arrrghhh> jak2000, cat .ssh/authorized_keys and make sure your client pubkey is there
<arrrghhh> should say "ssh-rsa badskgohweorfiajsdfokj user@host
<arrrghhh> "
<jak2000> in wich  sever (swManzana)?
<arrrghhh> weird looking at my sshd_config the AuthorizedKeysFile is commented out... I wonder if it just defaults to the one in %h
<arrrghhh> jak2000, swManzana you said was the client I thought
<arrrghhh> so the authorized_keys is on the server side
<jak2000> arrrghhh: http://pastie.org/10724370
<jak2000> now copy the file with ssh-copy-id  ?
<arrrghhh> authorized_keys is not on the client
<arrrghhh> it's on the server
<arrrghhh> also if you want to manually update the file, use >> to append
<arrrghhh> cat id_rsa.pub >> authorized_keys
<arrrghhh> but I would just use ssh-copy-id as it's easier
<jak2000> ok
<jak2000> erasing
<jak2000> and then ssh-copy
<jak2000> error: http://pastie.org/10724378
<jak2000> why?
<jak2000> the command would be: ssh-copy-id ~/.ssh/id_rsa.pub jak@162.252.242.4/.ssh/authorized_keys      ?
<arrrghhh> jak2000, if you are specifying the file you need -i lol
<arrrghhh> I just went over that above.......
<arrrghhh> if you don't specify the file, no need for -i
<jak2000> i dont specify the filename
<arrrghhh> uhm.  look at the command you're passing...
<arrrghhh> ~/.ssh/id_rsa.pub would be sepcifying the filename ;)
<arrrghhh> specifying even
<jak2000> then the command is simple: ssh-copy-id  jak@162.252.242.4     ?
<arrrghhh> yes
<jak2000> done
<jak2000> now: on swManzana     ssh jak@162.252.242.4    ?
<jak2000> ask me a password
<jak2000> exit
<arrrghhh> ok
<jak2000> and retype the command:  ssh jak@162.252.242.4
<jak2000> and ask me again the password :(
<arrrghhh> so on the server, check authorized_keys
<jak2000> ok
<arrrghhh> does it look good?
<RoyK> an check if authorized_keys is 0600
<RoyK> 0644 or something won't be tolerated
<arrrghhh> yea I mentioned perms
<jak2000> comparing:swManzan .ssh/id_rsa.pub    with svrChaol: authorized_keys        the file -rw------- 1 jak jak 739 Feb 16 12:35 authorized_keys
<RoyK> sshd will tell in the logs
<arrrghhh> I also mentioned checking the authorized_hosts file
<arrrghhh> er keys
<jak2000> exact files: swManzana id_rsa.pub     svrChaol authorized_keys  exact files
<arrrghhh> jak2000, walk through the troubleshooting section please
<arrrghhh> there's checks for perms, looking at logs, etc
<jak2000> ok, RoyK mentioned: "sshd will tell in the logs"
<jak2000> in wich log check wich is the problem?
<arrrghhh> jak2000, please... read... the TS section
<jak2000> ok
<arrrghhh> https://help.ubuntu.com/community/SSH/OpenSSH/Keys
<arrrghhh> go through that whole section
<arrrghhh> at the end you'll come to the debugging part.... go through all of it first
<jak2000> arrrghhh: http://pastie.org/10724410
<arrrghhh> jak2000, missing begin marker...?  did you check your private key?
<jak2000> i have the file
<jak2000> but how to check?
<arrrghhh> nano or cat?
<jak2000> ok cat
<jak2000> see please: http://pastie.org/10724446
<arrrghhh> ok you'll want to create a new key just FYI
<arrrghhh> let me look at mine
<jak2000> the files is: /home/jak/.ssh/     cat id_rsa
<jak2000> ok erase and recreate the key?
<arrrghhh> well you should never share your private keys
<arrrghhh> jsut FYI
<arrrghhh> I didn't mean for you to paste all of the key sorry :)
<jak2000> i modified it :)
<jak2000> no problem
<jak2000> but th key is generated
<arrrghhh> I think something is wrong with the header
<arrrghhh> which doesn't make sense the ssh-keygen should create a valid private key...
<arrrghhh> jak2000, I don't have this header in mine
<arrrghhh> Proc-Type and DEK-Info
<arrrghhh> I just have the ----BEGIN---- the key, then ---END----
<arrrghhh> jak2000, you did -t rsa right when you did rsa-keygen?
<arrrghhh> ssh-keygen rather
<arrrghhh> looks like you did in your paste
<jak2000> i generate: ssh-keygen -t rsa -b 4096
<arrrghhh> I wonder if -b 4096 would cause the header to appear different...?  either way, I would remove that header
<jak2000> ok
<arrrghhh> jak2000, worked?
<apes> Anyone know the state of the glibc update for Ubuntu?
<ogra_> apes, in the works
<ogra_> apes, assuming you talk about http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7547.html
<jdstrand> it is in progress
<jdstrand> it should be out within a couple/few hours
<arrrghhh> jak2000, Imma head out, still curious tho if it fixed it for you
<rbasak> Daviey: do you know who has ops on this channel? I'd like to set the topic to point to #ubuntu-hardened's topic for glibc CVE questions, as that seems to be an FAQ today.
<rbasak> (soren set it last but isn't here)
* Pici changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support, try #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Docs and resources: https://help.ubuntu.com/14.04/serverguide/ | See http://ubottu.com/y/cve20157547 for glibc CVE status, or #ubuntu-hardened for more information
<apes> ogra_: Yes
<rbasak> Thanks Pici!
<Pici> np
<Sling> wtb libc6 update!
<Sling> ( https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html )
<arlen> topic
<mdeslaur> Sling: it'll be out soon
<Sling> ah
<Sling> my window isn't that wide ;)
<Sling> but alright, i'll keep an eye out
<sarnold> http://www.ubuntu.com/usn/usn-2900-1/
<Sling> The following packages will be upgraded: libc-bin libc-dev-bin libc6 libc6-dev multiarch-support
<Sling> yey
<Sling> (14.04)
<OerHeks> Pici, i think you can remove the glibc part in the topic, updates are out.
#ubuntu-server 2016-02-17
<jpastore> hi I'm trying to run tshark remotely over ssh to pipe to my local wireshark, I'm getting an error that I do not have permission to the device? I've created the wireshark group, added myself to it, reconfigured the package, and I get a permission error relating to the device. How do you grant permission to a device? There is nothing in udev either which is strange...
<hallyn_> smb: arges:  hm, is libvirt on xenial working for you? I get
<hallyn_> Feb 16 19:03:53 sl libvirtd[2705]: Cannot set property Before, or unknown property.
<hallyn_> Feb 16 19:03:53 sl libvirtd[2705]: Cannot open log file: '/var/log/libvirt/qemu/cdboot.log': Device or resource busy
<hallyn_> (which i've seen mentinoed in a bug somewhere)
<hallyn_> iirc it was a systemd machinectl problem
<hallyn_> hm, i'l lhave to look into it tomorrow
<smb> hallyn_, Not sure I had been trying to do boots from CD. I'll check. Sounds a bit like either missing file or something wrong with aa profile(s)
<lordievader> Good morning.
<Seven_Six_Two> not sure what happened, but most of my server's services stopped connecting. znc, apache, owncloud
<Seven_Six_Two> and oddly, my server and desktop are connected to the same router, and my desktop can ssh in to the server, and the desktop can browse the web, but my server can't ping google.
<Seven_Six_Two> the default gateway for both machines is the same
<Sling> Seven_Six_Two: how are you trying to ping google?
<Seven_Six_Two> ping google.com
<Sling> Seven_Six_Two: try ping 8.8.8.8
<Sling> it that works, DNS is probably not working for you
<Seven_Six_Two> that doesn't work
<Sling> what happens when you try?
<lordievader> Does pinging the gateway work?
<Seven_Six_Two> that's so messed up. It's not doing anything
<Seven_Six_Two> yes, I get a response from the gateway's lan ip
<lordievader> Seven_Six_Two: What is the output of 'ip r'?
<Seven_Six_Two> default via 192.168.168.1 dev eth0
<Seven_Six_Two> 10.8.0.0/24 via 10.8.0.2 dev tun0
<Seven_Six_Two> 10.8.0.2 dev tun0  proto kernel  scope link  src 10.8.0.1
<Seven_Six_Two> 169.254.0.0/16 dev eth0  scope link  metric 1000
<Seven_Six_Two> 192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.80
<Seven_Six_Two> 192.168.168.0/24 dev eth0  proto kernel  scope link  src 192.168.168.80
<lordievader> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<lordievader> I suppose you do dhcp?
<Seven_Six_Two> yes, static dhcp from the router
<lordievader> Does the gateway run a firewall which is dropping icmp by any chance?
<Seven_Six_Two> I believe so
<Seven_Six_Two> checking
<Seven_Six_Two> well, it's not set to ignore or forbid, but icmp-flood attack filtering is enabled
<Seven_Six_Two> oh dammit. that's it, isn't it. how did you figure that? the only thing I've changed recently is stats in the router, and didn't notice that icmp-flood filtering is only enabled with stats.
<lordievader> I guess I can conclude from this that you have access to the gateway? Can you ping 8.8.8.8 from there?
<Seven_Six_Two> correct. ping from router works
<lordievader> Odd. Well perhaps it is that. Can you ping 8.8.8.8 from the problem host when the icmp-flood filtering is disabled?
<Seven_Six_Two> oh udp-flood and tcp-syn-flood filtering too
<lordievader> That shouldn't matter for ping ;)
<Seven_Six_Two> lol. and my server is on blocked list
<Seven_Six_Two> in router. no it's like my router is seeing too many icmp packets and cutting off the server
<Seven_Six_Two> one sec though. I'll disable and test
<Seven_Six_Two> yeah, as soon as I remove the server ip from the blocked list, it starts working again.
<Seven_Six_Two> so the router is seeing too many of some packet type
<lordievader> Heh, and the firewall strikes once again ;)
<Seven_Six_Two> thanks for the help. I made some changes, and know where to look if it happens again.
<Razva> hey! is there any know Juju bug regarding network interfaces not named eth?
<lordievader> Razva: What version of Ubuntu is this?
<ikonia> going to need to be more specific than "a bug regarding network interfaces not named eth"
<YamakasY> how large is the size of a mirror, without sources, for 14.04 ?
<YamakasY> only 64bit btw
<Razva> lordievader 14. should we use 15?
<lordievader> Razva: No, I was asking since 15.10 uses a newer version of udev which uses bios dev names instead of the old naming scheme. Perhaps the udev of Trusty got updated to the same version though.
<lordievader> Razva: What kind of network names do you have now?
<smb> hallyn_, As a follow-up on libvirt: I can boot kvm guests via libvirt. I realized that "cdboot" would be your guests name. I'd check whether /var/lib/libvirt/qemu is a directory owned by libvirt-qemu.kvm and writable at least for that user.
<Razva> lordievader VLAN
<lordievader> Razva: What? We were talking about interface names right?
<Razva> lordievader well it might be, I have no idea, but what I know is that with eno1 juju basically fails
<lordievader> Razva: Well look on Launchpad if this has been reported before, else make a new bug report.
* ChanServ changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support, try #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Docs and resources: https://help.ubuntu.com/14.04/serverguide/ | Updates for CVE-2015-7547 have been released: http://www.ubuntu.com/usn/usn-2900-1/
<spm_draget> Silly question, but after installing a fresh ubuntu-server and assigning a static IP and nameserverâ¦ where is the nameserver saved? Should it be in /etc/netwrok/interfacesâ¦ because I do not see it thereâ¦?
<freeone3000> I have a Lenovo ThinkServer running 14.04 LTS. I'm trying to get the health of its primary drive raid, but I get: https://gist.github.com/freeone3000/4cc6e1633f22796de875 . (The server has a hardware raid controller with two SATA drives connected as SAS)
<jelly-home> freeone3000: which pci device is that controller?  lspci -nn
<freeone3000> jelly-home: "04:00.0 RAID bus controller [0104]: LSI Logic / Symbios Logic MegaRAID SAS 2108 [Liberator] [1000:0079] (rev 05)"
<spm_draget> Ah okay, /etc/network/interfaces is the correct thing
<dami0> hi, i'm trying to test out SingleSignOn was going through the instructions and just wanted to ask about faking the domain names, if i put the server down in the /etc/hosts files, is that loopback for the server itself and the server's LAN ip on the clients?
<jelly-home> freeone3000: see if mpt-status works for that one
<freeone3000> jelly-home: Always prints "ioctl: no such device", but man pages say it doesn't take an argument and should autodetect.
<freeone3000> Did the autoload bit, tried specifying '-u /dev/sda' and '-u 0:40' but no change.
<jelly-home> no idea then, perhaps there are backports of newer smartmontools for trusty somewhere
<ivoks> jelly-home: look at you :)
<jelly-home> yeah, ECHAN
 * jelly-home felt sorry for the LSI user
<leitao> jgrimm, cyphermox: Any idea if docker on 16.04 will be compiled with golang (other than gccgo) for ppc64el?
<jgrimm> leitao, the plan is to build docker1.10 with golang-1.6 for most architectures including ppc64el
<leitao> thanks
<jgrimm> leitao, do you have a preference on technical merits?
<leitao> jgrimm, that is what we need. Thank you!
<leitao> 1.9 seems to have some issue
<leitao> jgrimm, btw, any chance to move docker from universe to main?
<jgrimm> leitao, no plans to do so
<leitao> jgrimm, it means docker is not supported by Canonical, right?
<jgrimm> leitao, community supported is the way its described -> https://help.ubuntu.com/community/Repositories/Ubuntu
<arrrghhh> anyone have suggestions for something like Crashplan which has a Linux client?  I really liked Crashplan, until they decided to change their pricing structure and doubled everything since I last renewed 4 years ago...
<nacc> hallyn: not sure if you saw, but i updated the numactl merge reuqest yesterday
<nacc> if you could ack, that'd be great
<freeone3000> arrrghhh: tarsnap
<arrrghhh> freeone3000, hm that's one I have not heard of before
<hallyn> nacc: what's the url again?
<hallyn> smb: uh, no, nothing to do with cds.  my old windows vista vm also doesn't start
<nacc> hallyn: one sec, https://code.launchpad.net/~nacc/ubuntu/+source/numactl/+git/numactl
<nacc> merge branch
<hallyn> smb: "Cannot set property Before, or unknown property." is the critical line I think.  (or I'm wrong and it's a red herring :)
<smb> hallyn, hm odd. me and arges did notice no such errors.
<arges> hallyn: is this only with windows guests?
<hallyn> arges: no
<hallyn> arges: smb: it probably ha snothing to do with libvirt itself, though, bc it seems to be a dup of https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1529079
<ubottu> Launchpad bug 1529079 in systemd (Ubuntu) "Can't start virtual machines after upgrade to Xenial" [High,Confirmed]
<arges> hallyn: i take a look.. my uvtool vms have been working fine
<hallyn> nacc: thx, lemme do that right now
<smb> arges, and I was using virt-manager. Only difference is that the host is a fresh Xenial install
<nacc> hallyn: thanks!
<hallyn> smb: hold on;  fresh install did work, or did not work?
<smb> hallyn, fresh install does work for me
<smb> hallyn, you and the other reporter seem to use upgraded hosts
<hallyn> smb: yup
<arges> ok yea I have been using fresh xenial installs
<arges> so we need some upgrade testing I suppose
<hallyn> well that gives ideas of where to start looking at least, that's good :)
<hallyn> bugs.debian.org is down?
<hallyn> can the bot tell me about debian bug 814952 ?
<ubottu> Error: Could not parse data returned by Debian:
<hallyn> nacc: is debian bug 814952 the one you filed ?
<smb> hallyn, and since the other bug was opened last year it already happened with an earlier update of libvirt ...
<smb> hallyn, hm you happen to use special args for libvirtd (which might be ignored by the old service conversion)? Though I do read the right file now
<hallyn> smb: yes but it didn't hapen until i upgraded to xenial.  i *think*
<hallyn> no special args,
<hallyn> root      2705     1  0 Feb13 ?        00:00:00 /usr/sbin/libvirtd
<smb> ok, well still allows for breakage with the xml definitions which would not be new
<smb> hallyn, have you tried to virsh edit the config and do a small change then write it back
<smb> validation is done for writes... though the error messages for that used to be poor
<hallyn> nacc: LGTM, wish i could see the debian bug, but th
<hallyn> x
<hallyn> nacc: did you do a merge request against anything?  Should I just push the package to x?
<arges> hallyn: can you dumpxml the faulty vm and pastebin it somewhere
<hallyn> i'll object to "the faulty vm" :-)
<hallyn> arges: just a min
<arges> hallyn: well the one that libvirt cant parse
<arges> and perhaps there is a qemu log somewhere to see if that cmdline it produced looks messed up
<hallyn> arges: it can't parse any of several I had.  I deleted all but one, and created one new one.
<hallyn> http://paste.ubuntu.com/15101328/
<hallyn> arges: the logfile has : libvirt:  error : libvirtd quit during handshake: Input/output error
<hallyn> nacc: hm, having trouble building a source pkg
<hallyn> why is debuild being stupid and trying to include .git?
<hallyn> there msut be  a better way to build than to mv .git .. first
<hallyn> that is to ohacky
<arges> ok i'll look
<hallyn> nacc: ffs can't you file a debian bug to fix the pkging to be 3.0 quilt? :)  kills me
<hallyn> anyway, pushing, thx
<teward|> rbanffy: ping, if you're around and can give some guidance on the nginx package, that'd be great - gotta pick between two evils :/
<teward|> erm
<teward|> rbasak: ^
<teward|> sorry rbanffy for the mishighlight
<nacc> hallyn: :) i can do that for the next release
<rbasak> teward|: around but otp. Do you want to provide a summary here please?
<teward|> rbasak: FTBFS as is, we have to update the Lua moduel in -extras.  Two options: nitpick the fix from upstream which fixes the missing udp connector struct, or take from Debian's git repository in where they update the entire module to the release candidate version on openresty's github pages, which brings in additional changes to the Lua module (I don't have a complete list)
<teward|> rbasak: not sure which is the correct approach, though i can get either done before FeatureFreeze once I get some guidance
<teward|> Debian's updating of the package also incorporates the fix, apparently, though that will undergo its own build tests as well
<teward|> rbasak: basically, i'm not sure which approach will work better, hence seeking some advice :/
<rbanffy> NP, teward. It happens all the time.
<hallyn> smb: arges: all right, sorry, focusing on the libvirt thing now
<hallyn> oh, one more thing first,
<arges> hallyn: no problem, ive downloaded the xml files from you and the bug report, trying to look at what the differences are and repo on my end
<arges> hallyn: ok no problem
<hallyn> arges: saving xml works fine, sothat's not the problem
<hallyn> lemme set up two vms, one with upgrade and one with clean install, and compare...
<arges> hallyn: yea that's what I was trying to do, but hopefully that points us in the right area. wondering if its osmething to do with how the disk controllers are setup
<arges> that would be my swag
<hallyn> arges: wtf.  failed to reproduce in a vm
<arges> hallyn: yea i'm not having luck here either.
<arges> hallyn: what did you upgrade from? wily?
<hallyn> arges: yeah, maybe i need to start from vivid, which my laptop apparently did
<hallyn> (though not directly)
<hallyn> i'll try from trusty - upstart->systemd seems more likely to e a trigger
<arges> hallyn: ok
<hallyn> arges: i think when we find the cause we're gonna laaaaaugh
<arges> hallyn: : ) progres?
<hallyn> wiating on the trusty vm install
<hallyn> oh it's done
<arges> hallyn: grabbing lunch... keep me posted
<hallyn> k
<rbasak> teward: extras is in universe, right? So no security team main concern about whether to follow Debian's import or take from nginx upstream.
<teward> rbasak: correct - extras is in Universe
<teward> rbasak: though, once dynamic modules are applied, we're going to have to scramble to make sure some are in Main, some aren't
<teward> because it's not nice when that's taken into account
<rbasak> teward: my remaining question would be about user visible differences. Is there a cost to committing to one over the other now? IOW, will any user have a reason to care if you take one approach now and switch later?
<teward> (that's the future though)
<teward> rbasak: AIUI, no, there won't be any major reasons for Users to care.  However, one reduces the plugin-specific future merge delta by one tiny commit, the other reduces it to zero when merging in from Debian
<rbasak> If that's not a concern then I'd pick the easiest thing, which I guess you get to trade off. Following Debian is nice, but the benefit depends on how much we've diverged in this aresa.
<rbasak> area
<teward> mmm
<rbasak> OTOH, cherry-picking a trivial patch may be far easier.
<rbasak> That's what we'd probably want to do after FF anyway.
<teward> rbasak: they're both available on git - patches are nice anyways :P
<teward> indeed
<teward> though, every new release of nginx will have to get an FF exception
<teward> which is fine, but it's one of those annoying little headaches :)
<rbasak> I thought we had an understanding with the release team on the plan? Or did that not get fully resolved?
<rbasak> Keep ubuntu-release advised, certainly. I'm not sure if you need an explicit and formal FFe approval for each step though.
<teward> i'm not sure we did since the policy change, the TB discussion was one fo "everything still gets standard FF review before upload" iirc
<teward> rbasak: well, from this point on, each nginx will likely have some minor feature changes
<teward> so it'd need FFe if standard policy is followed
<rbasak> Ah, OK.
<teward> plus HTTP/2 bugfixes which don't affect the builds currently
<teward> (because it's not enabled)
<teward> rbasak: i'm going to nitpick the minor change form upstream that enables building and doesn't implement an rc version of the third party module
<teward> seems like the lesser evil
<rbasak> OK, that sounds good. Thank you for considering carefully, as always!
<teward> that's my job :)
<teward> and thank you for being a sounding board and for the ongoing advice
<teward> it's always nice to bounce opinions off others first :)
<rbasak> np
<rbasak> I forgot the other option was rc
<rbasak> That makes your choice sound even better.
<teward> mhm
<hallyn> arges: hm, not reproduced in trusty vm either.  so i guess i'll have to look more closely at my own setup.
<hallyn> fascinating
<arges> hallyn: yikes, ok
<hallyn> eureka
<hallyn> arges: smb: systemd-machined, provided by systemd-container, is causing the problem
<arges> hallyn: so your hunch in the bug earlier was corrupt
<arges> correct
<hallyn> accuse me of corruption?   I'll sue!
<arges> haha
<hallyn> yeah i just don't get why systemd-machined woudl ship in systemd-container.  that's weird
<hallyn> mind you the bug may still actually be in libvirt
<hallyn> but i find that hard to believe, as we're on 1.3.x
<hallyn> anyway with that found i'll lower it's priority and defer it :(
<arges> cool hopefully we can catch it before release
<jak2000> arrrghhh
<jak2000> are you there?
#ubuntu-server 2016-02-18
<chengyan> hello,every ,i want to learn ubuntu ,how should i do?
<sarnold> what do you want to learn about? why?
<chengyan> find a job
<chengyan> System Operation Engineer
<sarnold> chengyan: you may find this presentation useful; it extensively covers the performance analysis tools that are available: http://techblog.netflix.com/2015/08/netflix-at-velocity-2015-linux.html
<chengyan> thanks
<arrrghhh> jak2000, sup
<jak2000> arrrghhh are you there?
<arrrghhh> jak2000, going to sleep soon
<arrrghhh> what's up?
<jak2000> arrrghhh ok tomorrow
<jak2000> contact
<arrrghhh> ok...
<jak2000> not working the scp copy command ask me a password :(
<arrrghhh> you can ask your question in here and someone else may be able to help
<jak2000> ok, yes tomorrow
<arrrghhh> maybe there's something else missing, dunno.  keys works great for me following that site tho
<jak2000> yes i too
<jak2000> setup otrher pair of servers
<jak2000> :(
<YamakasY> ubuntu 14.04 doesn't have a glibc update ?
<henkjan> YamakasY: http://www.ubuntu.com/usn/usn-2900-1/
<henkjan> YamakasY: 14.04 is also mentioned
<YamakasY> henkjan: I don't see it ?
<YamakasY> at least not in apt-get upgrade ?
<henkjan> YamakasY: what version do you see when you run dpkg -l|grep libc6 ?
<YamakasY> 2.19-0ubuntu6.7
<YamakasY> seems to be ok than
<YamakasY> I think my puppet update went ok
<henkjan> nice
<henkjan> now just restart to finish it :)
<YamakasY> heh on 300 servers yes :)
<YamakasY> yap
<YamakasY> need to do them batched
<YamakasY> henkjan: as far as you know it's only affected directly to public servers ?
<henkjan> YamakasY: al servers running the vulnerable libc version are affected. it just seems not so easy to exploit
<henkjan> see https://00f.net/2016/02/17/cve-2015-7547/
<YamakasY> henkjan: yeah as there is lots of rumor these days when there is a fix and not when there is non :)
<dvdjaco> the USN for the glibc vuln states that "After a standard system update you need to reboot your computer to make all the necessary changes". I guess this is a standard paragraph and does not necessarily apply in this caseÂ¿
<henkjan> dvdjaco: a restart ensures you that every program uses the new version of libc
<henkjan> you could something like 'checkrestart' to check which program is still using old libs
<andol> dvdjaco: Well, it kind of applies, depending on what additional manual steps you are willing to take. The Debian Security Announcements has a slightly longer, slightly better phrasing: "While it is only necessary to ensure that all processes are not using the old glibc anymore, it is recommended to reboot the machines after applying the security upgrade."
<dvdjaco> henkjan andol yeah that was my line of thought. I have a couple of nodes that would be annoying to reboot right now, it would be easier to restart services that may make calls to getaddrinfo
<kully> hey all - is there any way to remove the use of a single command from /usr/bin to just a select group of users?
<kully> trying to remove the ability for 3 users to run the command "berks"
<sdeziel> I dist-upgraded my Xenial system yesterday to notice that bind9 (named) was installed behind my back
<sdeziel> the dist-upgrade pulled new versions of bind9-host and dnsutils but it should not have brought bind9 IMHO
<sdeziel> lamont: it seems like bind9-host 9.10.X now depends on bind9, is this intentional?
<gimmic> Anyone been using maas and have any concerns/complaints about using it to manage a lot of nodes? Looking at 100-300 nodes or so
<lamont> sdeziel: it is not.
<lamont> sdeziel: file a bug?
<sdeziel> lamont: thanks: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1547052
<ubottu> Launchpad bug 1547052 in bind9 (Ubuntu) "bind9-host 9.10.X should not depend on bind9 (named)" [Undecided,New]
<ickyfeet> Hey everyone.  I'm having problems with my log files.  They're blowing up in size but when you look at the log files it's the same messages (with the same time stamps) repeated over and over and over.
<ickyfeet> I can "tailf syslog" and it doesn't show anything but it continues to grow in size.
<gimmic> you mean tail -f ?
<ickyfeet> yup
<gimmic> if the size is growing, the log file is growing
<ickyfeet> but there's no new messages in the log, it's the same few lines repeated
<ickyfeet> the time stamp on the messages isn't incrementing.
<gimmic> delete or move the log and see if it is recreated?
<sdeziel> deleting a log file that is being written to can cause more problem
<ickyfeet> I've deleted the files and the don't reappear but the show back up after a reboot with the same messages as before and grow continuously.
<sdeziel> if the log content is not import, I'll truncate the file
<ickyfeet> I stopped rsyslog before deleting
<ickyfeet> kern.log auth.log and syslog combined grew to 3+TB over night.
<sdeziel> does your rsyslog.conf has "$RepeatedMsgReduction on" ?
<ickyfeet> Checked that.  It is on.
<sdeziel> are there other process than rsyslogd writing to those files?
<ickyfeet> Nope.
<ickyfeet> Welp, I'm a dope.  Was actually going to use this box as a syslog server.  Fat fingered a line to create a separate folder for individual hosts.  Removed the line and things cleared up.
<ickyfeet> In rsyslog.conf
<jamespage> ddellav, coreycb: the googleapi MIR - do we really want that in main? its used for cinder backup - we could look to disable tests for now, and have it as a suggests
<coreycb> jamespage, I think we'd be happy to drop it if you don't think it's necessary
<jamespage> coreycb, +1
<jamespage> see if that is possible
<coreycb> ok
<coreycb> ddellav, I'll work on dropping googleapi from cinder.  sorry for having you do all that MIR work.
<sdeziel> rharper: awesome work on the strongswan refresh, many thanks!
<jamespage> coreycb, ddellav: it might not be possible
<gavincmi> With respect to the current glibc issue: http://www.ubuntu.com/usn/usn-2900-1/ Curious is sysadmins are doing a full apt-get upgrade or possible to patch via apt-get install libc6 libc6-dev libc-bin (on ubuntu 14.04) ?
<jamespage> just saying its always a good idea to look at this stuff
<coreycb> jamespage, gotcha, hard to tell where to draw the line sometimes though
<jrwren> gavincmi: i'd do either, depending on teh apps running on the system in question.
<rharper> sdeziel: thanks!   please use it and break it so we can find any bugs for the release
<gavincmi> For the updates outlined here: http://www.ubuntu.com/usn/usn-2900-1/ Is a full apt-get update & upgrade required or can one simply sudo apt-get install libc6 libc6-dev libc-bin (on ubuntu 14.04)?
<teward> gavincmi: i would suggest doing a standard upgrade, rather than just relying on installing the individual packages on their own
<teward> because there may be other things that need included in addition to just the libc6 items (not 100% sure but...)
<gavincmi> Understood and normally I'm all for it. But being asked to explore alternative methods and limit scope of upgrade process (if possible)
<gavincmi> So trying to see if others have found simply sudo apt-get install libc6 libc6-dev libc-bin  satisfies the patching criteria
<gavincmi> Lastly, seeing others suggesting this as an alternative http://askubuntu.com/questions/735825/which-ubuntu-releases-have-fixes-for-cve-2015-7547-extremely-severe-bug-with?lq=1
<sdeziel> gavincmi: for the patch to be effective, every application using the patched files need to be restarted
<gavincmi> Sure so sudo apt-get install libc6 libc6-dev libc-bin & a server reboot is most likely in order
<sdeziel> gavincmi: if you are too reboot, why not pull in all the available updates ;)
<gavincmi> Because on some servers, don't have easy choice of pulling in all updates. Could introduce new issues not tested
<gavincmi> hence the original question
<xevious> Is there a kernel parameter I can pass to have Ubuntu skip the "Waiting for network configuration..." phase when I'm booting without a network connection? I'd like to avoid editing /etc/network/interfaces since I'll need to boot without the network infrequently.
<xevious> That was a bit of x/y the way I phrased that.
<xevious> Is there a way to disable network configuration at boot without altering /etc/network/interfaces?
<Razva> is there any way to tail a juju deployment via autopilot? I cannot really find any logs of the ingoing installation...
<coreycb> zul, can you upload aodh, barbican, and designate master branches to xenial from https://code.launchpad.net/~ubuntu-server-dev/+git ?
<coreycb> zul, it's all prep work to get them into main
<jak2013> hi all i want do this tsk( automatize: http://postimg.org/image/f8gmnnloj/ ) copy a file from swManzana to svrChaol, with scp command and without a password, how do it?  (a friend tell me use: ssh-keygen -t rsa -b 4096) any advice or link for follow? i followed: https://help.ubuntu.com/community/SSH/OpenSSH/Keys   but not luck thanks
<iulianpojar> hello, i have MAAS installation, but i can not deploy any pc's, please help me, here are maas logs: [INFO] srvbal02a: Status transition from READY to ALLOCATED
<iulianpojar> Feb 18 20:31:15 srvbal02b maas.node: [INFO] srvbal02a: allocated to user iulianpojar
<iulianpojar> Feb 18 20:31:15 srvbal02b maas.interface: [INFO] Allocated automatic static IP address 192.168.5.3 for eth0 on srvbal02a.
<iulianpojar> Feb 18 20:31:15 srvbal02b maas.node: [INFO] srvbal02a: Status transition from ALLOCATED to DEPLOYING
<iulianpojar> Feb 18 20:31:16 srvbal02b maas.dns: [INFO] Generating new DNS zone file for norbalmaas
<iulianpojar> Feb 18 20:31:16 srvbal02b maas.dns: [INFO] Generating new DNS zone file for 5.168.192.in-addr.arpa
<iulianpojar> Feb 18 20:31:16 srvbal02b maas.power: [INFO] Changing power state (on) of node: srvbal02a (node-6cfbf14c-d416-11e5-9f63-00237d57f070)
<iulianpojar> Feb 18 20:31:26 srvbal02b maas.import-images: [INFO] Started importing boot images.
<iulianpojar> Feb 18 20:31:26 srvbal02b maas.import-images: [INFO] Finished importing boot images, the region does not have any new images.
<iulianpojar> Feb 18 20:31:30 srvbal02b maas.bootsources: [INFO] Updated boot sources cache.
<iulianpojar> Feb 18 20:31:30 srvbal02b maas.bootresources: [INFO] Started importing of boot images from 1 source(s).
<iulianpojar> Feb 18 20:31:31 srvbal02b maas.bootresources: [INFO] Importing images from source: http://maas.ubuntu.com/images/ephemeral-v2/releases/
<iulianpojar> Feb 18 20:31:34 srvbal02b maas.bootresources: [INFO] Finished importing of boot images from 1 source(s).
<iulianpojar> Feb 18 20:31:34 srvbal02b maas.import-images: [INFO] Started importing boot images.
<iulianpojar> Feb 18 20:31:35 srvbal02b maas.import-images: [INFO] Finished importing boot images, the region does not have any new images.
<iulianpojar> Feb 18 20:31:36 srvbal02b maas.drivers.power.ipmi: [WARNING] Failed to change the boot order to PXE 192.168.5.206:
<roaksoax> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<iulianpojar> Feb 18 20:31:38 srvbal02b maas.power: [INFO] Changed power state (on) of node: srvbal02a (node-6cfbf14c-d416-11e5-9f63-00237d57f070)
<iulianpojar> Feb 18 20:34:25 srvbal02b maas.node: [INFO] srvbal02a: Status transition from DEPLOYING to FAILED_DEPLOYMENT
<roaksoax> !pastebin > iulianpojar
<ubottu> iulianpojar, please see my private message
<iulianpojar> Feb 18 20:34:25 srvbal02b maas.node: [ERROR] srvbal02a: Marking node failed: Installation failed (refer to the installation log for more information).
<iulianpojar> Feb 18 20:34:45 srvbal02b maas.node_query: [INFO] srvbal02a: Power is on.
<roaksoax> iulianpojar: also, check the installation log on the WebUI of the node
<roaksoax> iulianpojar: go all the way to the button and you can see if there in the drop down
<Razva> roaksoax any hints on what to tail in order to see what juju is doing on the remote node...?
<Razva> because at this point i'm...ehm...looking at the screen, with no idea of what is happening
<roaksoax> Razva: i'd ping andreas or dpb1  :)
<roaksoax> dpb1: ^^ ?
 * Razva pings dpb1 :D
<zul> coreycb: ugh..
<thebwt> Hey guys, trying to get correct information on CVE-2015-7547 . http://people.canonical.com/~ubuntu-security/cve/pkg/glibc.html has "--" for prcise and trusty, and marked DNE. Yet we can confirm that the versions are 2.9 and higher there.
<zul> coreycb: its not like i had to do anyting this afternoon anwyays :)
<iulianpojar> sorry here is the maas logs: http://paste.ubuntu.com/15116147/ and latest machine events: http://paste.ubuntu.com/15116397/
<coreycb> zul, should be fairly simple
 * thebwt derps and scrolls up a bit
<coreycb> zul, I'm on the DMB agenda for a week from monday for more upload priveleges
<coreycb> privileges
<zul> coreycb: the date is circled in my calendar :P
<coreycb> zul, oh mine too believe me
<Razva> roaksoax great: http://pastebin.com/5RicTdhw :D any idea why? another node was already deployed...
<sdeziel> thebwt: http://people.canonical.com/~ubuntu-security/cve/pkg/eglibc.html
<zul> coreycb: use me...abuse me....done
<coreycb> zul, thanks
<dpb1> Razva: sec, I have an article
<dpb1> Razva: http://askubuntu.com/questions/606422
<Razva> dpb1 thanks for the link, but my question was how can I see the log files while Juju is "working", while it's "working". not before it failed.
<dpb1> Razva: I don't follow
<sarnold> Razva: juju debug-log perhaps? https://jujucharms.com/docs/1.21/troubleshooting
<Razva> dpb1 at this point I'm deploying OpenStack via MAAS + Juju. At this point Juju is "working", but I have no idea what it's doing :)
<dpb1> Razva: you can get access to the juju environment to see what it's doing by following the instructions I pasted.
<Razva> aaaand if the env is not deployed yet?
<dpb1> did you try? :)
<dpb1> if it's passed bootstrap, you can access it.
<dpb1> s/passed/past/
<Razva> trying right now
<Razva> dpb1 by tech guy is telling me that "we are not using manual juju bootstrap process. for us bootstrap was being  run  by autopilot. and our environment is still in bootstrap, it has not passed this step"
<dpb1> ok
<dpb1> until then, there is nothing to see.  If that fails, there will be somethign printed by the autopilot
<Razva> dpb1 haha, he told me the exact same thing. isn't this wonderful? :))
<dpb1> :)
<Razva> is this technically impossible or...why didn't the persons who wrote all this made a way to monitor stuff? it's the first time I'm hearing about a "thing that cannot be monitored"...
<sarnold> Razva: have you had any success with juju debug-log?
<Razva> sarnold right now my colleague/tech is trying to deploy again. previously it failed because of this: http://pastebin.com/5RicTdhw
<Razva> aaand we have the same issue.
<Razva> http://pastebin.com/8zmJaQdr
<Razva> any hints guys?
<sarnold> Razva: hmm, I can connect to streams.canonical.com:443 just fine.. is it firewalled off? does it need to go through a proxy of some sort?
<sarnold> .. and I can download the trusty-amd64 tgz tools that are referenced in the second paste; it's slow, but downloading..
<Razva> sarnold it downloaded ok all files UNTIL that one.
<Razva> it crashed on that specific file, for two times in a row.
<Razva> we're changing mirrors at this point.
<Razva> and now we need to wait 10-15 minutes again, without knowing if it will work or crash. this is *so* frustrating.
<sarnold> Razva: hmm, I asked our IS guys, those systems are apparently fine, that file served up fine from multiple locations..
<Razva> ok, trying right now from a London mirror (the servers are physically located in Maidenhead)
<Razva> if it crashes again I have a feeling that you'll see some monitors high in the sky.
<sarnold> Razva: suggested "mtr --report -T -P 443 streams.canonical.com" debugging aide from IS :)
<Razva> from maas I suppose?
<sarnold> I think so; probably any host on that network ought to suffice
<Razva> I'll do it from the maas/juju server, just to be sure
<Razva> sarnold: http://pastebin.com/SCiQuiBK
<sarnold> Razva: zounds, 40% packetloss on the first hop, 10% on the last; maybe run a few more? that's staggering..
<Razva> doing it from my local server
<Razva> guys, I *really* need an advice here. should I go with 14 or 15, for a fresh maas+autopilot+juju+whatever_ubuntu_cloud_openstack ?
<Razva> sarnold: tests from local and maidenhead again - http://pastebin.com/xpEDs2gF
<jrwren> Razva: do you want to upgrade every 6-9mo or every 2-5yrs?
<sarnold> Razva: I'd think 14.04 unless you want to upgrade again soon
<Razva> jrwren update everything in general...?
<jrwren> Razva: yes, only LTS releases are supported for more than 9mo.
<Razva> or just the OS, or just OpenStack
<sarnold> Razva: interesting, maybe I'm misinterpreting the packetloss numbers for TCP..
<Razva> sarnold: refresh http://pastebin.com/xpEDs2gF please, I've inserted the "table" headers also
<Razva> jrwren will 14 pe upgradable to 16 LTS?
<Razva> or I'll need to start everything from scratch...?
<jrwren> Razva: yes, upgradable
<sarnold> 14.04 LTS can be upgraded to 16.04 LTS but I don't think I'd jump on that upgrade for the "cloud" layer of the system -- it'd probably require a fair amount of work. unless you needed new features from the newer offering..
<Razva> theeeen I suppose I should stick with 14?
<Razva> sarnold that applies also to 15?
<sarnold> Razva: yeah, upgrading from 15.10 to 16.04 LTS is probably going to require some effort too
<Razva> so the advice is to stick with 14 'till 2017 then move everything up to 16 LTS, because I suppose at that time it'll be "debugged"?
<Razva> or I have the option to stay with 14 'till 16 is out, then move everything to 16 (I won't have *that* much data in the next 6 months anyway...)
<sarnold> we start notifying 14.04 LTS users that there's a new LTS release available and offer it for upgrade when the 16.04.1 point release is available ;) it's normally a few months..
<sarnold> you can do that too
<sarnold> you can also stay on 14.04 LTS until 2019 if you're lazy :)
<Razva> sarnold: can you please take a look at the refreshed http://pastebin.com/xpEDs2gF ?
<sarnold> Razva: it's nice the 10% at the cloud-images server is fixed.. but this is worrying:
<sarnold>   1.|-- 217.19.1.1                50.0%    10  3002. 1000.   0.6 3002. 1224.2
<Razva> sarnold: well, at this point I have a single client for OpenStack, which I badly need to serve. so I can stick with 14 'till 16 is out, but I'm "afraid" that 16 will be buggy. :|
<sarnold> Razva: that line either means that I don't know what the "Loss%" line means when mtr is run in -T mode, but 50% packetloss on a network will make things _miserable_. try ping floods between hosts, smokeping, mtr between pairs of hosts, etc, try to figure out if you've got a bad switch or cable or NIC or routing loop or something else strange
<Razva> 217.19.1.1                20.0%
<sarnold> Razva: aha; then you may wish to deploy on 14.04 LTS and upgrade to 16.04.1 when it is released
 * Razva is contacting the data-center regarding that huge loss
<sarnold> Razva: hmm, first run mtr for a while
<sarnold> Razva: it appears to be fairly lossy at the start; after ~100 packets between two hosts in my home network, it's settled down a bit
<Razva> it got down from 50% to 20%
<Razva> doesn't wants to go lower than 20%. I just wrote the DC guys.
<sarnold> Razva: how many requests were sent? now that i'm 385 packets into my mtr probe of my network I'm at 0.3%
<Razva> no idea, how can I see that please?
<Razva> should I keep it going?
<Razva> I have constant 20-30% loss, but hey...it's not 50%!
<Razva> wooow 50% again.
<sarnold> Razva: remove the --report option and re-run
<sarnold> that'll have it run forever..
<Razva> ah ok!
<Razva> 18%
<sarnold> let it get to 200 packets or so before bugging the datacenter staff :)
<Razva> hah, something "clicked", it jumps between 0.9 and 7000 last ping
<Razva> sent 200 and going down
<Razva> so weird.
<Razva> "I will need to escalate this to our Data Centre Technicians for further investigation. Once we have a further update we will be back in touch." < oh I loooove these predefined answers :))
<sarnold> very odd.. I wonder if TCP may also increase the stddev compared to icmp -- it takes more effort to reply to tcp packets than icmp packets. but 7000 ms is an eternity
<sarnold> heh
<Razva> it usually crashed at ~1300-1400 seconds
<Razva> we're at 850, so in 550 seconds will see if it crashes again at the same file.
<sarnold> heh
 * Razva is singing "it's the final countdoooooown"
<Razva> or somebody could do a darn thing that could log autopilot's stuff!!! :))
<Razva> aaaaaaaaaaaaand it failed again, at the exact same file.
<Razva> sarnold: http://pastebin.com/3vtP0wvP
<xevious> Is there a way to prevent the system from configuring the network interface during boot without altering /etc/network/interfaces?
<sarnold> Razva: can you wget https://streams.canonical.com/juju/tools/releases/juju-1.25.3-trusty-amd64.tgz  that file directly?
<Razva> BUT if I wget the file directly...it works like a charm!
<sarnold> Razva: dude.. sigh.
<Razva> sarnold just did that, yes I can: 00%[====================================================================================================================================================================================================================================>] 18,722,171  61.1MB/s   in 0.3s
<sarnold> Razva: nice network :)
<sarnold> heh
<Razva> 1gbps
<Razva> BUT the file it's not downloaded on maas, but on the deployed server, right?
<jrwren> is it that your maas server can access that url, but this controller node you are bootstrapping cannot?
<Razva> jrwren exactly
 * Razva is pulling his hair
<jrwren> so could be an iptables config issue.
<jrwren> or proxy issue.
<Razva> no proxies
<jrwren> maas should act as a proxy and configure the juju nodes to use it as proxy, IIRC
<Razva> ok, how can we check the settings on maas?
<sarnold> Razva: I think it's time to file a bug report, you've done a fair amount of debugging..  if you followed these instructions, http://www.ubuntu.com/download/cloud/install-openstack-with-autopilot then I'd suggest 'ubuntu-bug openstack'
<Razva> I'm asking my colleague/tech guy to join here
<Razva> I need to take a break, or else some PC components will suffer.
<sarnold> good luck Razva, see ya
<saket_> Hi Razva
<iulianpojar> Razva: maybe you had network setup after MAAS setup? try this: sudo dpkg-reconfigure maas-cluster-controller && sudo dpkg-reconfigure maas-region-controller
<sarnold> hey saket_ -- I just mentioned to Razva that it's probably worth filing a bug at this point -- if you followed the instructions at http://www.ubuntu.com/download/cloud/install-openstack-with-autopilot then I'd suggest "ubuntu-bug openstack"
<Razva> sarnold, jrwren, saket_ is my colleague/tech-guy :)
<saket_> yes I will
<saket_> I had configured the network and all other setup as per document
<Razva> at this point we'll reinstall maas. AGAIN.
<saket_> and followed instruction according to that
<Razva> but in 5 mins, I really need to get some fresh air.
<sarnold> Razva: go walk the dog before you lose another monitor :)
<Razva> sooo. anti-stress ball: checked. hot milk: checked. cookies: checked. let's get back to business! :)
<jak2013> arrrghhh done
<sarnold> ooh cookies :)
<Razva> sarnold aha, those with sugar on top, packaged in a round metal box!
<sarnold> ooh those buttery ones from .nl? or that pretend to come from .nl? :)
<Razva> these one *really* are from NL :D
<Razva> btw sorry for my bad english, I'm not a native...
<Razva> saket_ for how many times did we reinstalled Ubuntu in the last 3 days? I think we passed the 10 mark...?
<sarnold> that's quite alright :) much better than my romanian.. :)
<sarnold> lunch, good luck ;)
<Razva> sarnold will you be back? the entire galaxy is waiting for you to come back!
<sarnold> Razva: hmm, check those systems for dmesg entries, log entries, etc. look for something unusual
<jeeves_moss> is there a way to turn on circular logging (like syslog) for a specific log file?
<Razva> sarnold seems that my colleague fixed it with a BIND caching server
<jrwren> Razva: DNS?!? huh. figures.
<Razva> yyyyyyyyyyyup.
<Razva> hint: DON'T remove/dismiss nodes when Autopilot is bootstraping. It will fail when providing the second node.
<Razva> I can write a novel: the struggles of deploying Ubuntu Cloud
<Razva> I hope that the guy who developed autopilot will at least catch a flu, for all the trouble he's causing to the world! :))
<Razva> I'm out, cheers
<jrwren> no way, its 1000X better than the alternative.
<ddellav> coreycb let me know if i should delete the MIR
#ubuntu-server 2016-02-19
<Razva> should I use 14.04 or 14.10?
<hateball> Razva: 14.10 is EOL
<hateball> 14.04 or 15.10 are supported for now
<Razva> got it
<yeats> Razva: use LTS for servers (assuming you want to sleep at night ;-))
<Razva> yeats sleep is so overrated nowadays! :))
<Razva> omg the old MAAS version is SO ugly :|
<coreycb> ddellav, we can just set the MIR as invalid and mention what we're doing instead
<Razva> any idea if MAAS + Autopilot will create a NAT for the LAN nic?
<Razva> or should I manually create it?
<leitao> is there a place I can read about ZFS licensing issue on Ubuntu?
<rbasak> leitao: http://blog.dustinkirkland.com/2016/02/zfs-licensing-and-linux.html
<leitao> rbasak, thank you!
<caribou> smoser: I think I identified the squid-deb-proxy bug that you opened for Xenial
<caribou> smoser: but I'd like to check with mvo before introducing a delta
<Razva> any idea if MAAS + Autopilot will create a NAT for the LAN nic, or should I manually create it?
<coreycb> zul, can you upload this to xenial? https://code.launchpad.net/~corey.bryant/ubuntu/+source/python-congressclient/+git/python-congressclient/+ref/debian/mitaka
<zul> *sigh*
<zul> coreycb: this is a conspiracy to make me go over my cable internet limit right? ;)
<coreycb> zul, it is, yes
<zul> done
<coreycb> zul, thanks
<smoser> caribou, here now.
<caribou> smoser: just wanted to let you know that I hit the same squid-deb-proxy bug you reported
<caribou> smoser: We'll need to revert a debian patch that moves from squid3 -> squid in the last version
<caribou> smoser: but I want to check with mvo first as there is no delta
<caribou> LP: #1544719
<ubottu> Launchpad bug 1544719 in squid-deb-proxy (Ubuntu) "does not start on install / depends on squid which is squid3" [Critical,Confirmed] https://launchpad.net/bugs/1544719
<smoser> so that comment in the changelog:
<smoser> depend on squid3 instead of squid, thanks to
<smoser> + HIGUCHI Daisuke (VDR dai), closes: #813082
<smoser> ah. i think that might be right.  we just need to dependon squid3 instead of squid. is that what you're saying ?
