#ubuntu-server 2006-09-11
<larryone> hi
<larryone> I'm trying to get sshd running
<larryone> it was ubuntu-server I installed - does sshd come with it by default?
<larryone> or do I have to get it with apt-get?
* Starting logfile irclogs/ubuntu-server.log
<a_l_e> i have a working sshd on my ubuntu and a working ssh on osx. but i can't connect with ssh from a osX box to the ubuntu one (scp works, though). does anybody have an idea what could be wrong?
<a_l_e> or does anybody know where there is something i can read about it?
<ivoks> http://nepotismia.com/review/ubuntu/server/6.06/ - a nice review...
#ubuntu-server 2006-09-12
<wulf> live installer rocks ..... you people are doing excellent work
<wulf> how about xenubuntu?
<fabbione> wulf: zul (#ubuntu-kernel) is working in integrating xen
<guxano> hola mundo!!!
<sebest> hello is it a bad thing to enable preemption on a kernel for server?
#ubuntu-server 2006-09-13
<claudiu> hi all
<claudiu> anybody around here ?
<claudiu> I could use some help because I want to setup a web server on a powermac 7600
<dura> anyone else get an md5sum mismatch today after apt-get update?
<infinity> update again, you caught a mirror pulse.
<dura> okay
<dura> that makes me nervous sometimes lol
<dura> dapper apt-get update went fine ... but I got the error on dapper-server.
<dura> heh... update servers are swamped atm
<infinity> dapper and dapper server use the same repositories and the same mirrors.
<infinity> If one works, the other works.  If you catch a mirror during an update, it'll have a few seconds (or even a minute or two, if it's a slow mirror) where it's inconsistent.
<dura> So Dapper Desktop and Dapper Server use the same mirrors?
<infinity> Same packages, same infrastructure, yes.
<infinity> The differences are in the packages selections we ship on the CD, but on the mirrors, it's all just "Ubuntu".
<spike> speaking of, is there an md5sum database available somewhere you can check binaries against?
<spike> I think fabbione was working on it, actually it was done iirc
<infinity> We never got the infrastructure in place to roll it out officially, though it's still down there on someone's TODO.
<dura> infinity: Nice to know...
<infinity> I suspect I'll bump it back up to the top of my TODO for edgy+1.
<spike> infinity: is it possible to have the code? 
<dura> But I'm still getting md5sum mismatch
<dura> just did apt-get update too
<spike> cause I run a mirro locally so I can easily implement it there
<spike> for the LAN, on some ro media
<infinity> spike: You'd have to poke Fabio.  I'm not sure where he had ths code.
<infinity> s/ths/the/
<fabbione> spike: it's partially done
<fabbione> infinity: infrastructure is in place now
<fabbione> waiting for me to do the final test once i can get to build some custom/test CD
<infinity> fabbione: Oh, cool.
<fabbione> i think we only miss elmo to hook up the generation script to end of rsync mirror
<fabbione> and me to test the udeb on cd
<fabbione> after that it's only a matter of improving the code and the amount of tests
<dura> yep... still get md5sum mismatches
<infinity> Which mirror are you using?
<dura> For which packages?
<dura> security? or...
<infinity> The one giving the mismatch.
<dura> Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/dapper-backports/main/binary-i386/
<dura> and
<dura> Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/dapper-backports/main/source
<dura> on both an amd64 and 3 x86 machines
<infinity> You run dapper-backports on a server?  Brave man.
<infinity> Anyhow, try s/us.// (ie: just archive.ubuntu.com) and see if it likes you more.
<dura> lol
<dura> okay...
<dura> actually I don't know why I enabled it becaause I'm not using nay packages from it lol
<infinity> Oh, hrm, it's mismatched on the main archive too.
<infinity> Awesome.
<dura> lol
<infinity> I have our archive wizards looking into it.
<dura> okay cool
* dura wasn't trying to bitch btw
<dura> Who do I talk to about a few howto's that are incorrect/incomplete?
<infinity> Depends on where you found the HOWTO..
<linnuxxy> hi
<linnuxxy> i use dapper... how to know if it support POSIX Threading Library (NPTL)?
<dura> Hang on let me retrieve the link...
<linnuxxy> ok... if u r talking to me :D
<infinity> linnuxxy: dapper uses NPTL, yes.
<dura> heh... it's been edited.
<dura> good
<dura> I hope no one else spent 3 days trying to use it like me lol
<linnuxxy> thnx infinity....but is there a command to show this?
<infinity> linnuxxy: /lib/libc.so.6
<infinity> Yes, the library is executable.
<infinity> Available extensions:
<infinity>         crypt add-on version 2.1 by Michael Glad and others
<infinity>         GNU Libidn by Simon Josefsson
<infinity>         GNU libio by Per Bothner
<infinity>         NIS(YP)/NIS+ NSS modules 0.19 by Thorsten Kukuk
<infinity>         Native POSIX Threads Library by Ulrich Drepper et al
<infinity>         BIND-8.2.3-T5B
<infinity> Thread-local storage support included.
<infinity> NPTL and TLS are what you're looking for there.
<linnuxxy> how to run as another user in ubuntu...as su seems not working to me?
<linnuxxy> how to run as another user in ubuntu bash shell...as su seems not working to me?
<linnuxxy> how to install gmake on dapper?
<Gargoyle> Any suggestions for postfix config options to filter spam?
<Gargoyle> I wanted to use only programs from the main repository
<ivoks> rbl
<ivoks> there are many ways to fight spam...
<ivoks> none is 100% efficiant, and best I've found is greylisting...
<Gargoyle> Do you use postfix's own greylist.pl?
<Gargoyle> And are there any other standard config directives I should enter first?
<Gargoyle> Currently I have: permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination in smtpd_recipient_restrictions
<ivoks> postfix has many options
<ivoks> you can use postgrey for greylisting
<ivoks> but, it's in universe
<Gargoyle> Yeah, just scrolling through postconf.5.html now!
<ivoks> smtpd_recipient = reject_invalid_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit_mynetworks, reject_unauth_destination, reject_maps_rbl, check_policy_service
<ivoks> for example...
<ivoks> i would suggest reading documentation and howtos
<Gargoyle> reading now...
<ivoks> there isn't "a solution", but many solutions
<Gargoyle> Ahh, some of those have moved to smtpd_helo_restrictions :)
#ubuntu-server 2006-09-14
<Gargoyle> Does RBL mean Remote black list?
<infinity> Realtime Blackhole List
<spanky_> Hi there all. Has anyone played around with forwarding X sessions via XDMCP. If so have you had any luck forwarding the audio with the video? I'm able to log in remotely but having troubles figuring out how to get the audio up and running
<infinity> You're using something like ESD for audio, I'd assume?
<infinity> Anyhow, not really a -server thing.  You might want to ask the LTSP guys, since they do this all the time.
<spanky_> ltsp?
<CarlFK> what is the dl url for -server?
<infinity> CarlFK: Same as regular Ubuntu ISOs.
<infinity> http://releases.ubuntu.com/dapper/
<infinity> spanky_: Try #edubuntu ... They do ltsp (thin client) stuff all the time.
<CarlFK> spanky_: lilnux terminal server project 
<spanky_> infinity: ok thank you
<beanz> How can I set a vlan id for a real network interface, rather than an alias?
<Stonekeeper> hi. I'm not sure if this is ubuntu server specific or not, but today my openldap just started freezing. Running it through strace I find that it gets to an infinite loop of "sched_yield() = 0". Has anyone else encountered this? Thanks. (Is this the right chan?)
<thefish> hiya Stonekeeper 
<thefish> Stonekeeper: did you have a power cut?
<thefish> try running db_recover -v -h /path/to/openldap-data
<Stonekeeper> thefish: !!!
<thefish> long time no sea!
<Stonekeeper> roflcopter
<Stonekeeper> haha
<Stonekeeper> yeah, it was something to do with that. Indeed db_recover worked
<thefish> you get that ldap grafting?
<Stonekeeper> thanks :)
<thefish> ah 
<thefish> no worries
<Stonekeeper> yeah, for sure
<thefish> i had the same after a power failure
<thefish> well, i didnt strace, but the swine wouldnt start
<Stonekeeper> yeah
<Stonekeeper> strace gives you an infinite loop
<Stonekeeper> shame it doesn't detect that, bomb out with the error "There was a problem starting. Trying db_recover....."
<Stonekeeper> thefish: did you get your ghosting working?
<thefish> after many moons, using a totally different approach now
<thefish> doing it with unattended installs
<thefish> bit of perl
<thefish> there are too many combinations for imaging
<thefish> and the bastard hardware suppliers are changing stuff once an hour
<thefish> so for image 43, there are 6 variations, because some weeks we get 80G drives, and some weeks 100, and some SATA, and some...
<Stonekeeper> i agree
<Stonekeeper> I'm looking at OCS_Inventory
<Stonekeeper> you can "push" out software with that, as well as updates etc
<thefish> ye i use it here mate
<thefish> dogs bollocks
<thefish> get the newest one though (may still be beta) - there are some nice new features and the agent is better
<thefish> we were having problems getting RAM speed, and this one does it
<Stonekeeper> hey,that's encouraging!
<Stonekeeper> we are looking at using GLPI with it
<thefish> dunno that, whats it?
<Stonekeeper> and also, I got some crappy WASP technologies asset thing
<Stonekeeper> that i will integrate
<Stonekeeper> GLPI - do a search. It's perfect compliment to OCS
<thefish> kay
<thefish> I use OTRS for tickets
<thefish> not linked to OCS though
<thefish> if you build a decent bridge id like a look though :)
<Stonekeeper> GLPI does tickets
<Stonekeeper> but it does more too
<Stonekeeper> licence manager
<Stonekeeper> stock control
<thefish> cool, ill have to pencil in a looksie
<khermans> I want to keep my server kernel, but need a GUI -- what package should I install?
<khermans> sorry
<kimo> Hi, I'm a Linux admin. I want to sharpen my skills working for a bigger site (volunteer), any ideas who should I go to!
#ubuntu-server 2006-09-15
* Starting logfile irclogs/ubuntu-server.log
<voici> how can i set the default locale with ubuntu-server? i tried dpkg-reconfigure locales as in debian but it didn't allow me to configure the locales. it just regenerated them. where is the default locale set? tnx.
<dura> Happy Friday :)
<linnuxxy> had anyone tried ingres on Ubuntu?
#ubuntu-server 2006-09-16
<kalif> would anybody know where to look for ubuntu-specific info on kickstart?
<linnuxxy> i have massed with some configuration files in the /etc/X11/  ... and i forgote to backup it first... how can i restore the default?
<yogurtthewise> linnuxxy: this is not an ubuntu server development question, not even a server one, so please direct it to #ubuntu
<yogurtthewise> linnuxxy: OTOH, apt-get install --reinstall will fix it
<yogurtthewise> or just unpacka the deb
<yogurtthewise> oh well
#ubuntu-server 2006-09-17
<dura> any life?
<dura> I need to get php5 to play nice with imagemagick
<dura> dpkg-reconfigure php5 doesn't seem to work... :(
<edgy> Hi, my log file is full of drivers/usb/input/hid-core.c: control queue full in my ibm xseries 226 server, any hint what's wrong?
#ubuntu-server 2007-09-10
<halcyonCorsair> i have an HP quad port server adapter that i'm using the intel e1000 driver for, but i want to try the HP driver, which only comes for RHEL3, 4, 5, or SLES9, or 10, would I be able to use any of those?
<kgoetz> doubtfull
<kgoetz> can you get source and build it yourself?
<halcyonCorsair> i don't know....i don't think so, but i'm investigating that
<fujin_> anyone here using Puppet?
<nealmcb> fujin_: Not me.  But a more specific question might elicit a response.  Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<ivoks> grrr
<ivoks>  /etc/network/interfaces is bad concept :/
<kgoetz> :(
<ivoks> if you have 3-4 interfaces set up there, and if you missconfigure one, none of them will start
<soren> ivoks: Yeah.. Who needs network configuratino?
<kgoetz> ivoks: automatically
<soren> ivoks: You'd have to *really* misconfigure it to make that happen, surely?
<kgoetz> they still start if yyou ifup them dont they?
<ivoks> soren something like iface static lo:100 (instead of iface inet static lo:100)
<ivoks> that will crash whole network
<ivoks> and servers are 2000-3000km away :/
<soren> Yeah. Maybe we could provide a wrapper around it like with sudoers or passwd to avoid that sort of thing.
<kgoetz> soren: what sort of wrapper?
<ivoks> we should disect it to files
<kgoetz> that knows the syntax of every config files in the archive/?
<soren> kgoetz: You familiar with visudo ?
<ivoks> include files from conf.d
<kgoetz> soren: yes
<soren> kgoetz: Nono, just interfaces.
<kgoetz> hm.
<soren> kgoetz: Just a wrapper script you call that opens an editor and checks that you haven't b0rken your /e/n/interfaces file.
<kgoetz> mmm.
<ivoks> we shall create blueprint for that
<ivoks> lol, shall... should
<soren> Ah...
<soren> I'm not sure it's possible, actually.
<ivoks> i think that separate files for interfaces would be easier
<soren> Oh, please no.
<ivoks> :)
<kgoetz> how redhat
<ivoks> i'm so frustrated right now, since i can't get to those servers...
<ivoks> kgoetz: all distributions have single file for single interface
<ivoks> iirc
<soren> http://bugs.debian.org/159884
<kgoetz> ivoks: not sure i follow
<ivoks> you have one file with IP, interface etc...
<ivoks> then you have another file with another IP, interface, etc..
<soren> ivoks: I don't think the syntax check would be feasible. The way the parser figures out that a new interfaces is being described is by recognising the iface lines. If it doesn't match a set list of patterns, it's considered an option to the previous interface.
<ivoks> then, if there is an error in second file, that error doesn't effect first file
<ivoks> why not?
<ivoks> for every file include file
<ivoks> ifconfig $IFACE up $ADDRR netmask $NETMASK
<ivoks> etc..
<kgoetz> wouldnt it be better to make ifupdown support not bailing on errors?
<kgoetz> or reverting to last good config?
<soren> That's not the issue.
<soren> The issue is that it's impossible to tell if it's been misconfigured or it's something else that's not working properly.
<soren> The the syntax for interfaces is very forgiving, so it's practically impossible to detect errors in it (since it might just be someone doing something "interesting").
<kgoetz> agree
<ivoks> i would say that much bigger problem is that mistake on one interface destroys all other
<soren> ivoks: That shouldn't be the case.
<ivoks> but it is
<ivoks> make a mistake in interfaces and try
<kgoetz> ivoks: sure it is? or have you stufffed up worse then you think
<ivoks> i'm sure
<ivoks> that already happend to me once
<kgoetz> i'd test it, but i dont want to loose my connectivity ;)
<ivoks> just add false lines
<ivoks> and try ifdown lo
<ivoks> it won't work, even if you don't do mistake with lo
<ivoks> $ sudo ifdown lo
<ivoks> /etc/network/interfaces:23: too few parameters for iface line
<ivoks> it works if you add:
<ivoks> sdgfsagr rg rg tedfrgb
<ivoks> but it doesn't if you add:
<ivoks> iface ath6 static
<ivoks> funny, isn't it? :)
<soren> ivoks: Ah... *That* we could check.
<soren> ivoks: But in the real world, a more sensible solution would probably be to make vi hilight it in bright red.
<ivoks_> eh, wasn't here the whole time :D
<ivoks_> we should check that
<ivoks_> and bring interfaces which aren't cripeld
<soren> omg... Have you ever actually looked at the ifupdown code?
<soren> If you haven't.. don't!
<kgoetz> lol.
<kgoetz> i wont
<soren> I wish I hadn't.
<ivoks_> :)
<ivoks_> i will :)
<ivoks_> i don't want this to happen again :/
<ivoks_> so lame :(
<m11> hello all
<DustWolf> where in
<DustWolf> ubuntu settings
<DustWolf> e.g. what file
<DustWolf> do I find the setting that makes
<DustWolf> ubuntu not start mysql with the --skip-networking flag?
<soren> DustWolf: Which version of Ubuntu?
<DustWolf> 6.06 LTS I think
<soren> You think? :)
<soren> Could you find out?
<soren> "lsb_release -cs" will tell you
<DustWolf> I'm quite sure
<DustWolf> it says edgy
<DustWolf> so.. ? :P
<DustWolf> :)
<soren> ...so it's probably Edgy (i.e. 6.10).
<mralphabet> edgy is not 6.06 LTS ;)
<DustWolf> sorry ;P
* mralphabet shrugs
<soren> I'll just fire up my edgy vm. Hang on.
* DustWolf hangs
<soren> DustWolf: And you claim it's started with --skip-networking?
<soren> DustWolf: As in it has "--skip-networking" on the command line?
<mralphabet> I think he _wants_ the --skip-networking flag, IE to find the place to put it in
<mralphabet> I could be wrong
<DustWolf> yeah
<DustWolf> well
<DustWolf> I want to remove it
<mralphabet> ahh
<DustWolf> it got in durring a software upgrade I guess
<DustWolf> mysql     6329  0.0  1.7 127904 18000 pts/0    Sl   16:17   0:00 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file=/var/run/mysqld/mysqld.pid --skip-networking --skip-locking --port=3306 --socket=/var/run/mysqld/mysqld.sock
<DustWolf> this is why
<DustWolf> I assume it's there ;P
<DustWolf> that's output from ps aux
<mralphabet> DustWolf: do you need mysql networking?
<DustWolf> yes
<DustWolf> I can configure it securely.. trust me :P
<DustWolf> but my php aren't very happy without being able to connect
<mralphabet> php on another machine?
<DustWolf> (and I just want to fix this... because it's downtime until I do)
<DustWolf> php on the same machine
<mralphabet> umm, okay
<DustWolf> and the mysql backuping apps on other machines :P
<mralphabet> ahh
<soren> DustWolf: What does 'dpkg -l mysql-server-5.0' say?
<DustWolf> Desired=Unknown/Install/Remove/Purge/Hold
<DustWolf> | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
<DustWolf> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
<DustWolf> ||/ Name                                   Version                                Description
<DustWolf> +++-======================================-======================================-============================================================================================
<DustWolf> ii  mysql-server-5.0                       5.0.24a-9ubuntu2                       mysql database server binaries
<soren> Does 'grep -l -- --skip-networking /etc/init.d/mysql /etc/default/mysql* /usr/bin/mysqld_safe' give any result?
<DustWolf> # grep -l -- --skip-networking /etc/init.d/mysql /etc/default/mysql* /usr/bin/mysqld_safe
<DustWolf> grep: /etc/default/mysql*: No such file or directory
<DustWolf> erm
<soren> Apart from that?
<DustWolf> /usr/bin/mysqld_safe
<DustWolf> this is missing ;P
<DustWolf> irc stripped it
<soren> Missing? The file is not there?
<DustWolf> no
<DustWolf> it's there
<DustWolf> just got removed when I pasted ;P
<DustWolf> or rather.. parsed
<DustWolf> e.g. I got this:
<DustWolf> # grep -l -- --skip-networking /etc/init.d/mysql /etc/default/mysql* /usr/bin/mysqld_safe
<DustWolf> grep: /etc/default/mysql*: No such file or directory
<DustWolf> /usr/bin/mysqld_safe
<soren> In that case, you've edited that file. It's not a conffile and the stock one does not contain '--skip-networking'
<DustWolf> ok
<DustWolf> I'll fix it then
<DustWolf> and it might have been my co-admin playing smart again
<soren> You can find the original one at http://warma.dk/mysqld_safe
<DustWolf> nah I'll just let it be
<soren> Alright. I'll remove it from there again, then.
<DustWolf> :)
<DustWolf> thanks for the help :)
<mabhobs>  I have a problem with my cms. The following code is not parsed: http://test.mabhobs.de/dynimages/100/files/_galleries/gallery/design.jpg . My provider found this out http://pastebin.ca/690295 . The php code is supposed to create a resized image of the original image, this also why there are no thumbnails ( http://test.mabhobs.de ). Does anybody have an idea why this is the case? (I think it is a FastCGI problem.)
<roadkill> man why dose digg.com make my system jump to max cpu usage
<roadkill> constant,
<mralphabet> all the ajax?
<roadkill> i dunno it work fine this morning i havnt installed anything since
<roadkill_> anyone here know electronics stuff, i have a part i've got a question about
* lamont giggles at #135393 and adds a comment to it
<mathiaz> lamont: about bug 135393, what is the security view of it ?
<ubotu> Launchpad bug 135393 in bind9 "init.d-script uses control channel instead of signals" [Wishlist,Triaged]  https://launchpad.net/bugs/135393
<mathiaz> lamont: is the control interface opened to anyone by default ?
<lamont> mathiaz: root and/or the user bind, depending
<mathiaz> lamont: the reporter said that most of the user disable rndc by default.
<lamont> yeah, well.  if you choose to modify your config away from doing it the right way, then you can modify init.d too.
<mathiaz> lamont: I was wondering if the control channel would only listen to localhost
<lamont> and I doubt that 'most' is anywhere near accurate
<mathiaz> lamont: agreed.
<lamont> mathiaz: well...
<lamont> anyone on localhost can talk to the control port.  and if you have read access to /etc/bind/rndc.key (or can otherwise get the key), then you can tell it to do stuff
<lamont> default is to listen on lo only
<mathiaz> lamont: ok I see.. Thanks.
<lamont> (and yes, I had to go looking...)
<lamont> bug 82178: I 'm inclined to just not deliver *idn*
<ubotu> Launchpad bug 82178 in bind9 "idnconv manual page exists, but no binary" [Low,Confirmed]  https://launchpad.net/bugs/82178
<lamont> manpages that is, we already don't deliver the binary
#ubuntu-server 2007-09-11
<fujin_> hi
<fujin_> what does everyone use for an iptables init script?
<fujin_> currently I just have a lame bash script which does like iptables -F input bla bla inserts all my rules
<fujin_> but wanted something a bit better
<osmosis> why does my /etc/motd  get overwritten all the time to the default?
<stiv2k> help, something happened, ssh just went down like 10 minutes ago
<stiv2k> on my server
<stiv2k> im still logged into it from this one session but it will not open any new connections
<stiv2k> i can ping the server and i can telnet on 22
<stiv2k> restarting the service doesnt do anything
<fujin_> checked your firewall rules?
<stiv2k> i dont think its running a firewall, fujin_
<fujin_> on a server???
<stiv2k> fujin_: its behind a NAT
<stiv2k> fujin_: iptables is installed im not sure if its running (i also dont remember installing it)
<fujin_> well
<fujin_> uh
<stiv2k> what can i do?
<fujin_> you said you tried restarting ssh?
<stiv2k> yeah
<fujin_> try stop ssh and kill any leftover sshd's
<fujin_> could get risky lol
<stiv2k> fujin_: how am i gonna be able to log back into it to start sshd again
<fujin_> KVMoIP?
<stiv2k> nope
<fujin_> lol
<fujin_> you're not then, I'd advise not doing that
<fujin_> why not try reboot the box
<stiv2k> i couldt
<stiv2k> could
<stiv2k> but would rather avoid it :P
<stiv2k> i guess i can make a script to do it
<stiv2k> like a simple bash script
<fujin_> or do /etc/init.d/ssh stop && killall sshd && /etc/init.d/ssh start
<stiv2k> yea
<steve____> fujin_: that owned me
<steve____> i still have access to webmin
<steve____> should i try that
<steve____> maybe restart networking /..\
<fujin_> yeah
<fujin_> did it start sshd back up?
<steve____> i dont know
<steve____> it kicked me out and i cant get back
<steve____> ill telnet it to check
<steve____> SSH-2.0-OpenSSH_4.3p2 Debian-8ubuntu1
<fujin_> so what's it doing?
<fujin_> not asking for a username?
<steve____> yeah
<steve____> pretty much
<steve____> or password
<steve____> it just sits there
<wasabi> sounds like it's waiting for reverse resolve. wait.
<fujin_> that's what I was about to say :0
<steve____> its on my LAN!
<wasabi> do you have reverse resolve on your lan?
<steve____> dont think so
<steve____> its not working for me or my room mate
<steve____> wtf
<steve____> it was working like half an hour ago
<steve____> what happened
<steve____> fujin_: wasabi: does it work for you?
<steve____> ssh neoturbine.net
<fujin_> does a keyexchange
<fujin_> asked me for a password
<steve____> ok
<steve____> umm
<steve____> wtf
<steve____> it's still not working for me
<steve____> why is it not asking me for a password
<steve____> hello?
<mralphabet> steve____: you are using webmin on an ubuntu box?
<steve____> mralphabet: yea
<mralphabet> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<steve____> mralphabet: any alternatives?
<mralphabet> ebox is the one currently being bantered around
<steve____> mralphabet: what about usermin?
<steve____> also the whole ssh thing seems to be a problem on my client
<steve____> but i still dont know what
<mralphabet> use putty
<steve____> im in linux tho
<fujin_> have you checked your nameserver configuration?
<cld2> is it possible to get the messages that scroll buy during boot? after the kernel takes over before the login? dmesg is not showing the hardware errors I see. thanks.
<stiv2k> i dunno
<stiv2k> it works again
<stiv2k> that was SO weid
<stiv2k> weird
<stiv2k> hey
<stiv2k> doing `who` on my server
<stiv2k> shows me logged in like 8 times
<stiv2k> i only have 2 terminal windows open thouhg
<stiv2k> ....
<stiv2k> how do i log myself out of them
<fujin_> killall bash
<nealmcb> fujin_: shorewall is a firewall config tool in main with some nice failsafe options
<fujin_> jesus christ
<fujin_> you did not just suggest shorewall to me
* fujin_ shoots self
<fujin_> seriously, I'd have to be a retard to use shorewall. I can't believe you brought it up in a server channel
<nealmcb> fujin_: have it your way....
<fujin_> found an init script, anywayz.
<fujin_> from Gentoo
<fujin_> modified for ubuntu
<nealmcb> what don't you like about shorewall?
<fujin_> it's rubbish and not suitable for deployment as a layer3 firewall on individual servers?
<fujin_> maybe for a noob with a home network
<fujin_> "the red network"
<fujin_> lol @ shorewall.
<fujin_> I'll stick to my handwritten iptables.
<ajmitch> please do that then
<nealmcb> fujin_: could you be specific?
<ajmitch> hello nealmcb :)
<nealmcb> ajmitch: howdy!
<fujin_> how more specific do you need?
<fujin_> it's an abstraction layer to something which isn't complex
<fujin_> =dumb
<fujin_> eof
<nealmcb> fujin_: bug reports, better alternatives which are supported, etc.
<fujin_> I don't need bug reports or better alternatives to dislike a product.
<fujin_> especially a mangled under-functional product like that
<stiv2k_> hey can i re-attach a screen running under a different user on my system?  I am the sys admin.
<soren> stiv2k_: Is this something you just need this once?
<mindframe> id say su to that user and screen -r
<ph8> hey all, i'm looking for a bug to sink my teeth into. So i'm @ bugs.launchpad.net and i'm trying to search all bug reports for 'one project'
<ph8> which project is ubuntu server though? :o
<ph8> 'ubuntu-instant-server?'
<kgoetz> afaik ubuntu-sever doesnt have its own project, its 'just part of ubuntu'
<ph8> ah ok
<ph8> so how can i view specific bugs?
<ajmitch> you'd look at bugs for the packages, such as samba or apache2 or php5
<ph8> ah i see
<ph8> so coding for the ubuntu server team is really the same as the ubuntu core team, but you might concentrate on different packages?
<ajmitch> yes
<ph8> thanks
<kgoetz> anybody know what replaces the iftab file? i seem to have an eth1 and eth2, but no eth0
<atamurad> hi, what's the default mysql root password on ubuntu server?
<ScottK> Who on the server team is familiar with pacakaging mysql related packages?  We're having a problem in #ubuntu-motu that could use some assistance.
<reya276> how can I fix this error "JNDI listen port in jndi.properties blocked by TCP/IP filtering or firewall"
<reya276> how can I fix this error "JNDI listen port in jndi.properties blocked by TCP/IP filtering or firewall"
<ruben-> How can I upgrade my version of mysql-server, I updated the tree, but it still says it's the newest version :\
<sommer> ruben-: did you apt-get upgrade or apt-get update?
<ruben-> update
<ruben-> With apt-get upgrade it doesn't show it'll upgrade my mysql-server version..
<ruben-> Since it's the "newest" version, but it contains bugs, so I need a newer version
<sommer> then you're should be at the latest already.
<ruben-> 5.0.22 is installed, bug is fixed in 5.0.42, they're at version 5.0.45
<sommer> ruben-: you can file a bug in Launch Pad: https://bugs.launchpad.net/ubuntu/
<sommer> or you could compile from source in the meantime.
<ruben-> It's no ubuntu bug
<ruben-> It's a bug in MySQL
<ruben-> http://bugs.mysql.com/bug.php?id=27363
<sommer> ruben-: right you can file a bug asking for the patch to be backported or MySQL version to be packaged.  I beleive it's too late for Gutsy though.
<ruben-> I've got 6.096
<ruben-> I've got 6.06*
<sommer> ah you could always upgrade as well, but that usually depends on your environment.
<kgoetz> change release isnt often a option in production environments :(
<Nafallo> 6.06.1 is better...
<mralphabet> ruben-: what you need is a backport of mysql
* Nafallo hides again
<mralphabet> ruben-: the 'latest' version of software is not always available on 6.06
<Nafallo> 6.06.1
* Nafallo hides again
<kgoetz> .1 is kind of asumed :|
<mralphabet> ruben-: at least not through repos ;(
<kgoetz> backports might
<nealmcb> server team meeting in 30 minutes: wiki.ubuntu.com/ServerTeam/Meeting
<Nafallo> ooh
<Kamping_Kaiser> pschulz01, hey mate
<pschulz01> Kamping_Kaiser: Just woke up in time to the meeting :-)
<Kamping_Kaiser> pschulz01, meeting?
<pschulz01> ubuntu-server..
<Kamping_Kaiser> oh right
<pschulz01> https://wiki.ubuntu.com/ServerTeam?highlight=%28server%29%7C%28team%29
<pschulz01> Kamping_Kaiser: My idea for documentation.
<pschulz01> https://wiki.ubuntu.com/PaulSchulz/UbuntuServerDocumentation
<Kamping_Kaiser> pschulz01, looking
<Kamping_Kaiser> pschulz01, interesting idea.
<Kamping_Kaiser> how does this differ per se from the howtos in the ubuntu wiki/community help?
<Kamping_Kaiser> btw. got 60 photos on the 'short list'
<gnilor> hey anybody know of a repository that has a newer version of parted? the current one in 7.4 and all others appears to be 1.7 which has a bug that fails to work for raid5 arrays larger than 2TB
<Yahooadam> does somthing like cfdisk work ?
<mathiaz> gnilor: did you check ubuntu-backports ?
<gnilor> yes i believe i checked every possible place
<gnilor> I/we just manually compiled it, and were wondering if it was anywhere otherwise I might look for an ubuntu packaging tutorial to host it
<Yahooadam> oh lol :p
<Yahooadam> i thought u were saying u needed somthing that worked, not that you wanted to host a newer version ;)
<gnilor> well not really want to, but if it isn't there we might as well do it ourselves right ;)
<gnilor> there is an open bug from a while ago, so i guess it's not really priority for ubuntu devs right now
<gnilor> (I'm actually not too familiar with vesion management from ubuntu, but it seems to me that parted 1.8.x probably should make it in sometime in the not too distant future)
<mralphabet> gnilor: you may want to check #ubuntu-motu for packaging suggestions
<Znuff> Hello. Under Ubuntu, how does lvm use the pv's? by uuid or by device name? I think I'll have to do some device movements in my fileserver and I'm not sure what will happen to my lvm.
<Styles> Anybody use or has used Hyperic HQ?
<Styles> How to run vista from XP = turn on all the flashy crap in XP, change the background image, take some memory out of the box and clock down the CPU. Then hose Media Player.  You now have a Vista box that works like a charm.
<gnilor> I don't want to go down the lane of OS flame waring, but for comical relief: you might also want to delete all the music from your mp3player, plug it in and believe it is enlarging your ram to run faster.
<Znuff> oh, and you could throw all your pirated media out
<mralphabet> xp doesn't have the poker game
<Znuff> word
<Znuff> and the pretty cards in solitaire
<Yahooadam> im sorry, but what does Vista Vs XP have to do with ubuntu servers :S
<mralphabet> Yahooadam: absolutely nothing
<sahafeez> question - i am building a new asterisk box from an old pile of hardware. i have a promise sata 150sx card. the installer see 3 drives and not the mirror set i setup on the card. is this normal?
<mralphabet> I am by no means an authoritative answer, but recent (ie the last 2 years or so) promise sata cards do not seem well supported in the linux kernel
<sahafeez> ugh
<sahafeez> i did not want to have to buy a new card.
<sahafeez>  libata's "sata_promise" driver (for tx2/tx4, production quality driver) or "sata_sx4" (for sx4, beta quality driver) provides support a/o 2004-02-25 (included in kernel 2.6.x).
<sahafeez> http://linuxmafia.com/faq/Hardware/sata.html
<sahafeez> sorry - http://linuxmafia.com/faq/Hardware/sata.html#promise
<sahafeez> read that and tell me if i am reading it wrong. it should be supported
<sahafeez> as a raid
<mralphabet> I have a promise sata card as well . . . and it doesn't work.
<Yahooadam> saharfeez - the raid should be seen as a drive i believe ...
<mralphabet> I don't know that I have tried everything, but linux doesn't see anything past the card /shrug
<ivoks> it's simple
<ivoks> promise changed firmware, making open source driver unusable
<ivoks> they provide their own driver, but for 2.4 kernel
<sahafeez> sorry - the raid should be see as each drive or just the raid drive
<sahafeez> i have it setup as a mirror but it sees each drive.
<sahafeez> i think maybe i will just software raid it.
<ivoks> forget about promise, supertrack, fastrack...
<sahafeez> it is what i have.
<ivoks> i know, but it's not worth it
<ivoks> you will get very bad performance
<sahafeez> other cards are 3ware but i need this to work. i will just use it for jbod and software raid
<ivoks> it's better to have onboard intel SATA and mdadm raid
<sahafeez> it is for an asterisk box for 10 people.
<ivoks> 3ware on the other hand is best you can get for sata
<sahafeez> yah..i have 3 of them
<Yahooadam> sahafeez, if the raid softwaer can see it, it should see each drive, otherwise, the raid should be seen as 1 big drive
<Yahooadam> i believe anyway, im not a raid expert :p
<Yahooadam> p.s. software raid is pretty sucky, ofc how much depends if your raid controller is a decent one
<ivoks> it's not sucky...
<ivoks> software raid has its advantages
<soren> I prefer software raid, actually.
<ivoks> (where software raid is linux mdadm raid, not cheap so-called raid controllers)
<Yahooadam> what advantage does software raid have
<Yahooadam> except u dont have to pay for a raid controller :p
<mralphabet> in os monitoring is better with mdadm
<mralphabet> a lot of the linux tools that are provided don't work off cli if they work at all
<mralphabet> *linux tools from vendors
<soren> You don't have to pay for a *two* raid-controllers, actually. If your raid controller dies, you have to have an identical one if you want to have even a smidgeon of chance of getting your data back.
<ivoks> and most of the time linux md raid provides better performance
<ivoks> processors these days are really fast :)
<soren> The performance overhead of software raid is negligable these days anyway.
<mralphabet> software raid in windows is garbage though
<soren> mralphabet: don't do that, then :)
<ivoks> YourMomsHero: http://linux.yyz.us/why-software-raid.html
<ivoks> beh...
<ivoks> Yahooadam: http://linux.yyz.us/why-software-raid.html
<mralphabet> soren: I don't if I can help it ;)
<kudeta> hello
<kudeta> ive added to interfaces an ip that my server has been allocated. but its not working (no ping etc) is there something i might have forgotten?
<kudeta> it says its up but.. :S
<Yahooadam> isnt one of these btter then SW raid http://www.komplett.co.uk/k/ki.aspx?sku=311568&cks=ASS&assoc=8070E5CC-28EB-433D-8345-6176BFE08D72
<Yahooadam> :p
<ivoks> promise? :)
<mralphabet> ;(
<ivoks> i wouldn't use it even as a darts target :)
<Yahooadam> http://www.europc.co.uk/pages/ProductPage.aspx?PID=45092&refId=Pricegrabber
<Yahooadam> that better :p
<Yahooadam> appart from its PCI-X >_<
<kudeta> i made it identical to eth0, but just changed te last ip digit (they are consecutive) where neccess.
<ivoks> http://www.3ware.com/
<ivoks> kudeta: you can't ping any address?
<Yahooadam> nice :p
<kudeta> no  can
<kudeta> leme explain
<kudeta> i have  remote serve ron dapper
<kudeta> i was allocated 3 ips
<kudeta> call them
<kudeta> *.*.*.1
<kudeta> *.*.*.2
<kudeta> *.*.*.3
<Yahooadam> "for red hot RAID 6 performance, delivering over 700MB/s RAID 6 reads and 600MB/s RAID 6 writes."
<kudeta> but only .1 was active
<Yahooadam> i want that for my gaming machine :p
<ivoks> kudeta: did you add auto?
<kudeta> yea
<Znuff> hmmm, I wonder why my ubuntu-server just stopped bootin
<ivoks> kudeta: can you ssh to .1?
<Znuff> booting
<kudeta> ivoks
<kudeta> yea .1 works np
<kudeta> has been for months :)
<kudeta> i need .2 so i can run a tor server discretely
<ivoks> kudeta: hwo did you called those other interfaces?
<ivoks> call, even...
<kudeta> the original one was eth0 (.1)
<kudeta> the new one is eth0:0 (thats .2)
<ivoks> ok
<ivoks> and if you do ifup eth0:0, what happens?
<kudeta> already configured
<ivoks> and 'ifconfig' shows all interfaces?
<kudeta> yup
<ivoks> so, can you ping those IPs from that server?
<kudeta> yea
<kudeta> i can ping internally
<ivoks> then it's not your problem
<kudeta> but only .1 works outside
<sahafeez> is there a guide to setting up raid from the installer. i am having issues understanding the logic of the installer. i have 3 disk and i want to mirror 2 and hot spare the 3rd
<kudeta> oh really?
<kudeta> host issue?
<ivoks> your ISP doesn't pass traffic to those IPs
<kudeta> hmm
<kudeta> it says in my email confirmation i was allocatd *.*.*.1 2 and 3
<ivoks> ask them why you can't ping .2 and .3 from outside
<kudeta> ok
<kudeta> thanks ivoks
<ivoks> IPs are up on server
<ivoks> np
<Znuffy> what's the proper procedure in restoring grub?
<sommer> nealmcb: thanks for the correction...I asked in #ubuntu-doc about the date and still put it in wrong
* sommer needs more coffee
<ivoks> Znuffy: installation of it
<Znuffy> let's see if I manage to do this without / but only with /boot
<mathiaz> jdstrand: what's the status of the default LAMP page ?
<ivoks> Znuffy: you can't :) there is no grub binary in /boot
<Znuffy> ivoks, but it's on the live cd
<jdstrand> mathiaz: I issued the bug report, which you ack'd.  I then tried follwoing up with infinity, but had a hard time getting hold of him
<ivoks> Znuffy: i would suggest booting from live cd and then chrooting to real /
<jdstrand> mathiaz: so basically, nothing :(
<Znuffy> ivoks, I can't, / is on lvm
<mathiaz> jdstrand: ok. I was just going through the Action points of the last meetings.