<rbasak> caribou: I'm preparing a squid3 merge, so everything may break when I land bug 1473691 anyway, FYI.
<ubottu> bug 1473691 in squid3 (Ubuntu) "[FFe] squid: Update to latest upstream release (3.5)" [Wishlist,In progress] https://launchpad.net/bugs/1473691
<rbasak> I'll make a note to check squid-deb-proxy when I upload.
<rbasak> In the new upload, squid will become the primary package, and squid3 a transitional package only.
<rbasak> It's all a bit messy, hence the delay.
<rbasak> But hopefully once it's all resolved everything can settle on squid and the transitional stuff can disappear in Xenial+1.
<caribou> rbasak: the bug is caused by the fact that debian has changed squild3 to squid
<rbasak> caribou: yes but we will follow as soon as I get this upload done.
<rbasak> I'm just warning that fixing it now may not work if I break it by my subsequent upload
<caribou> rbasak: sure, I'm not touching it for the moment
<smoser> rbasak, good. please do mark that bug as fixed when you merge and upload.
<rbasak> smoser: ack
<ddellav> coreycb did you have a chance to look at that ceilometerclient test issue?
<runelind_q> I built my own landscape server to manage my Ubuntu Virtual Machines, however when I register them they show up as full computer registrations instead of virtual machines.  Is there something special I have to do to register them as virtual machines?
<coreycb> ddellav, no, I wasn't sure if I should clone the debian repo to reproduce or yours
<ddellav> coreycb i was getting it when running tests on the upstream repo
<coreycb> ddellav, ok I'll take a look
<coreycb> ddellav, well py3 tests run ok from upstream but I'm hitting a separate issue for py2
<coreycb> ddellav, py2 and py3 tests run ok on trusty
<ddellav> hmm, im on xenial
<ddellav> coreycb how did you run the tests?
<coreycb> ddellav, tox
<ddellav> i can create a trusty container on my bastion to run them and see
<ddellav> but it fails on the xenial ppa
<coreycb> ddellav, try your bastion
<coreycb> ddellav, can you point me to the failure?
<ddellav> coreycb https://launchpadlibrarian.net/240367223/buildlog_ubuntu-xenial-amd64.python-ceilometerclient_2.3.0-1~ubuntu16.04.1~ppa201602181049_BUILDING.txt.gz
<coreycb> ddellav, the output sure looks similar in that assertEqual
<ddellav> yep, and i think it's only the py34 version that fails so i was thinking it was an issue with six possibly
<coreycb> ddellav, the columns are wider though.  to quickly fix it you can probably manually run an assertEqual test in a python shell and modify the expected results and if it's just column width issues, submit a patch upstream.
<ddellav> coreycb ok, i'll take a look at that
<coreycb> zul, can you add a bug subscriber for aodh
<zul> i think i did
<coreycb> zul, yes you did, thanks
<damascene> I have this server with dns record set with a web interface. I would like to just change the dns server for one entry. how to do that?
<beisner> coreycb, staging has newer neutron and numactl for icehouse
<beisner> coreycb, also, we have icehouse proposed tested and ready for promotion monday.
<beisner> coreycb, so, going to have to hold off on the flush of staging until after that.
<coreycb> beisner, ok
<runelind_q> are there any backports for openssh-server?
<runelind_q> for 14.04
<runelind_q> I guess client as well.
<ddellav> coreycb you can look at congressclient now if you want. I added the repo to the spreadsheet
<slicslak> I have a server using zfs. I was using the PPA for it, it's been setup for a number of years. Yesterday I upgraded to 16.04 and my zpool is no longer listed.
<slicslak> The partitions are all listed correctly in /dev/disk/by-id but zpool import and zpool import -d /dev/disk/by-id result in nothing
<sarnold> is there anything in dmesg? are the spl and zfs kernel modules loaded?
<slicslak> yes, both are loaded
<sarnold> does systemctl show any errors for the various zfs units?
<slicslak> no errors. zfs-mount.service and zfs-share.service are both loaded active exited.
<slicslak> I've never used systemctl before, but it also has all my disks listed. for example, one line is dev-disk-by\x2dpartlabel-zfs.device loaded    active   plugged   WDC_WD30EFRX-68A ocean
<slicslak> ocean is the name of the zpool
<sarnold> slicslak: and dmesg? syslog? could you pastebin your zpool status and zpool import -d /dev/disks/by-id/ output?
<slicslak> zpool status is "no pools available". zpool import is literally nothing. no output.
<sarnold> slicslak: yikes :/ sorry, I've got to run. try also in #zfsonlinux -- they won't have seen many xenial sysstems yet but they're a helpful bunch :)
<slicslak> thx sarnold, appreciate it
<jak2013> when i do a sudo "apt-get update" i get this error: "E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?"   how to fix?
<bekks> jak2013: Some sources arent available, you just have to wait.
<jak2013> cant modify the resources?
<bekks> jak2013: Just use another mirror.
<jak2013> how to configure apt-get?
<rattking> Hello I am working with fai to install trusty, but I am finding that my grub-pc debconf settings get clobbered and the defaults are used. does any one know how to set grub2/linux_cmdline_default so it uses the settings I want?
<rattking> if I purge grub-ps and set "echo "grub-pc grub2/linux_cmdline_default string consoleblank=0" | debconf-set-selections" then install grub-pc my selections get reset to just "nomdmonddf nomdmonisw"
<rattking> this worked on precise
<sarnold> slicslak: any luck?
#ubuntu-server 2016-02-20
<jak2000> when i do a: aptget update i get this error messages: http://pastie.org/10729807 any advice how to fix? thanks
<jak2000> apt-get
<runelind_q> how can I register my virtual machines as vm's to my landscape server?  They all show up as full registrations instead of VMs.
<damascene> jak2000, does ping work to those sites?
<k2gremlin> Interesting thing I want to do but I can't find crap on it.. I have Sickbeard application running on Ubuntu. I only want Sickbeard to be running from say 2AM - 9AM. Is there a way to do this?
<runelind_q> hatchet way would be cron job to start and stop the service
<k2gremlin> jak2000, looks like DNS is not working
<k2gremlin> runelind_q, I didn't know there was a way to cron stop something lol
<runelind_q> service sickbeard stop
<k2gremlin> So say 2am.. 0 2 * * * ?
<k2gremlin> Ok so I need to write a script that executes that command and then cronjob that script?
<k2gremlin> And then another.. to start it back up I think
<runelind_q> can do some checking to see if the process is already running, etc.
<k2gremlin> runelind_q, I am too new to this stuff.. First I am trying to figure out how to not have the service start on startup.. sudo update-rc.d -f <service name> disable  would this work?
<runelind_q> probably, have you tried it? :)
<k2gremlin> just put it in :)
<k2gremlin> runelind_q, rebooting for test
<k2gremlin> runelind_q, Ok that worked. Now to make a .sh file that can start the service
<runelind_q> may I ask why you're only wanting to run it at certain times?
<k2gremlin> runelind_q, Wait... can I just use the scripts from /init.d ?
<runelind_q> wouldn't it be easier to just schedule your downloader to run?
<runelind_q> but yeah, you should be able to just use the init scripts.
<k2gremlin> runelind_q, hmm... ok here is my follow up question to that. The problem I am having is that SB grabs the NZB and sends to SAB. SAB downloaded the content to fast and it is failing because the content isnt fully uploaded yet. If wait a while, and try the same NZB it works. So, if I set SAB to pause downloading for my expected hours, will it work?
<runelind_q> I would think so
<k2gremlin> Ok I will try that.. Just gotta wait for new content to see if it works lol
<runelind_q> I've never had that problem though
<jak2000> k2gremlin: http://pastie.org/10729846
<jak2000> damascene: http://pastie.org/10729846
<k2gremlin> happened on two files tonight. I just set this up this week
<k2gremlin> jak2000, still getting errors on update?
<k2gremlin> jak2000, looks like dns is working.. try ping microsoft.com
<jak2000> ping www.microsoft.com
<jak2000> andwer
<jak2000> answer
<damascene> jak2000, http://askubuntu.com/questions/474549/got-nodata-issue-nodata-does-the-network-require-authentication
<jak2000> ok
<k2gremlin> runelind_q, I have SAB paused from 5PM till 11PM.. hopefully that works lol
<runelind_q> OK
<k2gremlin> runelind_q, the only other issue I am having is with Couchpotato. When I reboot the VM and launch the CP web gui, it's back to the setup screen. Like it is not saving my setup lol
<runelind_q> permissions?
<k2gremlin> not sure :/
<k2gremlin> Where would I begin to look?
<runelind_q> the couchpotato directory
<k2gremlin> they are all k2gremlin:k2gremlin
<k2gremlin> including sub dirs  and files
<k2gremlin> It is installed at /opt/couchpotato   opt folder is root:root
<runelind_q> and that's the user the process is running as?
<k2gremlin> runelind_q, Yes that is correct
<arrrghhh> jak2013, did you get your issue figured out?
<arrrghhh> I followed that guide linked on a new VM connecting to my existing server... worked fine...
<lordievader> Good morning.
<jak2000> hi all why cant update my ubuntu 14.04: http://pastie.org/10730435
<lordievader> jak2000: "E: GPG error: http://us.archive.ubuntu.com trusty InRelease: Clearsigned file isn't valid, got 'NODATA' (does the network require authentication?)" ?
<jak2000> lordievader Internal LAN problem?
<lordievader> Can you retrieve the file through a browser on that machine?
<jak2000> but wich file
<jak2000> i can try, wich file?
<tarpman> jak2000: http://us.archive.ubuntu.com/ubuntu/dists/trusty/Release and http://us.archive.ubuntu.com/ubuntu/dists/trusty/Release.gpg
<jak2000> wget http://us.archive.ubuntu.com/ubuntu/dists/trusty/Release
<jak2000> http://pastie.org/10730465
<tarpman> jak2000: did damascene's answer yesterday not answer your question? the post he linked seems pretty clear
<jak2000> done
<jak2000> opened the FORTI
<jak2000> thansk
<tarpman> jak2000: Release should have been a 57kb plain file, not a 2.4kb text/html file
<tarpman> jak2000: so yes, exactly as damascene's link, there is a middlebox or proxy somewhere between you and us.archive.ubuntu.com that is interfering.
<jak2000> escuse me not see the damascene's link
<tarpman> 21:17 < damascene> jak2000,
<tarpman> http://askubuntu.com/questions/474549/got-nodata-issue-nodata-does-the-network-require-authentication
<tarpman> 21:18 < jak2000> ok
<jak2000> ahhhh
<jak2000> yes i remember the link
<jak2000> i answer OK for reading
<tomreyn> you can try using ftp as a workaround
<jak2000> ok SOLVED the problem
<jak2000> opened some ports on FortiGate
<Pwnna> when i redirect a stdout to stderr in a shell script, how do i redirect it back?
<Pinkamena_D> I have joined a windows domain with powerbroker and if I go to add a printer and search in a print server, I can see a list of printers. Is there any way that I can get the list of ip addresses that go with these printers?
<Pinkamena_D> I can list samba shares on a machine with smbclient -L , but only the names are given. How can I resolve this to ip address?
<cryptodan_mobile> Pinkamena_D: it should just work
<danawar> Hi Ubuntu server I am trying to install a package as i want a newer version of it but I am having issues please could you advise - http://pastebin.com/AAPK8bGS
<bekks> danawar: And whats the exact issue, in your paste?
<teward> danawar: I see no 'issues' there - mediainfo needs you to provide arguments to it
<teward> danawar: your paste indicates that you are not using the command properly
<teward> specifically line #10
<tarpman> teward: other than 0.7.67 != 0.7.82
<teward> ah
<tarpman> danawar: where did you get that deb?
<teward> tarpman: true, but unless 'mediainfo' is served by a different package... :P
<danawar> tarpman: thanks - thatâs exactly it.
<danawar> teward: https://mediaarea.net/en/MediaInfo/Download/Ubuntu
<tarpman> teward: my guess is this package is installing somewhere not on PATH. maybe in /opt.
<teward> tarpman: i am pretty certain it would be
<teward> if i had the deb i'd dissect
<teward> actually
<teward> i might be able to
<tarpman> nope, i'm wrong
<tarpman> -rwxr-xr-x root/root     80520 2016-01-27 02:17 ./usr/bin/mediainfo
<teward> indeed
<teward> hmm
<tarpman> danawar: say, what version of libmediainfo0 do you have installed
<danawar> Sorry all, turns out pidgin doesnt like my work VPN
<danawar> Was anything suggested while i was away, i could not find anything in /opt
<tarpman> danawar: install the library packages from there (libmediainfo0 and libzen0) as well as mediainfo itself
<danawar> Ok will do!
<danawar> be back in a sec!
<danawar> Sorry i am back - tried from the bottom requirement http://pastebin.com/z0hjMfdf
<danawar> After trying to install libstdc++6:i386 it results in the same thing
<danawar> U guess upgrading to 15.10 would solve it
<danawar> Sorry, I guess*
<teward> danawar: what version of ubuntu are you on?
<teward> 14.04?
<danawar> 14.04
<danawar> desktop
<danawar> using it as a server
<teward> is there a reason you didn't download the 14.04 version of the software
<teward> because they have one
<teward> probably won't have those library mismatches
<danawar> 14.04 version has an issue my boss doesnt like :P
<bekks> Which one?
<teward> danawar: well, your boss has a decision to make:  use the updated version of the software that's built for 14.04, or don't use the updated version
<tarpman> the 14.04 debs from the same page you got the mediainfo deb from. your mediainfo deb had 14.04 in the name...
<bekks> And 14.04 uses the same kernel for server annd desktop - they just differ in the software installed by default.
<danawar> Ok, i guess if he wants the newer version then we need to upgrade to 15.10 or <
<tarpman> danawar: what? on https://mediaarea.net/en/MediaInfo/Download/Ubuntu the library etc debs are all the same version for every ubuntu release
<tarpman> danawar: you don't have to upgrade, you just have to download the debs (mediainfo *and* libraries) for the ubuntu release you're actually running.
<danawar> tarpman: sorry i just looked at what i downloaded i some how downloaded the 15.10 - let me go have another go! BRB
<tarpman> danawar: that's what teward meant by "is there a reason you didn't download the 14.04 version of the software" :P
<danawar> tarpman: + Others: Thanks it was successful only after I accidentally downloaded the AMD one first... - its been a long day :P
<tarpman> danawar: speaking of, any particular reason you're running a 32-bit system?
<tarpman> (i386)
<danawar> tarpman: That is just the OS IT installed up in head office! I'm not sure if the machine can use a 64 bit OS.
<bekks> danawar: Which processor does it have?
<danawar> bekks: One moment let me VPN in and ill get back to you!
<danawar> bekks: http://pastebin.com/0im7Pczr
<danawar>  Intel(R) Pentium(R) 4 CPU 3.00GHz
<bekks> danawar: Thats an ancient 32bit processor.
<danawar> It just about does the job ;)
<bekks> Very very slowly... :P
<danawar> Well i'm here does any one know why pidgen would drop out when i connect to my work VPN. I also cant git push?
<bekks> danawar: that because your VPN administrator does not allow insecure bridge heads to be used.
<danawar> bekks: Is there any work around my side that would allow me to access my server but not have everything go through the VPN?
<bekks> danawar: Not without talking to your VPN admin and asking him for reconfiguration of the VPN.
<danawar> Is there any where I can find out more about insecure bridge heads I cannot seem to find much information on it?
<bekks> danawar: A bridge head is an insecure VPN configuration allowing a client to connect to a server using the VPN while still being able o connect to hosts outside of the VPN.
<bekks> danawar: Ask your VPN admin :)
#ubuntu-server 2016-02-21
<tarpman> bekks: is that the same thing as "split tunnel"?
<faddat> hi-- anyone here have the slightest clue how to run ubuntu Xenial on GCE?
<faddat> I am at like 3+ hours on that one problem, and I'd really love to be off of it
<faddat> I know of this:  https://cloud-images.ubuntu.com/releases/16.04/alpha-2/
<faddat> but I do not know of how to get those images onto GCE.
<skylite> could someone take a look at this initscript? I am very curious why it knows it should start in the name of the bitlbee user: http://pastebin.com/nZX6Ucx3
<tomreyn> skylite: i don't see it either. maybe it starts as root and then drops privileges and su's to this user itself?
<skylite> tomreyn it should be here then no? i just start it as service bitlbee start
<tomreyn> what should be where?
<skylite> the su command in the init script
<tomreyn> i was referring to the binary doing this itself
<skylite> tomreyn  youre right
<skylite> th
<tomreyn> i haven't checked whether it does, i'm just suspecting this
<tomreyn> if you run strings on the binary it will list entries which suggest it may have this capability.
<skylite> i just run the bitlbee binary as root and ps aux | grep bitlbee says its not running as root
<skylite> so this must be it
<tomreyn> makes sense
<Razva> hey folks! my maas server has two nics: one for net and one for lan. I've setup the lan nic, via maas, to offer dhcp and dns. dhcp works, dns doesn't.
<Razva> all lan clients get IPs from the maas-dhcp, BUT seems that internet is not accessible from lan clients. should I setup nat, or this should be done by maas?
<trippeh> hmm. on my newly installed xenial systems less no longer shows up as a pager alternative.
<trippeh> the postinst seems incomplete.
<trippeh> yup. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812252
<ubottu> Debian bug 812252 in less "less not any more registered as "pager" alternative" [Normal,Open]
<Caroga> hi ! Anyone in here a hero on LVM? I'm having troubles recovering some of my LVM pv's and the interwebs isnt helping me much, just making me more confuzz
<Caroga> pvcreate --uuid etc etc isnt allowing me to restore my device :(
<Razva> Failed to get ip directly: [Errno -2] Name or service not known
<Razva> when deploying openstack with juju
<tucemiux> can you guys recommend a lightweight desktop to graphically manage kvm?
<Caroga> anyone here?
<damascene> Caroga, sure, just ask you question and wait for an answer. most channels on freenode works like that
<Caroga> damascene: I know, i've done so 3 hours ago without response, that's why I'm asking if there is any activity at all.
<Caroga> [18:07:34] <Caroga> hi ! Anyone in here a hero on LVM? I'm having troubles recovering some of my LVM pv's and the interwebs isnt helping me much, just making me more confuzz
<Caroga> [18:08:19] <Caroga> pvcreate --uuid etc etc isnt allowing me to restore my device :(
<damascene> did you try upstream channel?
<Caroga> nope, which would be the upstream channel ?
<Caroga> damascene: thank you so much ! I just found #lvm existed
<damascene> Caroga, yeah I just checked it. I hope you got an answer. first thing required here is keeping patience
<Caroga> thank you for the reference.
#ubuntu-server 2017-02-13
<zeta> Does ubuntu server need as much swap as there are ram ? (it is the default!) Thinking of resizing the swap from 32 GB  (on a 40 GB SSD) because I'm running out of disk space on root
<sarnold> zeta: 1 or 2 gigs would be best
<sarnold> if you need more swap than that then there's something wrong with the amount of hardware you're using for the job :)
<JanC> or just use swap files instead
<sarnold> also fine choice
<sarnold> the defaults are terrible though, no two ways around that
<JanC> the defaults are so that you can suspend, I guess, but that's probably less useful for most servers...
<zeta> wanted to double check because of the default
<zeta> there might be use cases for hibernation, but I'm not using it
<skylite> if I do file -i mytextfile I get charset=iso-8859-1 but inside the file the characters are UTF-8 encoded. How is that possible?
<nea1> hi, I have a Cloud Image based server, where I configured a bridge (br-mgmt) and after rebooting I haven't found a single error in the logs, but br-mgmt is down - `systemctl restart networking` solves the Problem, anyone with an idea what could be wrong?
<frickler> coreycb: jamespage: could you take a look at https://bugs.launchpad.net/ubuntu/+source/murano/+bug/1659270 please? zigo has fixed it upstream, should only need a sync
<ubottu> Launchpad bug 1659270 in murano (Ubuntu) "Startup of murano-cfapi is broken" [Undecided,New]
<xnox> cpaelzer, whoop whoop =) new qemu
<cpaelzer> yep xnox
<cpaelzer> it was actually good for 2 weeks, but one of the dependent dep8 failed due to OOM
<cpaelzer> thanks to apw this got a test on a bigger machine and migrated now
<cpaelzer> apw: btw - is there any flag that coreycb / zul could add to d/t/* mark this test to need more ressources ?
<apw> cpaelzer, nope, this is a per package hint server side
<cpaelzer> apw: is the hint you added persistent now ?
<apw> cpaelzer, yes
<zul> frickler:its been fixed in zesty
<frickler> zul: looks like it at least would need another sync into ocata UCA, then. getting a fix for Newton, which we are currently deploying, would be even better
<zul> frickler: yeah i might add it to the next SRU cycle thats probably going to happen this week
<coreycb> cpaelzer, apw: thanks for the hint update
<BlackDex> hello, i'm trying to fix my own ipv6 router/tunnel/gateway
<BlackDex> i have a server which has an ipv6 subnet
<BlackDex> on that server i created a inet tunnel mode sit
<BlackDex> i created a v4tunnel on the client side
<BlackDex> that all seems to go well
<BlackDex> i can connect
<BlackDex> i can even ping a local ipv6 on the server and get response
<BlackDex> but if i want to ping to google on ipv6 for instance it stops
<BlackDex> i allowed forwarding in the v6 iptables, if i add logging i see the request is getting there
<BlackDex> also tcpdump shows this
<BlackDex> but it is not passing the request, like it is not routering it or something
<BlackDex> i also have enabled the net.ipv6.conf.all.forwarding
<BlackDex> so what am i missing?
<cpaelzer> rbasak: can your permissions clean the non Ubuntu AppArmor, libvirt, and systemd tasks from bug 1594902 ?
<ubottu> bug 1594902 in libvirt (Ubuntu) "Failed to upgrade to libvirt-bin 1.3.1-1ubuntu10.1 on Ubuntu 16.04 64-bit" [Undecided,Confirmed] https://launchpad.net/bugs/1594902
<rbasak> cpaelzer: I can set the upstream AppArmor task to Invalid. But I can't do anything with the other two.
<rbasak> cpaelzer: a workaround might be to change the project for those tasks to Ubuntu. Then you might be able to delete them :-)
<cpaelzer> rbasak: that was evil but it worked
<cpaelzer> the log on this bug looks messy now
<cpaelzer> it all quickly was qemus fault, but then not :-)
<BrianBlaze420> good morning
<BrianBlaze420> I am curious if there is a "fully updated" iso of older versions of ubuntu server
<BrianBlaze420> I am looking for ubuntu 8 LTS updated as much as it could be and am curious if such things exist?
<BrianBlaze420> upon further looking up it seems that Ubuntu 8.04.4 LTS is the final version :)
<Pici> BrianBlaze420: it is, also 8.04 went fully EOL in 2013.
<BrianBlaze420> yeah I am aware just trying to update a server it 8 LTS so I need to make sure I can test :)
<BrianBlaze420> it is 8 LTS*
<jamespage> coreycb, where are we with ocata b3/rc's?  I'd like to flush things through before we to much closer to release daty
<Ussat> I would not update from something that old
<Ussat> I would clean install
<cpaelzer> coreycb: FYI for bug 1641532 the Xenial and Yakkety fixes are now in the unapproved queue for SRU
<ubottu> bug 1641532 in Ubuntu Cloud Archive liberty "machine-types trusty and utopic are not unique (depend on the qemu version)" [Critical,In progress] https://launchpad.net/bugs/1641532
<cpaelzer> coreycb: just FYI so you can coordinate UCA release of the change
<coreycb> jamespage, they're not completely tested, but i agree
<OerHeks> BrianBlaze420, there is no fully updated server iso, you * could *  do the old-releases trick, just for testing
<jamespage> coreycb, I'm sure mwhahaha would rather have visibility sooner than later
<coreycb> jamespage, let me put some focus on that and come back to the charm stuff
<OerHeks> BrianBlaze420,  see https://help.ubuntu.com/community/EOLUpgrades .. but i guess you waste your time
 * jamespage looks at the reports
<BrianBlaze420> yeah I know what I said didn't make sense but I could only find the original iso and not the later realeaes of it
<BrianBlaze420> I found the last release and will work with that :)
<BrianBlaze420> the idea is to update to the latest LTS :)
<jamespage> coreycb, lest at least push to -proposed
<OerHeks> BrianBlaze420, 8.04 > 10.04 > 12.04 > 14.04 > 16.04 ...
<drab> BrianBlaze420: I've tried things like that before and only had trouble, like a lot of it, to the point that I don't do it anymore, I just look for ways to reinstall, swap something in or whatnot
<BrianBlaze420> I am stubborn and so will try myself and see where it leads me. I appreciate the input :)
<drab> sure thing, np
<OerHeks> BrianBlaze420, have fun :-D
<coreycb> cpaelzer, ok sounds good. mind pinging me when they're in proposed and then i'll get the patch into liberty-proposed?
<cpaelzer> coreycb: you should be subscribed to the bug, but I'm fine pinging
<cpaelzer> coreycb: I'll run my full test matrix anyway then
<coreycb> cpaelzer, yeah i think i am
<cpaelzer> hope for good SRU review on that - it is complex enough to drive anybody mad
<zul> coreycb: so manila barfs with sqlite because its trying to rename a colum, fyi
<coreycb> zul, is that an upstream bug?
<zul> coreycb: yeah
<coreycb> zul, ok got a bug #?
<zul> coreycb: i switched the dep8 test  to use mysql
<zul> coreycb:not yet
<coreycb> zul, ok
<zul> coreycb: https://bugs.launchpad.net/manila/+bug/1664279
<ubottu> Launchpad bug 1664279 in Manila "Traceback when configuring manila with sqlite." [Undecided,New]
<drab> another problem I'm getting with preseeding is if I'm trying to reinstall a box that had disks with raid on it
<drab> it seems like mdadm will detect the raid and set the device up, at which point the installation fails because "resource is busy"
<drab> I have to get onto another console, dd the MBR/kill the raid, and then reboot/re pxe and it works
<drab> googling around it seems people have had a similar problem and are basically doing the same with a d-i early command, but that seems kinda nasty...
<drab> does anybody know fo a better solution?
<drab> this is basically a similar problem to the one I was asking the other day with the installer failing because there was no "root" partition defined, which is just a symtpom of not wiping the disk and repartition but trying to reuse what's there
<patdk-wk> you can reuse what is there
<patdk-wk> but you still have to label to the installer what partition is should be installed with what
<patdk-wk> assign root, boot, swap, maybe home, var, usr, ...
<drab> patdk-wk: that's the thing, I don't want, these disks were from another system. And in pretty much all the cases I have I don't care about reusing
<drab> quite the opposite, I wish there was just a "nuke" option
<drab> that stopped asking so many questions and just simply wiped and reinstalled everything completely disregarding what's there
<patdk-wk> there is
<drab> I knwo what you're talking about, doesn't work for me it seems, maybe I'm doing something wrong
<drab> I think I know*
<drab> d-i partman/confirm , partman/confirm_nooverwrite
<drab> is that what you had in mind?
<drab> also to make matters worse with preseeding it seems the ubiquity installer doesn't honor a whole bunch :(, but I guess that's not a ubuntu-server problem
<zul> rbasak: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1645772
<ubottu> Launchpad bug 1645772 in ironic (Ubuntu Yakkety) "[SRU] newton stable releases" [Undecided,Incomplete]
<zul> coreycb: https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1664306
<ubottu> Launchpad bug 1664306 in nova (Ubuntu Yakkety) "newton stable SRU releases" [Undecided,New]
<teward> powersj: ohai
<powersj> teward: hi
<teward> powersj: thanks again for your triage work on NGINX bugs, but when the error is 'nginx.conf missing' it's able to be considered Invalid, because that's not a package issue, usually a system-specific issue but not a bug and easy to work around
<powersj> teward: ah that makes sense. Sorry I have a habit of moving to incomplete to let the user try to fix that and get back to us.
<teward> powersj: no problem :)
<powersj> Did you already fix that up?
<teward> powersj: there's also a few other cases as well to point out
<teward> "address in use" as "cannot bind to :80" is also an Invalid
<teward> and I think a few others that *should* already be caught by the apport hooks I wrote
<teward> probably gonna have to update them after the merge
<teward> powersj: and yep I did
<teward> and provided the workaround
<powersj> ok, thanks for that list I'll add those to my notes
<teward> powersj: no problem, hope you don't mind me poking
<teward> :)
<powersj> teward: please do :) appreciate it
<teward> I should probably document NGINX-specific bug triage things on the wiki
<teward> 'cause there's a few cases that are known to show up occasionally but aren't package issues
<teward> (and especially show up on VPSes built from a premade KVM or OVZ image)
<teward> powersj: far be it for me to tell the Canonical Server Team what to do, but... :P
<powersj> haha
<teward> i do appreciate the triage work though, it helps me quickly weed out the evil ones
<teward> and then focus on actual bugs
<teward> current focus: nginx merge from Debian
<teward> now that the several hours of evil PIE-failure debugging is fixed heh
<teward> but first, my midterm studying needs done.
<powersj> :) good luck
<teward> meh not really that hard
<teward> just have to 'start over' like we did for 14.04 and build the delta from scratch again
<teward> given the radical changes to the packaging it's easier to rebuild than merge
<teward> the core issue was the fPIE/fPIC compile evils, but now that that's been fixed in Debian, yay less delta for me :P
<teward> (but never an issue except for the merge heh)
<teward> as for the midterm, blah
<teward> it's art history, as long as I get a B I will be happy
<sarnold> ruebens liked fat people, bosch was insane. lapis lazuli. and, uh, caravaggio
<sarnold> how'd I do?
<teward> *throws an Ubuntu 17.04 USB stick at sarnold*
<teward> sarnold: of relevance, pending SRU, because HTTP/2 stuff/fixes, just so you're aware. https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1663937
<ubottu> Launchpad bug 1663937 in nginx (Ubuntu Yakkety) "[SRU] Please update nginx in Xenial and Yakkety to 1.10.3" [Wishlist,Triaged]
<sarnold> teward: nice
<teward> and i'm still working on the merge.
<teward> after my midterm :p
<nacc> jgrimm: i think my blueprint stuff is all in -proposed or -release now, fyi -- just working on getting it into -release as appropriate
<jgrimm> nacc, nice! indeed the bp is quite green for the most part excepting for testcase failures (that are not related to the specific upload)
<nacc> jgrimm: yep
<coreycb> jamespage, ocata-staging is ready to promote
<coreycb> jamespage, one more charm update needed for cinder
<teward> server team members: is there anywhere specific I can drop a Wiki page with certain special-cases for nginx triage that diverge from standard triage procedures?
<teward> nginx bug triage*
<teward> I know i told powersj here direct those two special cases, but...
<nacc> teward: probably worth doing somewhere under the ServerTeam pages, but don't konw specifically where
<nacc> jgrimm: powersj: --^
<dgarstang> I'm booting an Ubuntu AMI with 2 x 2Tb disks. Looks like cloud-init only formats them to 1Tb???
<powersj> hm so I do have a page that I keep for my use of responses and tips
<powersj> teward: I added your notes to it, but gotta remember to look at it :P https://wiki.ubuntu.com/DebuggingServer
<powersj> ideally we update the apport stuff to auto invalidate those
<jgrimm> nacc, powersj, teward: additionally feel free to add a nginx as a "Project of Interest" with its own page if you feel that's useful too.
<nacc> jgrimm: good point!
<jgrimm> its pretty free form as long as we don't go crazy with clutter / desire to keep updated & relevant
<teward> jgrimm: where would i put that?  just under the Server Team?  Until we get a buttload of NGINX issues that deserve a whole page, I think shoving it into DebuggingServer will work.  So I'll go poke there.  Probably deserves its own page somewhere in the triage guide, or a link to that page heh
<jgrimm> teward, off the main Ubuntu Server page there is a section for "Packages of Interest" to link their own pages.  Just offering that up if there's enough useful info to put in its own page.
<jgrimm> I'm fine with DebuggingServer
<nacc> teward: and you can do a link with ancchro on the triage page, myabe?
<dgarstang> I'm booting an Ubuntu AMI with 2 x 2Tb disks. Looks like cloud-init only formats them to 1Tb???
<powersj> fwiw I like the separate page idea as well + a link
<teward> jgrimm: I will probably write a page, at some point.
<teward> nacc: I'm not awake, ancchro?
<jgrimm> teward, sounds good
<teward> s/awake/fully awake/
<teward> powersj: i tweaked said page a little, added log excerpts as examples of such cases.
<powersj> teward: ok thx
<teward> There's another case I know that is also Invalid, but I forget what it is at the moment
<teward> I think it's "Please add foobarbaz to nginx" where foobarbaz is any given third party module
<nacc> teward: typos! anchors :)
<teward> yay wiki lag >.<
<teward> powersj: even better, now, canned comments to use for those two cases.  :p
<powersj> teward: oh see now you are marking me really happy :)
<teward> at some point this is going to become infinitely long, so I'll have to move it to its own 'Package of Interest' page heh
<powersj> keeping that my cut-and-paste page :)
<teward> powersj: i give two separate canned comments, depending on which case we see, feel free to adjust as you wish (same for all other Server Team people).
<teward> but it will at least indicate of course the status to set, why we set it, and how someone should respond if they still think it's a bug.
<teward> And since i'm subbed to ***every*** nginx bug for all notices, even if the bugs are closed as INvalid or such, I'll see the alerts xD
<teward> even if the rest of the Server Team doesn't :)
<teward> ooo I see LXC is on the POI page...
<teward> I got tired of having to manually adjust all my LXC containers, I wrote a fairly in depth Python script that can create a container *and* modify the container, sort of 'bootstrapping the container to specified needs' at the time of creation.
<teward> it's on github now xD
<teward> in case, you know, anyone is interested :P
<teward> (it's not LXD, but that's because dnsmasq wouldn't behave with LXD on my system oh well)
<jamespage> coreycb, ok promoting to -proposed now
<coreycb> jamespage, thanks
<dgarstang> I'm booting an Ubuntu EC2 instance with 2x2TB disks attached. They are mounted as 1Tb disks instead. I think cloud-init is doing this. Is this a known bug in cloud-init?
<powersj> dgarstang: you could ask in #cloud-init, but I don't think so. They probably will want to see your cloud-config if you are doing any customizing
<dgarstang> powersj: Zero customization
<dgarstang> I don't think it's a filesystem issue. Fdisk reports the disks as 2Tb each
<dgarstang> I have an instance with 2 x 2Tb disks. When I run "mount -t ext4 /dev/xvdj" I get a 1Tb volume. Why?
<nacc> dgarstang: look at how they are partitioned? what format, etc.
<teward> jgrimm: what should go in the "Packages of Interest" page, if I decide to make one?
<jgrimm> teward, its really free form, if you feel important items to know about nginx in ubuntu
<teward> cool.  It will contain a brief blurb about what it is, maintaining it, what to not ask about, and a small guide to the versions in the Repositories.  Since they're all different right now :P
<jgrimm> teward, sounds good. thank you!
<teward> jgrimm: I made a note on the whiteboard for the server work blueprint
<teward> namely about http/2 readiness/stability in Apache, because IIRC the Security team NACK'd it
<teward> not sure if that's changed
<mwhahaha> jamespage, coreycb: did you guys propose m3 or rc1?  there's a bunch of stuff that got broken/fixed for nova between m3 and rc1
<teward> (it's why NGINX has HTTP/2 but not Apache currently)
<jgrimm> teward, I saw that (and yes I was aware), nacc just wanted a reminder to look at it again in the future
<teward> OK
<teward> still leaving my comment if there's no objection :)
<jgrimm> no objection at all! :)
<teward> cool.  :)
<coreycb> mwhahaha, rc1 was promoted to -proposed a few hours agao so may still be in progress
<mwhahaha> coreycb: http://logs.openstack.org/66/433266/1/check/gate-puppet-openstack-integration-4-scenario002-tempest-ubuntu-xenial/e043e14/console.html#_2017-02-13_21_16_13_600854 so you're missing the create_cell command
<mwhahaha> which i thought was in rc1
<mwhahaha> maybe we don't have it yet in that test run
<mwhahaha> ah nm still b2, 2:15.0.0~b2-0ubuntu4~cloud0. i'll check on it tomorrow
<coreycb> mwhahaha, ok cool, create_cell will be in rc1.  i've been using it the past week while testing staging.
#ubuntu-server 2017-02-14
<teward> jgrimm: powersj: https://wiki.ubuntu.com/ServerTeam/NGINX, for your perusal, complete with a lot of anchors for fast-linking to things
<teward> nacc: you suggested adding this to the Triage page, it'll go under ServerTeam/NGINX with a link to the anchor, that should work right?
<powersj> teward: dang!
<nacc> teward: yeah, i think so
<trippeh> (just a random remark regarding the wiki page), nginx aio seems to work better these days. it was very unstable before.
<teward> trippeh: it's still not enabled, and until it's proven otherwise to work without issue in all the modules shipped, I'm not enabling it
<teward> you're right, it works 'better', but with third-party modules it fubars debugging still, according to my contact in Debian.
<teward> powersj: yes, I write a lot sometimes.  WIth 30 minutes of bull-crap going on in my course right now, I kinda focused on the wiki page :P
<trippeh> oh. no idea about third-party modules.
<teward> problems?
<teward> trippeh: indeed.  nginx-core is the only one that it'd not effect, nginx-light, nginx-extras, nginx-full, libnginx-* for modules not from NGINX upstream code tarballs/repositories are all going to be Universe and have third-party modules
<teward> (once i do the merge)
<teward> powersj: nacc: feel free to use this tazer on me if you think I overdid it.
<teward> *hands powersj and nacc each a taser*
<rbasak> teward: I'm not sure of the background, but that wiki page looks really useful. Thanks!
<teward> those four special-cases are evil and have special handling.
<teward> rbasak: multiple triage difference procedures
<teward> for certain cases
<teward> I called out powersj earlier for one case
<teward> i updated the DebuggingServer comments.  Then I decided to document all this in a page.
<teward> And then some.
<teward> (I have no life lol)
<rbasak> teward: I think you're setting a great example here. We should have one of these pages for every package :-)
 * rbasak disappears to bed
<axisys> trying to boot a system for the first time and forgot to build the lun with raid controller.. so trying to install ubuntu 14.04 server iso, it got stuck at no root file system and realized I did not build a lun yet.. so on next boot I could not catch the part where I will build the run and it went through and stuck at .. "Welcome to GRUB! error: no such device: HPEZCD240." any suggestion how I got
<axisys> that error? need to call the site tomorrow, to reboot and try to build the lun through raid controller..
<axisys> "..could not catch the raid configuration part and it went.."
<stanford_ai> when I sudo su otheruser, then run cheese, I get (cheese:9920): Gdk-ERROR **: error: XDG_RUNTIME_DIR not set in the environment.
<lynorian> stanford_ai, firstoff if you know that users password you do not have to use sudo
<stanford_ai> lynorian, how do I do it?
<lynorian> su otherusername
<stanford_ai> oh I got it
<stanford_ai> thanks! and about the video?
<lynorian> then need to use xhosts
<stanford_ai> how?
<lynorian> I think that is the command I should check the man page
<stanford_ai> xhost. but what am i supposed to do with it?
<lynorian> xhost +otheruser
<lynorian> allows otheruser to run X applications when you are logged into X
<lynorian> although this seems more like a #ubuntu question
<stanford_ai> i did that. still: ** (cheese:11599): WARNING **: Could not open X display
<lynorian> ah you need to be in X11 to run cheese
<lynorian> your server has a webcam?
<lynorian> cheese is an x11 desktop application
<sarnold> just ssh -X in and skip all that horrible X stuff
<stanford_ai> it's not a server. it's my laptop
<stanford_ai> I don't wanna use my own user to let others ssh in and work on it
<stanford_ai> but i need to run stuff in this laptop
<stanford_ai> they ssh in to another user
<stanford_ai> and I su otheruser to work with them
<stanford_ai> it all needs to be in the home directory
<stanford_ai> but I can't run cheese from that user apparently. any ideas?
<JanC> why would you need cheese on a server anyway?
<stanford_ai> it's not a server. it's my laptop.
<cpaelzer> stanford_ai: I'd agree with sarnold, ssh -X in which will set up the env for X forwarding as you need it
<stanford_ai> cpaelzer, awesome. that works. what's the difference between -Y and -X ?
<sarnold> I think in debian and ubuntu they're patched to be identical
<nikeshm> how can we change iscsi initiator name in ubuntu 16.04
<nikeshm> i changed /etc/iscsi/initiatorname.iscsi and restart the service but then i am not able to see the target LUN
<nikeshm> ?
<sarnold> did you log in to the target again?
<nikeshm> sarnold: its worked with ubuntu 14.04
<nikeshm> yes i logged in again
<nikeshm> and log in was successful
<nikeshm> but only lun 0 is visible
<nikeshm> not other luns
<nikeshm> sarnold: i restarted open-iscsi after changing /etc/iscsi/initiatorname.iscsi
<sarnold> nikeshm: are there any errors in dmesg? logs? journalctl output?
<jamespage> coreycb, zul: we might have to include libseccomp in the UCA for ocata - ppc64el build failure in proposed for qemu lookslike it needs >= 2.3.0
<jamespage> cpaelzer, ^^ does that sound right?
<jamespage> zul, hmm
<jamespage>  sbuild-build-depends-nova-lxd-dummy : Depends: python-sphinx (>= 1.5.1) but 1.3.6-2ubuntu1 is to be installed
<cpaelzer> jamespage: seccomp got enabled for ppc this cycle yes - I don't know about the minimum version
<jamespage> zul, coreycb: hey can we get a bump of networking-odl in for ocata please
<cpaelzer> jamespage: should be libseccomp-dev (>> 2.1.0)
<cpaelzer> that is the min the control file specifies
<jamespage> cpaelzer, configure fails with "Install libseccomp devel >= 2.3.0" on ppc64el
<jamespage> xenial has an older version
 * jamespage ponders if seccomp is used inthe context of openstack anyway
<cpaelzer> I found it
<cpaelzer> yes on ppc 2.3
<cpaelzer> "Support for ppc/ppc64 is official in libseccomp 2.3.0" that is from upstream
<cpaelzer> that is actually a miss in the control file - the minimum version needs to be raised, thanks
<nikeshm> sarnold: checking
<nikeshm> is there any guidelines for how to change the initiator name without reboot in ubuntu 16.04
<nikeshm> i am using open-iscsi
<nikeshm> sarnold : no error in logs
<nikeshm> any one faced the issue
<zul> jamespage: ack on odl
<nikeshm> sarnold: sudo iscsid restart is solving the issue
<frickler> cpaelzer: seems like your strongswan upload is still hanging in the queue and the earlier ppa isn't available anymore, do you still have a working build somewhere or do I have to build it myself?
<frickler> cpaelzer: regarding https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1587886 that is ;)
<ubottu> Launchpad bug 1587886 in One Hundred Papercuts "strongswan ipsec status issue with apparmor" [High,Triaged]
<cpaelzer> frickler: my ppa is cleared as I expected the SRU to hit proposed rather soon
<cpaelzer> frickler: the test I'd ask you to make needs it in proposed, you can't verify it before it is there
<frickler> cpaelzer: yeah, but I'd need the package to fix some of my servers now. so I guess I'll have to build it myself, then ;)
<cpaelzer> frickler: if you need an interim ppa for whatever reason I can quickly create one for you if that helps you
<frickler> cpaelzer: that would be nice, yes, please
<cpaelzer> frickler: x86 is ok, or do you need more arches?
<frickler> cpaelzer: amd64 rather
<cpaelzer> frickler: sure, that is what I meant
<cpaelzer> frickler: sorry
<cpaelzer> frickler: ok, I uploaded to https://launchpad.net/~paelzer/+archive/ubuntu/bug-1587886-strongswan-apparmor-disconnect
<cpaelzer> frickler: and versioned it in  a way that it is superseded by the SRU once it is out
<cpaelzer> building shortly
<frickler> cpaelzer: great, thanks
<jamespage> cpaelzer, just need to figure out whether to disable seccomp for the backport to the Ocata UCA, or backport seccomp as well
 * jamespage ponders
<cpaelzer> jamespage: just disable seccomp support for power that would be
<cpaelzer> jamespage: the powerless arches work with the older seccomp
<boichev> is this the right location to ask for openstack installed from cloud-archive:icehouse that I want to upgrade to Mitaka ?
<cpaelzer> jamespage: arm would need 2.2 but that is not enabled for seccomp in qemu
<jamespage> boichev, its as good as any :-)
<boichev> :) So I am looking at the openstack support model on ubuntu and I am planning on how to upgrade an Icehouse release on 14.04 to something newer ....
<boichev> I guess to go to Mitaka I need to stop all services on all nodes then upgrade to 16.04 and replace the cloud-archive repo and upgrade the openstack part....
<boichev> But I can't find any documentation
<EmilienM> coreycb, jamespage: quick info, you updated ocata packages, our CI works fine, zero issue until now.
<jgrimm> rbasak,  did you perhaps want to chair irc today, to try out thoughts on how to lean on meetbot more for note taking?
<rbasak> jgrimm: sure
<jgrimm> rbasak, excellent thanks.  rharper you are off the hook for today ^^ ;)
<jamespage> EmilienM, great news - thanks for the feedback!
<EmilienM> cool, good work folks
<jamespage> EmilienM, I have one non-x86 build failure to deal with and we'll promote to -updates
<jamespage> boichev, sorry missed you response
<EmilienM> jamespage: ack
<EmilienM> mwhahaha: ^ fyi we might want to switch stable/ocata to it when it's updated
<jamespage> boichev, the short answer is that you need to step through all of the Ubuntu cloud archive pockets for trusty - so that's juno, kilo, liberty, mitaka
<jamespage> ensuring that you do the db migrations for each service on each step
<jamespage> then you could do the upgrade from 14.04 -> 16.04 inplace but it will be disruptive
<jamespage> you might want to consider a rolling upgrade approach, bringing up 16.04 based mitaka longside 14.04 mitaka, and then migrating services and instances
<elliotd133> http://pastebin.com/iMiBe2U2
<elliotd133> I set up bonding like that, but bonding doesn't appear to be active on reboot/ifup/down
<elliotd133> ubuntu 14.04.5
<mwhahaha> jamespage: we're seeing failures when we go to install mitaka keystone, http://logs.openstack.org/90/433290/4/check/gate-puppet-keystone-puppet-beaker-rspec-ubuntu-trusty/8620825/console.html#_2017-02-13_23_26_25_786080 thoughts?
<frickler> elliotd133: instead of "slaves none" I'd rather use "bond-slaves p11p1 p11p2", not sure about the "bond-primary" lines, too
<cpaelzer> nacc: thanks for accepting all tasks, I could clean those that were version specific - looks correct now
<jamespage> mwhahaha, nothing springs to mind - keystone has not had an update since Tue, 27 Sep 2016 08:23:13 -0400
<nacc> cpaelzer: yep
<jamespage> mwhahaha, hmm
<jamespage> /usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py
<mwhahaha> jamespage: ok i'll keep digging, it seems to be a dep issue since it's failing when keystone-manage runs on the install
<jamespage> ^^ might be something pip installed conflicting with the bits in the archive
<jamespage> mwhahaha, ^^
<mwhahaha> we don't pip install
<mwhahaha> we're purely packaging
<jamespage> mwhahaha, the puppet modules don't
<jamespage> but something has installed into /usr/local on that gate machine
<frickler> can we get an update of Horizon in Newton to 10.0.2, please? http://docs.openstack.org/releasenotes/horizon/newton.html#id1
<mwhahaha> jamespage: hmm ok i'll take it up with infra then, thanks for the pointer
<jamespage> mwhahaha, my best guess - I just checked a mitaka deployment I did earlier today and I don't see the same problem
<jamespage> frickler, I think zul is working on some newton updates
<frickler> jamespage: that would be great, thx.
<axisys> booting a system using ubuntu iso and cannot install since raid controller is not configured yet to provision a disk.
<axisys> any way to do that from busybox?
<axisys> I exited to shell from the install
<axisys> and at shell now
<joelio> axisys: when you say raid controller, do you mean a hardware one as opposed to using mdadm?
<joelio> if it's hardware, generally you'd configure that at POST (say a Dell PERC.. although you can do some via ipmi etc)
<joelio> if it's software then it's a different tact and one you can defintely do with the 'server' install (alternate as it used to be known)
<axisys> joelio: hardware
<axisys> need to find out if I can configure a raid controller through serial port
<axisys> this is HP DL360 gen9
<axisys> ipmi has no IP yet.. plus doubt if we have license to take advantage of raid config through ipmi
<axisys> ah.. did I mention no cable connected to the ipmi/iLO rj45 port.. so only connected now through serial port and it already has an IP ..
<axisys> but disk is provisioned yet
<elliotd133> frickler: Thanks, I tried bond-slaves originally under the bond0 interface and it did the same thing
<elliotd133> frickler: The reason I have bond-primary lines is due to the documentation for bonding regarding upstart systems: https://www.kernel.org/doc/Documentation/networking/bonding.txt
<patdk-wk> is there some way to force apt-get to install a package that conflicts with another package?