<ivoks> eh :/
<Znuffy> and it seems that NOBODY thought of shipping lvm on the live cd...
<jdstrand> mathiaz: I haven't checked his tz since I started, but we never seem to be in sync lately
<mathiaz> jdstrand: infinity is in australia, so it's hard for us to get a hold on him
<jdstrand> :)
<ivoks> Znuffy: live CD doesn't support LVM
<ivoks> Znuffy: and if you installed server, there's a rescue option on server install cd
<jdstrand> mathiaz: I can email him then
<Znuffy> wish I'd had a server cd around
<ivoks> Znuffy: well, it's not a big deal
<Znuffy> seems setup (hd0) succeeded
<Znuffy> ivoks, and no spare blank!
<ivoks> Znuffy: now reboot
<Znuffy> now, I wonder if this thing will actually boot o.O
<ivoks> if you passwd correct root() command in grub, it should
<Znuffy> ivoks, yeah, but I was afraid of lvm doing something wrong, as I have some devices moved around
<Znuffy> if only I could actually figure out what caused this
<Znuffy> was working last night, and this morning *boom*
<ivoks> grub has nothing to do with lvm
<Znuffy> nevermind lvm
<Znuffy> I don't get it why this thing would randomly reboot and lose its mbr
<Znuffy> last line in /var/log/messages.0 is "fileserver syslogd 1.4.1#20ubuntu4: restart."
<ivoks> :))
<ivoks> let me guess, in 6AM?
<ivoks> syslogd is periodicly restarted; every restart of it, inside new day, creates new /var/log/messages
<ivoks> if your computer is up 24/7
<ivoks> then that's in 6:25AM
<sahafeez> question - i do not see raid as a choice for a partition type in the installer. what am i missing?
<sahafeez> do i have to setup lvm to use raid?
<ivoks> sahafeez: server install?
<sahafeez> yes
<ivoks> sahafeez: you have to create raid partitions
<sahafeez> yes. i know. it is not a choice
<ivoks> when you create partition, select 'use as linux raid'
<ivoks> instead of ext3
<sahafeez> yes, it is not on the list is what i am saying
<ivoks> what is on the list?
<sahafeez> use as linux raid
<sahafeez> is not there. etx3, etx3 xfs, etc are all there
<ivoks> what are those all? is lvm there?
<sahafeez> no.
<sahafeez> 1st screen - manual. ok get a list of disk. pic a disk.
<sahafeez> create a partition. pick that. try to change type. no love
<ivoks> well it was there for last 70 server installs i did :)
<ivoks> you are using what version?
<sahafeez> 7.04
<sahafeez> okay...think i have it now.
<sahafeez> rebooted
<sahafeez> strange
<spiekey> hi
<ivoks> maybe md module wasn't loaded
<sahafeez> ubuntu is great however the disksetup is the worst
<ivoks> ...for some reason...
<spiekey> what do i need to set to allow key and passwd auth with sshd?
<ivoks> nothing, that's by default
<spiekey> RSAAuthentication yes - PubkeyAuthentication yes
<spiekey> what else?
<ivoks> spiekey: that's by default
<spiekey> i changed my friking config :P
<ivoks> that's all
<spiekey> can i install the default config somehow?
<spiekey> without locking myself out? ;)
<cld2> I know this is generic but, on my home network I start an rsync and it goes for about 1 min at 75 megs ber second then slowly drops to 4 megs a second and just kinda sits there, some times it will spike back up to 30megs a second. its all wired all on the same switch. thanks.
<mralphabet> large files? small files?
<nijaba> cld2: what about proc activity ?  How many files are you syncing ?
<cld2> mralphabet: largish files, around 2 gig
<cld2> nijaba: what do I look at in proc to see this? sorry im the suck at linux internals
<nijaba> cld2: I meant processor
<cld2> oh, I dont know how to check that either. both boxes have 2ghz single core amd's
<cld2> im rsyncing over nfs with progress turned on. so I can see that sometimes it can be fast.. and every now and then it will sustain 30-40 megs a second.
<nijaba> so, can you (a) provide us with the result displayed by rsync when using --stats option
<nijaba> cld2: (b) run top while syncing and look at your load average
<cld2> top shows 1.9 on the box doing the sync
<cld2> so the cpu is just over worked.
<cld2> now its at 2.15
<nijaba> cld2: what options do you have ?
<cld2> nijaba: I dont understand sorry.
<nijaba> cld2: it could be that comparing changes for unchanged file is taking a lot of local activity
<cld2> options for what?
<nijaba> cld2: options : what is your rsync command line
<cld2> oh, i just did rsync --progress *.mpg /new/dir
<cld2> there are no file in the place these files are being rsycned to.
<cld2> and scp yeilds about 11/mbs and I figured that was because of the encryption overhead
<nijaba> cld2: can you do an 'ifconfig' and send us the results to see if there are network errors
<nijaba> cld2: encryption is not that much of an overhead if you have a "modern" machine
<cld2> nijaba: thanks. I would hope 2ghz is modern enought.
<cld2> on both hosts i have zero errors, dropped, overuns, or collisions
<nijaba> cld2: yep, sounds modern
* nijaba puzzled
<cld2> yeah, its very strange. thanks for the troubleshooting help.
<nijaba> cld2: and when you do a cp locally, you never noticed any slowing down ?
<cld2> what kills me is I made this transfer yesterday in all of about 11 min, getting about 30megs/s the entire time, but had the wrong permissions on the folder. after I fixed that and retried its just been slumping
<cld2> I cant say, this is a mythtv box. it never seems slow
<nijaba> cld2: in your top, what are the top 3 process in processor usage ?
<cld2> on the reciving end no, never any cp slowness. thats the backend/file server
<fujin_> hdparm -tT
<cld2> rsync,rsync,pdflush
<m12> evening all
<cld2> fujin_: /dev/sda: Timing cached reads:   1034 MB in  2.00 seconds = 516.61 MB/sec Timing buffered disk reads:  220 MB in  3.02 seconds =  72.90 MB/sec
<m12> i am having problem issuing command : apache2-ssl-certificates
<m12> it just says stop
<cld2> whats strange is that scp will hold a steady 11meg/s
<spiekey> when i create a file on a samba share with , it looks like  on the shell.
<spiekey> how can i fix this?
<fujin_> utf8
<spiekey> mount ext3 with utf8 you mean?
<m12> what packages i need to get SSL runing on ubuntu ?
<m12> i have instaled apache2.2-common , openssl and ca-certificates, do i need somthing more ?
<nijaba> spiekey: in /etc/fstab put option iocharset=utf8 or iocharset=iso8859-15 as you would like
<nijaba> m12: http://www.linode.com/wiki/index.php/Apache2_SSL_in_Ubuntu
<m12> tnx nijaba
<spiekey> nijaba: /dev/sda6       /mnt/data       ext3    iocharset=iso8859-15       0       2   like this?
<spiekey> mount -o remount /mnt/data
<spiekey> mount: /mnt/data not mounted already, or bad option
<nijaba> spiekey: sorry, iocharset not an option for ext3, I thought you were mounting a fat volume
<m12> nijaba, libapache-mod-ssl is for apache , not apache2 :/
<spiekey> whats the option called?
<nijaba> m12: ssl is there by default now I beleive.  just "a2enmod ssl" should work
<nijaba> spiekey: what option ?
<spiekey> to use utf8 on ext3
<nijaba> spiekey: don't have the option, just using the charset of the machine is running
<spiekey> ah, okay
<nijaba> spiekey: since your machine is the server, in the global section of your samba conf
<nijaba> spiekey: try setting unix charset = ISO8859-1
<nijaba>        dos charset = 850
<spiekey> thanks
<nijaba> spiekey: also check for presence of "display charset = LOCALE"
<m12> nijaba , that tutorial installs apache-common with libapache-mod-ssl, think it is for apache1 and still not working
<nijaba> m12: sorry, I did not write it, just thought it looked right
<m12> ye i guessed, just saying it isnt working :)
<nijaba> m12: there is also a lengthy discussion on the subject on http://ubuntuforums.org/showthread.php?t=4466
<m12> it seems broken command of apache2 on launchpad
<m12> all very good tutorials until u found out apache2-ssl-certificates is broken command
<m12> then u stuck
<nijaba> m12 so you are stuck generating your cert, right ?
<nijaba> m12: wait a sec, I think I have an ugly script somewhere for this
<m12> i cant start generating
<m12> cause it refuses comand
<m12> and now i have read that there are some files missing in apache2
<m12> very ugly it seems
<nijaba> m12: http://pastebin.com/d1a1f1063 will generate your own ca cert
<m12> i check, tnx
<nijaba> m12: http://pastebin.com/d2f8626f3 will generate a cert for a specific server
<nijaba> m12: as I told you, very ugly (but working) scripting
<m12> hmm
<nijaba> m12: will need some editing to have your own values
<m12> yes
#ubuntu-server 2007-09-12
<spiekey> how can i install the german locales?
<spiekey> "locale -a" does not show the german set
<spiekey> got it
<ubuntu-jeff> Does anyone here have any experience working with Linux Kernel Virtualization?
<fujin_> how so?
<fujin_> xen? vmware?
<fujin_> that other crappy one?
<\x6e\x65\x72\x64> hi, on ubuntu-server daemons are dying randomly. On regular ubuntu this doesn't happen, I noticed if I do something like "memtest (all_my_ram)" on regular ubuntu the system crawls but processes don't die, on ubuntu-server it kills everything (including sshd). How can I change this behavior to be like regular ubuntu?
<ubuntu-jeff> I'm looking at Linux KVM vs VMware and weiging my options
<ubuntu-jeff> (sorry about the delay, I stepped away)
<ubuntu-jeff> I'm afraid of vendor lock-in with VMware server images. But I'm not sure of the usability (or maintainability, rather) of Linux KVM.
<ubuntu-jeff> Also, I know that with VMWare, it is possible to copy an entire virtual machine live, while it is in use. I don't know if the same can be done with a Linux KVM qcow image.
<ubuntu-jeff> Also, am I likely to have sudden incompatibility issues (or server re-activations, If the Guest is a M$ server product that requires activation) after a kernel upgrade?
<ubuntu-jeff> (because LKVM is part of the kernel proper)
<osmosis> whats the speed different between running and i386 distro, vs running an amd64 copy of a distro ?
<ubuntu-jeff> One is targeted toward the i386. That is, it will run on virtually all x86 and compatables all the way back to the i386 (in practice, this really is limited to nothing older than a 486, but these days, that's not much of a limit.
<ubuntu-jeff> On the other hand, an amd64, also known as x86_64 distro
<ubuntu-jeff> is targeted toward the 64 bit x86 architecture, and will run on any 64-bit Intel and AMD chip, except for the Itanium line, which is much different than the amd64.
<ubuntu-jeff> Is my explanation sufficiently clear, or am I confusing you, osmisis?
<m12> hey guys
<m12> in /etc/php5/apache2/php.ini i cant find extension=mysql.so
<m12> any tips ?
<ubuntu-jeff> apt-get install php5-mysql
<m12> ok tnx, sec i check
<ubuntu-jeff> don't forget sudo
<m12> newest version
<m12> why sudo if i am root ?
<ubuntu-jeff> oh, I assumed you where continuing in the default Ubuntu enviornment, where 'root' lacks a password, and you where some other arbitrary user in the 'wheel' group.
<ubuntu-jeff> hm...
<m12> no go
<m12> cant find it
<ubuntu-jeff> did you do a LAMP install on your server?
<m12> why lamp ?
<ubuntu-jeff> LAMP
<ubuntu-jeff> stands for
<m12> i know
<ubuntu-jeff> Linux + Apatchie + MySQL + PHP.
<ubuntu-jeff> Some times
<m12> i did manual install
<ubuntu-jeff> ok
<ubuntu-jeff> well
<ubuntu-jeff> Have you done a manual install of mysql
<ubuntu-jeff> before with sucess?
<m12> mysql-server
<m12> yes
<ubuntu-jeff> hm..
<m12> i just cant find it in php.ini
<ajmitch> because it's not in there
<ubuntu-jeff> have you used grep
<ajmitch> but in /etc/php5/conf.d/mysql.ini
<ubuntu-jeff> to be certain you're not just missing it.
<ubuntu-jeff> ?
<m12> hm
<m12> let me check
<m12> lol, tnx ajmitch
<ubuntu-jeff> ?
<m12> ajmitch , so i dont need to enable it in php.ini and give route to it ?
<ajmitch> no
<m12> ok
<ajmitch> it should just work, assuming that you restart apache
<m12> ok , many tnx m8 :)
<ubuntu-server-je> is anyone going to answer my kvm question?
<m12> another problem i stumble upon is: sudo apache2-ssl-certificate
<m12> sudo: apache2-ssl-certificate: command not found
<ajmitch> ubuntu-server-je: no, because I haven't used kvm
<ubuntu-server-je> ok
<ubuntu-server-je> what about vmware?
<ajmitch> vmware should work alright
<ubuntu-server-je> is it not closed-sourced?
<ajmitch> it is
<ubuntu-server-je> ok
<ajmitch> there have been various utilities for reading the disk images
<ajmitch> I don;t know how well they work with snapshots, etc
<ubuntu-server-je> like qemu-image?
<ajmitch> yes
<ubuntu-server-je> which seems to read some of them
<ubuntu-server-je> ok
<ajmitch> I haven't had much use for vmware outside of testing development stuff
<ubuntu-server-je> With a PC that has VT instructions in the CPU, is near-native speed truly achivable?
<ajmitch> you can have decent speed even without that
<ajmitch> but yes, it should be fairly fast, depending on the workload
<m12> guys , can u help with SSL ,i am trying to get it runing , but server just dont accept apache2-ssl-certificate command
<ubuntu-server-je> ok
<alka_trash> hey anyone know anything about Ubuntu Jeos?
<pj_og> Hi! I installed the ubuntu-server, but the base system doesn't boot. I have no idea why. I can boot memtest86+, but trying one of the kernels results only in a "reset". What now? The installation itself went absolutely smoothless, no error or so. But then rebooting doesn't work.
<pj_og> ...smooth...
<pj_og> I even have no idea how to debug such a thing since there are no messages.
<pj_og> Any ideas anybody?
<pj_og> To me it looks like there is a problem with the ubuntu-server kernel.
<j3one> I have an Ubuntu box (latest server edition) set up at a colo and can ssh into it now.
<j3one> Now I am needing to set up LAMP and hopefully
<j3one> phpmyadmin + webadmin
<j3one> but j3one == noob
<j3one> Anyone know of a good guide?
<Drazha> j3one, yeap
<Drazha> j3one, http://www.howtoforge.com/perfect_setup_ubuntu704
<dantalizing> howtoforge has some nice stuff
<j3one> thanks
<Drazha> that'll be 10 bucks :)
<osmosis> is there a way for me to find out what version of the xen kernel is included in gutsy ?
<Nafallo> the same as the regular kernel.
<Nafallo> it's just a patch these days.
<osmosis> how can I revert my config files back to original for a particular package?
<ScottK> Purge the package and reinstall is one way.
<ScottK> sudo dpkg -P packagname
<pike_> dpkg-reconfigure <packagename> may work too id think
<osmosis> any recommendations on how to fix these system errors?  http://dpaste.com/19370/
<sommer> osmosis: what are you trying to install?
<leonel> osmosis:  locale-gen  en_US.UTF-8
<osmosis> im just doing a normal  apt-get update; apt-get upgrade;   on a dapper install.  not a normal dapper install though...was setup with debootstrap.
<dantalizing> osmosis: http://ubuntuforums.org/showthread.php?t=75493
<osmosis> dantalizing: coool
<osmosis> dantalizing: hmm..  sudo dpkg-reconfigure locales    doesnt fix it.
<dantalizing> there are some other suggestings in the thread
<osmosis> locale-gen  en_US.UTF-8    works though.
<osmosis> leonel: thanks
<FlyingSquirrel32> How do I add something to /etc/init.d so I can start/stop/restart it?
<sommer> FyingSquirrel32: is the application something you've developed or something installed from apt-get?
<sommer> the command you're probably looking for is upate-rc.d
<FlyingSquirrel32> sommer: It's ntop. I installed with apt-get, but it didn't seem to create a startup script.
<FlyingSquirrel32> sommer: yeah, that's what I'm looking for, but I'd like a template script but I can't seem to find one.
<pike_> there should be a skeleton script in /etc/init.d/
<FlyingSquirrel32> you're right, thanks pike_
<leonel> 
<leonel> I had smtp auth  with sql  to postgresql   working in dapper
<leonel> now in feisty
<leonel> I can't  make any auth  the log says  cant find /etc/sasldb2
<leonel> was any critical change ?
<leonel> even  did the first  upgrade from dapper to edgy  and the same error
<wasabi> smtp auth?
<wasabi> you mean with a mail server?
#ubuntu-server 2007-09-13
<leonel> wasabi:  yes  postfix
<leonel> wasabi: all was working in dapper
<leonel> then upgraded to edgy  checked the configuration  and  all works  but the  smtp auth
<leonel> then installed a fresh  feisty    and the same error
<nealmcb> leonel: have you compared the config files that relate to sasl?  can you show the full error log message?
<nealmcb> so the feisty install was not an upgrade?
<nealmcb> leonel: this looks relevant - a chroot problem? : http://www.kloopy.com/344_Postfix__SASL2__unable_to_open_Berkeley_db
<leonel> nealmcb: that's the error  but  I'm using  libsasl2-modules-sql   to access  postgresql and check for users there    it has nothing to do with the /etc/sasldb2 file
<leonel> nealmcb: worked  fine in dapper   now  this error  on feisty
<ScottK> leonel: I'm guessing your Postfix is chrooted.  Copy /etc/sasldb2 into the chroot.
<ScottK> leonel: OK.  First I'd make sure you are unchrooted in Postfix and see if the error persists.
<leonel> ScottK:  unchrooted  and the same    but  I guess I don't need  sasldb2  since  I'm authenticating against  postgresql    in dapper works  fine    but I guess in feisty  something has changed
<ScottK> leonel: I don't think Postfix has changed how it does Auth.
<lamont> [Wed Sep 12 22:45:37 2007]  [error]  [client 192.34.35.18]  GROUP: lamont not in required group(s).
<lamont> what do I have to tell apache et al to get past that?
<lamont> (AuthType basic, ftw)
<ajmitch> you have AuthGroupFile, and the user lamont listed in a group in there?
<ajmitch> I presume you've got 'require group foo' somewhere
<lamont> ajmitch: what group should he be in, and what does it check against?
<ajmitch> I don't know, since I don't know what the access directives are (in .htaccess or otherwise)
<ajmitch> we use 'require group admin', and the .htgroup file has 'admin: ajmitch'
<lamont> 'twas a leftover module load... I wasn't trying to actually _use_ groups, you see.
<lamont> so 'require group admin' would go in .htaccess?
* lamont freely admits to not being fully web-server literate
<ajmitch> yep, if you really feel like using it] 
<ajmitch> but if it's already requiring you to be in a group, I guess you need to track down where that is set
<lamont> module being loaded.  disabling the modules for group checking "fixed" it.
<ajmitch> since it can so conveniently be anywhere
<ajmitch> right :)
<lamont> ajmitch: what I really want is a howto somewhere that'll tell me how to configure apache and windows to use basic auth in https and the 'publish this file to the web' "feature" in windoze XP pro
<lamont> OTOH, I'm going to go to bed and ponder, I think
<ScottK> lamont: I've been following the Stress-dependent server personality discussion on postfix-users.  This seems a relatively simple and useful patch.  I was wondering if you'd considered including it in the current Postfix package?
<ScottK> soren: I think Bug #128262 ought to have an ack.
<ubotu> Launchpad bug 128262 in ubuntu "[needs-packaging]  sqlite-ruby" [Wishlist,New]  https://launchpad.net/bugs/128262
* soren reads
<ScottK> soren: In related news the Debian courier maintainer finally shows signs of life.  Any thoughts on a courier uvfe?
* soren has no clue about Courier
<soren> I've actually never used it.
<ScottK> OK.
<ScottK> For the ruby thing it was "last package required to get a standard set of Ruby on Rails application adapters installed on Ubuntu without requiring compilation." that got my attention.
<soren> ScottK: Ack'ed.
<ScottK> Cool.
<soren> ScottK: Could you be pursuaded to poke the the archive admins about it?
<soren> ScottK: I'm kind of tied up rigth now.
<ScottK> I just asked dholbach to upload it again.
<ScottK> Tomorrow is pitti's normal archive day, so I'll leave bugging him until then.
<leonel> ScottK: Feisty postfix + sql auth  is working   something went  wrong obviously  yesterday  but today all working good ..
<ScottK> leonel: Glad ot hear it.
<ScottK> ot/to
<leonel> postconf -e 'smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2'    <-- this was the difference  .. now  it's gone
<ScottK> Weird.
<benj3one> Hi
<benj3one> I am running ubuntu server (7.04)
<ScottK> Hi.  What's up?
<benj3one> And I think I have fubared my LAMP settup :-(
<benj3one> I have apt-get remove -purged eveything once
<benj3one> allready, but When I reinstall appache2
<benj3one> etc/apache2/
<benj3one> doesent have anyhting in it
<benj3one> exept
<benj3one> mods available folder
<benj3one> Is there a way to get that stuff back!?
* ScottK doesn't know about Apache.  Looks around.
<ScottK> Yes, but I'm not the best person to tell you how.
<benj3one> ah, well it seems I found the problem last night
<benj3one> I colocated my server
<benj3one> and could ssh in so went back home (4 hours away)
<benj3one> but then I couldent, and the tech at the datacenter said it must be somthing with the install uf ubuntu I did
<benj3one> So I let him re-put it on there.
<benj3one> it was essentialy empty anyway
<benj3one> but he did not set up lamp...
<benj3one> but I think he did set up apache
<benj3one> I didnt realise this so I installed appache2 and the rest of the lamp stack :-(
<benj3one> now I am trying to remove everything and start over here
<benj3one> (Oh and later on he emailed me and the problem was on there end (old firewall setup on that switch)
<benj3one> ...
<mralphabet> benj3one: tasksel
<benj3one> how do I use that?
<benj3one> nm/ got it thanks
<benj3one> so do I need to un-install lamp then use this
<benj3one> because basicaly it does nothing
<benj3one> basically "/etc/apache2/" no longer exists...
<benj3one> but when I install apache2
<benj3one> it doesent create it anywhere
<benj3one> there is no directory "apache2"
<benj3one> wtf
<sommer> benj3one: when you uninstalled did you do a purge?
<sommer> to purge do a dpkg -P apache2
<sommer> then try reinstalling
<sommer> that's my idea anyway.
<benj3one> thanks
<benj3one> I will give it a shot :-)
* benj3one == screwed
<Kamping_Kaiser> why?
<benj3one> I cannot get apache2 installed correctly
<benj3one> and its a webserver
* Kamping_Kaiser reads up
<benj3one> thanks
<sommer> benj3one: did the purge not help?
<leonel> sudo apt-get install --reinstall  apache2 ??
<benj3one> it says 1 reinstalled, 2 not upgraded
<benj3one> all I know is I uninstalled apache2
<benj3one> but then in /etc/ there was still an apche2 folder
<benj3one> ...so I ah..
<benj3one> deleted it :-(
<benj3one> and now, even though it says its installing, no beans
<benj3one> I dont see it anywhere
<sommer> benj3one: just so I'm clear you have apache2 installed now?
<benj3one> thats what it says
<sommer> try manually creating /etc/apache2
<benj3one> k
<sommer> then doing a dpkg -P apache2
<sommer> then reinstall apache2
<benj3one> dpkg -P apache2
<benj3one> got it
<sommer> after you do the dpkg -P apache2 make sure that the /etc/apache2 dir is gone.
<sommer> then try reinstalling
<benj3one> ok its clean
<benj3one> trying reinstall
<benj3one> ok it is installed again
<benj3one> but no apache folder on my system
<sommer> no /etc/apache2?
<benj3one> maybe its installed with one the extention packages
<benj3one> no
<benj3one> not at all
<sommer> mmmm....what's the output of dpkg -l apache2?
<Kamping_Kaiser> moreimportantly , whats the outpult of `dpkg -L apache2` and `dpkg -L apache2-common`
<benj3one> how do you copy out of puty :-P
<benj3one> ok I will type it
<Kamping_Kaiser> select+right click
<Kamping_Kaiser> or is that paste :S
<sommer> I think if you just select text in putty it will be copied to the clipboard
<benj3one> Desired=Unknown/Install/Remove/Purge/Hold
<sommer> but I don't have a window machine handy
<benj3one> | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
<benj3one> Actualy I am running putty on wine in fedora
<benj3one> (dont ask)
<benj3one> :-P
<sommer> heh...that is a little odd
<benj3one> yah
<sommer> I gueess I can try to recreate your situation
<sommer> you installed apache2 then removed it
<benj3one> yep
<Kamping_Kaiser> benj3one, thats just sick
<sommer> how was it removed?  apt-get remove apache2?
<benj3one> then deleted /etc/apache2/
<benj3one> yes apt-get remove apache2
<Kamping_Kaiser> benj3one, you sure it was installed from debs?
<benj3one> actualy I am not
<benj3one> now that you mentioned it
<sommer> which version of Ubuntu are you running?
<benj3one> the guy at the datacenter couldent get ssh working to my box and figured it was my setup, so I told him it was basicaly empty, and he could reinstall
<Kamping_Kaiser> 7.04
<benj3one> pretty sure (thats what i told him to put on there)
<sommer> okay I'll do some testing.
<Kamping_Kaiser> well look in /opt/ and /usr/local for random apapches
<Kamping_Kaiser> imo its worth looking for such things :)
<Kamping_Kaiser> is there one running atm?
<Kamping_Kaiser> if there is `ps aux |grep apache`
<benj3one> k, checking
<benj3one> it is 7.04
<benj3one> btw
<sommer> Yep I got the same results as benj3one
<benj3one> :-(
<benj3one> thanks for going through all that :-)
<benj3one> I REALLY appreciate the help
<benj3one> from all
<sommer> np...stand by working on a solution.
<benj3one> Kamping_Kaiser, I dont see anything anywhere else
<Kamping_Kaiser> benj3one, :(
<Kamping_Kaiser> i havent used 7.04 :(
* Kamping_Kaiser sometimes misses the bleeding edge... i learned a lot more, and i helped a lot more.
<benj3one> yah this bleeding edge stuff is just that.. in fact I am getting slaughtered. lol
<Kamping_Kaiser> lol
<Kamping_Kaiser> hang in there, sommer will arrive with your reinforcements :)
<sommer> ok I think I've got a process:
<benj3one> sweet
<sommer> stop any running apache2 processes
<sommer> ps aux | grep apache
<sommer> mkdir -p /etc/apache2/sites-available
<sommer> ^^ the /etc/apache2 dir can't be empty for some reason.
<sommer> then find all apache2 programs by: dpkg -l | grep apache
<sommer> then do a dpkg -P apache2 apache2-utils ... etc
<sommer> make sure that is successful
<benj3one> k
<sommer> if it was do another dpkg -l | grep apache and you shouldn't see anyting listed
<benj3one> doing all that now
<sommer> once everyting is purged you should be able to apt-get install apache2 and have /etc/apache2 again
<Kamping_Kaiser> you should see one hit - the grep entry
<sommer> at least that worked for me
<benj3one> how do I stop all the prcessess?
<sommer> ps aux | grep apache
<benj3one> ok did that
<benj3one> when I
<Kamping_Kaiser> killall <app name>
<sommer> the second number is the process id number
<sommer> or what killall  should be easier
<sommer> but you can also kill process_number
<Kamping_Kaiser> benj3one, dont be afraid to pastebin your output - if it saves peopel guessing, its worth doing :)
<benj3one> when I "dpkg -P apache2 apache2-utils"
<benj3one> it says depndancy problems - not removed
<sommer> does it list a package name?
<Kamping_Kaiser> benj3one, try for `sudo apt-get --purge remove`
<Kamping_Kaiser> rather the `dpkg -r`
<Kamping_Kaiser> oh, P
* Kamping_Kaiser looks up man page
<sommer> benj3one: any luck?
<benj3one> http://rafb.net/p/7b71o395.html
<sommer> if apache2 isn't installed reinstall it
<benj3one> ok
<benj3one> then run through that again?
<sommer> then try the dpkg -P apache2 apache2-common apache2-mpm-prefork apache2-utils libapache2-mod-auth-mysql libapache2-mod-php5 libapache2-mod-python
<sommer> yep
<sommer> so apt-get install apache2
<sommer> mkdir -P /etc/apache2/sites-available
<Kamping_Kaiser> benj3one, considdered using apt-get?
<sommer> then the above dpkg -P command
<benj3one> k
<sommer> everything gone?
<sommer> dpkg -l | grep apache
<benj3one> http://paste2.org/p/7047
<sommer> looks like the purge didn't work again...was there an error?
<benj3one> http://paste2.org/p/7048
<sommer> try apt-get install apache2-mpm-itk
<sommer> then dpkg -l | grep apache
<sommer> and try to dpkg -P ... the list again
<benj3one> k
<sommer> I think what's happening is one package is being removed, which then doesn't allow packages depending on it to be.
<benj3one> ah
<benj3one> http://dpaste.com/19488/
* Kamping_Kaiser resuggests apt then goes awol
<benj3one> Kamping_Kaiser?
<Kamping_Kaiser> benj3one, `apt-get --purge remove ` instead of `dpkg -P`
<sommer> mmm....he's probably right I used dpkg
<benj3one> k done
* sommer always forgets about using apt-get remove
<sommer> what does dpkg -l | grep apache have?
<benj3one> it no work
<benj3one> but apt-get --purge remove grep apache
<sommer> you should be ready to reinstall apache then.
<benj3one> warns that I am about do somthing potentialy harmfull
<benj3one> should I remove it?
<benj3one> is it essential to my OS?
<sommer> what package?
<benj3one> grep apache
<benj3one> it says
<benj3one> You are about to do something potentially harmful.
<benj3one> To continue type in the phrase 'Yes, do as I say!'
<sommer> I think you'll be okay...does it list what's its going to do?
<benj3one> http://dpaste.com/19490/
<benj3one> thats it exactly
<sommer> say no!
<benj3one> K!!
<sommer> I think you'll need to start back with apache installed
<sommer> do a apt-get install apache
<benj3one> WAIT OMFG!!!!
<benj3one> httpd.conf is back!
<benj3one> somthing worked
<benj3one> !
<sommer> what does dpkg -l | grep apache have?
<benj3one> http://dpaste.com/19491/
<sommer> you're probably good then...I'd apt-get isntall anything from that list that isn't ii
<benj3one> sweet
<benj3one> thanks guys!
<benj3one> (lifesaver!)
<sommer> then try starting apache and see how it goes
<benj3one> how do I do that
<benj3one> the normal
<sommer> /etc/init.d/apache2 start
<benj3one> can you paste the contents of your apache2.conf?
<benj3one> nm/ got it
<benj3one> :-P
<benj3one> ls
<benj3one> just so you guys know, I am all up and running now
<sommer> benj3one: sweet...strong work
<benj3one> you too..  thanks a mill
<sommer> welcome
<osmosis> any thoughts on lvm snapshots slowing down disk io?
<leonel> For your information   a  little  produccion server  with  Feisty  was upgraded to gutsy  .. no problems  found
<mathiaz> leonel: great !
<mathiaz> leonel: how did you upgrade ? with apt-get or do-release-upgrade ?
<leonel> dist upgrade
<leonel> mathiaz: I've setup a feisty server  with config and data  from a production server
<osmosis> how can I tell what package owns a file on the file system ?
<leonel> mathiaz: and then  a dist upgrade  and all went  fine
<mathiaz> leonel: what kind of software were you running on it ?
<dantalizing> osmosis: dpkg -s filename should tell you, iirc
<dantalizing> maybe caps S
<dantalizing> dpkg -S | --search filename-search-pattern ...
<dantalizing>                   Search for a filename from installed packages.
<osmosis> dantalizing: hmm..its not working.
<dantalizing> define "not working"... what file?
<lamont> where do the ltsp guys hang out?
<leonel> mathiaz:  bind  apache  squirrelmail dovecot  postgresql  postfix + smtp auth with postgresql
<mathiaz> leonel: could it be possible to re-test the upgrade with do-release-upgrade instead of apt-get dist-upgrade ?
<mathiaz> lamont: don't know about #channels, but ogra does.
<leonel> mathiaz:  I can    I'll let you know
<mathiaz> leonel: great. If you want to upgrade to the developpment version you need to use the -d switch when calling do-release-upgrade.
<leonel> mathiaz:  thanks ... didn;t  know about  do-release-upgrade
<leonel> mathiaz:  reinstalling  feisty   i'll let you know  the results
<mathiaz> leonel: it's a command line that uses update-manager-core infrastructure.
<mathiaz> leonel: it'S the same package that is used when upgrading a desktop
<leonel> yes i've used  update-manager -c -d
<mathiaz> leonel: that also means you need to have update-manager-core installed on feisty
<leonel> but didn't know it was a server version
<leonel> ok i will
<mathiaz> leonel: well you can use the same system on a server.
<mathiaz> leonel: it's actually just a command line script.
<osmosis> what package owns  /usr/bin/man  ?
<Styles> !info man-db
<ubotu> man-db: The on-line manual pager. In component main, is standard. Version 2.4.3-5ubuntu1 (feisty), package size 597 kB, installed size 1660 kB
<Styles> This package provides the man command, the primary way of examining the on-line help files (manual pages). Other utilities provided include the whatis and apropos commands
<Styles>  for searching the manual page database, the manpath utility for determining the manual page search path, and the maintenance utilities mandb, catman and zsoelim. man-db
<Styles>  uses the groff suite of programs to format and display the manual pages.
<Styles> osmosis, ^^^
<osmosis> ok
<jhutchins> Is mailmain really the simplest list manager available for postfix?
<lamont> jhutchins: list managers are orthogonal to MTA...
<Linuturk> need help with RAID controller driver with a Ubuntu 7.04 installation. Dell PowerEdge 650
<lamont> having said that, mailman is popular.  majordomo is simpler, and older (and therefore cruftier)
<Linuturk> ie, which driver do I select if the installer doesn't auto detect?
<jhutchins> lamont: They both seem huge overkill for <50 users.
<lamont> manually managing the list aliases is also an option...
<lamont> (that's the reason majordomo was written, of course...)
* lamont is not opposed to overkill solutions
<leonel> mathiaz: what version for update manager should be ?
<mathiaz> leonel: the latest from feitsy-updates ?
<mathiaz> leonel: if you do an apt-get install update-manager-core you should get the correct one.
<leonel> mathiaz: 0.59.23
<mathiaz> leonel: seems good to me
<leonel> mathiaz: no new release found
<mathiaz> leonel: hum... did you run it with the -d option ?
<leonel> mathiaz: yes
<mathiaz> leonel: ok. Thanks.
<leonel> mathiaz:  ii  update-manager 0.59.23
<leonel> leonel@ubuntu:~$ sudo do-release-upgrade  -d
<leonel> Password:
<leonel> Checking for a new ubuntu release
<leonel> current dist not found in meta-release file
<leonel> No new release found
<leonel> leonel@ubuntu:~$
<Nafallo> -c -d ?
<leonel> do-release-upgrade: error: no such option: -c
<mathiaz> leonel: I've already seen this error.
<mathiaz> leonel: I'll ask mvo about it.
<Nafallo> ooh.
<Nafallo> do-release-upgrade.
<Nafallo> not update-manager or whatsitscalled
<mathiaz> Nafallo: do-release-upgrade is supposed to be the command line version of update-manager
<Nafallo> way to long ago since I updated a server ;-)
<acecase> hello
#ubuntu-server 2008-09-08
<J-_> How can I change my server password?
<hads> passwd
<J-_> !passwd
<ubottu> Sorry, I don't know anything about passwd
<J_5> J-_: for your user name? used passwd
<J_5> use*
<warchief_ryan> Does anyone know how I can have my iptables rules added at boot?
<Ontolog> Are there command-line utilities that do the same thing as the Network Configuration GUI?
<Ontolog> In particular, define and apply different Profiles?
<warchief_ryan> ifconfig, depending on what your wanting to do I think.
<Ontolog> ifconfig is very low level
<Ontolog> i'm talking about the higher-level 'Profiles' that the GUI supports
<ScottK> warchief_ryan: If you configure ufw, it will run at boot.
<warchief_ryan> I have, but I want to use just iptables
<kgoetz> does hardy still have /etc/rc.local? if so you could put a iptables-restore in there
<warchief_ryan> why would I do that?
<warchief_ryan> I want my rules added, wont that just restore to default?
<kgoetz> not if you restore from a dump you made.
<warchief_ryan> ok, how?
<kgoetz> iptables-save and iptables-restore are both <40 line man pages. its not very complex.
<warchief_ryan> complex maybe not, but the man pages don't really explain throughly enough, mainly about the process
<warchief_ryan> like if its dumping it to somewhere or if ive got to state where to dump
<kgoetz> afaik its as hard as iptables-save > /root/dump && echo "iptables-restore < /root/dump " > /etc/rc.local # again, assuming that rc.local exists andd is used
<warchief_ryan> k thanks, ill try
<khaotik> anyone have time to help a complete noob?
<lrojas> hi all
<J_5> khaotik: we were all noob's at once, just ask you question :)
<khaotik> well i would like to attempt to set up one of my machines to run ubuntu server. I have never dealt with any server OS before. ive been using ubuntu desktop for over 1 year.
<lrojas> i tried installing ubuntu JeOS server on VMWare fusion, but i am not sure if i am suposed to use it only to prepare an appliance or can i use to develop my web app in it... ( care to clarify that? ) but my main question is... Do man comes with JeOS? cause when i try to man something i get command not found
<khaotik> i have an old laptop i would like to use. is there any limitations or specifications of hardware i should use or stay away from?
<lrojas> did i get disconected?
<lrojas> :/
<ScottK> No.
<lrojas> ok
<lrojas> :)
<ScottK> For a test server most any hardware will do.
<ScottK> Actually for most server applications hardware is less critical than desktop since you aren't running X and a bunch of heavy apps.
<lrojas> are you answering me? i am asuming you are answering khaotik
<hads> lrojas: sudo aptitude install man
<khaotik> my bad i had to take the dog for a walk
<lrojas> hads, thanks
<hads> JeOS is exactly the same, just a minimal install
<lrojas> does anybody knows if i intend to run the ubuntu server under a VM, installing from the JeOS iso is better than from the regular server ISO?
<khaotik> the reason i ask i have an old HP laptop that has 512 MB RAM 40 GB hardrive and pentium 4 1600 Mhz. would that be something sufficient to run on?
<jhigueros>  good night may be you can helpme somebody knows where is magicfab i am loking for him
<lrojas> hads, thanks again didnt realize that you had answered me before i asked my question
<khaotik> well i tried installing ubuntu server on it. everything seem to load fine. then when i tried to install a GUI for it it crashed
<hads> lrojas: No problem
<lrojas> anybody can give me a sugestion, regarding runing ubuntu server on a Virtual Machine ( VMWare ), should i install it as JeOS Server? or is that only used to make appliances and for more general purposes the standard server is ok?
<hads> As I mentioned it's the same thing, JeOS is just a minimal install.