<patdk-wk> want to test them both, alternately
<nacc> patdk-wk: conflicts in what way?
<nacc> patdk-wk: or which package(s)?
<patdk-wk> nut vs apcupsd
<patdk-wk> they don't really conflict, just the packages are marked that way so people don't do something stupid
<nacc> hrm, nut on yakkety has no conflicts
<patdk-wk> on xeries
<nacc> apcupsd conflicts with ups-monitor afaict
<nacc> ah nut-client and apcupsd?
<patdk-wk> nut-server and apcupsd
<nacc> i think only because ntu-server depends on nut-client
<nacc> *nut-server
<tarpman> patdk-wk: apt-get download and dpkg -i --force-conflicts?
<nacc> yeah, that'd be my suggestion as well
<nacc> i don't believe you can get apt to do it for you, easily
<patdk-wk> ya, ups-monitor causes install to fail :(
<BrianBlaze420> alright so I have managed to clone my system and get it working on a new box as I am going to be upgrading this ubuntu 8 LTS server. My issue is that even though I can see the ethernet card in lspci yet I don't see it in ifconfig
<BrianBlaze420> I am curious how to get the ethernet card to work. when I google it's all about newer ubuntu systems
<alkisg> Ubuntu 8.04? Wow... :D
<BrianBlaze420> :)
<BrianBlaze420> this is why I need to move forward lol
<tarpman> BrianBlaze420: just 'ifconfig' may not show all interfaces if they aren't active; try 'ifconfig -a'
<BrianBlaze420> i do -a and it only sees my lo
<alkisg> Well, if the kernel is from 2008, and the card from 2015, it's possible that it's not supported. What is the lspci output for the card?
<BrianBlaze420> the card works when I install 8 from scratch
<BrianBlaze420> this is a clone
<tarpman> check dmesg
<alkisg> What's the output of this? lspci -nn -k | grep -A 2 Ethernet
<sarnold> nikeshm: thanks for reporting back; I don't know iscsi well (obviously), so it's always nice to learn more :)
<BrianBlaze420> 00:19.0 Ethernet controller : Intel Corporation 82567LF-3 Gigabit Network Connection [8086:10df] (rev 02)
<BrianBlaze420> like I said I can get this to work if I install ubuntu 8 from nothing but this clone still has the old settings it seems
<BrianBlaze420> and I am not sure how to reset
<BrianBlaze420> damn it's hard trying to find info on an extinct version of ubuntu, how fun to come to a job where the previous guy didn't update lol
<patdk-wk> heh
<patdk-wk> that isn't too bad
<alkisg> BrianBlaze420: you don't see "Kernel driver in use" there? If not, that's the issue
<patdk-wk> it was fun started a job, and finding it was using an distro that hasn't existed for 3years, and they where using v1 of that distro from 13years ago
<alkisg> BrianBlaze420: also, what kernel does the new 8 install have, and what kernel does the old one have
<BrianBlaze420> 2.6.24-24-server
<BrianBlaze420> where would I see kernel driver in use?
<alkisg> $ lspci -nn -k | grep -A 2 Ethernet 03:00.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [10ec:8168] (rev 06) 	Subsystem: Gigabyte Technology Co., Ltd Motherboard [1458:e000] 	Kernel driver in use: r8169
<BrianBlaze420> -k is not a valid option
<alkisg> Check the output of `lsmod` for the intel driver then; or maybe lshw or something...
<alkisg> Does it show up in `ip l`?
<alkisg> And, check what the "new 8 install" kernel is
<BrianBlaze420> lshw says network unclaimed
<alkisg> Right, so you need a newer kernel
<alkisg> The one that the "new 8 install" has
<alkisg> BrianBlaze420: also note that you can boot from a recent live cd which will have the driver etc, then chroot to the old installation, and update it
<BrianBlaze420> goctha
<patdk-wk> do you know how to update the old install from the archive repos?
<alkisg> Or you can even boot the disk via kvm, from either a live cd or from another installation; the kvm device should be avilable
<BrianBlaze420> this all makes sense
<alkisg> patdk-wk, http://askubuntu.com/questions/91815/how-to-install-software-or-upgrade-from-an-old-unsupported-release
<BrianBlaze420> and no i have never installed from an old repo
<alkisg> So you'll need to go from 8 to 10 to 12 to 14 to 16... maybe a reinstall would be faster? :D
<BrianBlaze420> time to learn :)
<alkisg> (and fix whatever issues arise in each update...
<patdk-wk> I would just archive the server, and reinstall
<patdk-wk> if it's that old, it's going be painful fixing configs all along the way
<alkisg> With Ubuntu 8.04, you probably also have ext3 instead of ext4...
<OerHeks> .. and old grub1
<BrianBlaze420> yes I am not really worried about the whole update process at the moment it shall be a task in itself I want to be able to move this install to different hardware to test
<BrianBlaze420> so far so good
<BrianBlaze420> I appreciate the help a lot
<BrianBlaze420> so if I do lshw and see unclaimed
<BrianBlaze420> it means the kernel can see it but no drivers?
<BrianBlaze420> oh I am so happy to move forward <3
<nacc> BrianBlaze420: or the correct driver has not been loaded, iirc
<nacc> BrianBlaze420: it technically just means what it sounds like, nothing has yet 'claimed' to operate that device
<BrianBlaze420> gotcha
<nacc> where claimed is really a binding operation (again, iirc) in the kernel saying that a given driver is appropriate for a given device (it doesn't technically mean the device is operational)
<BrianBlaze420> which is what I saw :)
<BrianBlaze420> oh ok I understand
<rbasak> nacc: see https://bugs.launchpad.net/ubuntu/+source/php7.0/+bug/1658289/comments/4
<ubottu> Launchpad bug 1658289 in php7.0 (Ubuntu) "Regression in pdo_pgsql after SRU to php 7.0.13 (fixed upstream)" [Undecided,Triaged]
<rbasak> nacc: if I'm right, then do you want to just drop that changelog entry and upload 7.0.15 in SRUs anyway, or do you want to cherry-pick the fix for that too?
<nacc> rbasak: let me double-verify, i think we'll want to include that fix
<rbasak> nacc: in that case do you want to prepare uploads to supersede what is currently in the X/Y queues?
<rbasak> nacc: (also an upload for Z I guess)
<nacc> rbasak: ack, doing that now
<nacc> rbasak: and/or will do that now
<rbasak> OK. Thanks!
<nacc> rbasak: thanks for catching that, and sorry for my error!
<rbasak> No problem!
<nacc> rbasak: do you think we'd be better off moving to 7.0.16?
<nacc> ah nm, still in beta
<nacc> rbasak: uploaded
<nacc> mdeslaur: fyi, sorry for the delay
<mdeslaur> nacc: np! :)
<BrianBlaze420> I am doing the do-release-upgrade and get this error : http://pastebin.com/iSsffQjQ
<BrianBlaze420> was hoping someone could point me in a direction :)
<powersj> jgrimm: FYI LP: #1664731
<ubottu> Launchpad bug 1664731 in debian-installer (Ubuntu) "zesty lvm install hangs while creating device mapper device" [Critical,New] https://launchpad.net/bugs/1664731
 * jgrimm looks
<rbasak> nacc: still around?
<rbasak> nacc: no need to burn 7.0.15-0ubuntu0.16.{04,10}.1, as the old upload was never published.
<rbasak> nacc: but also, if you want to do that, you should use -v7.0.13-0ubuntu0.16.04.1. Otherwise the changes file doesn't include the bugs against 7.0.15-0ubuntu0.16.04.1.
<rbasak> So we'll end up not tracking the SRU bug.
<nacc> rbasak: ah duh, so would you rather i just fix that up and reupload as 0ubuntu0.16.{04.10}.1 ? can you reject whatever is in the queue now?
<nacc> rbasak: and ack on the changes
<rbasak> nacc: yeah probably easiest. I'll reject now.
<nacc> rbasak: thanks
<nacc> rbasak: and will you want to reject .2 as well, then?
<nacc> rbasak: nm, just email delay
<teward> rbasak: so FYI
<teward> I may have a merge-candidate package ready sooner than predicted
<teward> depends if the upload to https://launchpad.net/~teward/+archive/ubuntu/nginx-merge-zesty I just made blows up in my face or not
<teward> fak i forgot to add the other archs.  oopsies.
<teward> those first three chars are an accident oops :)
<rbasak> teward: \o/ thank you!
<rbasak> teward: anything we can do to help before you can upload?
<teward> install test, upgrade test?
<teward> I'll put on the ML when that's ready
<teward> i need to make sure it builds on all archs i can turn on in the PPA
<teward> rbasak: the only difference in the version string between testing and actual is I have +test# added to the end of the string for test builds, because of the way the version strings detect, it'll explode with ~test#, but i also want it to be identified as build tests if, say, I broke it or something
<teward> FOO I did forget something in the changelog
<teward> that's something I'll add before pushing though
<teward> oops I think i failed again
<teward> fff i think i accidentally pushed to the repos
<teward> rbasak: whoohoo, builds didn't blow up in my face this time xD
<teward> rbasak: do we have a server release notes page yet or is that closer to release?
<teward> because we'll need to make a small note about the potential performance impact on 32bit by having both PIE and PIC enabled
<teward> and we need both, or it won't build
<rbasak> teward: usually we do it closer to release, but it's fine to start writing it now if you wish. If the page doesn't exist, feel free to create it, basing it from Yakkety's notes.
<teward> nah i'll wait
<teward> just remind me :)
#ubuntu-server 2017-02-15
<teward> rbasak: uhm, who looks after the perl autopkgtests
<teward> because there's some nasties in there holding up Perl, and we need that to get out of proposed, or forcibly bypass that, before we can actually test the merge, etc.
<teward> because i need to rebuild if we've bumped Perl at all
<b3h3m0th> How do I: Lock user for X seconds after Y consecutive failed login attempts within a time windows of Z seconds.
<b3h3m0th> Using PAM ?
<sarnold> b3h3m0th: I think pam_tally2 is probably the way to get there
<b3h3m0th> I tried tally but could not figure out a way to specify the Z param
<b3h3m0th> *tally2
<b3h3m0th> pam_faillock,  a redhat patch does support this using a fail_interval param. But  unfortunately for me ubuntu does not ship it :(
<b3h3m0th> fail_interval=n: The length of the interval during which the consecutive authentication failures must happen for the user account lock out is n seconds. The default is 900 (15 minutes).
<b3h3m0th> ^ This is what I'm actually looking for. [source: https://linux.die.net/man/8/pam_faillock]
<b3h3m0th> I want a user to be able to try to login (Y-1) times every Z seconds indefinitely without lockout.
<zioproto> hello all. Just starting a trusty to xenial do-release-upgrade on a server running glance-api and glance-registry. Openstack version MItaka. Any specific Openstack advice ? It is a staging system so relax :)
<aaran> Hi, what is the name of the service that lets you book out time slots on a server for computation? I thought it was time sharing but thats from the olden days of mainframes
<aaran> any ideas?
<aaran> hmm think I found it job scheduling
<rbasak> aaran: are you thinking about stuff like https://en.wikipedia.org/wiki/TORQUE_Resource_Manager ?
<rbasak> It's more of an HPC thing.
<rbasak> Also Slurm
<aaran> basically we have a gpu server that a bunch of staff would like to run jobs on and its a system to book time to use the machine
<aaran> its a single server so I dont think that slrum would be needed as that seems to be for clusters?
<rbasak> For a single server, why not just use a shared calendar and trust?
<aaran> because of students and their inability to stick to a schedule
<aaran> But its an idea, thanks I will pitch the idea and wait to see what comes of it
<caribou_> rbasak: jgrimm: FYI I have just synced clamav. The only remaining part will be to get the MIRed tomsfastmath in
<cpaelzer> aaran: from my experience with similar - unfortunately not FOSS - solutions after the initial setup of getting hard schedules everybody complains about wasting so much time
<cpaelzer> aaran: if you go for calendar+trust doe it as calendar+trust+communication; nothing is as bad as killing a 8 hour job 5 minutes before it completes :-)
<cpaelzer> aaran: if you go for any sort of automation, make it a prio or credit based system with seme tolerance before killing runnign jobs
<rbasak> For hard (no trust needed) schedules, I wonder if MAAS could help. It has an API, so you could automatically redeploy and give access to a scheduled user every time the scheduled user changes.
<rbasak> Not too much scripting.
<rbasak> Perhaps way overkill though (over using trust).
<aaran> hhmm
<cpaelzer> also chargeback (no matter how small) helps tremendously to get the people to keep their work fast and efficient
<aaran> not sure if chargeback would be feasible
<cpaelzer> doesn't have to be money
<cpaelzer> if you implement something time credit based just lower that in case one overruns
<cpaelzer> makes things much more self regulating
<cpaelzer> but well over-engineering s at stake - start with calendar+trust and see where you get
<joelio> any idea how https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8743.html is getting on, appreciate it's medium risk
<rbasak> joelio: try asking in #ubuntu-hardened.
<rbasak> (it's also quite early for the Americas so you might not get an answer straight away)
<joelio> rbasak: no worries, it's just on my list of things to keep an eye on, no biggie :)
<cpaelzer> nacc: I think I debugged and understood the pg-repack issue, if you could trigger to re-run the postgres dep8s that would be nice
<cpaelzer> nacc: from https://bileto.ubuntu.com/excuses/2470/yakkety.html that would be
<cpaelzer> nacc: and actually the postfix tests and not the postgres ones
<cpaelzer> pitti confirmed in the bug that these might just be flaky and worth a re-trigger
<zioproto> regarding openstack packaging for glance the trusty to xenial upgrade was painless
<zioproto> I am using the standard xenial mitaka packages
<zioproto> Finally some interesting problem. I guess all puppet+openstack people will run soon into this https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1570472
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]
<zioproto> jamespag`, coreycb this bug is not assigned on Xenial, there is PPA that fixes the problem. Before we have a bunch of Openstack people having this problem, how can we make sure this gets assigned for review and merge in Xenial ??? thanks https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1570472
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]
<cpaelzer> coreycb: FYI the machine type fixes just passed the unapproved queue
<cpaelzer> coreycb: I'll ping again when they built, tested and I'mabout to mark as verification done
<coreycb> cpaelzer, ok thanks
<lucidguy> Looks like if you want Nagios4 on Ubuntu 16.04 you have to build from source.. not on any reputable repo?
<rbasak> lucidguy: yeah I don't think Nagios 4 is packaged in Debian or Ubuntu.
<lucidguy> rbasak: I'm trying to decide if I should stick with v3 from repo or go and build v4
<rbasak> I don't know enough to answer that question, sorry.
<teward> cpaelzer: thanks for your testing, I appreciate the rapidity of your getting those tests done :)
<teward> cpaelzer: thanks for your testing, I appreciate the rapidity of your getting those tests done :)
<teward> cpaelzer: did you see anything that would otherwise be considered "bad" in the package?  (My brain isn't fully awake, I need another 3 coffees lol)
<cpaelzer> teward: I did not do packaging review yet
<cpaelzer> teward: didn't realize I should
<teward> cpaelzer: nah, it's all good, i meant as "Anything odd introduced in the logs"
<teward> packaging review I'm confident is fine, base Debian + our delta
<cpaelzer> teward: from the "package user side" it appeared good to me
<teward> and we were able to drop a few things.
<teward> cpaelzer: yeah that's the primary tests I was after
<teward> package review, I'm confident it's fine, because it's pretty much base Debian package + nginx-core specific things + build compat. fix for fPIE/fPIC that seems to be ubuntu specific + apport hooks
<teward> nginx in Debian just uploaded 1.10.3-1 recently so it's not able to be pulled yet for merging, but it shouldn't be more than packaging changes.
<teward> i'll check that tomorrow, until then I'm going to push this up because I'd *love* to get this in before FeatureFreeze
<teward> we can FFe request for any packaging-specific changes that aren't 'new features'
<teward> first, food, 'cause I haven't eaten all morning
<joelio> lucidguy: considered Icinga2 ?
<cpaelzer> rbasak: can you hit the importer on exim4 and logwatch for me - I'd like to consider feasibility of a re-merge before FF
<jgrimm> cpaelzer, thanks!  cpaelzer btw, i suggested that you be added to the importer team
<cpaelzer> jgrimm: I had hoped to annoy rbasak often enough that he does so on his own at some point :-)
<jgrimm> heheh
<rbasak> Running
<cpaelzer> thanks
<cpaelzer> jgrimm: btw I escaped the libvirt abstraction hell, libvirt-python binding to the rescue
<jgrimm> rbasak, since you are at it.  autofs and libqb would be handy to import too.
<lucidguy> joelio: no, boss asked for Nagios
<jgrimm> cpaelzer, \o/
<rbasak> cpaelzer: done. I think they were no-ops. The automatic importer is working maybe?
<rbasak> nacc: OK to push obviously-correct minor usd bugfixes straight to master?
<teward> rbasak, cpaelzer, jgrimm, powersj: NGINX merge uploaded to proposed.  Faster than my initial timeline was yesterday.  :)
<rbasak> teward: \o/
<rbasak> Thank you!
<jgrimm> teward, \o/
<teward> might need another one as an FFe for 1.10.3-1 from Debian (additional packaging changes)
<teward> but hey *that* merge we get to drop a delta xD
<rbasak> nacc: never mind. It's a bug in my pending branch. Not even in master!
<teward> rbasak: those local branch/tree bugs are pesky and annoying, aren't they :P
<rbasak> :-)
<rbasak> Nice to get the bugs ironed out before I propose a merge :)
<nacc> rbasak: ack on bugs
<nacc> cpaelzer: i think pitti got those retriggered?
<rbasak> jgrimm: autofs done (no-op?)
<rbasak> jgrimm: libqb running (looks like an import from the beginning)
<teward> rbasak: eheh, look at all the "NEW" in the queue xD  https://launchpad.net/ubuntu/zesty/+queue
<teward> (for nginx)
<teward> (translations)
<jgrimm> rbasak, thanks! and thanks!
<nacc> jgrimm: fyi, new dogtag-pki is being synced over and built now, then various tests should rekick or i will manually as neccessary
<jgrimm> nacc, thanks
<nacc> jgrimm: re: openvpn, can i reject the old merge request?
<nacc> jgrimm: MP: #316337
<jgrimm> nacc, yep i only left it around for you to refer back to
<nacc> jgrimm: ack, will close once i merge the new one
<jgrimm> since i'd uploaded a new branch. thanks sir
<nacc> jgrimm: 317004 is current?
<jgrimm> nacc, yes
<coreycb> zul, i'm working on testing a cherry-pick of this to nova: https://review.openstack.org/#/c/431582/
<GPenguin> hello, i am interested in the wordpress package on ubuntu 16.04. server edition
<GPenguin> the readme in /usr/share/doc/wordpress is ... uhm... well, a bit rusty?
<GPenguin> i see the mysql server itself is not installed. and the doc speaks about a password which i never set
<GPenguin> is there a more detailed and more up to date version of the documentation out there?
<nacc> GPenguin: yes, wordpress only depends on a client
<nacc> GPenguin: you need to setup a server potentially
<GPenguin> ah, hmmm
<nacc> GPenguin: if you insatll suggests, it will pick up mysql-server as well
<rbasak> jgrimm: libqb done
<GPenguin> nacc: i am also missing the wp-config.php
<jgrimm> rbasak, thanks
<GPenguin> uhh, that is in /usr/share/wordpress
<nacc> GPenguin: looking to see if i can reproduce; iirc, when i did the update, i got it installed and setup fine
<nacc> GPenguin: and the apache config uses /usr/share/wordpress
<nacc> GPenguin: the example one
<nacc> GPenguin: yeah, so that basically works, your choice of apache configuration, enable it, run setup-mysql and then navigate in a browser to finsih the wordpress install like normal
<GPenguin> hmmm
<zul> coreycb: okie dokie
<BrianBlaze420> oh man going from 8 to 16 is fun lol
<compdoc> 16 girlfriends?
<OerHeks> 16 bit?
<nacc> 8.04 to 16.04 based upon yesterday's context
<nacc> BrianBlaze420: honestly, it's probably easiest to backup data and install from scratcch
<BrianBlaze420> yeah that's what is happening
<BrianBlaze420> so sad lol
<BrianBlaze420> i am more sad that the guy who set this up walked away from it for so long
<BrianBlaze420> anyways I am just venting :)
<teward> BrianBlaze420: sounds like an evil system I had to work with in the past, at my one workplace.  8.04 running evil Python
<teward> 16.04 wasn't out yet so we had to -> 14.04
<teward> 14.04 -> 16.04 will be easy heh
<teward> python, dovecot, etc. all configured on 14.04 works pretty well on 16.04 too :P
<BrianBlaze420> lol yeah I am looking forward to getting there
<BrianBlaze420> where I am not horrified of updating lol
<teward> took a year to migrate everything off 8.04
<teward> because of python lol
<teward> dovecot and postfix were easy
<teward> python, not so much
<teward> (3rd party library updates, etc. caused problems0
<teward> s/library/module/
<teward> anyways i digress :)
<BrianBlaze420> :)
<BrianBlaze420> at least I feel less alone, so I appreciate lol
<teward> sarnold: ohai, you!  nginx merge uploaded to -proposed.  Lotsa new binaries lol
<sarnold> teward: \o/ nice, how'd it go?
<teward> sarnold: painfully.  'cause it's a ***horrible*** evil process.
<sarnold> teward: aye :/
<teward> baseDebian + PackagingDeltaChanges + (fixMistake x 4)
<teward> finally got it to a PPA last night, and cpaelzer was kind enough to run install/upgrade tests
<teward> i'm just waiting for the mismatched components report :P
<teward> 'cause there'll be some
<teward> (some of the dynamic module packages)
<JoseLuis_> Good afternoon all.
<teward> greetings
<JoseLuis_> I have a lot of mail in my server about Cron <root@localhost> /etc/cron.hourly/kill.sh  and Cron <root@localhost> /etc/cron.hourly/cron.sh
<JoseLuis_> SIOCSIFFLAGS: Cannot assign requested address     SIOCSIFFLAGS: Protocol driver not attached
<sarnold> what do those scripts do?
<JoseLuis_> cat /etc/cron.hourly/kill.sh  http://termbin.com/vgz8
<JoseLuis_> cat /etc/cron.hourly/cron.sh http://termbin.com/cfb4
<sarnold> oh crap
<sarnold> now I remember why your name is familiar
<sarnold> JoseLuis_: https://www.linode.com/docs/security/recovering-from-a-system-compromise
<JoseLuis_> sarnold: I am going to read
<JoseLuis_> sarnold: Definitely, we will to create a new server in linode, but we should need to install security first before to install program and database.
<sarnold> JoseLuis_: it'd be worth trying to figure out how this instance was compromised while you're at it -- full forensics are extremely difficult, but it'd be best to know if the machine was hacked via ssh password brute-force searches, or a web-based management console, or something else..
<JoseLuis_> yeah, but I do not know how to do this.
<teward> sarnold: compromised systems are compromised!
<teward> JoseLuis_: you'd either hire someone
<teward> or just not bother finding how to ID the compromise.  Either case, nuke with fire
<JoseLuis_> I was hired in august for manage mongodb and to make some scripts in linux to monitoring some server in linode and windows.
<sarnold> I wonder if this was involved http://thehackernews.com/2017/01/secure-mongodb-database.html
<JoseLuis_> the security in linux servers and windows server is almost null, (pass with 12345678, qwerty, etc..)
<teward> JoseLuis_: well, "the security in linux servers" is a matter of configuration
<teward> 99% of the time, people who set up the servers
<teward> don't follow common sense practices
<JoseLuis_> sarnold: thanks for the information.
<sarnold> teward: I'm afraid that's what he was reporting on :)
<sarnold> JoseLuis_: good luck
<teward> heh
<teward> sarnold: CrapSecurity is about equal to ZeroSecurity
<teward> and then there's my network, locked up tight, every system has a firewall, different passwords for each, service and priv. separation across multiple systems...
<teward> VLANed out the wazoo to protect other subnets...
<teward> IDS/IPS on the border...
<teward> redundant firewalls...
<teward> ... is my network overkill yet?  :P
<sarnold> ayup. :)
<pmatulis> a rift in the fabric of time
<Dmitrii-Sh> cpaelzer: hi, is there a reason why libvirt is missing from https://code.launchpad.net/~usd-import-team/+git ? I'm not too familiar with usd-importer yet but 'git grep -i libvirt' in its repo shows that it is commented out in the usd-cron-packages.txt:#libvirt
<Dmitrii-Sh> cpaelzer: in general, I am looking for a good way to do quick git merge-base --is-ancestor <hash1> <hash2> type of checks for upstream patches and it is much easier to have an up-to-date git repo at hand to do it
<nacc> Dmitrii-Sh: there is a distinct git repository being used
<nacc> Dmitrii-Sh: for libvirt they use the debian repo, iirc
<nacc> Dmitrii-Sh: there is an ubuntu branch (or branches)
<nacc> Dmitrii-Sh: i might be wrong, smb may also know
<Dmitrii-Sh> nacc: hmm, I saw the Debian repo https://anonscm.debian.org/cgit/pkg-libvirt/libvirt.git/refs/ but there is only a single ubuntu branch there (from 2007)
<nacc> Dmitrii-Sh: oh sorry, there is a lp repo, i guess (found it from the ubuntu package search SCM link)
<nacc> https://git.launchpad.net/~libvirt-maintainers/ubuntu/+source/libvirt
<nacc> Dmitrii-Sh: that looks current, i think
<nacc> Dmitrii-Sh: also, should be the Vcs-Git value in the control file in the source pacakge, iirc
<Dmitrii-Sh> nacc: this one seems right
<Dmitrii-Sh> nacc: http://packages.ubuntu.com/source/xenial-updates/libvirt the repo mentioned here too
<nacc> Dmitrii-Sh: cool :)
<Dmitrii-Sh> nacc: wasn't the case with qemu AFAIR but this one is good )
<Dmitrii-Sh> nacc: thx
<powersj> rbasak: thanks for the review of etckeeper, updates made!
#ubuntu-server 2017-02-16
<JoseLuis_> estoy vivo?
<wedgie> soy muerto
<JoseLuis_> he he he, I thought that it was disconnected.
<nacc> jgrimm: fyi, dogtag-pki finally built, it's migrating now, tests are queued, i'll check again in the AM
<jgrimm> nacc, thanks sir
<fishcooker> is there any apps like iostat for cpu and memory usage ?
<OerHeks> fishcooker, top or htop
<cpaelzer> good morning
<GPenguin> moin
<thrasos> Hello :-)
<thrasos> First time installing ubuntu-server anything you'd suggest
<thrasos> I mean't is there anything you'd suggest? (any pitfalls to avoid etc)
<sarnold> if it's going on the live internet please disable password authentication in sshd_config as soon as you can
<thrasos> sounds important thanks!
<boichev> thrasos: sounds like you are playing around wiht linux servers is this right
<thrasos> that is true
<boichev> thrasos: check htop it is really a nice way to monitor the server resources
<thrasos> thanks for the tip
<sarnold> thrasos: you can use 'apt-cache search' to search for packages to install; it searches both descriptions and names. you can use apt-cache show to see more information on the package, and apt-get install to install it
<thrasos>  excellent
<boichev> thrasos: If you need something speciffic just tell us a direction :), a software raid with mdadm. You can mix random disk sizes (with equal partitions) and raid1 is super nice for redundancy ... many here will disagree with my love to software raid but it did gread job for me on many servers
<sarnold> <3 zfs
<boichev> +1 on zfs it is really REALLY nice
<maxagaz> hi
<lordievader> Good morning.
<JanC> ZFS has advantages and disadvantages
<JanC> it seems like ZFS is not as predictable as linux software RAID + ext4 when it comes to performance
<lordievader> Wasn't it supposed to be superior? (Never used it...)
<JanC> and you can't expand a ZFS RAID with extra disks, like you can with software RAID
<JanC> well, you can, but not in the same way as you can with software RAID (you need to create a new volume with multiple disks)
<JanC> OTOH, it has much better integrity checking of course, and features like de-duplication
<JanC> and it supports compressed files (although that's not useful if you use it primarily for already compressed files)
<JanC> one nice feature is also that you can enforce UTF-8 filenames  :)
<PhoenixMage> Hi guys, there are few iscsi packages floating around and I am wondering which one is the most stable for a home lab NAS, integration with the zfs commands would be a plus
<valbr> hi all :)
<valbr> Is there a possibility to make a fan profile for a 3 pin fan
<valbr> fancontrol does it for a PWM fan, but not a 3 pin fan. can it be done with a 3 pin fan too?
<maxagaz> I have installed a headless virtual box on my server A, this virtual box contains another ubuntu server B. I can ssh from my laptop to server A, and from server A to server B, but how can I ssh directly from my laptop to server B ?
<rbasak> cpaelzer: I updated the blueprint to find any outstanding merges in there that aren't already in proposed. I have nut, logwatch and python-django. Are you taking care of logwatch today? I'll look at nut (I think it's pending my review from caribou) today. nacc isn't here but I'll ask him about python-django later.
<rbasak> roaksoax: ^
<cpaelzer> rbasak: yeah logwatch is already in proposed now
<cpaelzer> rbasak: IIRC python-django had something about test failures - the log of the IRC meeting has some details, but in any way nacc is the right one to know
<rbasak> cpaelzer: ah great. Thanks!
<rbasak> (re: logwatch)
<Genk1> Hello all!
<Genk1> Is disabling Ipv6 support a good practice ? why ?
<hateball> If you have an ill configured network it can give you grief
<Tm_T> I'd rather fix the network
<Genk1> Hmm OK, but what is the risk of having ipv6 disabled ?
<hateball> That you cant communicate over ipv6 if you need to
<patdk-lap> loosing half the internet!
<cpaelzer> rbasak: and migrated, I see you already set done - thanks
<lordievader> Genk1: Nowadays you want to slowly move to ipv6. So do try to leave it enabled.
<Genk1> lordievader, OK thanks!
<zioproto> Hello, is nish aravamudan in this chat ?
<rbasak> zioproto: he's nacc, but not here right now.
<zioproto> rbasak, thanks, I wanted to ping him about this https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1570472
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]
<zioproto> do you know on what time zone is he ?
<rbasak> zioproto: UTC-8.
<zioproto> thanks !
<rbasak> caribou: around? I'm just writing up review notes from nut now. As we need to upload today for FF, do you have time for some tight review loops, or would you like me to just take care of it?
<rbasak> Sorry it's been so late coming. It's (almost) one of the last ones left :-/
<rbasak> caribou: also I'll suggest tweaking the changelog a bit. I can propose the change, but would like an ack for you before keeping your name on it.
<zioproto> I am trying to understand in LP if there is a list of merge requests against the puppet package
<zioproto> I arrived here https://code.launchpad.net/ubuntu/+source/puppet/
<zioproto> rbasak, reading all the story of LP bug #1570472 probably I could ask also to you
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress] https://launchpad.net/bugs/1570472
<rbasak> zioproto: I'm not really current with what the issue exactly is. Could you perhaps summarise in the bug, effectively rewriting the bug report including all the information that others have gathered in comments, and identify any inconsistencies?
<zioproto> sure, I'll try my best
<rbasak> Thanks!
<zioproto> should I then make also a merge request on launchpad like I do with the openstack packages ?
<rbasak> We don't have an official repo branch for puppet packaging in Ubuntu. Normally attaching a debdiff to the bug is fine.
<zioproto> What is this then ? ~usd-import-team/ubuntu/+source/puppet
<rbasak> I was just looking that up for you :)
<rbasak> It's our experimental work on git branches for Ubuntu packages.
<rbasak> If it's current, feel free to file a merge proposal against the appropriate branch in there.
<rbasak> If it's not current, we can bring it up to current manually on request.
<zioproto> but how is it possible that this bug is open since April 2016 ?
<zioproto> every puppet user is still on trusty ? :)
<patdk-wk> hmm, it's only since april
<patdk-wk> it would be more concerning if it was april 2012
<rbasak> No idea. We'd be quite happy to fix it if we were clear on the details of the problem.
<rbasak> Also, there's a trivial workaround posted in the bug.
<zioproto> the workaround does not work if you dont have a site.pp
<zioproto> we use foreman
<rbasak> I suspect there are far fewer users in that situation.
<zioproto> soon tons of people are going to be forced to do the trusty xenial upgrade
<rbasak> ...who don't have a site.pp and use foreman?
<zioproto> I just mean that if you have a puppet master with external_nodes you cannot apply the workaround
 * rbasak shrugs
<zioproto> the packages from the PPA work okay, and also other users reported they work
<rbasak> Like I say, we'd be happy to fix it if someone who cares comes along and tell us what to do.
<zioproto> I dont understand what is the blocking factor
<rbasak> We need to know that it's the minimal fix and there's no regression risk.
<zioproto> I think we need to wait for nacc
<rbasak> Since the set of people who test the PPA are a biased sample representing only one use case.
<rbasak> To understand the regression risk, we need to understand what scenarios are affected, how and why.
<zioproto> do you know if the tree where the PPA is buillt from is published somewhere ?
<rbasak> Yes. See the PPA page. You can get the sources from there.
<rbasak> "and there's no regression risk" -> well, there's never *no* regression risk, but we do want to minimise it, and for that we need a good understanding of the problem and the fix. Saying "the patch works" isn't good enough for a proposed change to a stable release.
<zioproto> https://launchpad.net/~nacc/+archive/ubuntu/lp1570472
<zioproto> if I click on code
<rbasak> "View package details"
<rbasak> Open the arrow against the version/series you want.
<rbasak> You can download the source package files from there.
<zioproto> ok
<rbasak> zioproto: thank you for driving this. We appreciate your help.
<zioproto> rbasak, I understand how to get diff from 3.8.5-2ubuntu1~ppa7 to 3.8.5-2ubuntu1~ppa8
<zioproto> but this means it is the version number 8 of the PPA ?
<zioproto> I would like to diff against che Xenial package
<zioproto> I mean the buggy one that is delivered to the world :)
<rbasak> zioproto: you might find https://git.launchpad.net/usd-importer/tree/git-dsc-commit useful
<rbasak> It imports a Debian source package into a fresh git commit. Then you can use git to diff as normal.
<rbasak> zioproto: check out the correct parent commit first, eg. ubuntu/xenial-devel if the PPA package is based on that.
<zioproto> okay, so I use it with https://launchpad.net/~nacc/+archive/ubuntu/lp1570472/+files/puppet_3.8.5-2ubuntu1~ppa8.dsc
<rbasak> zioproto: yes, but you also need the associated files. You can use dget to pull them from the dsc URL automatically.
<coreycb> zul, backports should be back to normal soon for ocata
<zul> ack
<isthakur>  I am trying to run a php based application on my LAMP server which is reporting error 500 can any one help me. I have a a scripts that run well on LAMP server with php6 but not working with PHP7
<lordievader> Have you checked the logs?
<isthakur> where to find?
<lordievader> Logs usually go to /var/log
<lordievader> If you are using Apache with mod_php you want to look into the error log of Apache.
<isthakur> Thank you lordievader. Trying to figure out the issue.
<lordievader> What is the error?
<isthakur> unable to figure out. accidently deleted the error log.
<isthakur> now nothing is being added to it.
<lordievader> Restart apache ;)
<isthakur> Thanks dear.
<isthakur> [Thu Feb 16 20:53:51.821767 2017] [:error] [pid 22108] [client 127.0.0.1:59574] PHP Warning:  require(include/RequirementsValidation.php): failed to open stream: Permission denied in /home/isthakur/data/isthakur/Sites/yetiforce/index.php on line 17
<isthakur> [Thu Feb 16 20:53:51.821822 2017] [:error] [pid 22108] [client 127.0.0.1:59574] PHP Fatal error:  require(): Failed opening required 'include/RequirementsValidation.php' (include_path='.:/usr/share/php') in /home/isthakur/data/isthakur/Sites/yetiforce/index.php on line 17
<isthakur> permision is fine i.e. 644 on index.php
<isthakur> permission on folder was not given to other so corrected that but now there is a huge list of errors. I will try to fix it and then let you know. Thank you very much for showing me the route to troubleshoot the problem
<lordievader> Can you browse to that file and read it as the apache user (www-data)?
<isthakur> now yes
<isthakur> I have to leave right now. for half an hour. catch you later.
<isthakur> and once again thank you very much.
<lordievader> No problem
<zioproto> rbasak, the git-dsc-commit too is perfect :) I was able to diff the ppa code from the current stable. The patch LGTM. What is the workflow to propose the patch for the proposed Xenial packages ? Should not nacc do it ? He is the original authro
<cpaelzer> jamespage: on your work snapping qemu/libvirt did you create an interface that covers /var/run/libvirt/libvirt-sock-ro ?
<cpaelzer> or the non read-only version
<cpaelzer> hmm I found a libvirt interface, checking definition
<rbasak> zioproto: anyone can do it. See https://wiki.ubuntu.com/StableReleaseUpdates#Procedure, and just attach something usable to the bug (that includes packaging changes such as the version in debian/changelog) and subscribe ~ubuntu-sponsors to the bug.
<Amgine> Question: When there is network links from my IP to an IP blocked via iptables, that likely means my server is compromised, yes?
<zioproto> Amgine, what do you mean with 'network links'
<zioproto> ?
<Amgine> using iftop shows data connection, outbound.
<Amgine> zioproto: https://dpaste.de/HJUh/raw
<zioproto> this is the output of a command like ss ?
<Amgine> sudo iftop, it is like top only for network traffic.
<zioproto> try ss -tp
<zioproto> do you see a connection ESTABILISHED with that host ?
<Amgine> No. Nor do I see a connection for the steady streams of spiders, bots, and browsers.
<Amgine> But I think I understand what you're suggesting.
<zioproto> Amgine, do you see more stuff with ss -tpa ?
<Amgine> Just me.
<zioproto> It could be that the traffic you see with iftop is just ICMP replies that your port is closed. Or maybe you are sending TCP RST
<Amgine> kk. Just being paranoid, I suppose.
<zioproto> nacc, welcome in ! :) I was waiting for you :D
<zioproto> nacc, I have a production openstack cloud where the Trusty to Xenial upgrade is blocked by this bug: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1570472
<ubottu> Launchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]
<zioproto> nacc, I looked at the diff between the package shipped in Xenial and the ppa you published on launchpad. Changes look ok. There is a reason why this patch was not yet proposed to Xenial ?
<nacc> zioproto: mostly business :) i have been waiting for upstream feedback on it
<nacc> *busyness
<nacc> zioproto: let me prepare an SRU today for it
<zioproto> yahoo :)
<zioproto> if I can help tell me what I have to do
<nacc> zioproto: thanks!
<zioproto> usually for openstack packages I make a merge request of my git tree on launchpad, but I guess SRU has a bit more of burocracy
<nacc> zioproto: yeah, but in this case, pretty easy to argue for
<zioproto> nacc, leaving the office soon, I sent you my mail in pvt
<zioproto> of you need any testing to be done write to me
<nacc> zioproto: thanks again
<zioproto> also, if we go to production using your PPA on launchpad, can we rely on that PPA to be available ?
<nacc> zioproto: i won't remove it, and it should get trumped by the SRU
<zioproto> ok great
<zioproto> the problem is that Openstack MItaka is the only release support both on trusty and xenial
<zioproto> so we have to upgrade to xenial to move on to openstack newton
<zioproto> so I guess a lot of openstack people will soon move to Xenial
<zioproto> better get this puppet thing fixed :D
<zioproto> I have to go ! thanks for the help !
<zul> coreycb: do we need a blanket FFE?
<coreycb> zul, i don't think we do this cycle.  it might be worth emailing the release team though just to keep them in the loop.
<teward> rbasak: another 'merge' update was pushed by me just now, it's a minor minor packaging strings change for debian/control but it syncs us up with Debian except for our delta that we add.
<teward> sarnold: jgrimm: ^ just an FYI
<teward> (for nginx)
<jgrimm> teward, ack
<teward> hopefully that sneaks in right before FF goes into effect
<teward> otherwise, it probably can be FFe'd without issue
<jgrimm> yup! :)
<teward> whoopsies I left junk .save files stupid editor crashes
<teward> nginx -1ubuntu2 inbound heh.
<teward> someone please shoot me for my screw up
<teward> the taser is over on the desk :P
<nacc> `git status` ftw
<teward> nacc: not git tracked
<teward> *manual* merge
<nacc> or `git status --ignored`
<teward> nacc: ^ not git tracked.  Yet.
<nacc> bah, you can still do it in a git repo locally :)
<teward> nacc: I *could* except that these're minor fixes.
<teward> In any case, it's uploaded/fixed finally hopefully in time for FFe.
<teward> I need coffee, really.
<teward> Release team is probably going to slap me for so many uploads today xD
<nacc> :)
<teward> nacc: it'll be tracked *soon* on my own gitlab.  I couldn't reliably use any git workflows because of some very evil merge conflicts
<teward> that basically needed start-over-from-scratch for the delta
<teward> and about a month of headbanging against fPIE/fPIC
<nacc> teward: oh i get that, i just meant, it's trivial to just do a `git init` locally when you start, then you know what you are changing from the debian version, at least -- even if manual
<nacc> teward: i've found my own mistakes in trivial merges by doing that
<nacc> teward: but on to bigger and better things any ways :)
<teward> nacc: true, but i also have an automated testbuild workflow that would kill that :P
<teward> so blah
<teward> in any case, it's *now* git-worthy since the dynamic module stuff is in
<nacc> :)
<teward> I should go get coffee though now heh
 * genii 's ears perk up for a second at the mention of coffee
<teward> genii: give.
<teward> :P
<teward> wow Chrome crashed lol
 * genii covertly meets Juan Valdez at the Columbian border and obtains coffee for teward
 * genii hand-roasts the beans, grinds them in an antique brass grinder, prepares enough for 1 large mug in the French press.
 * genii slides teward the mug
 * teward takes, and disappears gradually (with the coffee and the mug) into the shadowy mists that seemed to just 'appear' in the periphery of the channel.
<PhoenixMage> Hi guys, there are few iscsi packages floating around and I am wondering which one is the most stable for a home lab NAS
<patdk-wk> heh, depends on what your doing
<patdk-wk> for me, all of them are stable
<patdk-wk> it's more in what you want to interface with it
<patdk-wk> lio seems to be so dymaically changing, that if you want to script it (use pacemaker with it), it keeps changing and it's hard to use
<PhoenixMage> Its mainly for my lab ESXi boxes, I am migrating to ubuntu from freenas
<wedgie> for that you may be just as well off with NFS if you don't find a satisfactory answer for iscsi
<PhoenixMage> wedgie: Yeah I am thinking of moving them to NFS but at the moment I have a collection of them on an iscsi volume. If I upgrade to 10G interfaces then NFS is apparently the way to go anyway
<wedgie> PhoenixMage: you're moving from freenas... will you be using zfs on the ubuntu system as well? If so that's a double good reason to go NFS. Much more graceful handling of compression
<patdk-wk> unless your real issue is, your stuck on 1gbit network, and attempting to balance over multible
<patdk-wk> but then make sure your iscsi service can make use of multipathing
<patdk-wk> but nfs would be perferred though, as you don't have to worry about empty space reclaiming
<wedgie> indeed. One glorious day NFS will support multipathing but it's not quite standard yet, as I understand it. Haven't looked into it for about a year though
<PhoenixMage> wedgie: yeah zfs on ubuntu, just improted all my zpools
<wedgie> huh, maybe nfs4.1 with multipathing *is* a thing already: http://packetpushers.net/multipathing-nfs4-1-kvm/
<wedgie> oh, wait, requires recompliling the kernel. So yeah, not quite prime-time just yet
<PhoenixMage> I am running a lagg across 4 interfaces and 3 hosts, not ideal
<PhoenixMage> Anyway, seems I might just go with any of the iscsi implementations and migrate to nfs
#ubuntu-server 2017-02-17
<bobafett> having issues using VPN. it says it is connected but pages dont load and i cant ping past router unless i DC from vpn
<bobafett> i can connect to VPN from windows 10 with no problem
<sarnold> check error logs on both the vpn client and the vpn server
<PhoenixMage> Hi all, I am having problems with lio/targetcli restoring config on boot, is anyone else using it?
<lordievader> Good morning.
<WantDevHelp> I'm having difficulty installing ubuntu-server 16.04.2. When it detects the disc is gives, "Enter an IP address to scan for iSCSI targets". I don't know what this is about. I want to just partition my local disk. Any help appreciated.
<lordievader> If you don't want to use iSCSI can you not cancel the window?
<WantDevHelp> thanks for replying lordievader. It's the only option it gave me. I fiddled about with BIOS settings but it only seemed to give me the option to set up iSCSI. Don't know why. However, the power supply in the back of the PC just made a noise like an arc welder. Proble Solved!
<lordievader> Err, okay?
<WantDevHelp> Computer not working so I'll have to do somthing else.
<WantDevHelp> I'm being silly. I won't be able to progress for the moment. I'll have to either dig out a power supply from another PC or use VM.
<WantDevHelp> It's unusual though. Previously when I've installed ubuntu, it opens the partitioner and I can choose between manual partition or just accept defaults. Didn't give me the chance for some reason.
<lordievader> Are you using some kind of raid controller?
<WantDevHelp> no
<WantDevHelp> I seem to recall having a simila difficulty with an old Dell before. As it appears to have turned into an arc welder, I'll defer that for the momoent. I'll use another old PC for the moment.
<WantDevHelp> I'm going to have to muck about with hardware for a while. Thanks
<boichev> +1 on zfs it is really REALLY nice
<boichev> sorry wrong window
<lordievader> The same thing was said here a few days ago ;)
<coreycb> zul, i'm starting on cinder and horizon rc2
<zul> ok
<zul> coreycb: i got nova and manila
<coreycb> ok
<coreycb> zul, i'll get the neutrons
<zul> ok
<coreycb> zul, i'll get trove
<zul> coreycb: i got mistral* after..
<zul> i got magnum as well
<PhoenixMage> Hi all, how can I get ubuntu server to auto import zpools on boot?
<jamespage> coreycb, zul: we need to sortout qemu for ppc64el in proposed
<jamespage> I'll do that now
<jamespage> I need to disable the seccomp support on that arch
<zul> jamespage: ack
<coreycb> jamespage, ok thanks
<boichev> lordievader: exactly :D the error was "Up arrow, Enter" :D
<jamespage> coreycb, zul: qemu re-backporting now
<zul> jamespage: k
<jamespage> mwhahaha, hey around?
<mwhahaha> jamespage: what's up?
<jamespage> mwhahaha, are you around at the PTG next week?
<mwhahaha> jamespage: I will not be
<jamespage> mwhahaha, hmm no openstack-puppet slots mon/tues
<jamespage> mwhahaha, OK
<mwhahaha> jamespage: yea we had 0 response when asked about the ptg so nothing for Puppet
<mwhahaha> jamespage: EmilienM will be there if you had specific questions
<mwhahaha> I had a schedule conflict
<jamespage> mwhahaha, np - I've been working to get topics scheduled to discuss what we're planing with snaps
<EmilienM> jamespage: yes, feel free to reach me
<jamespage> EmilienM, awesome I will do
<DammitJim> this is a general server question... does a single drive in a RAID array have data that can be read?
<drab> DammitJim: depends on what raid, depends what you mean read, in raid1, yes, in raid6 it depends and you'd have to read at low level
<DammitJim> right, but I mean, you can't just grab this drive and plug it into some cable to your computer and just read data
<vonsyd0w> from a raid1 sure, but probably not from other raid levels
<cncr04s> can I add a md/raid device as a member in annother md/raid ?
<DammitJim> thanks
<DammitJim> do you guys know if there is a way to control what range of ID number to use for when one creates a new user?
<DammitJim> for some reason on a server I have that is joined to a domain, it sets the ID to the 10,000 range
<DammitJim> instead of just 1,000
<smoser> nacc, thoughts? https://bugs.launchpad.net/usd-importer/+bug/1665703
<ubottu> Launchpad bug 1665703 in usd-importer "add subcommand for 'import-dsc'" [Undecided,New]
<nacc> smoser: certainly reasonable to do. Would it just be `git-dsc-commit`? I'm not sure we can support parenting it correctly for the first version imported (it'd be an orphan), but as lng as 1.4, 1.5 mention 1.3 in the changelog, i think we'd find it
<teward> rbasak: um, i'm not sure why it's saying 'unsatisfiable dependencies' on nginx on update_excuses, can you peek?
<nacc> smoser: that is, wrapping git-dsc-commit as we do now with usd
<teward> the package versions it's after are *listed* in Zesty right now, per rmadison...
<teward> also Perl still hanging the migration out of proposed
<nacc> teward: new build hasn't been copied to the archive(s) yet?
<nacc> teward: there's latency there between when the build finishes and when excuses sees it, iirc
<teward> nacc: new build of the dependencies you mean
<teward> *brain is not fully online*
<nacc> teward: oh sorry, i was looking at the nginx lines, my fault
<teward> nacc: two issues: (1) "Dependency not satisfiable" when those packages exist in those archs.  (2) Perl version is holding up migration, but I don't know why.