<chmac> My apache child processes are using around 20-30 MiB of physical memory after serving a few requests. Does that seem normal?
<chmac> When the child is freshly created it uses < 1 MiB
<li> jjkkll
<skep> chmac_away: this can be normal..do you run e.g. php app's?
<chmac_away> skep: Yeah, running large bloated php apps, phpnuke being the worse, and WordPress
<skep> i would say its normal then..the default limit is 64MiB afaik..
<skep> for child mem use
<chmac_away> skep: The MaxClients at 150 was killing my server
<chmac_away> I've reduced it to 18 now though, so hopefully it'll behave from now on
<Ian_Corne> hehe
<skep> chmac_away: you could also reduce the ServerLimit to the same number..
<chmac_away> skep: I don't have a ServerLimit in my apache2.conf...
<chmac> skep: Ok, I see how it works. I'll keep that in mind if we have problems down the line. Thanks.
<uvirtbot`> New bug: #267696 in mysql-dfsg-5.0 (main) "mysqldump fails silently against mysql 4.0 server" [Undecided,New] https://launchpad.net/bugs/267696
<hsn_> i need libcxa.so.3 where can i get it?
<uvirtbot`> New bug: #267701 in php5 (main) "php5 session files purge cron job not working outside /var/lib/php5" [Undecided,New] https://launchpad.net/bugs/267701
<skep> hsn_: libcxa.* should be in intel compiler packages..are you sure that this file isn't already on your filesystem? perhaps search via find..
<skep> hsn_: so perhaps you just need the dev package for your compiler..
<lrojas> hi all
<lrojas> anybody aake?
<lrojas> awake... awake... awake...
 * lrojas ponders at the cavernous cacophony in here
<soren> The keyword is patience.
<soren> Also, most people don't bother answering "anybody awake" sort of questions. There's 107 people in here. The noise of everyone responding to those kinds of questions would be horrible. Just ask your question.
<lrojas> i just installed ubuntu server, and i was following the documentation to install lighttpd + ruby + rails, everything installed ok but now when i try to access the site, it says conection refused... what am i doing wrong?
<skep> lighthttp running?
<lrojas> well, i am following this instructions : https://help.ubuntu.com/community/RubyOnRails#Lighttpd%20Installation, i executed the command for running the lighttpd service but when i check if it's up, is not
 * zul really really hates libtool
<soren> lrojas: Try "sudo /etc/init.d/lighttpd stop ; sudo /etc/init.d/lighttpd start"
<soren> lrojas: Do you have another webserver running on the machine, perhaps?
<lrojas> soren, not that i know of, is a fresh install of ubuntu...
<lrojas> soren, i dont want to use pastebin for 6 lines, can i paste them here?
<soren> No.
<soren> -> pastebin.
<lrojas> http://pastebin.com/d5fbcfee3
<skep> looks good..and localhost in your webbrowser gives you connection refused?
<lrojas> if it is any help, here is my /etc/lighttpd/lighttpd.conf http://pastebin.com/d109af8e3
<skep> whats the output of "sudo netstat -ap | grep www" after starting lighthttpd?
<soren> And just as interesting:
<soren> sudo netstat -apn | grep lighttpd
<skep> soren: but doesn't the n parameter converts www/lighthttpd into 80?
<skep> ah no..mixed something up..its ok
<lrojas> skep yes
<lrojas> skep i get conection refused
<soren> -n turns 'www' into 80. Nothing else.
<\sh> guys...does anyone run a hp dl3x5 with a p400i for system hds and a p800 for MSA storage? looks like that even if the bios is saying: p400i is the default boot controller, our grub and kernel doesn't want to boot
<soren> Well, it skips any sort of name/service resolution
<soren> \sh: What happens?
<\sh> soren: well, it should boot...but it doesn't :)
<\sh> no errors during installation (server)
<lrojas> sudo netstat -ap | grep www returns nothing
<soren> lrojas: What about "sudo netstat -apn | grep lighttpd" ?
<lrojas> nothing either
<soren> ps aux | grep light
<soren> \sh: I hope you're typing more info and not just waiting for an answer..
<lrojas> it only returns the grep itself
<skep> lrojas: you could also check out the logs in /var/logs for something lighthttpd related..maybe in messages or the lighthttp logs itself (if there are any)
<\sh> soren: I'm running between my desktop and my server ;)
<\sh> strange..after installation the server doesn't boot up as expected...now I "reinstalled" grub from the "rescue system"...and now he finds the devices correctly, but totally wrong from grubs menu.lst now (which was during installation (hd1) and now it's (hd0))..no cold boot done
<soren> Just change the boot entry in grub?
<lrojas> how do i cd into /var/log/lighttpd ? i get permission denied, if i do sudo cd /var... i get cd commnad not found
<\sh> soren: i did...but something goes wrong during installation via d-i and the final system...I'll have another machine with the same setup tomorrow...so I can check a bit more
<\sh> soren: btw...do you have any clue how udev setups the devicenames for NICs? It looks a bit strange when the onboard and the other 4Gi NICs are somehow randomly counted...
<soren> \sh: It's random.
<soren> Upon discovering the pci devices, the modules are loaded. The modules's initialisation phases might overlap, and then you get a somewhat odd ordering of the interfaces.
<soren> You can fix it up in /etc/udev/rules.d/70-persistent-net.rules
<soren> You can even assign arbitrary names to nics in there. (i.e. you can name them according to function "wan", "dmz", "office", "prod", "test", etc.)
<\sh> soren: yes..I know, I just thought that it happens via a non-random system e.g. pci-id dependent
<_ruben> ugh .. i really oughta setup a netboot environment .. this vritual media over lan is performing like shit :/
<_ruben> now it seems to stall even earlier .. sigh
<uvirtbot`> New bug: #267671 in samba (main) "bug of samba" [Undecided,New] https://launchpad.net/bugs/267671
<skep> lrojas: "sudo tail -f /var/log/messages" and/or "sudo tail -f /var/log/lighthttp...." and with these commands running try to (re)start lighthttpd and check if something is added to the logs
<soren> _ruben: "virtual media over lan"?
<soren> _ruben: Well, really "vritual", but I presumed that was a mistake :)
<_ruben> soren: its a feature of this machine, as part of the remote kvm card in it .. it allows to mount isos over the network to be used as a virtual cdrom drive
<soren> Oh.
<_ruben> moved the iso from fileserver to my local system .. atleast feels faster .. perhaps im able to actually finish the install now :)
<_ruben> bah .. cheered too early .. stalled on "Retrieving lvm2-udeb"
<AnRkey> My dovecot-imapd is showing this error in the /var/log/mail.log file >> Sep  8 17:09:13 homeserver dovecot: imap-login: Aborted login (0 authentication attempts): rip=192.168.0.2, lip=192.168.0.5
<AnRkey> i cant connect to the imapd from evolution or thunderbird
<AnRkey> any suggestions?
<zul> are you using the right password?
<AnRkey> haha
<AnRkey> i think i am beyond that yes :D
<AnRkey> found the prob
<AnRkey> i had sasl auth only on
<AnRkey> it's always something simple that messes everything up :D
<AnRkey> thanks anyway
<uvirtbot`> New bug: #267802 in nagios2 (universe) "Home Folder for Nagios is wiped on Reboot" [Undecided,New] https://launchpad.net/bugs/267802
<jdstrand> sommer: hi! do you have time for some quick comments regarding the ufw documentation?
<jdstrand> lamont: hi! I have on my todo list to do the LP stuff for the bind9 SRU. I don't (yet) see that it is uploaded. can you ping me when you upload and I'll do the LP stuff?
<sommer> jdstrand: can I ping you in about 2 hours?
<jdstrand> sommer: sure. ping me when ready (I may be out, but will certainly be available around that time)
<lamont> jdstrand: git clone git://git.debian.org/~lamont/bind9.git
<lamont> :-)
<lamont> or was I packaging it?
<jdstrand> lamont: oh, I thought you said you'd upload
<jdstrand> (I thought that was where we left it)
<lamont> right
<lamont> sorry
<jdstrand> np at all
<lamont> I'll get to that tonight,  I expect
<jdstrand> cool-- feel free to ping me when uploaded
<uvirtbot`> New bug: #263840 in samba (main) "smbpasswd crashed with SIGSEGV in dump_core()" [Medium,Incomplete] https://launchpad.net/bugs/263840
<_ruben> bah .. most neboot tuts are geared towards -desktop, not -server :/
<_ruben> s/neboot/netboot/
<Goosemoose> anyone know what to set in the preseed file to get the new computers to authenticate users against the domain?
<mathiaz> Goosemoose: have you looked into using the late_command option ?
<Goosemoose> yeah i just cant seem to get likewise to work right
<mathiaz> Goosemoose: AFAIR the likewise-open package doesn't support preseeding the domain part
<Goosemoose> that would be bad, i dont want to manually go join 250 machines to the domain
<mathiaz> Goosemoose: IIRC you can pass the administrator password on the domain-join command line
<Goosemoose> hmm
<mathiaz> Goosemoose: so you can use the late_command option to perform the domain-join and adding likewise-open to the list of packages to be installed
<Goosemoose> ok ill have to figure out the domain-join part, i must have something wrong with it
<mathiaz> Goosemoose: be aware that the preseed will go uncrypted on the network
<Goosemoose> i used MD5 for the admin user on the machine, I'm guessing domain-join doesn't support that?
<mathiaz> Goosemoose: another solution is to setup ssh public keys on installs and then ssh into the box to do the domain-join
<Goosemoose> i'd rather avoid that if i can
<mathiaz> Goosemoose: right - it seems the first you'd have to take is to figure the domain-join command line
<Goosemoose> ok
<Goosemoose> im going to look on the forums some more
<mathiaz> Goosemoose: once you've got the command line, you can choose where you want to automate it : late_command in preseed (less secure depending on your installation environment) or via ssh
<Goosemoose> ok
<Goosemoose> hmm, i just installed likewise-open on a machine via sudo apt-get install likewise-open, but the domain-join command does not exist
<Goosemoose> is there another dependency?
<Goosemoose> nvm its domainjoin-cli
<sommer> jdstrand: pinger
<jdstrand> sommer: hey
<sommer> ufw has some new options?
<jdstrand> sommer: I just have a few really small things
<jdstrand> sommer: 1) ufw has 'status' and 'status verbose'
<sommer> jdstrand: ah, I'll note that
<jdstrand> sommer: 2) until case-insensitive profile names are in place, when referencing applications profiles, we should use a capitalized first letter
<jdstrand> sommer: eg 'Samba' or 'Apache'
<sommer> okay, are the --update-new options the same?... I thought there were some changes, at least from the one email thread
<jdstrand> sommer: let's get back to that in just a sec
<sommer> heh, no problem
<jdstrand> sommer: you say: "Similar to allowing traffic to a port, enabling an application profile is accomplished by entering"
<zul> mathiaz: do you have an opinnon on bug #267701
<uvirtbot`> Launchpad bug 267701 in php5 "php5 session files purge cron job not working outside /var/lib/php5" [Undecided,New] https://launchpad.net/bugs/267701
<jdstrand> sommer: but there really isn't a concept of 'enabling an application profile"
<jdstrand> sommer: it's really, just using it, like you might use a protocol name in /etc/services
<jdstrand> sommer: you use 'enabled' in a few places in there, so the workding may need to change somewhat
<jdstrand> sommer: does that make sense?
<sommer> jdstrand: I think so
<jdstrand> sommer: ok good-- eg "To view details about which ports, protocols, etc are enabled for an application, enter:"
<mathiaz> zul: we should find out why php is creating session in /tmp/
<jdstrand> sommer: here, just do s/enabled/defined/
<mathiaz> zul: or which module is causing that - and fix it there
<zul> mathiaz: cool..
<jdstrand> sommer: now to your previous question
<jdstrand> sommer: 'ufw app update <foo>' only does something if you used the profile 'foo' in your rulesets
<jdstrand> sommer: otherwise it's a no-op
<sommer> jdstrand: gotcha
<jdstrand> sommer: 'ufw app update --add-new <foo>' will do as above, but will also add a rule to your existing rules if the default application policy is changed away from 'skip'
<jdstrand> sommer: no packages do that currently
<jdstrand> sommer: unless you are going to talk about how an administrator can use applications profiles, you might want to just skip mentioning '--add-new'
<jdstrand> sommer: what do you think?
<sommer> jdstrand: I think that'd be simpler
<jdstrand> (it is in the man page)
<jdstrand> sommer: I agree
<jdstrand> sommer: it was always intended for maintainer scripts, and possibly for advanced sysadmins
<sommer> jdstrand: cool, I'll rework that bit
<jdstrand> sommer: that's all I have. thanks *soo* much for the docs :)
<sommer> jdstrand: np, thank you
<sommer> jdstrand: ufw section updated :-)
<sommer> jdstrand: it may be tomorrow before the changes appear on the website though
<jdstrand> \o/
<jdstrand> sommer: ok, I'll check then
<jdstrand> sommer: thanks again
<sommer> welcome :)
<zeth> hello
<zeth> I am doing
<zeth> I am trying to install something
<zeth> and apt-get blocks me
<zeth> The following packages have unmet dependencies. libdb4.6-dev: Conflicts: libdb4.3-dev but 4.3.29-11ubuntu1 is to be installed
<zeth> How do I have both?
<arakthor> I have no idea if this is sane, or works, but have you tried installing that dependency by itself
<zeth> arakthor: you mean from source?
<zeth> or just apt-get install libdb4.3-dev ?
<zeth> does not seem to make much difference installing it alone
<arakthor> apt-get install libdb4.3-dev is what I meant
<arakthor> err
<arakthor> sorry
<arakthor> 4.6
<zeth> libdb4.3-dev is already the newest version.
<zeth> if I do that
<zeth> 4.6
<zeth> then I get
<zeth> The following packages will be REMOVED apache-dev libdb4.3-dev
<zeth> removing apache-dev might be very bad
<arakthor> ah
<guntbert> zeth: I've  seen such behaviour after enabling "proposed"
<zeth> oh right
<zeth> yes
<zeth> that sounds good
<zeth> know how I can fix it?
<zeth> Look through my sources.list?
<guntbert> I'm on ubuntu desktop, but on server, yes, edit sources.list seems sensible
<zeth> no proposed there
<dendrobates> ScottK: bug #267901
<uvirtbot`> Launchpad bug 267901 in smart "smart does not correctly verify packages coming from archives." [High,Fix released] https://launchpad.net/bugs/267901
<dendrobates> ScottK: I uploaded a fix.
#ubuntu-server 2008-09-09
<AlexGC> good evening gentlemen
 * owh looks around, no, lots of sun around here, no evening anywhere :)
<AlexGC> true its GMT relative
<AlexGC> :)
<AlexGC> I just finished a server install and have two issues, I cant reboot since I need to be a super user. and don't know the password.
<AlexGC> I was told a comand before, but can't remember
<owh> AlexGC: So, let me get this straight, you installed ubuntu-server, but you don't know the password?
<owh> Or are you talking about the "root" password?
<AlexGC> yeah sorry, root password
<owh> Riight. That I can help you with.
<AlexGC> :)
<owh> There is no root password.
<owh> But...
<owh> You can use sudo to do root things.
<owh> So, you can type sudo reboot
<owh> and it will prompt you for your administrator password.
<owh> Magic :)
<skep> or sudo su + passwd
<AlexGC> and type in mine.
<AlexGC> Cool.
<owh> We don't use a root user in ubuntu if we can help it.
<owh> Well, that's not strictly true :)
<AlexGC> Thanks! it worked
<owh> skep: A quicker way to do what you suggest is sudo -s
<skep> we? one of my first actions after installing (*)ubuntu is to activate the root account and set a password ;)
<owh> AlexGC: Of course you could just have pressed CTRL-ALT-DELETE :)
<owh> skep: That is not a ubuntu recommended process.
<AlexGC> true.. lol
<skep> recommended or not.. i prefer it this way..so it feels more like debian to me
<owh> skep: That's a personal preference.
<skep> yes
<owh> AlexGC: Here is why: https://help.ubuntu.com/community/RootSudo
<AlexGC> oh let me give it a read, thanks
<guiless> how do I change the home folder of a user?
<hads> I'm unsure if there's a utility that handles it. You can `sudo vipw` and change it though.
<skep> guiless: check out the usermod command
<guiless> hads: I typed 'sudo vipw' and now I can't figure out how to exit it
<guiless> o.o
<hads> Ah okay, bad idea then.
<hads> :q
<guiless> how to exit and not save changes?
<hads> :q!
<hads> What skep said is a much more refined way of doing things.
<guiless> i'll do so when i manage to get out of this screen
<hads> Press ESC
<guiless> nothing happened
<hads> Then enter :q!
<guiless> nope
<skep> works for me (:q!)
<guiless> i tried ctrl+x and ctrl+c as well
<guiless> mine just beeps at me when i press things
<guiless> it says recording at the bottom
<guiless> ctrl+z exited for some reason
<hads> Well, it didn't it just stopped vim
<guiless> that's fine by me lol
<hads> You can type fg to get it back
<guiless> i like nano
<guiless> vim scares me
<skep> guiless: press q one time and then :q! if you see the "recording" line
<guiless> how do i edit that same file with nano?
<hads> My fault for leading you astray. Use the usermod command as skep suggested.
<hads> But you should also make sure that vim isn't still editing your passwd
<guiless> i should do that even though the file i edited has a bunch of random characters typed in the user path for the user i want to edit?
<hads> Typing `jobs` will tell you if your vipw command is still running.
<guiless> meh, i just rebooted
<hads> Use that hammer.
<guiless> lol
<guiless> hmm
<guiless> I have vsftpd configured to allow connections from local users
<guiless> but when a user connects via nautilus, they aren't sent to their home folder
<guiless> they go to /
<guiless> how can i restrict that?
<uvirtbot`> New bug: #267980 in openssh (main) "scp cannot quoted filenames with "]"" [Undecided,New] https://launchpad.net/bugs/267980
<vk5foss> is that supprising?
<NCommander> ScottK, looks like success
<NCommander> ScottK, building now
<NCommander> ScottK, mind opening a bug for me?
<kirkland> nealmcb: thanks for the compliments, dude ;-)
<nandersson> Hi, how many ppl usually attend a Ubuntu Developer Summit? 300? 500? 700?
<soren> Oh, no, not that many.
<soren> I'd say more like 100 or thereabouts.
<kgoetz> wow. thats small
<soren> That's what she said :(
<kgoetz> :(
<kgoetz> hehe
<nandersson> soren, Ok, thank you very much :)
<soren> I think the UDS at Mountain View last time was larger, though, I think.
<nandersson> UDS in december will not be the first time Google hosts a UDS-event right?
<kgoetz> correct.
<soren> nandersson: Right. They hosted it two years ago as well.
<soren> nandersson: That must have been the UDS where we planned for....
<soren> err...
<soren> feisty, I think.
<soren> Yes, it must have been.
<nandersson> soren, :-) Thank you very much. I'm writing for Swedish TechWorld Open Source and I'm putting together a blog post
<soren> nandersson: Oh, cool.
<nandersson> Very interesting with these "weblications"
<kgoetz> soren: watch out, anything you say will be used in evidence against you :P
<nandersson> haha
<nandersson> Nah, I'm just after some background information
<soren> :)
<soren> nandersson: Feel free to ask. I'm happy to help.
<kgoetz> afk. have a good interview ;)
<owh> soren: Is the location for the next UDS known, I mean, the one after the coming one, so the next-next one if you like :)
<skep> owh: you might ask in #ubuntu-devel-summit , although i doin't think the next ones are known
<owh> skep: Tah
<mehdi> hello
<jussi01> hi mehdi :) Try here :)
<mehdi> thx
<owh> mehdi: Welcome to the Ubuntu-server helpdesk. How may we direct your call today?
<owh> :)
<mehdi> i would like use vhost with apache2
<skep> and your problem is?
<mehdi> i make 2 files in etc/apache2/site en
<mehdi> a make link with a2ensite
<mehdi> when a reload apache
<mehdi> i have
<mehdi>  /etc/init.d/apache2 reload
<mehdi>  * Reloading web server config apache2 [warn] _default_ VirtualHost overlap on port 80, the first has precedence
<mehdi>  [warn] NameVirtualHost myip:0 has no VirtualHosts
<mehdi> do you mean it's better if a try  to make my vhost in default file /etc/apache2/site-enabled
<owh> mehdi: I believe that it's telling you that your two sites have definitions that are the same.
<mehdi> where i can change a definition ?
<skep> mehdi: first of all..your config files are in /sites-availabe and your symlinks in /site-enabled,,
<owh> mehdi: Have a read of this: http://www.heavymind.net/2007/07/25/virtualhosts-nightmare-on-suse/
<skep> do you have a NameVirtualHost *:80 line in your files
<owh> mehdi: What skep is saying is correct. The URL I showed you explains why.
<soren> owh: I doubt it. Although, there's a tendency to alternate between Europe and North America, so "somewhere in Europe" seems likely.
<mehdi> ok i find some thing in apache2.conf i have now a different message
<mehdi> * Reloading web server config apache2                                          [Tue Sep 09 11:44:56 2008] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
<owh> soren: Tah
<mehdi> yes
<mehdi> i have
<skep> mehdi: and your default vhost-file (the one that comes with apache2 install) is deactivated?
<skep> and just to claraify..you have 3 chost files starting with "NameVirtualHost *:80" and <Virtualhost *:80> ..?
<skep> *clarify
<mehdi> yes
<mehdi> i have default and vhost1 and Vhost2
<mehdi> i can use 1 files?
<skep> of course you can also put all vhosts in one file
<owh> mehdi: The disadvantage of that is you cannot disable them individually, but it will work.
<skep> what happens if you remove the line "NameVirtualHost *:80 from vhost1 and vhost2?
<skep> mehdi: ok..sorry..was confused..still morning here ;-)  ..go to /etc/apache2/conf.d/ and create a file called: virtual.conf and put this line into it: NameVirtualHost *  ...then delete in your vhost files the first line ("NameVirtualHost *:80") and change the next line just to <VirtualHost *> (without the :80)..in case you don't have one site listen on 443
<mehdi> i try
<skep> although I think you don't need to remove the *:80 part there..
<andriijas> how do i make a iptables script launch on boot , the easiest way?
<mok0> andriijas: good question, I want to know myself...
<mok0> andriijas: look in /etc/uwf
<andriijas> mok0: i just need to change no to yes in ufw.conf?
<mok0>   andriijas, well that will start the firewall with the pre-defined rules...
<andriijas> which are the predfined rules? thers lots of files in /etc/ufw
<mok0> andriijas: Those are the ones, yes. I am no expert on this system though
<skep> mehdi: did it work?
<mok0> andriijas: the script to start the whole thing is in /etc/init.d/ufw
<mok0> andriijas: unless there is a writeup of the ufw, you need to study both the rules, and how they are started to understand how it works
<andriijas> nice
<andriijas> thx
<mehdi> Ola
<mehdi> sorry many probleme
<mehdi> now
<mehdi> apache don't say nothing just OK
<mehdi> but i have it's work
<mehdi> i loose my main page
<mehdi> it's possible to copy somewhere my default conf
<mehdi> like this you can see
<skep> mehdi http://paste.ubuntu.com/
<mehdi> http://paste.ubuntu.com/44858/
<skep> uhm..maybe i'm completely on the wrong track here, but don't the Directory stuff belong *inside* the <Virtualhost>...</Virtualhost>???
<skep> i haven't seen such a setup (outside) before
<skep> and the first directive is wrong..it starts with <\..> and ends with <...> ,should be the other way around
<mehdi> ok
<skep> so to sum up: you should put on (or more) <Directory /path/to/directoy>...</Directory> inside each <Virtualhost *:80>..</VirtualHost> part, depending on your actual setup..and then it should work..
<skep> *put one
<skep> same with the rest (ErrorLog, Alias ect)
<mehdi> http://paste.ubuntu.com/44863/ like this
<skep> um..no..
<mehdi> a
<mehdi> can you give me post exemple please
<skep> one second
<mehdi> thx
<skep> http://paste.ubuntu.com/44865/
<incorrect> first bit of advise, put each vhost config into separate files, second, everything goes inside the <VirtualHost Entry> third, remove the doc / cgi config  forth,  use ServerName for each vhost,  move NameServer into ports.conf
<incorrect> i found the server guide for intrepid,  I wanted to review the ldap replication info
<mehdi> ok
<skep> mehdi: if you don't know what all the lines inside the directoy directive mean..please read that up on apache.org or other sites...let alone for security reasons
<mehdi> i have a message
<mehdi> [Tue Sep 09 13:13:35 2008] [warn] NameVirtualHost *:80 has no VirtualHosts
<mehdi> httpd (pid 10645) already running
<incorrect> mehdi, sigh, you didn't create the nameserver entry did you
<incorrect> by default you get *
<incorrect> i suggest you create NameVirtualHost *:80, and put it in ports.conf
<incorrect> next to the line that says listen 80
<kgoetz> incorrect: why put it in ports.conf?
<incorrect> also you might find  'apache2ctl -t' handy
<incorrect> kgoetz, well its a fairly sensible place to put it,  its pretty dumb to put it in the vhost config if you have more than one vhost,
<incorrect> you will get loads of warnings
<skep> you can put in in any file in conf.d afaik
<skep> i for example have it in virtual.conf (in conf.d)
<incorrect> Listen 80 NameVirtualHost *:80 is sensible
 * kgoetz cant remember how his are setup, and isnt bothering to check *g*
<incorrect> this way you have one place to check that you remembered to tell apache to listen on that port and you declared the virtual host entry for it
<skep> in ports.conf i only have my port settings for 80 and 443 and in virtual.conf * (instead of *:80)
<incorrect> additional overhead, i am lazy
<skep> :-)
<incorrect> you can even wrap you nameserver entry with your ssl if clauses
<skep> everyone as he/she likes :)
<incorrect> i think its pretty bad that by default its in the default vhost
<skep> true
<skep> well..not really bad, but confusing
<incorrect> confusing is bad
<skep> apache 1.3 was really confusing..v2 is much better and cleaner..
<incorrect> sendmail is really confusing
<hads> heh
<skep> haha
<incorrect> i've lost my link to the server docs for intrepid,   can someone point me in the right direction
<hads> The server guide? If so it's the tinyurl in the topic.
<incorrect> intrepid
<hads> My bad
<incorrect> i am after the ldap replication info
<hads> Past my bed time
<skep> https://wiki.edubuntu.org/IntrepidServerGuide
<skep> well..quiet empty..and edubuntu..
<skep> *quite
<skep> so the tinyurl is the best one
<spiekey> Hello!
<spiekey> soren: you there? :)
<spiekey> well,maybe someone else knows....
<spiekey> i am failing to build lighttpd: http://pastebin.com/m2a6421c2
<spiekey> it cant find lua.h for some reason :-/
<soren> I need more context. Specifically the 5-10 lines that lead up to "mod_magnet_cache.h:8:17: error: lua.h: No such file or directory"
<spiekey> better? http://pastebin.com/m1909b0d7
 * soren looks
<spiekey> thanks
<soren> Yes, that's much better.
<soren> As you can see, the gcc commandline does not include a "-I/usr/include/lua5.1/"
<soren> I'm not sure why, though.
<soren> Which version of lighty is this?
<spiekey> lighttpd-1.4.19
<soren> spiekey: http://launchpadlibrarian.net/16408327/buildlog_ubuntu-intrepid-amd64.lighttpd_1.4.19-4ubuntu2_FULLYBUILT.txt.gz
<soren> spiekey: We pass --with-lua=5.1
<CrummyGummy> Hello, Last night I upgraded my server to hardy and now my subjects in postfix are coming through like Subject: =?WINDOWS-1252?B?U1BPVDogQWxhcm0gYWN0aXZhdGVkIG9uIEZsdWZmeSBAIDIwMDgvMDkvMDkgMDE6NDE6NDMgUE0=?= Any idea what could be causing this?
<soren> Does that work for you?
<soren> I doubt postfix started rewriting subject lines.
<CrummyGummy> Agreed. Its seems to be somethign to do with the encoding.
<soren> What kind of content filtering do you have? spam and/or virus filtering?
<soren> Did you by any chance change your e-mail client as well?
<CrummyGummy> The client changed nothing. I just ran an upgrade. I have a python filter that manipulates emails coming in, thats where I noticed the problem.
<CrummyGummy> The =?WINDOWS-1252? is the encoding being used.
<spiekey> soren: nope :-/ http://pastebin.com/m38268fee
<CrummyGummy> THis changes with the encoding.
<soren> CrummyGummy: yes. And that's the correct way to specify your encoding.
<soren> CrummyGummy: Are you entirely positive that this was not the case before? Where are these mails coming from?
<CrummyGummy> Yes, I can see it in my mail logs. Last night subject was readable and then it was unreadable. The mail is comeing from some sort of client app.
<CrummyGummy> I'm not sure. It works find from kmail.
<soren> I think you're barking up the wrong tree with postfix, to be honest.
<soren> I'd look elsewhere.
<soren> postfix has never been in the habit of modifying subject lines, as far as I know.
<CrummyGummy> hmmm, maybe I need to work out how to decode this in python.
<CrummyGummy> Is there a package with codepages that may not have been installed properly?
<soren> i can't think of any, no.
<soren> 7win 21
<soren> Gah
<CrummyGummy> hmmm, lemme see if the postfix guys ahve a clue.
 * CrummyGummy is getting the client to send plain text, no punctuations.
<spiekey> soren: any further ideas?
<spiekey> argh! i had something in my env variables!! )(/()/(/&/(&$&%Â§&$%Â§&
<spiekey> thanks anyway
<_ruben> hrm .. i delete a (hardware) raid array and created a larger one, but didnt wipe the disks, so the gpt sig is still there and wrong .. parted crashes when it tries to fix it :/
<soren> _ruben: Wipe it?
<soren> _ruben: Not all of the disk, just the parts where the GPT resides (probably the first few kb of the disk should suffice).
<_ruben> soren: thats what im looking into now .. but i think its at the old end of the 'disk', if i read the errors correctly .. currently rebooting the box .. will doublecheck
<_ruben> ah .. the *backup* gpt table isnt at the end of the disk .. lets wipe the first few bits :)
<_ruben> yay .. fixed .. wonder if i could've just done mklabel without wiping first .. it was print that was complaining :p
<didrocks> jdstrand: if you want, I can help you to backport ufw and iptables in hardy (I do not know the procedure yet, but I have currently the time to do it)
<jdstrand> mok0: re ufw> see 'man ufw' and https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<mok0> jdstrand: hey thanks!
<jdstrand> didrocks: sure, go for it :) Keep in mind, iptables backport will likely not be straightforward
<didrocks> jdstrand: it will be a good experiment for my first backport :)
<didrocks> I think this is the good entry point: https://help.ubuntu.com/community/UbuntuBackports#Backport%20Process ?
 * jdstrand nods
<jdstrand> sommer: your changes to ufw docs look great! :)
<sommer> jdstrand: party!
<incorrect> hmm i wrote a detailed setup for bonding,  now i can't find it
<nijaba> server community meeting in 10' -> #ubuntu-meeting
<mathiaz> kirkland: hm - update-motd is still in universe.
<mathiaz> kirkland: do you have a MIR for it ?
<kirkland> mathiaz: yes
<mathiaz> kirkland: has the MIR been approved ?
<stapel> I want to share a folder with samba to anyone readonly
<stapel> can someone help with that please?
<stapel> anyone???
<ropetin> stapel: simply set the file level permissions of the files/folders in question to read only and you're good to go
<stapel> if I try to connect from XP I get an error message when clicking on the ubuntu server hostname
<ropetin> How did you set up the samba share?
<stapel> I have deleted the smb.conf and started from scratch
<stapel> only have two stanzas in there
<stapel> [global]
<stapel> [sharename]
<stapel> in global i just set the workgroup - thats all
<stapel> in [sharename] I just set path and comment
<stapel> thats it
<ropetin> OK, and did you set up a samba user to authenticate as?
<stapel> don't think so...how can I check?
<stapel> ...not really sure what u mean
<stapel> is that the smbpasswd thing?
<ropetin> My understanding (and I'm just a newbie, so don't blame me if I'm wrong!) is that samba has it's own users
<stapel> ok
<ropetin> Yes, smbpasswd
<stapel> so how do I set up a samba user?
<ropetin> If I remember rightly;
<stapel> and will anyone automatically log in as this user then?
<ropetin> sudo smbpasswd -a username
<ropetin> then
<ropetin> sudo smbpasswd -e username
<ropetin> No, it won't be automatic
<stapel> ok, let me give that a go quickly
<stapel> okay, I have done that...so how do i tell samba that i want all users to log on as this user?
<stapel> any idea how to proceed from there?
<themime> i want to install mod_proxy into apache.  apache was either installed via apt-get or at install time (same thing i guess right?).  so my understanding is that the best solution is having the module recompiled into apache.  but i don't have the source, and i want to keep the package intact, so im not sure how about going about this.  suggestions?
<themime> had to change locations, did someone answer my question by chance (about mod_proxy).   for now i actually just used a2enmod, but as i understand just "enables" it, it doesn't compile it in
<sommer> themime: why do you want to "compile it in"?  the module is already compiled
<Goosemoose> anyone know what avahi's purpose is since it's preventing my machines from joining an AD domain?
<Goosemoose> ok i actually found another solution: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/80900/comments/26
<uvirtbot`> Launchpad bug 80900 in avahi "problems resolving fully qualified domain names in environments where .local is used as a TLD" [Medium,Confirmed]
<Goosemoose> suggestion changing the nsswith.conf file
<Goosemoose> tested and it works
<Goosemoose> question is how do I work that in to a preseed?
<NCommander> Goosemoose, what are you trying to do specifically?
<Goosemoose> make 500 computers join an AD domain
<Goosemoose> from the preseed.cfg file
<Goosemoose> when they are being imaged using PXE over the network
<NCommander> I haven't done much with preseeding
 * NCommander checks what package owns nsswitch.conf
<themime> sommer: its not really compiled in from my understanding, just loaded in?  if it doesn't make a difference i won't mess with it for now, although id like to know how to do it in the future.  but i think ill concentrate on figuring out how directives/configuring the module work first
<Goosemoose> NCommander, thanks
<n-iCe_> hello, how can I remove ubuntu-server to ask login in the startup
<NCommander> n-iCe_, login as in?
<themime> haha, fail
<NCommander> themime, I'm really hoping he's not asking what I think he's asking
<themime> i know, hence the fail
<themime> lets address it seriously though rather than make fun of him, everyone has to start new sometime in their lives
<NCommander> Goosemoose, I've never network deployed Debian or Ubuntu, but I do know preseed can run proper commands, you could do something like cat <<- EOF *contents of nsswtich* > /etc/nsswitch.conf
<NCommander> Or something like that
<NCommander> s/proper/shell/g
<themime> n-iCe_: in all seriousness, the login at startup is a security thing, removing it basically negates a large chunk of the security
<Goosemoose> hmm ok, guess ill need to look at the late command some more, thanks
<themime> n-iCe_: I'm assuming you mean the login prompt with a monitor/keyboard plugged in, ie the graphical one.  If this is a case there is a way to do it, but then I have to ask, why are you using the server version?
<sommer> themime: it doesn't make any difference, and to "compile it in" would mean you'd have to recompile apache... and wouldn't really make much sense to me
<sommer> themime: the advantage of a module is that you can load and unload it as needed
<themime> sommer: i know apache would have to be recompiled.  i mean as of right now, i guess I'm set and can start looking into how configuring modules work, but just for my own curiosuity I'd like to know how to compile them in after having apt-get'd it in the first place.  but ill leave that for another day.
<NCommander> themime, you can compile a package from source with apt-get -b source *package*
<NCommander> (that will grab the source package and generate the debs)
<themime> NCommander: well, in this case we're talking about a module for apache.  the only one i saw that was what i wanted was proxy_html, but i need mod_proxy and mod_proxy_http (which i a2enmod'd in anyway, so its not a big deal right now).  now i need to find some good docs for configuring it
<NCommander> themime, grab the module source, then use apxs to install and configure it against Ubuntu's apache
<themime> oh, so thats what apxs does
<NCommander> themime, libapache2-mod-proxy-html - Apache2 filter module for HTML links rewriting
<NCommander> Or just install the Ubuntu package
<themime> thats the one i saw, but it looked like a sub package of proxy, not the full deal, but i may be wrong
<themime> NCommander: what do you mean "just install the ubuntu package" - just to make sure i understand you correctly, you just mean apt-get install libapache2-modetcetc?
<NCommander> themime, no, apt-get install libapache2-mod-proxy-html
<NCommander> which will properly add the module to the default config
<NCommander> Oh
<NCommander> Yeah
<themime> hehe
<themime> was too lazy to type it all out.  oh well, for now, i have them loaded, so ill maybe mess with compiling them in later.  thanks for the info
<themime> any good links to configuring modules/how directives work?  or should i just use the basic apache docs?
<n-iCe_> uhm
<themime> n-iCe_: scroll up, we responded
<n-iCe_> yeah im reading jiji, my grandmother called me
<n-iCe_> ok
<themime> np
<n-iCe_> I use it, because I set up some psybnc's eggdrops, etc, but when the power wents off, the pc restarts but can't start again, because asks my login
<Goosemoose> question. with my windows machines i can 'push' new programs out across my domain when I need to using various methods. How would I do this with my ubuntu machines?
<Goosemoose> for example push an OO.org update? or a new program
<themime> directives are just placed in the httpd.conf, correct?  (or whatever equivilent is, i use apache 1.3 with centos/rh at work so it may different with apache2.2/ubuntu)
<themime> or .htaccess i suppose would be safer
<themime> in order to utilize mod_proxy, does an underlying script have to be running?  something tells me it just doesn't magically start acting as a forward proxy, the URL you want has to go somewhere, i can't find information on this
<themime> im starting to think it does.  there needs to be something to handle the http requests, does thats sound accurate?
<Goosemoose> for a script using the late_command, i don't need to use sudo because it's already running as root correct?
<ScottK> sommer: Any chance you could look into php-clamavlib with clamav 0.94?  In Intrepid it seems to have both a libtool problem and a clamav intregration problem.
<soren> Goosemoose: Yes.
<Goosemoose> ok thanks
<sommer> ScottK: ya, briefly took a look at that this weekend... weren't we dropping php-clamavlib for intrepid, since it's dead upstream?
<ScottK> sommer: We can, but at long as it's working, there's no solid reason to dump it.
<sommer> well... isn't it not working?
<ScottK> sommer: Not at the moment, but if you could fix it again ....
<sommer> ScottK: not sure how much time I'll have to devote to that, especially in for the life of the next release
<sommer> ScottK: I'd really recommend dropping it
<ScottK> sommer: OK.  Let's give it a bit to see if Debian comes up with anything.
<sommer> ScottK: sounds like a plan :-)
<NCommander> hey ScottK, I posted the debdiff for 3.5.9/3.5.10
<NCommander> er, sorry, wrong room
<ScottK> NCommander: You want join #kubuntu-devel
 * delcoyote hi
<davidt> hi
<kirkland> when running the installer in a kvm window, what's the magic to drop to one of the tty consoles?