<nacc> teward: let's focus on 1), trying to reproduce in my chdist, one sec
<teward> nacc: mmkay.  My brain is offline today so blah.  :)
<teward> ah, but you're probably right -1ubuntu2 probably isn't uploaded when it was created
<teward> though it should've been since it was uploaded yesterday heh
<rbasak> teward: component mismatch.
<rbasak> libnginx-mod-http-lua is in main. libluajit-5.1-2 is in universe.
<nacc> teward: yeah, main/universe
<nacc> teward: as is liblua5.1-0
<teward> rbasak: http-lua should go to universe then
<nacc> teward: is there any reason those two can't live in universe?
<teward> nacc: i'm five steps ahead of you
<rbasak> Yeah you can do that. An archive admin can move it.
<teward> rbasak: the bug for the merge has what should be in main
<rbasak> If you can't find one on IRC, file a bug against nginx and subscribe ~ubuntu-archive please.
<nacc> http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed
<teward> in terms of libnginx-mod
<nacc> teward: --^ :)
<rbasak> Or just subscribe ~ubuntu-archive to that bug I guess, if it's still open.
<nacc> it's a binary only movement, so it's easy, just needs the AA as rbasak said
<nacc> rbasak: we do have a few of those for server, it seems
<teward> rbasak: it's the merge bug until it moves out of proposed...
<teward> rbasak: nacc: do we know why nginx-core-dbg, a debug symbols package, is being caught?
<teward> is it because it's new?
<teward> WOW i'm an idito nevermind
<teward> actually, wait i still don't knwo why that's listed
<nacc> teward: as i read it, ubuntu1 produced that binary, but ubuntu2 did not
<nacc> (it produced -dbgsym instead)
<nacc> https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu1/ vs https://launchpad.net/ubuntu/+source/nginx/1.10.3-1ubuntu2/
<nacc> (or only -dbgsym rather)
<nacc> teward: and excuses/proposed-migration doesn't like binaries going away
<teward> ah, right
<teward> nacc: that's a result of the evil packaging changes
<teward> i'll make a note of that too
<nacc> teward: I *think* you need AA intervention for that too
<teward> well the AAs are going to be busy either way
<nacc> :)
<teward> rbasak: i'mma subscribe ubuntu-archive and add this massive list of things heh
<teward> rbasak: added to the bug, and ubuntu-archive subbed.  I hope I dont get shot for any of these things heh.
<teward> but that should be able to fix the mismatches.
<teward> Perl is just hanging the migration currently from proposed to nonproposed :/
<rbasak> teward: thanks!
<rbasak> I wouldn't worry too much about Perl. I'm sure the Foundations team will take care of it :-)
<Emmanuel_Chanel> Hello!
<Emmanuel_Chanel> I upgraded linux-image of Ubuntu 16.04 LTS. But the post installation process doesn't succeed.
<Emmanuel_Chanel> Someone can help me?
<Emmanuel_Chanel> It generates too much initramfs to occupy whole /boot
<DammitJim> is there a way to disable these ssl warnings on mysql server 5.7?
<kur1j> I'm trying to create an image for Openstack manually and I am using the minimal ubuntu installer and without selecting anything during installation its 1.9GB for me. I'm using QCOW2 and I have no idea how to make the installation smaller. Any suggestions?
<kur1j> http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img this image from Ubuntu is ~300MB
<sarnold> Emmanuel_Chanel: btw irc works best if you stick around for a while :)
<sarnold> Emmanuel_Chanel: how large is your /boot? do you even need a /boot?
<Emmanuel_Chanel> sarnold: /boot = 113MB and yes, I need /boot .
<Emmanuel_Chanel> My HP server is not with UEFI but with BIOS.
<Emmanuel_Chanel> But the HDD RAID1 pair is about 6TB.
<Emmanuel_Chanel> sarnold: Can you help me?
<sarnold> Emmanuel_Chanel: ouch. that's -really- tiny. I think 500 MB or so would be far safer
<sarnold> /boot on my laptop is 256M, /boot on a serverish-machine is 280. definitely you need bigger..
<Emmanuel_Chanel> ok.
<nacc> Emmanuel_Chanel: my guess is you have old kernels around
<Emmanuel_Chanel> Do you know why it generates unneeded initrd images?
<nacc> Emmanuel_Chanel: that size /boot is only really going to be able to store 1 or 2 kernels it feels like
<nunchuck> greetings had to "unset DISPLAY" on ubuntu server, how do i get display back?
<nacc> Emmanuel_Chanel: define 'unneeded'
<Emmanuel_Chanel> nacc: How can I do?
<nacc> Emmanuel_Chanel: `apt autoremove` typically
<nacc> Emmanuel_Chanel: but it depends on what all is installed
<nacc> Emmanuel_Chanel: what version of ubuntu and please pastebin `ls -ahl /boot`
<Emmanuel_Chanel> nacc and sarnold http://pastebin.com/AZNc4yD4
<DammitJim> do you guys know what I can add to my mysql config so that I don't get SSL warnings?
<sarnold> DammitJim: what warning are you getting?
<nacc> Emmanuel_Chanel: ls -ahl /var/lib/initramfs-tools
<sarnold> Emmanuel_Chanel: excellent; what kernel does uname -r report that you're running now?
<DammitJim> WARN: Establishing SSL connection without server's identity verification is not recommended.
<DammitJim> I understand I can provide a useSSL=false on the client connecting to the server
<DammitJim> but can I set something up on the server so it doesn't check for this?
<sarnold> DammitJim: ehhhh... using ssl without verification is better than using no ssl at all.
<Emmanuel_Chanel> sarnold: uname -r = 4.4.0-62-generic
<sarnold> DammitJim: and enabling verification is going to be some work. I'd leave it alone.
<DammitJim> sarnold, maybe you can help me understand what that means
<Emmanuel_Chanel> nacc: I'm trying it now.
<DammitJim> that's probably what I'm missing
<DammitJim> you mean leave the warnings alone?
<DammitJim> this is for local connections
<sarnold> DammitJim: this means that the certificate from the other side can't be verified -- it isn't signed by a trusted certificate authority
<DammitJim> oh gosh
<DammitJim> but I don't want to use certificates
<Emmanuel_Chanel> http://pastebin.com/RURU7bLU
<Emmanuel_Chanel> nacc: Done.
<nacc> Emmanuel_Chanel: ok, that is why extra initrds are being generated
<sarnold> DammitJim: you don't want to go to the hassle of using _real_ certificates... but self-signed is fine enough for many uses, and this is probably one of them.
<nacc> *normally*, i beleive that directory only contains kernels that are actually installed
<DammitJim> oh man
<nacc> Emmanuel_Chanel: did you manually delete some kernels (rather than using apt)?
<Emmanuel_Chanel> nacc: So all I need to is delete them except 4.4.0-62-generic
<DammitJim> so, a solution would be to use self signed certificates, huh?
<nacc> Emmanuel_Chanel: yes, i believe so
<DammitJim> do I have to then import them for the server and then import them for the client? (even though the server and client are on the same server)
<Emmanuel_Chanel> nacc: No... I deleted /var/tmp/mkinitramfs* , though.
<Emmanuel_Chanel> nacc: ok. I do.
<sarnold> Emmanuel_Chanel: be sure to keep a fall-back as well; in general, keep the kernel you're running, keep the newest, and if those are the same, keep the next newest :)
<nacc> sarnold: no fallback in /boot (taht i can see)
<sarnold> DammitJim: yeah; I suspect you're already using self-signed certs
<nacc> which is why i think something manually was done
<DammitJim> I am, but not for mysql
<DammitJim> so, would I need to change my client connections to use a client certificate?
<DammitJim> or where do I tell mysql client that the server cert is good?
<Emmanuel_Chanel> sarnold and nacc: Thanks for your help! Looks my problem is solved.
<DammitJim> oh man, I loose either way because I have to get the developers to change their connection code
<DammitJim> is that right?
<sarnold> DammitJim: I don't know how to fix that -- I really don't know mysql -- but if you put the self-signed cert in your /etc/ssl/certs/ directory and run update-ca-certficates I think that will do the trick -- read the update-ca-certificates manpage first and make sure it sounds right
<DammitJim> sarnold, so if I add the certs, then I won't need to update connection code?
<sarnold> DammitJim: I don't know about that; all the clients may need to have their cert stores updated if they're on different hosts..
<DammitJim> something tells me one can disable ssl on the server as an option
<sarnold> yeah you probably can but I really don't like that idea :)
<sarnold> why use telnet when you can use ssh?
<DammitJim> because this will involve a couple dozen apps to be updated
<sarnold> why? for one warning??
<DammitJim> yeah, this happens in multiple servers
<sarnold> but it's a warning; what's wrong with ignoring it? :)
<DammitJim> it clutters the log files
<sarnold> true enough
<sarnold> but if you don't care about the tls certificate validation then you might as well work on something that you do care about ;)
<geigerCounter> Hello!
<Doow> Hi, I recently did a fresh install of an ubuntu server (16.10). When taking a look at the open ports I noticed that it was listening on three ports. 22, 80 and 5355. 22 and 80 I knew about and it's intentional, but what is 5355? /etc/services lists it as 'hostmon', but hostmon doesn't have a manpage and I haven't found anything really relevant when googling either. Only airport-hostmon which seems to be some old apple standard.
<Doow> tldr: what is hostmon running on port 5355?
<sarnold> Doow: what program is listening on it?
<sarnold> run netstat -lntp or something similar to find out
<geigerCounter> I'm running Ubuntu 14.04 LTS server edition and trying to configure exim4 to use tls. Here's my config: http://paste.ubuntu.com/24015110/
<geigerCounter> The connection times out when connecting remotely with telnet or thunderbird. Connecting locally with telnet, I'm able to access smtp and after running ehlo, I'm able to try "starttls", but it gives me an error message that tls is unavailable. What should I do?
<Doow> sarnold: 810/systemd-resolve
<sarnold> Doow: hopefully useful https://lists.ubuntu.com/archives/ubuntu-devel/2016-May/039350.html
<sarnold> geigerCounter: connection timing out sounds like firewall settings
<Doow> sarnold: I wasn't running netstat as root at first =)
<Doow> sarnold: thanks, I'll take a look
<geigerCounter> sarnold: On the server or the client?
<geigerCounter> sarnold: That also doesn't explain why starttls fails.
<sarnold> geigerCounter: indeed, but one problem at a time is the way to preserve sanity :)
<sarnold> Doow: aha :D
<Doow> sarnold: That explained everything, thanks for the quick help
<sarnold> great :)
<geigerCounter> I don't think it's a firewall issue though, as before I started trying to config exim4 to use tls, I was able to access SMTP fine remotely as well. But just to be sure, I've made sure to add an exception for port 25 in Windows firewall. I know that server-side there's no firewall whatsoever and there's activity to my SMTP server just fine. GoDaddy's MX Toolbox reports when SMTP goes down and when it
<geigerCounter> comes back up and right now... it says it's down...
<geigerCounter> I just restarted exim4
<geigerCounter> I just connected locally via telnet and was able to log in.
<geigerCounter> Well I was able to connect and ehlo, haven't actually tried to auth.
<geigerCounter> Hang on...
<axisys> how do I install a particular version of a package?
<tarpman> axisys: apt install package=version
<axisys> sudo apt-get install zabbix-agent=1.8.22 says not found
<axisys> how do I get a older version?
<axisys> trusty latest is 2.2.2
<tarpman> axisys: 'apt-cache policy zabbix-agent' will show you the available versions
<axisys> on 2.2.2
<axisys> only*
<tarpman> axisys: according to http://packages.ubuntu.com/zabbix-agent you probably have to go back to 12.04 if you want zabbix 1.8
<axisys> so is it possible to install 1.8.x on 14.04 ?
<tarpman> I don't know, sorry
<nacc> axisys: no, you'd need to use 12.04 for that, presumably
<geigerCounter> Okay, I think I finally found something out in regards to my exim situation. It appears that the self-signed certs I rolled for testing exim with are not valid and/or cannot be accessed by exim.
<sarnold> geigerCounter: ugh :/ while I wouldn't necessarily expect all clients to work with that, I sort ofhope the server itself wouldn't care
<geigerCounter> No, I mean, it literally couldn't read the cert. And upon checking I know see why.
<geigerCounter> I had MAIN_TLS_PRIVKEY as the macro instead of MAIN_TLS_PRIVATEKEY
 * geigerCounter facepalms
<sarnold> oh man
<geigerCounter> So pedantic.
<sarnold> 'unknown macro' would have been kind..
<nacc> might be nice for it to complain about unknown keys in the cof?
<nacc> *conf
<geigerCounter> Yeahh...
<geigerCounter> Yeah.
<geigerCounter> But it didn't do that until I tried to send stuff to/from Gmail.
<geigerCounter> That still doesn't seem to have fixed it though...
<geigerCounter> starttls still isn't working.
<geigerCounter> Wait.
<geigerCounter> -rw-r--r-- means globably readable by all users right?
<nacc> yes
<sarnold> yes
<geigerCounter> That's what I thought. exim's now pointing to the correct cert and key, but it can't read them.
<sarnold> directory permissions above it may prevent the world from getting to the file, thuogh
<geigerCounter> It won't say how and why.
<geigerCounter> Ah
<geigerCounter> Well can I symlink it to another directory then?
<sarnold> and apparmor permissions could prevent it too (check dmesg | grep DENIED if you think this might be the case)
<geigerCounter> I don't think I have apparmor installed yet.
<geigerCounter> Mmm... yeah, the certs directory ( /etc/ssl/certs ) is readable, the key directory ( /etc/ssl/private ) is not.
<geigerCounter> I assume this is by design.
<geigerCounter> Would that prevent exim from being able to read /etc/ssl/private/exim.key ?
<sarnold> it could; maybe you need to add the supplementary group ssl-cert to exim's startup scripts?
<geigerCounter> I may yes, but for whatever reason my /etc/ssl/private directory is user read only. It's group executable tho...
<geigerCounter> Not sure if that makes a difference in this case.
<sarnold> interesting, mine is: drwx--x--- 2 root ssl-cert
<geigerCounter> So is mine.
<sarnold> oh ok, good
<geigerCounter> And idk.
<geigerCounter> I've got another key in here that dovecot uses and is able to read just fine.
<geigerCounter> So mm.
<geigerCounter> I'm not sure if that means dovecot spawns with different permissions or what?
<sarnold> dovecot probably reads it as root at startup or also has the ssl-cert supplemtnary group
<geigerCounter> Mm. Makes sense.
<geigerCounter> To add a user to a group, you run "adduser <user> <group>" right?
<sarnold> worth a try
<sarnold> funny, I jumped right to 'edit the startup' but it might be easier than I was making it :)
<geigerCounter> Hm?
<genii> I generally use sudo usermod -Ga newgroup username
<geigerCounter> Woo! No error when accepting mail from gmail! :D
<geigerCounter> tls starts!
<sarnold> geigerCounter: great :D
<geigerCounter> Yeah, that's one issue down, one to go.
<geigerCounter> Or maybe not...?
<Henster> hello, know when you cp a file and use -R -v ,i whish it showed a bar of the current file size that im copyig  like when you use wget
<geigerCounter> TLS error on connection from <myhostname.com> [my.ip] (gnutls_handshake): An unexpected TLS packet was received.
<Henster> maybe i should use mc ,, lol
<geigerCounter> Henster: Midnight Commander? I have it, I like it, I don't use it much tho. ;p
<Henster> i found this chem today tmux .. man making my life allot easer ,, screen did not work well with mc
<geigerCounter> sarnold: Okay, now after getting the 220 TLS go ahead, any additional input crashes the connection and gives me the above error. :Y What am I doing wrong now?
<Henster> so i hosted my 1st wordpress website on Ubuntu server ,, man im nervious but so far so good
<geigerCounter> Henster: Hey man, congrats! It's probably way smarter than what I'm doing trying to build a custom content system. x-x
<geigerCounter> My everything is broken...
<sarnold> geigerCounter: yikes. that doesn't make sense :/
<geigerCounter> sarnold: Nope. But then again, configuring email seems to be an eldritch task, so...
<geigerCounter> Lol.
<Henster> @geigerCounter im learing early to make backups ,,not so sure how im going to secure remorte archive files
<sarnold> geigerCounter: yeah. it's miserable these days.
 * geigerCounter sighs
<geigerCounter> I'm making progress at least!
<geigerCounter> Henster: Can you try that sentence again, I don't quite get what you mean...
<Henster> sever 1 ,, webserver and server 2 has files server 1 uses ,, eg. some files of Apache document root .. want to encrypt the data inetween the 2 servers
<Henster> inbetween* sorry my spelling
<geigerCounter> Let me see if I've got this right: You have two servers, a file server and a webserver, and you want to secure the data transfer between them with encryption?
<geigerCounter> Henster: Is there a special reason why you can't just have both on the same server?
<Henster> @geigerCounter correct
<geigerCounter> Okay.
#ubuntu-server 2017-02-18
<geigerCounter> Well, I uhm... there's options. There's scp, ftps, https. If you're accessing the webserver via a browser, then https is probably the way you want to go.
<Henster> 1. Cost of data on cloud serverexpensive 2. i dont have fast uncapt internet here .3 not all the files will be active
<geigerCounter> What cloud service are you using Henster and what's your monthly budget?
<Henster> ok cool , i learned how use puttygey gen ,, can i iuse putty keys in the terminal without using a putty like terminal
<Henster> Im at digegal ocean
<Henster> digital
<Henster> god my spelling tonight
<Henster> also its 2am here lol
<geigerCounter> Ahh.
<Henster> dude dont hack me lol
<geigerCounter> Pssh.
<geigerCounter> Don't worry, I don't want to.
<geigerCounter> I'd hate it if that happened to me, so I'm not gonna do it to anyone else.
<Henster> ha ha cool man
<geigerCounter> sarnold: Do you have any suggestions on what I might do to fix this issue?
<sarnold> geigerCounter: you're still stuck at the unexp3ected packet?
<geigerCounter> Yeah
<sarnold> geigerCounter: you could try connecting to it with openssl s_client's -starttls smtp support and see what output you get..
<geigerCounter> How does that work exactly? I'm not too familiar with how s_client works...
<sarnold> I have to look it upevery time I use it; something like openssl s_client -CApath /etc/ssl/certs/ -verify 2 -connect servername:port -starttls smtp   ... but it might require more
<geigerCounter> Well.. that seems right?
<geigerCounter> Well the connection holds up, but when I try to login it says "Invalid base64 data"
<nacc> jgrimm: fyi, i think puppet should migrate now and i'm SRUing the longstanding bug with 16.04 + systemd
<sarnold> geigerCounter: ugh when another fellow has trouble logging in via base64 decode errors it looks a bit hard to decipher -why- https://lists.gt.net/exim/users/57020
<sarnold> geigerCounter: but 11 years ago philip said he'd make the authenticators log alongside the smtp dialog in whatever debug mode is used.. maybe he did? :)
<geigerCounter> ...
<geigerCounter> Well let's give this a read.
 * geigerCounter facepalms
<geigerCounter> I just ran tcpdump without any qualifiers and without piping it to less
<geigerCounter> And now to wait fifteen years.
<geigerCounter> I'm jk of course, I just interrupted it
<sarnold> hehe
<fishcooker> i have log about 28G how to reduce the file size to be latest 7G ?
<fishcooker> i have issue when i try to gzip it because the cpu usage would be increase
<sarnold> fishcooker: do you need to keep the logs?
<tarpman> fishcooker: rotate more often so the individual files don't get that big ?
<patdk-lap> set logrotate to daily, or maybe to a file size (1day or longer then)
<patdk-lap> wonder what it would take to modify logrotate to nice gzip
<patdk-lap> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652600
<ubottu> Debian bug 652600 in logrotate "logrotate: use nice and ionice to avoid slowing down system" [Wishlist,Open]
<sarnold> hah I didn't expect it to be that easy
<sarnold> a one-liner but I didn't think of just fiddling with the crontab :)
<patdk-lap> I wouldn't want to myself
<patdk-lap> since logrotate can restart services
<sarnold> I'd rather switch to lz4 or something quicker anyway
<patdk-lap> do those restarts also get the new nice? I believe so, maybe
<sarnold> heh
<sarnold> I bet you're right
<patdk-lap> probably have to play with compresscmd and compressopt to get it
<fishcooker> looks like the logrotate with this conf http://vpaste.net/cBJwO cause the log big
<patdk-lap> that doesn't *cause* a big log
<fishcooker> i think delay compress sarnold
<patdk-lap> the fact your programming is LOGGING a lot causes a big log :)
<sarnold> why is gluster logging so much?
<sarnold> should it? do you need the logs?
<fishcooker> the question is why the compress doesn't work
<patdk-lap> how do you mean, doesn't work?
<fishcooker> because i noticed the log is raw log not the gz one
<patdk-lap> you have delaycompress and compress in there
<fishcooker> i think it should be compress only patdk-lap
<patdk-lap> if you don't want delaycompress, why have it?
<fishcooker> noted
<sarnold> the manpage notes that delaycompress is needed if the program can't be told to close the log file
<fishcooker> how about the postrotate ... does it force the service close the log file and create a new one, sarnold?
<sarnold> fishcooker: I think you're right, this looks like it should log rotate when it gets SIGHUP https://github.com/gluster/glusterfs/blob/master/glusterfsd/src/glusterfsd.c#L1387
<fishcooker> nice reference sarnold... i will do without delaycompress
 * patdk-lap has never thought of this, I just never use delaycompress :)
<fishcooker> the history of the big is we did set debug mode so the file become so big
<fishcooker> it become bigger when we cant access the mount point from glusterfs server
<patdk-lap> now to just fix systemd journal filling up /run
<geigerCounter> Hey sarnold, what do you think I should do about not being able to remotely connect to exim over port 25
<geigerCounter> ?
<sarnold> geigerCounter: perhaps your ISP is blocking it? I think most ISPs do block it to knock back spam, and you've got to ask them to allow it..
<geigerCounter> sarnold: Oh huh
<geigerCounter> Could you try connecting to my server then?
<sarnold> geigerCounter: sure
<geigerCounter> sarnold: Did it work?
<patdk-lap> geigerCounter, connecting to your server on port 25 is normally not blocked
<patdk-lap> you connecting to other peoples port 25 is normally ALWAYS blocked
<geigerCounter> patdk-lap: Well I can't connect to my server on port 25, I get no response until the connection times out
<lordievader> Good morning
<El_Presidente> hello
<El_Presidente> what is the correct installation command to get the new hwe kernel installed in a proper way? i only found the "desktop" version : apt-get install --install-recommends xserver-xorg-hwe-16.04
<El_Presidente> is it something like apt-get install --install-recommends linux-image-generic-hwe-16.04 ?
<El_Presidente> or linux-generic-hwe-16.04
<rc-is-me> Can someone please assist? I have a problem with server 16.04 on VPS. It's using venet0:0 and when I try to ping 8.8.8.8 I get no reply and 100% packet loss. I have tried this on a different OS CentOs6 and get the same problem. Could someone please point me in the right direction?
<rc-is-me> I can't connect to or from it
<samba35> how do i fix this error Feb  libvirtd[6040]: unsupported configuration: Security driver apparmor not enabled
<rbasak> Are you using libvirt and kernel packges from Ubuntu?
<samba35> yes
<tomreyn> enable apparmor, i would guess
<nerfed> does anyone know of a good place to get help with performance issues, I've exhausted everything that I can think of and I cannot track down the source of random intermittent performance spikes that are destroying my real time processes
<nerfed> I have intermittent performance spikes where some or all processes stop receiving CPU time for anywhere from a few hundred milliseconds to over 8 seconds randomly anywhere from every few minutes to every few hours. my processes are scheduled are real-time round robin, CPU hyperthreading and frequncy scaling is disabled, the hard disks are barely ever touched at all as most writes and reads are from a ram disk, CPU load is barely
<nerfed> I'm not sure if it's the linux kernel, something in Ubuntu server 16.04 or perhaps caused by something hardware related
<nerfed> the only hints that I can see when the spikes happen and certain processes freeze for x amount of time, is if netdata's collections don't freeze up during that period, they show a large drop in interrupts and softirqs, which is probably just a result of the processes not being scheduled by the CPU during that period
<zzz_> are croned shell commands logged anywhere?
#ubuntu-server 2017-02-19
<sarnold> zzz_: no; what are you trying to solve?
<sarnold> geigerCounter: sorry, I had to run last night; how'd things work out?
<Henster> https://www.youtube.com/live_dashboard
<zzz_> sarnold i have a croned .sh that logs in to a service with secret credentials. if i run the file directly from the command line i get a warning that i shouldnt use passwords on the command line
<Henster> hey whats up im messing around
<zzz_> i am making sure it's safe to do so
<Henster> mine ?
<Henster> lol ok
<Henster> damm trying to make the bacround screen look cool
<Henster> lol this is hard wrok lol
<sarnold> zzz_: aha. :) note that processes and their arguments are visible via top or ps auxw or /proc/*/cmdline
<sarnold> zzz_: so it's not very safe to call it that way if you have untrusted users or untrusted services on your computer
<patdk-lap> what service?
<Henster> hey man can you guys see video on my stream
<geigerCounter> sarnold: Tactical retreat for sanity's sake. Never got anybody to try connecting to my server to see, but a port tester was able to connect fine. So I think it is the ISP of my current location blocking the connection. :/
<sarnold> geigerCounter: aha. do you still need testing?
<geigerCounter> This is rather obnoxious, of course, because I can't try testing with a mail client.
<geigerCounter> sarnold: Yep.
<sarnold> geigerCounter: what address?
<geigerCounter> sarnold: somethinghub.com
<sarnold> geigerCounter: it sure feels like a firewall set to DROP rather than REJECT
<geigerCounter> sarnold: Yes, yes it does. But I'm also having trouble with authenticating locally over s_client, so I've got two issues for the price of one.
<sarnold> what a deal!
 * geigerCounter laughs
<geigerCounter> Fortunately I have something to stave away the frustration.
<geigerCounter> sarnold: http://youtu.be/T-hZhr2k2hk
<sarnold> geigerCounter: nice :)
<sarnold> I've got ghostbusters 2 going at the moment
<geigerCounter> sarnold: Did the test succeed?
<sarnold> geigerCounter: no, I never got any response to the HELO command, it just hung like a firewall was dropping packets
<geigerCounter> :/
<geigerCounter> Try EHLO ?
 * sarnold facepalm.gif
<sarnold> geigerCounter: sigh. _my_ ISP blocks outgoing port 25.
<sarnold> geigerCounter: testing from another machine shows your machine works just fine.
<sarnold> 220 somethinghub.com ESMTP Exim 4.82 Ubuntu Sat, 18 Feb 2017 21:47:41 -0500
<geigerCounter> sarnold: Awesome
<geigerCounter> Why do so many ISPs block it, I wonder?
<sarnold> they're trying to cut down spam from their users when they get compromised
<sarnold> and they do, users install the stupidest things in their browsers, or click on the stupidest things in their email..
<patdk-lap> there is NO ligit usecase for users to send email using port 25
<patdk-lap> expecially this day in age when your email has reputation, dkim, and spf rules it MUST pass
<patdk-lap> also, residentual isp don't normally have static ip, and let you set the reverse dns entry, that are required for email also
<zioproto> hello all
<zioproto> I was looking at this charms bug https://bugs.launchpad.net/charms/+source/mediawiki/+bug/1655069
<ubottu> Launchpad bug 1655069 in mediawiki (Juju Charms Collection) "db-relation-changed bug syntax error" [Undecided,New]
<zioproto> I am not yet very familiar with Charms, looks like the code on Launchpad is only for Precise branches
<zioproto> I cant figure out where is the Xenial code for this charm, can anybody help me out ?
<lordievader> Good afternoon
<blizzow> I think one of the recent kernel releases broke 16.04's OOM killer. In particular the OOM killer has become really aggressive with KVM virtualization.
<blizzow> https://forum.proxmox.com/threads/proxmox-4-4-5-kernel-out-of-memory-kill-process-8543-kvm-score-or-sacrifice-child.31569/#post-157162
<blizzow> The OOM killer is killing VMs even with less than 60% of my hypervisor RAM being used.
<lordievader> Really? That is quite agressive indeed. Is more memory committed that allowed?
<geigerCounter> Hi all. What terminal text editor do y'all use?
<caliculk> I am currently having some apt packaging issues. Not sure how it happened, as I don't recall updating the server in several days. I have tried using 'dpkg --configure -a' and removing the lock file and trying to upgrade again, but unfortunately, it still won't work.
<OerHeks> geigerCounter, nano vim
<caliculk> Full log is here: https://paste.ubuntu.com/24028525/
<OerHeks> caliculk, proper solution: run 'sudo fuser -v /var/cache/debconf/config.dat ' to see what process, and kill it. >> http://askubuntu.com/a/380701
<caliculk> Yeah, just found that.
<caliculk> I thought I would come here first.
<OerHeks> Good thinking, go ahead.
<thrasos_> hello
<geigerCounter> OerHeks: Neat. I've been trying out this fairly recent one called micro that I've been enjoying so far.
<thrasos_> I am trying to enable CORS (Cross Origin Resource Sharing )
<thrasos_> any tips?
<caliculk> Well, I guess this was part of the problem - https://paste.ubuntu.com/24028554/ grub won't upgrade :/
<Doow> I'm trying to install mariadb-server and using the command mysql_secure_installation, it complains about not being able to write some files to disk, even if I run it with sudo -u mysql, am I supposed to run it as root? I don't want to screw up the permissions for later.
<Doow> log: https://paste.ubuntu.com/24029495/
<Doow> Looking at the files on disk it seems to be a bit of a mix between root and mysql that owns things
<compdoc> I think you do run with the mysql root account
<compdoc> shouldnt matter if you are root or not. shouldnt need to sudo
<Doow> ok, it definitely does on this machine
<Doow> maybe I've screwed up permissions allready, I've installed/purged/reinstalled
#ubuntu-server 2018-02-12
<KingParrot> Razor-qt openssh ask password interface
<KingParrot> put on the boot boot.
<KingParrot> evil trash hole chat.
<KingParrot> OpenSSH
<KingParrot> OpenSSH is OpenBSD's version of the last free version of SSH
<KingParrot> What is better to install gsi-openssh-serve or just plain openssh-serve?
<KingParrot> configuration editor for OpenSsh
<KingParrot> run SSH jobs in parallel
<KingParrot> collection of compatibility modules for Net::OpenSSH
<KingParrot> configuration editor for OpenSsh
<KingParrot> configuration editor for OpenSsh
<KingParrot> intresting it seems that OpenBSD is big into the rpms.
<lordievader> Good morning
<KingParrot> I fond a portable version of OpenSSH in as a Deb file
<KingParrot> ello Vader
<lordievader> Hey KingParrot
<KingParrot> how ya doin?
<lordievader> Doing allright here. How are you?
<KingParrot> I am good
<KingParrot> I just fond me self a Deb copy of openssh-server 7.2p2 to test install
<KingParrot> it is portable
<KingParrot> it seems that most of the BSD if not all of them of OpenSSH are portble
<KingParrot> I seen a huge list of rpm portoble
<lordievader> Why would you want a portable version?
<KingParrot> portable is awsum
<KingParrot> often apt purge don't work
<KingParrot> nice thing about portable is you can put it any place.
<KingParrot> if a person wants to be funny they could hide the program in a var file.
<KingParrot> it takes more effort to make a sort cut and put it someplace on linux unlike windows short cuts are easy.
<KingParrot> In some countries it may be illegal to use any encryption at all without a special permit. sshd replaces the insecure rshd program, which is obsolete for most purposes.
<KingParrot> FileZilla - The free FTP solution
<KingParrot> filezilla - Full-featured graphical FTP/FTPS/SFTP client
<KingParrot> * Available in more than 40 languages
<KingParrot> It would be nice if Peppermint had a irc
<KingParrot> You can do something boring
<KingParrot> how to ping out on win xp to another pc
<jamespage> tobasco: ok so its is a little more involved than I anticipated
<jamespage> (gnocchi py2 pkgs)
<KingParrot> espacaily so depending on the aplication
<KingParrot> I tried to exstrace tabaso with Winrar once boy oh boy did Bill Gates get mad.
<KingParrot> In Samba I changed my workgroup name to the exact same name as the WinXP
<KingParrot> That openSSH  looks like some powerful stuff.
<KingParrot> Its sort of strange that the PinkPanther is a male cat
<KingParrot> He is a nice cat.
<lordievader> SSH is quite powerfull.
<lordievader> Especially if you learn about it's proxy command feature.
<KingParrot> does ipconfig ping in linux?
<KingParrot> woof woof
<lordievader> There is no 'ipconfig' command. The closest to that is 'ifconfig' which has been replaced by 'ip' from iproute2.
<KingParrot> moew
<KingParrot> must be some sort of command to find out the IP
<lordievader> Not really sure what you mean with 'ping' here...
<lordievader> Yeah, 'ip address show'.
<KingParrot> It is sort crazy concept to ping thee self.
<lordievader> Actually the loopback interface is used quite a lot.
<KingParrot> do u use it your self?
<lordievader> I hope my server does.
<CodexRaptr> wow both of you
<KingParrot> I know there are web sites for finding I{
<KingParrot> but ipconfig don't work in linux
<KingParrot> yes she is sorta weird and crys to much.
<KingParrot> Ask Ubuntu normaly is sorta a good web site.
<KingParrot> Finding external IP without relying on external services
<jamespage> coreycb: I think we should do the python-sphinx -> python3-sphinx switch this milestone - what do you think?
<jamespage> coreycb: ok going todo the neutron-* while I wait for lunch to cook :-)
<coreycb> jamespage: sure, why not
<coreycb> jamespage: ok :)  I'll get started shortly as well.
<tobasco> jamespage: aight, anything blocking a revert/fix for pushing py2 back?
<jamespage> tobasco: no working it through now - just needed to add py2 support to a dependency as well
<jamespage> tobasco: also needed to let people know it was coming back - its kinda counter intuitive for the py3 transition goals in distro
<jamespage> anyway no blockers from a process perspective
<KingParrot> She is a winny twit I hope she get speeding ticket.
<KingParrot> dev is a boring chat room
<tobasco> jamespage: ok cool, i totally agree but it's hard to transition only some and not everything like this time when some dependencies cannot co-exist
<tobasco> super thanks for the help :)
<coreycb> jamespage: i'm going to start working on oslo and client updates for queens
<KingParrot> is that in C++?
<KingParrot> tracert www.yahoo.com
<KingParrot> The cops think it was a dog that pissed on the tires.   And not a large yellow bird man that eats sesamie seeds.
<dpb1> o.O
<mgagne> coreycb: are there any plans to update libvirt/qemu for trusty/mitaka in UCA?
<coreycb> mgagne: yes it needs to get backported. i'll msg you when it's done.
<mgagne> coreycb: I'm subscribed to email notification so that's fine. Just wanted to make sure I'm not waiting for something that won't happen. thanks =)
<coreycb> mgagne: ok sounds good
<jamespage> coreycb: bah another circular dependency between bgpvpn and bagpipe
<coreycb> jamespage: oh fun
<jamespage> coreycb: ok I think blacklisting the bagpipe tests in bgpvpn is sufficient
<jamespage> coreycb: have most of networking-* done
<coreycb> jamespage: ok great
<jamespage> coreycb: ok neutron-* and networking-* uploaded alongside gnocchi with tobasco's restored py2 package
<jamespage> thats me done for today...
<coreycb> jamespage: ack thanks
<rbasak> nacc: o/
<rbasak> nacc: got some MPs for you please
<rbasak> https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/337564 first - that's rather large but fairly straightforward no-functional-change refactoring
<nacc> rbasak: yep, on my plate after i catch up on php
<rbasak> Then https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/337577 and https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/337280 please, for bug 1745197
<ubottu> bug 1745197 in usd-importer "tests/repo_builder: needs the ability to create mulltiple commits with graph information" [Undecided,In progress] https://launchpad.net/bugs/1745197
<rbasak> nacc: sure. While we're on the subject of PHP, it's the only thing holding up mysql-5.7 from migrating now I think.
<nacc> rbasak: ok, i think it's probably wedged with php-horde-test
<nacc> i need to unblock phpunit first anyways
<rbasak> nacc: apparently I sponsored php-sabredav way back when and that's showing up in grep-merges now. Fancy merging it while you're looking at PHP stuff?
<rbasak> powersj: fancy merging or syncing etckeeper as appropriate? You touched it last, sponsored by me it seems :)
<powersj> rbasak: hmm wasn't planning on it :) but I think I could
<powersj> only one delta we keep, and would be good for me to refresh myself on merge process as it has been almost a year
<bladernr> jamespage, coreycb is there something that shows what Openstack version corresponds to which release? I was looking at this: https://wiki.ubuntu.com/OpenStack but need info on the version in the current dev release as well.
<tafa2> what dya'll use for server monitoring? (taking an informal poll)
<coreycb> bladernr: try here https://www.ubuntu.com/info/release-end-of-life
<coreycb> bladernr: I'm in mobile so it displays differently bit I think that'll tell you
<bladernr> yes, perfect, thanks coreycb that's exactly what I had in mind.
<tomreyn> the good thing being that ubuntu-support-status now actually works again - if you're fully updated. ;-)
<nacc> rbasak: ok
<nacc> rbasak: can you file a bug and assign me?
#ubuntu-server 2018-02-13
<DirtyCajun> any hints other than the stupid obvious ones online for speeding up initialization on an mdadm array?
<rostam> Hi need help please. I installed a package (apt-get install go-server) then I remove it (apt-get purge go-server). Then after I reinstalled it some of the file from the installed pages are missing, how could I recover please?
<dpb1> rostam: what files are missing.
<dpb1> DirtyCajun: never looked into it
<DirtyCajun> dpb1, im probably just being impatient. Its chugging along pretty nicely i just want to increase it more haha
<dpb1> on a lark I googled, and I was shocked to find...
<dpb1> dev.raid.speed_limit_max = 200000
<dpb1> dev.raid.speed_limit_min = 1000
<dpb1> wow
<dpb1> never knew that one
<dpb1> but those are probably the "stupid obvious" ones. :)
<DirtyCajun> yep
<rostam> dpb1, files in /var/lib/go-server and /var/go directory.
<DirtyCajun> i have them at 200000 and 500000 respectively
<dpb1> rostam: so
<rostam> dpb1, the files are missing in /var/lib/go-server and /var/go directory does not get created ...
<rostam> please help
<dpb1> rostam: just testing
<dpb1> rostam: what version of ubuntu?  I don't see a go-server
<rostam> dph1 I did install and reinsall the package afew times, and all the sudden then this issue happened.
<rostam> I am using 16.04 LTS update 3
<dpb1> rostam: can you do apt-cache policy go-server and pastebin the results?
<dpb1> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<rostam> dpb1, here it is https://paste.ubuntu.com/p/Md5MB3bJJV/
<dpb1> rostam: so, here is my fear
<dpb1> rostam: I take it that the data in /var/lib/go-server and /var/go was created by you and you want it back?
<rostam> dpb1 yes I did copy some files in those directories and then remove them manually.
<dpb1> rostam: ah, ok, so just a matter of the package not *creating* directories and files when it's installed?
<rostam> yes I copied some files and directories inside those direcory and then remove them manually.
<rostam> Yes it does not created those files inside the directories.
<dpb1> ok
<rostam> please help I need this working
<dpb1> so, idk then, /var is a directory used for "variable" data.  data created by the application
<dpb1> you'd be best to check with the application itself, support forums, irc channels, etc.
<rostam> so you do not think this is ubuntu specifc issue?
<dpb1> no.  the package you are installing is even from a 3rd-party repository from the project itself.
<dpb1> rostam: see the 'https://download.gocd.org' lines in that pastebin you sent me?
<dpb1> I'd go to gocd.org, they are likely who made the packaging.
<rostam> okay thanks so much.
<lordievader> Good morning
<rbasak> powersj, nacc: some help with git-ubuntu CI please? I don't understand the failures or the current status in Jenkins
<demahum> Anyone willing to help me understand ubuntu kernel release schedule?
<rbasak> Are you looking for https://wiki.ubuntu.com/Kernel/StableReleaseCadence ?
<rbasak> Also try the kernel team in #ubuntu-kernel
<demahum> rbasak: ubuntu-kernel sounds very good
<demahum> rbasak: and for the cadence, I will take a look at it now
<demahum> thanks
<jamespage> coreycb: ok telemetry bits all uploaded (ceilometer, aodh, panko) + cinder
<jamespage> coreycb: nova done - moving onto glance
<jamespage> coreycb: glance done
<jamespage> coreycb: doing keystone but...
<jamespage> msgpack-python -> msgpack is confusing things
<boxrick> Hey, I have a service I have replaced the sysvinit script into a Systemd script. However this is going to cause me problems in the future if that package updates for example
<boxrick> Is there any clean way of dealing with this?
<rbasak> boxrick: we generally avoid doing that in the lifetime of a stable release.
<rbasak> We might do it in a new release, but it'd go in /lib/systemd/system/
<rbasak> If you put the same name in /etc/systemd/system/, your file will always override one provided by packaging.
<boxrick> Oh ok, previously I simply removed the old service
<boxrick> IE actually deleted the file
<boxrick> So perhaps just leave it in replace then add the systemd file instead.
<rbasak> I'm not sure, but I believe systemd will ignore the init.d script if there is a systemd service unit defined of the same name.
<coreycb> jamespage: that's too bad, i was hoping the msgpack transition would just work for debs
<coreycb> jamespage: i didn't get as far as I wanted on rc1 yesterday. going to get started shortly and will be poking at qemu for ocata in the background.
<coreycb> jamespage: i'm going to focus on the rest of the clients and any other dependencies
<jamespage> coreycb: well if I just bump to the newer version it will just work
<jamespage> coreycb: I need to test with all rbd's to de-risk - doing that now
<jamespage> coreycb: not sure which way to jump on this one
<coreycb> jamespage: what's that?
<jamespage> coreycb: msgpack-python vs msgpack
<coreycb> jamespage: new version not working out?
<jamespage> coreycb: kinda - have a plan - testing it now
<coreycb> jamespage: ok. i'll be done with the clients once I figure test failures with neutronclient and cinderclient.
<jamespage> coreycb: \o/
<dpb1> office hours starts.... now
<nacc_> rbasak: i belileve i saw earlier that jenkins was out of disk
<powersj> should be operational now
<powersj> rbasak: re-kicked CI on your merges
<rbasak> Thanks!
<blackflow> I need to use zfsutils-linux 0.7.5 on 17.10. What would be the recommended procedure, can I use the one in bionic-proposed? Or maybe I should use zfsutils-linux srcdeb, repatch for 0.7.5 and build that on Artful?
<nacc> blackflow: why do you "need" to do this?
<blackflow> nacc: because 0.6.x has a bug with zfs send | receive from a pool of different version (even though features are not enabled). I cannot send from a pool craeted in FreeBSD, to a pool created in Artful, due to that.
<nacc> blackflow: did you file a bug in Ubuntu?
<blackflow> the bug is filed somewhere in ZoL github, I've hit it before.
<nacc> blackflow: if it's an actual bug, we can SRU the fix in
<blackflow> lemme find it
<nacc> blackflow: but someone has to file it for that to happen (generally)
<blackflow> I believe this was it: https://github.com/zfsonlinux/zfs/issues/5699
<blackflow> I know last time I temporarily installed gentoo, compiled newer ZoL and it worked just fine. Now I need that kind of solution on Artful.
<nacc> blackflow: https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1733230 ?
<ubottu> Launchpad bug 1733230 in zfs-linux (Ubuntu) "'zfs recv' hangs when receiving from a FreeBSD zfs" [Undecided,New]
<blackflow> nacc: oh yes, that's it. subscribed. thanks.
<blackflow> meanwhile... I guess I can't use bionic (built against newer kernel I suppose), so I'll try rebuilding on artful from source debs
<nacc> blackflow: https://github.com/zfsonlinux/zfs/pull/6602 and others, are a bit hard for me to parse right now
<nacc> blackflow: it would help if in the ubuntu bug you can do an executive summary, and perhaps some testing?
<blackflow> executive summary?
<nacc> blackflow: what the actual fix is?
<nacc> blackflow: it's not 100% clear and I don't have time to figure it out right now :)
<blackflow> well the fix I did was on gentoo, I just upgraded from 0.6.x to 0.7.x can't remembre which x it was at the time
<blackflow> I have no idea if it's something that could be backported. but anyway, I'm willing to help out, right now I have to migrate some large swaths of data and I'd like to avoid temporary installing gentoo somewhere :)
<blackflow> nacc: if I'm not mistaken, this is the pull request fix?  https://github.com/zfsonlinux/zfs/pull/6616
<nacc> blackflow: right, but the other is the backport, upstrteam
<sarnold> blackflow: please forgive me if you already know this, but you can't mix-and-match the zfs utilities with the kernel module -- there's no versioning in the interface, so your utils need to match your module
<blackflow> sarnold: I'm rebuilding entire zfsutils-linux package and will install it and all the deps produced
<blackflow> infact, I already did. rebooted, pools imported, but zfs send is segfaulting. gotta figure out why now...
<nshire> I can successfully ping my Ubuntu 16.04 LTS VM but all I see is a black screen.
<nshire> Prior to the black screen I got the normal ubuntu load screen but then it said "fsckd-calced-msg: press ctrl-c to cancel filesystem checks in progress"
<nshire> anyone have diagnostic ideas?
<mason> blackflow: Just skimming, but is your send/recv issue feature-related?
<nshire> also I have ssh access to the vm still, not sure how
<blackflow> mason: nah. sarnold hinted at it. the kernel module is not installed with zfsutils-linux packages. this is not dkms... it's part of linux-image package. so yes, I was building and installing new userland, but the kernel module is still 0.6.x
<blackflow> I have to pull in zfs-dkms and spl-dkms from bionic and build those too
<mason> ah, ah
<mason> Shunning the shiny FTW
<blackflow> mason: ordinarily I wouldn't do it, but I have a problem with a bug in zfs 0.6.x where you can't zfs send from a pool of different version, even if newer features are NOT enabled
<blackflow> mason: 'zis: https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1733230
<ubottu> Launchpad bug 1733230 in zfs-linux (Ubuntu) "'zfs recv' hangs when receiving from a FreeBSD zfs" [Undecided,Confirmed]
<mason> Hrm. I'll have to reproduce it later. I'm mostly rsyncing between FreeBSD and Ubuntu based on the nature of what I move.
<mason> blackflow: ty
<blackflow> mason: yah but I've got snapshots I want to preserve :)
<blackflow> otherwise i'd rsync it and call it a day.
<blackflow> mason: and btw this is exactly a problem with moving from FreeBSD-created pool to Ubuntu-created pool.
<mason> blackflow: I don't see you explicitly not creating features with your pool creation, and FreeBSD makes features that don't exist in Ubuntu.
<mason> If you create the pool with -d do you see the same thing?
<mason> In a meeting so I haven't dug in enough - sorry if your bug answers that.
<blackflow> mason: I've hit this exact problem few months ago. it's reported on ZoL github. upgrading to 0.7.x fixes it.
<mason> Right. Just curious.
<blackflow> but last time I used gentoo to build the newer version and move snapshots.
<blackflow> huh. Two more yaks appeared waiting to be shaved, lol. Arg, I might just as well upgrade to bionic. :)
 * mason makes ch-ch-ch-ch-ch noise.
<coreycb> jamespage: that took some digging. finally found out why cinderclient tests were failing. exception=The 'msgpack>=0.4.0' distribution was not found and is required by oslo.serialization.
<jamespage> coreycb: I'm working a fix for that one
<coreycb> jamespage: ok. wasn't sure if that was dh-python or just need to add to pydist-overrides. but maybe something else.
<coreycb> jamespage: i'll hold off
<jamespage> coreycb: no I'm trying to get msgpack-python to provide msgpack-python and msgpack
<jamespage> coreycb: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3142/+packages
<coreycb> jamespage: got it, sound good
<nshire> for anyone who may be interested in what I did to fix my blackscreen: I SSHed in and ran the vboxguest additions uninstall script at /opt/vboxguestaddition-[...]/uninstall.sh
<sarnold> nshire: wow. I *NEVER* would have come up with that. :)
<nshire> I'm so glad you appreciate my attempt to help people who may have run into the same issue
<nshire> I wasn't able to bring up a terminal on the vm itself, it wasn't clear if it had booted at all
<sarnold> nshire: yeah, who knows, this little tidbit might save someone else the same grief in the future. thanks for reporting back :)
<jamespage> coreycb: hmm yeah but its not working
#ubuntu-server 2018-02-14
<mbff> Hello! Ubuntu seems to be preventing port forwarded traffic (I've tried Nginx and a python web server). Clients on the lan get a response. I've tried disabling UFW and I am seeing logs in tcp dump so the traffic seems to be getting to server.
<mbff> One note would be that the port forwarded traffic isn't "internet" traffic but local traffic from the router "above" my router.
<mason> mbff: iptables -n --list
<mason> mbff: Also worth mentioning if this box is sitting on a LAN, is a gateway, is otherwise doing something interesting.
<mbff> https://gist.github.com/marshallford/fb968423928a945dcb2a452f130ddd16
<mason> So, yeah, that's a bunch of rules with a default policy of "drop".
<mbff> the ubuntu server running the web server is on a LAN inside a LAN. The inner network is 10.0.X, the outer 192.168.X. I am trying to hit the webserver from the 192.168.X ip, one NAT "up"
<mbff> mason, I can disable ufw to help narrow down things
<mason> mbff: I'm not immediately clear on what all the docker rules are accomplishing, but in general, clear your iptables rules out and slowly build up.