<nxvl> ALT+F$NUMBER
<nxvl> just don't press cntrl
<nxvl> if you are on a graphical environment then it probably won't work
<kirkland> nxvl: cool, thanks dude
<NCommander> nxvl, alt+ctrl+FNUMBER in graphical enviornments
<nxvl> NCommander: yes, but if you do that in a KVM you will see your machines tty, but the vm one
<NCommander> oh
 * NCommander shoots himself in the foot then :-)
<NCommander> nxvl, I think you can change the key combination so it doesn't conflict between the kvm and the host
<nxvl> yeah maybe, but a quick solution is that one
<nxvl> :D
<ivoks> you can open kvm's 'terminal' and send any key combination you desire
<ScottK> ivoks: Did you see that new scripts that I got lamont to add to postfix for adding services to master.cf?
<ivoks> ScottK: no, i've been busy with exams last couple of weeks
<ScottK> ivoks: I think we can integrate amavisd-new via that and postconf now.
<ScottK> So we could automate it without any policy problem.
<ivoks> i do recall that lamont never respond on sasl questions :D
<ivoks> ScottK: we should have a conversation about what do we want enabled in amavis by default...
<mathiaz> kirkland: IIRC I had to disable some shortcuts in Gnome in order to be able to use ALT+NUMBER in vnc.
<kirkland> mathiaz: it works, if i give the kvm window my keyboard/mouse
<ScottK> ivoks: Yes.  Note that clamav and spamassassin are now in Main.
<ivoks> i've noticed that, good job
<Fenix|work> Greetings... any ubuntu docs for krb5 config?
<ivoks> take care guyz
<Goosemoose> !seen cjwatson
<ubottu> I have no seen command
<Goosemoose> fine!
<fbc> I'm used to running Debian as my server. My ISP gave me a choice when upgrading to my new server to go with ubuntu server. QUESTION: Does anyone see any reason why I should stay running with Debian Etch instead of Ubuntu server?
<Goosemoose> how can i set the preseed.cfg to ask for the computer name? it's the only thing i actually want it to ask
<fbc> Goosemoose, I would assume you would just not specify one and it should ask for , right?
<Goosemoose> thats what i thought
<Goosemoose> but instead it tells me the "" is an invalid name
<Goosemoose> I commented out #d-i netcfg/get_hostname string unassigned-hostname
<fbc> Goosemoose, remove the entire line... don't just leave it blank.
<Goosemoose> it's commented out, that's the same as removing it
<fbc> Goosemoose, otherwise you would specifiying a null name.
<Goosemoose> right?
<fbc> Goosemoose, yes, sorry, so even if you comment it out it is still saying "" invalid name?
<Goosemoose> yes
<Goosemoose> to be exact
<Goosemoose> The name "" is invalid
<fbc> Goosemoose, hmmm I'm out of my league here, buddy. Maybe there is someone else here with more experience with it.
<Goosemoose> doesn't seem to be anyone else alive
<Goosemoose> thanks though
<fbc> Goosemoose, welcome :-)
<fbc> Goosemoose, maybe you cna help me?
<fbc> Goosemoose, I'm used to running Debian as my server. My ISP gave me a choice when upgrading to my new server to go with ubuntu server. QUESTION: Does anyone see any reason why I should stay running with Debian Etch instead of Ubuntu server?
<Goosemoose> What are you serving?
<Goosemoose> Basic sites?
<fbc> Goosemoose, just basic lamp server
<Goosemoose> Strange to use ubuntu for a lamp server
<Goosemoose> usually they use CentOS or something
<Goosemoose> not going to be a big difference
<fbc> Goosemoose, I'ma debian guy, not a redhat guy, so centos would be having to learn something else...
<Goosemoose> ubuntu and debian are very similar
<Goosemoose> from my experience
<fbc> Goosemoose, which is why I thought it would not be a bad idea to switch.. If ubuntu-server gives me more support or something, I would probably consider it..
<Goosemoose> its usually pretty quiet in here
<tristanbob_> how to install a standalone .deb package including dependencies (found in repos)
<tristanbob_> ?
<tristanbob_> bump
#ubuntu-server 2008-09-10
<shaunjonesfzr> asl ! all
<tristanbob_> shaunjonesfzr, Architecture/Server/Linux?
<uvirtbot`> New bug: #268364 in samba (main) "Bug in /usr/bin/ucf when upgrading Hardy" [Undecided,New] https://launchpad.net/bugs/268364
<ilovefedora> hi can someone please point me in the right direction! i need to install php 5.2 on my ubuntu server which is running ubuntu 6
<kgoetz> 6 what? 6.06 or 6.10?
<ilovefedora> 6.06
<kgoetz> do you need 5.2 specifically, or will 5.1 work? if 5.1 is ok, use the packaged version. if not, you'll have to build it from source
<ilovefedora> its 5.2 or above i need
<kgoetz> you'll have to build it from source (or backport it from somewhere)
<ilovefedora> im on a dedicated server and dont want to do any damage to anything else!
<ilovefedora> cant i upgrade ubuntu to the latest version also? im scared to loose my hosts control panel matrix its called
<kgoetz> you could upgrade, what it breaks i'm not willing to predict. especially if you have some strange hosting platform installed
<ilovefedora> exactly
<kgoetz> i dont see how builing 5.2 from source will hurt you (other then leaving a complete build chain on a server)
<kgoetz> unless you build it into teh standard system paths, or somethin silly
<ilovefedora> i would know where to begin im new to linux
 * kgoetz wonders if he can be bothered filing bugs on trivial issues in the mediawiki package (like the watchfile looking for 1.7)
<PrivateVoid> good night all
<jonesy_> can someone tell me where, on the 8.04 LTS install CD, are the actual software packages?
<kgoetz>  /pool
<jonesy_> thanks.
<warchief_ryan> why doesn't ubuntu have an iptables init.d script?
<kgoetz> warchief_ryan: why should it?
<warchief_ryan> because ive installed the iptables package, and most other distros do to stop,save,start,restart iptables
<lukehasnoname> what's this in Intrepid server about managing with Landcape?
<lukehasnoname> scape
<lukehasnoname> There are some things I am curious about in intrepid, along with the Landscape option.. what is "Basic Ubuntu Server" in tasksel?
<soren> lukehasnoname: It's what we've been calling "the server seed". I'm open to suggestions for a different tasksel name for it.
<lukehasnoname> soren: What's installed when it's checked that wouldn't be installed if it weren't?
<lukehasnoname> or where's the package link
<soren> Server guide, w3m, screen, and... erm... one more thing.
<soren> patch!
<lukehasnoname> patch?
<soren> Yes.
<lukehasnoname> *reads desc*
<lukehasnoname> perhaps it should be called "Server Accessories" or "Helpful tools" with some sort of description window that comes up when it's highlighted
<lukehasnoname> When I saw that, I was afraid not to choose it, for I might not be installing a server or something o_O
<NCommander> hey soren, can I ask a favor?
<NCommander> soren, as for the tasksel thing, how about "Associated Utilities and Documentation"
<michazoet> hi to all
<soren> NCommander: Were those two things (i.e. the favour and the name suggestion) related?
<quar1> hi
<quar1> i have this: on hardy. commands i launch run after a pause of 30 40 seconds
<quar1> but TOP refer no process running with a lot of CPU
<quar1> what's the problem?
<michazoet> rehi
<Koon> quarl: sounds like a DNS resolution problem
<Fenix|work> Greetings... I'd like some instructions on setting up 2 (or more) ubuntu hardy servers as a cluster.
<PanzerMKZ> cluster for what?
<Fenix|work> squid proxy cluster
<mok0> Is there any preferred way to modify the apache config files?
<mok0> I don't want the changes to be overridden by a later upgradae
<lukehasnoname> soren: Yes, I believe it should be changed somehow, "Documentation and Accessories" or whatever NCommander suggested would be reasonable.
<soren> I don't think that has the right ring to it. I'm think more something along the lines of "Default Ubuntu Server pakcages", but that's a bit too long for my taste.
<lukehasnoname> But that doesn't really tell people what they're getting
<lukehasnoname> also, I didn't kno where the documentation was until I thought it might be called something "server guide", did a package search, then "whereis ubuntu-serverguide"
<soren> Neither does "Documentation and accessories"
<soren> We might as well call it "server stuff"
<soren> :p
<soren> Or just "stuff"
<lukehasnoname> well
<lukehasnoname> at the very least, the intrepid server guide needs to describe that package
<lukehasnoname> the draft doesn't as of now
<lukehasnoname> and some easier way to find the installed server documentation
<zul> soren: server doo-dads
<mok0> I am moving our webserver from a redhat based server to ubuntu. I am a bit confused about how best to configure using the a2enmod system
<mok0> What if I need to modify some of the mods-availables?
<mok0> ... and what if the mods are different depending on virtual host?
<heno> dendrobates: could you look at bug 268604 ? It's blocking our automated installs
<uvirtbot`> Launchpad bug 268604 in landscape-client "Netinstall of 20080910 fails on unmet dependencies for landscape-client" [High,Triaged] https://launchpad.net/bugs/268604
<mathiaz> heno: the issue is currently being discussed in #ubuntu-devel
<heno> mathiaz: ok, thanks
<dendrobates> heno: see the discussion on ubuntu-devel
<heno> dendrobates: got it, thanks
<Goosemoose> My auto install using preseed.cfg is stopping and asking for kerberos servers
<Goosemoose> I don't see what command should be answering that questions, any ideas?
<Kaushal> hi
<Kaushal> anybody here has used putty in Ubuntu 8.04
<lukehasnoname> o_O
<lukehasnoname> eh
<lukehasnoname> why would you use putty in unix
<Kaushal> https://answers.launchpad.net/ubuntu/+source/putty/+question/44727
<slangasek> coffeedude: ping
<slangasek> coffeedude: context: wondering if you want any help getting likewise-open in Ubuntu to play nice with the new pam framework
<Adri2000> hi
<Adri2000> any reason why vsftpd didn't make it to intrepid (yet) ?
<Adri2000> vsftpd 2.0.7 even
<garmor> Hello everyone
<garmor> Does anyone here have any experience getting a NIS server up and running on Ubuntu Server 8.0.4?
<garmor> Is there anybody out there?
<lukehasnoname> takes a while
<garmor> :-)
<lukehasnoname> for someone knowledgeable to respond
<garmor> How do I know if anyone is thinking about my question?  :-)
<garmor> I just asked on #ubuntu, but they suggested I try here...
<garmor> Hello again everyone
<garmor> I was wondering, does anyone here have any experience getting a NIS server up and running on Ubuntu Server 8.0.4?
<Goosemoose> when being presented with a question during a pxe install, how do i know what command to use in the preseed.cfg to answer it?
<Goosemoose> im getting krb5 questions
<Goosemoose> i found a few, but still have a few more
<garmor> Does anyone have any pointers about setting up a NIS server on Ubuntu Server 8.0.4?
<LordDicranius> I've just setup a server to pull time from various USNO time servers, and have configured another server to sync time to that one.  how do I check to make sure the 2nd server is syncing with the first?
<Goosemoose> when executing my late_command ubuntu is throwing an error that it "failed to run preseeded command"
<Goosemoose> the command is basic though, so i dont get it
<Goosemoose> d-i preseed/late_command string wget http://10.0.2.131/post_install_tasks && chmod +x ./post_install_tasks && ./post_install_tasks
<Goosemoose> anyone see anything wrong with that?
<uvirtbot`> New bug: #268663 in samba (main) "files incoming through nautilus-share should be created with user ownership, instead of "nobody"" [Undecided,Incomplete] https://launchpad.net/bugs/268663
<frith> i have/j #trac
<frith> doh
<NCommander> hola world
<zhaozhou> Hey there. :-)
<Adri2000> does anyone (take) care of vsftpd? :)
#ubuntu-server 2008-09-11
<owh> I'm getting "query (cache) [..] denied" errors in syslog. Google tells me that I can add allow-query { mumble }; to named.conf, but I have three files to choose from, named.conf  named.conf.local  named.conf.options - none of which have any obvious priority. The server guide is silent on the matter. Where should I do this?
<owh> Or am I solving this in the wrong way?
<uvirtbot`> New bug: #268816 in squid (main) "logrotate uses outdated sarg script" [Undecided,New] https://launchpad.net/bugs/268816
<szx0> How can I completely remove then reinstall the Apache2.2 configuration of my Ubuntu 8.04/64Bit Server installation. I tried apt-get -f remove apache2 / apt-get --purge remove apache2 / .. then installing again and many different combinations with apache2 and apache2.2-common.. but nothing appears to make the /etc/apache2 directory or the init.d/apache2 file... ideas?
<NCommander> szx0, conffiles are not removed
<NCommander> szx0, you must remove them
<slangasek> szx0: I believe the conffiles are owned by apache2.2-common, so that apt-get --purge remove apache2.2-common should give you a clean slate
<slangasek> purging apache2 will not automatically purge the packages that it depends on
<szx0> Purging apache2.2-common does not work
<slangasek> what files are left behind when you purge apache2.2-common?
<szx0> hmm okay brilliant its doing something different now
<szx0> last time I did sudo apt-get --purge remove apache2 apache2-common and it only remove 94kb of stuff
<szx0> i meant apache2.2-common
<szx0> now just doing sudo apt-get --purge remove apache2.2-common it got rid of 33megs of stuff
<kgoetz> you'd probably already removed it
<szx0> \quit
<lukehasnoname`> sooooooooooooren
 * kgoetz smacks lukehasnoname` for join-and-ping
<lukehasnoname`> ow
<lukehasnoname`> 1) We need a better name for "Basic Ubuntu Server", as decided. 2) I was thinking, it would be cool to be able to choose your scripting language for a web server (I guess you're already on that path with RoR). As in, when you choose 'Web Server', you then choose PHP, Python, or Ruby for the language. 3) make the ubuntu server guide more easily accessible than "w3m /usr/shar/ubuntu-serverguide/html/c/index.htm
<kgoetz> 1. cant comment. 2. that would be more qustions asked,, which i think is not what ubuntu usually does, 3. how more accessable? in text?
<lukehasnoname`> 1) In intrepid, a new box in tasksel currently called "Basic Ubuntu Server" installs the server guide (HTML), w3m, patch, and something else. I suggested it needs a more suitable name. 2) Since PHP is no longer as dominant as it once was, I thought it would appeal to people looking to get their Python or Rails projects up quickly. 3) Perhaps a symlink or a w3m launcher in the original user's home directory to
<kgoetz> 1. i see, not tried intrepid. 2. you could try and support 'the big 4' - perl/python/php/rails (although rails needs more intgration work), but could turn into a lot of work. 3. if motd says 'for help run w3m' i dont think filling homes with rubish is needed
<lukehasnoname`> I agree
<lukehasnoname`> a modified motd (if server guide is installed) could say "For help, see /path
<lukehasnoname`> "
<lukehasnoname`> g2g do some homework before bed
<cchapman> hello
<toolfan2k4> can ubuntu be used as a user server for windows?
<kgoetz> 'user server'?
 * _ruben thinks ADS
<toolfan2k4> yeah like how businesses and schools give usernames to people to allow them to login on any pc on the network.
<slangasek> Yes; Ubuntu with Samba can be used as an NT4-style domain controller for Windows
<kgoetz> and if your luck enough to have no doze boxes, you can probably use ldap
<toolfan2k4> no doze boxes?
<slangasek> presumably that doesn't help with the use case he's interested in given the question he asked
<kgoetz> yeah. but i thought i'd put it into the logs anyway
<lukehasnoname> no doze?
<lukehasnoname> elab.
<toolfan2k4> ok thanks
<toolfan2k4> what is no doze?
<slangasek> doze being slang for Windows
<lukehasnoname> ah
<lukehasnoname> I thought he mean 24/7 uptime
<toolfan2k4> ah so i figured.
<toolfan2k4> ok so i will research samba
<toolfan2k4> thnk slangasek
<slangasek> sure
<toolfan2k4> you wouldn't happen to know of a tutorial for how to set up samba as a username server?
<lukehasnoname> http://doc.ubuntu.com/ubuntu/serverguide/C/index.html maybe
<lukehasnoname> no clue
<slangasek> there are probably a number of tutorials out there; the keywords are samba+pdc+nt4
<slangasek> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html looks promising
<kgoetz> IIRC sambas package (or its -docs package) contains lots of info on the subject - i'll be looking into it this weekend myself
<toolfan2k4> thank everyone....im gonna give it a try...beats the price of windows server
<slangasek> yes, the above samba.org link points to the Samba-HOWTO-Collection, which is also in the samba-doc package
<kgoetz> ah, nod.
<emgent> kirkland: ping
<uvirtbot`> New bug: #268868 in apache2 (main) "[Intrepid Alpha 5] NameVirtualHost entry in ports.conf causes "NameVirtualHost *:80 has no VirtualHosts" warning" [Undecided,New] https://launchpad.net/bugs/268868
<spiekey> Morning!
<spiekey> Can someone recommend a tool to monitor and analyse network traffic (mith mrtg or alike?)
<spiekey> i need to find out where my network bandwith peaks are, and the ports which are beeing used ;)
<_ruben> spiekey: iftop for realtime stats, pmacctd for longterm info
<incorrect> I was wondering what the best mail/group ware type system was these days?  or is there even one that ubuntu promotes use of?
<_ruben> !best
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<Koon> question: likewise-open in hardy shipped /usr/lib/libwbclient0.so. In intrepid, libwbclient0 (samba dep) ships /usr/lib/libwbclient0.so, while likewise-open uses one in /usr/lib/likewise-open/libwbclient0.so. Hardy (with samba+likewise-open installed) -> Intrepid upgrades fail, because libwbclient0 is installed before likewise-open is upgraded. Is there any way of making dist-upgrade process likewise-open upgrade before libwbclient0 is installed ?
<soren> Koon: Yes.
<Koon> soren: good news. How ?
<soren> Koon: You add "Conflicts: likewise-open (some version specifier)\nReplaces: likewise-open (some version specifier)" to the new libwbclient0 package.
<Koon> soren: ok so that would be a fix in libwbclient rather than in likewise-open. After all, it's the one stepping on the other's toes.
<soren> Right.
<soren> I'm surprised this is not adresssed in some kind of FAQ somewhere. At least not one that I can find.
 * Koon reads debian policy 7.6.1 which has a clean explanation
<uvirtbot`> New bug: #264943 in samba (main) "gvfsd-smb crashed with SIGSEGV in strlen()" [Medium,New] https://launchpad.net/bugs/264943
<ghaleb> hello, is there a way to pass the ssh password to the ssh command ?
<Kamping_Kaiser> ghaleb, waht do you mean?
<Kamping_Kaiser> iirc 'expect', but if you need ot enter a password, why not use keybased logins?
<ghaleb> I want to execute a command from a server, but the ssh client asks for password , is there a way to pass the password to the login ?
<nijaba> ghaleb: as Kamping_Kaiser said, generate a ssh key and use this instead
<ghaleb> I made it, but I have a problem that I tried to solve
<ghaleb> but it didn't work
<ghaleb> I create public an private keys
<nijaba> ghaleb: https://help.ubuntu.com/community/SSHHowto should explain this in detail
<ghaleb> nijaba: I know how to do it, but it didn't work for one client only
<ghaleb> I mean, I made it manytimes , but one client can't connect , the server asks for password, despite it has the public key copied
<nijaba> ghaleb: so you have other clients that can connect using the same key to the same server but not this one?
<ghaleb> exactly
<nijaba> ghaleb: and all client should be identical, or are there some differences?
<Kamping_Kaiser> all clients using the same key? o_0
<ghaleb> no, I generated keys using ssh-keygen
<ghaleb> copied the public key to authorized_keys2
<ghaleb> and connect using private
<ghaleb> I made that on three clients, but one of them doesn't work
<Kamping_Kaiser> did you use ssh-copy-id?
<nijaba> ghaleb: I really like ssh-copy-id to avoid mistakes
<nijaba> Kamping_Kaiser: :)
<ghaleb> no, cat xyz.pub > /home/.ssh/authorized_keys2
<ghaleb> actually >> not >
 * Kamping_Kaiser slaps ghaleb about a bit
<Kamping_Kaiser> nijaba, :)
<ghaleb> this is what i did
<ghaleb> http://www.csua.berkeley.edu/~ranga/notes/ssh_nopass.html
<Kamping_Kaiser> not loading for me *g*
<ghaleb> okay, then there is no way to ask a server for sth unless I create keys
<ghaleb> hhmm
<nijaba> ghaleb: can't load the page either
<ghaleb> http://linuxproblem.org/art_9.html
<ghaleb> another one, but the same issue
<Kamping_Kaiser> this might be harsh of me, but something that has "automize" isnt something i take seriously.
<ghaleb> okay
<ghaleb> what do u suggest
<Kamping_Kaiser> ghaleb, those are kind of old instructions - i belive even upstream openssh ship ssh-copy-id these days.
<Kamping_Kaiser> ghaleb, follow the SSHowto nijaba sugested. you'll have keys, you just need to look at the copying bit. https://help.ubuntu.com/community/SSHHowto#Public%20key%20authentication
<Kamping_Kaiser> waho.
<Kamping_Kaiser> the new wiki doesnt have crappy links!
<Kamping_Kaiser> it does have a fail login system though, so i guess it balances out
<ghaleb> so, u mean, the problem in the ssh server , right ?
<Kamping_Kaiser> i suspect doing everything manually you've made a mistake of some sort. i'm suggesting ssh-copy-id (or whatever) might fix it up
<ghaleb> okay, thank you, I will try it out
<Kamping_Kaiser> gl
<ghaleb> what is that q option, silence ssh-keygen means ?
<ghaleb> Kamping_Kaiser: it's not working :(
<AnRkey> can i use ufw 0.22 on hardy?
<soren> I belive it depends on a more recent iptables than hardy provides, so I'm guessing no.
<Kamping_Kaiser> i guers you could backport both
<didrocks> AnRkey: I am curently backporting it
<didrocks> (with iptables)
<finalbeta_> Hello, I have an Ubuntu server running with MySQL. The data in the MySQL database is the only thing that changes on the server. I need to backup this server. I need minimal down time. I was thinking to use dd to clone the full disk to a second drive in the server (can I do this while the server is running). And to backup the MySQL database seperatly at scheduled intervals. When the disk fails, I should be able to just boot from disk 2 
<AnRkey> didrocks, will it have port forwarding?
<finalbeta_> I'm new at this, does this sound good to you? Any suggestions?
<AnRkey> didrocks, i have test box's here if you want me to make it work a bit
<AnRkey> i found the debs but they need iptables 1.4
<incorrect> I was wondering what the best mail/group ware type system was these days?  or is there even one that ubuntu promotes use of?
<AnRkey> will it lose anything in the backport?
<AnRkey> since it wont have 1.4
<Kamping_Kaiser> finalbeta_, rsync > dd i expect
<jdstrand> finalbeta_: if you want no downtime, use replication to a slave server, then backup the slave
<Kamping_Kaiser> finalbeta_, it comes down to 'how bad is downtime'
<Kamping_Kaiser> as to what you use to avoid it
<Kamping_Kaiser> incorrect, groupware in what way?
<finalbeta_> Kamping_Kaiser, I don't understand the rsync, doesn't seem to help me in this case. Wont backup the mysql or give me a booting disk.
<incorrect> Kamping_Kaiser, like zimbra
<finalbeta_> jdstrand, Kamping_Kaiser, downtime o a couple of hours max is not that much of a problem. the shorter the better, but I can compromise
<finalbeta_> I have a single server running a sort of web server with mysql backend. Only the MySQL changes. I need to be able to recover when the disk fails.
<finalbeta_> so I was thinking dd the disk every few months at maintainances. and backup the database to a remote server every night. allowing me to put in the disk when the server fails, and just restore the database.
<finalbeta_> rsync wont be able to correctly backup the mysql, unless I shut down the database. (which is an option at night). but it wont leave me with a bootable disk.
<Kamping_Kaiser> i doubt dd will give you a bootable disk either tbh
 * Kamping_Kaiser splits
<spiekey> in my syslog i get iptables infos like: (...) kernel: IN= OUT=eth0 (...)  --> why is the Input information empty?
<spiekey> does it come from nowhere? :P
<soren> Originating interface is unknown in the OUTPUT chain.
<finalbeta_> Kamping_Kaiser, for what I read, it does, that's the whole point of it. But I'll run that this evening.
<Adri2000> does anyone know why vsftpd didn't get updated to the 2.0.7 upstream version?
<spiekey> hey...i need some help using ftp proxy on a command line:
<spiekey> http://pastebin.com/m77548bf0
<spiekey> i do not unserstand why i dont get any traffic on port 2121 on my firewall
<snitko> hi, what could be the reason for a service not to start at boot time, when it starts just fine manually with 'service name start' and has all appropriate symlinks in rcN.d dirs?
<nomoa> hi, anyone can explain to me what is causing /proc permissions restrictions like this : http://pastebin.com/m14b89bf4 ?
<soren> nomoa: What is the problem?
<nomoa> normal user cannot see others process
<jdstrand> ScottK: re clamav/apparmor> ok
<nomoa> I've never seen that before
<ScottK> jdstrand: Thanks.  So far it's quiet, I just don't want upstream bugs to get blamed on the profile.  I just finished the libclamav5 transition last night.
<jdstrand> ScottK: sounds great :)
<ScottK> Hurray.  hppa down under 300 builds waiting ...
<nomoa> the main problem is for stuff like zabbix-agent which need to access /proc/PIDs for monitoring process information, I have to hack its user to uid:0, I really can't understand how I can disable such security feature... uid 0 for zabbix user is really risky work-around :(
<kees> nomoa: most things in /proc/$pid is world-readable.  what are you trying to access that you can't?
<jdstrand> umm, my kernels don't do that. that sounds like openwall's restricted /proc patch
<jdstrand> nomoa: ^
<nomoa> kees, I can't: dr-x------ 6 root root 0 2008-09-05 17:51 /proc/1
<nomoa> jdstrand, hum?
<Lifer> Hi. Has anyone performed an "apt-get upgrade" with today's upgrades?
<kees> nomoa: yeah, you're not running a standard kernel.
<jdstrand> (I checked hardy -generic and -server, and intrepid -generic)
<kees> $ ls /proc/1 -lda
<kees> dr-xr-xr-x 7 root root 0 2008-09-10 16:44 /proc/1/
<nomoa> kees, I would like the same :)
<jdstrand> nomoa: 'uname -a'
<nomoa> Linux ________ 2.6.24.5-grsec-xxxx-grs-ipv4-64 #3 SMP Tue May 27 19:09:58 CEST 2008 x86_64 GNU/Linux
<ivoks> oh lol
<jdstrand> well, there you go ;)
<Lifer> Hello. Can I get help here with an unbuntu V71.0 server problem?
<ivoks> Lifer: if that's v7.10, then yes, v71.0 is scheduled for ~ 60 years
<ScottK> Lifer: Possibly.  Describing the actual problem increases your odds.
<jdstrand> jdstrand: your grsec kernel will almost certainly carry the restricted /proc patch
<jdstrand> heh
<jdstrand> nomoa: ^
<jdstrand> nomoa: if it's your own kernel, check the docs and see if there is a sysctl setting or recompile it without restricted /proc
<nomoa> jdstrand, thank you to point me to this grsec stuff... I'll look at there
<nomoa> jdstrand, nope it was installed by our provider
<nomoa> jdstrand, annoying parano stuff
<ivoks> grsec is actually great, imho
<Lifer> ScottK:ivoks: I installed ircd-hybrid: "apt-get install icrd-hybrid", then did and upgrade and update: "apt-get upgrade", "apt-get update". Now cygwin does not connect via xwin from my Windows box to the unbuntu server.
 * ScottK isn't the right guy to help with IRC stuff.
<nomoa> ivoks, it breaks many things, not so linux philosophy IMHO
<jdstrand> it is in certain situations, but it is interesting that in this instance, a user may end up with less security because of working around restricted /proc (eg, running zabbix as root)
<ivoks> nomoa: it does break things; already broken things :)
<ivoks> Lifer: i doubt it's realted to ubuntu
<nomoa> ivoks, not sure : look at zabbix, is it broken to monitor stuff? :)
<Lifer> ivoks: I installed ircd-hybrid: "apt-get install icrd-hybrid", then did and upgrade and update: "apt-get upgrade", "apt-get update". Now cygwin does not connect via xwin from my Windows box to the unbuntu server.
<Lifer> ScottK: Not irc prob, but upgrades prob, IMHO
<ivoks> nomoa: i've never looked at zabbix, but i can tell for sure that zenos is totally broken
<ivoks> Lifer: did it upgrade anything?
<Lifer> Yes. Is there a log I can inspect?
<ivoks>  /var/log/dpkg.log
<Lifer> ivoks: Yes. Is there a log I can inspect?
<ivoks> er.. zenoss, not zenos
<Lifer> ivoks: upgraded: postfix, triggeres-pending, libc6
<ivoks> so, nothing relevant for network
<ivoks> i'd bet on windows firewall...
<Lifer> ivoks: no change to windows.  Cygwin/Xwin works with other unbuntu server.  Other Client Cygwin/Xwin does not work, also.
<ivoks> Lifer: it's ubuntu
<ivoks> not unbuntu
<ivoks> try 'telnet your_ubuntu_server 6000'
<ivoks> and see it that works; if you can connect, than everything is ok, if you can't connect then x11 service is not started on ubuntu server
<Lifer> ivoks: I removed ircd-hypbrid, rebooted server. XWin now works
<ivoks> which brings us to question 'how come we talk about GUI on server channel?'
<ivoks> right, reboot usually starts all services :)
<Lifer> ivoks: It didn't work when I rebooted with ircd-hybrid installed
<ivoks> maybe you've configured ircd to listen on port 6000?
<Lifer> hmmm
<ivoks> it should listen at 6665, 6666, 6667, 6668 and 6669
<Lifer> ivoks: I configured nothing wrt ircd-hybrid. Does that use the same ports as Xwin? I thought IRC used 6667
<Lifer> ivoks: BTW, IRC did not work wither
<Lifer> *either
<ivoks> Lifer: well, i don't know
<Lifer> ivoks: is there a file that lists who is using which ports?
<ivoks>  /etc/services
<Lifer> ivoks: I'll reinstall ircd-hybrid and see which ports it tries to use. be back in a bit.
<ivoks> i've told you which it uses
<Lifer> ivoks: It should also work. But it got that wrong, too.
<spiritssight> how much different is the server verison over the desktop
<Lifer> ivoks: The install sequence was different this time (post upgrade).
<Lifer> ivoks: is /etc/services the ports that this installation is using, or a list of recommend/supported ports?
<ivoks> too many questions and i don't have time
<nomoa> is there a way to know kernel config options without the .config nor /proc/config.gz file...? (desperate)
<jmedina> nomoa: what is the problem with those files?
<nomoa> jmedina, I need to know the value of a kernel config parameter, but the guy how installed the system did not leave the config files
<jmedina> nomoa: which parameter?
<jmedina> maybe someone here know how to check it
<nomoa> jmedina, CONFIG_GRKERNSEC_PROC_GID
<jmedina> isnt there any grsec specific option to check that?
<nomoa> all grsec config is done inside the kernel, but ovh (our provider) do not give the .config
<nomoa> so I don't know what is the right group to put zabbix in in order to have access to /proc
<jmedina> nomoa: dont you have any other app integrated with grsec? maybe you can compare it
 * jmedina loves that kind ob obscurity, I mean security....
<nomoa> jmedina, it's a unmodified ubuntu 8.04 server with the only exception of this grsecurity kernel
<jmedina> nomoa: did you ask at ##grsecurity?
<jmedina> bu, emty channel
<nomoa> that was my intention :)
<nomoa> arf
<nomoa> I will try #give-me-rope-chair-paper-pen then :)
<nomoa> I give up, thank you all
<leonel> is  AMD  recomended for  ubuntu server ?? i've only used  intel  so   there's a new server comming and I'm thinking for an AMD dual core ..
<sdh> runs fine on my amd x2 6000+
<uvirtbot`> New bug: #269085 in apache2 (main) "apache2ctl refers to APACHE2_RUN_USER instead of APACHE_RUN_USER" [Undecided,New] https://launchpad.net/bugs/269085
<jmedina> same here, with about 50 virtual machines running in amd servers since 3 years with xen
<Goosemoose> when writing a preseed file: d-i preseed/late_command string wget http://10.0.2.131/post_install_tasks && chmod +x ./post_install_tasks && ./post_install_tasks returns 'failed with exit code 127'. but if i run it on the machine after install it works fine
<Goosemoose> any idea why?
<Smelne> i have aproblem with pure-ftpd none of my users can login
<jmedina> Smelne: what kind of users?
<jmedina> local? virtual?
<Smelne> I'm sorry, i was afk for a bit. They are virtual users, and all of them recieve a 530 authentication failure
<jmedina> Smelne: what do the logs says?
<Smelne> It says "[INFO] New connection from 192.168.0.241, [INFO] PAM_RHOST enabled. Getting the peer address, [WARNING] Authentication failed for user [sfmbeheer], [INFO] Logout."
<Smelne> The joke is that no passwords have been changed, no users removed or anyhing. We've had to restart the server yesterday after a kernel update, and this is hwat we were met with after the server came back up
<jmedina> that is no a pure-ftpd message
<Smelne> I've got it straight from PureAdmin, so i'm fairly sure that it is
<jmedina> Smelne: can you show a user with purepw?
<jmedina> that is a pam message, are you sure you are still using virtual users?
<jmedina> can you show the output from ps aux | grep pure-ftpd
<jmedina> ?
<Smelne> Hmmm.... Just a sec...
<Smelne> Unable to open the password file, what the....
<jmedina> something in the config files changed?
<Smelne> Not that i know of. We've just rebooted the server.
<Smelne> smelnefm@ariadne:~$ ps aux | grep pure-ftpd
<Smelne> root     11320  0.0  0.0   4840   636 ?        Ss   21:27   0:00 pure-ftpd (SERVER)
<Smelne> smelnefm 11412  0.0  0.0   2884   760 pts/2    R+   21:28   0:00 grep pure-ftpd
<jmedina> hat about your options?
<emgent> kirkland: ping
<Smelne> jmedina, which ones?
<jmedina> your pure-ftpd config files
<jmedina> the ones that set the autentication
<jmedina>  /etc/pure-ftpd/auth/
<jmedina> ls -l /etc/pure-ftpd/auth/
<kirkland> emgent: pong!
<kirkland> emgent: sorry dude, got your ping while i was sleeping, and forgot ;-)
<emgent> heya kirkland can i query you little bit ? :)
<Smelne> jmedina, Well, what do you need to know about the config files?
<jmedina> Smelne: the order of the files
<jmedina> ls -l /etc/pure-ftpd/auth/
<jmedina> that one
<kirkland> emgent: sure
<jmedina> I do Have
<jmedina> $ ls -l /etc/pure-ftpd/auth/
<jmedina> total 0
<jmedina> lrwxrwxrwx 1 root root 26 2007-07-30 17:43 45puredb -> /etc/pure-ftpd/conf/PureDB
<jmedina> lrwxrwxrwx 1 root root 26 2007-07-30 17:22 65unix -> ../conf/UnixAuthentication
<jmedina> lrwxrwxrwx 1 root root 25 2007-07-30 17:22 70pam -> ../conf/PAMAuthentication
<jmedina> sorry for the flood
<Smelne> 65unix, 70pam
<jmedina> :(
<Smelne> I habve no puredb there though
<jmedina> where are you storing your virutal users?
<Smelne> a locate revealed that on this system, puredb is located in
<jmedina> because with taht configs, says taht you are using unix auth by default
<Smelne> in /etc/pure-ftpd/conf/PureDB i mean
<jmedina> yeap, they are symlinks, look at my example
<Smelne> That's what io thought. So why it's spitting out PAM messages is beyond me
<jmedina> if you want to enable puredb virtual users you need to add a symlink in auth directory with a lower number, like mine (45)
<Smelne> But that still doesn't explain why it used to work
<jmedina> nop, Im not trying to explain that, just wanted to check if you really was using puredb virtual users
<Smelne> Trying with the symlink now. Fingers crossed
<nxvl> soren: http://paste.ubuntu.com/45897/
<nxvl> soren: why is ubuntu-vm-builder don't letting me use "intrepid" as hostname saying is not a valid vm?
<Smelne> jmedina, Ha! Now it won't connect at all!
 * Smelne laughs hysterically
<jmedina> jeje
<jmedina> Smelne: first, could you see your virtual users?
<Smelne> I just noticed a strange discrepancy. pure-pw is looking for pureftpd.passwd in /etc/pure-ftpd, but that file is located in /etc
<jmedina> my 45auth file points to /etc/pure-ftpd/pureftpd.pdb
<Smelne> Got it, finally got the user infpo
<jmedina> Smelne: try -f  option with pure-pw
<Smelne> I have, that gave me the user info
<fozilla> I "successfully" installed jailkit, but ssh session closes immediately after logging on. auth.log show 1) accepted password, 2) session opened, 3) entering jail and 4) session closed... all within a second. Any ideas why I can'r keep a session open?
<Smelne> jmedina, ever since i made the symlink, all connections are refused to the FTP server.
<Smelne> jmedina, are you still there?
<jmedina> yeap
<w8tah> gettin an error when i boot up -- eth0: ERROR while getting interface flags: No such device - -where to start _ the device is there
<Smelne> jmedina, I've removed the symlink, and instead of flatout resetting the connection, it again fails to authenticate. Call me crazy, but it looks like progress to me.
<jmedina> Smelne: did you restart pure-ftpd?
<fozilla> w8tah, what does dmesg say about the device?
<Smelne> jmedina, Several times. I'll try to re-create the symlink
<jmedina> stop it, check that there is no pure-ftp remaining, and then start it again, somethings it does not dies
<jmedina> it happened to me
<w8tah> fozilla: looking
<Smelne> The system monitor shows that it's not running, and so does top, and pidof
<jarlo> Newbie to IRC channel: I'm unable to update server -Errors were encountered while processing:
<jarlo>  /var/cache/apt/archives/mysql-server-5.0_5.0.51a-3ubuntu5.3_i386.deb
<jarlo> any advice?
<jmedina> jarlo: is that all?
<jmedina> jarlo: do you have free space?
<w8tah> fozilla: i see the drivers for both nicks initializing, and a rather cryptic message about udev changing the name of eth0 to eth3
<w8tah> thats it
<w8tah> fozilla: in addition -- lspci shows both nicks
<NCommander> jarlo, what error came up before that?
<Smelne> jmedina, thanks for your help, i think we'll just have to go with another FTP server to replace pure-ftpd. Any suggestions?
<jmedina> Smelne: I dont recomend other than pure-ftpd
<jmedina> smelne, could you try to run pure-ftpd manually?
<Smelne> Maybe, but pure-ftpd just don't seem to want to play nice anymore
<jmedina> not with the debian/ubuntu scripts (pure-ftp-wrapper)
<Smelne> jmedina, If i run pure-ftpd manually, i get a permission denied. Running it as root (*shudder*), gives no feedback
<jarlo> yes plenty of space
<jmedina> Smelne: wait, did you tell it to use pure-ftpd?
<jmedina> pure-db
<fozilla> w8tah: not sure how that happened, but a few posts seem have similar issues... they solved it by editing the persistent net rules in /etc/udev/rules.d
<jarlo> previous error
<jarlo> Preparing to replace mysql-server-5.0 5.0.51a-3ubuntu5 (using .../mysql-server-5.0_5.0.51a-3ubuntu5.3_i386.deb) ...
<jarlo>  * Stopping MySQL database server mysqld                                 [fail]
<jarlo> invoke-rc.d: initscript mysql, action "stop" failed.