<mason> If you're using random tools to build firewalls for you, make sure you understand how to tell them what you want.
<mbff> I do know how to tell ufw what I want. I am very explict in my setup script/automation
<mbff> the docker rules are added by, well docker
<mbff> with ufw disabled: https://gist.github.com/marshallford/872911698f1eba780d47df57087dc635
<mason> That's not a cleared out list of iptables. :P
<mbff> right...
<mason> That said, maybe reassert all the rules, like what you'd get freshly booting, and look at hit counts. But since something is setting you up as default-drop, it might not be explicit rules knocking down packets.
<mason> So, iptables -n -v --list
<mason> or -L - not sure why I default to the long argument for list. =cough=
<mason> Being a dinosaur, I build explicit rules and invoke them from /etc/network/interfaces, and it ends up never being mysterious, which I see as a win.
<mbff> "Being a dinosaur" :)
<mbff> iptables with verbose flag: https://gist.github.com/marshallford/e9edd9699f7869aaaaea6ea8f94135f4
<mbff> how would I check hit counts?
<mason> mbff: Anyway, here's what I'd do. Maybe someone will have a better idea. Reboot, get all your rules up as normal, and see some traffic knocked down. Then pick one of iptables -v -n -L to see what rules are hitting. If none, change your default policy to ACCEPT with iptables -P and see if that lets traffic in. If it does, you'll have to craft rules to explicitly accept the stuff that's otherwise being
<mason> dropped.
<mason> Sorry, you get the hit counts from the -v
<mbff> mkay
<mbff> mason, this ufw-not-local chain seems suspicious
<mason> mbff: Yeah, it has a couple hits.
<mason> You want to generate the traffic that's being blocked and see if the hit count rises.
<mbff> should I look up the pkts or bytes number?
<mbff> ADDRTYPE match dst-type BROADCAST seems to be going up
<mason> mbff: I'd think packets, because bytecount will vary based on how big the packets are.
<mbff> My guess is one of the ufw auto generated rules is blocking requests from IPS that are class A,B,C that aren't the in the range of it's own ip class.
<mason> mbff: Generate that traffic and watch the packet counts. No need to guess! :)
<mbff> Can I get iptables to show me the change in traffic packets between rules? I have no idea which rule it is
<mbff> Like can iptables narrow down output based on change
<mason> mbff: save a series of outputs, and use diff to see what changed
<mason> You can turn on logging to see hits logged, but that's too much work for this.
<mbff> the diff is helping, but still a lot has changed
<mbff> Would target RETURN cause the issue I am having?
<mason> mbff: https://unix.stackexchange.com/questions/191607/iptables-and-return-target#191614
<mason> so it's not a target as such
<mason> mbff: But if nothing explicitly accepts the traffic, your default DROP will get it.
<mbff> After looking at the diff, I don't see anything that stands out.
<mbff> How can I completly reset iptables, back to the system default before ufw was installed
<mason> mbff: I'd reboot and get whatever comes up on boot, and try your blocked traffic after manually changing the policies to ACCEPT.
<mason> That'll tell you if it's the default getting you.
<qman__> mbff: you can clear chains with iptables -F (must do nat and mangle separately, iptables -t nat -F, ...)
<qman__> and you can remove chains with iptables -X
<mason> qman__: He needs to be careful with this, because flushing tables with a default DROP will lock him out if he's not on the console.
<qman__> yep, was about to mention setting policy
<qman__> iptables -P OUTPUT ACCEPT; iptables -P INPUT ACCEPT
<mbff> here is the thing, this worked traffic worked earlier today on a base install of ubuntu server that was up to date.
<mbff> So something in my ansible scripts (including ufw scripts) caused this, most likely
<mason> mbff: A base install doesn't have a default DROP does it? Then again, I don't run ufw.
<mbff> ufw isn't in the base install
<qman__> no, the base install has no rules and ACCEPT policies
<mbff> so mostly likely ufw has some default rules it doesn't tell you about that are screwing me over
<mbff> can I safetly run iptables -X ? I'm worried about docker rules coming back properly, since I didn
<mbff> didn't write those
<mason> mbff: Well. If you don't see a specific rule going up as that traffic is dropped, you'll want to add rules to explicitly allow the profile of whatever traffic you need to come in.
<mason> mbff: That stuff will come back on boot if it's set up properly.
<mbff> I do though, my script runs ufw allow 80
<mason> Reboot and see the world from that perspective, and see if changing policy temporarily fixes you.
<mason> If it does, do whatever ufw requires to allow the specific traffic you want.
<mbff> i have done that, `ufw allow 80`
<qman__> no, if you're running docker, it's not safe to flush iptables out or delete chains
<qman__> docker does its own mangling of iptables
<mason> A blanket allow like that might be too wide.
<mbff> I'm not really using it atm, I don't care about docker short term
<mbff> using docker*
<qman__> if you don't care about breaking running apps, then yes, you can flush everything out; set policies to accept first, then flush, then delete chains
<mbff> Still not working, my iptables look like https://gist.github.com/marshallford/a00d38d0ad02eabe0cc074974538d4d6
<mbff> I'm wondering if this isn't a firewall issue
<qman__> that is effectively no firewall, so I'd say so
<mason> mbff: If it's not working with that, then it might not be a firewall issue. Look at your routing tables next...
<mason> netstat -rn
<mason> make sure you have a way to reply I guess?
<mason> maybe use wireshark/tshark and make sure what's hitting your server is sane
<qman__> yeap
<qman__> also check your nat table
<mason> maybe use wireshark on the other end of the connection and verify both ends at once
<qman__> iptables -nvL -t nat
<qman__> it shouldn't have anything in it, but if it does, it could break things
<mbff> wep I am overwhelmed by advice, not a bad thing I guess haha
<mason> mbff: Just save it all for later reference. :)
<mbff> I figured it out!
<mason> What was it?
<mason> And congrats. :)
<mbff> When openvpn is running, it doesn't work
<mbff> when I run service openvpn stop && service nginx restart, It works
<mason> mbff: Ah. I bet if you dig further you'll see routing tables telling you what was wrong.
<mbff> the question is now how I get it to work when openvpn is running
<mason> Like, you were taking your replies and trying to throw them back over the VPN.
<mbff> yep
<sarnold> try ip route get 8.8.8.8   or something similar
<mason> mbff: Well. Check your routing tables, and if you can, add specific routes to do the right thing and tie the traffic that shouldn't go over OpenVPN to a real interface.
<mbff> mason, I understand those words...
<mbff> I have not done any route work before
<sarnold> oh you are in for a treat^Wfrustrating evening! :)
<mbff> lol
<mbff> That's the reason I have this homelab
<mason> mbff: netstat -rn or whatever the mystical new ip equivalent is to start
<mbff> to learn
<sarnold> seriously though, 'ip route get' is amazing stuff.
<mason> mbff: In essence, what you're going to find is that your OpenVPN wants to grab traffic that matches the stuff coming in from your nat.
<mason> Is there an 'ip route discard' to go with it?
<sarnold> haha :D
<mason> mbff: So, as an example here, I have a VPN that's greedy and wants to grab a big range, so I shove in a more-specific rule in front of that to save local traffic from being gobbled up.
<mason> This way, my local traffic doesn't get sucked into a black hole, but I don't have to deal with a conflict with the VPN either.
<mason> If there were systems on the other side of the VPN that used my local range I'd be stuck, but there aren't, so it works. You might end up wanting to do something similar.
<mason> And if it's confusing, I apologize. Just be glad you're dealing with static routes. :)
<mbff> I don't even know how to filter my problem
<mbff> out
<mbff> this guy has my same problem https://ubuntuforums.org/showthread.php?t=2296618
<mason> mbff: FWIW, use sarnold's ip route get foo syntax to be compliant with the modern world, but try netstat -rn for more human-parseable view of what's going on.
<sarnold> mbff: be careful with forum posts .. it's too easy to find similar symptoms and get dragged off into the weeds chasing someone else's advice ..
<qman__> mbff: openvpn client? if so, make sure your openvpn config is not adding a default route over the VPN - this is most likely the issue
<sarnold> mbff: in this case it might actually be perfect :) has your openvpn been configured to send *all* traffic on the machine through the pipe? that might be ideal if you're trying to get out from the great wall of china or something but rough if you just want a few systems linked together..
<mbff> I'm looking at it, I just don't understand how to parse it, I don't fully understand the terms and how they related to form the "story" X traffic goes to Y if Z" for example
<mbff> sarnold, the vpn is not for connecting sites, strictly for ip masking, privacy, etc
<sarnold> this might not be easy to fix
<qman__> it may not be fixable, they're essentially incompatible configurations
<qman__> it's possible in theory to convince the kernel to return the incoming traffic locally instead of following the default route, but it depends on the VPN's implementation
<mbff> this guy solved the problem with a change the openvpn config https://serverfault.com/questions/614281/openvpn-client-breaks-remote-access-to-web-server
<sarnold> he probably did not want to use openvpn for ip masking and privacy in the same way that you do.
 * mbff shrugs
<qman__> that might actually be the config you're looking for, it effectively sets routes for all outbound traffic over the VPN without disrupting the default route and without using the redirect-gateway feature
<qman__> you'll have to test it though
<mbff> what does 128.0.0.0 mean? It seems arbitrary?
<qman__> it is arbitrary
<qman__> normally, a default route is set for 0.0.0.0/0
<qman__> this configuration is setting routes for 0.0.0.0/1 and 128.0.0.0/1
<qman__> they're narrower, scopes, splitting all address space in half
<sarnold> hah I'd argue that is very much NOT arbitrary :)
<qman__> because they're narrower, they're preferred over the default route
<sarnold> I mean you could achieve similar things with dozens of other configs .. but this is the simplest
<mbff> so how would I figure out what routes/numbers I need?
<qman__> those are the exact routes you'd need
<qman__> it doesn't change
<mbff> ie: why not 122.0.0.0/1
<sarnold> because that's not a well-formed CIDR input
<qman__> because 0.0.0.0/1 covers from 0.0.0.0 to 127.255.255.255, while 128.0.0.0/1 covers 128.0.0.0-255.255.255.255
<sarnold> (seriously, some tools have such a panic with that, security problems and all..)
<mbff> I worried I'm exposing my real ip to sites that start with 128.X
<sarnold> it'd be 128.x-255.255.255.254...
<qman__> those two routes cover the entirety of the ipv4 address space
<mbff> like I said, I'm new to some of this networking stuff outside the typically lan world
<qman__> so, provided it works at all, it will work for all destination IPs
<mbff> I'll trust yall... :)
<sarnold> if it matters, it'd be worth *testing* this on non-hostile services first..
<qman__> yes
<qman__> change the config, reconnect, and test with an IP checking service, like ipof.me
<mbff> curl ifconfig.co gives me my real ip, but openvpn is running and the port forwarded traffic is getting though
<lordievader> Good morning
<jamespage> coreycb: ok where I got to was we should patch msgpack -> msgpack-python
<jamespage> keystone and oslo.* done
<jamespage> coreycb: keystone done; moving onto barbican for rc1
<jamespage> and congress and designate-*
<jamespage> and then heat
<jamespage> coreycb: I've moved branch builds over to stable/queens as well
<jamespage> not sure all projects have cut those yet but its easier to mass move and then deal with excpetions
<jamespage> coreycb: oging to horizon next
<coreycb> jamespage: great, thanks
<coreycb> jamespage: ok going to start on what's left. i'll work backward from z*.
<jamespage> coreycb: okies
<jamespage> coreycb: did you have a barbicanclient update in the works?
<joop> hello
<coreycb> jamespage: nope, that must be new
<jamespage> coreycb: yeah heat needs it
<joop> i would like to ask you some couple of question setting up a ubuntu server
<jamespage> coreycb: lemme sort that out
<joop> i need to run a php web app
<joop> i installed apache2
<joop> but it doest not show only a blank page,afterall i installed xampp,which use apache
<joop> so they have conflict with apache2
<joop> but main question is,i tried to intall webmin
<joop> but the requested jcameron-key.asc file is not found anymore
<coreycb> jamespage: oh i see, it's not in the upstream report for some reason. i'll figure out why.
<joop> my question is how can i install webmin,and do i need actually or xampp do the same
<coreycb> jamespage: done back to sahara. getting trove and vpnaas next.
<rbasak> nacc: I don't see sssd in http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg ?
<rbasak> I'd expect to see it there.
<rbasak> Though it is in excuses
<nacc> http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed
<nacc> rbasak: the svg doesn't show everything, aiui
<coreycb> jamespage: working on the m* pkgs
<administrador_> hi
<administrador_> im trying to do wake on lan with nagios
<jamespage> coreycb: horizon, designate and barbican done
<dpb1> rbasak: looking at that https everywhere bug, the one that carries the most weight is hiding the packages you are downloading.  that is hard to refute.
<rbasak> dpb1: HTTPS doesn't really hide that though. The package sizes, the dependency tree and recently published updates are all well known. That's enough to infer what you just downloaded.
<rbasak> dpb1: if I had the time, I could write the tool to do it.
<dpb1> hm
<dpb1> rbasak: thanks, yes, interesting discussion
<sdeziel> I suppose the above discussion is about HTTPS mirrors for apt, right?
<dpb1> sdeziel: yes
<sdeziel> dpb1: there is one paper including a security analysis of various package manager: https://isis.poly.edu/~jcappos/papers/cappos_mirror_ccs_08.pdf
<sdeziel> dpb1: rbasak: one of the benefit of using HTTPS was to defeat replay attacks and I believe this could happen when the connection to  security.ubuntu.com is MITM
<sdeziel> dpb1: rbasak: presumably having HTTPS on just security.ubuntu.com would prevent this without the nightmare associated with HTTPS mirrors
<sdeziel> would be nice for the PPAs to also get HTTPS because they are only signed with a 1024 bit GPG key IIRC
<dpb1> sdeziel: ya, all the attacks in 3.1 seem relavent actually
<sdeziel> dpb1: the "arbitrary package" and "extraneous dependencies" would fail GPG validation IMHO
<sdeziel> but I haven't read the paper carefully
<sdeziel> dpb1: could you share the bug number please? I couldn't find it quickly and would like to track it
<sdeziel> https://www2.cs.arizona.edu/stork/packagemanagersecurity/otherattacks.html says that apt is subject to the endless data attack
<dpb1> sdeziel: ya, I had it, one sec
<dpb1> sdeziel: here's the main one: https://bugs.launchpad.net/ubuntu/+bug/1464064
<ubottu> Launchpad bug 1464064 in Ubuntu "Ubuntu apt repos are not available via HTTPS" [Undecided,Confirmed]
<sdeziel> dpb1: thanks
<dpb1> sdeziel: thx for sharing your paper.  I think freezing, endless data and replay are all very interesting and would certainly be mitigated by https+cert pinning
<sdeziel> dpb1: endless data shouldn't even be exploitable because everything is there to close it. I don't know if recent apt versions fixed that or not but it doesn't require HTTPS
<dpb1> sdeziel: sure, the client should be proactive
<dpb1> sdeziel: at least on trusty, I had times where I was in the gigs of transfer from a broken repo
<dpb1> but maybe that is addressed now
<sdeziel> yeah, that's what I'd like to know :)
<sbeattie> sdeziel: new ppa gpg keys are 4096 bits. but they are per-owner, so those of us with an existing 1024 key can't ever seem to get out from under it, without creating a whole new launchpad identity.
<sdeziel> sbeattie: hmm, that's interesting to say the least
<jamespage> coreycb: https://launchpadlibrarian.net/357025783/buildlog_ubuntu-bionic-amd64.heat_1%3A10.0.0~rc1-0ubuntu1~ubuntu18.04.1~ppa201802141302_BUILDING.txt.gz
<jamespage> I think we need new sdk
<sbeattie> sdeziel: https://bugs.launchpad.net/launchpad/+bug/1240681 is where the default got bumped to 4096.
<ubottu> Launchpad bug 1240681 in Launchpad itself "New GPG generated keys are 1024 bits" [High,Fix released]
<coreycb> jamespage: i can get that
<jamespage> coreycb: ta
<jamespage> coreycb: the min barbicanclient version in global-requirements is to low as well
<sdeziel> sbeattie: I sure would have hope for a way to transition to a newer key
<sbeattie> +1
<sdeziel> https://bugs.launchpad.net/launchpad/+bug/1331914
<ubottu> Launchpad bug 1331914 in Launchpad itself "Allow users to re-generate a PPA signing key" [High,Triaged]
<rbasak> sdeziel: yeah, already noted. Valid-Until and Check-Valid-Until can mitigate that, but in the HTTPS case it'd be noticed quicker.
#ubuntu-server 2018-02-15
<Delemas> On LTS anyone else having issues with the most recent linux-firmware update trying update-initramfs a 3.19.0-21 kernel they haven't had in years? I don't get where it is coming from.
<TJ-> Delemas: check under "ls /var/lib/initramfs-tools/" for a directory for that version
<Delemas> Oh bingo that shouldn't be there...
<Delemas> TJ- Thanks
<Delemas> Great! That fixed it. Thanks. :)
<cpaelzer> snowy morning everybody
<lordievader> Good morning
<cpaelzer> gm lordievader
<lordievader> Hey cpaelzer
<lordievader> How are you doing?
<cpaelzer> great - and you?
<lordievader> Doing okay here, haven't had coffee yet though
<ahasenack> rbasak: good morning/afternoon
<ahasenack> rbasak: did you see the ping on the zstd bug? The packages should be in the sru queue, I wonder if you saw them in your sru day yesterday
<rbasak> ahasenack: I didn't yesterday, but I'll look at that next today
<ahasenack> ok, thanks
<Isla_de_Muerte> Heya guys, is there a specific amount of free RAM I should keep on the server? I did some apache changes and free -ht shows free mem down from 1.9GB to 600mb
<rbasak> Isla_de_Muerte: https://askubuntu.com/a/116359/7808
<Isla_de_Muerte> rbasak, tyvm
<Isla_de_Muerte> It seems like almost 8GB is free to use
<hateball> unused RAM is wasted RAM :p
<Isla_de_Muerte> total       used       free     shared    buffers     cached
<Isla_de_Muerte> Mem:         16006      15285        721       1020          0       7425
<Isla_de_Muerte> -/+ buffers/cache:       7858       8147
<Isla_de_Muerte> I was only watching the first line :P Oh well tyvm for the help guys
<lordievader> !free
<ubottu> freedom is important. Ubuntu is as free as we can make it, which means mostly free software. See http://www.gnu.org/philosophy/free-sw.html and  http://www.ubuntu.com/project/about-ubuntu/licensing
<lordievader> !ram
<ubottu> If you are wondering why some tools report your system has very little free memory, have a look at http://www.linuxatemyram.com/
<lordievader> That's the one
<lordievader> But as hateball says, unused ram is wasted ram. Unless you frequently reload programs which swap a lot of ram.
<rbasak> cpaelzer, ahasenack: I'm a bit confused as to why https://code.launchpad.net/~ahasenack/ubuntu/+source/libzstd/+git/libzstd/+merge/336258 is showing as Merged
<rbasak> I can ignore that and proceed anyway. I'm just wondering if that's a workflow issue or consequence of something
<ahasenack> rbasak: I think cpaelzer changed that once it was uploaded to proposed
<rbasak> Ah. Because he pushed an upload tag perhaps?
<ahasenack> he did that too
<ahasenack> but I'm also confused by the mp status in general
<ahasenack> I would think that lp would detect it as such once the importer imported the uploaded package the next time
<rbasak> It's not good whichever way we do it for SRUs :-/
<rbasak> Since the uploader (or sponsor) has the upload tag but does not know if the SRU will be accepted.
<ahasenack> since srus can take months, setting the mp to merged is a cheap way to get it out of our view I guess
<rbasak> OK. Let's just keep doing that for now, and we'll deal with it individually if something goes wrong.
<ahasenack> we should talk about it in the sprint
<ahasenack> (yeah, it's that time of the year again :)
<rbasak> ahasenack: we're deferring workflow stuff in favour of getting all the packages imported first
<ahasenack> ok
<cpaelzer> rbasak: ahasenack: so far I handled it as tag-push=>dput=>merged
<cpaelzer> but reading through your discussion it seems you in general agree
<cpaelzer> until we have worked on the improved workflows
<rbasak> Yeah
<ahasenack> and yes, we have had cases where the package was not used, like ubuntu-fan, where smb (I think) took over that sru
<rbasak> It's probably the least worst answer right now
<ahasenack> at worst we lose rich history, right?
<rbasak> If the SRU isn't accepted, the upload tag will need removing or superseding
<rbasak> Or it'll be present, wrong, but not adopted
<cpaelzer> yep
<cpaelzer> essentially we (tag pushers) need to be informed if it was rejected
<jamespage> coreycb: nearly there with heat - tripped over a python-tz issue this morning :-)
<coreycb> jamespage: oh interesting.
<jamespage> coreycb: its fixed in debian - just pending a sync to happen
<jamespage> syncpackage: Error: Debian version 2018.3-2 has not been picked up by LP yet. Please try again later.
<coreycb> jamespage: ok. i need to figure out some failures with neutron-vpnaas.
<coreycb> jamespage: qemu is fixed up in ocata-proposed btw
<jamespage> coreycb: awesome-o
<jamespage> what was the problem?
<coreycb> jamespage: one of the spectre patches was causing a segfault
<coreycb> jamespage: there were 2 approaches to the patch so i went with the alternative used in xenial
<jamespage> ok
<ahasenack> rbasak: I have the changes you requested for the livepatch motd in the ubuntu-advantage-tools
<ahasenack> rbasak: a process question now (as in procedure)
<ahasenack> rbasak: in upstream (github), I usually just do a new release
<ahasenack> rbasak: in this case, what you reviewed in that MP was upstream release v14
<ahasenack> rbasak: I would normally now do an upstream v15, with the requested changes, and that update the MP with that
<ahasenack> rbasak: end result is that v14, albeit released upstream (github) and in some ppas, was never in ubuntu
<rbasak> ahasenack: it's a Debian native package, isn't it?
<ahasenack> rbasak: do you have an issue with that? Assuming you would approve this v15 MP, that d/changelog would mention both v14 and v15
<ahasenack> rbasak: it is
<rbasak> You may have to skip this time.
<ahasenack> not my call, but somebody made it native some time ago
<rbasak> But normally you should be testing with things like 15~ppa1
<ahasenack> I do
<ahasenack> the daily build ppa uses git revnos even
<ahasenack> and they are using 14
<ahasenack> but 14+ I think
<ahasenack> yeah, 14+stuff
<rbasak> Github "releases" make no sense here. I wouldn't do them.
<ahasenack> I need a tarball
<ahasenack> and github releases make them for me
<rbasak> "git archive"
<ahasenack> "button"
<rbasak> "script" :)
<ahasenack> github will eventually need a release
<ahasenack> it's a matter of ordering
<rbasak> How so?
<ahasenack> release in ubuntu first, then make mps to release in github, since I need to change d/changelog
<ahasenack> or release in gh first, with the mps over there, then make an mp in launchpad for the ubuntu release
<ahasenack> I can't commit without mps, and I also can't upload it to ubuntu
<ahasenack> I personally don't mind having the d/changelog mention v14 and v15
<ahasenack> they were releases
<ahasenack> one just never made it into the *archive*
<rbasak> They weren't releases.
<rbasak> There is no upstream here.
<ahasenack> there is, and ubuntu isn't it
<rbasak> If it didn't get published in Ubuntu, it wasn't "released", despite what you want to call it.
<rbasak> Are you publishing this anywhere apart from Ubuntu?
<ahasenack> ubuntu ppas
<ahasenack> and github tarballs
<rbasak> For development and test, or actual use by anyone else?
<ahasenack> it's a public ppa, the url was used in document specs for people to see what's coming up
<ahasenack> built via a recipe
<rbasak> It seems to me that you (collectively) are making this far more complicated than it needs to be.
<rbasak> What you're doing (maintaining a git tree in Github) is fine, but is really no different than any Debian packaging maintenance team maintaining a native package in alioth (now salsa).
<ahasenack> it's a bit different
<rbasak> Stop doing tarball releases in Github. Use Launchpad build recipes for your test/preview PPAs.
<ahasenack> the debian team make a release in salsa and upload right away
<rbasak> Not necessarily
<rbasak> Treat the Github master as the place to prepare Ubuntu uploads.
<ahasenack> when they are happy with a salsa tree, they update d/changelog there and upload
<ahasenack> when I'm happy with my gh tree, I need to make an MP for an ubuntu reload, which may or may not be accepted
<rbasak> Prepare d/changelog in Github if you wish, with MPs.
<ahasenack> if changes are requested, I need to make PRs in github to land those, which may or may not be accepted
<rbasak> But at that stage, you can edit the latest entry in d/changelog as you wish, including retrospective changes.
<rbasak> Because nothing is "released"
<ahasenack> ok, you are saying treat ubuntu as the source of truth
<rbasak> Yes.
<rbasak> Because it has to be _a_ source of truth.
<rbasak> By not making it the _only_ source of truth, you're making everything difficult.
<ahasenack> I'm seeing ubuntu jsut as the delivery mechanism
<ahasenack> the archive, specifically
<ahasenack> some releases make it there, some don't
<rbasak> I think that's where the complication arises.
<rbasak> If you want to treat it that way, then it'll be easier to switch to a non-native package, and use a separate packaging branch.
<ahasenack> I don't see having entries in d/changelog that never made it to the archive as a complication, but I'm asking because I know others do
<rbasak> That's more effort than it's worth if the only production consumption of this work is via the Ubuntu archive.
<rbasak> Having entries in d/changelog that never made it to the archive is wrong.
<ahasenack> ok, that settles it then
<rbasak> At upload time, d/changelog should be summarising the changes made in that upload only, so the debdiff going "in" to the archive matches the changelog.
<ahasenack> well, we have ton of entries in d/changelog that never existed in the ubuntu archive: debian releases
<ahasenack> but that's a specific case I suppose
<rbasak> True. That's a wart we have to live with.
<ahasenack> and dpkg-genchanges has -v to grab multiple d/changelog releases in one upload
<rbasak> d/changelog is linear, and that doesn't work well with Ubuntu being a derivative leading to non-linear history.
<ahasenack> so the changes file would grab v14 and v15, in this example
<ahasenack> it's my understanding packages in proposed that were superseeded also trigger this case
<rbasak> Packages in proposed have been "published"
<rbasak> They are published in Launchpad forever.
<ahasenack> but if they never migrated to proposed actual (srus, for example), then nobody could get them
<rbasak> Oh
<ahasenack> or even if stuck in excuses
<ahasenack> for the devel release
<rbasak> For stuff not accepted by the queue (eg. an SRU rejection), we don't "burn" version numbers.
<rbasak> Let me try and simplify this a little.
<ahasenack> what if it was just not looker at yet, and somebody else starts a new sru, including the changes from the previous unapproved one?
<ahasenack> I'm hunting down corner cases now, I know
<ahasenack> there is what is possible to do, and what is best :)
<rbasak> If the goal is to have the previous unapproved SRU rejected from the queue
<rbasak> Then the replacement should use the same version number.
<ahasenack> ok
<rbasak> Version numbers are in flux until Launchpad accepts an upload and publishes it in the archive.
<rbasak> Regardless of pocket.
<rbasak> As soon as that happens, the version number is "burned".
<rbasak> The changelog should reflect published versions only.
<rbasak> The changelog in published versions should not skip version numbers.
<rbasak> As you say there are exceptions. Perhaps there has to be an exception for you this time. But your workflow in general should not need any exceptions. If necessary, we need to fix your workflow :)
<ahasenack> it's weird for me to consider myself as upstream when I can't "commit" to upstream, if ubuntu is the upstream
<ahasenack> I can behave as a proper upstream in github
<ahasenack> but not in ubuntu
<ahasenack> that's what lead me to consider github the upstream, and ubuntu as just one delivery mechanism
<ahasenack> which gets a curated set of the upstream releases
<rbasak> There is no upstream. It's all Ubuntu here. You are an Ubuntu developer. You just need a "reviewer" to "commit", that's all.
<ahasenack> I'll continue with v14 and just amend d/changelog with the changes, let's see how it goes
<ahasenack> but first, lunch
<rbasak> I think that'll be fine - thanks!
<ahasenack> thanks for the talk
<rbasak> ahasenack: yw. Another thought: if you had an ~ubuntu-core-dev approve every MP, then getting a successful upload into Ubuntu would be a no-op.
<rbasak> And you need to do that anyway, so perhaps bringing that closer into your workflow would smooth things out.
<rbasak> In Launchpad I'd suggest just maintaining the repo in lp:~ubuntu-core-dev/ubuntu-advantage-tools; then any core dev sponsor can verify it's already reviewed just looking at the repo permissions.
<rbasak> I'm not sure how that might work in GitHub.
<coreycb> jamespage: looks like we can drop neutron-vpn-agent binary package and init scripts - https://bugs.launchpad.net/neutron/+bug/1692128
<ubottu> Launchpad bug 1692128 in neutron "VPNaaS stuff should load inside of an l3 agent extension mechanism" [Undecided,Fix released]
<jamespage> coreycb: awesome
<rh10> guys, how can i more handy ping a lot of servers simultaneously?
<lordievader> rh10: Fping was more suited for that, I  believe: https://fping.org/
<coreycb> jamespage: i'm not sure where to put strongswan and keepalived deps now. python-neutron-vpnaas or neutron-l3-agent.
<rh10> lordievader, got it! thanks
<Neo4> what is read about ssl?
<Neo4> I'm going to read something about ssl and mail server
<Neo4> I wish I had read something about ssl and mail server...
<Neo4> any suggestions?
<Neo4> :)
<Neo4> I've read there exists also corier and exem...
<Neo4> this is read about ssl? https://www.openssl.org/
<Neo4> about mail I know, What would you suggest to learn about ssl?
<coreycb> jamespage: mind reviewing this when you have a sec? https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/neutron-vpnaas/log/
<jamespage> coreycb: what do we do with config files etc for neutron-fwaas?
<jamespage> this kinda puts vpnaas on the same footing I think
<coreycb> jamespage: they get installed in /etc/neutron
<coreycb> jamespage: let me revisit configs, vpn_agent.ini is gone
<jamespage> coreycb: I'm going todo something a little different with the pxc-5.7 orig.tar.gz
<jamespage> no reason why we can't repack it with the required minimal boost headers - I got some info of the oracle guys as to what they do for mysql-boost-*
<jamespage> thus not requiring an each 80MB of upload
<jamespage> and an extra tarball
<coreycb> jamespage: sounds good
<coreycb> jamespage: onovy pointed me to autopkgtest-pkg-python
<jamespage> coreycb: oh yes?
<coreycb> jamespage: very nice, didn't know about it
<coreycb> jamespage: tests basic import of python modules for dep8
<jamespage> coreycb: yeah I contributed a fix to make it work with the oslo packages towards the start of the cycle
<coreycb> jamespage: cool
<jlacroix> I noticed on the tutorial page for LXD (https://tutorials.ubuntu.com/tutorial/tutorial-setting-up-lxd-1604#1) is having the user install LXD via Apt. Isn't the Snap version of LXD preferred currently?
<marsje> I just found out my Ubuntu 16.04.3 LTS instances don't automatically sync time with NTP servers. How can I fix this?
<nacc> jlacroix: i think so, but relatively recently
<rbasak> They should be.
<nacc> jlacroix: possibly the tutorial has not been updted
<nacc> dpb1: --^ fyi ?
<rbasak> (syncing with timeservers)
<dpb1> jlacroix: both are supported currently, stgraber, do you want the tutorial to prefer snaps?
<rbasak> marsje: systemd-timesyncd is enabled by default on 16.04. You'll need to debug that.
<marsje> rbasak: I did install upstart, so not sure if that automatically gets rid of systemd and the default services?
<stgraber> dpb1: yeah, we should prefer snaps in instructions in general these days, it's more future proof
<rbasak> marsje: yeah, that'll do it. Using upstart on 16.04 is not supported.
<nacc> and seems like a ... bad idea?
<marsje> rbasak: I had some dependency on upstart and figured it didn't matter much......
<rbasak> It absolutely matters.
<marsje> I think I found out just now
<marsje> anyway, all I did was something like apt-get install upstart
<rbasak> It's your system so you can do what you want, but you'll be mostly broken and on your own if you carry on down that path.
<marsje> hmm, not sure if it can be easily fixed now...
 * marsje is AFK
<Secutor> I'm trying to add rdiff-backup to zesty server. Apparently rdiff-backup is in universe. But sudo apt-get install rdiff-backup is failing. Any suggestions?
<nacc> Secutor: zesty is eol
<nacc> Secutor: please upgrade
<Secutor> OK thanks.
<ptx0> mason: whatever happened to you :P
<mason> ptx0: I ran out of linespace on my first line, where #zfsonlinux was. I might put it back. Too many IRC channels...
<ptx0> mason: weird, irssi has 5 rows of channels here
<mason> Eight here at present. :P
<ptx0> got 79 windows open, wonder what happened, i used to be in 188 channels..
<ptx0> was gonna tell you to check out nohidea
<ptx0> basically any/all of their stuff <3
<ptx0> it's all creative commons too
<mason> Yar, that's too much to keep up. That said, I was thinking of jumping back into a couple channels. I'll just add them to the end.
#ubuntu-server 2018-02-16
<cpaelzer> good morning
<lordievader> Good morning
<ak5> hi, I ws upgrading mysql when my ssh crapped out (wasn't in tmux lel) and now I am having issues with it not being configured, tried a bunch of things like `dpkg --reconfigure -a` and removing and reinstalling it... any ideas? https://paste.ubuntu.com/p/QN2v4RvZjR/
<rbasak> ak5: could you edit /var/lib/dpkg/info/mysql-server-5.7.postinst please? Where it says "set -e", make it "set -ex". Then attempt "dpkg --configure mysql-server-5.7" again and pastebin the result. The change will show us where it's failing, and hopefully then I'll have a better idea of what's going on.
<ak5> will do
<ak5> rbasak: https://paste.ubuntu.com/p/vPdY7Zf9tS/
<ak5> sorry that took a while
<rbasak> Looking
<rbasak> Still looking
<rbasak> ak5: I can't make sense of this.
<rbasak> ak5: please could you also pastebin /var/lib/dpkg/info/mysql-server-5.7.postinst ? I'd like to check I'm comparing against the right thing
<rbasak> Oh
<rbasak> I'm comparing against the wrong thing
<rbasak> OK I've made sense of that pastebin now
<rbasak> ak5: can you check /var/log/mysql/error.log please?
<ak5> checking
<ak5> rbasak: https://paste.ubuntu.com/p/4XktNmTjsn/
<ak5> rbasak: sorry I dropped and didn't notice :(
<ak5> It's very strange that uninstall and reinstall doesn't work
<ak5> is it a dpkg issue?
<rbasak> ak5: do you have another mysqld process running?
<rbasak> It's not a dpkg issue
<rbasak> It's something up with your MySQL installation
<ahasenack> rbasak: hi, good morning. I updated https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/337213
<ahasenack> if you could please take another look
<ahasenack> commits are on top, no rebase
<ak5> rbasak: ok I am going to nuke everything mysql related and try again
<ak5> I am not using mysqld anywhere else
<rbasak> ak5: please make a note of the steps you take. If it happens again and we know exactly what you did, that'll make it much easier to understand what is going on, identify a bug if there is one, etc.
<rbasak> ahasenack: ack
<ahasenack> thanks
<ahasenack> rbasak: it also looks like the zstd packages haven't migrated to proposed
<rbasak> ahasenack: stuck in binNEW I expect. Needs an AA?
<rbasak> ahasenack: yeah: https://launchpad.net/ubuntu/xenial/+queue?queue_state=0&queue_text=
<rbasak> ahasenack: does the cronjob really need to be hourly?
<rbasak> Nothing else is hourly by default.
<ahasenack> rbasak: the livepatch daemon checks in hourly with the livepatch server
<ahasenack> that's why I used hourly
<rbasak> It's not running by default though presuably?
<ahasenack> no, it's not
<ahasenack> note that "ua status" doesn't ping the network
<ahasenack> rbasak: I pinged #ubuntu-devel about zstd
<ahasenack> rbasak: I'll also ping them again about sssd stuck in excuses
<ahasenack> I have a file I can just copy & paste by now :)
<ahasenack> hm, I seem to have misplaced that file
<rbasak> ahasenack: when you need an AA, #ubuntu-release is where people tend to ask
<ahasenack> I did ask there first (sssd) iirc
<ahasenack> found it
<rbasak> ahasenack: you're still making a blocking call to $UA_STATUS (which is bash) on first run, no?
<rbasak> ahasenack: AIUI, 50-motd-news doesn't do that. It exits if the cache isn't present if run from PAM.
<ahasenack> rbasak: on the very first one, yes, if there is no cache
<ahasenack> you rather we just exit if there is no cache?
<ahasenack> note that the first call also creates the cache
<rbasak> I'd rather we not have bash ever run on the critical path
<rbasak> The first login is still a critical path
<ahasenack> ok
<ahasenack> I'll fix that
<ahasenack> rbasak: this update will take a bit longer, as it breaks a lot of tests
<jamespage> coreycb: do you think we should do the same thing re boost headers in percona-xtrabackup as I've done in pxc 5.7
<jamespage> i.e just repack the upstream tarball with the required headers
<coreycb> jamespage: i would say yes if xtrabackup has a hard dependency on a specific version of boost
<coreycb> jamespage: and it's not in distro
<jamespage> coreycb: same with mysql and friends
<jamespage> coreycb: I've pushed my bundle-boost.sh changes to the jp-review-fixes branch for pxc57
<coreycb> jamespage: ok taking a look
<Isla_de_Muerte> Guys any ideas why the First Byte is that shtty now with SSL https://www.webpagetest.org/result/180216_AD_02d43cf636c0cd19f17ef216943bdefb/ ? I've checked a lot of stuff, tried to fix some others but it seems like it sucks..
<jamespage> coreycb: I'm having a tinker with switching to gcc-7 as well
<lordievader> Isla_de_Muerte: What kind of setup are you  using? (I'm getting A on that test for my own website)
<coreycb> jamespage: that seems better, creates a single orig tarball now?
<jamespage> coreycb: yes allowing us to using gbp + pristine-tar again
<coreycb> jamespage: cool. maybe we can do that for horizon sometime.
<lordievader> Isla_de_Muerte: Looking at the explanation of that test I barely made it 389/400 ms.
<Isla_de_Muerte> lordievader, Ubuntu 14.04, Apache 2.4.7, OpenSSL 1.0.1f, created the CA through webmin with LetsEncrypt
<Isla_de_Muerte> Without SSL that site was full A :/
<lordievader> Isla_de_Muerte: The full explanation of the first byte time: The target time is the time needed for the DNS, socket and SSL negotiations + 100ms. A single letter grade will be deducted for every 100ms beyond the target.
<lordievader> Isla_de_Muerte: Are you forcing a cipher for which you do not have hardware acceleration?
<Isla_de_Muerte> lordievader, I've made the cipher changes based on ssllabs test, didn't really check them out tbh
<lordievader> Isla_de_Muerte: Does your webserver prefer an AES cipher and does your cpu support AES?
<Isla_de_Muerte> lordievader, hmm the server is using Intel(R) Xeon(R) CPU E3-1240 v3 @ 3.40GHz let me check it out
<lordievader> Oh, that supports AES.
<Isla_de_Muerte> Yeah it does according to cpuinfo :P
<patdk-lap> well, what cipher is being used?
<patdk-lap> aes is NOT the issue
<rbasak> ahasenack: in apt.sh, if you're using --force-confold you should probably also use the matching ucf flag
<rbasak> It's an environment variable IIRC
<patdk-lap> doesn't matter if you had no hardware support or not, AES it not the problem
<ahasenack> rbasak: no idea what that is
<Isla_de_Muerte> patdk-lap, isn't that dependable on the browser/etc ?
<Isla_de_Muerte> Or I have no idea what I am saying
<patdk-lap> depends on the browser and the server
<ahasenack> rbasak: is this new in this version, or was the same code just moved to the apt.sh "module"?
<patdk-lap> but if you don't know what is being used, how can you fix it?
<rbasak> ahasenack: it might be in my diff because it moved
<patdk-lap> how do you even know what is wrong
<rbasak> ahasenack: to be clear, this isn't a review comment.
<rbasak> Just something that might want fixing as it might bite some time
<patdk-lap> lordievader, please, the bulk data cipher is not the problem
<Isla_de_Muerte> patdk-lap, like I previously said I followed ssllabs and editing the apache confi file to the following:
<Isla_de_Muerte> SSLProtocol ALL -SSLv2 -SSLv3
<Isla_de_Muerte> SSLHonorCipherOrder on
<Isla_de_Muerte> SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4"
<ahasenack> rbasak: worth noting down so it's not forgotten
<rbasak> ahasenack: yeah that's why I mentioned it :)
<ahasenack> rbasak: feel free to add it as a review comment, or a bug to be fixed
<patdk-lap> Isla_de_Muerte, so that is what you perfer, but WHAT WAS USED?
<patdk-lap> and following ssllabs is great, for SECURITY, not speed
<rbasak> ahasenack: the shell code is good quality, but its structure means that it's hard to understand the packaging implications of the entire package without reading all the shell code
<ahasenack> lots of indirections indeed
<patdk-lap> though, your not following ssllabs at all, cause you have rc4 enabled?
<lordievader> patdk-lap: Then please explain what the problem is.
<Isla_de_Muerte> patdk-lap, sorry, I really do not know how I can see that. I've got rc4 enabled for older browsers
<ahasenack> rbasak: thanks for the careful review
<patdk-lap> lordievader, pki time
<patdk-lap> as it always is
<patdk-lap> if it was aes that was the issue, the download would take longer, but setup time would remain the same
<patdk-lap> aes is NOT used during session setup
<lordievader> Any way to reduce the delay? Or is it a simple, heavy calculation, takes time, type of thing?
<patdk-lap> it's a heavy calculation
<lordievader> Ok, sorry for mentioning AES -.-
<patdk-lap> just change it to use something not so heavy
<patdk-lap> since we don't know what is being used, since he likely didn't log it
<patdk-lap> we have no idea what to change from and to
<lordievader> Isla_de_Muerte: ^
<patdk-lap> DHE is heavy as crap
<patdk-lap> https://wiki.mozilla.org/Security/Server_Side_TLS
<ahasenack> rbasak: got the tests fixed finally
<ahasenack> Ran 97 tests in 7.776s
<patdk-lap> mozilla balanaces speed first, over pure best encryption for their recommendations
<ahasenack> but I need some small refactoring now to avoid code duplication
<Isla_de_Muerte> Thanks for the info and help guys. I'll look how to log this, figure out what is being used and change it
<patdk-lap> most systems can do around 80 RSA transactions a second
<patdk-lap> that means 80 connections a second :)
<patdk-lap> unless you have session reuse (tickets/tokens) and the user previously visited your site
<sforshee> sbeattie, jjohansen: we keep having test errors on the apparmor config options as we move between having and not having stacking patches, what do you guys think of making the test something like this (unstested)? http://paste.ubuntu.com/p/WYPvYFQVbM/
<patdk-lap> but that isn't what your solving for here
<patdk-lap> and if your like mine
<patdk-lap> it will be 0.2 seconds fast
<patdk-lap> but considering yours is 0.4, you will only resolve 0.2 seconds of your issue
<patdk-lap> the rest is just you have so many files
<patdk-lap> so many little images is the issue
<sforshee> sbeattie, jjohansen: or rather like this - http://paste.ubuntu.com/p/Z53PktVDzh/
<Neo1> postfix is MTA agent that transport mail form MUA to other MTA or to local mail inbox
<Neo1> with SMTP
<Neo1> relay them to other MTA
<Neo1> after this his work is done
<Neo1> after transfering or delivering the message postfix job ends
<Neo1> other servers are responsible for getting message to the end users
<Neo1> firewall is not an application... this is concept...
<Neo1> Email is the largest network on the planet
<coreycb> jamespage: finally got congress and magnum uploaded, they were fun.
<jjohansen> sforshee: I'm fine with that
<Isla_de_Muerte> patdk-lap, DHE it is
<patdk-lap> try using one from the mozilla link I posted
<patdk-lap> hopefully that will drop DHE down the list some
<patdk-lap> odd though, cause ssllabs claims you should be using ecdhe and not dhe with your current config :(
<Isla_de_Muerte> I don't even have dhe on my config file tbh
<patdk-lap> also remember, your first hit is a redirect to ssl
<patdk-lap> and that is a good 0.3s delay you cannot fix
<patdk-lap> it's in your config
<patdk-lap> cause you don't have !DHE
<Isla_de_Muerte> Oh
<patdk-lap> and it's enabled by default
<Isla_de_Muerte> Didn't know that
<Isla_de_Muerte> Yeah I know about the redirect, was comparing to google (lol) which takes way less time
<Isla_de_Muerte> But I doubt I can lower that part
<patdk-lap> where is the redirect happening
<patdk-lap> hopefully in the webserver, aka, apache/nginx/...
<patdk-lap> and not via php
<Isla_de_Muerte> htaccess
<patdk-lap> ok
<ahasenack> rbasak: latest fix (don't generate the cache at login, ever) pushed
<ahasenack> thanks
<sdeziel> Isla_de_Muerte: the HTTP->HTTPS redirection can be reduced with HSTS
<sdeziel> Isla_de_Muerte: but yeah, on the first visit there is a latency hit due to the redirection
<Isla_de_Muerte> sdeziel, ty I will look it up!
<patdk-lap> sdeziel, not for a first time visitor
<patdk-lap> so it wont help in this specific test case no, returning users, sure
<sdeziel> patdk-lap: indeed, for that there is HSTS preload but that's a different can of worms ;)
<patdk-lap> yep
<patdk-lap> saw someone that did preload
<patdk-lap> the sample hsts they lifted from a tutorial had the preload tag in it
<patdk-lap> and it was added into all the browsers
<patdk-lap> and he couldn't figure out why non-http wasn't working
<sdeziel> wow, I thought you needed to opt-in in addition to having the flag
<patdk-lap> nope, the prelog tag is the optn flag
<patdk-lap> preload
<patdk-lap> now, google doesn't *automatically find* your website
<patdk-lap> but on a google crawl of it, or if you submit the website, it will get added
<sdeziel> https://hstspreload.org/: "If a site sends the preload directive in an HSTS header, it  is considered to be requesting inclusion in the preload list and may be  submitted via the form on this site."
<sdeziel> not 100% clear to me if the form submission is needed or not ;)
<patdk-lap> it's not
<patdk-lap> a google crawl will also get it added
<sdeziel> good to know. Fortunately, there is a removal form but it must take a while to percolate to all the users
<patdk-lap> very long, next release, everyone to upgrade, ...
<Isla_de_Muerte> Cipher    : DHE-RSA-AES256-SHA Hmm !DHE doesn't change a thing
<patdk-lap> didn't do something right
<patdk-lap> oh, it doesn't call it DHE in openssl but DH
<patdk-lap> so you have ot use !DH
<Isla_de_Muerte> Cipher    : RC4-SHA /facepalm
<Isla_de_Muerte> This is supposed to be last resort fml..
<patdk-lap> I don't get why your selection of chrome is using such old ciphers
<sdeziel> Isla_de_Muerte: your cipher list looks good from here: https://paste.ubuntu.com/p/HQH2KDVbtf/
<Isla_de_Muerte> sdeziel, hmm first byte is still the same -.-'
<patdk-lap> ECDHE-RSA-AES128-GCM-SHA256
<patdk-lap> that is what webpagetest is doing with me, using the same settings as you
<patdk-lap> well, not good at all
<patdk-lap> but very secure, and if you don't support ecdha, well, you are left to using crap
<patdk-lap> Isla_de_Muerte, use one of the ones from the mozilla page I posted
<Isla_de_Muerte> patdk-lap, will try that now
<patdk-lap> the backwards compatable/old clients one will get what you want
<patdk-lap> but will keep it as secure as possible for those old clients
<sdeziel> patdk-lap: what's wrong performance-wise with ECDHE-RSA-AES128-GCM-SHA256 ?
<patdk-lap> the fact it isn't using it?
<patdk-lap> but using DHE-RSA instead
<patdk-lap> ECDHE is much faster than DHE
<patdk-lap> for me, it's using ECDHE, but for him it isn't
<patdk-lap> no idea why it's not
<sdeziel> AFAICT, the IP I poked didn't even offerred a DHE cipher-suite
<sdeziel> Isla_de_Muerte: is there a pool of server behind that name?
<Isla_de_Muerte> sdeziel, I have disabled DHE atm, there are a few domains on that IP
<patdk-lap> ssllabs said it did DHE when I tested it like an hour ago
<sdeziel> Isla_de_Muerte: tuning ECDHE vs DHE will only shrink the pink'ish line in those waterfal
<patdk-lap> yep
<sdeziel> Isla_de_Muerte: with Firefox, I get TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 which means this part is good
<patdk-lap> the only thing you can do, except to physically reloate your server
<Isla_de_Muerte> sdeziel, I just got the same with FF 57 now
<sdeziel> from here, TLS setup takes ~120ms
<sdeziel> and I seem to be 100ms away from the box
<sdeziel> (well, 100ms RTT)
<patdk-lap> I'm just concerned with the crazy cipher list he had, it's not quick across the board
<patdk-lap> and that should fixup that *benchmark* website
<sdeziel> Isla_de_Muerte: do you have Keepalive enabled?
<patdk-lap> sdeziel, did you flush your ssl tickets/tokens?
<patdk-lap> sdeziel, he has to
<Isla_de_Muerte> Yes, keepalive is on
<sdeziel> patdk-lap: yep, fresh private instance
<patdk-lap> I don't think a private instance resolved ticket caching
<Isla_de_Muerte> patdk-lap, tried the Mozilla recommendations, got worse results, reactivated previous ones for now again
<sdeziel> Isla_de_Muerte: after 3-4 clicks, I saw a new TLS connection being established so you might want to bump the number of requests you accept as keepalive
<patdk-lap> link?
<Isla_de_Muerte> https://www.webpagetest.org/result/180216_DR_55b37aeab2368a96af92d1f5ff3f7021/
<Isla_de_Muerte> sdeziel, I am restarting apache the last X minutes, maybe that;s why
<patdk-lap> isla, don't take that website as 100% proof
<patdk-lap> their systems run shared, and is affected greatly by other load
<sdeziel> yeah, I find the dev tools in browser to be good enough most of the time
<patdk-lap> I can run the same test 10 times and get highly different results
<Isla_de_Muerte> patdk-lap, yeah I don't I just find it weird that before the SSL I was getting good results on that, pingdom etc and now I am ~1-2secs extra
<patdk-lap> well, in this case it says your redirect to https took a long time to download
<patdk-lap> but if you notice the pink part got a LOT better
<patdk-lap> down to .2 instead of .4
<patdk-lap> so don't change the ssl ciphers back
<patdk-lap> as that improved
<patdk-lap> all the pink bars are shorter, except that last one
<patdk-lap> and that is likely due to other issue in their testing
<sdeziel> Isla_de_Muerte: have you considered fronting the site with a MITM like Cloudflare an such?
<sdeziel> if you don't care about the privacy implication, this is usually a magic wand ;)
<Isla_de_Muerte> patdk-lap, just for reference old cipher conf: https://tools.pingdom.com/#!/bXnlmN/http://www.seedboxcenter.com
<Isla_de_Muerte> new one: https://tools.pingdom.com/#!/d2XAdu/http://www.seedboxcenter.com
<patdk-lap> so old is 1.51, and new is 1.42
<Isla_de_Muerte> I am mainly focusing on the 2nd line/bar, maybe that is just stupid
<patdk-lap> ssl on new is 176, and ssl on old is 188
<Isla_de_Muerte> sdeziel, I am just trying to figure out if I am doing something wrong atm :P It might be normal to take that long dunno
<patdk-lap> it's the only thing you can do
<patdk-lap> you can't change how long dns takes, and it's already fast
<patdk-lap> you cannot change how long it takes to connect to your server, unless you use a cdn
<patdk-lap> so you can only do two things
<patdk-lap> make ssl faster
<patdk-lap> make page deliever/generation faster
<patdk-lap> oh, what *might* help
<Isla_de_Muerte> Last link before SSL: https://www.webpagetest.org/result/180208_2W_13870833ff7ddff2762c99b657acd43c/1/details/#waterfall_view_step1
<patdk-lap> is tuning your tcp stack
<patdk-lap> dunno what kernel your using
<patdk-lap> yes, but without ssl, your not doing a redirect, so no extra 0.5sec there
<Isla_de_Muerte> True that
<patdk-lap> and you have no ssl setup time, so no .2 to .4 seconds
<sdeziel> realistically, once you are settled on HTTPS with HSTS and Google noticed, every legit client will likely connect with HTTPS right from the start so that redirection problem will only slowdown bots
<patdk-lap> ip route | while read p; do ip route change $p initcwnd 45 initrwnd 45; done
<patdk-lap> run that on your server, and retest :)
<patdk-lap> actually this also
<patdk-lap> sysctl net.ipv4.tcp_slow_start_after_idle=0
<patdk-lap> that should help it send your certificates faster for ssl
<patdk-lap> but not sure how much that is affecting you
<patdk-lap> but I have that set on all my servers so
<patdk-lap> added as an ifup.d script
<patdk-lap> helps for small tcp sessions
<patdk-lap> but now we are really getting over it, for tuning things :)
<sdeziel> Isla_de_Muerte: OCSP stapling would improve connection time too but it's a pain to configure
<patdk-lap> isn't that enabled by default on trusty+
<patdk-lap> and no, it won't matter anymore
<patdk-lap> chrome no longer does oscp checks
<patdk-lap> and firefox never defaulted to doing them
<sdeziel> patdk-lap: no, not enabled by default
<patdk-lap> no, chrome removed support
<sdeziel> patdk-lap: hmm, looks like you are right, OCSP checks were disabled for DV certs
<Isla_de_Muerte> patdk-lap, changed the sysctl
<Isla_de_Muerte> it looks like the sites are loading faster now
<Isla_de_Muerte> will look into the ip route now
<patdk-lap> the sysctl tells linux not to do a tcp slow start
<patdk-lap> the route command tells it to allow upto x packets on the first burst without a confirmation, if your window size allows it, so mine above would be 45 packets
<patdk-lap> the default used to be 3, but was raised several years ago due to the ssl issue and google search to 10
<patdk-lap> 10 will JUST handle a 2k rsa certificate
<patdk-lap> most cdn's have raised theirs to 30 or so
<patdk-lap> https://blog.imaginea.com/look-at-tcp-initcwnd-cdns/
<patdk-lap> gives you a good overview what/why/... and what others are using
<patdk-lap> and is actually updated/recent :)
<Isla_de_Muerte> patdk-lap, ty for the link! Looking into it now
<patdk-lap> this ONLY matters fir that first byte :)
<patdk-lap> or if you just want to serve small webpages/grapics really fast
<patdk-lap> thinking an ad server
<patdk-lap> normally the firstbite can fit in the normal default these days of 10, but with ssl, that won't be the case if your using 4k rsa certificates, but you where using 2k, so not sure if this applied directly to you, but still something to think about
<Isla_de_Muerte> patdk-lap, can I see what are the settings atm?
<patdk-lap> ya, let me remember how, but it should be 10
<patdk-lap> unless your using like 12.04 or something older
<Isla_de_Muerte> 14.04
<patdk-lap> https://www.cdnplanet.com/tools/initcwndcheck/
<patdk-lap> ss -nli | grep cwnd
<patdk-lap> shows the values for current active connections
<Isla_de_Muerte> patdk-lap, yy you were right, 10 it is
<Isla_de_Muerte> So I basically run -> ip route | while read p; do ip route change $p initcwnd 45 initrwnd 45; done
<Isla_de_Muerte> Do I need to restart anything after that? tyvm for all the help xD
<patdk-lap> nope
<sdeziel> don't forget IPv6 routes :)
<patdk-lap> maybe apache, but
<patdk-lap> probably need more changes to handle ipv6
<Isla_de_Muerte> Hmm it doesn't seem anything changed :P
<Isla_de_Muerte> when I run ss -nli | grep cwnd I get the same results
<Isla_de_Muerte> restarted apache to just in case
<patdk-lap> as I said, it will only show connections in use
<patdk-lap> if the connection is closed, you won't see it
<Isla_de_Muerte> Ah okie
<patdk-lap> your likely only seeing your old ssh sessions and stuff
<patdk-lap> when you type, ip route
<patdk-lap> make sure the default line, has those params on it
<Isla_de_Muerte> I can see initcwnd 45 initrwnd 45
<Isla_de_Muerte>  next to the lines
<Odd_Bloke> smoser: Would you be able to review/merge https://code.launchpad.net/~philroche/simplestreams/bionic-i386-ova-not-expected/+merge/337885 please?
<Odd_Bloke> (I'd ask Rob, but he's out ill today.)
<smoser> Odd_Bloke: yeah, i'll get that. i'm going to replace the \ though. but other than taht.
<Odd_Bloke> smoser: I'm sure philroche will be mortally offended. ;)
<Isla_de_Muerte> sdeziel, enabled HSTS too xD
<Isla_de_Muerte> ty for all the help and info guys patdk-lap xD
<sdeziel> np
<patdk-lap> what does it look like now?
<Isla_de_Muerte> patdk-lap, according to webpagetest the same or a bit worse at random times (well actually it can take from 2sec-5sec) on pingdom it is still stable, nothing changed
<Isla_de_Muerte> On my browser I think a bit faster
<patdk-lap> well, I expect pingdom was already using ECDHE
<patdk-lap> maybe try using a different area, dullas is always the most busy/congested
<Isla_de_Muerte> I just kept it that because all my previous tests were based on that
<smoser> Odd_Bloke: favors do not go un-remembered....
<smoser> could you look at https://code.launchpad.net/~smoser/simplestreams/trunk.fix-bionic-tools/+merge/337892
<smoser> found that when trying to test on bionic
<smoser> and then https://code.launchpad.net/~smoser/simplestreams/trunk.python3-make-test-data/+merge/337893
<smoser> found *that* as i was verifying my change in xenial, and had forgotten about python2
#ubuntu-server 2018-02-17
<AirstrikeIvanov> hey folks, what's the easiest way to execute "sudo -u user vnc4server :1" every time a server starts? i tried a systemd script but running it  as sudo -u seems to resolve some dbus issues i was having, just can't make it start up on startup properly now
<sarnold> AirstrikeIvanov: set the User= parameter in the unit file; see systemd.exec(5) for details and more options
<sarnold> AirstrikeIvanov: as a rule of thumb, sudo should NEVER be in scripts. *maybe* su. Maybe. It's hard to get right.
<AirstrikeIvanov> yeah i'm new to all this and stumbling along as i learn to set it up lol
<sarnold> systemd is especially difficult; the documentation is split over 30 manpages. :(
<AirstrikeIvanov> basically i want to execute vnc4server -geometry 1280x720 -depth 24 :1 as user 'minecraft' on startup and i have tried systemd files a few times, with user= and everything
<sarnold> I can't tell you how much time I've wasted trying to find the right stupid manpage to find the thing I wanted..
<AirstrikeIvanov> setting up a minecraft server for my brother and he does not use SSH like i do so i caved and threw on lxde for him but this vnc stuff is so confusing lol
<AirstrikeIvanov> thanks though that manpage is helpful :D
<Pd1> hi folks. encountering a "invalid partition table" error upon bootup after install. is this the right place to look for help?
<blackflow> Pd1: yes. is this first boot after regular installation (with official installer)? If so, my first suspicion would be hardware issues. Can you reboot into some kind of rescue mode / live env, and check the partition table?
#ubuntu-server 2018-02-18
<Laserallan_> hey guys, I am having a rather weird problem
<Laserallan_> I have a VM running ubuntu with 110G and the VM claims it is using 101G, no matter what toosl io use, df, ncdu the output ONLY shows me about 70G
<Laserallan_> Anyone know if the said tools that I have used could be lieing so far?
<Laserallan_> I am using about 45% of the inodes
<dpb1> Laserallan_: would help to pastebin all of those claims so someone can look them over
<dpb1> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<dpb1> df -h; fdisk -l;
<Laserallan_> dpb1: Are you here?
<tomreyn> Laserallan_: it doesn't have to be him specifically.
<tomreyn> (or her)
<dpb1> :)
#ubuntu-server 2019-02-11
<snake-venom> hi found this on my server,
<snake-venom> is this attacker script http://termbin.com/x3iy
<snake-venom> ?
<andol> That shell script makes my eyes hurt.
<lordievader> Good morning
<siavoshkc> Good morning, I have a https://docs.djangoproject.com/en/2.2/howto/deployment/wsgi/modwsgi/#basic-configuration for my django server. But with this config server doesn't even start
<technoob> Hey guys
<technoob> I need help
<technoob> I already installed ubuntu server on my nuc and want to know what the end result looks like so i know it is already fully booted up
<lordievader> How do you mean?
<lordievader> What you see on the screen?
<lotuspsychje> technoob: and what kind of NUC is it exactly?
<technoob> Nuc5cpyh
<lotuspsychje> technoob: did you update bios firmware to latest version?
<technoob> YES
<lotuspsychje> technoob: explain whats happening please as lordievader asked
<technoob> I see a command prompt
<technoob> But nothing else
<technoob> I see just text
<technoob> No username input prompt
<technoob> Last line of text is "reached target cloud-init target"
<technoob> lordievader
<lordievader> The command prompt is all you get on a server install. A server shouldn't need more
<technoob> lordievader yes but what should i all booted up server look like
<technoob> I hooked up my nuc on my tv
<technoob> What should i be seeing there
<lordievader> On the screen you'll only see an tty login-prompt.
<lordievader> If you want to know if all the services started correctly you can issue `sudo systemctl status`.
<technoob> I didnt see any tty login prompt
<technoob> Should i reboit?
<technoob> lordievader
<lordievader> Could you maybe share a screenshot?
<technoob> Kinda hard im on mobile
<lordievader> Photo?
<technoob> Do we have a way to attach photo to this irc?
<lotuspsychje> technoob: imgur.com
<CarlFK> riot.im - takes some work to get set up, but then you have a nice way to irc from your phone
<technoob> Ok in a minute
<technoob> I rebooted my machine
<technoob> Ill see if the problem still persist
<technoob> Im running a celeron processor btw
<technoob> So it might be slow
<technoob> Also i just wanna ask
<technoob> Can i run kodi in a ubuntu server?
<technoob> Ubuntu server is like ubuntu desktop without gui right?
<kstenerud> ubuntu server is a linux install without gui. You can technically install a gui on top of it, but if you want a gui, you'll have an easier time using the desktop flavor
<technoob> I see
<technoob> Can i run nextcloud server and other server apps on the same machine
<kstenerud> sure
<lordievader> Essentially, you can run whatever you want on the machine ð
<kstenerud> generally people use docker to keep things nicely separated
<kstenerud> It's not strictly necessary, but it keep things clean
<technoob> I cant seem to launch kodi
<technoob> It says that it cant find kodi.services
<siavoshkc> Should www-data have access to any folder apache2 wants to access?
<technoob> Systemctl start kodi. Thats the command i use
<lordievader> technoob: Kodi is installed? And that is the correct service name?
<technoob> I guess
<technoob> I was following a instruction
<technoob> In the net
<lordievader> Check it then, investigate ð
<technoob> ..
<technoob> Sadface
<technoob> Hmm might as well just use ubuntu desktop. Will be easier i guess
<technoob> I only have like 4 gb ram though
<lordievader> If you don't open too many browser tabs that is fine ð
<kstenerud> Does anyone have experience setting up an l2tp vpn client on a command line lxd container? I tried following https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#configure-linux-vpn-clients-using-the-command-line but it fails with "device not found" when looking or ppp0
<ahasenack> rbasak: I have to update pmdk, which, when it was created, didn't exist in debian, so its version is of the 0ubuntuN style
<ahasenack> rbasak: now debian has one
<ahasenack> rbasak: but git-ubuntu can't find a common ancestor to start a merge, which is expected I guess
<ahasenack> rbasak: any particular way I should handle this?
<rbasak> ahasenack: I guess you have a choice. Do you want to converge with Debian?
<ahasenack> what does that mean? sync?
<ahasenack> sync and then reapply our changes, if any remain?
<rbasak> Do you want the new Ubuntu package to be based on the Debian one, plus a delta?
<ahasenack> yes
<ahasenack> no reason not to
<rbasak> Depends on the delta I guess :)
<ahasenack> unless the delta is huge, I guess
<ahasenack> ok, let's say I want to
<rbasak> I don't think there's any easy way of handling this. Fundamentally the "rebase" workflow doesn't work because we don't have a patchset to begin with.
<ahasenack> the pmdk story has "no easy way" written all over it :)
<rbasak> You could try taking the entire diff between Debian and Ubuntu currently, placing it in the working tree, and see if you can break that up into a logical delta with "git add -p".
<rbasak> Probably limited to just the debian/ directory.
<ahasenack> rbasak: that's ok, but what will make it have a common ancestor from now on, for future merges?
<elfranne> any idea why Kerberos is ignoring my logging settings from krb5.conf ?
<lotuspsychje> anyone knows if server got unattended upgrades enabled by default now?
<blackflow> it doesn't
<Ussat> which is a good thing
<blackflow> definitely.
<rbasak> I don't think it's such a bad thing nowadays. Server users should take _some_ action to ensure security updates. Taking no action is really bad. So if that action is to change the default to some other mechanism, or enable unattended-upgrades, what's the difference?
<rbasak> I don't think it's such a bad thing nowadays. Server users should take _some_ action [as/if necessary] to ensure security updates. Taking no action is really bad. So if that action is to change the default to some other mechanism, or enable unattended-upgrades, what's the difference?
<tomreyn> If you ask the average SMB boss what they're more worried about, production breaking due to broken patches, or software getting outdated but generally working (until things get exploited, but even exploits try not to break production), they'll surely answer the first.
<tomreyn> maybe this culture will change a little to the better in the coming years when we get better laws, but it can take a good while longer.
<Ussat> not sure what laws have to do with it, but having a server automated upgrade and break shit is not good
<tomreyn> changing the default right now will cause those organizations' admins' taking the blame for production breaking due to bugs such as 1813873 (a regression unfixed in bionic after 1.5 weeks) or 1814555, and cause a backslash, making them even more worried about patching, if they are given time to care about that at all.
<Ussat> I have set patch times, test first and then prod
<tomreyn> Ussat: laws to impose fines on companies whose infrastructure is exploited, data stolen. so far the loss is mostly to users privacy, somewhat to companies' brands, but its still soemwhat cheap to them.
<tomreyn> but those are politics, OT here - sorry.
<Ussat> um...I am 100% against those laws. Can you gaurentee me as an admin you catch EVERYTHING ?
<Ussat> all the time
<Ussat> negligence sure.......
<rbasak> tomreyn: that's a fair point.
<rbasak> OTOH, although a large number of users deliberately don't want security updates, AIUI a large majority of those actually end up doing nothing else to get security updates.
<Ussat> auto updates on desktops are one thing, servers no....thats a recipie for problems
<Ussat> why not just auto update from 16 --> 18 then ?
<rbasak> Ussat: my point is that auto updates are better on servers than no security updates at all. That's also a recipe for problems.
<rbasak> If you want to do something special, then you can do that special thing and disable automatic updates while you're there.
<Ussat> I disagree, not your job.
<rbasak> If you're making some special provision anyway, then disabling automatic updates while you're there is hardly onerous.
<Ussat> Again, why not auto update from 16 --> 18 then
<rbasak> 16 -> 18 deliberately changes behaviour. Clearly that's unacceptable to do automatically.
<blackflow> rbasak: problem with unattended upgrades is that it only does half the job, sometimes breaks stuff, and.... only does half the job but people think it does everything.
<Ussat> ^^^
<rbasak> blackflow: in what way does it only do half the job?
<rbasak> Is there a bug on that?
<tomreyn> you need to restart services, sometimes reboot
<blackflow> well for starters it doesn't reboot for new kernels. second, it doesn't restart properly when systemd or dbus is upgraded.  third, not all updates are solved by systemctl restart, and not all services have post inst steps to restart.
<blackflow> there's no bug. it just can't be done. reboots and all. needs human intervention.
<Ussat> yup
<rbasak> It does tell you human intervention is required though, with the reboot-required flag and in the motd. I hope.
<rbasak> But regardless I don't think that's a justification for not turning it on by default.
<tomreyn> only if a reboot is required
<blackflow> who's "you"? it's unattended, remember?
<rbasak> It's clearly better than the current situation.
<rbasak> (in terms of landing updates)
<rbasak> Perfect is the enemy of the good, etc.
<blackflow> no. halfa job is worse than no job at all (so users know they have to run updates).   way bettewr would be to have apticron installed so root is mailed/nagged with updates.
<rbasak> That's fine to say in theory. In practice most users don't run updates at all.
<blackflow> that's their problem.
<Ussat> I disagree.......most SERVER users do
<rbasak> The users who do and don't want automatic updates are competent enough to know and turn it off.
<Ussat> Desktop is one thing, servers are a whole different ball game
<Ussat> So, how woudl you schedule these updates, random times ? how would you determine they do not interfear with what is happening on the server
<rbasak> I just checked. Cloud images do have unattended-upgrades enabled by default AFAICT.
<blackflow> btw, when ext4 begets case insensitive filenames, will that be flipped on by default, to appease the windows migrants?
<rbasak> Ussat: there is a default. If you don't like the default, you can change your configuration. Just like everything else.
<rbasak> blackflow: how is that relevant?
<Ussat> Yes, they default should be off
<rbasak> Look, I understand your opinion.
<rbasak> If you want to just keep restating it instead of actually providing some reasonable rational justfication, then what's the point of continuing this discussion?
<siavoshkc> I am in state of panic
<Ussat> I have provided several
<blackflow> rbasak: well like I said, nagging via apticron or something, is WAY better than shoving updates by default.
<siavoshkc> I accidentally deleted public_html foleder of a server
<Ussat> How do you schedule the updates ? How would you determine when they happen
<rbasak> AIUI, unattended-upgrades _are_ now enabled by default.
<siavoshkc> Is there any way I can restore it?
<blackflow> and they should _not_ be
<Ussat> restore backup
<blackflow> siavoshkc: yes, from backups.
<rbasak> If you want to change the default, take it up with Ubuntu developers using our normal governance structure.
<blackflow> yeah, windmills  :)
<siavoshkc> blackflow: can you please lead me on where to start?
<blackflow> siavoshkc: well, you do have backups, no?
<siavoshkc> blackflow: I dont know
<blackflow> then you don't
<tomreyn> rbasak: i enjoy this discussion, and actually i'm really on your side there, increasing the overall security by more secure defaults is a good thing. i'm just not sure whether the world is ready for it, yet, or whether it'd just backfire. if unattended security patching is really active on cloud images and this hasn't backfired, yet, this is probably a good indicator.
<rbasak> Thanks :)
<blackflow> siavoshkc: sorry for your loss. but hey, consider it a great learning experience: always have backups. consider also a filesystem like btrfs or zfs where you can snapshot data before any potentially breaking intervention is done ;)
<tomreyn> (cloud folks are usually more forgiving and prepared for things breaking suddenly, though)
<siavoshkc> blackflow: The problem is that it wasnt my system. I entered a path to delete that wasnt my bussiness. I am worrid about the owner of the site
<siavoshkc> the site was up and I just deleted it
<Ussat> sudo apt-get -y  remove unattended-upgrades solvs it anyway
<ahasenack> Ussat: fwiw, the scheduling, and many more knobs to tweak, are available in the config file in /etc/apt/apt.conf.d/
<ahasenack> I think it's 50unattended-upgrades
<Ussat> ahasenack, Oh I know
<siavoshkc> blackflow: I remember there was an automated snapshot mechanism
<siavoshkc> can it be used to restore data?
<blackflow> siavoshkc: perhaps you can use some undelete tool to try and salvage data, but that would require you to bring down the server, or pull out a disk from mirror, as every second the disk is in use reduces the chance for data recovery.
<Ussat> but if you remove that, its done deal
<ahasenack> sure
<blackflow> siavoshkc: there's no such thing unless you're running ZFS or btrfs (and even then I don't know bout "automated" unless you've set something up
<Ussat> You there are data recovery tools/services, BUT you need to ensure the data is not overwritten asap
<Ussat> and its crap shoot
<Ussat> and not cheap as for the services
<ahasenack> yeah, and there are tools you can try. It depends if you can take the machine offline, remove the hd, and mount it elsewhere where you can poke at it
<blackflow> offline and/or remove the hdd
<Ussat> mount it RO....and again, needs to be done asap to avoid overwriting it
<siavoshkc> If by any chance there is an automated backup. where may I find backups?
<Ussat> Could be anywhere depending on how its done/software etc
<Ussat> OUr backups are done nightly to a SAN then we have tape taken offsite
<Ussat> so ya...could be anywhere
<blackflow> btw, side question. I have an enterprisey SSD here, supposedly sata3.1 @ 6Gbps, but a dd test shows only 420 tps and ~250MB/s in iostat.... sounds.... inadequate.
<lotuspsychje> blackflow: did you try the hdparm speedtest?
<lotuspsychje> hdparm -tT /dev/sda something like this
<blackflow> that's next, I'm clearing out the SSD before I blkdiscard it
<lotuspsychje> blackflow: firmware to latest can also improve stuff
<lotuspsychje> depending wich brand
<blackflow> Samsung Evo 840 something something
<sdeziel> siavoshkc: maybe the machine owner has backups you could ask to be restored
<lotuspsychje> evo 840 needs firmware improvement patch blackflow
<lotuspsychje> there's a known speed problem on it
<tomreyn> Ussat: check your cron jobs for anything which looks like it coud do backups, see if you have a process running which sounds liek a backup systems' agent.
<tomreyn> blackflow: evo is consumer, also
<blackflow> it's already latest firmware
<Ussat> tomaw, ? think you meant that for siavoshkc
<blackflow> tomreyn: technically, it's MZ7GE240HMGR but any info I managed to find on it is that it's a rebranded 840 evo
<tomreyn> Ussat: you're right, thanks / sorry.
<tomreyn> siavoshkc: check your cron jobs for anything which looks like it coud do backups, see if you have a process running which sounds liek a backup systems' agent.
<Ussat> tomaw, NP
<blackflow> tomreyn: 845DC EVO
<tomreyn> blackflow: probably some slight firmware changes, maybe some extra spare cells.
<tomreyn> does fstrim -v report changes if you run it twice?
<tomreyn> the 840ies can get really slow if you dont trim.
<tomreyn> (or not successfully)
<blackflow> I blkdiscarded the entire drive before testing
<tomreyn> i see
<cognitiaclaeves> I have a python app, test-logger.py, that I've written to write a test log message to syslog. For only that type of message, I'd like to save the log message in a file, and send the same log message out to a log aggregator (loggly) -- I'm having trouble identifying what to filter the message on based on the journalctl output. https://pastebin.com/hGip2Zz2
<cognitiaclaeves> I think this can be done by creating two filters, one to save the log entry to a file, and a duplicate target to forward the messages to loggly.
<cognitiaclaeves> blackflow, is that enough detail?
<blackflow> cognitiaclaeves: not quite, it's not clear what exactly you're talking about. "save the log message in a file", "what to filter"..... are you talking about rsyslog rules?
<blackflow> and how are you sending to loggly?
<cognitiaclaeves> Yes, rsyslog
<cognitiaclaeves> Loggly has a page for that. If I can figure out how to filter the rule to a file, I think I can take it from there.
<cognitiaclaeves> ( for reference: https://www.loggly.com/docs/systemd-logs/ )
<cognitiaclaeves> ( Although, now that I look at it, it looks like that will forward all logs to loggly, not just the ones I want to target. )
<blackflow> what's your rule like?
<cognitiaclaeves> That's what I'm trying to figure out.
<cognitiaclaeves> The documentation for rsyslog seems to refer to app_name and programme_name (I think), which I don't see in the journalctl output.
<blackflow> what do you want to filter by?
<blackflow> forget journalctl
<blackflow> look at syslog itself and what it's logging
<cognitiaclaeves> blackflow, you lost me, sorry. It's a standard ubuntu system in aws.
<blackflow> journald is forwarding to rsyslog and you want to write rsyslog rules, correct?
<cognitiaclaeves> Rules specific to the app, yes.
<cognitiaclaeves> ( Don't know if journald is forwarding to rsyslog yet .. it may not be. )
<blackflow> right, so don't look at journalctl, but look at what is rsyslog writing. by default it has *.*;... /var/log/syslog, so take a look at that
<blackflow> it is by default
<cognitiaclaeves> Ah, that makes sense.
<blackflow> also look at the selectors documentation  https://www.rsyslog.com/doc/v8-stable/configuration/filters.html
<blackflow> for program name I think you'll need an if-clause, but it's definitely doable
<cognitiaclaeves> I had planned to use a property filter for that.
<cognitiaclaeves> https://www.rsyslog.com/doc/v8-stable/configuration/properties.html It shows up in the property list.
<cognitiaclaeves> And now that I'm looking at /var/log/syslog, I can identify programname.
<blackflow> yeah
<cognitiaclaeves> Ok, this might be enough to move forward with. Thanks!
<blackflow> cognitiaclaeves: also keep in mind that journald by default does rate limiting. you'll have to remove it if you want _all_ messages forwarded to syslog and elsewhere
<cognitiaclaeves> I just want a particular kind of message. I'll look into that. Will I also need to increase the open files setting for the OS?
<blackflow> I don't see how open files are related here. you mean for rate limiting? for that, no. Only RateLimit*  entries of journald.conf(5)
<cognitiaclaeves> Ok, thanks.
<_Trullo> ok, so I tried subnet: 255.255.255.0/24 .. didn't work, aparently it should be 192.168.1.0/24 to work properly, I have no idea how/why..
<_Trullo> pihole works perfect after like 20 reinstalls :)
<teward> _Trullo: you typically won't use 255.* for anything.
<teward> _Trullo: private IPv4 ranges that actually ARE private ranges are 192.168.0.0-192.168.255.255, 172.16.0.0-172.31.255.255, and 10.0.0.0-10.255.255.255 - only use Private IPv4 address space
<teward> and NOT 255.* because that's a reserved range
<blackflow> _Trullo: look up RFC 1918 for more info
<trippeh> _Trullo: /24 is just another way of saying 255.255.255.0 as a mask
<trippeh> 255.255.255.0/24 doesnt really make sense
<lordcirth_> I just had a systemd service (keepalived) restart without any apparent reason. Any tips for tracing what called the restart?
<RoyK> lordcirth_: check the logs and turn on debugging if necessary
<RoyK> lordcirth_: check dmesg too - perhaps it crashed - if so, it should show there with a SIGSEGV being signalled to the process
<lordcirth_> RoyK, nothing in the logs except it restarting
<RoyK> lordcirth_: has this happened before?
<lordcirth_> RoyK, not that I recall
<lordcirth_> It's probably not a big deal, just weird
<RoyK> I haven't seen keepalived just restart - anything in dmesg?
<RoyK> run dmesg -T to get somewhat proper readable timestamps
<lordcirth_> RoyK, thanks, didn't know about -T
<lordcirth_> Yeah, nothing in dmesg for 2 days
<RoyK> hm - and no cron job or something in systemd doing something funny?
<lordcirth_> RoyK, nope
<RoyK> it's just funny it restarted without anything in the logs - if it crashed and systemd restarted it, something should show up in dmesg
<lordcirth_> Yeah, I can't see any evidence of a crash
<RoyK> do you have any monitoring of the system? sysstat/munin/zabbix/something?
<lordcirth_> RoyK, nagios, and keepalived emails me on all events, which is why I noticed ("Entering BACKUP state" on start)
<sdeziel> lordcirth_: maybe a colleague of yours restarted it? or an config automation tool (puppet/chef/etc)?
<lordcirth_> sdeziel, yeah, I'm looking into that now
<lordcirth_> Oh, duh. I issued a dist_upgrade this morning.
<RoyK> lordcirth_: oh - nagios - is that still alive?
<lordcirth_> RoyK, yes, although our install is way out of date. We are planning to upgrade to latest stable soon
<lordcirth_> RoyK, what do you use?
<RoyK> lordcirth_: I used to use nagios some years back, but we're moving everything to zabbix now
<RoyK> well - not everything - we'll be using NAV as well, https://nav.uninett.no/
<RoyK> because it has a few things that we can't find in other tools
<lordcirth_> RoyK, thanks, I will look at both. We have a custom inventory system with a lot of Nagios integration, etc, so we probably won't be moving
<tomreyn> nagios -> zabbix, so out of the frying pan into the fire?
<RoyK> I talked to the guys at uio.no - they have quite a few servers and have moved to zabbix, from nagios.
<RoyK> zabbix has a steep learning curve, but once you understand the architecture, it's rather neat
<lordcirth_> RoyK, what key things does NAV have that Zabbix doesn't?
<lordcirth_> Ah, it's more of a network thing?
<RoyK> stuff like switch configuration, like VLAN setup of ports, if the switch supports snmp rw
<RoyK> it is
<RoyK> so it's like "why not both?"
<lordcirth_> Very cool. We have a custom (argh) tool for that, which if it was open-sourced decades ago, might still be relevant.
<RoyK> lordcirth_: take a look - with a lot of hosts, you may want to use SSDs for the storage - *lots* of things getting updated for graphite (IIRC) so it requires quite a bit of IOPS
<lordcirth_> RoyK, thanks. Our servers generally have mdraid1 SSDs for /
<RoyK> should do
<RoyK> althoguh I'd hate to have those things on the rootfs - I like to use separate storage or at least separate LVs for root and data
<siavoshkc> tomreyn: Thank you. Unfortunately there was no backup and its a real disaster. Tomorrow our host will try to recover the wordpress files. I hope they recover something useful. I just shutdown the server to prevent moe loss.
<siavoshkc> I deleted a big running wordpress site in a blinl
<RoyK> backups are for cowards :D
<siavoshkc> blink*
<sarnold> ow
<siavoshkc> RoyK: I cannot digest how there is no backup AT ALL for such a long running website
<RoyK> an acquaintance
<RoyK> an acquaintance of mine just found out the hard way that having a home server with 40TiB or so of storage and no backup is a bad idea - RAID6 isn't backup - bad, cheap controllers - oops
<tomreyn> siavoshkc: sorry to hear this, good luck.
<siavoshkc> The only good thing is that wordpress keeps many of its data in db
<RoyK> siavoshkc: usually, there's chances of recovery, at least if the data resides on a RAID
<RoyK> siavoshkc: the text is in the db, the images etc are on the filesystem
<lordcirth_> RoyK, yet another reason I use ZFS, not hardware raid
<siavoshkc> RoyK: Yes so many things are lost
<RoyK> lordcirth_: the only reason I don't have zfs on my home server, is the lack of flexibility - I've worked with rather large zfs systems for some years - they just work
<lordcirth_> RoyK, yeah, btrfs's ability to add disks and bodge storage together is very nice. LVM and such are good too.
<RoyK> lordcirth_: but then - if you have a home server and want to toss in a new drive to expand things a bit, zfs won't do (for now)
<RoyK> lordcirth_: I don't trust btrfs (yet)
<lordcirth_> I'm actually running / on ZFS raidz at home. 3 480GB SSDs. It's great
<RoyK> lordcirth_: it's been 10 years or so with btrfs and it's still not stable
<lordcirth_> Yeah, turns out writing 5th gen filesystems is hard. Who knew? :P
<RoyK> but extending VDEVs on zfs is coming - I think it's in fbsd already
<lordcirth_> Oh, cool. I'm looking forward to 0.8's encryption and faster scrubs
<lordcirth_> We have a major dataset at work that takes nearly a week to do a weekly scrub
<RoyK> then don't scrub weekly :Ã¾
<RoyK> seems we're tossing out a server soon with 48x4TB disks - with a bit of luck, I could perhaps take it
<sarnold> I'm looking forward to encryption and the 'special' vdev support
<teward> @RoyK: send me a few of the disks lol?  xD
<teward> :P
<teward> always in need of disk expansion on my array of disks lol
<RoyK> that supermicro mobo would be nice as well as the controllers
<sarnold> what's rplacing that beast? :)
<RoyK> dell compellent
<RoyK> well, that is, dell equallogic, old stuff - just used for CCTV cameras
<RoyK> but some people at the IT dept think that ZFS and mdraid and such things are black magic and would rather sell their soul to something with a nice gui
<sarnold> okay, it *would* take like five minutes to type out the zpool create command with 48 devices..
<RoyK> yeah - it's pretty hard - and dark magic - and checksums the data and all, whcih equallogic certainly doesn't (nor does compellent)
<RoyK> but Dell Provides Support, meaning they tell us they need a crapload of logs and then blame us for doing something stupid
<RoyK> or just say "we don't know yet"
<RoyK> like when that blade centre went down during the holiday - it's powered via a UPS and one direct line - six PSUs - the UPS had some dead fans and had serious issues, but the power from the direct line was stable, but still, the blade centre just powered itself off and too all its VMs with it
<sarnold> owwwwwww
<lordcirth_> six PSUs, and one failure brought it down?
<lordcirth_> Or, half of the PSUs were on the UPS?
<RoyK> half on UPS half on direct
<RoyK> but it should be able to run on two PSUs
<lordcirth_> Its documentation says 2/6 is enough?
<RoyK> yes
<RoyK> and 3/6 should at least be sufficient
<RoyK> but for some reason, it just powered itself off
<RoyK> Dell hasn't been able to give us an explaination of this
<lordcirth_> I bet they'll eventually say "oh, that's for if the power just cuts, dirty power is unsupported"
<RoyK> something like that, yes
<sarnold> 2-of-6?? wow
<tomreyn> "you forgot to install the firmware update to the psu's"
<teward> lol
<RoyK> tomreyn: hehehe
<RoyK> tomreyn: please update firmware daily and make sure you have redundancy elsewhere
<tomreyn> :) i've heard a couple funny excuses already. but in the end we all just try to not become the victim of the bad conditions we have to (?) work under.
<zertyuio> hello there
<zertyuio> anyone used to work with mdadm everydays ?
<tomreyn> zertyuio: i'm sure there are people here who worked with mdadm before, or do so daily. but that's not your actual question. please ask your actual question.
<tomreyn> and hello there, too ;)
<zertyuio> here is my disk of 20Go https://pastebin.ubuntu.com/p/vfnTxgdK7g/ i would like to resize it to 950Go
<zertyuio> how i can do so ?
<zertyuio> without losing data
<tomreyn> this is very easy:
<tomreyn> you do backups.
<tomreyn> zertyuio: about resizing, how would you do this when there is no unallocated space?
<zertyuio> easy for you mean not easy for everyone
<zertyuio> as you can see on my post : https://pastebin.ubuntu.com/p/vfnTxgdK7g/
<zertyuio> there is something above 900GB of free space to use
<zertyuio> i would like to do so the same way that we used to do with lvm and fdisk
<lordcirth_> zertyuio, firstly, yes, do a backup.
<lordcirth_> zertyuio, then, you can follow this: https://raid.wiki.kernel.org/index.php/Growing#Expanding_existing_partitions
<zertyuio> how you can backup system volume ?
<lordcirth_> Skipping the first few instructions that are about switching the larger disks, of course
<lordcirth_> zertyuio, the root filesystem?
<lordcirth_> !backup
<ubottu> There are many ways to back your system up. Here's a few: https://help.ubuntu.com/community/BackupYourSystem , https://help.ubuntu.com/community/DuplicityBackupHowto , https://wiki.ubuntu.com/HomeUserBackup , https://help.ubuntu.com/community/MondoMindi - See also !sbackup and !cloning
<zertyuio> i would like to do so from rescue cd
<zertyuio> are you sure about the link that you post ?
<zertyuio> for backup ?
<tomreyn> zertyuio: what makes you wonder about it?
<zertyuio> which it ?
<tomreyn> <zertyuio> are you sure about the link that you post ?
<tomreyn> zertyuio: these links should indeed help creating a backup
<zertyuio> yes, for example if you take example of duplicitybackup
<zertyuio> it ask to install a package inside the system
<zertyuio> i m not sure that it will does some good backup
<zertyuio> if i follow so
<zertyuio> i m expecting something that i can boot from rescue cd
<zertyuio> and mount the partition
<zertyuio> and backup the whole thing
<tomreyn> this is cloning / imaging, bare metal recovery, but not backup.
<tomreyn> you don't want to have to stop your system every time you create a backup, right?
<zertyuio> yeas
<zertyuio> so i install duplicity
<tomreyn> so you backup only data that you will want to restore. this also enables you to do smaller, incremental, backups, of just the data you actually need. if the OS storage fails or breaks and you need to reinstall, then you just do that, restore configurations from your backup, and restore other data from your backup, and you're set.
<zertyuio> in order to so
<tomreyn> what you had on your mind about cloning / imaging can be done with clonezilla-live, a bootable linux distribution for this single purpose. this is not a proper backup, but something you can do now if it'd make you feel better about it.
<zertyuio> wait
<zertyuio> in order to so
<tomreyn> ?
<zertyuio> i have to seperate all data need to be backup before
<zertyuio> without mixing with system partition
<zertyuio> that task i forgot to so
<zertyuio> i don't have separate partition for data
<tomreyn> maybe you should have
<tomreyn> ideally separate disks, so you don't have OS and data fail at the same time.
<zertyuio> i think i found the best way
<zertyuio> i will reboot my system
<zertyuio> with rescue cd
<zertyuio> and mount my /
<zertyuio> then tar -cvf /
<zertyuio> will be the best way i think
<zertyuio> is it the best way ?
<hal529> Hi.  I've an ubuntu 16LTS server.
<hal529> It boots/operates from a 2-disk RAID1 array.  Works great; has for ages.
<hal529> I just noticed in startup logs, on exec of "/lib/systemd/systemd-modules-load", these ,essages --> "Module 'loop' is builtin" & "Failed to find module 'md'".
<hal529> In /etc/modules, there _are_ "loop" & "md" entries.
<hal529> I've never touched this on this box -- so something, maybe default install, added these.
<hal529> Do I *need* either?  Safe to remove them?
<tomreyn> zertyuio: this is surely not the best approach for regular backups (since it involves rebooting the systemjust for that), but maybe it is a good approach for your preparation of the RAID array changes.
<zertyuio> let me do that first
<tomreyn> zertyuio: note this approach may not enable you to backup databases and other data structures which require to be backued up in a special way (such as a database dump).
<tomreyn> !yy.mm | hal529
<ubottu> hal529: Ubuntu version numbers are: YY.MM (YY=release year,MM=release month). Each year sees two releases, so just specifying YY is imprecise. See also https://www.ubuntu.com/about/release-cycle
<tomreyn> hal529: but you made it clear enough that you have some patch level of ubuntu 16.04 LTS
<zertyuio> man you are doing the backup / how database can be exclude ?
<tomreyn> zertyuio: read the wikis you were pointed to, i can't explain everything.
<hal529> tomreyn: I asssume since you're asking, it makes a difference to my question?  Here, I've "Description:    Ubuntu 16.04.5 LTS"
<zertyuio> just tell what you read about that ?
<zertyuio> just tell mewhat you read about that ?
<tomreyn> hal529: so loop is for loop mounts, such as you'd need for snaps, maybe ISO image mounts. md is for software RAID, managed via mdadm.
<tomreyn> zertyuio: do you have databases?
<hal529> tomreyn: SUre.  I know what they're _for_.  I'm unclear why ubu's complaining about them here ... and what should be done about it.
<hal529> I clearly _have_ raid in place & working; mdadm's fine.  So that 'md' in /etc/modules -- and the 'failed to find' message suggest that's not necessary, done somewhere or somehow else, etc.
<tomreyn> hal529: i guess if you don't have a software raid it should eb safe to ignore these messages, which are probably just warnings?
<hal529> I *do* have software RIAD -- that's the point.
<zertyuio> yes of course i got databases
<hal529> RAID, even ...
<tomreyn> hal529: i was typing this when i hadnt spotted your message, yet
<tomreyn> zertyuio: which ones then?
<hal529> np
<zertyuio> mariadb
<tomreyn> zertyuio: then learn how to backup mariadb and then continue with the file based backup.
<tomreyn> hal529: did you reboot since, or is it that you're wondering whether that's safe now?
<zertyuio> just tell me
<tomreyn> zertyuio: just read it
<zertyuio> why saving / can not affect database ?
<hal529> tomreyn: sorry, 'since' what?  I get these messages every boot.  It's been this way for ages.  I'm _now_ paying attention to the messages.
<zertyuio> for me it is not logical
<hal529> I didn't add these lines.  They are causing warnings/errors messages on boot.  Don't know if that's real problem, or just noise.
<tomreyn> hal529: i see. i wouldn't worry about them if it doesn't impact your ability to boot.
<tomreyn> hal529: interestingly i can't find any other mention of this message on the web: Failed to find module 'md'"
<hal529> ... which is why I'm in here ...
<tomreyn> do you have a custom kernel?
<hal529> nope
<tomreyn> or custom core packages such as systemd?
<hal529> nothing custom.  bog-standard ubu16, with a zimbra mail server install on it.
<tomreyn> is this message printed when you "systemctl restart systemd-modules-load.service"
<hal529> it _got_ to v16+ thru countless upgrades over the years -- NOT a clean install
<hal529> nope, a systemd restart of that unit FAILs -- because of these messages
<hal529> it seems ...
<tomreyn> can you show the full output?
<tomreyn> !paste
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<hal529> sucks ... I was gonna paste 10K+ lines in here ;-p
<tomreyn> sorry if i asked bafore: is the system fully patched?
<hal529> oops.  shucks!
<hal529> yes, fully patched.  will pastebin in a sec ...
<tomreyn> you can install pastebinit and pipe into that or  | nc termbin.com 9999
<hal529> i'm a less-is-more kinda guy.  "One moment please  ..."
<hal529> tomreyn: --> https://paste.fedoraproject.org/paste/RK6-HNXYLdlCm1b525Yd3Q
<hal529> and, fwiw -> https://paste.fedoraproject.org/paste/PoN735TdWLjr0QTHgWt6Ug
<tomreyn> https://termbin.com/ug6y is what i get on a 16.04 *desktop* for "sudo systemctl status systemd-modules-load.service 2>&1"
<tomreyn> restart of this service gives 0 output there
<hal529> and what's in _your_ /etc/modules ?
<tomreyn> $ find /etc/modules-load.d/*.conf /run/modules-load.d/*.conf /usr/lib/modules-load.d/*.conf 2>&1 | nc termbin.com 9999
<tomreyn> https://termbin.com/e6gm
<tomreyn> $ cat /etc/modules | nc termbin.com 9999
<tomreyn> https://termbin.com/y41v
<tomreyn> blank
<hal529> "First base"!
<tomreyn> i should have a 16.04 server somewhere, looking
<hal529> I never touched that file.  Ok, modify that -- within the limits of my long-term memory ...
<tomreyn> mine is very weak there, but you could inspect the timestamp and compare it to the installation data
<tomreyn> *datE
<hal529> On ubu, there IS a /lib/modules/4.15.0-45-generic/kernel/drivers/md/raid1.ko.
<hal529> There is *no* ".../md.ko" to be found
<tomreyn> you run a HWE kernel there
<hal529> Yep, standard upgrade procedure.  Seems that all the 'non-complaining' entries in /etc/modules each _do_ have a correcponding "*.ko".  Neither "loop" nor  "md" , otoh, *do*.
<tomreyn> # ls -l /lib/modules/4.4.0-*/kernel/drivers/md/raid1.ko
<tomreyn> -rw-r--r-- 1 root root 62078 Dec  5 15:15 /lib/modules/4.4.0-141-generic/kernel/drivers/md/raid1.ko
<tomreyn> -rw-r--r-- 1 root root 65182 Jan 17 00:42 /lib/modules/4.4.0-142-generic/kernel/drivers/md/raid1.ko
<hal529> Which _suggests_ that they can (should?) be removed.  When it comes to fubar-ing RAID arrays, especially *boot* arrays, I tend to wanna know WTF I'm doing first ...
<hal529> Are you *using* RAID?
<tomreyn> no
<tomreyn> but i'm on one where i do now
<hal529> Well, then I certainly wouldn't expect the module even to be automagically loaded by some install/setup/etc process
<tomreyn> on the md raid1 server i have an empty /etc/modules
<tomreyn> so just comments
<tomreyn> and # ls -l /lib/modules/*/kernel/drivers/md/raid1.ko
<tomreyn> -rw-r--r-- 1 root root 60526 Jan 19  2018 /lib/modules/4.4.0-112-generic/kernel/drivers/md/raid1.ko
<tomreyn> -rw-r--r-- 1 root root 62078 Jun 14  2018 /lib/modules/4.4.0-130-generic/kernel/drivers/md/raid1.ko
<hal529> not even a 'raid1' line?
<tomreyn> no
<tomreyn> just lines starting with #
<hal529> clean-installed, recent ubu?  or upgraded from prior versions?
<tomreyn> this one should have been installed as 16.04 initially. /etc/initramfs-tools/modules is also empty except for comments
<hal529> hm.  wonder if it's a carryover/artifact from prior installs ...
<tomreyn> MODULES=most in /etc/initramfs-tools/initramfs.conf
<tomreyn> what is yours set to there?
<hal529> I have neither such a file, nor its parent dir ...
<tomreyn> you sure you're running ubuntu?
<tomreyn> ;-)
<hal529> heh.  i wasn just typing the same snarky question!
<tomreyn> is this amd64?
<tomreyn> # dpkg -S /etc/initramfs-tools/initramfs.conf
<tomreyn> initramfs-tools-core: /etc/initramfs-tools/initramfs.conf
<tomreyn> do you *have* an initrd?
<hal529> it's an AMD E-350.
<hal529> sure -> initrd.img-4.15.0-45-generic
<tomreyn> how is it generated if not by initramfs-tools?
<tomreyn> do you have initramfs-tools and initramfs-tools-core installed?
<hal529> for me, here, " lsmod | egrep "loop|raid|md"" -> https://paste.fedoraproject.org/paste/xgdfYRiojL~VE0TnDktBXA
<hal529> yes -> https://paste.fedoraproject.org/paste/1L72h8s2GexvSxq~4SSHKQ
<tomreyn> so initramfs-tools-core is installed, which /etc/initramfs-tools/initramfs.conf belongs to, but you don't have the file. this suggests the package was not properly installed.