<w8tah> fozilla: ok - thanks
<fozilla> w8tah: did you change any hardware recently?
<Smelne> jmedina, We've been using pureadmin from day one, i have no idea what the command line should look like
<w8tah> yes sort of - -i moved the hdd adn memory to an identical chassis after the previous one had a mobo issue
<jmedina> try something like
<jmedina>  /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb
<jmedina> never used pureadmin
<Smelne> jmedina, someone should tell you everyday that he or she loves you. I'm in!
<MattJ> Hi all
<jmedina> Smelne: I prefer a beer
<jmedina> :P
<MattJ> Did I completely imagine that there was a metapackage for a lamp server?
<jmedina> Smelne: so , is it working?
<Smelne> Then consider yourself loved by a keg of beer ;-)
<Smelne> yes
<Smelne> Now... Time to put that command in a script for easy starting.
<jmedina> Smelne:  please, run this
<jmedina> stop pure-ftpd manually, double check that there is no pure-ftpd process running
<jmedina> and then
<jmedina> bash -x /etc/init.d/pure-ftpd start
<jmedina> and give me the last line, the one whose launches /usr/sbin/pure-ftpd bla bla bla bla
<jarlo> Also should probably include the final two errors. Which suggests the process could not remove the older mysql version. I'm new to linux server admin so struggling a bit. Any help would be great. dpkg - trying script from the new package instead ...
<jarlo>  * Stopping MySQL database server mysqld                                 [fail]
<jarlo> invoke-rc.d: initscript mysql, action "stop" failed.
<jarlo>  subprocess new pre-removal script returned error exit status 1
<jarlo>  * Stopping MySQL database server mysqld                                 [fail]
<jarlo> invoke-rc.d: initscript mysql, action "stop" failed.
<jmedina> Smelne: that is to check how is invoked by the script maybe something is wrong with the configs
<Smelne> jmedina, I guess i'll have to edit that init.d script
<Smelne> It says "/usr/sbin/pure-ftpd-wrapper: Invalid configuration file /etc/pure-ftpd/conf/PureDB: "/etc/pure-ftpd/pureftpd.pdb": No such file"
<jmedina> mmm
<jmedina> where is your pureftpd.pdb file located at?
<danielm_mc> holas
<jmedina> Smelne: mine is: Running: /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb -u 1000 -E -A -j -O clf:/var/log/pure-ftpd/transfer.log -C 2 -H -I 4 -B
<Smelne> Mine is in /etc
<jmedina> Smelne: only change your /etc/pure-ftpd/conf/PureDB file
<jmedina> change the path to the file
<Smelne> Right-o
<jmedina> and start again with the script and bash -s
<jmedina> bash -x
<Smelne> tHIS TIME, THAT DOES NOT THROW ANY ERRORS
<Smelne> wOOPS
<Smelne> Argh!
<jmedina> what?
<jmedina> is it working?
<Smelne> LOL, sorry, i was attacked by a killer caps lock key. Yes, it's working. I have started the daemon from pureadmin again, and it's running, and logins are working again
<w8tah> fozilla: can you point me to one of the entries about udev changing the interface name - im not sure how to edit those rules -- but its driving me NUTS
<jmedina> Smelne: Im not sure, but I think pureadmin is the one who created the puredb file in /etc
<jmedina> because afaik, pure-pw creates it in /etc/pure-ftpd/
<fozilla> w8tah: let me bring up my rules
<Smelne> Well, at any rate, you have helped getting it running again. Consider yourself treated to two kegs of beer! :-))))
<w8tah> thank you
<Smelne> jmedina, i hope we'll meet IRL one day, so i can really give you that beer. But for now i will have to say goodnight
<jmedina> IRL?
<jmedina> what is that?
<Smelne> In real Life
<Smelne> :-)
<jmedina> ohh, when you come to mexico city, call me :P
<danielm_mc> hey can you use iptables w/ dns ?
<Smelne> :-))
<fozilla> w8tah: do you have your eth1 (or whatever you don't want) entry?
<w8tah> yes - -one moment please
<jmedina> danielm_mc: yes, but I wont trust it
<danielm_mc> what if you want to block a host by ddns ?
<fozilla> w8tah: basically change that to eth0, and your second card to eth1... if that's appropriate, making sure the mac is correct for each entry
<w8tah> ok - let me post my rules file real quick for u
<w8tah> http://pastebin.ca/1200404
<jmedina> danielm_mc: dns names can trivially be faked by an atacker
<danielm_mc> yah true
<jmedina> and I'm not sure if iptables/netfilter cache the names un utils iptables reload or something
<jmedina> I would better use public keys authenticacion...
<w8tah> fozilla: i see a prob - the mac is diff - should i change it to match the one being reported? -- ahh - -its different motherboard - -so hence diff mac
<w8tah> the light is dawning
<fozilla> w8tah: find which mac addresses are correct using ifconfig -a, then comment out the other two using #... If the last two are correct, then change eth2 to eth0 and eth3 to eth1
<fozilla> w8tah: yeah, you got it
<w8tah> ok - thanks
<Goosemoose> i have one screen that pops up when doing preseed pxe install that says the 'selected device already contains logical volumes'. I thought that this would take care of it, but it doesn't: d-i partman-auto/purge_lvm_from_device boolean true
<Goosemoose> any idea on what im missing?
<slangasek> dendrobates: ping
<dendrobates> slangasek: sup
<slangasek> dendrobates: hi, I didn't get a response from coffeedude to my pings on bug #262264 and he doesn't seem to be around now; do you have a notion of what the "right" fix for this is?
<uvirtbot`> Launchpad bug 262264 in likewise-open "Fails to join a domain: Unknown pam configuration" [Critical,In progress] https://launchpad.net/bugs/262264
<slangasek> i.e., should likewise-open integrate itself completely with pam-auth-update, meaning that the PAM config is changed as soon as the package is installed, or should it just be updated to handle prepending itself to the new config layout?
<slangasek> (I have a preference for the former, of course; we could probably even make it possible to toggle the config via likewise-open using debconf-communicate...0
<slangasek> )
<dendrobates> slangasek: I agree, have you looked at the patch Jerry provided?  I have not yet.
<slangasek> dendrobates: the one Jerry did, or the one Thierry did?  Jerry's patch seems to be to only update the pattern matching and continue twiddling by hand
<dendrobates> slangasek: ah, I had hoped he would use pam-auth-update.
<dendrobates> slangasek: jerry made the change and Koon made a diff between the two versions.
<slangasek> ok; I think I'll test out Jerry's patch and make sure things get added in the right place with that option
<dendrobates> slangasek:  Do you want me to ask Jerry to use pam-auth-update?  We seem short of time.
<slangasek> if not, I'll dive into a pam-auth-update solution
<dendrobates> slangasek: Koon can help, if necessary.
<slangasek> I imagine that at this point, it would be faster for me to do a pam-auth-update fix since I've fully internalized the semantics of that tool and I don't think anyone else has yet :/
<dendrobates> slangasek: true, but we have to learn it sometime.  :)
<NCommander> hey slangasek, I took a look at NM for you
<NCommander> slangasek, its cleanly written so adding the code to add search domains w/ DHCP should be straightforward enough
<slangasek> NCommander: does that mean you're writing and submitting a patch? :)
<NCommander> slangasek, sometime this weekend, I have a life tonight and tommorow
<NCommander> slangasek, you will of course sponsor the upload into Ubuntu as it works its way through the NM SVN :-)
<slangasek> well, no, I'll let asac handle that actually
<hads> hadley Rich
<hads> Excuse me.
 * NCommander found a rather stupid bug with a backport
<NCommander>   pbuilder-satisfydepends-dummy: Depends: etl-dev (>= 0.04.11) but it is not installable
<NCommander> BAH, dpkg sees 0.04.11~hardy1 lower than  0.04.11
<Quark_> Is this the right place for help with IRCD-Hybrid server installation?
<slangasek> Quark_: in practice, probably not
<Baryon> Hi. Can anyone help with a connectivity issue with a newly installed ircd-hybrid IRC server?
<Quark_> The server is working like a champ (V7.10), but I cannot connect to the ircd-hybrid server I installed today.
#ubuntu-server 2008-09-12
<kgoetz> why do we sudenly have 2 people intalling the same ircd? within 30 minutes of each other?
<slangasek> because they're talking about the same ircd installation?
<kgoetz> wonder whos put 'yay instlal this' on thier website - i cant think of any other requests for that irc that i've seen in here
<slangasek> er, does the fact that they're connected from the same IP tell you anything?
 * kgoetz looks - its a it early in the day for trickery like that
<Baryon> Do you always talk about people online like they're not there?
<Baryon> Maybe you could get an answer if you talked TO me, not ABOUT me?
<lukehasnoname> caught in a lie
<slangasek> Baryon: as I already answered Quark_, you're not likely to find much ircd expertise here; this channel is for the Ubuntu Server flavor, and hybrid-ircd is not a supported part of that
<Quark_> slangasek: Thanks.
<Quark_> Is there a supported IRC server w/ Ubuntu v7.10?
<slangasek> there are no IRC servers in the security-supported set, no
<slangasek> I think most of the servers you'll find people running around here are file, database, mail, web, and directory servers
<Quark_> This a web server, but one of the teachers needs to run her office-hour online.
<Quark_> We have been using an old IRCD server on an old Slackware mahine that is failing.
<Quark_> ircd-hybrid seemed a resonable alternative, if I can just get it to notice port 6667
<kgoetz> :/ *finds the certificates-and-security page quite confusing* :/
<kgoetz> oh well. meeting. afk
<|erirb|> hello, all.
<|erirb|> I'm looking for some good ubuntu server advocacy. So far I found https://wiki.ubuntu.com/VersusRedHat
<|erirb|> does anyone has other good source?
<uvirtbot`> New bug: #269251 in bacula (universe) "package bacula 2.4.2-1ubuntu4~hardy1 failed to install/upgrade: AbhÃ¤ngigkeitsprobleme - lasse es unkonfiguriert" [Undecided,New] https://launchpad.net/bugs/269251
<remote> hello
<remote> i'm seeing weird processes like this one: root      1773 99.9  0.1   3388  1712 ?        R    Sep11 809:01 ?ii?ï¿½ï¿½Ã¿??ï¿½?Þ·I????ï¿½ï¿½ï¿½ï¿½2Þ·?
<remote> which seems to be sshd: /proc/1773/exe: symbolic link to `/usr/sbin/sshd'
<remote> i'm also seeing the init script fail
<remote> root@softlayer2:~# /etc/init.d/ssh restart
<remote> sshd:  SSH-2.0-OpenSSH_4.7p1  on i686-pc-linux-gnu
<remote> Unknown option -t
<kgoetz> remote: runing 8.04?
<remote> i'm used to look at /etc/debian_version
<remote> where is the ubuntu version/
<kgoetz> lsb_release -sc will do
<kgoetz> `lsb_release -sc`
<remote> hardy
<kgoetz> ok. what do you get for $(md5sum `which ssd`) ?
<remote> a98008abb8c9e2cccbb4a091db93ed01
<remote> i tried to google it but no match :-\
<kgoetz> mines different.
<remote> i have checked for updates, none were installed related to ssh, i think i have the current package
<kgoetz> do you have -security enabled?
<remote> i don't think so, how can i verify?
<kgoetz> `grep security /etc/apt/sources.list`
<remote> oh yes that i do
<remote> SSH-2.0-SSH-2.0-OpenSSH_4.7p1
<remote> that's the openssh banner
<remote> i'm thinking it should have a unbuntu string but i'm not sure, can you confirm?
<kgoetz> hm. do have the openssh-blacklist package?
<kgoetz> let me check
<kgoetz> SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
<remote> i have openssh-blacklist installed
<remote> ok i'm puzzled as to how that happen but it's not my server, i will have to verify with the owner
<kgoetz> how recently did you get access to it?
<remote> today
<remote> see even netstat reports sshd with weird characters
<remote> ï¿½ï¿½Ã¿ï¿½ï¿½      0      0 :::22                   :::*                    LISTEN      4916/ii
<kgoetz> i'm wondering if 'last' has any connections in it
<remote> wtmp begins Wed Sep 10 14:44:04 2008
<remote> last connection on sep 10
<kgoetz> and for my sake, does /var/log/wtmp.1 exist, rotated on that day?
<remote> -rw-rw-r-- 1 root utmp 11520 Aug 11 21:19 /var/log/wtmp.1
<kgoetz> welll..... i'd start to worry about the host being compromised.
<kgoetz> is it posable to offline it while you do checks?
<remote> that's already happening ;-)
<remote> not really
<kgoetz> shame. not really surei can offer helpful advice at this point (well, other then things you can already think of yourself ;))
<remote> well, thanks for the assistance
<kgoetz> if you need stuff to compare against i'm around for an hour
<kgoetz> so i can give you checksums of files or whatnot if you want to check core utilities. also i think packages.ubuntu.com lists md5sums
<kgoetz> seems i'm wrong - it only lists files in packages, not their md5sums
<kgoetz> oh yeah - both my systems are 64bit installs (which will ahve different checksums to 32bit)
<remote> i'm thinking it might have been compromise on purpose by the owner
<remote> not going to spend too much time on it
<remote> i would if it was my server but i'm going to consult first ;-)
<kgoetz> nod. good luck with it, probably see you again at some poitn :)
<remote> :-)
<kraut> moin
<stapel> I am trying to connect two windows machines to a ubuntu-server with 2 crossover cables to two NICs on the ubuntu-server, only 1 NIC at a time works though...and not always the same one; after a reboot it might be the other one
<Guest86075> look that you don't use the same subnet on both nics
<stapel> why is that?
<stapel> are you talking about netmask in interfaces?
<stiv-s> no ... the subnet. eg if you have 192.168.0.1/24 on one interface and 192.168.0.2/24 this can work, but you have to see that the two windows machines don't have the same ip (eg. both 192.168.0.3). using different subnets forces you to do it right ;)
<stiv-s> ï»¿ï»¿hi guys! I have an webapplication sitting on ubuntu and i am using apt and my own mirror to distribute updates. i made a mistake a few months ago and made my own lighttpd packet just to add a script and change the config file. this is now done in a different manner and i would like to use the original package again, but i can't get aptitude to use the new package because of my versioning error (i appended -1selfbuild1 instead of ~1selfbuild1).
<stiv-s> problem is: i use only apt and a metapackage to install the packages i need. if i force the version in the metapackage aptitudes "solution" is removing the metapacket... i just want to force it to "downgrade" lighttpd to the version i specify in the metapacket
<stiv-s> any ideas? --- this needs to run automatically, so i can't choose the right solution or "aptitude install lighttpd=RIGHTVERSION"
<stapel> I use unique static IPs for all interfaces...so then I guess the subnet does not matter
<stiv-s> sure it does!
<stapel> not sure I understand
<ivoks> if you have 192.168.0.0/24 on both interfaces, you have a problem
<stapel> the IPs for the two NICs on ubuntu is  192.168.0.2 and 192.168.0.3
<ivoks> but if you have 192.168.0.0/24 and 192.168.1.0/24 then it should work
<stapel> by 192.168.0.0/24 you mean netmask 255.255.255.0 right?
<ivoks> stiv-s: you can do pining
<ivoks> right
<stapel> ok
<stapel> u mean pinging?
<ivoks> stiv-s: you can force lighttpd version; http://jaqque.sbih.org/kplug/apt-pinning.html
<ivoks> stapel: no, i was talking to stiv-s
<stapel> :)
<stapel> aaaaaghhhh!
<stiv-s> pining? never heard of that
<stiv-s> googling now ;)
<stapel> is there a dpkg reconfigure for networking?
<stiv-s>  /etc/init.d/networking restart
<stiv-s> what do you need!?
<hads> pinning
<stapel> different subnets did the trick
<stapel> bye
<stiv-s> thanks for the pining tip ... i'm going to look into that :-) enjoy your weekend!
<uvirtbot`> New bug: #269298 in mysql-dfsg-5.0 (main) "/etc/init.d/mysql run without privileges reports wrong status." [Undecided,New] https://launchpad.net/bugs/269298
<Fenix|work> Good morning...
<Fenix|work> ... anyone have any documentation on setting up LVM on RAID for 8.04.1?
<_ruben> the server guide might explain it .. i find the installer just enough self-explanatory
<Koon> kirkland: about "service --status-all"...
<Koon> kirkland: so far it goes through (mostly) all of /etc/init.d/* and calls status
<kirkland> Koon: right, there are a few notable exceptions
<kirkland> Koon: see the shell code for those exceptions
<Koon> kirkland: I think there are some more missing (in the version I've used)
<Koon> all the one-time actions that are in /etc/init.d
 * Koon has a deeper look
<kirkland> Koon: hmm, example?
<Koon> kirkland: hotkey-setup
<Koon> module-init-tools
<Koon> hwclock.sh...
<Koon> those are run at boot-time but aren't expected to have a status, right ?
<_server> Already installed ubuntu server (8.04.1) downloaded from website. Having default text-based login shell, after login, I started 'apt-get install' bunch of pkgs (xserver, fluxbox, finally gnome-desktop) to have finally xdm and gdm in the system. Initially, I need to type '/etc/init.d/gdm start' to enter into GUI. But the next reboot, it already automatically enters into gnome. Can I revert back to default to text-based login shell, instead of auto 
<sommer> _server: do sudo /etc/init.d/gdm stop, then sudo update-rc.d -f gdm remove... then if you want a gui you can do startx from the console
<_server> Thanks! Gonna try it this Monday in Lab =)
<Fenix|work> I have an md raid device I can't delete...
<Fenix|work> how can I kill the beast?
<_ruben> Fenix|work: make sure it isnt mounted, then sudo mdadm /dev/mdX --stop .. iirc
<Fenix|work> thanks _ruben
<bogey-> How can I force apt-get to use a proxy?
<_ruben> specify the proxy in /etc/apt/apt.conf
<bogey-> yeah i just got it
<bogey-> To set apt-get to use a proxy you edit /etc/apt/apt.conf to include this information at http://pastebin.com/m3831e8b3
<Quark_> Hi - I am having a failure-to-connect problem from an IRC client to ircd-hybrid installed on my Ubuntu server V7.10.  The ircd-hybrid support claims that is is a firewall issue with Ubuntu.  I am trying to move an IRCD service from an old Slackware machine to a new Ubuntu machine for a teacher so that she can support he students online. Any help or referrerals to documentation would be appreciated.
<Quark_> Note that the failures come from both an Ubuntu IRC client and a Windows IRC client that both work with the Slackware system.
<Quark_> Alternatively, I would install another IRCD supported on Ubuntu if you have a recommendation.
<lukehasnoname> make sure the firewall isn't blocking IRC ports
<lukehasnoname> or temporarily disable the firewall and check if that works
<Quark_> lukehasnoname: How do I inspect and  the Ubuntu server's firewall?
<Quark_> *inspect and edit
<Quark_> Gibson's ShieldsUp! software says 6667 is closed.  How do I open it?
<Quark_> lukehasnoname: How do I unbloack port 6667, and any other IRC ports?
<LordDicranius> what's the most common protocol used when configuring a Linux VPN server?
<slicslak_> i setup a server and forgot to specify install lamp applications.  where could i find the package list used for that?
<Deeps> tasksel --help
<infinity> slicslak_: apache2-mpm-worker apache2 libapache2-mod-php5 php5 php5-mysql mysql-server
<ScottK> Or just run tasksel again and select it.
<Deeps> or just tasksel on it's own for a curses based interface
<infinity> slicslak_: That's off the top of my head, mind you.
<infinity> s/worker/prefork/
<infinity> Brain -> Finger interface is dead.
<slicslak_> great, tahnks guys
<uvirtbot`> New bug: #269488 in open-iscsi (main) "iSCSI installation doesn't report initiator ID" [Undecided,New] https://launchpad.net/bugs/269488
<uvirtbot`> New bug: #269492 in open-iscsi (main) "iSCSI support (modules and configuration) missing from initramfs" [Undecided,New] https://launchpad.net/bugs/269492
<slicslak_> where how do i set services to start on boot?
<zul> kirkland: ive added status stuff to the snmp initscript
<kirkland> zul: you da man!
<Zelut> can anyone tell me if jeOS will work as a domU on a xen host?
<zul> if you use intrepid..yes
<Zelut> so 8.04.1 no, 8.10 yes?
<zul> yep
<zul> it should at least
<Adri2000> anyone in the server team I could talk to about vsftpd?
<zul> jus ask
<Zelut> I don't see any builds for 8.10 jeOS on cdimage.ubuntu.com.  Are they hiding elsewhere?
<Adri2000> zul: I did already 3 or 4 times :)
<Adri2000> zul: I'd like to know if there is any specific reason for vsftpd not being 2.0.7 in intrepid
<zul> because its synced from debian and its not maintained by the server team
<Adri2000> I believe it mainly fixes bugs, and in particular, one that prevents it from working with filezilla and ftps
<Adri2000> (for which I'd like to do an sru for hardy)
<zul> request a backport then
<Adri2000> no, it's not the point, I'm talking of bugs
<zul> ok well no one is stopping you filing srus then
<Adri2000> zul: would the server team support my FFe exception request if I was willing to do the necessary work for updating vsftpd to 2.0.7 now?
<Adri2000> sure, but it needs to be in intrepid first
<zul> Adri2000: it is in debian yet?
<Adri2000> no
<Adri2000> the changelog is at ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.7/Changelog
<w8tah> im running samba on a file server - and my log is filling with cups trying to connect (there is no printing at all configured and shouldnt be) what do i do?
<zul> Adri2000: I dont have a problem with it myself
<zul> Adri2000: but with sru you would be backporting it
<Adri2000> zul: is there someone else in the server team I should ask about that? or is it directly up to the release team?
<Adri2000> in the sru I would only backport that bug fix:
<zul> Adri2000: I would bring it up in the meeting, put it on the agenda
<Adri2000> - Shutdown the SSL data connections properly. This prevents clients such as
<Adri2000> recent FileZilla from complaining. Reported by various people.
<Adri2000> when is the meeting?
<zul> Adri2000: then why not get the patch that fixes it for intrepid and backport the patch to hardy?
<zul> Adri2000: its on a tuesday check the wiki
<Adri2000> because I think it's worth to also get the few other bug fixes there
<zul> ok
<Goosemoose> I keep getting a 'failed with exit code 127' for this presed command: d-i preseed/late_command string wget http://10.0.2.131/post_install_tasks && chmod +x ./post_install_tasks && ./post_install_tasks returns > /dev/null 2>&1
<Goosemoose> anyone have any ideas? with the wget statement alone it works fine
<Goosemoose> if i execute the command on a terminal it executes fine
<Goosemoose> i just added the /dev/null part on the last run to test it
<Adri2000> 16 Sep 15:00: Server Team < can't make it :/ at least I won't be able to be online before 16:00
<zul> or send an email to the ubuntu-server ml
<Adri2000> zul: ok
<w8tah> how do i keep smbd from continually trying to connect to cups???
<sommer> w8tah: I'd try commenting the [printers] entry in /etc/samba/smb.conf then restarting samba
<slangasek> 'load printers = no', 'printing = bsd'; if that doesn't take care of it, then there's a bug (which, I think, there has been at least in the past)
<Quark_> Can anyone here help me establish connectivity with port 6667 on my Unbuntu server ?
<Gargoyle> to what application, Quark_ ?
<Quark_> Gargoyle: ircd-hybrid is running in background, trying to connect with mIRC.  Even telnet .... 6667 gets a connection refused message
<Gargoyle> you ran netstat to check the port is open?
<sommer> foolano: is the ebox site down?
<foolano> sommer: yeah :(, we are working on it :(
<sommer> foolano: okay, just making sure it wasn't just me
<foolano> sommer: i've just exchanged strong words with them
<sommer> heh, that's cool... I was just taking a look at the new modules
<sommer> foolano: is there an easy, or semi-easy, way to install just a local copy from svn?
<Gargoyle> Quark_: If you run "netstat -antp" you should get a list of what programs have listening sockets on what ports
<Quark_> Gargoyle: what parameters must I give netstat to deliver port 6667 status?
 * Gargoyle s ESP is on full power tonight! :P
<Quark_> awesome
<foolano> sommer: all modules have a debian directory so the easiest way is builddng the package. We usually have nightly-buids url where you can pull the latest packages too
<Quark_> Gargoyle: It says:  tcp 0 0 127.0.0.1:6667  0.0.0.0:*  LISTEN 5466/ircd-hybrid   off (0.00/0/0)
<sommer> foolano: very cool, I'll check into that
<foolano> sommer: the latest release is available in launchpad though
<Gargoyle> Quark_: That means that it's listening on the loopback interface only.
<Quark_> Ah Ha!
<sommer> foolano: is that the same as the code in svn?
<foolano> sommer: yep https://launchpad.net/~ebox-unstable/+archive
<Gargoyle> Quark_: Not your network for real. You should be able to change 127.0.0.1 (or localhost) in a config file somewhere. Normally you should be able to use 0.0.0.0 for any local IP address.
<foolano> sommer: there are packages for both hardy and intrepid
<sommer> foolano: awesome... I think I looked at the wrong lp page before, thanks
<Gargoyle> can I upgrade an existing system to intrepid? Do I just need to replace hardy with intrepid in my source.list?
<foolano> sommer: np :)
<Quark_> Gargoyle: I'll search for ircd.conf and see how to mod it.  Thanks
<Gargoyle> Quark_: np
<Quark_> Gargoyle: Changed ircd.conf from **host = "127.0.0.1";** to **host = "my host ip";** and it works!! :^)
<Quark_> Gargoyle:  I have been querying IRC channels all day, including ircd-hybrid channels and ubuntu channels, with no luck.
<Quark_> Gargoyle: You fixed it in two minutes.
<Gargoyle> :)
<Gargoyle> Quark_: If you are debugging anything network related, always start with the local machine... check that you are actually doing what you think you are (eg, listening on the correct port)
<Gargoyle> Quark_: then move onto access from another node withing the network
<Gargoyle> Quark_: and finally, try from an outside source.
<Gargoyle> Follow those steps, and you'll probably save yourself some time... But like anything, it just takes a while before you have the experience.
<Gargoyle> There are probably a lot of people setting up systems that have never used netstat. It's just another step on the learning curve!
<Gargoyle> Quark_:  What IRC network are you joining to? or are you just playing?
<Quark_> Gargoyle: I'm just a newbie - only been doing this for 30 years.
<Gargoyle> ha ha!
<Quark_> Ooops - 40 years. I hate it when that happens :(
<Gargoyle> :P
<Quark_> At some point I skipped reading the documentation.  But not a probolem ,since at some point, the OpenSouce industry stopped providing it.
<Quark_> I could find not doc on the hybrid install beyon "use apt-get install".
<Quark_> I stopped using M$'s OS' because they kept changing the file names and their terminolgy, and charging developers $2,000 to tell them the new secrets
<Quark_> I think it is time to get into a new field, something easy.
<Gargoyle> I think that is where a lot of open source project are at their weakest. It took me the best part of a month to fully install and test a mysql + drbd setup.
<Gargoyle> programmers lover to write new features and improve code all the time - but they hate writing docs!
<Quark_> I found it easier and quicker to write my own database software than to try to decode the installation and usage documentation for any DB stuff.
<Gargoyle> The last time I played with IRC was when I was playing Tribes 2 a lot - that must be 6 or so years ago!
<Quark_> Of course, porting it across new version of the Linux OS's is aproblem, since the API keepos changing
<Gargoyle> I installed dancer to test my own irc bot on.
<Gargoyle> hmmm, this is a fast paced business from whatever angle you look at.
<Quark_> Rule Number One: Do not ever change the API or GUI.
<Quark_> ensure thay are backward comaptible.
<Quark_> Rules number 2 & 3, see rule number 1
<Gargoyle> It still suprises me at how  little take up there has been for Java... What was the tagline, write once, run anywhere!
<Gargoyle> Quark_: There has to be evolutions, but there should be some serious overlap in API versions.
<Quark_> Gargoyle: M$ purposely sabotaged Java
<Quark_> Gargoyle: Also trying to sabotage OpenGL
<Quark_> They do so by not providing a working version in their latest OS's
<Gargoyle> nahh, sun should have open sourced it a long time ago. Also, there were a  few important missing bits... Like using a serial port required a library, but you would be hard pressed to find a library that worked on more than one platform!
<Gargoyle> So you very quickly tied yourself to a platform, and then forgot about why you chose Java!
<Quark_> Gargoyle: The solutions is simple. Provide backward compatible API & GUI.
 * Gargoyle is installing intrepid
<Gargoyle> Anyway, it's only a matter of time before everyone realises the truth!
<Quark_> what is interpid?
<Gargoyle> The next Ubuntu release.
<Gargoyle> Poo... install failed!
<Quark_> ib, they're alphabetical
<Quark_> *ic
<Gargoyle> yeah... and have an animal name... hardy heron, intrepid ibex
 * Gargoyle reminds himself to look up what a fookin ibex is!
<Quark_> Thanks for you help. I have to now reconfigure the all the IRC pages to point to my Ubuntu server (was old Slakware server)
<Gargoyle> Quark_: Have fun! :-)
<Gargoyle> exit
<Gargoyle> oops!
<ScottK-laptop> mathiaz: Now that clamav and spamassassin are promoted, I think we can make a real case that we have a supported feature complete mail server stack.  Do you think that's worth a blog post?
<ScottK-laptop> ivoks: How good are you with amavisd-new configs?
<ivoks> well, i use it :)
<ph8> How does one do autoresponders? something in exim?
<ph8> (is exim the default now?)
<ScottK-laptop> ivoks: I think that the defaults we get from Debian aren't very friendly.
<ph8> i still use postfix :o
<ivoks> hardy's sparc port has some issues with ldaps :/
<ScottK-laptop> ph8: Postfix is our preferred MTA.
<ivoks> ScottK-laptop: right, they aren't ok
<ph8> ok, so how does one do autoresponders with postfix, would that feature in a complete mail server stack?
<ivoks> iirc, zip archives are banned by default :)
<ph8> I have my own script to manage auto responders, majorly tacky though
<ScottK-laptop> ph8: IMO, no.  Autoresponders are really hard to get right.
<ScottK-laptop> I think it's an area you really have to know what you are doing.
<ph8> Is that why there's no big open source (a la spamassassin) thing to do it?
<ph8> I wonder why though? Things like ML headers?
<ph8> perhaps unicode etc
 * ivoks really loves postfix, dovecot, mysql and openldap :)
<ph8> by that i mean special characters (i've got to lay off the enter key!)
<ScottK-laptop> The biggest problem is backscatter.  How do you know you're really sending mail back to someone that asked for it?
<ph8> i'm with you ivoks, i was a bit courier fan until recently - not a big ldap user though unfortunately - do you use it in a business context?
<ph8> ScottK-laptop:  Ah, like spam response?
<ivoks> only in business
<ph8> Ideally it would go through a nicely trained spamassassin that would rate it and spam would not be responded to
<ScottK-laptop> ivoks: I'd like to (soon) fixup our config to be more friendly.
<ph8> pain in the backside though you're right
<ph8> plus they're bloody aggravating :p
<ivoks> ScottK-laptop: i'll join, but not before the end of the next week (i have two exams next week)
<ScottK-laptop> Not just that, but addresses are forged all the time.
<ivoks> i'm really out of anything related to ubuntu right now :(
<ScottK-laptop> ivoks: I was working on this and had an unfortunate incident with my notes.  Any chance you could mail me your configs and I can start on it with that.
<ivoks> ScottK-laptop: i'll do that
<ScottK-laptop> ivoks:
<ScottK-laptop> ivoks: Thanks
<ph8> i'm quite eager to get involved but fairly new to lower level stuff - let me know if anything ever comes up you think i could handle
<ph8> we never really get taught c(++) these days
<ivoks> ScottK-laptop: i'll do that right now...
<ph8> it's just a brief submodule at undergrad
<ScottK-laptop> Thanks.
<ScottK-laptop> ph8: Most of what we do it packaging, so no C/C++ required.
<ph8> ah i've toyed with that a bit before
<ScottK-laptop> ph8: If you know a bit of shell and maybe some Python, you know enough to contribute.
<ph8> packing the latest versions etc?
<ph8> ah well i'm fine then :p
<ScottK-laptop> Generally.
<ph8> so should one sync intrepid then go out and actively package new versions of things?
<ph8> or is there a sort of 'to be packaged' list?
<ScottK-laptop> Now we are post Feature Freeze for Intrepid, so the focus is on bug fixing stuff.
<ph8> does intrepid run? I gave it a go at alpha 2
<ScottK-laptop> There are bugs in Launchpad tagges 'needs-packaging', but that's really for Intrepid +1 now.
<lukehasnoname> ph8: I'm using it as my file server right now
<ScottK-laptop> ph8: Generally, but you have to be ready for sudden breakage.
<lukehasnoname> two days since install hasn't broken it
<ph8> ScottK-laptop:  Jackalope? :)
<ivoks> ScottK-laptop: my changes are inside 20-debian_defaults
<ph8> lukehasnoname:  Cool, i'll install it on a VM in a bit
<ivoks> and 15-content_filter_mode
<ScottK-laptop> ivoks: Thanks.
<ph8> although my development VM is running my phones atm :o
<ScottK-laptop> ivoks: I greylist, so it'll be a bit before i get it.
<ScottK-laptop> I'll have a look.
<ivoks> i didn't send it yet :)
<ivoks> i greylist too :)
<ScottK-laptop> K.
<ph8> I don't suppose anyone's ever converted a debian install to ubuntu-server?
<ph8> I'm buying a dirt cheap dedi from leaseweb but they'll only install deb (on the cheap range)
<ph8> at least ubuntu-server's a quality product :p
<mathiaz> ScottK-laptop: that would be a great idea - kirkland and Koon already wrote a couple of blog post for the ubuntuserver blog. If you write something up I'll be happy to publish it.
<ScottK-laptop> ph8: It probably wouldn't work unless you did sarge --> dapper --> hardy --> intrepid.
<ScottK-laptop> mathiaz: OK.  Will do.
<ph8> phew
<ph8> and a fingers-crossed reboot? :p
<ScottK-laptop> Yeah.
<ph8> i'd probably leave it at hardy
<ph8> three stages mind
<ph8> sarge -> dapper by just changing the sources?
<ScottK-laptop> Since Ubuntu switched from sysvinit to upstart in Edgy your odds of doing that conversion in a later release are slim and none.
<ph8> maybe i'll just use sarge - is it all going to be outdated and naff?
<ph8> i see
<ScottK-laptop> Sarge is unsupported.
<ScottK-laptop> Etch is the current stable.
<ph8> oh sorry, there's my debian knowledge exposed :p
<ph8> i was always told their packages are inferior to ubuntus mind
<ScottK-laptop> But Etch is too new to have any hope of Etch -> Dapper working.
<ScottK-laptop> It depends on what you need.
<ph8> just a playground box tbh, the stuff I do is starting to overload the company servers i was piggybacking off
<ScottK-laptop> Debian Stable will virtually always have older packages than the current Ubuntu server release.
<ScottK-laptop> The thing about Debian Stable is it's REALLY stable.
<ScottK-laptop> If you need more current stuff, Ubuntu is handy.
<ScottK-laptop> Historically, that's been the difference, but progress is now being made on making things easier to do in Ubuntu Server.
<ivoks> urgh... this was such a pain...
<ivoks> i have half of domain in mysql and half in ldap
<ivoks> and something is wrong with ssl on sparc version of 8.04
<w8tah> sommer: sorry this is delayed -- i just got back -- all printing stuff in smb.conf is already commented out
<w8tah> for some reason - -on my samba file server, the syslog keeps getting messages about rejected attempts by smbd to connect to cups (which is not in use and may not be installed -- unless it got pulled in as a dep) how do i get it to quit filling up my logs
<nandersson> will Intrepid ship with OpenOffice.org 3?
<hads> Servers don't usually have an office suite.
<ScottK-laptop> nandersson: #ubuntu+1
<nandersson> ScottK, in Ubuntu 9.04 then? a pity
<ScottK-laptop> nandersson: You're misunderstanding.  I'm suggesting that's a channel to ask such questions.
<nandersson> aha
<nandersson> ok
 * nandersson goes there
<ScottK-laptop> ivoks: Got your mail.  Thanks.
<ScottK-laptop> ivoks: Would you be up for testing an apparmor enabled clamav with your amavisd-new system?
<ivoks> ScottK-laptop: if it's for hardy, yes
<ScottK-laptop> ivoks: That should work.  Do you want a debdiff to build it yourself?
<ivoks> ScottK-laptop: sure
<ScottK-laptop> ivoks: Also, do you want to stay with the clamav version in Hardy or do you want a newer one?
<ivoks> :)
<ivoks> tempting :)
<ScottK-laptop> 0.94 should work fine with amavisd-new
<ivoks> why not
<ScottK-laptop> ivoks: OK.  I'll send you a debdiff from the current Intrepid 0.94 package to build on Hardy.
<ivoks> ok
<ivoks> well
<ivoks> good night!
<ScottK-laptop> ivoks: modulo greylisting, you have mail.
<ScottK-laptop> Have a good night.
<ivoks> thnx
<lukehasnoname> Who would I poke about adding a few lines to the server guide?
<ScottK-laptop> lukehasnoname: sommer.
<lukehasnoname> sommer: I was talking to soren a few days ago about what we should do about the "Basic Ubuntu Server" tasksel option. I suggested several things: Rename it to something more accurate, like "Documentation and accessories" or "Helpful tools". Second, for the HTML docs on the server to be more visible to users, perhaps the server default MOTD should mention where the docs are buried. Finally, details of what the 
<lukehasnoname> Something along the lines, perhaps, of
<lukehasnoname> Helpful tools: Installs this server guide, as well as the 'w3m', 'screen', and 'patch' packages.
<lukehasnoname> in the tasksel area of the server guide.
<bytor4232> With the desktops, there is a "apt-get install xubuntu-desktop".  Is there an equivelant command for installing ubuntu server?
<ScottK-laptop> bytor4232: You can run tasksel to pick various varieties of ubuntu-server, but you'll only get the server kernel if you install as a server or manually change it.
<bytor4232> Okay, I was tasksel has various stuff on it.  Thats acceptable.
<bytor4232> Just wanted to make sure there wasn't an "official" way, like with ubuntu-desktop, etc.
<bytor4232> Holy cow
<bytor4232> ubuntu's mini.iso cli option install is only 701 megs.
<ScottK> When you run it manually you get every tasksel option in Ubuntu.
#ubuntu-server 2008-09-13
<uvirtbot`> New bug: #269627 in samba (main) "force group breaks share" [Undecided,New] https://launchpad.net/bugs/269627
<LinuxGhost> what is easy steps to install LAMP on ubuntu 8.04?
<ScottK-laptop> LinuxGhost: Have you installed Ubuntu Server already?
<LinuxGhost> maybe not
<LinuxGhost> just mysql, apache, php
<ScottK-laptop> How did you do the installation?
<LinuxGhost> but with some troubles
<ScottK-laptop> If you do a server install you get LAMP as a choice.
<LinuxGhost> many steps foun in the internet= google
<LinuxGhost> now i know apache2 and php is fully and correctly installed
<LinuxGhost> all tested
<ScottK-laptop> Try sudo tasksel and then select lamp and see if that helps.
<LinuxGhost> tasksel do what?
<LinuxGhost> installation?