<hal529> wait .  fubar <- pebkac.  fat thumbs alert!
<tomreyn> my lsmod looks similar btw
<hal529> https://paste.fedoraproject.org/paste/do6cqK5FCZk7CbkwQ-HS5A
<hal529> yes, MODULES = most
<tomreyn> i just did "systemctl status systemd-modules-load.service" and "systemctl status systemd-modules-load.service" on this server with md raid-1 and while both generate output, no module warnings ar eprinted
<tomreyn> /etc/modules is empty, and so are /etc/modules-load.d/*.conf /run/modules-load.d/*.conf /usr/lib/modules-load.d/*.conf
<tomreyn> hal529: sorry i can't help more, but i'm really sleepy and should wrap it up here.
<hal529> np o/
<tomreyn> bye bye
<jonfatino> Anyone here a ubiquity master? I am trying to install ubuntu from ubuntu livecd with a bash script. Not launching the installer via gui. I already have a preseed file.
#ubuntu-server 2019-02-12
<lordievader> Good morning
<talx> morning folks
<talx> I'm having issues with preseeding installation. during the installation I get to the part of the keyboard layout which is english us I see its marked but it won't click on continue
<talx> I'm working on it two days and anything that I found in google won't help
<talx> anyone?
<qman__> talx: you have to specify some of the options on the kernel boot line, as they happen before it loads the preseed file
<qman__> talx: this is a boot line from my debian preseed, I haven't completed the ubuntu one yet, but should be very similar
<qman__> talx: append priority=critical initrd=boot/debian/amd64/initrd.gz preseed/url=http://192.168.1.1/boot/debian/preseed-server.txt preseed/url/checksum=9db8c17c90f3bd1cf24b66732c8ccc08 locale=en_US keymap=us netcfg/choose_interface=auto hw-detect/load_firmware=true
<talx> qman__
<talx> append root=/dev/nfs priority=critical debian-installer/locale=en_US keybaord-configuration/layoutcode=us ubiquity/reboot=true languagechooser/language-name=English countrychooser/shortlist=US localechooser/supported-locales=en_US.UTF-8 boot=casper netboot=nfs nfsroot=192.168.0.104:/var/www/Udesktop/ initrd=test/initrd url=http://192.168.0.104/UB1604/ks_tal.cfg splash quiet auto=true
<talx> nouveau.modeset=0 automatic-ubiquity noprompt noshell ---
<talx> this is mine heh
<talx> what would you change
<talx> because I have no idea whats failing me
<qman__> well, I don't know all the options off hand but it looks like you have all the keymaps and such specified
<qman__> I do notice you don't have a preseed file, though
<talx> well I don't have kymap=us
<talx> what is a preseed file
<talx> isn't it the ks_tal.cfg
<talx> ?
<talx> with all the d-i configurations ?
<qman__> oh, yeah
<qman__> yours is just url, mine is preseed/url
<qman__> you also don't have a checksum
<qman__> mine didn't work without one
<qman__> but I only tested debian, not ubuntu
<talx> ;/
<talx> can you share you preseed-server.txt?
<qman__> yeah
<qman__> talx: http://paste.debian.net/1067318/
<talx> ty
<technoob> Hi guys
<technoob> Can i ask something
<lotuspsychje> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<lotuspsychje> did you fix your nuc server technoob ?
<technoob> I want to make my nuc5cpyh play music
<technoob> lotuspsychje nope not yet
<technoob> But i was able to ssh in my nuc and install all the things i want
<technoob> On the main terminal where my nuc is i was able to login when i press a bunch of keys
<technoob> It then asked me to login
<technoob> Lol
<technoob> Not sure if thats the right way though
<lotuspsychje> share some details to the channel, volunteers might think along with you
<technoob> I see
<lotuspsychje> !details
<ubottu> Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information; for example, we might need errors, steps, relevant configuration files, Ubuntu version, and hardware information. Use a !pastebin to avoid flooding the channel.
<technoob> Its fine
<technoob> Ill just put that issue aside for now
<technoob> Since i can still run and access my apps fine
<technoob> Anyway
<technoob> Is there a way to play music on my nuc using ssh
<technoob> Or do i need to do it on the nuc itself?
<mike802> hey, i just implemented ssl on my apache2 server and i'm running into some warnings with the latest dist-upgrade......
<mike802> wondering if anyone else has seen this
<teward> mike802: the warnings themselves need to be shared for proper assistnace to be given.
<mike802> cryptsetup: WARNING: The initramfs image may not contain cryptsetup binaries
<mike802>     nor crypto modules
<mike802> :/
<lordcirth_> mike802, do you use an encrypted filesystem? If not, it's not a problem
<mike802> alright, thank you
<mike802> :)
<technoob> Guys how do you play music on the server
<tomreyn> you can use "aplay" to play back music files from a terminal
<tomreyn> or paplay
<genii> You can also use ffmpeg/ffplay and then connect to it with a web browser
<technoob> tomreyn will it play on the nuc itself?
<technoob> I intend to use ssh
<technoob> genii connect witha browser?
<technoob> What if i want to play it on my nuc itself
<tomreyn> technoob: where else would you want the audio to play back?
<technoob> On the machine itself
<tomreyn> technoob: well it will.
<technoob> Ok ill try it out
<tomreyn> this is not really a server question, though
<technoob> Oh
<technoob> Where is this kind of question usually brougt up
<lotuspsychje> he's running server on his nuc
<lotuspsychje> he probably wanted to know where to play music, locally or..
<tomreyn> i see well if you run ubuntu server then it's probably fine here
<lotuspsychje> technoob: thats why i asked you good details at your first question mate, so volunteers can understand what it is you really need/want
<technoob> Ok
<technoob> Will ask with more detail next time
<technoob> Thanks lotua
<technoob> Lotus
<mybalzitch> anyone know when the docker snap is getting updated to address that latest vuln?
<teward> mybalzitch: ask Docker.
<teward> because the snaps are typically independent of Ubuntu's packages getting patched
<teward> (at the snapper or upstream's leisure)
#ubuntu-server 2019-02-13
<teward> finally glad to see my Landscape Client memory consumption leak bug finally being addressed heh.  cc sarnold who I know has heard my complaints since I filed it in early 2017 about Landscape Client eating up *all* my systems' RAM to obscene levels
<sarnold> teward: oh yeah? :) nice
<teward> LP bug #1685885
<ubottu> Launchpad bug 1685885 in landscape-client (Ubuntu Cosmic) "Extreme RAM and SWAP usage" [High,In progress] https://launchpad.net/bugs/1685885
<teward> we can blame twisted logging :P
<teward> biggest impact is on Xenial P
<teward> but it still exists to a lesser degree elsewhere.  Their fix seems sane, dump the unused logs to a null handler and just discard, rather than 'storing' in memory in a buffer that won't be used.
<teward> 'twas a nasty that technically could have been classified as an unintended DoS vector without any need to act because it'd just seize up the entire system's RAM and swap resources
<teward> i didn't push for it to be clarified as such, but :P
<teward> classified*
<sarnold> "you end up with a log buffer totaling in the hundreds of megabytes, or even gigabytes"
<sarnold> owwwwwww
<teward> yep.  and that just ate RAM and swap (depending on the degree of swappiness set in the system)
<sarnold> "Author: exarkun" .. there's a name I haven't heard in a while
<teward> on Xenial from my initial report it ate 50% of RAM and 40%+ of 1GB of SWAP on a 1GB RAM machine :P
<teward> heh
<sarnold> amazing, it's a single-line bugfix.. I wonder how many people discarded landscape due to the memory use over the years due to it :(
<teward> sarnold: judging by the number of people who were asking for the bug to be fixed?
<teward> a substantial number.
<teward> I know I abandoned it even though I had more than enough machine counts to manage *all* the systems I have, solely because of the resource usage being obscene and DoSing my servers simply by eating RAM and swap
<teward> sarnold: the 'fix' upstream which limited the resource usage *was* made over 2 years ago, but *after* twisted had been in Ubuntu Xenial, it makes sense from this that the leak was unintentional but has a pretty easy fix of just initializing logging and discarding everything
<teward> so I'm strongly hoping that SRU passes through fairly quick :P
<teward> at least the fix is in disco currently xD
<kstenerud> I'm merging a package that has some lintian errors due to debhelper. It has Build-Depends on debhelper-compat, but lintian complains that it doesn't have a Build-Depends on debhelper.
<kstenerud> Should I be adding debhelper as well?
<ahasenack> kstenerud: I'd check the history of debhelper-compat, see if it's just an old package, or metapackage, and if just debhelper replaces it
<ahasenack> rbasak: to get git-ubuntu to work with pmdk again, the package should be synced first, and then our delta re-applied? Would that be one way?
<rbasak> ahasenack: you could do that, but there's no need to sync first. Just branch your delta re-application from pkg/debian/sid.
<rbasak> Then when you're ready (MP approved etc), upload tag that, push and upload.
<ahasenack> ah, I see
<rbasak> git-ubuntu will accept any upload tag you give it provided that the corresponding tree matches your upload.
<ahasenack> ok, thanks
<oussemos> Hi, I'm using an old Ubuntu AMI for EC2 (ami-02790d1ebf3b5181d) built on 2018-11-24, I found this morning that Docker is already the latest version
<oussemos> How do you guys managing this ?
<teward> oussemos: 'already the latest version' according to what?
<teward> upstream or apt?
<oussemos> teward: yes upstream (Docker 18.09.2)
<oussemos> The image is supposed to be from 2018-11-24
<teward> oussemos: is Docker installed via snap?
<teward> `snap list` and see if Docker is in thelist
<teward> oussemos: if Docker is installed via snap, then `snapd` will automatically update the snap when newer versions are available
<teward> this is just how Snaps work :P
<teward> nothing to do with the AMI image itself
<sdeziel> docker's snap is dated from October which means it contains the recently discovered vuln
<teward> sdeziel: interesting.
<teward> sdeziel: then how does the AMI have the updated upstream Docker?
<sdeziel> teward: I'd say worrying ;)
<teward> sdeziel: i'd blame HACKS then but :|
<sdeziel> Docker 18.09.2 isn't shipped in official repos so it seems like oussemos is using a custom source/PPA/etc
<oussemos> no the package is not installed with snap
<oussemos> it was installed from https://download.docker.com/linux/ubuntu source
<sdeziel> oussemos: maybe you have unattended-upgrades
<teward> oussemos: ^
<teward> unattended-upgrades might do the updates like that
<sdeziel> on second thoughts, I don't know if it would pull from non-official repos
<sdeziel> could also be cloud-init
<oussemos> yes exactly :) it's cloud-init
<oussemos> with package-update-upgrade-install, it's updating all packages to the latest version found in repos
<oussemos> found this in cloud-init logs
<oussemos> Thanks teward and sdeziel
<sdeziel> np
<rawco> hello everyone, hoping to find a tutorial/guide on setting up LDAP+SAMBA with webmin and integrate them. I got both up and running but i want to create groups in LDAP and them also becoming SAMBA groups/users . webmin throws me an error everytime i try: Failed to save group : "Failed to add group to LDAP database : objectClass: value #1 invalid per syntax" -- It will, however, create the group if i select ânoâ on the âSAMBA GROUP?â option
<Deihmos> is there an expert install of the server?
<lordcirth_> Deihmos, could you be more specific?
<lordcirth_> What does the default installer not let you do?
<Deihmos> expert install like debian where you have some customization of what is included. the installation is very basic
<teward> Deihmos: are you using the live subiquity based installer or the original alterante installer that is d-i based?
<lordcirth_> Deihmos, these have the debian installer, I think: http://cdimages.ubuntu.com/ubuntu/releases/bionic/release/
<teward> if it's subiquity then you're right, that's not really designed for ultimate heavy duty expert installation like d-i has, you want to use ^ those instead
<teward> from lordcirth_'s link :[
<teward> :P *
<Deihmos> thanks
<Deihmos> the installer doesn't give much customization. i guess that's just not what ubuntu does
<lordcirth_> Deihmos, just curious, what customization did you want?
<Deihmos> by default ubuntu installs a lot of stuff that i don't need.
<Deihmos> i can install debian server and it is just 720MB. Ubuntu minimum is 1.5GB
<cuken> I'm having problems installing ubuntu server behind my corporate firewall. I was able to put my corporate proxy server in during the install, but it requires an additional HTML login page. Is there a way for me to disable it from checking the archive repo's for release files?
<sarnold> there ought to be a way to disable installing updates during install, but be warned that you ought to perform those updates asap before creating untrusted users on the system
<cuken> I tried disabling my interface and it restarts the install. Looks like I require an internet connection now?
<sarnold> cuken: there's both a debian-based installer and a subuiqity-based installer; you could try the other one?
<lordcirth_> cuken, the debian installer will work offline. Then you can set up your proxy after rebooting.
<genii> cuken: If your work uses a captured portal system, you might be able to use a liveusb to access the login page and get the machine's MAC address on the authorized list of the portal long enough for it to still be in effect if you try to reinstall server just after that
<cuken> genii: tried with the live ISO, looks like we cache with a mixture of the machine name :/
<genii> cuken: Another way that occurs to me is during install, alt-f2 or alt-f3 to gain a terminal, then edit /target/etc/apt/sources.list to comment out all entries and Prompt=never in /target/etc/update-manager/release-upgrades
<genii> alt-f1 would bring you back to the installer console, alt-f4 to installer output messages
<RoyK> or ctrl+alt+f1 if you're in X
<Deihmos> teward: the mini.iso is what i needed for the expert install.
<Deihmos> does the server auto install updates?
<tomreyn> Deihmos: only if you choose it
<Deihmos> the install didn't have an option
<tomreyn> so you'll need to install unattended-upgrades and configure it in /etc/apt/apt.conf.d/50-unattended-upgrades
<tomreyn> this path is from memory, might have changed since.
<sarnold> hmm, seeded-in-ubuntu reports that unattended-upgrades is in ubuntu-server: daily, daily-live, daily-preinstalled
<tomreyn> installed != enabled
<sarnold> hrmph. I really thought we had it enabled eveyrwhere by default now :(
<tomreyn> not on either of the server installers, i would think. on desktops you can choose, but i'm not sure whether there is a (GUI) default.
<tomreyn> rbasak was saying he thinks ubuntu core does updates by default (but also wasn't 100% certain, though i guess it surely makes sense for the iot use case).
<tomreyn> on the other hand, if hundreds of remote, badly connected and basically pysically unserviable systems were to fail due to a regression, that'd be pretty bad.
<Ussat> I rip out unattended-upgrades on all my server installs
<mwhudson> the d-i installer asks you if you want it enabled, the default is "security only"
<mwhudson> live server doesn't ask (yet)
<tomreyn> oh so d-i defaults to on for security, i wasn't aware.
<tomreyn> since when is this?
<tomreyn> i see, 18.04 d-i has it enabled.
<Ussat> FWIW I really dislike this "hand holding let us preconfigure and protect you from yourself" direction
<tomreyn> i might add that i'm still disappointed with the feature coverage and quality the default server installer will have in the third 18.04 release.
<tomreyn> i do recognize that some bugs git fixed, which is great., but also other didn't or maybe just the bug reports didn't get updated, not sure.
<tomreyn> as always, this is not to blame anyone, i'm just looking at things remotely and with the high expectations I got used to during the past years.
<mwhudson> tomreyn: yeah we didn't get much done for .2
<tomreyn> there's always the option of switching defaults again until things work well.
<tomreyn> (i realize this may be a difficult thing to sell both inside and outside the company)
#ubuntu-server 2019-02-14
<apawl> My home server (Ubuntu 18.04.2 LTS -- GNU/Linux 4.15.0-43-generic x86_64) is unresponsive when downloading large files. Netdata is alarming on the following "number of times, during the last 10min, ksoftirq ran out of sysctl net.core.netdev_budget or time slice, with work remaining"
<apawl> Itâs a 10GbE interface though, with lots of CPU / mem.
<apawl> I'm wondering if there's additional tuning I need to do? This is just a home server, but beefier hardware than I've used with Ubuntu before..
<apawl> The default netdev_budget value is 300. I'm in the process of testing that value of 600. Part of me wants to jack it up way higher, but I'm unsure of the correct practice
<sarnold> apawl: I think ethtool -S <iface> will show some stats on dropped packets..
<sarnold> apawl: I think your missing packets may show up in this output too
<apawl> I just rebooted, so am going to run a new test. Hopefully I'll see missing packets with that command
<apawl> So I'm not seeing actual packets dropped, but I am seeing this number, which matches very closely to the netdata alarm
<apawl> rx_flow_control_xon: 18513
<apawl> Could that explain an unresponsive ssh session during heavy network downloads?
<sarnold> flashbacks to RTS/CTS modem days..
<sarnold> a friend put this together back in 2002 .. https://lartc.org/wondershaper/
<sarnold> probably it'd be better to use fqcodel flow control things today ..
<sarnold> but I wonder if this is related. (I still haven't gotten networking gear like yours, sorry it's all speculation on my part)
<apawl> Honestly, I'm at the edge of my networking knowledge. Could be related? I was really surprised to see packets aren't being reported as dropped, but that I ran out of netdev_budget like 18k times
<sarnold> this is wild speculation, but perhaps you did run out the budget, but the packets weren't dropped, and were handled by the next workqueue run?
<apawl> I _think_ that would suggest that the behavior would be a delayed SSH session, but from what I can tell that doesn't happen.
<sarnold> have you had any success with the 300 -> 600 test?
<apawl> Nope. I'm going to try jacking it up to something silly.
<sarnold> if that doesn't give results, then I'd think it's time for wider investigation.. maybe http://www.brendangregg.com/flamegraphs.html or http://www.brendangregg.com/usemethod.html could be good starting points
<cpaelzer> jamespage: the OVS config patch for DPDK 18.11 as we have it was accepted
<cpaelzer> jamespage: I updated the OVS packaging git with that update
<cpaelzer> jamespage: but I didn't upload anything as that can wait for OVS 2.11 being released
<cpaelzer> jamespage: but I wanted to make sure that updated patch is ready and waiting for you then :-)
<lordievader> Good morning
<siavoshkc> OK. What is the best method to create backups on ubuntu server
<lordievader> There is no "best" method... I use dirvish.
<zzarr> hello!
<zzarr> I have a problem
<zzarr> I get "sudo: no tty present and no askpass program specified" when I try to run a command
<zzarr> (as root)
<zzarr> I don't know what I did to cause this
<zzarr> I would restart the machine if I could
<zzarr> it's only sudo that's broken
<zzarr> and su
<lordievader> What are you trying to run precisely?
<zzarr> I'm stuck
<zzarr> sudo reboot
<zzarr> it's a cloud server and I don't have access to the management environment
<zzarr> when I run su it says "su: must be run from a terminal"
<zzarr> the server is running 18.04
<lordievader> Almost sounds like you do not have a real terminal.
<zzarr> I only have ssh
<zzarr> I have tried to start a new ssh session but that did not help
<zzarr> I have 2 screen sessions running and 1 tmux
<lordievader> Close all ssh connections and run `sudo -t <host> "sudo ls"`, what is the output? The same error?
<lordievader> Err `ssh -t <host> "sudo ls"`.
<zzarr> it says "PTY allocation request failed on channel 0"
<zzarr> I have bind mounted /dev /dev/pts /sys and /proc trying to run a chroot, but that should not be a problem
<zzarr> I have root access now :)
<jamespage> cpaelzer: tbh I'll push a new snapshot this week
<lordievader> OK, good
<zzarr> up and running again :D
<frickler> jamespage: did you look into building ceph 12.2.11 yet? I'm getting issues with symbol changes, some additions can probably be amended, but this deletion looks bad https://paste.ubuntu.com/p/87JMf8fppV/
<jamespage> frickler: yes had the same thing - not to worried about the deletion - https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3534
<jamespage> frickler: my build/test loop is quite slow with LP builders as they don't have huge amounts of RAM
<frickler> jamespage: oh, great, I'll try to build that locally, thx
<jamespage> frickler: pushed all to https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/ceph
<jamespage> frickler: that PPA is the tip of my work for bionic
<jamespage> frickler: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3535 has similar but for xenial
<jamespage> frickler: that should have been https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/ceph/+git/ceph I think
<frickler> jamespage: seems it defaults to git already
<jamespage> apparently so
 * jamespage needs more coffee
<frickler> thanks to smoser I also have a bit of experience with bzr, though ;)
<rbasak> kstenerud: so is bug 1812387 actually in the tmux-plugin-manager package? Because that's in universe.
<ubottu> bug 1812387 in tmux (Ubuntu) "tmux crashes on tpm init" [Medium,Confirmed] https://launchpad.net/bugs/1812387
<kstenerud> oh ok, so that means we don't bugfix universe?
<blackflow> "we"?
<rbasak> kstenerud: Canonical's commitment is in main only. That's effectively what main means.
<zenirc369> command| grep -w heat
<zenirc369> includes output with both heat and heat-cfn
<zenirc369> how can i exclude heat-cfn from output to get the output with only the word 'heat'
<blackflow> zenirc369: ... | grep -v "heat-cfn"
<frickler> zenirc369: or use negative lookhead: grep -P 'heat(?!-cfn)'
<dpawlik> coreycb: hi, don't you have any error on queens/rocky
<dpawlik> like: http://paste.openstack.org/show/ppKG3IWpaBvuaiEnyf7h/
<dpawlik> libvirt version: 4.0.0-1ubuntu8.6
<dpawlik> all is installed from bionic repo
<dpawlik> coreycb: I report a bug: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1815910
<ubottu> Launchpad bug 1815910 in libvirt (Ubuntu) "Apparmor blocks access to /dev/vhost-net" [Undecided,New]
<coreycb> cpaelzer: is that a known issue? ^
<cpaelzer> coreycb: reading
<cpaelzer> dpawlik: let me guess - your guest initially does not have any vhost-net devices and you then hotplug one right?
<cpaelzer> the rule for /dev/vhost-net i added on guest definition if a network device has VIR_DOMAIN_NET_BACKEND_TYPE_QEMU and virDomainNetIsVirtioModel
<cpaelzer> that means if you start withotu it isn't added
<cpaelzer> there might be no security relabeling call that we could hook onto for adding the network device
<cpaelzer> let me check that
<cpaelzer> dpawlik: please confirm (or correct) my assumptions if you are still around
<cpaelzer> I replied on the bug, let me know there once you have time
<cpaelzer> coreycb: I assume you usually start with at least some vhost-net devices right away right?
<coreycb> cpaelzer: i would assume so too but would have to check a deployed instance to be sure
<cpaelzer> coreycb: well yours work, which is a hard argument that it is that way :-)
<coreycb> cpaelzer: sahid and i are working through enabling py37 unit tests for openstack. how's libvirt-python wrt py37?
<dpawlik> cpaelzer: w8, let me finish eat lunch :)
<coreycb> cpaelzer: 14 months until likely having to support py37 too in 20.04
<coreycb> i mean py38 too
<cpaelzer> dpawlik: take yur time with lunch, no rush
<dpawlik> cpaelzer: yes, I would like to add a vm which doesn't have any nic, attach a new interface so later it raises an error
<cpaelzer> coreycb: TBH - I have exactly zero idea about the py3 support state of python-libvirt
<cpaelzer> dpawlik: ok, then all my assumptions are right
<cpaelzer> dpawlik: just state so on the bug where I asked
<cpaelzer> I need to debug the labeling calls that go on while hot adding a further network device
<cpaelzer> depending on that result this is annoying or really hard to implement, so no commitment before I have that result
<cpaelzer> :-)
<dpawlik> cpaelzer: you are genius.  Now when I read bug on launchpad I see that I miss important information
<cpaelzer> really, then add it please :-)
<coreycb> cpaelzer: would you be able to push on py37 support by any chance? doko will be very happy if you do. :) 20.04 will likely be python 3.8 by default but minimally will be python 3.7. also thanks for looking at the vhost-net issue.
<dpawlik> but you find out that :D
<dpawlik> cpaelzer: ack
<cpaelzer> it was enough to get me thinking, which to admit is more than what you usually find on the average bug report, so you did well already
<cpaelzer> coreycb: I really have had no business with python-libvirt so far
<cpaelzer> coreycb: your push a.k.a email will be just as effective (or not) as mine
<coreycb> cpaelzer: ok looks like we generally just sync that one from debian
<cpaelzer> yep
<cpaelzer> coreycb: I appreciate that you think I'm involved everywhere, but no :-)
<coreycb> cpaelzer: but you are Mr Libvirt :)
<dpawlik> coreycb: +1
<dpawlik> he is a Mr Libvirt ;D
<coreycb> cpaelzer: sahid: fyi https://bugzilla.redhat.com/show_bug.cgi?id=1677321
<ubottu> bugzilla.redhat.com bug 1677321 in libvirt "libvirt-python missing support for modern python versions (python 3.7)" [Unspecified,New]
<smoser> frickler: if you don't have anything nice to say, don't say anything at all ;)
<frickler> smoser: hmm, the nice thing I'd have to say about that is that you responded to my request to move to git pretty fast :)
<smoser> frickler: thanks!
<cpaelzer> coreycb: 1815917 is a tracker onto that, thanks for filing
<coreycb> cpaelzer: ok thx
<kstenerud> ahasenack: In reference to https://bugs.launchpad.net/ubuntu/+source/freeipmi/+bug/1808637/comments/3
<ubottu> Launchpad bug 1808637 in freeipmi (Ubuntu) "freeipmi-ipmidetect postinst fails on default install" [Undecided,Triaged]
<kstenerud> How would one check the RUN variable in systemd?
<sdeziel> kstenerud: probably not the most elegant thing but you could add ExecStartPre=/bin/echo $RUN or check ipmidetectd's /proc/$pid/environment
<sdeziel> kstenerud: maybe adding "export SYSTEMD_LOG_LEVEL=debug" before "systemctl start" would also provide what env vars it is going inject to the ExecStart process
<kstenerud> sdeziel: That would definitely show what's going on, but I need to always allow the postinstall to succeed, but print out a warning message when $RUN is no.
<kstenerud> basically the package can't run with no config, but there's no default config. So it needs to say something to the user, but also allow the package install to succeed via apt
<sdeziel> kstenerud: ExecStartPre=/usr/bin/test "$RUN" != "no"
<sdeziel> untested of course
<kstenerud> ok thanks I'll play around with it
<sdeziel> but that sounds like a kludge. It would be better to instead add a ConditionPathExist=/path/to/config IMHO
<sdeziel> I'm spinning a disco container to take a closer look
<sdeziel> ipmidetectd.conf is provided by the package but in a unusable state so I think the ExecStartPre test is the way to go then
<kinghat> if you disable ssh access for root and try to login via root does it just say no or give you password attempts even though you will never be able to login?
<kinghat> for me its letting me try to login 3 times with password but getting permission denied.
<tomreyn> if password authentication is enabled and preferred / no preffered authentications succeed, i guess it'll show password prompts, otherwise it'd allow for user enumeration.
<kinghat> tomreyn: is password login default? i dont have that enabled in sshd_config
<kinghat> i dont even see it in there actually.
<kinghat> or is that what `PAM` is?
<kinghat> ok so password auth config is for both root and users?
<kinghat> i guess i dont full understand what all im disabling if i disable PAM.
<kinghat> fully*
<tomreyn> kinghat: "PasswordAuthentication yes" is default, i think, also "PermitRootLogin prohibit-password"
<kinghat> is it smart just to disable ssh access via root altogether?
<tomreyn> there is a statement on sshd_config explaining what setting "UsePAM false" results in
<tomreyn> what is smart surely depends on your needs and how you use it
<tomreyn> it is smart to only allow those authentication methods and users to authenticate that you strictly depend on.
<kinghat> ya disabling ssh root access altogether seems smart. im just not sure about my user. i have the key setup but not sure if i should kill its password access. i mean you have to share the private key around or add it to every device you need to connect from. or make their own. and managing all that.
<kinghat> also i had a key setup that i used for root and my user, i know where the user pub key went, but what about the root reference?
<teward> well the OTHER way is to do it by whitelist - whitelisting specific IPs to access SSH
<teward> but that won't work unless you have static IPs on every side
<teward> or you could set up a VPN into your box and then only allow SSH from that VPN
<kinghat> ya there is that
<kinghat> i want to try and find the pub key that i submitted for root to use and remove it and leave the one thats in my users `.ssh` file.
<kinghat> basically, where is the roots `authorized_keys` file?
<benharri> /root/.ssh/authorized_keys
<kinghat> hmm i dont have that
<kinghat> not sure how i was logging in via root with key.
<benharri> you _can_ specify an alternate authorized_keys filename in /etc/ssh/sshd_config
<benharri> but that's non-standard
<kinghat> huh. odd
<benharri> re: root ssh login: i usually set it to prohibit-password in the unlikely event that i muck up my normal user account or its keys
<benharri> and only keep my hardware-backed gpg-agent-provided pubkey in the authorized_keys
<kinghat> thats a good idea
<benharri> it's definitely come in handy more than once
<benharri> mucked up /etc/{passwd,shadow,group} during a migration to a new box
<Ussat> so can I verify, on 16.04 I used ot use: apt-get -y autoremove --purge to remove old kernels but keep the last two, is that no longer the case ?
<tomreyn> Ussat: i think that's still the case on newer releases (you're not saying which one you're asking about) if you have package "linux-image" installed.
<tomreyn> "last two" is almost correct there, it also keeps the one which is currently running.
<Ussat> OK so N+2 thanks
<Ussat> ok, and if I dont have linux-image ?
<tomreyn> i'm not certain about this but i *think* they are not removed automatically then. but this may be plain wrong or outdated, i have not tried to verify this.
<Ussat> OK, thanks
<Ussat> re newer systems, 18.X
<Deihmos> If I wanted to remove all the packages installed with Ubuntu is that possible?
<tomreyn> Deihmos: theoretically it may be, but then you'd have nothing left to work with. why would you wnat to anyways?
<Deihmos> How would I do it?
<sarnold> constructing the order of packages to remove so that the prerm and postrm scripts that are run don't have dependencies on already-removed packages might be difficult
<tomreyn> it's a somewhat interesting experiment, but i guess it'd get somewhere between boring and daunting really quick.
<tomreyn> but removing essential packages is not supported, and we haven't seen an actual use case either.
<CarlenWhite> I'm screwing around with ubuntu-like and...I'm not sure what I'm looking at.
<CarlenWhite> BW checkered background with a teal bordered terminal.
<CarlenWhite> Holding left click in empty space gives me 'Main Menu' and middle click gives me 'Window Ops'
<CarlenWhite> Oh, it's TWM
#ubuntu-server 2019-02-15
<sarnold> sdeziel: I just did an apt-get dist-upgrade that ran probably 15 or 20 times faster than it might have, thanks to removing os-prober :)
<sdeziel> sarnold: hehe :)
<sarnold> granted I still haven't rebooted..but at least the upgrades are going way faster :)
<sdeziel> sarnold: if you'd like to make "apt-get update" faster too: https://paste.ubuntu.com/p/kMh2JXW4jC/
<sarnold> sdeziel: heh, I did the acquire-languages one once and apt-cache search didn't work quite right for ages and it took me a lot longer than I'd care to admit to figure out that I'd done it to myself :)
<sdeziel> apt-cache search works well here for some reason, go figure :)
<sarnold> hmmmm
<sdeziel> I "inflict" those settings to every machine I manage so I hope it doesn't cause problem </BOFH>
<sdeziel> good evening
<lordievader> Good morning
<patstoms> is there any way to enable disabled network interface at installation?
<patstoms> i am aksing this because i can't see them using ifconfig -a
<rbasak> If ifconfig -a can't see it then I think the NIC isn't visible to userspace at all (unless you're in different namespace which I presume you're not)
<rbasak> Sounds like a driver or BIOS issue.
<patstoms> this should be related to ubuntu 18 installation
<lordievader> Module not loaded/available?
<patstoms> at install it saw all of them and i can see them using lspci
<patstoms> but i disabled some of them using disable option
<patstoms> ok, i can see them now after reboot
<patstoms> i don't know why i was not able to see them before
<Hackerpcs> is it possible to specify a custom non-53 dns port in "nmcli con mod"?
<ren0v0> Hi, i'm not getting much help over on ubuntu so thought would try here
<ren0v0> I'm getting this error when trying to do a release upgrade:  https://paste.ubuntu.com/p/JJkzN4Kdby/
<ren0v0> any ideas?
<blackflow> Hackerpcs: may I ask why would you want that? And is it for client side or server (dnsmasq/systemd-resolved) side?
<Hackerpcs> I wanted to direct it to localhost:53535 dnscrypt-proxy I run via docker
<Hackerpcs> dnsmasq runs on 53
<blackflow> Hackerpcs: ideally, since that's localhost, you'd want to turn of dnsmasq and have the docker listen on port 53
<blackflow> *off . Meanwhile, I think you can run port forwarding without NAT via iptables, but I'm not sure of exact iptables syntax OTOH
<blackflow> actually I think it's regular DNAT just for the same IP but different port.
<Hackerpcs> I don't want it to act like a server for any other endpoint, just locally
<blackflow> yes that doesn't conflict anything I said. :)
<blackflow> you have several options really, none of which require you to alter the port number for the client/lookup side. You can do DNAT, you can disable all but the docker as the resolver, or you can run the docker on a separate IP, but port 53, and simply adjust your /etc/resolv.conf
<blackflow> (directly or whichever tool you use that manages resolv.conf)
<Hackerpcs> I think I'll go to the route of disabling dnsmasq on NM and systemd-resolved
<Hackerpcs> and have dnscrypt act directly on 53
<blackflow> that's what I'd do. Keep it simple.
<tomreyn> http://releases.ubuntu.com/18.04/ubuntu-18.04.2.0-live-server-amd64.iso.torrent , as found at https://www.ubuntu.com/download/alternative-downloads#bittorrents is a 404
<tomreyn> who could fix this?
<Hackerpcs> hm dnscrypt via docker doesn't seem to like being run on 53, "[FATAL] listen udp 0.0.0.0:53: bind: permission denied"
<cpaelzer> tomreyn: I think it should be http://releases.ubuntu.com/18.04/ubuntu-18.04.2-live-server-amd64.iso.torrent
<cpaelzer> let us highlight a few people on #ubuntu-devel about it
<blackflow> Hackerpcs: I don't know docker, but ports<1000 require CAP_NET_BIND_SERVICE for unprivilegd users
<tomreyn> thanks cpaelzer
<Hackerpcs> I'm trying first directly outside docker to see how to configure it and then try in docker. I've commented out dnsmasq in networkmanager config and stopped/disabled systemd-resolved service but /etc/resolv.conf keeps getting reset
<Hackerpcs> shouldn't it be used directly after those two are stopped?
<blackflow> Hackerpcs: I think you'll need dns=none rather than just commenting it out, in NetworkManager.conf. systemd-resolved you'll have to "mask", not just disable
<blackflow> Hackerpcs: then restart NetworkManager, and unlink resolv.conf, install a static one under /etc  (because default is a symlink into /run/
<blackflow> unlink /etc/resolv.conf that's what I mean
<blackflow> Hackerpcs: btw, if it runs outside of docker.... why do you need docker in the first place?
<Hackerpcs> I had a ready made compose with pihole/dnscrypt/openvpn from home https://pastebin.com/vvGp56tL and on the vps I'm working on I just wanted the openvps and dnscrypt part so I just tried if it works directly
<blackflow> Hackerpcs: my question still stands. if it runs normally, why use docker at all. docker is primarily useful when you need environments that can't exist natively (eg. library conflicts or lack of native packaged solutions). everything else is just abuse of dockeer and complicating things for no benefit.
<blackflow> if it's isolation/security that you need, systemd service unit files have plenty of options to containerize a service with far less complexity.
<Hackerpcs> the main thing I wanted was to run openvpn on the vps and the docker image used kylemanna/openvpn makes it very easy. after that I want dnscrypt as the dns resolver, on home it is used by pihole, here I don't want pihole, just dnscrypt directly
<Hackerpcs> reason to use docker in the first place was the ease of setting up openvpn with the image
<blackflow> so dnscrypt is part of the openvpn dock(er)?
<Hackerpcs> yeah, no need to be in docker here though so it can run alone directly outside of docker
<blackflow> Sure. simplify as much as possible.
<Hackerpcs> use of docker at home (irrelevant to the vps) is because with docker setting up pihole and openvpn is very easy in contrast to installing the directly and don't touch the main system files with their settings, files, etc
<Hackerpcs> installing them*
<blackflow> that's a rather vague reason. openvpn is packaged in Ubuntu and thus with files perfectly under control. the only problem with clobbering "main system files" is when you install outside of the package manager, for which docker was primarily invented: deployment of software alien in the environment where it's installed.
<Hackerpcs> the docker container mentioned above has scripts in it to automate the creation of CA, client certs, etc. it takes 6 commands to setup the openvpn server compared to setting it up yourself
<blackflow> yes and when it breaks you'll be left with no knolwedge of how to fix it, because you never understood the process. ;)
<Hackerpcs> Why would it break? It's a docker image regurarly maintained
<blackflow> because software breaks. sooner or later.
<blackflow> even that one:  https://github.com/kylemanna/docker-openvpn/issues
<Hackerpcs> everything has issues, if I encounter one I'll deal with it :)
<blackflow> _anyway_ ... keep in mind docker is probably running it unprivileged by default, so your tests outside of it should reflect that (ie don't run as root). for which it'll need CAP_NET_BIND_SERVICE capability, easily set via systemd unit file
<Hackerpcs> I won't try to run it more from docker, I want to run dnscrypt on two more VPS that doesn't have docker nor need it so I'll take the direct use case on all three
<blackflow> (set via CapabilityBoundingSet   AND  AmbientCapabilities)
<siavoshkc> Hello. I had a wordpress site which was deleted by a mistake. The www folder. Now I reinstalled wordpress and worked on it. Error log of apache says /var/www/kamanacademy.com/public_html/runtime/wp-content/plugins/akismet/.htaccess: Require not allowed here, referer:
<siavoshkc> I investigated the matter and read that AuthConfig should be set and I did it. But problem was still there
<Hackerpcs> Seems more like apache/nginx or wordpress issue to me
<tomreyn> siavoshkc: read http://httpd.apache.org/docs/2.4/howto/htaccess.html#when
<kstenerud> Is there a way in systemd to make an ExecStart line that, if an env var is set to "no", returns 0 rather than running the normal command?
<tomreyn> short version: if you manage the server configuration yourself and can move instructions from the .htraccess file into the vhost configuration, then do it, and disable htaccess. If you cannot (why? should only be the case on shared hosting) then loosen AllowOverride.
<kstenerud> Some kind of ExecStart=if [ "$SHOULD_BE_TRUE" != "true" ]; then return 0; else start_my_daemon; fi
<siavoshkc> tomreyn: Well. Nothing there is done by me. This is one of default plug-ins of WP. It also creates that .htaccess file by itself
<siavoshkc> I am afraid I may not be able to fully discover the reason this plug-in is using .htaccess there. akismet (the plug-in) even creates that file on a Win machine
<tomreyn> siavoshkc: if you instruct apache httpd to ignore htaccess files, then it will also ignore this one. you'd just need to ensure you keep the cofiguration you imported into the vhost up to date.
<siavoshkc> https://termbin.com/f3b0
<tomreyn> siavoshkc: did you read the full "When (not) to use .htaccess files" section of the Apache HTTPd how-to i pointed you to? did you understand it?
<siavoshkc> tomreyn: No. I will. But for now I know that for some reason wordpress uses .htaccess files by design.
<siavoshkc> Cannot config server to ignore them. I added AuthConfig to server conf. This time in the correct ssl conf file. Seems it is fixed.
<siavoshkc> I will check if it is WP general policy or not.
<tomreyn> yes, wordpress provides .htaccess files out of the box. this is because it is often used in shared hosting, where .htaccess files may be the only way (if with a performance impact) to add webserver directives.
<tomreyn> AllowOverride=None would make apache httpd ignore .htaccess files (IIRC)
<tomreyn> i'm trying to help you make your website perform a little better, at the expense of having to review / monitor configuration changes on wordpress upgrades. you can choose not to want this, in which case you should loosen AllowOverride to no longer disallow Require directives in .htaccess files (the alternatvie i also suggested initially).
<tomreyn> this would provide more automation but, on the downside, less oversight / understanding of how wordpress operates.
<tomreyn> general webserver help is also available in #httpd
<tomreyn> (for apache httpd only)
<kstenerud> I'm looking at a package that has tests disabled for armhf due to crashes, but that was back in 2017. If I wanted to check to see if the tests are alright now, how would I do so? Do I need an armhf machine?
<sdeziel> kstenerud: I wonder if tests run in PPAs, if yes, that might fit the bill
<siavoshkc> tomreyn: I understood that .htaccess files should be avoided in my case as I have root access to it (Well proven :-). But I am not capable of reconfig apache right now. I should study more to move configurations from .htaccess files to main conf file.
<tomreyn> siavoshkc: i don't blame you - just moving the configs is really simple though
<tomreyn> this said, it's a good approach to make concious decisions about what one wants to handle and what seems like too much.
<tomreyn> the performance impact is probably one you can handle differently, or may not actually need to handle at all.
<siavoshkc> tomreyn: You know I just understood what is going on here while I was chatting with you. Now I need time to digest this knowledge and investigate .htaccess files to see why they are using too many rewrite rules, how many of them exist and how should I move them to .conf in a controlled manner.
<tomreyn> :) makes sense.
<smoser> rbasak: curious if you'd ever seen this https://git.centos.org/
<smoser> i had not. it looks pretty impressive / workalike
<rbasak> Interesting, thanks!
<sdeziel> I'm trying to use NRPE to monitor Xenial machines from a Bionic Nagios. The NRPE communication fails with "CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with 172.22.30.2: 1". Any idea how to workaround?
<tomreyn> sdeziel: handshake fails - incompatible ssl library versions? you could test with "openssl s_client -connect ip:port" and add extra parameters to limit ssl / tls protocol version and cipher suites.
<tomreyn> or you use a script which automates it, such as testssl, sslyze or the like.
<sdeziel> tomreyn: the pcap shows that is wants to use anon cipher with TLS 1.2
<tomreyn> sounds like you should be filing a bug report
<tomreyn> and tag it "security", that's unless you modified the defaults
<sdeziel> but the README mentions communication problems between 2.15 (Xenial) and Bionic (3.2.1)
<tomreyn> do you have a link, more info on where to find this?
<sdeziel> I always knew NRPE SSL implementation was shitty but this interop problem I cannot workaround
<sdeziel> tomreyn: /usr/share/doc/nagios-nrpe-server/NEWS.Debian.gz on Bionic
<tomreyn> "Because the default SSL support without certificates configured in nrpe.cfg uses pre-generated key data, configuring SSL certificates is strongly advised when STunnel is not used."
<tomreyn> ...sounds dodgy.
<sdeziel> yeah, it is
<sdeziel> telling the agent side (Xenial) to not use SSL make it work
<tomreyn> but i'm not sure what "pre-generated key data" refers to specifically. if this is the snakeoil certificates which are generated individually per system, maybe it's ok.
<sdeziel> but I'd rather not have to reconfigure all my agents
<sdeziel> tomreyn: I think it means compile-time generated key
<tomreyn> i'm afraid so, too. whic i'd consider a security bug, if it is a default config.
<tomreyn> however, this should be mostly unrelated to the issue you're running into
<sdeziel> right
<sdeziel> however shitty the TLS implementation is, I'd like it to work ;)
<tomreyn> i.e. i don't think this explains why anonymous cipher suites are used when TLS *is* used, nor why your handshake fails (unless that's because the smarter end, probably the bionic server, points out that it is not going to connect with an anon cipher)
<tomreyn> with SSL/TLS there are usually two things you can choose between (though this is now finally changing): (1) make it work, (2) make it work in a way that it provides reasonable security
<tomreyn> maybe start with a bug report and we explore it further from there?
<sdeziel> tomreyn: the client side is Bionic and I see the server hello from Xenial just fine. The Bionic client then kills the connection with an alert: handshake failure
<sdeziel> yeah, I'll probably open one if there isn't already, I should have checked before asking here
<tomreyn> and how did you tell it's using an anon cipher?
<sdeziel> LP: #1782650
<ubottu> Launchpad bug 1782650 in nagios-nrpe (Ubuntu) "nrpe plugin in bionic fails with "Error - Could not complete SSL handshake"" [Undecided,New] https://launchpad.net/bugs/1782650
<sdeziel> tomreyn: wireshark
<tomreyn> oh right you mentioned this
<tomreyn> do you see this, too?  "My syslog from the nagios server reports errors such as: check_nrpe: Error: (!log_opts) Could not complete SSL handshake with xxx.xxx.xxx.xxx: dh key too small"
<tomreyn> quote from comment 4
<sdeziel> tomreyn: yes!
<tomreyn> well, 512 bit DH keys were a good thing when time berners lee was doing something useful.
<sdeziel> don't we love export grade ciphers :)
<tomreyn> so i guess the nrpe package in xenial needs a fix which allows it to use longer keys (but maybe doesn't default to it?).
<sdeziel> the server gets to pick the DH key AFAICT so it seems the client side (Bionic) would need to accept such weak keys
<tomreyn> the 'server' here runs on xenial, right? i.e. my current understanding is that the connection is initiated by an ssl client on bionic to something ("agent") running on the xenial system. i'm assumign this because you said "the client side is Bionic and I see the server hello from Xenial just fine."
<sdeziel> correct
<sdeziel> but in TLS, the server picks the DH group and the client agrees or not (kills the connection)
<sdeziel> tomreyn: here's the cipherscan output of the Xenial server: https://paste.ubuntu.com/p/V8ZgrhKgQW/
<tomreyn> so this agent running on xenial, which is the server in the TLS connection, needs to be updated / patched so that it can support, and con be configured to use, 2048-bit DH.
<sdeziel> that would likely introduce regressions if the server was to pick bigger DH params
<sdeziel> which is why I _think_ the new client should be told to support weak DH params to interop with old servers (agents)
<sdeziel> tomreyn: do you know if there is some param to pass to openssl to tell it to not bother with too small DH params?
<tomreyn> you can specify a cipher suite
<tomreyn> but as your scan suggests there is a larger problem which is that there is *only* support for ADH cipher suites
<tomreyn> which basically means you're happy with MitM and don't need to know about it.
<sdeziel> I don't mind the ADH thing
<sdeziel> yeah, I knew that from the get go
<tomreyn> so we should separate between fixing your immediate issue - monitoring not working - and fixing the actual issue - nagios using terrible TLS.
<azx> Hey guys, i'm looking to learn more about linux server management , so i thought the best way to do this would be to set up my own server from scratch and use it to stream my content to my phone, tv, etc
<azx> debating weather i should buy my own vps or set up one on my home network with a spare pc or something
<sdeziel> tomreyn: nrpe supports proper TLS apparently but I don't want to setup a PKI for this :/
<tomreyn> sdeziel: i think the reason you can't convince bionic to use 512 DH will be that its libssl (i'm blindly assuming it uses this for now) will not allow that / no longer supports it.
<sdeziel> tomreyn: yes, that's my understanding of it
<tomreyn> sdeziel: do you have a workaround which works for you, yet?
<tomreyn> my understanding is that you can do clear text, but not sure you want this.
<sdeziel> tomreyn: correct, clear text works but requires to reconfig all the agents
<sdeziel> tomreyn: I've attached my pcap to the LP if you'd like to take a peak (although we already discussed most of it)
<sdeziel> openssl seems to now reject DH < 768 bits
<tomreyn> i don't think you'll get around replacing + reconfiguring all xenial agents if you'd like to actually fix this.
<tomreyn> yes, current libssl sets some slightly elevated, still much too low, new standards, and things break (now obviously, while already broken before really).
<sdeziel> https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=ssl/s3_clnt.c;h=218534734dd7e7467a14d1d0914207a77343e218;hb=refs/heads/OpenSSL_1_0_2-stable#l3611
<sdeziel> so maybe if I can make it use an export grade cipher the client won't reject the 512 bits DH
<sdeziel> but EXPORT ciphers are not available on Bionic
<sdeziel> I'll bite the bullet and reconfig all my agents I guess
<tomreyn> you could also rebuild the bionic 'client' against an older libssl. but... HBD
<sdeziel> tomreyn: yeah, no way ;)
<tomreyn> btw line 20 of https://paste.ubuntu.com/p/V8ZgrhKgQW/ is also a problem, if true.
<tomreyn> so whether nagios does TLS properly would yet have to be seen. i'm a bit happy right now i no longer depend on it.
<sdeziel> I was wonder to switch run check over SSH and ditch NRPE, this might push me into that direction
<tomreyn> sounds error prone and complex, i guess i'd do the PKI rather, if annoying.
<tomreyn> sdeziel: what i don't yet understand is why this popped up for you today
<tomreyn> did you deploy updates one either end?
<sdeziel> tomreyn: I started monitoring my legacy (Xenial) machines
<tomreyn> oh ok
<sdeziel> before those were monitored by an even older NMS (Trusty)
<tomreyn> by the way there is this https://github.com/NagiosEnterprises/nrpe/issues/30
<tomreyn> last post refers to a branch adding "backward-compatible update for SSL/TLS" in enterprise nrpe. maybe this is just what we were looking at initially.
<tomreyn> well this is old, ignore it
<sdeziel> well, if only the old nrpe allowed configuring the cipher list...