<LinuxGhost> http://www.howtoforge.com/ubuntu_lamp_for_newbies
<ScottK-laptop> tasksel gives you the option to install a set of packages together.  The certified lamp config is one of them.
<ScottK-laptop> LinuxGhost: Generally we have very good documentation on help.ubuntu.com or wiki.ubuntu.com.  I'd suggest trying there first.
<LinuxGhost> ok.thanks
<LinuxGhost> MY trouble beggins where ask for password
<LinuxGhost>  Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
 * ScottK-laptop isn't a mysql guy, sorry.
<LinuxGhost>  mysql -u root
<LinuxGhost> ERROR 2002 (HY000):
<ScottK-laptop> sudo mysql
<ScottK-laptop> ?
<ScottK-laptop> I've no idea actually.
<LinuxGhost> People, why the Directory /var/www is not writable to php files????
<remote> hey
<remote> i'm not sure of the correct procedure to re-install a package
<remote> i'm concerned because i want to re-install openssh without loosing connectivity to the server
<remote> hi dashnu
<dashnu> hey
<remote> i'm wanting to re-install openssh-server without loosing connectivity, would you know the correct procedure to do so?
<dashnu> why do you need to reinstall it ?
<remote> it's compromised
<ScottK-laptop> What exactly do you mean by compromised?
<dashnu> ...
<remote> it's *ucked
<dashnu> the install is not "compromised"
<remote> trust me, it's not usable
<remote> ok anyways
<remote> i just want to re-install it
<ScottK-laptop> OK.  Compromised generally means something else.
<remote> the installed sshd is *not* the ubuntu packaged sshd
<ScottK-laptop> How was it installed?
<dashnu> ok
<remote> well
<remote> i have no idea
<remote> but it's not the ubuntu ssh
<dashnu> ha!
<dashnu> wow
<remote> SSH-2.0-SSH-2.0-OpenSSH_4.7p1
<remote> that's the banned
<remote> and that the md5sum: a98008abb8c9e2cccbb4a091db93ed01  /usr/sbin/sshd
<remote> s/banned/banner
<remote> that's one of its PIDs
<remote> root      4916  0.0  0.0   3212   816 ?        Ss   Jul27   0:51 ?ii?ï¿½ï¿½Ã¿??ï¿½?Þ·I????ï¿½ï¿½ï¿½ï¿½2Þ·?
<remote> now i hope you're convinced too ;-)
<remote> how can i re-install the package openssh-server without loosing connectivity?
<dashnu> just remove it and reinstall it
<remote> i don't mind loosing the shell but want to be able to connect back as the service is restarted to the newly installed one
<remote> i'm afraid uninstalling it will run /etc/init.d/ssh stop
<remote> won't it?
<dashnu> Im a gentoo server guy... it doesnt ingentoo
<dashnu> do apt-get remove ssh && apt-get install sshd
<dashnu> or similar
<dashnu> then restart the daemon
<dashnu> should work fine
<remote> alright
<remote> i will try that
<Kamping_Kaiser> remote,
<Kamping_Kaiser> remote, `sudo apt-get --purge remove openssh-server` and `sudo apt-get install openssh-server`
<Kamping_Kaiser> trick is, the running sshd wont be stopped by either, so you'll need to logout (or manually kill) the old ssh's
<Kamping_Kaiser> perhaps run the remove+install in screen, so even if you get disconnected, the install happens ...
<Kamping_Kaiser> perhaps even 'install -y'
<remote> i did the install, remove and did not lose the shell
<Kamping_Kaiser> sounds correct and good.
<remote> now i have : f5e43bdf79235f04cfe09b2eb0e87a00  /usr/sbin/sshd
<remote> but still, the openssh processes are behaving weirdly
<remote> one didn't die
<remote> root      4916  0.0  0.0   3212   816 ?        Ss   Jul27   0:51 ?ii?ï¿½ï¿½Ã¿??ï¿½?Þ·I????ï¿½ï¿½ï¿½ï¿½2Þ·?
<remote> and this is the new one:
<remote> root     14522  0.0  0.1   3388  1788 ?        S    22:13   0:00 ?ii?ï¿½ï¿½Ã¿??ï¿½?Þ·I????ï¿½ï¿½ï¿½ï¿½2Þ·?
<Kamping_Kaiser> remote, the one your connected through probably
<remote> i did disconnect and reconnect
<Kamping_Kaiser> looks like you'll need more then a reinstall to get un-rooted.
<remote> this is weird
<remote> it should do the trick
<remote> i did purge now
<remote> Could not load host key: /etc/ssh/ssh_host_rsa_key
<remote> Could not load host key: /etc/ssh/ssh_host_dsa_key
<remote>  * Restarting OpenBSD Secure Shell server sshd
<remote> Could not load host key: /etc/ssh/ssh_host_rsa_key
<remote> Could not load host key: /etc/ssh/ssh_host_dsa_key
<remote>    ...done.
<remote> that's from an init.d/ssh restart
<Kamping_Kaiser> whats in /etc/ssh/ ? any keys?
<remote> nope ssh_config   sshd_config
<Kamping_Kaiser> explains why it cant find the host key(s)
<remote> wait now i have
<remote> root@softlayer2:~# ls /etc/ssh/
<remote> blacklist.DSA-1024  blacklist.RSA-2048  moduli  ssh_config  sshd_config
<remote> this just appeared
<Kamping_Kaiser> ... 'just appeared'? o_0
<remote> arf
<remote> yes
<remote> anyways i killed the wrong process and have no longer access to the server
<Kamping_Kaiser> :\
<remote> Kamping_Kaiser: something like that
<remote> :-)
<Kamping_Kaiser> :]
<EyebeKlap> Hello, I'm kind of new here and I'm not sure whether this is the correct channel for my question....   Can Ubuntu 8.04 server be run simultaneously with Ubuntu 8.04 desktop? ie. run the terminal server in the background while somebody uses the host computer in Ubuntu 8.04 desktop GUI mode?
<ScottK-laptop> EyebeKlap: Sort of.  You can run the server packages on a desktop install, but you have to either run the server kernel or the desktop one.
<ScottK-laptop> For almost all purposes, that amounts to yes.
<EyebeKlap> I know you can demo ubuntu in windows - is there a way to set it up like that? running desktop as the main kernel then sending any network enquiries aimed at the server to a 'second level' where the server kernel is running/emulated or vica-versa?
<Kamping_Kaiser> why are you /actually/ trying to do?
<Gun_Smoke> ScottK-laptop, what draw back would there be using the desktop kernel instead of the server kernel?
<ScottK-laptop> None you'd be likely to notice.
<ScottK-laptop> EyebeKlap: No.
<ScottK-laptop> If the server is under heavy enough usage for the server kernel to matter, you're likely not also running it as a desktop.
<EyebeKlap> I am trying to get my ubuntu desktop install to function as a terminal server for other computers while still being able to use it for desktop applications freely
<ScottK-laptop> Ah.  I missed the terminal server bit earlier.  Sorry.
<ScottK-laptop> You want to look into ltsp.
 * ScottK-laptop doesn't know much about it.
<EyebeKlap> ltsp? I sorry but as far as ubuntu is concerned, I am somewhat of a novice
<Gun_Smoke> Linux Terminal Server Project
<Gun_Smoke> http://www.ltsp.org/
<EyebeKlap> oh, ok. thank-you :)
<ScottK-laptop> It's available as an Ubuntu package.
<Gun_Smoke> EyebeKlap, another one for you. https://help.ubuntu.com/community/UbuntuLTSP
<remote> hah!
<remote> it seems like i killed the right process
<remote> http://rafb.net/p/XwKeTz33.html
<remote> why would the server close the connection like this?
<Gun_Smoke> I don't understand what I am doing wrong with vsfpd .  I have it set up half way correct.  I am able to move files to /home/ftp as root, and then able to download files.. But I can not upload files.  I have write_enable=yes anon_upload_enable=yes anon_mkdir_enable=yes but still get the error 550
<remote> Gun_Smoke: what's in the log file?
<Gun_Smoke> remote, a ton of this Sat Sep 13 00:45:56 2008 [pid 22415] [ftp] FAIL UPLOAD: Client "10.0.1.3", "/Uploads/file
<remote> what's the complete error?
<remote> it seems to want to upload to /Uploads/file ...
<Gun_Smoke> first I can't mkdir MKD Program
<Gun_Smoke> 550 Create directory operation failed.
<remote> what's the error in the log file?
<Gun_Smoke> Sat Sep 13 01:56:42 2008 [pid 25737] [ftp] FAIL MKDIR: Client "10.0.1.3", "/Program"
<Gun_Smoke> that's all of it.
<remote> i'm wodering if "/Program" refers to /home/ftp/Program or /Program
<Gun_Smoke> I was attempting to mkdir /Program in /home/ftp/   I'm using gFTP at the moment.
<remote> and can you make this directory as the ftp user, from a shell?
<remote> or whatever user is running the ftp daemon
<Gun_Smoke> I get a similar error if I simple try to upload a file to a current directory in /home/ftp/Uploads http://pastebin.com/d6660dab6
<Gun_Smoke> No,  I have to be root on the target machine.
<remote> does the ftp daemon runs as root?
<Gun_Smoke> I believe so.
<remote> ps uxa | grep vsfpd
<remote> as what user is it running?
<Gun_Smoke> root
<Kamping_Kaiser> hm. ftp isnt really something you want to run as root
<remote> it runs as root by default
<Gun_Smoke> That what I thought..
<remote> to be honest i'm not sure, i'm receiving the same error with the same configuration keys enabled
<remote> ah
<remote> did you uncomment #write_enable=YES
<Gun_Smoke> yes
<remote> i don't know what to say
<remote> try to grab a config that's known to work as you want
<remote> you can probably find one online
<Gun_Smoke> I just tried modifying the permissions of /home/ftp/ to drwxrwxrwx just to see.. and now 500 OOPS: vsftpd: refusing to run with writable anonymous root
<Gun_Smoke> I also chown of /home/ftp/ from root to a user
<TuxCrafter> hello everybody
<TuxCrafter> i just noticed a kind of alarming issue on my system
<TuxCrafter> apt-get install libpam-umask
<TuxCrafter> if i want to do that ^ it wants to remove almost all my system
<TuxCrafter> http://pastebin.ca/1201680
<TuxCrafter> here is the needed information
<TuxCrafter> i wanted to set a umask rule with pam.d/ for specified users
<Deeps> You are about to do something potentially harmful.
<Deeps> To continue type in the phrase 'Yes, do as I say!'
<Deeps> nice
<TuxCrafter> i have the idea that libpam-umask conflicts with libpam-modules
<TuxCrafter> but i wanted the documentation of the libpam-umask
<TuxCrafter> dont worry i am nog going to install the package :-p
<TuxCrafter> also curious why it would be harmful if you run all users with umask 077 what would go wrong in theory ?
 * TuxCrafter had a crashed test server tonight with umask 0007 with for all users, still investigating the issue, seems spamc crashed the system
<`6og> TuxCrafter, the reason libpam-umask is "bad" is because its not part of the standard pam
<`6og> theres a bug open about it
<TuxCrafter> `6og: the strange thing is that is is working without the package ..
<`6og> TuxCrafter, what do you mean?
<TuxCrafter> `6og: echo 'session optional        pam_umask.so umask=077' | sudo tee -a /etc/pam.d/common-session
<TuxCrafter> execute that command restart your system
<TuxCrafter> and you have umask 0077
<TuxCrafter> if you have no other overwriting configs
<TuxCrafter> without the libpam-umask package installed
<`6og> TuxCrafter, exactly. because its now part of libpam-modules
<TuxCrafter> dpkg -S pam_umask.so
<TuxCrafter> libpam-modules: /lib/security/pam_umask.so
<TuxCrafter> `6og: so the libpam-umask should be removed form the repo as soon as possible but the documentation must be added to libpam-modules
<`6og> TuxCrafter, correct.
<`6og> TuxCrafter, there is a bug open about it.
<TuxCrafter> do you have the link?
<TuxCrafter> i can add some comments
<TuxCrafter> these bugs waste time of lots of people
<TuxCrafter> in theory a linux system should run fine with umask 0077 correct?
<`6og> TuxCrafter, dont have a link, but search launchpad for it
<`6og> you can probably search /ubuntu/+source/libpam-modules/+bugs directly
<TuxCrafter> https://bugs.launchpad.net/ubuntu/+source/pam-umask/+bug/199141
<TuxCrafter> done
<uvirtbot`> Launchpad bug 199141 in pam-umask "seems to be broken, requires to remove almost all installed packages" [Undecided,Invalid]
 * TuxCrafter getting some food
 * TuxCrafter leaving got to reboot and do some other work, thanks for he feedback
<darksifer> hi which nvdia driver is best for ubuntu
<Kamping_Kaiser> doesnt really sound like a questionf ro -server
<Kamping_Kaiser> *for
<darksifer> sorry
<Moc> Im reading from docs that ubuntu is subseptible to have it network interface switch even when the mac is specified in the interfaces ?
<Nafallo> when the mac is specified where?
<Moc> in the interfaces file
<Kamping_Kaiser> Moc, which docs?
<Moc> man page
<Kamping_Kaiser> which?
<Nafallo> that's because it's the wrong place for that magic.
<Moc> interfaces man page
<Nafallo> that magic lives in udev
<Moc> I know on CentOS, if I specified the mac in the ifcfg-eth0 file, it will grab it correctly
<Nafallo> well now... Ubuntu Server is not CentOS, and most of us consider that a feature.
<Nafallo> /etc/udev/rules.d/70-persistent-net.rules
<Moc> ok so I guess the 2004 doc is out of date
<Moc> I found it pretty lame that I had to run sh scripts to get the mapping correctly
<Nafallo> feel free to file a bug about it :-)
<Moc> I got burned of submiting bug report that arnt process for months, and only reponse I get is when a new release come out and maintainer ask if bug is still present... then you check and say it still is... and again no reply for months ... Im personally tired of filing them
<Kamping_Kaiser> pretty sure ifconfig/ifup predates udev, probably the man page does too
<Moc> probably
<Nafallo> Kamping_Kaiser: we didn't have udev in Warty, no :-)
<Kamping_Kaiser> Nafallo, :)
<keithclark> Maybe this is a question best asked of the server crowd.  I don't seem to have any luck setting up Samba.  I can see the windows XP machine, but the XP machine cannot see the Ubuntu machine.  And, even though I can see the XP machine, I cannot see any of the shared directories on it.
<sommer> foolano: what's up, I noticed that the esofttool and ebox-software packages are only for hardy?  I grabbed the source and they build fine on intrepid... just fyi
<sommer> foolano: will the ebox-software module be able to manage all packages in the future?
<keithclark> Maybe this is a question best asked of the server crowd.  I don't seem to have any luck setting up Samba.  I can see the windows XP machine, but the XP machine cannot see the Ubuntu machine.  And, even though I can see the XP machine, I cannot see any of the shared directories on it.
<uvirtbot`> New bug: #269954 in openssh (main) "ssh -X breaks Xauthority on NFS mounted home dir" [Undecided,New] https://launchpad.net/bugs/269954
#ubuntu-server 2008-09-14
<vanberge_> anybody a dhcp guru?  wondering why my server dishes out IPs starting at the end of the subnet.  i'd like it to start at the begining
<bytor4232> vanberge_: Wow.  I never really noticed that.  I think mine get dished out at random.
<vanberge_> is there any way to specify that?
<vanberge_> like i assigned a scope of 192.168.1.10-192.168.1.250
<vanberge_> and they start at 250, then 249, then 248
<bytor4232> Hm.
<bytor4232> Not sure.
<bytor4232> Actually, I should say, I'm not sure there is an option for that.
<youbuntu2008> I tried to start with GTK+ in ubuntu. I worked out to get those things successfully compiled (now in Day #2), but still to no avail. Got stuck at compile GLib, due to iconv or libiconv stuff. How to internationalize it? (Hopefully I'm not 'on my own'... is there any other way to get started with GUI programming?)
<youbuntu2008> perhaps, the more accurate question is: How to ENABLE just-compiled libiconv ? (so that i may successfulyl fompile GLib)
<ScottK-laptop> youbuntu2008: Note that you are in a server oriented channel.  That seems an odd place to be asking about GUI programming.
<youbuntu2008> ops... yes, u r right. At times, got lost in several things at same time :))
<youbuntu2008> actually, not 'gui prog' per-se, but more on 'getting those packages to work'
<ScottK-laptop> OK, well once you said GTK you had not a hope of being on topic.
<youbuntu2008> thanks.
<prexium01> Hey all.
<prexium01> Anyone know why my server won't boot to a CD after it's already found it?
<remote> maybe the bios is not configured to boot from the cd or another device that can boot is priorized over your cd-rom drive
<prexium01> I have it set to CD rom boot
<prexium01> Like, it says it found the CD and that it's bootable, then it just skips the boot step
<prexium01> Nvm, got it.
<prexium01> Anyone know why my sever freezes when I start to configure the logical drives in the BIOS?
<prexium01> 108 people in here and no one knows?
<remote> nobody knows
<unewbie> :)
<R-edemption> Hello, all. I am having some issues with BIND on a Ubuntu 8.04 server. It continues to fail to start up. After looking in /var/log/daemon.log, it seems as if Bind9 is complaining that it does not have enough permissions to read /etc/named.conf, which is completely untrue as we have tested the permissions and it can read it just fine.
<Kamping_Kaiser> R-edemption, guess two things to check - run named's config file checker, and perhaps that aa-* thing
<R-edemption> Kamping_Kaiser: Thankyou. I will try that now.
<R-edemption> Incase it makes a difference, this is a clean ubuntu 8.04 install that just had Plesk control panel installed.
<R-edemption> Kamping_Kaiser: Nothing really helped with those tools.
<habit> Hello. Is it possible to install ubuntu as a desktop and transform it to server?
<lukehasnoname> you'd have to manually change the kernel
<lukehasnoname> but all the packages are there
<lukehasnoname> frankly, it'd be easier to grab a server iso and install that.
<ghaleb_> hello, I have configured my DHCP server to give fixed-address according to the mac address, but till now, I'm still looking on how to specify the gateway for that address. any help ?
<rafiki_> Hello, I just want to know if a server install is suppose to work with sound or not usually ? I notice there is a specific flavor of the kernel.
<Kamping_Kaiser> ghaleb, what dhcpd?
<Andy_> hi, Im installing 8.04 server on a computer that doesn't have a cd-rom.....I'm booting from a USB-stick but I'm failing at the detect cd-rom step
<Andy_> I'm asked to point out where my cd-rom is...../dev/xxx....can I point to my USB-stick here?
<vadi2> Can anyone please help me sort out a rewrite rule? It's being overzealous. In one of my wordpress installations I wanted to have a custom url structure, and it told me to put this rule in .htaccess: http://pastebin.com/m79460e76. However now all pages that should give a 404 are caught by that rule and redirected...
<SpaceBass> hey folks
<SpaceBass> after a recent update, my ldap users can no long sudo
<SpaceBass> any thoughts on troubleshooting that? they are in the right group and that group has sudo permissions
<SpaceBass> something also broke my netatalk but thats another story
<Rafael_> what is the best way of making backups
<Rafael_> i use web min to manage my server
<SpaceBass> its not webmin  :D
<SpaceBass> webmin is pretty insecure and is regarded as kind of a bad idea
<SpaceBass> rsync is a great built in tool for backups
<SpaceBass> as is tar
<SpaceBass> what exactly do you want to do?
<Rafael> I use webmin to manage my serrver, anybody know how to make backups of the server thru webmin
<sergevn> Rafael: sure there is some kind of rsync plugin
<sergevn> you could install rsync and make custom cronjobs in webmin
<rgotten> I use webmin for managing my ubuntu server, any good way of doing backups of my server thru webmin
<ivoks> we don't support webmin on ubuntu
<rgotten> any good way of doing backups of my ubuntu server?
<ivoks> tar, mondo, bacula, amanda...
<ivoks> it really depends on what you are looking for
<rgotten> i am building a server for my office, and would like the following, on one hand an external hard drive conected to the server for dayly, weekely and montly back up, in a way that if a crash happens, i can do a restore and up and running. At the same time i would like to do remote incremental backups from the office server to my home for data only
<Deeps> !backup
<ubottu> There are many ways to back your system up. Here's a few: https://help.ubuntu.com/community/BackupYourSystem , https://help.ubuntu.com/community/DuplicityBackupHowto , https://wiki.ubuntu.com/HomeUserBackup , https://help.ubuntu.com/community/MondoMindi - See also !sbackup and !cloning
 * delcoyote hi
<rgotten> i know you do not support webmin, but i have the server on a closet, and that is why i am using webmin to manage the server, can you please advise another good way of managing the server, remotly?
<Deeps> !ebox | rgotten
<ubottu> rgotten: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Deeps> or better yet, start playing with the command line more, learning how that works and using that instead
<rgotten> I try ebox when it started a few month ago and lack many features of webmin
<AnRkey> how do i restart inetd?
<AnRkey> wtf? i just installed openbsd-inetd and then restarted vmware services
<AnRkey> and boom
<AnRkey> working
<ivoks>  /etc/init.d/openbsd-inetd
<SpaceBass> after a recent update, my ldap users can no long sudo
<SpaceBass> any thoughts on troubleshooting that? they are in the right group and that group has sudo permissions
<SpaceBass> something also broke my netatalk
<lukehasnoname> SpaceBass: does it say "Unable to resolve host"
<SpaceBass> lukehasnoname, the sudo issue? no
<SpaceBass> askes for password several times then denies access
<lukehasnoname> sry I didn't read enough. I can't help.
<SpaceBass> no prob
<SpaceBass> one more question - I'm running server edition but with xbuntu-desktop install ... how can I change the run level so it does not start X
<SpaceBass> everything I've read suggests that changing the run level in ubuntu doesn't effect the GUI enviroment
<ivoks> ubuntu doesn't have gui runlevel
<ivoks> display manager is started from any runlevel, except 0, 1 and 6
<SpaceBass> exactly
<SpaceBass> so how do I prevent it from starting
<ivoks> remove display manager from runlevel
<ivoks> if 2 is default runlevel
<ivoks> then remove display manager from /etc/rc2.d/
<SpaceBass> gotcha
<SpaceBass> ty
<ivoks> i don't know wich dm you are using
<ivoks> gdm/kdm/xdm...
<SpaceBass> xdm
<afief> is it possible to install Ubuntu remotely?
<SpaceBass> afief, on what hardware?
<afief> SpaceBass, an intel xeon machine
<SpaceBass> afief, you'd have to get the media (CD) there somehow... but you should be able to redirect the output
<SpaceBass> not sure though
<afief> SpaceBass, yup got the media in there, but the guy who was supposed to install the machine knows nothing about partitioning, so I was wondering if I could to it remotely(as opposed to driving to the datacenter tomorrow morning)
#ubuntu-server 2009-09-07
<monteith> so i'm about to install mysql (onto my jaunty slice) instead of/over an sqlite3 installation
<monteith> do i need to completely remove sqlite3 first to avoid any conflicts?
<Pici> Why would you need to remove sqlite3?
<monteith> for harddrive space? to free up memory?
<monteith> i don't know
<Pici> They won't conflict, if you feel you need to remove it for other reasons, thats up to you.
<monteith> cool, thanks
<deinspanjer> Does anyone have links to guides for upgrading from an 8.04 desktop to a 9.04 server?  I just made a full backup of everything on the machine so I don't mind a clean install, but I don't have media or a bootable USB drive handy so I'm hoping I can work around that since the machine is currently running 8.04
<ziesemer>  My DHCP (dhcpd) server stays running, but apparently non-functional after using "/etc/init.d/networking restart" in 9.04.  Is this to be expected?
<foob> ziesemer: what do you mean its non-funcational...is it not giving out IP addresses to clients...
<ziesemer> Correct.  I can sniff packets, and see the requests, but no responses.  Once I manually do "/etc/init.d/dhcp3-server restart", all is better.
<ziesemer> It doesn't seem to be an issue for other services, e.g. sshd.  Or is this because sshd just binds to all available interfaces, while dhcpd is probably binding only to the specific interface (eth0) that disappeared and reappeared, and was never re-bound?
<foob> after you do networking restart did have look the /var/log/messages and see what log messages you are getting
<ziesemer> Absolutely nothing, until I restart dhcpd, then see the "DHCPREQUEST" and "DHCPACK" messages immediately after it restarts and shows the other starting messages.
<foob> ziesemer: you need to tell the dhcp server which network segments your server is authoritaviate for....is this configured
<ziesemer> Yes.  dhcpd.conf contains "authoritative;", and has a subnet defined on a subnet that matches a statically-configured address on eth0.
<ziesemer> And generally, it works - but just doesn't survive "networking restart".
<foob> can do following and see what interface is DHCP listening on lsof -i4 -P
<Alysum> hi - does  mkfs.ext3 allow me to resize a partition online without erasing data? thanks
<foob> does anyone know of good guides that show how to recompile kernel under ubuntu...
<ziesemer_> foob: "lsof -i4 -P" shows no change before and after "networking restart".  Name: "UDP *:67", and the same FD and DEVICE #'s.
<foob> how do i find out which version of ubuntu server i am running i.e. 7.10, 9.04 etc via CLI...
<nick125> lsb_release -r
<foob> nick125: thanks that did the trick i had to install lab-release package...
<uvirtbot`> New bug: #425478 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/425478
<jbusam> hi guys... is there somewhere a HCL? for the server LTS
<twb> !HCL
<ubottu> For lists of supported hardware on Ubuntu see https://wiki.ubuntu.com/HardwareSupport - To help debugging and improving hardware detection, see https://wiki.ubuntu.com/DebuggingHardwareDetection
<twb> ubottu: good boy
<ubottu> Sorry, I don't know anything about good boy
<jbusam> thanks guys... I try to find out if 8.04 is running on a dell M710 blade
<PhotoJim> no reason why it shouldn't
<jbusam> hmmm... just talked to the hoster and according to them... ubuntu 8.04 LTS doesn't boot (kernel panic) and debian lenny boots
<PhotoJim> that's weird
<PhotoJim> it would be relatively easy to run Ubuntu with a Debian Lenny kernel if you wanted
<jbusam> yeah... I'm using it on all my other servers... but with this new project nothing seems to go right ;-)
<PhotoJim> is 8.04 the latest Ubuntu they support?
<PhotoJim> Jaunty might well be worth a try.
<jbusam> customer insists on LTS.. but is fine with debian... orfl
<jbusam> rofl
<PhotoJim> well, if 8.04 U won't work and Lenny D will, Lenny it is.
<PhotoJim> if he insists.
<PhotoJim> either that, or you install an older version of Ubuntu, roll a custom kernel, and then dist-upgrade to 8.04
<giovani> what is it in LTS that is required?
<qman__> my guess is that long term support is what's required
<jbusam> just the multiple years security fixes... he doesn't want to move the system for 3 years
<giovani> I wasn't aware debian offered a guarantee of support length
<jbusam> me niether
<giovani> so I don't know why it'd be considered
<giovani> if support itself is required
<PhotoJim> will it boot with a non-server kernel?  if so it wouldn't be hard to create a server installation with that kernel.
<PhotoJim> the server edition is just a slightly different kernel, and a lot fewer default-installed packages.
<PhotoJim> Debian doesn't split out kernels.  desktop and server share a kernel.
<jbusam> dunno... can't test
<giovani> what is it that "doesn't work"?
<jbusam> all I get from the IT guys over there is that it throws a kernel panic while trying to boot
<jbusam> not muc ho go on
<giovani> heh
<giovani> yeah, that's not useful
<PhotoJim> sounds like your mind is made up for you
<PhotoJim> if they won't hel you, and you can't unilaterally experiment, it has to be Debian, given the choice of two options given by the client
<PhotoJim> help, that is
<qman__> yeah, it could be any number of things
<giovani> right, but, as PhotoJim said -- if you can't experiment ... then obviously you have to use something else
<qman__> without being in front of it to diagnose where and when it crashes, you can't really narrow it
<PhotoJim> my guess is it'd be easy to work around it
<PhotoJim> but unless you have physical access or can access a console, you are SOL
<jbusam> yeah
<qman__> the kernel on the install disc obviously works, so if you could replace it or even just tweak the options you could probably get it working, but yeah
<qman__> nothing you can do without access
<jbusam> the only other choice I would have is centos... but... well
<jbusam> as i understood it.. not even the disc is booting
<qman__> oh?
<jbusam> so maybe there are changes between the 2.6.24-24 and the 2.6.26-2 which are needed for the m710
<giovani> or maybe there are patches that broke something
<jbusam> thx guys... will have to go with debian I guess...
<PhotoJim> if you could do it, booting and installing an older version of Debian and upgrading to 8.04 would be the easiest workaround.
<PhotoJim> either that, or try a newer version, of course.
<giovani> haha
<giovani> that sounds like an awful idea in production
<PhotoJim> on a brand new system, minimal risk.
<jbusam> that's exactly the point... I wanted a very clean system for the production machine...
<PhotoJim> don't install anything but base utils.  upgrade.  then install packages.
<giovani> risk? sure, not any
<giovani> it's an ugly hack
<giovani> for little gain
<PhotoJim> well, if a person really wanted to do Ubuntu.
<PhotoJim> I'm not saying it's optimal.
<PhotoJim> but it's workable and it's not that risky.  just more time-consuming.
<giovani> I didn't know he was that ubuntu-desperate
<jbusam> I would have preferred to use ubuntu, because I have it on all other machines...
<giovani> then try a newer ubuntu release
<twb> Graah!  Downgrade the following packages: libldap-2.4-2 [2.4.9-0ubuntu0.8.04.3 (now) -> 2.4.9-0ubuntu0.8.04.1 (hardy-security)]
<twb> It seems the 8.04.3 live CD includes packages from hardy-updates.
<twb> Have I misunderstood the purpose of hardy-updates?  I thought that it was something you turned on when you wanted to allow new features (i.e. new bugs) into your system.
<twb> ubottu: hardy-updates
<ubottu> Sorry, I don't know anything about hardy-updates
<pipedream> from sources.list
<pipedream> ## Major bug fix updates produced after the final release of the
<pipedream> ## distribution.
<pipedream> deb http://za.archive.ubuntu.com/ubuntu/ hardy-updates main restricted
<pipedream> twb: ^^
<pipedream> Recommended Updates (hardy-updates)". Updates for serious bugs in Ubuntu packaging that do not affect the security of the system.
<pipedream> twb https://help.ubuntu.com/community/Repositories/Ubuntu#Updates Tab
<pipedream> twb: you're being a bit tough on -updates
<twb> OK, thanks.  I will need to talk to management about maybe being allowed to enable that.
<uvirtbot`> New bug: #425551 in openssh (main) "package openssh-server 1:5.1p1-6ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/425551
<acalvo> hi
<acalvo> if I restart the postfix daemon, will I lose the current queue?
<acalvo> I give up trying to set up sympa
<acalvo> going straight with mailman
<kwork> what remote desktop server software to use, krfb has really distorted image
<erichammond> acalvo: The email queue is stored on disk and should not be negatively impacted by restarting the postfix service.
<acalvo> erichammond: you're right, I've tought it was linked somehow with the volatile memory used by the daemon
<erichammond> kwork: I don't know what the official Ubuntu answer is, but you might want to check out NX from nomachine.com.  They have a free (but not open source) edition you can use for simple cases.  It's blazing fast even over slow links.  I use this with the Ubuntu desktop images I publish for Amazon EC2 on http://alestic.com
<kwork> erichammond, so client and server both are free to use ?
<kwork> i cant even belive people cant fix that krfb, it has been broken since 8.04 atleast
<erichammond> kwork: I believe the free server limits you to 2 concurrent users
<kwork> okey thats fine for me
<kwork> tnx for input ill try it out
<jmarsden> Maybe also check out xrdp  -- seems like a similar thing?
<kwork> erichammond,  can i access my desktop via NX or only new destkop instance ?
<twb> xrdp is pretty alpha
<twb> If you can dictate the client side, NX is better
<twb> But then, ssh is also better...
<kwork> the thing is sometimes i need to access MY desktop
<kwork> not only box itself
<kwork> thou quick look @nx showed that i can get new session running, but i wonder can i access my current desktop
<twb> Pfft, real men have their desktop inside screen for precisely this reason
<kwork> desktop inside screen
<kwork> that i hear for the first time
<kwork> hows that even possible
<andol> twb: Where The Desktop is equivalent to Emacs? :)
<twb> andol: yes, GNU Screen is the windowing system, and Emacs is the desktop environment.
<twb> http://twb.ath.cx/words/emacs-desktop.txt
<andol> twb: Not sure if I'm there myself yet
<twb> I don't even run X anymore
<twb> uvesafb gives me native 800x480 and Terminus-12x6, so it's almost identical to ratpoison + xterm -fn schumacher-clean-120-60-*
<PC_Nerd101> I'm following the NTP tutorial on ubuntugeek.com - and it says to uninstall ntpdate before installing ntp, could someone explain why it needs uninstalling and whether or not it will screw up any of the time related information on my installation ?
<twb> ntpdate is obsolete
<twb> ntp now knows how to do the same job (-qx?)
<andol> twb: Wouldn't call ntpdate obsolete. If you have a computer online online now and then ntpdate might be the prefered choice.
<twb> andol: ssh, quiet.
<andol> s/online online/only online/
<twb> I actually do that :-)
<andol> ok
<PC_Nerd101> hmm ok :) thanks
<PC_Nerd101> for keeping the time synced across a number of computers I want to set a specific server (pool.ntp.org) as its server...... can I do this using ntpdate or do I need to install and run the ntp package, removing ntpdate as pare the tutorial ?
<twb> pool.ntp.org is wrong.  You should use <your ISO 639 code>.pool.ntp.org
<PC_Nerd101> ok - but what about the ntp vs ntpdate ?
<twb> I believe we already answered that
<PC_Nerd101> so for a server, I want ntp... ? - thanks.
<garymc> how do i find a file in terminal?
<garymc> im looking for maain.conf.php
<Daviey> garymc: "locate" if the file isn't new, or "find"
<Daviey> "$ locate maain.conf.php"
<giovani> or just update the db yourself -- "sudo updatedb"
<giovani> then use locate
<garymc> found it thanks
<oly> hi, can any one tell me is openvz is built into newer ubuntu kernels and which versions might have it
<oly> currently 2.6.18 does not have drivers for my network card, 2.6.28 upwards does but there is no openvz kernel, so i either have to attempt a compile or get a newer kernel with support
<oly> i read that debian has openvz built in from version 2.6.29 so i am curious if this is also the case with ubuntus kernel
<soren> oly: Ubuntu's kernels do not have openvz, no.
<soren> oly: Not since Hardy.
<oly> is there a reason why its no longer included
<oly> ie, something else you should be using thats better ?
<giovani> oly: KVM ... it's become the defacto standard for linux kernels
<oly> okay thanks for that info soren and giovani
<soren> oly: OpenVZ is a big patch. Back in Hardy, the work to get it included was done by OpenVZ themselves. They did not continue this work for Intrepid and onwards.
<oly> okay its just got a load of setups here using OpenVZ
<oly> but just setup a new server using a newer ubuntu, but we cant move the machines to it
<giovani> oly: there are instructions on how to set up openvz on later ubuntu releases on the internet
<oly> yeah i did come accross some of them the problem being openvz seems to old
<oly> we need at least kernel 2.6.28 because of the servers hardware
<giovani> guess you'll be compiling your own kernel then
<giovani> or check the PPA
<oly> yeah, looking that way
<oly> is there a ppa for openvz ?
<giovani> huh?
<giovani> PPAs are per-individual
<giovani> not per-package
<giovani> you'd just have to search
<oly> yeah i meant are you aware of any but, yes i will have to look
<giovani> no, I hate openvz
<oly> also what about migration
<oly> any tools for that ?
<giovani> migration of what?
<oly> to move from openvz to kvm
<giovani> uh ... no clue -- that's better asked in #openvz or #kvm
<oly> okay
<oly> thanks for the info though :)
<garymc> hey would anyone know why my sound works fine through my thin client then after a couple of times playing a file. it just plays silence? So i reboot Thin client and its ok for a bit then siklence again?
<Amgine> Hi! I've tried to install fastcgi on my (older) Ubuntu server, force reloaded and get a write error. Info about the server, error are at http://pastebin.ca/1557213
<Amgine> What I'm looking for is the chmod cantrip to give the server write permissions to /var/lib/apache2/fastcgi
<Amgine> If there's anyone here, I have an apache2 write error. Details here: http://pastebin.ca/1557311
<kinnaz> Amgine, running apache with what user
<Amgine> Vanilla install.
<Amgine> I presume www-data
<kinnaz> netstat -anp | grep apache
<Amgine> tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      6053/apache2
<kinnaz> aww
<kinnaz> that was fail :D
<Amgine> <nods> Big fail.
<kinnaz> ps -axu | grep apache
<Amgine> Should I paste this here?
<kinnaz> is there www-data
<kinnaz> or whats the user
<Amgine> Yes.
<kinnaz> so check out to whom the file bewlongs
<Amgine> <has no idea how to do that from the command line>
<Amgine> Actually, it's owned by www-data
<kinnaz> ls -la /var/lib/apache2
<kinnaz> paste the fastcgi line
<domas> apparmor? :)
<Amgine> drwxrwxr-x  3 www-data www-data 4096 2009-09-07 09:14 fastcgi
<domas> check dmesg for apparmor messages :))
<Amgine> <waves @ domas>
<domas> hi!
<Amgine> Actually, I think Atglenn just fixed it behind my back.
<domas> hehe
<Amgine> Thanks kinnaz! I *think* it's working, but we'll soon see.
<uvirtbot> New bug: #419515 in openldap (main) "[FFe] Update to 2.4.18" [Medium,New] https://launchpad.net/bugs/419515
<Amgine> <requests user page deletion: [[User talk:Amgine]]>
<Amgine> bah, ww.
<g-hennux> hi!
<g-hennux> i have a problem with kvm virtualization in ubuntu 9.04
<g-hennux> trying to setup a 9.04 vm, using either virt-install or vmbuilder
<g-hennux> installation works fine, but the vms are unable to boot
<g-hennux> i see grub, then "Boot from (hd0,0) ext3 ... Starting up..." and then nothing
<g-hennux> and there it stalls with 48% cpu usage
<g-hennux> (according to virt-manager)
<Claw6_> how to start a bash booting ?
<Claw6_> like hybserv e.q :)
<g-hennux> same happens if the harddisk is not partitioned using LVM
<g-hennux> the workaround from https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/396219 fixed this
<uvirtbot> Launchpad bug 396219 in kvm "kvm guests hang after startup" [Undecided,New]
<uvirtbot> New bug: #425915 in eucalyptus (main) "UEC installer does not set up a bridge device by default for Eucalyptus nodes (NCs)" [Undecided,New] https://launchpad.net/bugs/425915
<orutra> buenas tardes
<orutra> ando como perdido
<Pici> !es
<ubottu> En la mayorÃ­a de canales Ubuntu se comunica en inglÃ©s. Para ayuda en EspaÃ±ol, por favor entre en los canales #ubuntu-es o #kubuntu-es.
<orutra> ok perdon
<orutra> gracias
<orutra> voy pa lla
<uvirtbot> New bug: #417163 in openldap (main) "NSS overlay (nssov) fails to load" [Medium,In progress] https://launchpad.net/bugs/417163
<uvirtbot> New bug: #424541 in eucalyptus (main) "When installing a node controller, a bridge device should be created" [Medium,Triaged] https://launchpad.net/bugs/424541
#ubuntu-server 2009-09-08
<billybigrigger> hey all
<billybigrigger> i moved my virtual server over between hosts, and used the same vbox settings and all, i have vboxnetflt and vboxdrv modules loaded
<billybigrigger> but inside my 9.04 guest, i can't seem to bring up eth1, which is the interface configured in my /etc/network/interfaces
<billybigrigger> billybigrigger@sally:~$ sudo ifup -a
<billybigrigger> SIOCSIFADDR: No such device
<billybigrigger> eth1: ERROR while getting interface flags: No Such device
<billybigrigger> i can see it's listed in lspci
<billybigrigger> anyone have any suggestions i could try?
<uvirtbot> New bug: #425996 in postfix (main) "package postfix 2.5.5-1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/425996
<poningru> anyone around?
<poningru> can someone point me towards horde webmail installation guide?
<xenoterracide> when I installed the server I told it not to automagically do security updates
<xenoterracide> how do I change that?
<oh_noes> is it possible to install ubuntu server, then save all my options (disk config, timezone, dhcp,  etc) into a file
<oh_noes> then burn that file back into a CD or a USB or something
<oh_noes> I know it's called pre-seeding but I want to know how to save it and then use that saved file
<jmarsden> https://help.ubuntu.com/9.04/installation-guide/i386/appendix-preseed.html  has all the details on preseeding if that is what you want to do.
<uvirtbot> New bug: #420805 in mysql-dfsg-5.1 (main) "apport package hook only run for mysql-server-5.1" [Medium,In progress] https://launchpad.net/bugs/420805
<uvirtbot> New bug: #425923 in qemu (universe) "qemu segfaults instantly (dup-of: 422295)" [Undecided,New] https://launchpad.net/bugs/425923
<KurtKraut> I'm thinking of suggesting the owners of the MX servers I exchange the majority of e-mail traffic to stabilish a compresses gzip/lzo VPN with my servers to compress all e-mail traffic. If you guys receive this request, would you accept? Would you be worried about something?
<jmarsden> KurtKraut: Please don't crosspost... are you running Debian, or Ubuntu, on your server?  Use the appropriate channel.
<KurtKraut> jmarsden, I have both Debian servers and Ubuntu servers. This is not a distro-specific question. I'm trying to talk to many people as possible.
<ScottK> KurtKraut: Unless you were sending me money I'd explain that SMTP works via RFC compliant protocol and tell you to pound sand.
<KurtKraut> ScottK, but don't you belive this cooperative VPN would save bandwith for both sides, for me and you?
<KurtKraut> Both parts take benefit of the resource savings
<ScottK> KurtKraut: I believe it's extraordinarily unlikely to be worth the trouble.  Per recipient SMTP is just way to painful unless it cannot possibly be avoided.
<KurtKraut> ScottK, thats why I'm thing to offer this to the MX servers I exchange the majority of my traffic.
<KurtKraut> To be worthy
<ScottK> KurtKraut: Are you the majority of their traffic?
<KurtKraut> ScottK, no, but there is a chance I am. In that case, both parts would be interest in saving bandwith.
<ScottK> Personally, I'm more time constrained than I am bandwidth constrained so I'd still say no even then unless (maybe) it was apt-get install something from Main was all that was needed.
<PhotoJim> compressed VPN tunnels won't help on already-compressed data.  so if a large % of the email traffic is compressed attachments, there will be no gain and possibly a penalty.
<giovani> KurtKraut: VPNs are a huge pain in the ass to maintain
<giovani> bandwidth is incredibly cheap
<giovani> I would never agree to such a suggestion
<KurtKraut> giovani, not worldwide. Outside US and Europe, processors and much cheaper than bandwith
<ScottK> Well PhotoJim's point is also valid.  It may not even help.
<giovani> then surely you'll get a response
<giovani> there's no need to ask here, since we're not the ones you want to comply
<giovani> right, in addition to the issue of whether someone will listen to you is whether or not it's even a valid idea
<giovani> there's a large amount of overhead with most VPNs
<giovani> I doubt you'd see any reduction in traffic, if anything, an increase, not because of compression issues, but because VPN protocols add a good amount of overhead
<KurtKraut> PhotoJim, OpenVPN compression tests the stream of data from time to time. If the stream is already compressed and/or it is not worthy to compress it again, it will stop compression to that stream and will check later if compression would be better.
<ScottK> KurtKraut: It really smells of adding a lot of complexity  and not worth the trouble.
<KurtKraut> giovani, all the points you're making here are helping me to provide a better text to make the offer, already covering the points you guys are making here.
<giovani> KurtKraut: well the points I (and we) are making are meant to show you that it's not a good idea at all, not how to craft an email to them
<PhotoJim> KurtKraut: oh, that's good to know.
<KurtKraut> And many HTTP traffic is compressed.
<giovani> KurtKraut: yes, the content itself, inside of the protocol, not encapsulating it in a VPN tunnel which happens to be compressed
<giovani> there's a huge difference
<KurtKraut> curl --head --compress --silent www.lighttpd.net | fgrep gzip
<KurtKraut> And, as e-mail, HTTP traffic has a lot of images, binaries etc.
<giovani> I'm not sure what you're trying to demonstrate with that
<KurtKraut> giovani, I'm trying to demonstrate that HTTP is widely used with gzip compression, I think e-mail traffic could have the same benefit.
<ScottK> KurtKraut: You asked for an opinion.  You got several.  If you think it's a great idea, get an RFC published.
<giovani> KurtKraut: you're sorely mistaken if you're comparing content compression in HTTP to encapsulating SMTP traffic in a VPN tunnel which happens to be compressed
<giovani> this is an issue that's been discussed before: http://www.faerber.muc.de/temp/20020404-gzip-compression-in-nntp-smtp-pop3-imap.html
<giovani> try using a real, planned method
<giovani> and not an ugly hack
<KurtKraut> giovani, thanks for the link
<giovani> google provided plenty
<quizme> does anybody here have an epson printer/scanner?
<quizme> Package libltdl3 is not installed  <---- but libltdl7 is installed already
<quizme> libltdl3  <--- how do i install that ?
<ScottK> quizme: libtdl7 provides libtld3, so it should be fine.
<quizme> scottk: http://pastie.org/609151
<quizme> scottk: the package won't install
<quizme> scottk: can i install this?  http://packages.ubuntu.com/hardy/libltdl3
<ScottK> Possbily.
<ScottK> It looks like the problem is it's a versioned depends and versioned provides aren't supported.  Where did you get the package?
<quizme> scottk: http://www.avasys.jp/lx-bin2/linux_e/spc/DL2.do
<quizme> from there
<ScottK> You can try to install libtdl3 from Hardy, but it probably conflicts with libtdl7.  If you get any errors, don't force it, that would be bad.
<quizme> oh
<quizme> the iscan one works
<quizme> i just did that one
<quizme> i just installed that one
<quizme> scottk: should i use this one? Source file (for 64bit architecture, Fedora 11 or later)  ?
<ScottK> No.
<ScottK> Personally, unless I really needed this package, I would pass.
<quizme> scottk: it's for my printer..
<ScottK> You might ask them to rebuild it against libtdl7 (or do it yourself if source is available)
<quizme> source is there
<quizme> scottk: how do i build it using libtdl7 ?
<ScottK> Does the source include a Debian style source package?
<quizme> scottk there is a debian folder in there
<ScottK> What is the libtdl related package listed in Build-Depends in debian/control?
<quizme> scottk http://pastie.org/609204
<ScottK> quizme: OK, so it's getting pulled in indirectly.
<quizme> scottk: what should i do ?
<ScottK> quizme: You likely can download that and then rebuild it and get an installable .deb.
<ScottK> It's midnight here, so I need to get to bed.
<ScottK> There's stuff on the Ubuntu wiki about rebuilding packages.
<quizme> scottk: ok thanks. so i need to rebuild libtdl3 ?
<ScottK> quizme: No, your package that you want.
<quizme> you mean rebuild the .deb packgage from the source files ?
<ScottK> If you build it on the target platform it'll want libtdl7 as you have
<ScottK> Yes
<quizme> oh
<quizme> ok
<quizme> scottk can u help me build the package ?
<quizme> i never built one before
<ScottK> Possibly tomorrow
<ScottK> Others can probably help too
<quizme> ok
<quizme> thnx
<quizme> good night
<quizme> you're on the east coast /
<ScottK> Yep.  Good night.
<quizme> scottk: Type of package: single binary, multiple binary, library, kernel module, kernel patch or cdbs?
<quizme>  [s/m/l/k/n/b]
<ScottK> quizme: You don't need to create a debian package, just compile one.  The question tells me you are following a recipe for creating one.
<quizme> scottk: what's the command ?
<ScottK> debuild -us -uc
<quizme> so i just type that in the source folder ?
<ScottK> Yep.  It should give you useful errors if there are problems.
<quizme> scottk: http://pastie.org/609214
<quizme> Unmet build dependencies: libcups2-dev | libcupsys2-dev libcupsimage2-dev libgtk2.0-dev libjpeg62-dev
<quizme> shoudl i do sudo apt-get install on all of those packages ?
<quizme> it's compiling like crazy now...
<quizme> scottk: does this mean it worked ?   http://pastie.org/609222
<quizme> http://pastie.org/609222  <--- did that compile the debian package ?
<uvirtbot> New bug: #330586 in mysql-dfsg-5.0 (main) "mysql-dfsg subprocess post-installation script killed by signal (Interrupt)" [Undecided,Invalid] https://launchpad.net/bugs/330586
<uvirtbot> New bug: #391508 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocesso post-installation script retornou erro do status de sa?da 1" [Undecided,Invalid] https://launchpad.net/bugs/391508
<uvirtbot> New bug: #398000 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 [modified: usr/share/mysql/sql-bench/limits/mysql-4.0.cfg] failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/398000
<jmarsden> quizme: Yes, looks like it built, but you have a pile of lintian warnings and one lintian error in that package which need fixing.
<ScottK> quizme: Probably
<ScottK> jmarsden: It's for his own use, so none of those are very important.
<error404notfound>  i got this: http://pastebin.com/m7fb38df3 in one of my server's logwatch email, whats this, is this critical?
<poningru> looking
<poningru> hmm
<poningru> it seems to be a kernel component somehow related to hardware times
<poningru> your cmos battery may be dieing
<poningru> though that is a complete guess
<poningru> the other alternative is reseting your bios
<uvirtbot> New bug: #394360 in mysql-dfsg-5.0 (main) "chown: cannot access `/var/run/mysqld': No such file or directory ERROR: 1146  Table 'mysql.user' doesn't exist 090701 18:45:55 [ERROR] Aborting  090701 18:45:55 [Note] /usr/sbin/mysqld: Shutdown complete   * Reloading AppArmor profiles ...                                                                                                                    [ OK ]   * Starting MySQL database server mysqld
<quizme> jmarsden: do you mena this one?  E: pipslite: debian-changelog-file-missing
<jmarsden> quizme: Yes... but as ScottK says, if this is just for your own use, the warnings and errors are safe to ignore.
<quizme> jmarsden oh ok. great!
<quizme> i wish i could help all those poor folks who have to go through this.
<quizme> is it possible to make a *.deb file
<error404notfound> poningru, thanks
<quizme> then i can send it to launchpad or avasys.jp
<quizme> or should i not mess with it ?
<uvirtbot> New bug: #399440 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.51a-24 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Medium,Incomplete] https://launchpad.net/bugs/399440
<uvirtbot> New bug: #407845 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: ?????????? post-installation script ????????? ??? ?????? 1" [Medium,Incomplete] https://launchpad.net/bugs/407845
<uvirtbot> New bug: #410635 in mysql-dfsg-5.0 (main) "impossible to properly install MySQL" [Medium,Incomplete] https://launchpad.net/bugs/410635
<uvirtbot> New bug: #410974 in mysql-dfsg-5.0 (main) "I forget the bug,but I can't install the mysql-server on my ubuntu PC." [Medium,Incomplete] https://launchpad.net/bugs/410974
<roxy09> hi there, I need that everybody from anydirectory can access to some library. Somebody know how i can do that?
<kinnaz> chmod -R 755 ?
<roxy09> i mean, i need execute a program (which any user account) and this program call some library that is in somewhere. How I can set that they can look for the libray in some specific folder?
<roxy09> alo
<jmarsden> Just put the library in the usual place (under /usr/lib/ ) and all programs will look for it there and dynamically link to it as needed?  Is that what you mean?  You are not being all that clear...
 * andol would rather use /usr/local/lib for that purpose. Putting things under /usr/lib could theoreticly cause a collison with the package manager.
<andol> (In other words, for your own stuff, use /usr/local)
<roxy09> i suppose, i would like that any user account can execute a program and this program can route to the library
<jmarsden> route to?  How do you route to a library?  What library are we talking about here?  Can you give us a specific example?
<roxy09> i mean i am using a program and this program need a library ...i need to set if anything from anywhere and which any account that that call this library...the system can know ehre go for this library
<jmarsden> The library should be installed into one of the standard places for libraries.  /usr/local/lib should work fine, as andol suggested earlier.  Did you try that yet?
<the-dude> ping soren
<soren> the-dude: Yes?
<the-dude> are you working on cobbler on ubuntu?
<soren> No.
<the-dude> https://wiki.ubuntu.com/CobblerSpec ?
<the-dude> or is that just a wanted feature?
<soren> the-dude: Wanted feature. I've never managed to find the time to work much on it.
<the-dude> so it is still open to get working on it? :)
<the-dude> im pretty far with it
<soren> Oh, rocking. I'd love to review it.
<the-dude> will you be able to sponser me?
<the-dude> do I need to report it anywere that im working on it ?
<acalvo> alexm: I didn't succed with sympa
<acalvo> maybe I'll give it another try
<acalvo> was very interesting though, because it had LDAP functionality
<alexm> acalvo: what was the problem?
<acalvo> the installation wasn't so easy
<acalvo> at least, I didn't find it so easy
<acalvo> the debian installer mixed up some things
<acalvo> although I setted up another mysql server, it was pointing to localhost
<acalvo> the DB tables weren't created
<acalvo> and when I finally fixed up everything
<acalvo> fcgi wasn't working (or not linked)
<acalvo> the apache configuration was not deployed
<alexm> acalvo: too bad, maybe the package needs a bit of love ;)
<simplexio> question: does .htacces affect php code executed on page
<domas> it may
<soren> the-dude: Yes, I can sponsor it when we get that far.
<the-dude> soren: thats nice thanks, will keep you informed :)
 * soren lunches
<highvoltage> if kvm falls back to qemu, does it use plain qemu or kqemu?
<uvirtbot> New bug: #426197 in eucalyptus (main) "Walrus cannot be registered using the Web UI" [Undecided,New] https://launchpad.net/bugs/426197
<alexm> acalvo: did you try sympa on karmic or you depend on an older release?
<soren> highvoltage: Which version of Ubuntu?
<acalvo> alexm: root@venus:~# cat /etc/issue Ubuntu 9.04 \n \l
<highvoltage> soren: 9.04
<soren> highvoltage: plain qemu
<highvoltage> soren: I remember that KVM just used to refuse running on this laptop so I was pleasantly surprised when it provided at least some fallback today :)
<soren> highvoltage: Yeah, I think that changed in Intrepid.
<highvoltage> soren: ah nice, it makes it possible to test some things on some none-vt hardware that can move to better hardware later
<highvoltage> soren: is there a ncie way to make it use kqemu yet or should I do a bit of hackery?
<soren> highvoltage: You're going to have to do that yourself, I'm afraid.
<highvoltage> soren: ok, thanks for the feedback!
<soren> highvoltage: np
<al_paun> Hi there
<al_paun> I have a problem with imap-ssl on ubuntu ... in log i got this "Maximum connection limit reached for ... IP
<al_paun> does anyone knows how to fix this?
<al_paun> join #ubuntu
<nijaba> al_paun: using dovecot?
<al_paun> i think it's cyrus
<al_paun> cyrus yes not dovecot
<nijaba> al_paun: ah, sorry, I know about dovecot mail_max_userip_connections, cyrus must have something similar
<al_paun> i have MAXPERIP in imap-ssl config file
<al_paun> what should i set to this variable (less i mean 10 or high number of connections 64)?
<al_paun> it seems that some connections does not close (stay on CLOSE_WAIT) but they don't close.
<al_paun> sometimes i got this error Unexpected SSL connection shutdown
<al_paun> how can I debug the courier-imap-ssl?
<zul_> morning
<smoser> anyone have a centos 5.0 dvd (i386 or x86_64, i need both).  I'm downloading them from bittorrent, but thats not going so quickly... been going for over 24 hours and only 15% on one of them. (htere is only 1 peer)
<the-dude> smoser: ?
<maswan> smoser: well, maybe you should try downloading them from a mirror? or run ubuntu instead, which is much more awesome than centos.
<andol> smoser: 1) Wouldn't #centos be a much better question for that question? :) 2) Tried downloading directly (http/ftp) from a nearby mirror?
<smoser> 5.0 dvds are not available on any mirrors (5.3 is current).
<uvirtbot> New bug: #426245 in openssh (main) "german only: OpenSSH gibt Angreifern zu viele Informationen preis" [Undecided,New] https://launchpad.net/bugs/426245
<smoser> probably #centos would be better, agreed. i'm in need of them for ubuntu related work.
<smoser> zul_, ^
<zul_> hi smoser
<zul_> smoser, i386 or amd64?
<zul_> well it doesnt really matter: http://vault.centos.org/5.0/isos/
<smoser> both, ideally. the i386 is coming much faster (~ 20k)
<smoser> zul, there are no dvds there. only the torrents.
<smoser> which are horrid slow
<zul> yeah but there is six isos
<smoser> 6 isos. yuck. :) ideally i can do a unattended vm install that takes less than a week
<Claw6> how to run a command after boot (not after login) i want to start hybserv after bootup because i alway need to start it by hand
<clusty> Claw6, you need to create /etc/rcX.d entries
<clusty> where X is thje runlevel you want your thing to execute
<clusty> i got 2 problem I hope you can help me with
<smoser> soren, the reason i was moaning about bittorrent downloads is that the images (centos 5.0) i need have 2 peers, i'm getting ~ 10k right now.
<smoser> for a dvd image... only 11 more days :)
<clusty> 1)i got ldap user auth working but i cannot change passwords. whenever i do passwd i am askjed for ldap password which should not happen and no poassword works
<clusty> i think something fishy is maybe going on with PAM?
<soren> smoser: :(
<clusty> 2)i am having still some local net DNS issues. the nodes can resolve the DNS server machine but not each other. can some1 help me out? i wrote the zzone file to the best of my knowledge and the conf file for bind
<kpettit> Good morning.  Any good ideas on setting up QOS?
<kpettit> I'm running alot of services on a remote box, Asterisk being one of them.  Sometimes I get lag becuase the services compete for bandwidth so I'd like a easy way to make "SIP" the priority.  Any ideas?
<giovani> yeah, have the router/switch provide QoS
<kpettit> It's a hosted box, so I don't have that option. So I take it there isn't a easy way to do QOS at PBX level?
<maswan> Hm. What is the resonable way of specifying interfaces these days, when the kernel keeps renumbering for me?
<ivoks> manjo: /etc/udev/rules.d/70-persistent-net.rules
<ivoks> er..
<ivoks> maswan: ^^
<ivoks> mathiaz: hi
<mathiaz> ivoks: hi! how are you doing?
<ivoks> mathiaz: you'd be jelaous if i would tell you :)
<mathiaz> ivoks: hm - I getting ready! shoot!
<ivoks> mathiaz: i'm sea kayaking
<mathiaz> ivoks: hm - like right now now?
<ivoks> mathiaz: but, i'd like to ask you something
<ivoks> no, right now i'm waiting for the meeting :D
<maswan> ivoks: ah, thanks. last time I had reson to fiddle with that, was in the good old days of /etc/iftab
<ivoks> mathiaz: anyway, i'd like to sync some packages from debian
<ivoks> mathiaz: all are in main, so i'd need someone to push the magic button
<clusty> kpettit, i think you got l7 filters
<ivoks> mathiaz: i'll report bugs, but i need someone who understands what to do
<clusty> kpettit, i never set it up myself
<clusty> kpettit, easiest is to get a separate box and install entangle
<clusty> or whatever routing distro
<clusty> has evrything out of the box
<ivoks> mathiaz: if i file bugs against openais, corosync and rhcs, it's possible that someone would sync rhcs before other two
<mathiaz> ivoks: right. Reporting bugs is the first step, then subscribe -main-sponsors
<clusty> kpettit, for me at home a tomato flashed router works miracles
<mathiaz> ivoks: ok - just write this down in the bugs
<mathiaz> ivoks: which one should be synced first
<ivoks> and if i file for corosync and wait for it, then wait for openais and then for rhcs, a week will pass :)
<ivoks> ok
<mathiaz> ivoks: and the Archive Admins will do the right thing
<clusty> anybody has to nerves to help me with my dns issues?
<mathiaz> ivoks: they're intelligent people - they'll figure it out if it's written in a bug
<ivoks> :)
<kpettit> clusty: Its a hosted box and I only have the one hosted box.
<clusty> try l7
<clusty> think some iptables magic is also needed
<clusty> i am still scared of iptables :D
<clusty> kpettit, might try also TCP vegas :D
<clusty> kpettit, very very new algo
<clusty> dunno how efficient though
<kpettit> clusty: I'm using arnos iptable scripts right now, but I don't have any QOS type of options.
<kpettit> I'll look into those other ones you suggested though.  Thanks
<giovani> kpettit: QoS in iptables is complex, and may not perform the way you want depending on how bandiwdth is limited
<kpettit> giovani: that's what I'm worried about.  Fun fun fun
<maswan> oh, fun, fun. latest karmic kernel or grub seems not to boot.
<giovani> maswan: gotta be more specific than that
<maswan> giovani: seems to be hitting #424503 now that I was more specific
<uvirtbot> New bug: #426309 in eucalyptus (main) "package eucalyptus-nc 1.6~bzr588-0ubuntu6 failed to install/upgrade: podproces novÃ½ pre-removal skript vrÃ¡til chybovÃ½ status 1" [Undecided,New] https://launchpad.net/bugs/426309
<maswan> Going to try the workarond mentioned in the bug before I rant more (or click "me too" :) )
<soren> ivoks: Have you used glusterfs at all?
<ivoks> soren: no
<ivoks> soren: but i plan some testing
<soren> ivoks: Ok.
<soren> ivoks: I've played a bit around with it. I really like it.
<ivoks> i tried it while it was a part of gluster (whole cluster)
<ivoks> but 'tried' like couple of seconds
<soren> ivoks: drbd always gave me this unpleasant feeling.. If something went wrong, all my data would be eaten. With something like gluster, I just feel safer.
<soren> glusterfs, I mean.
<VirtualDisaster> soren: i know the feeling
<soren> ivoks: I'm not familiar with gluster (apart from glusterfs). What does it do?
<VirtualDisaster> soren: hopefully w/ the arrival btrfs we can feel safer
<ivoks> it was a livecd cluster system
<VirtualDisaster> ivoks: it is a cluster filesystem?
<ivoks> looks like glusterfs is the only thing left from it
<VirtualDisaster> oic nvm
<ivoks> at that time, there was no gluster inc. :)
<smoser> what is 'o/' ?
<soren> smoser: It's a head and a hand. It's me, waving.
<ivoks> wave
<smoser> ah
<smoser> i thought the bot might be registering attendance based on that
<ivoks> good idea :D
<uvirtbot> New bug: #386463 in vm-builder (universe) "vm-builder images and configuration files should not be world readable" [Undecided,Confirmed] https://launchpad.net/bugs/386463
<smoser> how/where does mootbot publish meeting notes ?
<Claw6> okay again.... irc crashed.... i want to lunch "hybserv" after boot without login. at the moment i have to do it by hand dont want so
<Claw6> how can i do that?
<giovani> Claw6_: put a script in the proper runlevel directory
<smoser> soren, ttx, zul ? how/where does mootbot publish meeting notes ?
<Claw6_> clusty said i need to edit /etc/rcX.d
<Claw6_> is that file loaded after every boot?
<soren> smoser: from this meeting or an earlier one?
<zul> smoser: umm...i think its on the web someware
<giovani> Claw6_: it's not a file, those are directories
<giovani> you need to place a startup script, and name it properly in the right folder
<zul> smoser: you could always look at irclogs.ubuntu.com http://irclogs.ubuntu.com/2009/09/08/%23ubuntu-meeting.html
<Claw6_> what folder shall i use? rcS.d?
<smoser> i just thought, since he's marking certian things, that those things would be highlighted somewhere ([action] and the like)
<zul> smoser: yeah but im not sure where it is off the top of my head
<coma_> "configure software raid" is not showing!
<coma_> but "Activate Serial ATA RAID devices?" is...
<Claw6_> well there is ja start script of hybserv but it doesnÂ´t work
<zul> kirkland: ping why does bochbios needs to be a build dependency for qemu-kvm it doesnt use it anywhere by the looks of it
<coma_> hi, is someone there?
<coma_> some Dr. House for a Ubuntu Server instalation diagnosis?
<coma_> oh well...
<genii> coma_: "activate serial ATA RAID devices"... along with no "configure software raid" hints you have some hardware raid solution on your motherboard
<coma_> hi!
<coma_> yes, the mb has a raid hardware enabled
<coma_> but
<coma_> if I use this it'll install everything without any problems... until I retart it...
<coma_> the raid is not recognized
<coma_> the mb is not booting with the raid
<ivoks> mb don't have hardware raid
<ivoks> the thing you have is called fakeraid
<zul> kirkland_:  ping why does bochbios needs to be a build dependency for qemu-kvm it doesnt use it anywhere by the looks of it
<garymc> I goto sound preferances: error message: gconfaudiosink profile=music: Failed to connect: Connection refused
<garymc> this is in my thin client
<garymc> It works for a bit/until i play about 6 songs then stops working
<garymc> I get that error above
<nijaba> Daviey: iirk... we lost all translations of the tips! :(
<Daviey> nijaba: yes, they are "fuzzy" translations.. Needing Review
<Daviey> they are still there, but because of the pot string change, they are now fuzzy
<nijaba> ah, ok...  so we did not lose them.  good..  I was scared for a bit
<uvirtbot> New bug: #225260 in kvm (universe) "control file description miss-leading" [Low,Fix released] https://launchpad.net/bugs/225260
<uvirtbot> New bug: #243393 in linux (universe) "dmesg is flooded with warnings in kvm/mmu.c" [Low,Fix released] https://launchpad.net/bugs/243393
<Daviey> nijaba: If they do get lost, they are in in bzr anyway.
<Daviey> but they are actually in the .po files, just "need review"
<nijaba> Daviey: well, on the translation interface in lp, it is as if there was nothing there at the moment
<nijaba> Daviey: https://translations.edge.launchpad.net/ubuntu-server-tips/trunk/+pots/ubuntu-server-tips/fr/+translate
<Daviey> nijaba, yeah hardly ideal - but if you check the "import queue"
<ahasenack> is there someplace other than cdimage.ubuntu.com from where I can get the karmic server iso?
<ahasenack> cdimage is too slow from here
<ahasenack> it's like 12h to download the image
<maswan> http://ftp.acc.umu.se/mirror/cdimage.ubuntu.com/
<maswan> if you're lucky
<ahasenack> thanks
<Daviey> ahasenack: cdimage.ubuntu.com AFAIK is the only place with the daily images.
<maswan> it has alpha-5
<ahasenack> Daviey: I'm fine with alpha-5, I can update from there
<maswan> but not dailies
<maswan> basically I mirror the "releases" subdir
<ahasenack> cool, that's better
<ahasenack> 200kb/s
<ahasenack> maswan: thanks!
<zul> mathiaz: what do you think of getting a FFE for dovecot karmic is still at 1.1.11
<mathiaz> zul: for what version of dovecot?
<mathiaz> zul: 1.1 or 1.2?
<zul> 1.2
<mathiaz> zul: I think it's too late
<mathiaz> zul: why should we upgrade to 1.2?
<zul> k what about 1.1.12 then since there are some bugfixes in launchpad that it solves
<mathiaz> zul: the latest version of dovecot 1.1 in unstable was 1.1.16
<mathiaz> zul: it seems that updating to the latest version of the 1.1 serie makes sense
<zul> that works as well but 1.2.4 is in unstable
<zul> sure
<mathiaz> zul: it seems that upstream was mainly fixing bugs on 1.1
<mathiaz> zul: it would be much easier to get a FFe for the latest 1.1
<zul> i agree
<zul> ill put it on my list for this week
<mathiaz> zul: 1.2 is a major update - it seems too late for karmic
<zul> i agree
<orudie> Ð°ÑÐ´Ñ
<orudie> hi, anyone here familiar with vtiger ?
<kaushal> hi
<kaushal> anyone have used autossh ?
<kaushal> since its available in ubuntu
<orudie> hi, anyone here familiar with vtiger ?
<ScottK> orudie: Asking the same question every 10 minutes is more likely to annoy people than get you help.
<orudie> ScottK-> oh, i thought no one knows the answer and someone else joined who actually does
<orudie> ScottK-> anyway sorry if i made you feel bad
<VirtualDisaster> orudie: ?
<orudie> VirtualDisaster-> ?
<VirtualDisaster> orudie: nvm
<kaushal> !autossh
<ubottu> Sorry, I don't know anything about autossh
<konza_> blackxored,  hi
<blackxored> konza_, hi again ask your question here?
<blackxored> hello again folks, konza_ is having some little problems when changing postfix's default listening port
<VirtualDisaster> why are you wanting to do that?
<konza_> blackxored,  i think its not main.cf         its master.cf
<blackxored> konza_, so you splitted I think paste master.cf
<blackxored> VirtualDisaster, ISP blocks I think
<VirtualDisaster> hmm looks like this is going to be fun
<VirtualDisaster> dpkg-reconfigure postfix
<VirtualDisaster> that should allow you to change the listening port iirc (havent used it in awhile)
<blackxored> VirtualDisaster, ;)
<blackxored> VirtualDisaster, we didn't want to do that
<VirtualDisaster> then youre making it harder on yourself
<konza_> link of paset bin pls
<VirtualDisaster> any other solution to this problem will involve more work than it is worth
<VirtualDisaster> unless you want to start learning about various aspects of firewalling today
<bensie> hi guys, wondering if i can get some insight to a problem i'm having with KVM and vmbuilder on 9.04
<VirtualDisaster> bensie: ask away,
<VirtualDisaster> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<bensie> sorry....
<konza_> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at  http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from  command line | Make sure you give us the URL for your paste - see also the channel topic
<blackxored> konza_, a second am on it again
<bensie> i'm getting an "invalid compressed format (err=1)" when booting any VMs created with vmbuilder in the past 2 days
<konza_> VirtualDisaster, Isp is blocking port 25, what to do?
<konza_> blackxored, k
<konza_> blackxored, http://paste.ubuntu.com/267444/
<VirtualDisaster> konza_: one sec
<bensie> we're not using a local mirror -- but i'm wondering if there's any way to use an ISO for the install, then remote apt for packages to ensure each VM is built with a consistent image
<VirtualDisaster> konza_: is this for work or for just play?
<VirtualDisaster> i really dont want to waste time if this is one of those "oh im just playing" scenerios
<konza_> VirtualDisaster, didnt get u
<blackxored> konza_ in /etc/postfix/master.cf -you right s/smtpd/<your port>
<blackxored> and then restart it
<VirtualDisaster> konza_: i mean are you using this in production? i dont want to spend a lot of time helping if youre just "testing" ubuntu
<blackxored> i dont' think a SIGHUP will suffice
<blackxored> konza, was using exim so hard to tell at first, ;)
<blackxored> konza_, but that may suffice
<konza_> VirtualDisaster,  I want to make a site similar to gmail, i am behind this for the past 2 days.   it was written on some ubuntu docs that many isp's block port 5 and its suggested to use port 587.
<VirtualDisaster> really, mind if i pm you
<bensie> any KVM experts out there?
<VirtualDisaster> bensie: just ask and wait
<blackxored> port 587 is for secure smtp
<blackxored> konza_, ^
<blackxored> konza_, that was probably the suggestion, and IMHO most ISPs *allow* 25
<konza_> but this command is not working           'telnet localhost 25'          its needed for checking weather auth smtp and tls are working properly
<henkjan> in the netherlands lots of ISPs block outgoing port 25
<ScottK> port 587 is for submission (secure or not).
<blackxored> konza_, if you changed the port then won't work
<ScottK> It's a current mail system best practice to use it (not just Ubuntu)
<blackxored> ScottK, you're right ;)
<frojnd> Hello there.
<frojnd> I'm just wondering is there a official keylogger for ubuntu?
<frojnd> For home use ofcaurse!
<blackxored> ScottK, and normal mail delivery is still for 25, right?
<konza_> blackxored, but this command is not working           'telnet localhost 25'          its needed for checking weather auth smtp and tls are working properly
<blackxored> frojnd, in the repos there's lkl, but doesn't buy me at all
<blackxored> konza_, if you changed the port in master.cf won't work then
<blackxored> konza_, in that port
<konza_> blackxored, how to check, what the currently assigned port is?
<blackxored> netstat -tan ;)
<blackxored> if you have something listening on ::25 then you didn't change the port
<blackxored> if you don't then you have changed that in master.cf as I said, where you should replace smtpd with the port you wanted
<Sp0tter> What would cause a samba shared directory to show up as a printer?  when i run testparam on my config it always shows that share as "printable = yes"  no matter what I set it as
<konza_> blackxored, can u tell that command fully........         netstat ..........
<blackxored> netstat -tan
<kamilion> Where can I find the iscsi boot documentation for karmic/jaunty? I have my targets set up, but I just can't seem to get d-i to give me the iscsi options.
<konza_> blackxored, http://paste.ubuntu.com/267477/
<blackxored> konza_, there it is, so what's your problem
<blackxored> it's listening on ::24
<blackxored> s/24/25
<smoser> soren, can you add me to the vmbuilder project? i think i need to be added there in order to change status of a bug (bug 426424)
<uvirtbot> Launchpad bug 426424 in vmbuilder "need md5sums created for uec-images" [Undecided,New] https://launchpad.net/bugs/426424
<konza_> blackxored, my prob is solved... thanks for helping me
<blackxored> konza_, glad to help ;)
<Vog> OK, I was just asked a question I do not know the answer to. Is there a way to migrate a a server from 32 to 64 bit while maintaining packages and settings?
<kpettit> Vog: painfull
<VirtualDisaster> konza_: can you hear me in PM?
<Vog> Those were my thoughts.... but I've never tried to do it so I could not answer the question definatively
<kpettit> Depending on the apps, my experience is it'd be chancy
<VirtualDisaster> Vog: just setup the new server
<VirtualDisaster> then migrate when everything is working
<VirtualDisaster> i dont see a issue
<kpettit> I'd suggest backing up all your settings and config's and building a new server from scratch
<VirtualDisaster> i agree w/ kpettit
<VirtualDisaster> leave the existing one alone until the new one is ready
<VirtualDisaster> dont do like um *cough* MS admins *cough* and do first then think
<VirtualDisaster> think, plan, execute
<kpettit> if you have everything backup'd up and your brave you could do a new 64bit install on the existing system and not format the drives which would leave alot of the data.  But the results would be unpredictable
<VirtualDisaster> yeah thats not a good idea in any situation
<kpettit> If it was a remote system I wouldn't never chance it.  But if it was a server under my desk and I had the time and option to play aroudn with it, it would be fun to try
<VirtualDisaster> or just get a diff hdd
<kpettit> But on any serious system I would just build a new one from scratch
<VirtualDisaster> thats what i did when i got tight on hardware
<kpettit> good idea.
<VirtualDisaster> that way if anything messes up just slap in old one
<kpettit> exactly.
<VirtualDisaster> not to mention you get practice in "HotHardDrive Potato"
<kpettit> My setup is a couple servers at my house and some remote hosted ones.  I'm very hesitant to do anything on the remote ones
<VirtualDisaster> kpettit: yeah
<kpettit> Do you use 32bit or 64bit?
<kpettit> I gave up on 64bit.  I never use it unless I have a specific app, like a monster database that needs the big memory chunks.  64bit was too much of a hassle for me
<VirtualDisaster> 32
<VirtualDisaster> yeah 64 seems to much to deal w/
<VirtualDisaster> i use 32bit w/ server kernel to get more ram
<kpettit> I don't even consider it for the desktop anymore, to many issues
<VirtualDisaster> yeah
<VirtualDisaster> and until its supported better whats the point?
<kpettit> exactly.  no benifit for me to use 64bit
<Vog> This si for our mail server. I already have the system imaged and was working on putting the old image on new hardware when someone asked if we could also migrate the system to 64-bit
<VirtualDisaster> Vog: imo i dont see a need, especially if the app isnt written for 64 bit
<Vog> There are benefits to 64 bit for me considerieng the load the mail server has
<VirtualDisaster> it will not gain anything
<VirtualDisaster> i would suggest in optimizing the setup
<VirtualDisaster> like doing system profiling
<VirtualDisaster> that way you can get the what, why and how
<VirtualDisaster> to create a solution based on the information you gather in the profiling
<Vog> All the same the I have my answer, a migration to 64 bit is best accomplished by a fresh install
<kpettit> yes, it's the safest way.
<Vog> IN this case safe is relative...
<kpettit> :)
<Vog> The main server is staying as is while the new one is built
<kpettit> Ah that should work well for you the.  Give you a chance to test things out and migrate apps one at a time
<Vog> I have new server hardware and an external image of the drive
<iive> hello,  if I know the exact name of library/module how can i find the name of the package containing it. Google gives me far too many results without the info i need.
<konza_> nope
<konza_> VirtualDisaster, nope
<kamilion> Where can I find the iscsi boot documentation for karmic/jaunty? I've gone through a bunch of docs trying to figure it out, but debian-installer never seems to load the partman iscsi module, even if I pass iscsi=true on the kernel command line.
<VirtualDisaster> konza_: odd
<VirtualDisaster> konza_: tell ya what just drop me a line on my website
<VirtualDisaster> use the contact form, i would like to follow up w/ you on a few items
<konza_> VirtualDisaster, can u here me inn pm
<VirtualDisaster> konza_: yes sir
<iive> kamilion: i think it is provided as module.I've seen it in the additional module selections when choosing disks
<kamilion> I get that module loader, when there's no internal drive
<kamilion> https://bugs.launchpad.net/ubuntu/+source/open-iscsi/+bug/236640
<uvirtbot> Launchpad bug 236640 in open-iscsi "iSCSI install fails under hardy" [High,Fix released]
<kamilion> The last message there says at least one disk needs to be detected for partman to load the modules. I've tried with and without disks, but nothing I do seems to enable iscsi.
<VirtualDisaster> kamilion: iirc youll have to create some sripts to make it work properly
<VirtualDisaster> i looked into it once but couldnt get it to work so i was like screw it at this point
<kamilion> Where might I find some help or documentation on how to do that?
<kamilion> Yeah, I just noticed the A4/A5 release notes saying iscsi boot should work now.
<kamilion> But I can't find any docs or blogs, I've been messing with it with a couple days now.
<iive> kamilion: most probably, suspend the automatic installation open shell and make the connection manually.