<sdeziel> case closed ;)
<sdeziel> tomreyn: many thanks!
<sdeziel> have a good weekend (leaving early :) )
<tomreyn> i'm not sure i added much, but it was 'fun'.
<zzlatev> Hi guys
<zzlatev> Please help me with wireless issue
<lordcirth__> !details | zzlatev
<ubottu> zzlatev: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information; for example, we might need errors, steps, relevant configuration files, Ubuntu version, and hardware information. Use a !pastebin to avoid flooding the channel.
<zzlatev> lordcirth__: I use ubuntu server 16, but I don't have wireless
<zzlatev> Intel(R) Pentium(R) Dual  CPU  T2310  @ 1.46GHz
<zzlatev> network controller: Broadcom Corporation BCM4311 802.11b/g WLAN [14e4:4311] (rev 02)
<zzlatev> I have only wired connection
<zzlatev> lordcirth__: I should install firmware-b43-installer ?
<lordcirth__> zzlatev, this seems to be a complete guide: https://askubuntu.com/questions/55868/installing-broadcom-wireless-drivers
<zzlatev> when I type : lspci -nn -d 14e4:
<zzlatev> it shows: Broadcom Corporation BCM4311 802.11b/g WLAN [14e4:4311] (rev 02)
<zzlatev> without "wireless network adapter"
<zzlatev> Ð»Ð¾Ñ
<zzlatev> lordcirth__:
<sarnold> Ð»Ð¾Ñ == floor?
<lordcirth__> WLAN means wireless
<sarnold> dang. google says "lore". not what I expected, by a lot ;)
<zzlatev> nope, this is bulgarian language, sorry about that
<zzlatev> Ð»Ð¾ÑÐ´ - lord
<zzlatev> lordcirth__: after this, how can I configure wirless settings?
<lordcirth__> zzlatev, What Ubuntu server version?
<zzlatev> 16.04
<lordcirth__> https://askubuntu.com/questions/464507/ubuntu-14-04-server-wifi-wpa2-personal/464552#464552
<zzlatev> I will try
<zzlatev> lordcirth__:
<zzlatev> [   24.265305] b43-phy0: Broadcom 4311 WLAN found (core revision 13)
<zzlatev> how can I check does wifi works
<lordcirth__> zzlatev, did you set it up in /etc/network/interfaces?
<zzlatev> # The loopback network interface
<zzlatev> auto lo
<zzlatev> iface lo inet loopback
<zzlatev> # The primary network interface
<zzlatev> auto enp2s1
<zzlatev> iface enp2s1 inet dhcp
<zzlatev> I have two network interfaces
<zzlatev> lordcirth__:
<lordcirth__> So no, you didn't
<lordcirth__> 'ip addr' will show you what interfaces are available to be used
<zzlatev> lordcirth__: https://pastebin.com/s25E5A6a
<zzlatev> after ip addr
<lordcirth__> zzlatev, so, do the setup I linked, using 'wlan0' as the interface name
<zzlatev> like this:
<zzlatev> auto wlan0
<zzlatev> iface wlan0 inet static
<zzlatev> address 192.168.1.150
<zzlatev> netmask 255.255.255.0
<zzlatev> gateway 192.168.1.1
<zzlatev> wpa-ssid <your_router>
<zzlatev> wpa-psk <your_wpa_key>
<zzlatev> dns-nameservers 8.8.8.8 192.168.1.1
<zzlatev> ?
<lordcirth__> Yes. But please don't paste so many lines to channel, use a pastebin
<zzlatev> OK, sorry
<zzlatev> lordcirth__: after two of already exiting blocks ?
<sarnold> yes
<zzlatev> like this:
<zzlatev> https://pastebin.com/ReDs1u3J
<sarnold> be sure to set the ssid and psk to whatever you actually need
<zzlatev> wpa-ssid Zlatev wpa-psk siriussam
<zzlatev> shoud I use < > ?
<lordcirth__> No, <> is used to indicate "substitute here"
<zzlatev> OK, now I save
<zzlatev> how could I try?
<sarnold> I think: ifup wlan0
<zzlatev> wpa-ssid is network name, right?
<lordcirth__> yes
<zzlatev> RTNETLINK answers: File exists
<zzlatev> Failed to bring up wlan0.
<zzlatev> sarnold: aftr ifup wlan0
<sarnold> is there anything near the end of dmesg output?
<zzlatev> no, only RTNETLINK answers: File exists
<zzlatev> Failed to bring up wlan0.
<lordcirth__> ifdown, then try again?
<zzlatev> lordcirth__:
<zzlatev> ifdown: interface wlan0 not configured
<lordcirth__> zzlatev, ip link set wlan0 down
<lordcirth__> then ifup again
<zzlatev> ifdown: interface wlan0 not configured
<zzlatev> its shows that interface is not configured..
<zzlatev> after ifup : RTNETLINK answers: File exists
<zzlatev> Failed to bring up wlan0.
<zzlatev> lordcirth__: sarnold
<zzlatev> https://pastebin.com/qC6ENgxh
<zzlatev> after : sudo ifdown wlan0 && sudo ifup -v wlan0
<zzlatev> seems like I going somewhere
<zzlatev> I'm*
<lordcirth__> zzlatev, sometimes it says file exists, but still does something. 'ip addr show wlan0;
<sarnold> hmm I wonder if it's that ip route add command that fails
<lordcirth__> '*
<lordcirth__> Ah, yeah, could be that the default route exists already on the ethernet
<lordcirth__> You might want to remove the 'gateway' line
<zzlatev> gateway 192.168.0.1 ?
<sarnold> or try ifdown enp2s1 ?
<lordcirth__> zzlatev, you should only have one gateway line in the file
<zzlatev> after I removed gateway I got the same error
<zzlatev> I have only one gateway line?
<zzlatev> lordcirth__:
<lordcirth__> zzlatev, not sure what's up. what's 'ip route' say?
<zzlatev> ./bin/ip addr add 192.168.0.110/255.255.255.0 broadcast 192.168.0.255 	  dev wlan0 label wlan0
<zzlatev> ./bin/ip link set dev wlan0   up
<zzlatev> https://pastebin.com/dZmiVbuD
<zzlatev> lordcirth__: sarnold
<zzlatev> After I reboot, it doesn't show in dhcp client list
<zzlatev> in my router
<zzlatev> so... i get facked
<sarnold> you configured it for static
<zzlatev> yes, but it doesn't turn on without a lan cable
<zzlatev> sarnold: what do you mean
<sarnold> zzlatev: you gave the wlan0 interface IP address 192.168.0.110 -- so there's no reason for the router's dhcp client list to list this NIC
<zzlatev> sarnold: so what should I set
<sarnold> zzlatev: heh, it's not my network, I don't know what to suggest :)
<sarnold> zzlatev: if you want it static, set it static.. if you want it dhcp, set it to use dhcp :)
<zzlatev> ok
<Epx998> Is there an option I can pass a install to not bother with creating a user?
<teward> Epx998: since root is disabled by default, you don't have a choice but to create a user regardless of the method of installation (whether live server or alternate or preseeded)
<teward> so 'not really' is the answer here.
<tomreyn> i guess if it was a desktop installation you could do an oem install
<teward> ^
#ubuntu-server 2019-02-16
<Exmix> Anyone know a semi-quick/simple way to install OpenVPN on Ubuntu Server(Kinda similar to how PiVPN is easy to install)
<gartral> I have a vm that's inaccessable... it's in emergency and asking for a root password... but as we know, ubuntu doesn't have a default root pass... what do I do here?!?!
<gartral> it's a server 18.04 vm on a xen host (not xenserver, straight xen project), so I can't just boot an ISO, I tried, it doesn't boot
<zzlatev> Hi guys
<zzlatev> A start job is running for raise network interfaces (5 mins 1 sec)
<zzlatev> can you help me
<ren0v0> Hi, when i login via SSH to my server it says "67 packages can be updated", but when I run apt upgrade it says 0 packages to upgrade?
<ren0v0> Seems completely broken somewhere!  https://pastebin.com/ump3RWZu
<ren0v0> can anyone assist?
<ren0v0> Think its the MOTD
<ren0v0> anyone know how to force update it ?
<rbasak> ren0v0: what's the output of running /usr/lib/update-notifier/apt-check? That's what the motd uses.
<rbasak> ren0v0: I think you can remove /var/lib/update-notifier/updates-available but it gets recreated daily (or something like that) anyway
<rbasak> ren0v0: via /etc/update-motd.d/90-updates-available
<technoob> Hi guys
<technoob> Need help
<technoob> I have a problem in installing pihole docker version on ubuntu server 18
<technoob> It says that port 53 is alrrady used
<technoob> Anyone can help me?
<blackflow> technoob: perhaps fix your connection first.
<technoob> How?
<blackflow> technoob: your connection that's making you disconnect from IRC I mean
<technoob> I see
<blackflow> nobody here is gonna play parrots to repeat stuff said when you were disconnected
<technoob> Its because of my phone
<blackflow> that said.... on a certain IP address (like localhost), there can be only one process listening at a port number
<blackflow> by default ubuntu uses systemd-resolved as local resolver (and before that dnsmasq) which are all taking port 53. So if you want something else to listen on that <ip>:<port> combo, you'll have to disable whatever is running right now.
<technoob> My phone keeps on disconnecting sorry
<technoob> I see
<technoob> How do i disable those running? I tried netstat and i see dnsmasq and systemd resolver
<technoob> Those 2 are listening
<blackflow> they can't both be listening on the same ip:port combo
<blackflow> iirc systemd-resolved is not at 127.0.0.1, right?
<technoob> Im not sure what ip it was
<technoob> My server is off right now
<technoob> So couldnt check
<technoob> But dnsmasq and the resolver have different ip
<technoob> But same port
<tomreyn> it listens _of course_ ;-) at 127.0.0.53
<technoob> Backflow
<technoob> blackflow
<blackflow> technoob: alright so, you have two options here. One, use pihole as the only resolver, or two, tell resolved to use pihole as its "upstream" (since resolved is just stub)
<blackflow> option two should be most simple one, requiring only a change in /etc/systemd/resolved.conf, adding a proper DNS= line. That also requires your pihole docker to run at another ip
<technoob> Ill try the easy one
<technoob> So what dns should i add or change in conf
<technoob> blackflow
<blackflow> to the IP where the pihole is listening on
<mybalzitch> why don't you learn to create a network in docker, then have your pihole docker use a specific ip on your network, without having to gut ubuntu's resolv system
<blackflow> there we go.... the parrot game
<mybalzitch> technoob: why don't you learn to create a network in docker, then have your pihole docker use a specific ip on your network, without having to gut ubuntu's resolv system
<blackflow> technoob: and set DNS=   to the IP where the pihole is listening on
<technoob> mybalzitch i see. I could do that too but im really new to sysadmin and alot of things are so confusing
<technoob> Thats why im asking
<technoob> But i will take into consideration your advice as i too also dont like to gut ubuntus default configuration
<technoob> That was the reason why i opted to use a docker so that there is minimal changes done to the original env
<technoob> Forgive me if i have used wrong terms
<technoob> blackflow thanks ill try that maybe later as i need to get some shut eye
<kab0m> Hi everyone.
<kab0m> What is the best way to setup a VM as a vpn-router? has someone a guide on hand? I tried now serveral times and problems with dnsmasq openvpn and dnsleaks are coming back, im stuck.
<blackflow> kab0m: debian or ubuntu. last you asked about resolv.conf was for debian. the two have very different default network settings paradigms.
<kab0m> blackflow: i tried with both debian and ubuntu...no success so far...atm im happy with any of those two systems.i just need to get things running
<kab0m> *i would be hapyp with guides for any of those systems
<blackflow> kab0m: what I'd personally do, and what I _do_ actually, is replace the default resolving stack wiht a local bind resolver. you can use unbound as well. which includes a static /etc/resolv.conf . most flexible, best control, no leaks.   In contrast, there's been a plenty of reports about systemd-resolved not playing nicely with VPNs
<blackflow> default stuffs in ubuntu are complex layers upon layers of reinvented or badly invented software.
<kab0m> blackflow: thanks for the hints ;) do you maybe have a guide or a tutorial which i can use to start with?
<blackflow> nothing in my bookmarks, sorry
<tomreyn> Pici: we miss ubottu - could you have a look?
<kab0m> is there a minimum disksize for a ubuntu-server installation? because i tried with 5gb and i couldn't select the disk as it is greyed out in the installer?
<Ussat> thats a bit small
<Ussat> I mean disk is cheap......I would think at least 20
<kab0m> Ussat: i think 20gig a bit overpowered for a little service thats running on this thing.
<Ussat> well then choose what you want
<Ussat> like I said disk is cheap
<kab0m> https://help.ubuntu.com/community/Installation/SystemRequirements#Ubuntu_Server_.28CLI.29_Installation states 5GB should be enough...but the installer says nothing about
<Ussat> ...
<kab0m> Ussat: btw its a VM
<Ussat> so use 10
<tomreyn> 10 works fine for a basic installation without many services
<kab0m> 10G was the key, thanks Ussat and tomreyn
<Ussat> I just thin provision all my vm's and dont worry about it. If you give it 100G it doesnt matter, only uses what it needs
<tomreyn> thanks Pici, it's back
<RoyK> kab0m: 2GB should do for a server - I have that on a few VMs
<RoyK> the base install for a server takes up 1GB or perhaps 1,2GB
<RoyK> plus swap
<kab0m> RoyK: Strange...i couldn't install it with 5GB as the installer greyed out the disk and i had to up the size to at least 9GB..how did you pass the ubuntu-server installer with that small disk?
<RoyK> you want a bit of swap
<RoyK> kab0m: was this the new installer or the old one?
<kab0m> RoyK: the latest ubuntu-18.04.2-live-server-amd64.iso
<RoyK> use the old installer
<RoyK> you really don't need nine gigs for a basic server installation
<kab0m> which one is the installer and what exactly is the difference?
<RoyK> and then - take a copy of that installation and use it again
<RoyK> the new installer is fancy and flashy and - well - sucks
<RoyK> they made a new one to make everything flashy and forgot about making it useful
<mybalzitch> hate it when that happens
<RoyK> even for ubuntu desktop, you won't need 9 gigs for a base install
<kab0m> RoyK: Ok good to know :D where can i find the "old" installer? and does it have any disadvantages?
<kab0m> RoyK: LOL iirc the desktop installer now requires at least 20GB ore something like that? ^^
<kab0m> its just insane
<RoyK> kab0m: "traditional installer" on ubuntu.com download
<RoyK> kab0m: that's just  bit weird
<f2600> anyone here
<RoyK> o/
<tomreyn> no
<f2600> looking for websites or book recommendations that go in depth on securing 18.04. My searches give pretty basic security info and looking to see if community has some recommendations
<kab0m> RoyK: well, i fell for the shiny new installer as canonical has hidden the traditional very well on their download page as i see now^^
<rbasak> It's because the installer uses an image which is generated at 8G.
<rbasak> If you're using a VM, using an installer is like being in the dark ages. Use a cloud image.
<rbasak> kab0m, RoyK: ^
<kab0m> rbasak: ahhh thanks for the insight. ahm ok, where can i find the cloud images...also on ubuntu.com?
<rbasak> cloud-images.ubuntu.com, but rather than using it direct, use tooling that uses an image.
<rbasak> Try vagrant or multipass or uvtool.
<kab0m> rbasak: tbh i have my vms running in virtualbox lol i guess something like unraid etc would be a better idea...but that would mean i would have to migrate everything, which i try to avoid atm
<rbasak> vagrant supports virtualbox natively I think.
<rbasak> Though vagrant images aren't suitable for production use unless they've changed how they do things.
<kab0m> rbasak: is vagrant some kind of esxi vsphere clone?
<ec0> vagrant is a tool for automating VM install and configuration
<ec0> it has a virtualbox provider by default, but there's also other ones. I use the libvirt provider quite often to bring up VMs on KVM for testing purposes.
<ec0> the ISOs for the installer are also pretty easy to snag from archive.ubuntu.com
<kab0m> thanks ec0
<ec0> no problem!
<Exmix> So obviously I have UFW enabled on my Ubuntu Server, i have it to allow SSH, and Apache as I use it as a Web Server and a SFTP Server. I recently installed PiHole onto it so I can use my RaspberryPi for other nifty and fun things. Anyway, since I have the PiHole as my DHCP server and such, I would need to allow ports 67, and 68 correct? Would I also need to allow DNS(53)?
<mybalzitch> yes if you are serving dns to the restof the network
<mybalzitch> (which you probably will want to)
<Exmix> Ok, Thank you. Now my other question is, if I 'ufw allow 67' it will add it to v6 as well, is that necessary or is there a way not add it to v6
<Exmix> or does it really not matter?
<OerHeks> Exmix, no, The excellent thing about UFW is that enables the firewall on both IP stacks
<Exmix> So it doesn't matter if the v6 is there or not, gotcha. Thanks OerHeks
#ubuntu-server 2019-02-17
<Exmix> So, issue, I have ufw enabled, port 53, 67, 68, and 80 set to allow. I turn the WiFi off on my Phone and Laptop, the back on, they can't get am IP address, I disable UFW and they can connect no issue
<Exmix> Cancel that. Got it working.
<greenbarca2001> hi guys, I have a DNS problem that I've spent hours trying to fix
<greenbarca2001> I'm trying to make a subdomain and I created the proper DNS entries but I still cannot connect to the subdomain, it's not pinging
<greenbarca2001> if someone could help me out that would be greatly appreciated
<Marz> i am curious why use ubuntu server over debian?
<sveta> Marz: ubuntu will become deprecated and replaced with debian in about a month, if I am not mistaken
<sveta> Marz: wait no, sorry ignore it - wrong channel
<sveta> Marz: there is a project which phases out ubuntu in favour of debian in the next tab, so it's not related to your question :-/
<sveta> Marz: re your question, ubuntu server probably has some more drivers and some fresher packages compared with debian, so it may work better on some hardware on which debian faces problems
<Deihmos> I thought they were pretty much the same
<qman__> there are quite a few differences, mostly in available software selection, but also kernels, release schedule, etc
<sveta> Deihmos: debian moves non-free drivers and software to non-free. this is not available for use during the install process. this means installation on servers with proprietary wifi or ethernet firmware becomes difficult. of course while using debian you get the benefit of knowing what is free and what isn't
<sveta> Deihmos: debian is a bit more ancient too - it prefers to have more stability. this means less fresh packages compared with ubuntu. they even go as far as having version, say, 34 of some package, version 38 has an important security related fix, and yet thy don't add version 38 to the debian distribution, instead they patch version 34 to address the security issue
<Deihmos> when you log into ubuntu server you get a message with how many updates are available and system load
<Deihmos> how can i add that to another install?
<Deihmos> got it. message of the day
<sera_denoir> looking for some input on configuring rtpg-www on Bionic Server.  I got rtorrent install and confirmed working, used the (very dated) info from here to theoretically get the apache page set up righ https://ubuntuforums.org/showthread.php?t=1376455&p=8710408#post8710408 ... but I can't get a working web page (best I've gotten so far is what looks like a perl script in plain text in my browser)
<tomreyn> sera_denoir: the info there is very dated because rtpg-www is. this doesn't mean it can't be ade to work, it most likely can be. did you also consider alternatives? 'flood' (a much newer nodejs based rtorrent web ui) is not packaged, which is a big minus, but apparently it is not too difficult to setup.
<tomreyn> sera_denoir: this said, while you keep working on rtpg-www, have a look at the documentation and example configurations it *may* provide (like any package can) in /usr/share/doc/rtpg-www
<sera_denoir> tomreyn: i'll look into it.  I figured I'd start with rtpg because it -was- packaged and i did find references, just very dated ones
<tomreyn> yes, this may well make sense
<tomreyn> i'm not terribly fond of the nodejs / npm ecosystem myself.
<sera_denoir> do we happen to know if rtorrent from canonical is compiled with the xmlprc configuration?
<tomreyn> rtorrent is in universe, so community maintained
<sera_denoir> fair enough, just still not sure if it was compiled with that config
<tomreyn> i don't know. but you can have a look at the build logs on launchpad.net, or review the patches applied to it, and review the open bug reports, too. https://packages.ubuntu.com/bionic/rtorrent https://launchpad.net/ubuntu/+source/rtorrent/+bugs
<tomreyn> this package seems to be imported from debian by the way, so maybe start your inspection there.
<sera_denoir> Thanks ... sorry, this is pretty far outside of my normal experience ... just trying to figure out if i can use what I have already or if i'll need to purge and compile from source ... my gut is telling me  that function is available, but ...
<tomreyn> i know nothing about rtorrent or thie web ui really, so can't answer specific questions other than by pointing you to where you may find more info.
<sera_denoir> yeah ... i have to say that untouched bug reports dating back 4 1/2 years minimum doesn't encourage me very much ... might look and see if i can find a more maintained option that isn't transmission
<tomreyn> according to this debian build log of the same version you have in bionic, they build --with-xmlrpc-c https://buildd.debian.org/status/fetch.php?pkg=rtorrent&arch=amd64&ver=0.9.6-3%2Bb1&stamp=1526547539&raw=0
<tomreyn> and here's the latest ubuntu build log for the bionic version https://launchpadlibrarian.net/358914523/buildlog_ubuntu-bionic-amd64.rtorrent_0.9.6-3build1_BUILDING.txt.gz
<tomreyn> also --with-xmlrpc-c
<tomreyn> sera_denoir: generally, if you access the packages.ubuntu.com page for a given package like this https://packages.ubuntu.com/search?keywords=rtpg-www and notice that all ubuntu version soffer the same version, that's a good indication that you should look for alternatives.
<tomreyn> *all ubuntu versions offer the same package version
<sera_denoir> yikes ... good to know, yeah
<sera_denoir> tomreyn: qbittorrent-nox seems to be everything i need, and really easy ... apt-get, at it to crontab on @reboot ... it packages it's own webui
<tomreyn> cool
<tomreyn> glad you found a solution which works for you.
<sera_denoir> yep, and thanks a bunch for the education!
<azx> can i install ubuntu server on my rasberry pi model 3 and use it as a NAS?
<azx> or would that be a bad idea and i should buy a standalone nas
<azx> or build a new pc for a nas
<azx> i want to use ubuntu server to set up a nas somehow but i can'
<azx> just buy a nas and install ubuntu server on it
<azx> they have their own proprietary nas OS like freenas etc
<azx> uh, not freenas but you know what i mean, anything other than freenas is proprietary
<azx> and i'm not looking for that freenas or nas os experience i want to have the versatility of ubuntu server
<azx> less user friendly and more control to do stuff
<azx> i was thinking about buying a intel nuc for my nas but it doesn't have drive bays and im not sure how to set that up since i can't install a raid card on it
<tomreyn> azx: generally, you can install ubuntu on many devices. which one you should buy to make a NAS out of it is not the topic of this channel, but we can discuss in #ubuntu-offtopic if you'll join
<azx> ok, thank you!
#ubuntu-server 2020-02-10
<Intelo> I want if some.site.com/nfe/something to land on localhost:5321/something. Line 9 onwards, what do I need to add? https://pastebin.ubuntu.com/p/VNFh9fBgjG/
<ducasse> Intelo: please don't crosspost, it's rude and unnecessary
<Intelo> ducasse, hm. its a simple question but I wonder why no one knows abou tit
<lordievader> Intelo: You might want to give some details on how you are trying to accomplish this. Is that config your pasted Apache/Nginx/HAproxy, etc...
<lordievader> From experience, this is trivial in HAproxy (as it it designed to do precisely this)
<Intelo> lordievader, nginx
<lordievader> Hrmm, I don't know enough about nginx. I suppose googling for reverese proxies and nginx will help you though.
<cpaelzer> coreycb: on libvirt ada268012a03b9be83756aba2c0e14d206f5e70f did you just revert that on the backport or did you do anything different?
<cpaelzer> you said "witching to LC_CTYPE=C.UTF-8 in the backport fixes it" but that could be doen so many way that I thought I better ask to know about it
<coreycb> cpaelzer: just on the backport since it's only a py36 issue
<cpaelzer> coreycb: I have a backport for Bionci to do as well
<cpaelzer> actually is there a git repo anywhere of the UCA branches?
<cpaelzer> that might be easier than asking you each time :-)
<coreycb> cpaelzer: we carry the patches (debdiffs) in lp:~ubuntu-cloud-archive/ubuntu/+source/ca-patches/ussuri so if you want to update it feel free and I'll apply it
<cpaelzer> coreycb: thanks I can grab from there what I'll need
<cpaelzer> coreycb: if I spot anything you lack I'll let you know
<coreycb> cpaelzer: thanks
<friendlyguy> Hi! I am trying to add a ppa to a ubuntu lts server 18.04.4. this is what happens to me: https://paste.ubuntu.com/p/m8SmVzvsdg/
<friendlyguy> i checked the time: synced via ntp, is correct
<friendlyguy> i also did a "sudo apt-get install --reinstall ca-certificates && sudo update-ca-certificates"
<friendlyguy> yet the result is still the same
<friendlyguy> any idea whats going wrong?
<lordievader> friendlyguy: What is your locale?
<lordievader> ?="set to?"
<lordievader> Ah, wait. Nvm. its a: SSL_ERROR_BAD_CERT_DOMAIN
<lordievader> See https://ppa.launchpad.net/ondrej/php/ubuntu/
<lordievader> ^  your browser should refuse ;)
<lordievader> The cert presented is for `private-ppa.launchpad.net` not for `ppa.launchpad.net` which the ppa uses.
<lordievader> friendlyguy: You can work around this by manually adding `deb http://ppa.launchpad.net/ondrej/php/ubuntu YOUR_UBUNTU_VERSION_HERE main ` to your sources (ofcourse with the correct version).
<coreycb> cpaelzer: think I should just update kombu now for the importlib metadata switch?
<cpaelzer> coreycb: you can wait until after python3-defaults is complete
<cpaelzer> OR
<cpaelzer> you can prep and upload it now and then the release of that upload would be blocked until python3-defaults migrates
<cpaelzer> coreycb: the timing is up to you whatever fit you better
<cpaelzer> coreycb: the only thing not to happen is that kombu stays as-is until after FF
<coreycb> cpaelzer: ok I think I'll just do the latter and get it moving along
<cpaelzer> yeah that sounds safer IMHO
<friendlyguy> lordievader: thanks for the hint, thats what i did as workaround. lang is de_DE.UTF-8
<friendlyguy> do you think thats the problem?
<lordievader> friendlyguy: That was what I thought at first, seeing the ppa page. But my other messages show the real problem.
<friendlyguy> lordievader: aaaah... you are right.
<friendlyguy> thought it must be my old and rusty system
<friendlyguy> and the source isnt even https, thats why it worked after adding it manually
<friendlyguy> lordievader: thanks for your help... :)
<lordievader> No problem
<friendlyguy> still, greatly appreciated :)
<hellsworth> hey folks. i'm on the desktop team, trying to reproduce a bug locally that requires a working kerberos environment. is there a kerberos server somewhere in our infra I could use? my team suggested yall might know :)
<hellsworth> i could go through with setting one up but it seemed like a pain if i didn't need to
<pragmaticenigma> hellsworth: Might want to ask for clarification from your team... I don't think the devs monitor this channel for ubuntu-server developement
<hellsworth> ah ok thanks
<hellsworth> is there a better channel then?
<pragmaticenigma> hellsworth: what team are you representing exactly? Missing a lot of information about who you are and what you're trying to do
<hellsworth> i'm on the ubuntu desktop team, under ken vandine. i'm the new maintainer of libreoffice for ubuntu and am trying to reproduce a bug (#1862027).
<hellsworth> the setup for reproducing requires a kerberos server/client environment
<hellsworth> it seems to be somewhat of a pain to setup a kerberos server so i was looking for an internal one to use if that's an option
<powersj> hellsworth, there are some notes in the server guide, but I don't think we have updated that page yet
<hellsworth> if that's not an option, that's fine. but wanted to check
<pragmaticenigma> hellsworth: the only public channel I'm aware of for Ubuntu Development is #ubuntu-devel
<hellsworth> powersj: link?
<powersj> https://ubuntu.com/server/docs/service-kerberos
<hellsworth> ok thanks i'll just set my own up then.
<hellsworth> powersj: and i'm happy to provide updates to this page too
<hellsworth> pragmaticenigma: the main public channel for the desktop team is #ubuntu-desktop (freenode)
<rbasak> bryce: looks like https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/377381 (recursive-dot-git-escaping) failed CI because of the lazr.restfulclient pin that we already fixed in master. Would you be happy for me to just rebase the branch on master?
<bryce> yeah it lgtm other than that, I was just now looking at it in fact
<rbasak> OK I'll rebase to master and force-push
<rbasak> I'd like to see CI green before merging
<rbasak> Done. That should retrigger CI.
<bryce> next looking at the changelog-parents branch, then breakfast
<bryce> ah, this is a big one
<rbasak> Yeah. Maybe breakfast first :)
<bryce> agreed, ok bbiab
<rbasak> bryce: a bit late now, but https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/378829 is more of a before-breakfast MP :)
<rbasak> Argh, I based that on the wrong commit. Force pushed a fix now.
#ubuntu-server 2020-02-11
<cgi> I am looking for a solution for syncing a remote webserver directory to my desktop so that I can edit it, and it automatically syncs. The remote directory is a git repo. sshfs is too slow.
<sarnold> most people use rsync for this
<sarnold> but git complicates things
<sarnold> what's wrong with git?
<cgi> sarnold, git complicates things too - bare/full/mirror/...
<cgi> rsync is slow
<cgi> sshfs is slow too
<sarnold> cgi: you could also use zfs datasets and just send the diffs between the systems; that would save rsync having to look into all million files..
<andol> Hmm, the most recent ubuntu/bionic64 Vagrant image appear to be a bit borky.
<andol> https://paste.ubuntu.com/p/XNyJ8RnG3g/
<andol> Best place to bring that up?
<lordievader> Good morning
<jamespage> coreycb: looking at improving the autopkgtest failures for ironic
<jamespage> tests rather - to remove the failures :-)
<coreycb> jamespage: ack, thanks
<arif-ali> what's the current state of focal for raspberry pi, I ran the daily from iso.qa.u.c, and setting up a bridge using netplan doesn't seem to be working after reboot, is that a known issue? Is this the best channel for this?
<lotuspsychje> arif-ali: see also #ubuntu+1 for 20.04 support
<tangarora_> as per the documentation here: https://discourse.ubuntu.com/t/please-review-design-for-automated-server-installs/11923
<tangarora_> I am submitting my suggestion here: plese make a tool or allow the subiquity to import preseed files.
<xibalba> i want to make an alias that i can pass a string into, but struggling w/the syntax. any bash ninjas know how i can foix this --- alias pingasite="grep -i \"$1\" /etc/hosts | awk '{print $2}" | xargs fping"
<xibalba> thats supposed to be a single quote at the end of the awk section
<xibalba> a function was a better method for this
<tangarora_> yes a function is likely better... because you can pass args to a function.
<xibalba> thought i could pass args to an alias but i think i can only pass them to the end
<xibalba> like the following, alias findanode='node-command --list-nodes|grep -A 1 -i' , but i guess i'm not passing a variable my search term just comes at the end
<sarnold> xibalba: yeah I think aliases only let you add things to the end; I remember fighting this a few months back and coming to the conclusion that a function was the better answer
<sdeziel> xibalba: I would suggest using "getent hosts" instead of grepping /etc/hosts, seems more robust
<xibalba> then grep off of the `getent hosts` output ?
<sdeziel> xibalba: scratch that, it ends up doing DNS requests
<xibalba> yeh it's sad i use a hosts file
<sdeziel> xibalba: that said, by default "getent hosts" looks up /etc/hosts first then do DNS so it might still work for you
<xibalba> thanks sdeziel i'll try it with that option and see how that works
<sdeziel> xibalba: the advantage is that you will only get a single result for a name that matches in full, while grep would have match on partial strings as well
#ubuntu-server 2020-02-12
<turova> hello! I'm trying to install ubuntu server as an OEM install on proxmox and while I see the option when I press F4, it seems to just direct me to the standard installer
<turova> anyone know what I can do?
<turova> this is for 18.04lts
<turova> I used the alternative installer and while I'm having an issue with networking, it did seem to do the oem install correctly
<dinkoarun> Hi, since the last week, a random command has been run by postgres user that his hogging a lot of CPU. It is not showing in the pg_stat_activity. I suspect it is some sort of malware, but I am unable to diagnose it. Can someone help? I am using it on Ubuntu 16.04 server. Postgres 9.5
<dinkoarun> 	It is running even when postgres service is stopped.
<xibalba> sha256sum the binary
<xibalba> google the hash
<xibalba> see what you get
<xibalba> probably normal
<dinkoarun> <xibalba> Are you answering my question?
<lordievader> Good morning
<alunazero> good morning
<lordievader> dinkoarun: That is one way to go about it. Another would be to check where the program is coming from (if it ain't from a package it is a suspect, if it is from a package... has the binary been modified?)
<dinkoarun> <lordievader> clamav found two infected files and removed it. It has been 3 hours. There has been no instance of malware issue till now. Here is the link to clamav results. https://ibin.co/5C4AfTUGD2FI.png
<avu> dinkoarun: if you know a system has been compromised, re-installing it from scratch is really the only way to be sure to get it back to a known clean state (although I wouldn't say that "clamav found something" and "system is known to be compromised" are the same thing ;))
<lotuspsychje> dinkoarun: keep in mind not all clamav founds are real malware, sometimes they are false postives, check your result logs
<dinkoarun> ok. thanks for your feedback
<jamespage> coreycb: I completed https://bugs.launchpad.net/ubuntu/+source/python-tabulate/+bug/1862773
<ubottu> Launchpad bug 1862773 in python-tabulate (Ubuntu) "[MIR] python-tabulate (dependency of cinder)" [High,New]
<jamespage> however one project jumping first this late in cycle was not super helpful
<coreycb> jamespage: our cinder snapshot got delayed quite a bit this cycle so it's probably on us
<coreycb> jamespage: thanks for that
<coreycb> jamespage: fyi bug for nova autopkgtest failure. the new python3 default is starting to expose python3.8 issues. https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1863021
<ubottu> Launchpad bug 1863021 in nova (Ubuntu) "eventlet monkey patch results in assert len(_active) == 1 AssertionError" [High,Triaged]
<TwistedBlizzard> Hi all, I'm trying to do load balancing across 2 network interfaces - all the tutorials I can find are out of date and do not use network-manager and make reference to the old network interface naming scheme.
<tds> what do you mean by load balancing exactly? bonding?
<TwistedBlizzard> Yes, sorry
<tds> are you definitely using network-manager? modern ubuntu server installs will do netplan by default
<TwistedBlizzard> Ah right - That explains why I couldn't restart the service
<tds> you probably want something like the example here - https://netplan.io/examples#configuring-interface-bonding
<tds> then `netplan apply` when you're done
<TwistedBlizzard> Thank you!
<tds> oh, and assuming you're doing real lacp rather than round robin, you can see the example for 802.3ad a bit further down the page
<TwistedBlizzard> 802.3ad is what I've been looking for, thanks again - my routers are using vlan - is that a better way of achieving what I want?
<tds> what do you mean by that exactly? vlans and lacp are different things
<tds> (though running vlans over a bond is quite common, and is often sensible)
<TwistedBlizzard> Right, I'm going entirely from what I've read on google so a lot of my understanding is probably inaccurate. I got a second broadband connection installed to my home and bought a bonding router in order to combine them. The router just died and I'm trying to recreate what it does on my ubuntu server box.
<sarnold> does your provider offer 802.3ad over these two connections directly?
<TwistedBlizzard> I don't know, maybe? If not, a friend of mine said that I can use his node(?) in order to bond the connections.
<TwistedBlizzard> I know that before, I had to use multiple connections for upload/download to get the combined speed.
<tds> unless your provider has explicitly told you that they support 802.3ad, it seems unlikely that they do
<tds> for a pair of normal residential connections, you could probably achieve much the same with an ecmp default route between them though
<TwistedBlizzard> Is there information on how to do that on the link you posted earlier?
<tds> i'm not sure netplan provides support for that at all
#ubuntu-server 2020-02-13
<lordievader> Good morning
<apurkrt> hello - how to upgrade kernel (semi)automatically, when I do not want to use "apt-get dist-upgrade"?
<apurkrt> simple "apt-get upgrade" won't touch kernel
<rbasak> apurkrt: why don't you want to use apt-get dist-upgrade?
<apurkrt> scared it could remove some packages... found some superficial info that "upgrade" is safer
<apurkrt> rbasak: ^^
<sdeziel> apurkrt: "apt-get dist-upgrade -V" will show you a nice overview of what it would like to do and will let you accept or abort
<sdeziel> I find "-V" to be easier to visualize
<rbasak> apurkrt: so there are effectively three settings here: 1) no new package additions or removals; 2) new package additions but no removals; 3) allow package additions _and_ removals
<rbasak> apt-get has a simple CLI for 1 and 3 (upgrade and dist-upgrade). Achieving 2 via apt-get requires setting apt_preferences manually AFAIK
<apurkrt> sdeziel: thanks!
<apurkrt> rbasak: ok listening
<rbasak> apurkrt: "apt upgrade" will do 2, but it isn't intended for automated use yet (unstable CLI).
<rbasak> So if you care and really want 2, then you need to write your own apt_preferences file I think
<rbasak> See apt_preferences(5).
<rbasak> However, I wouldn't worry about the difference between 2 and 3 if you're using a stable Ubuntu release and don't have third party repositories enabled that will mess with you.
 * apurkrt looking into it now
<apurkrt> rbasak: ok
<apurkrt> rbasak: thank you very much!
<rbasak> I might have missed some easier way to achieve 2 with apt-get.
<rbasak> You're welcome!
<apurkrt> after logging in to ubuntu, I see "X packages can be updated.". How this works? This imo requires running "apt-get update" regularly - but grepping for in in /etc I do not see it set in /etc/cron.{hourly,daily,weekly}
<pragmaticenigma> apurkrt: it's not using apt-get to perform the check
<rbasak> apurkrt: look up update-motd.d
<pragmaticenigma> rbasak: That's just the notification... not the cause
<rbasak> apurkrt: /etc/update-motd.d/90-updates-available
<weedmic> apurkrt: i do not understand what you want, do you want the process to list, then upgrade the items, or to set when they are checked for?
<oerheks> i htink it is part of MOTD ?  /etc/update-motd.d/90-updates-available
<pragmaticenigma> no no no no no
<pragmaticenigma> that's not what they're looking for guys
<oerheks> https://linuxconfig.org/how-to-change-welcome-message-motd-on-ubuntu-18-04-server
<rbasak> From the update-notifier-common package
<apurkrt> I'm basically just interested how it works
<rbasak> /etc/cron.daily/update-notifier-common
<pragmaticenigma> rbasak: /etc/apt/apt.conf.d/10periodic
<pragmaticenigma> https://www.garron.me/en/linux/turn-off-stop-ubuntu-automatic-update.html
<rbasak> pragmaticenigma: I know how it works. I'm trying to provide information about the trail to help with the big picture.
<pragmaticenigma> I have no idea what you mean by that rbasak
<pragmaticenigma> sorry... meant tag the requestor
<pragmaticenigma> apurkrt: in file /etc/apt/apt.conf.d/10periodic there is a setting "APT::Periodic::Update-Package-Lists" ... switch its value to zero
<pragmaticenigma> apurkrt: https://www.garron.me/en/linux/turn-off-stop-ubuntu-automatic-update.html
<rbasak> He didn't ask how to turn it off.
<pragmaticenigma> rbasak: Perhaps not, but he was looking for where the setting was
<rbasak> He asked how it works, not where the setting was.
<rbasak> But anyway, I'm not going to argue.
<rbasak> I'll leave it to you to help as needed, thanks.
<pragmaticenigma> the config file is how it works... it's part of apt configuration which triggers all the rest of the behaviors they were discussing
<apurkrt> thank you all!
<Elzington> I'm curious how this works too. How does the system know that there are "X packages can be updated" when you first log into the system prior to running the command "apt-get update"? Does it run when you first log in?
<oerheks> Elzington, see the url, it contains a script that looks for new update packages
<Elzington> thanks
<oerheks> some complain about the 50-motd-news thingy ..
<oerheks> phone home, et!
<pragmaticenigma> Elzington: Apt is setup to periodically check for updates. There is a script that is located as part of login motd that will check if apt has left a flag indicating there are updateable packages
<Elzington> pragmaticenigma: thanks! that is interesting to know
<Elzington> oerheks: Yeah, I can see why there would be concern with it automatically on all the time
<pragmaticenigma> I disable them only because they slow down the login process
<Elzington> That's a good point! I'll have to consider this now
<oerheks> :-)
<pragmaticenigma> the *motd-news does at least cache its response locally... so it doesn't do it every login
#ubuntu-server 2020-02-14
<aeon90> when installing slurm on ubuntu 18.04, how are you supposed to start slurmd and slurmctld? I can start them manually in the terminal, but systemd fails to start them, they simply time out
<frickler> jamespage: coreycb: just stumbled about this old issue when updating our cookbooks for stein, any chance this still can get resolved? https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1567935
<ubottu> Launchpad bug 1567935 in nova (Ubuntu) "nova-compute-libvirt should not depend on open-iscsi" [Low,Triaged]
<teward> does anyone know if the Apache web server sets up `www-data` user if the user/group don't already exist?
<teward> need some server team input on some things
<teward> cc sarnold
<rbasak> teward: I'm not sure without looking, but you might find https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes helpful.
<teward> yeah i know those classes...
<teward> rbasak: the core problem is...
<teward> bug #1860388
<ubottu> bug 1860388 in nginx (Ubuntu) "MAAS fails clean install www-data user does not exist due to nginx requirement" [Undecided,Incomplete] https://launchpad.net/bugs/1860388
<teward> where MaaS deploy fails because user removed www-data
<teward> question is whether there's anything stopping us from recreating it, though I'm not fond of 'forcing' a user into existence if it's been removed by another process
<teward> (the core problem there is there's some atypical 'user provided hardened ubuntu image' that has the default users in 0-99 UID groups stripped out
<teward> and that's caused the issue.  Not sure it's an *nginx package fixable issue* though)
<rbasak> Is www-data created by base-files?
<teward> not sure
<rbasak> It might be the installer
<rbasak> https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes says only that "new ids in this range being added automatically as the base-passwd package is updated"
<teward> base-passwd is different than base-files at source
<rbasak> I'd say the bug is invalid then, just on the basis that www-data is globally allocated and is in passwd and group of all Debian systems by Debian policy. Removing that breaks your system and it's reasonable for packages to assume that they are present.
<teward> checking base-passwd
<rbasak> I can write that in the bug if you like.
<teward> www-data is created by base-passwd
<teward> so then yes, this would be a 'you broke your system' state.
<teward> please do
<teward> you'll word it better than I will :P
<teward> *is exhausted*
<teward> rbasak: mdeslaur at 'a glance' seems to agree with us that this is User Error
<teward> and not something the packages should be fixing esp. since base-passwd populates those user datas, and not something we should be fixing if the user wants to torch their system :p
<teward> which means that's the basis of 'Invalid'.  Have fun writing it up, I'm going to go find the nearest hard surface to blast my head through (E:ROUGHWEEK)
<teward> rbasak: mdeslaur: well, this is explicitly *in* the Debian Policy:  Packages other than base-passwd must not modify /etc/passwd, /etc/shadow, /etc/group or /etc/gshadow.   **In theory** we could reject on that, since nginx asserting www-data exists would alter those files.  (9.2.1)
<teward> esp. if it has to add that.  Ultimately, still user error :P
<mdeslaur> well, I think that means modify the files directly without using a tool
<rbasak> Yeah - plenty of packages modify /etc/passwd (indirectly) to ensure that a user they need exists
<rbasak> If you want to use that interpretation, all those packages would be buggy and there'd be no way for packaging to do that.
<teward> true.  (I'm tired, sue me xD)
<rbasak> I have commented on the bug and marked it Invalid for nginx
<teward> thank you very much
<teward> *goes to find the largest cup of coffee he can in the workplace to consume it*
<mdeslaur> teward: sounds like you need a shot of espresso with a coffee chaser ;)
<teward> nah what i need is an extra five hours sleep
<teward> if i had my way i'd have five shots of espresso
<teward> three lattes
<teward> and coffee
<supaman> on a computer using ufw, would ufw deny IP, deny all connections from that computer to that IP?
<Chuckfu> question, I have a ubuntu server 18.04 I have enable ufw and am trying to receive mail from an application who's log says the connection is being refused, I added port 587 by doing the following as root ufw allow 587/tcp says it updates any ideas
<Chuckfu> beware I am a newbie trying to learn this by doing
<supaman> Chuckfu: if you issue 'sudo ufw status' you should see a line on the note of '587    ALLOW    Anywhere'
<Chuckfu> it show it ALLOW anywhere, but a telnet into that port 587 is still refused while on another system connect fine, really weird, probably something small I'm missing
<jdstrand> Chuckfu: you should be able to see if another port needs to be opened (eg, port 25) too by looking at firewall denials in /var/log/ufw.log or dmesg
<Chuckfu> I'll do
<supaman> that depends on loglevel right?
<Chuckfu> when I make change to ufw do I need to restart it
<Chuckfu> ufw that is
<supaman> I have mine set to low and don't see any logging when I issue a command that is blocked by firewall
<Chuckfu> how did you set it to low
<supaman> Chuckfu: nope, don't need to do that. ufw updaes the iptables immediately
<supaman> Chuckfu: issuing 'ufw logging low'
<Chuckfu> humm but when trouble shooting I should leave it like it is too see issues right
<supaman> Chuckfu: if log level is set to high or medium then yes
<Chuckfu> what is the command to see what level its at I have not done anything but add ports to it
<Chuckfu> is there someway of filtering to only see port 587 block
<supaman> Chuckfu: too see the current level look in /etc/ufw/ufw.conf
<jdstrand> supaman: yes, but the default loglevel is low, which will show some stuff
<jdstrand> "logs all blocked packets not matching the defined policy (with rate limiting), as well as packets matching logged rules"
<Chuckfu> screwed up I did a nano ufw.log | grep "BLOCK" seems froze right now
<jdstrand> they might be redirected somewhere
<jdstrand> Chuckfu: ctrl+c that
<Chuckfu> yeah nothing
<jdstrand> Chuckfu: just do: grep "BLOCK" /var/log/ufw.log
<Chuckfu> it locked up, oh well thats how you learn
<supaman> Chuckfu: do ctrl-x
<supaman> that exits nano
<Chuckfu> nada
<supaman> hmmm
<Chuckfu> lol I just cold rebooted  not good, hopefully I didn't blow it up
<supaman> :-)
<supaman> it should have been in nano mode and the usual ctrl-x to exit nano should have worked
<Chuckfu> ok back up
<Chuckfu> no issues
<Chuckfu> ok ufw is set to low
<supaman> if you don't see anything in /var/log/ufw.log then issue 'ufw logging medium' and try doing the email again
<supaman> then you should see a lot more info from ufw
<Chuckfu> it said low and I just perform that command
<supaman> you can also see ufw "realtime" messages with 'journalctl -f' or 'tail -f /var/log/ufw.log'
<Chuckfu> is there a way to allow traffic IN/OUT on port 587
<supaman> you originally did ufw allow 587/tcp ... don't remember if you need udp also ... so you could try 'ufw allow 587'
<supaman> is this server a public server or just for your home use?
<jdstrand> Chuckfu: the default policy allows all outbound traffic. it also uses connection tracking so traffic related to the initial connect on 587 is allowed
<jdstrand> Chuckfu: if you changed the default (sudo ufw status verbose), then you would need to add egress (outgoing) rules from your system to somewhere else, port 587
<Chuckfu> can I reset ufw to default
<Chuckfu> or will disabling ufw allow all traffic to pass
<supaman> if you disable ufw then all computers that have direct access to that computer can access all ports that are open on that computer
<supaman> if that computer is behind a NAT then there is much less danger, but still whichever port is natted into the computer is accessable from outside the NAT
<Chuckfu>  guess I need to reset the firewall and start from scratch, adding whatever is needed and creating the outgoing rules
<Chuckfu> or I could put together a pfsense firewall before it, something with a gui so I can see whats going on
<supaman> yeah, not sure how to reset ufw
<supaman> https://www.digitalocean.com/community/questions/how-to-reset-the-firewall-on-ubuntu
<sarnold>        reset  Disables and resets firewall to installation defaults. Can also give the --force option to perform the reset without confirmation.
<Chuckfu> thank you very much for the help been awesome learning lesson
<Chuckfu> be glad you don't live in Phoenix, I'd have you camping at my house teaching me
<supaman> camping in Phoenix ... hmmm :-)
<sarnold> phoenix, indeed, I'd be dead from heat stroke by june :)
<supaman> considering I live close to 66Â°N yup, same here
<sarnold> supaman: hehe, even december may be too hot for you then :)
<supaman> yup :-)
<Chuckfu> Oh but the fall, winter and spring months are awesome low of 50's high of 70's
<Chuckfu> but yeah summer you go AC to AC
<supaman> had -10Â°C here the other day, it was refreshing :-)
#ubuntu-server 2020-02-15
<samba35> how to create a vnet interface before we cerate a guest on openvsiwthc (same thing i am able to do it linux bridge )