<kamilion> right, there was a mention in that bug thread about "apt-setup/proposed=true", but I couldn't figure out the meaning of it
<VirtualDisaster> kamilion: you will have to create a few custom rc scripts, i have no really useful links for this matter unfortunately
<statik> hi kirkland :)
<kamilion> allrighty. I'll keep trying. Guess I'll give a NFSRoot install a shot, at least that's documented.
<VirtualDisaster> kamilion: good luck and if you have success i would love to know what you did
<VirtualDisaster> maybe then i can document it !
 * kamilion nods
<kamilion> I'll try bugging the devs working on it. I'd be happy to submit some docs as well
<uvirtbot> New bug: #423497 in vm-builder "Sudoers file is misconfigured in AMI ami-5059be39" [Medium,Confirmed] https://launchpad.net/bugs/423497
<kamilion> I'm trying to move from a TFTP-boot to HTTP-boot with gpxe. Hopefully I should end up with a short howto on http-boot+iscsi-root, cause it's only the iscsi-root bits giving me problems so far.
<uvirtbot> New bug: #378831 in mysql-dfsg-5.1 (main) "MySQL 5.1 support for innodb plugin broken" [Undecided,Fix released] https://launchpad.net/bugs/378831
<frojnd> If application is made for 32bit x86 architechture. Is there a way to install it on 64bit? http://sourceforge.net/projects/lkl/
<uvirtbot> New bug: #381202 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.31-1ubuntu2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Medium,Incomplete] https://launchpad.net/bugs/381202
<kamilion> frojnd: yeah, apt-get install ia32-libs && dpkg --force-architecture -i your-i386.deb
<Vog> frojnd: you could use the linux32 command  for instance linux32 uname - a
<kamilion> iirc there's also 'ia32-apt-get'
<Vog> kamilion: I htink you would need to run getlibs after that... or would you?
<frojnd> kamilion: what is your-i386.deb?
<uvirtbot> New bug: #394515 in mysql-dfsg-5.1 (main) "mysql-server-5.1 does not include ndb (mysql-cluster)" [Wishlist,Triaged] https://launchpad.net/bugs/394515
<uvirtbot> New bug: #407533 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.31-1ubuntu2 failed to install/upgrade: le sous-processus post-installation script a retourn? une erreur de sortie d'?tat 1" [Medium,Incomplete] https://launchpad.net/bugs/407533
<Vog> he was making an example of the package you would want to install
<Vog> where "youri386.deb is the application you are trying to install
<frojnd> Vog: what if application is here http://sourceforge.net/projects/lkl/
<Vog> frojnd: I'm not touching that if you want to run a key logger figure it out yourself
<frojnd> Vog: kamilion if application would be in the repos than the command would be: apt-get install ia32-libs && dpkg --force-architecture -i lkl ?
<frojnd> it's not for me
<frojnd> funny but a some girl asked me if I know of any keylogger. She has some problems with her collage roomates... didn't ask why I just suggest her to install lkl but I didn't know that she has problems installing it since she has 64bit
<frojnd> Vog: if you feel any better you can help me install any other application for 64bit
<Vog> Knowing that that knowlede will be used to install a keylogger in the end no.
<uvirtbot> New bug: #397832 in mysql-dfsg-5.1 (main) "Failure to install" [Medium,Incomplete] https://launchpad.net/bugs/397832
<frojnd> fine.
<Vog> frojnd: I would just tell the girl to make up a better password or somehting or not let more than one person on her machine.
<frojnd> Vog: I know you would.
<frojnd> Vog: but if you woud she would say ubuntu sux if I can't install software :)
<Vog> ..... Why can't she install software?
<Vog> It's not like keyloggers are a heavily used category of legitimately used software.
<frojnd> lack of knowladge... me myself have no ideas how to install any 32bit software on 64bit and I'm using 4 years linux now..
<Vog> Besides this is the unbuntuserver channel if you want support on unbuntu desktop apps try #ubuntu
<frojnd> I just didn't had to till now...
<frojnd> Vog: I already jumped in :)
<Vog> cool
<uvirtbot> New bug: #422268 in qemu-kvm (main) "eliminate bochsbios build-dep from qemu-kvm" [High,In progress] https://launchpad.net/bugs/422268
<uvirtbot> New bug: #361754 in qemu "guest needs to boot with clock=acpi_pm (older AMD freq scaling issues)" [Wishlist,Confirmed] https://launchpad.net/bugs/361754
<uvirtbot> New bug: #413792 in mysql-dfsg-5.1 (main) "mysql-server is upgraded when using a mysql cluster" [High,Triaged] https://launchpad.net/bugs/413792
<uvirtbot> New bug: #376387 in kvm (universe) "Inconsistent location of kvm-ifup, missing kvm-ifdown" [High,In progress] https://launchpad.net/bugs/376387
<uvirtbot> New bug: #391121 in kvm (universe) "init script should declare dependency on mountkernfs" [High,In progress] https://launchpad.net/bugs/391121
<uvirtbot> New bug: #410226 in libvirt (main) "Please add user to libvirtd" [High,In progress] https://launchpad.net/bugs/410226
<uvirtbot> New bug: #426514 in eucalyptus (main) "eucalyptus-cc package (1.6~bzr645-0ubuntu2) code generated from older wsdl, causing runInstances and describeInstances to fail" [Undecided,New] https://launchpad.net/bugs/426514
<bensie> i'm trying to resize a VM with kpartx and resize2fs, but resize2fs is saying "The filesystem is already xxxxx blocks long.  Nothing to do!"
<bensie> Anyone know how to properly resize a VM (inside an LVM)?
<uvirtbot> New bug: #413789 in mysql-dfsg-5.1 (main) "mysql-server has been kept back with dist-upgrading" [High,Triaged] https://launchpad.net/bugs/413789
#ubuntu-server 2009-09-09
<pigflu> I want to install postfix with apt-get, but I want to do it in an unmanned script.   How do I get it to just use the "Internet Site" option and not require user input?
<jtimberman> pigflu: you need to preseed the package.
<jtimberman> http://wiki.debian.org/DebianInstaller/Preseed
<lamont> jtimberman: and then he complains about it not being entirely preseedable... long painful story there.
<pigflu> jtimberman: Thanks for the link
<lamont> pigflu: the other option is to just create /etc/postfix/main.cf before doing the install, and then it'll choose to "not change the configuration"
<pigflu> lamont: Ah, that works too
<pigflu> I'll need to look into both options.
<pigflu> Thanks!
<djshotglass> hi
<djshotglass> i just burned off ubuntu-9.04-server-i386 and booted it
<djshotglass> it wont let me selected english, once the cd boots my keyboard lights go out
<djshotglass> i have tried every keyboard in the house
<djshotglass> they all work in bois untill cd boots
<djshotglass> why does it not have the countdown that defaults to english like every other operating system on the planet?
<qman__> if you have a USB keyboard, try changing the BIOS settings regarding that
<qman__> if your keyboard doesn't work to select the language, it won't work to select "Install" either
<uvirtbot> New bug: #426597 in net-snmp (main) "Huy Pham" [Undecided,New] https://launchpad.net/bugs/426597
<f00f> hey guys
<f00f>  ihave an install of apt-get while trying to update it stalled on me so i cntrl-z now it seems apt0get is currupted
<f00f> i am completely stumped
<f00f> can anyone help
<f00f> i can paste messages etc for you if you need
<f00f> i am getting E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct the problem.
<f00f> but when i type it
<f00f> it just gets stuck at Setting up module-init-tools (3.3-pre11-4ubuntu5.8.04.1) ...
<f00f> checking the log file
<f00f> i see a whole bunch of these
<f00f>  kernel: 4gb seg fixup, process klogd (pid 1541), cs:ip 73:006dbc6c
<f00f> where process is syslogd klogd sshd
<f00f> etc...
<f00f> also ps shows: root      3434 21.4  0.0   4724  1676 pts/1    R+   20:03   0:12 /usr/bin/perl /usr/sbin/update-rc.d module-init-tools start 15 S .
<f00f> anyone ?
<ScottK> How long did you let it run?
<f00f> around 8 mins
<f00f> why do i keep getting these 4gb seg fixup, process nrpe (pid 14995), cs:ip 73:00192240 errors
<f00f> nrpe is the nagios daemon
<f00f> but that dreaded 4gb seg fixup error keeps coming
<ScottK> Not sure about that.
<f00f> and i have no cliue what it is
<ScottK> Does Google know about it?
<f00f> supposedly it's a kernel lib that runs atop xen architectures
<f00f> yeah google says to install the xen lib
<f00f> but i cant bc apt-get dpkg doesnt really work :-/
<artillerytx> Hey guys i heard there was a way to download torrents remotely on a server
<f00f> artificialexit: torr ... check out the torr network... if your not talking about that then be more specific
<f00f> ScottK: any idea what these error messages are http://www.pastie.org/610529 ?
<f00f> ScottK: also it's been running for over 5 mins now
<f00f> USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
<f00f> root      3434 21.3  0.0   4724  1676 pts/1    R+   20:03   4:17 /usr/bin/perl /usr/sbin/update-rc.d module-init-tools start 15 S .
<f00f> root      3870  0.0  0.0   3636  1028 pts/0    R+   20:24   0:00 ps aur
<ScottK> This isn't in a xen vm is it?
<f00f> ScottK: yes it is on a amazon ec2 instance
<ScottK> f00f: http://www.google.com/search?q=4gb+seg+fixup&ie=UTF-8&oe=UTF-8 may have some useful information.  I can't say for sure.
<Alysum> hello - what does iU mean in dpkg -l pls?
<f00f> Alysum: thats a list of your packages... iU is a simple package... google is your friend
<Alysum> google was not my friend mate
<Alysum> hence I asked here
<f00f> ahh
<f00f> i dunno
<f00f> internet university
<f00f> haha
<f00f> jk
<f00f> i dunno dude
<f00f> did you use the dpkg utility
<f00f> just do a dpkg -l iU
<f00f> or just do a dpkg -p iU
<f00f> easy
<twb> Alysum: if you tried other resources (e.g. google), you should mention that in your initial question.  It shows that you are trying to help yourself.
<twb> Alysum: iU in dpkg -l's output means that the package is installed and (IIRC) unconfigured.  The first few lines of dpkg -l's output should explain what each letter means.
<twb> "Unpacked", not unconfigured.
<Alysum> no
<Alysum> iU is a state
<Alysum> like ii etc...
<error404notfound> is there a way i can log commands run by any user in a file, and if possible daily emailed to me and then deleted?
<cef> well there is command history for the shell the user runs (eg: .bash_history in the users home dir), but it's not exactly infallible, or reliable. but it might be a start
<cef> or you might be able to implement something using the auditd architecture to log them all, but then you'd want to filter stuff out as well for things like cron, certain apps and the like
<cef> err apparmor even, but I doubt it would be useful, and if the machine is busy you'll have a LOT of logs to go thru
<twb> There is really no way to do that kind of thorough, clandestine monitoring of a stock Linux system.
<twb> You either need to give the user a VERY restricted environment, without the ability to perform arbitrary commands, and then wrap their entry point in a monitoring app -- or better, to insert something into the kernel that logs everything they do.
<uvirtbot> New bug: #349331 in qemu "limited screen resolution" [Low,Confirmed] https://launchpad.net/bugs/349331
<uvirtbot> New bug: #426704 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/426704
 * soren lunches
<twb> I suspect 349331 is not-a-bug.
<maxagaz> hi
<maxagaz> how to enable the connection to a machine in root mode ?
<hjmf> maxagaz: from where_
<maxagaz> hjmf, from my server
<maxagaz> hjmf, i mean to connect as root in ssh to a server
<alvin> 'PermitRootLogin yes' in /etc/ssh/sshd_config
<hjmf> maxagaz: take a look to /etc/ssh/sshd_config
<alvin> That is actually the default
<ScottK> maxagaz: You probably don't want to do that though.
<hjmf> maxagaz: and check PermitRootLogin yes
<hjmf> and add root to AllowUsers
<ScottK> On the off chance you actually do have a need for a true root account, it's better to ssh in as a non-priviledged user and su to root.
<hjmf> maxagaz: also be sure that the root account is enabled and not just sudo
<hjmf> I mean> root has a password
<hjmf> maxagaz: finally an advice
<hjmf> access the server via ssh keys
<hjmf> and install some kind of denyhosts stuff
<hjmf> maxagaz: I agree with ScottK
<maxagaz> thanks for those advices
<hjmf> OK
<soren> kees, jdstrand, mdeslaur: Are any of you guys familiar with HOTP or TOTP?
<mdeslaur> soren: no...first I have heard of it...interesting
<soren> mdeslaur: It gets better..
<zul> totp = top of the pops?
<soren> mdeslaur: http://www.gemalto.com/products/ezio_time_token/
<soren> http://onlinenoram.gemalto.com/Ezio-Time-Token-for-use-with/M/B002CRN5X8.htm
<soren> $12.99 a piece beats the Â¤#&!"#Â¤ out of RSA SecurID.
<mdeslaur> yeah, and RSA's crappy algorithm
<mdeslaur> wow
<mdeslaur> it uses TOTP?
<soren> Yes.
 * mdeslaur is excited
<soren> mdeslaur: I've not yet seen a pam-totp module, but I doubt it would be a huge task to make one.
<domas> damn, no shipping outside US
<soren> Yeah :(
 * pmatulis is not surprised
<domas> my dream is having own TOTP auth, federated via openid etc elsewhere
<soren> The key generation code is also quite simple, so an android app to generate it wouldn't be a big task either.
<domas> mm, good idea too :)
<soren> pmatulis: About the shipping thing?
<mdeslaur> soren: have you found a TOTP implementation somewhere?
<soren> mdeslaur: The spec contains a reference implemention, IIRC.
 * soren checks
<mdeslaur> oh duh
<mdeslaur> you're right
<soren> TOTP is simple once you have HOTP, though. And HOTP certainly has a reference implementation in the spec.
<soren> It would be soo awesome to ship these modules with Ubuntu and have Canonical sell branded tokens.
<mdeslaur> interesting...some of the totp authors are from verisign...I wonder if the verisign token uses that
<soren> Lots of folks are involved in OATH, apparantly.
<soren> Perhaps I've been living under a rock, but I didn't know about it until earlier today.
<soren> mdeslaur: Yup, that seems to be what verisign uses.
<soren> "VeriSign Identity Protection service is an open standards platform that supports OATH-compliant, time-based OTP generation for user authentication"
<mdeslaur> soren: me either...and..I used to make a living selling authentication devices and smart cards
<soren> it
<soren> It's funny how, when you know the secret keywords to google for, you can find lots and lots of manufacturers making these tokens.
<mdeslaur> it's about time they standardize these things
<soren> Indeed.
<soren> smoser: I either disagree or do not understand your tagging bug 420635 with
<uvirtbot> Launchpad bug 420635 in ubuntu-on-ec2/intrepid "Update Hardy kernel AKI for local privilege escalation" [High,Triaged] https://launchpad.net/bugs/420635
<soren> smoser: 'uec-images'
 * soren continues to try to get used to his apostrophe being where it is..
<smoser> soren, gone
<soren> mdeslaur: So... When can I apt-get libpam-totp, you think? :)
<smoser> soren, i just updated a bunch of bugs, sorry for being a human with limited focus on long page loads :)
<soren> smoser: :)
<smoser> thanks for noticing
<soren> mdeslaur: Do USN's always have corresponding bugs on Launchpad?
<mdeslaur> soren: no, not necessarily
<soren> mdeslaur: If so, how can I look up the bug corresponding to, say, USN-819-1?
<mdeslaur> soren: you can look up the CVE number, hold on...
<mdeslaur> https://bugs.launchpad.net/bugs/cve/CVE-2009-2692
<uvirtbot> mdeslaur: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX sock
<mdeslaur> soren: you can also look in the ubuntu cve tracker, we usually put bug links there: http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2692.html
<uvirtbot> mdeslaur: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX sock
<mdeslaur> die, bot, die die die
<evert> i'm having a ubuntu 8.04 server, i'm wanting to get some virtual server on it (i prefer gentoo, but that doesn't matter). Is it possible to get any virtualization software (vbox?) working without having to reboot?
<hjmf> evert: vmware i.e.
<evert> will it work without the need of a reboot?
<hjmf> evert: yes
<blackxored> hello
<evert> and is vbox possible without reboot too then?
<evert> for some reason i'd like to use vbox instead of vmware :)
<hjmf> evert: I guess so; kvm too
<evert> ok, nice :)
<uvirtbot> New bug: #362013 in qemu "kvm migration fails with large-memory VMs" [High,Fix released] https://launchpad.net/bugs/362013
<hjmf> evert: You'll only need to reboot in case of installing a new kernel in your host
<zul> soren: i have the hardy updated ec2 kernels built im just testing them out
<soren> zul: Why isn't John doing this?
 * soren seems to be asking that question a lot
<zul> soren: because scott asked me to do that
<soren> smoser: ^?
<smoser> zul, i guess probably john should be doing that, yes.
<zul> k
<garymc> Hi guys, my flash in firefox is messing with the sound. I need to uninstall this verion (dont know how to do it) and i need to install the best version (Dont know which one that is?) im in Ubuntu Server 9,04
<ScottK> garymc: Not if you're running Firefox you aren't (no X in ubuntu server)
<garymc> sorry im using LTSP server im logged in through Thin client GUI
<garymc> so am i still not using ubuntu server?
<ScottK> OK
<rtg> smoser, do you have time to try the Ubuntu ec2 kernel in my PPA ? https://edge.launchpad.net/~timg-tpi/+archive/ppa
<ScottK> This still isn't a good channel for flash/firefox questions.
<smoser> rtg, you have it built ? or you want me to build too
<rtg> smoser, binaries await your pleasure
<rtg> smoser, I don't know how to extract the right bits and pump them into the cloud.
<rtg> I've just built a kernel with the 3.02 xen patch set according to the results that zul and jj came up with last friday
<smoser> zul can help with that. i'm not exactly sure what you need to upload.
<zul> i can get to it later this morning probably
<smoser> zul, maybe preferable for you to just document what i need to do ?
<zul> smoser: its already documented on the wiki
<smoser> zul, the only thing i dont know is what goes at '<path of kernel>'
<zul> the vmlinuz file
<zul> maybe get jj to upload it and have him ask you to test it
<smoser> i'll upload it.
<smoser> zul, fyi, i have centos 5.0 dvds, they are sitting at http://smoser.brickies.net/iso/centos/5.0/
<zul> how long did it take you to get them? ;)
<smoser> but apparently the apache there has a 2gb file limit, so they dont show up and it wont give them to you
<smoser> someone pushed them ftp for me from a fairly fat pipe, and then i copied.
<smoser> i actually lost all peers sometime yesterday.
<zul> heh
<smoser> if you're interested in downloading, i can give you ftp access
<zul> sure
<rtg> smoser, I think I've plenty of space on zinc if you wanna store them there.
<oly-> just been looking at logrotate file in /etc/logrotate.d/ i would like to know if you can tell it to work recursively through folders ?
<oly-> ie scan /home/www/*/*.log type syntax, because each domain has its own log file in seperate folders
<oly-> anyone know if this is possible ?
<smoser> zinc ?
<smoser> rtg, if you want to pull them to there, that might be useful
<smoser> i can give you access.
<rtg> smoser, well, I'm only gonna bother if its really useful 'cause it'll take awhile.
<smoser> rtg, then dont bother
<smoser> what is zinc?
<rtg> smoser, kernel.ubuntu.com
<smoser> ah. dont worry about it.
<konza> hi all , telnet localhost 10024 is not working ... please help
<uvirtbot> New bug: #394967 in apache2 (main) ""aptitude upgrade apache2" overrides run-level settings (dup-of: 416318)" [Undecided,New] https://launchpad.net/bugs/394967
<uvirtbot> New bug: #414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Undecided,In progress] https://launchpad.net/bugs/414997
<hjmf> konza: what do you expect to find at 10024?
<konza> hjmf, i am tryinig to install a mailserver... while following the instructions in ubuntu docs it was writen ther to telnet port 10024
<hjmf> amavisd?
<konza> hjmf,ya
<hjmf> konza: what version of ubuntu are you using? and what docs are you following?
<konza> ubuntu 9.04      https://help.ubuntu.com/community/PostfixAmavisNew
<konza>  please see this                   http://paste.ubuntu.com/267946/
<hjmf> konza: looking
<konza> hjmf,  please see this                   http://paste.ubuntu.com/267946/
<ScottK> konza: I'd check out https://help.ubuntu.com/9.04/serverguide/C/mail-filtering.html since it's the official docs.
<ScottK> konza: Do what it says in your paste.
<konza> ScottK, how to change that ......... when i run uname i get   'Linux'
<ScottK> konza: Then set it in /etc/amavis/conf.d/05-node_id using your favorite editor.
<hjmf> konza:  run hostname -f or use localhost
<hjmf> as fqdn; it might work
<konza> hjmf, hostname -f gives  KONASA
<hjmf> but konasa doesn't include the domain part
<hjmf> edit /etc/hosts
<hjmf> with something 127.0.0.1 konasa.localdomain konasa
<konza> hjmf, what should i do to include domain name
<hjmf> if you are playing include whatever you want: ie localdomain or local.lan
<hjmf> as long as you reflect it in /etc/hosts too
<hjmf> I guess.
<hjmf> I havent never configured amavisd, but should work
<hjmf> I would use localhost.localdomain as fqdn
<hjmf> and in etc/host I'd put
<hjmf> 127.0.0.1 localhost.localdomain if it isn't already
<konza> hjmf, http://paste.ubuntu.com/267953/
<hjmf> konza: then add the domain part :-)
<hjmf> man hosts
<hjmf> konza: as I said before, localhost might work for amavisd conf.
<konza> hjmf, can u pls make the necessary changes in /etc/hosts and paste it
<hjmf> konza: leave etc/hosts as it is for the moment
<konza> hjmf, k
<hjmf> just configure amavis to use localhost as $myhostname
<domas> is anyone from ubuntu security team here? :)
<konza> k
<konza> hjmf, http://paste.ubuntu.com/267961/
<domas> mdeslaur: ping! :)
<mdeslaur> domas: yes?
<domas> mdeslaur: can I have private security inquiry with you?
<hjmf> konza: please pastebin the amavis conf file
<mdeslaur> domas: sure
<konza> hjmf, http://paste.ubuntu.com/267964/
<hjmf> konza: sorry, I meant the /etc/amavis/conf.d/50-user where you put the localhost setting
<hjmf> konza: also pastebin the offending /etc/amavis/conf.d/05-node_id
<konza> hjmf, problem solved
<hjmf> konza: cool
<konza> hjmf, thanks
<konza> hjmf, thanks a lot.
<hjmf> konza: you are wellcome
<konza> hjmf, i just added $myhostname = "shyam.localhost.com"
<hjmf> konza: you should use your real hostname and your real domain name or just localhost
<hjmf> konza: per real hostame and real domain name it might be konasa.local.lan
<konza> hjmf, so should i change  shyam.localhost.com to localhost
<hjmf> konza: It would be better if it works
<konza> k
<konza> hjmf, its working
<hjmf> konza: great!
<bobo> Anyone have experience with AppArmor not allowing/complaining about read-access to '/usr/share/zoneinfo' when such access is clearly ( and redundantly ) allowed in the profile?
<konza> hjmf, imap login failed...
<konza> hj what to do
<konza> hjmf, u there dude?
<hjmf> konza: what are you using as imap server?
<hjmf> konza: is it running?
<konza> hjmf, courier
<hjmf> konza: which is the error?
<hjmf> you might want to check the logs at /var/log
<bobo> konza: what are you using for auth backend? vpopmail? sql? pam?
<konza> hjmf, i used the command    imap login shyam mypassword
<konza> imap NO Login failed.
<konza> bobo,  sql
<bobo> what db?
<konza> bobo, actually i didnt understand ur question
<hjmf> konza: you should provide more info. Check if the process is running and the log info
<konza> hjmf, how should i check it
<hjmf> konza: I don't have experience with courier-imap I use dovecot in my servers
<hjmf> konza: however there should be some files named courier or similar in /var/log
<hjmf> konza: check them
<bobo> courier has  ( or at least used to have ) an auth-daemon which could use various different back-ends for obtaining user-credentials.  Other parts of the courier mail system ( like the IMAP server ) would talk to the auth-daemon.  The Auth-daemon would check provided credentials against any store it was configured to use:  a sql-database ( mysql/pgsql ) or /etc/passwd or a vpopmail installation or others
<hjmf> konza: also check if courier is running; ie ps aux | grep -i courier
<smoser> soren, ping
<hjmf> bobo: I'm sure that konza is vaildating against passwd
<smoser> https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/421707 or maybe zul, or kirkland or anyone.
<uvirtbot> Launchpad bug 421707 in landscape-client "landscape-client cron job is broken" [Undecided,Fix committed]
<smoser> am i doing the above "right" ? nominating that for release ?
 * kirkland looks
<soren> smoser: What's up?
<smoser> ^^
<uvirtbot> smoser: Error: "^" is not a valid command.
<smoser> funny. silly uvirtbot
 * zul looks
<smoser> i'm trying to mark that we need to fix landscape-client in those hardy and in intrepid (well, maybe not intrepid)
<niemeyer> soren: So, the error is a bit weird.. when the admin interface on port 8443 comes up, the API on 8773 goes down
<niemeyer> soren: Rings any bells?
<zul> smoser: you should just be able to copy from the landscape ppa to the ubuntu-on-ec2 ppa
<smoser> zul, yes. i'm just wondering about the "Nominated for Hardy"
<kirkland> smoser: accepted
<bobo> konza: check the logs as hjmf suggests, first ( courier logs , /var/log/auth ) ;  Worst case, if it is file-system based authentication you can stop the courier auth-daemon and restart it under 'strace -f' and look for the unsuccessful system call.
<smoser> is that the right way to do this stuff ?
<soren> niemeyer: Not off the top of my head.
<kirkland> smoser: set the status/importance appropriate
<soren> kirkland: Have you seen niemeyer's problem before?
<kirkland> soren: niemeyer: hrm, no, i haven't
<soren> niemeyer: Nothing of interest in the logs?
<smoser> ok, now please reload that page.
<niemeyer> soren: There are errors there, but nothing I can parse myself
<soren> smoser: I just accepted the nominatoins.
<smoser> what i'm trying to indicate in those tasks (under "landscape-client (Ubuntu)") is that karmic is "fixed" (no problem) .
<soren> smoser: Actually, I wanted to just accept the Hardy one, but Launchpad accepted both when I clicked the button.
<soren> smoser: In that case, it looks correct to me.
<smoser> soren, do you think it should be fixed in intrepid ? (I'm actually not certain the bug exists there, my guess i sprobably not, but need to verify)
<soren> smoser: I would say it's low/wishlish importance for Intrepid. If we suddenly have a lot of time on our hands, we can look at it.
<smoser> and, given the indication that this is the new way to do things, i am going to get bug 420635 in line also
<uvirtbot> Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Undecided,New] https://launchpad.net/bugs/420635
<smoser> soren, i'll verify whether or not its present there really quick and just kill it as invalid if not
<niemeyer> soren: I'll leave for a quick lunch and try to get hold of someone from Eucalyptus
<soren> niemeyer: They're only just starting to turn up. They're on the US west coast.
<smoser> soren, can you accept nomination for 420635 to hardy and intrepid
<soren> bug 420635
<uvirtbot> Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Undecided,New] https://launchpad.net/bugs/420635
<soren> smoser: Done
<mxzypltk> anyone have luck with installing latest e1000e intel drivers on 9.04?  readme states it cant be compiled and has to use modprobe.  Im able to make binary, assign ip, and ping but disappers with reboot...
 * soren will be back later..
<VirtualDisaster> mxzypltk: hmm ill test it tonigt
<mxzypltk> thx.  Using it as a wshark capture card for netflow box and it starting to frustrate me a bit!
<smoser> soren, please accept nominations for bug 308530
<uvirtbot> Launchpad bug 308530 in ubuntu-on-ec2 "Wait for network before downloading ssh credentials or user-data" [Medium,Fix released] https://launchpad.net/bugs/308530
<bobo> Is anyone using AppArmor on Ubuntu?  Is there a better channel for AppArmor stuff?
<jdstrand> bobo: virtually everyone is using apparmor on Ubuntu-- it is installed by default and several applications have default profiles
<jdstrand> (in other words, you have to turn it off to not use it)
<bobo> No one has run into my /usr/share/zoneinfo problem?
<jdstrand> bobo: what problem? what profile? paste your profile and dmesg output somewhere
<bobo> somewhere NOT in this irc?  I am unfamiliar with the basic conventions and courtesies of IRC.
<jdstrand> bobo: http://paste.ubuntu.com/
<jdstrand> bobo: also paste the output of aa-status
<smoser> kirkland, can you accept nominations for bug 308530
<uvirtbot> smoser: Error: Could not parse data returned by Launchpad: timed out
<smoser> jdstrand, sometime today, when you have a minute can we talk ?
<jdstrand> smoser: absolutely
<smoser> whenever you've got a minute or 15 or 20
<jdstrand> smoser: right, let me ping you
<smoser> k
<bobo> jdstrand:  http://paste.ubuntu.com/267993/  ( re: AppArmor )
<clusty> hey
<clusty> got a small problem
<jdstrand> bobo: you have access to all files under /usr/share/zoneinfo, but not /usr/share/zoneinfo itself
<clusty> i got 10 machines that are accessing the same NFS resource and the clocks are all screwy
<clusty> or at least make complains
<jdstrand> bobo: add '/usr/share/zoneinfo/ r,'
<bobo> thanks
<clusty> do i need to make some machine a NTP server?
<clusty> and all other machines conect to it?
<jmarsden> clusty: If they have Internet connectivity you could just make all of them NTP clients, no need for your own NTP server.
<clusty> jmarsden, ok. they are connected to net
<bobo> It would be kinder to upstream time-servers to maintain your own master
<jmarsden> If it was 100 machines you should definitely have your own server, but for 10 it's up to you.
<clusty> jmarsden, is there some service i can install to regularilly fix times?
<clusty> jmarsden, or it's a job for cron?
<VirtualDisaster> just use router as NTP server
<VirtualDisaster> thats what i do, pfsense as router/ntp etc
<VirtualDisaster> dns if need be
<jmarsden> clusty: sudo apt-get install ntp
<jmarsden> It that service is running it will keep the machines time in sync for you.
<clusty> jmarsden, awesme. thanks
<jmarsden> You can check to see that it is working (after a few minutes for the time sync to happen) using ntpq -p which shows what NTP sever(s) your machine is talking to and whoch one it is synced to.
<the-dude> whats a good place to ask something about dh_make?
<jmarsden> #ubuntu-motu , if you are creating packages for Ubuntu.
<clusty> jmarsden, is the list of servers changing dynamically?
<the-dude> jmarsden: thx :)
<jmarsden> clusty: No, see /etc/ntp.conf you can set them in there.
<jmarsden> But for "good enough for NFS" the default will be fine.
<jmarsden> the-dude: No problem.
<clusty> jmarsden, offset is the time offset in seconds?
<konza> hjmf, hi... there was some problem with my net connection... srry......
<hjmf> konza: then, It is working now?
<konza> hjmf, nope
<Techtronic> hello , how to reinstall nagios ?
<nijaba> jdstrand: hello.  Just read your apparmor addition to karmic's tech overview.  great stuff.  Just one question: what do you mean by "transistion" in the sentence "AppArmor also now supports 'pux' which, when specified, means a process can transition to an existing profile if one exists or simply run unconfined if one does not."?
<nijaba> Techtronic: sudo apt-get install nagios?
<VirtualDisaster> reinstall or reconfigure?
<the-dude> or sudo apt-get install --reinstall nagios
<Techtronic> nijaba 1min
<Techtronic> Not replacing deleted config file /etc/nagios3/conf.d/host-gateway_nagios3.cfg include file /etc/nagios3/apache2.conf does not exist! E: Sub-process /usr/bin/dpkg returned an error code (1)
<Techtronic> Not replacing deleted config file /etc/nagios-plugins/config/disk.cfg .... howto fix this ?
<jdstrand> nijaba: if a process is confined by a profile (eg, firefox), and it needs to execute another process, that is a transition
<Techtronic> Errors were encountered while processing: nagios3-common , nagios3
<thk> installing hardy on server and want to preserve /home on lvm volume; will the install reformat these?
<nijaba> jdstrand: ok.  so in other word, pux would be used to have firefox ask the system "hey, please execute this with its own profile if it has one, otherwise without?"
<kaushal> hi
<jdstrand> nijaba: so, if firefox needs to launch evince, it must either transition out of confinement (ux) for the forked process, or transition into a new profile for the forked process (px)
<kaushal> i want to set ulimit for nofile to 32000 for a particular user, it doesnot allow me on ubuntu 8.04 . is there a specific reason ?
<jdstrand> nijaba: exactly
<kaushal> I have set it in limits.conf file
<nijaba> jdstrand: ok, thanks a lot
<jdstrand> nijaba: before, you couldn't do that
<nijaba> jdstrand: I guess :)
<jdstrand> nijaba: before, you could only specify 'ux' or 'px', but 'px' wasn't practical because if the profile didn't exist and you tried to transition to it, the fork would fail
<konza> hjmf, when loging , we should type the username and passwd of my account in linux rite?
<uvirtbot> New bug: #426769 in mysql-dfsg-5.0 (main) "mysql-{common,client,server} still (also) build from mysql-dfsg-5.0" [High,In progress] https://launchpad.net/bugs/426769
<niemeyer> Hmm.. I'm having some issues with defunct bash processes (child of ssh) and CTRL-* keys not working on the terminal after upgrading to Karmic
<konza> anyone knows to login to imap using telnet.............. plsssssssss help
<niemeyer> Has anyone faced something similar?
<jdstrand> niemeyer: known bug...
<niemeyer> jdstrand: Oh, woohay
 * jdstrand goes to get it
<jdstrand> bug #407428
<uvirtbot> Launchpad bug 407428 in udev "worker signal mask inherited by children" [High,Confirmed] https://launchpad.net/bugs/407428
<bobo> konza: telnet <imaphost> 143
<niemeyer> jdstrand: Thanks!
<jdstrand> niemeyer: sure! :)
<bdmurray> kirkland: where does bug 426272 belong?
<uvirtbot> Launchpad bug 426272 in ubuntu "Encrypted home directory file Input/output error" [Undecided,New] https://launchpad.net/bugs/426272
<konza> bobo, how to login after this?
<bobo> dunno ; I am not sure that IMAP is human friendly.  Can you login via POP3?
<kirkland> bdmurray: looking
<konza> bobo, nope... i am using courier-imap
<kaushal> checking in again for my query ?
<konza> VirtualDisaster,  u there dude?
<VirtualDisaster> yeah sec
<bobo> Courier does pop3 as well.  If you can't login in with POP3 either, you know something you don't know now.
<konza> VirtualDisaster, after connecting to imap server how should i login........?
<kirkland> bdmurray: ecryptfs-utils is fine to start
<kirkland> bdmurray: i'll update it
<VirtualDisaster> depends on what/how you want to accomplish that
<konza> VirtualDisaster, i used the login command but its not working
<bdmurray> kirkland: cool thanks!
<VirtualDisaster> konza: sec cat busted nose
<Techtronic> pleas help http://pastebin.com/m3c2d1307
<kaushal> checking in again for my query
<kaushal> ?
<KillMeNow> a Nagios question...  not my cup of tea...  i like Zenoss better
<Techtronic> who is better ? Zenoss or nagios
<KillMeNow> Zenoss IMHO
 * KillMeNow waits for the flames to start
<Techtronic> looks great , thanks
<kaushal> AppArmor is an alternative of selinux in Ubuntu Hardy ?
<jdstrand> kaushal: it is the default MAC system for Ubuntu, yes. See http://wiki.ubuntu.com/AppArmor for details and links to docs
<kaushal> jdstrand: how can i disable it ?
<KillMeNow> gah!  i've never gotten apparmor to work properly
<kaushal> sudo /etc/init.d/apparmor kill <enter>
<kaushal> sudo update-rc.d -f apparmor remove <enter>
<kaushal> ?
<jdstrand> kaushal: are you having trouble with a profile?
<kaushal> nope
<jdstrand> kaushal: do you want to use selinux or no MAC?
<kaushal> I am having issue with ulimit for a particular user ?
<kaushal> I have set ulimit for a particular user to 32000 and set it in limits.conf
<jdstrand> kaushal: that is doubtfully an apparmor problem. to temporarily see if it is a problem, 'sudo /etc/init.d/apparmor stop'
<kaushal> ok
<jdstrand> s/is a/is the/
<kaushal> sure
<jdstrand> kaushal: apparmor will complain in /var/log/kern.log if it was the problem
<jdstrand> kaushal: see https://wiki.ubuntu.com/DebuggingApparmor for details
<kaushal> jdstrand: it isnt there
<jdstrand> kaushal: what isn't there?
<kaushal> I mean apparmor script is not present under /etc/init.d
<jdstrand> kaushal: what does 'sudo aa-status' say?
<kaushal> that program is not there
<jdstrand> kaushal: do you have a /sys/kernel/security/apparmor directory?
<kaushal> apparmor directory isnt there
<kaushal> jdstrand: what could be the issue of ulimit ?
<jdstrand> kaushal: then apparmor isn't installed (and definitely not the problem ;)
<kaushal> yeah
<kaushal> I believe so
<kaushal> jdstrand: what could be the issue of ulimit ?
<jdstrand> I'm not sure
<Daviey> mathiaz: When you get a moment, can you lookover Bug #426919
<uvirtbot> Launchpad bug 426919 in mysql-dfsg-5.1 "thread_stack setting is too small" [Undecided,New] https://launchpad.net/bugs/426919
<smoser> landscape-client as a ppa in ubunt-on-ec2 seems to make reasonable sense for hardy given it wasn't packaged.
<smoser> i was confused by existance of http://packages.ubuntu.com/hardy/landscape-client
<smoser> zul,
<zul> smoser: okies..
<smoser> i'll wait for soren to weigh in, but how common / difficult is it to get a new package for a stable release ?
<zul> depends on the package but I dont think it would be a big issue you might want to talk to the landscape guys
<uvirtbot> New bug: #419150 in ipsec-tools (main) "Setkey has no policy priority support compiled in" [Undecided,Incomplete] https://launchpad.net/bugs/419150
<mathiaz> jdstrand: hi
<mathiaz> jdstrand: could you have a quick a look at the stock reply I've added to https://wiki.ubuntu.com/DebuggingMySQL to cover the case where mysqld apparmor hasn't been updated correclty
<mathiaz> jdstrand: ?
<jdstrand> ok
<jdstrand> mathiaz: I might reference https://wiki.ubuntu.com/DebuggingApparmor#Debugging%20procedure specifically
<mathiaz> jdstrand: ok - I'll update the wiki page
<jdstrand> cool
<mathiaz> jdstrand: I'm adding more information about debugging mysqld and reading the log file
<niemeyer> soren: nurmi helped solving the issue
<jdstrand> mathiaz: I might also say that they really only need to send audit messages from kern.log
<smoser> mathiaz, ttx, zul kirkland soren http://www.bizjournals.com/stlouis/stories/2009/04/06/daily40.html
<mathiaz> jdstrand: are you refering to the first stock reply?
<zul> smoser: thats alot of pi
<niemeyer> soren: Somehow there was an old /usr/share/eucalyptus/eucalyptus-commons-ext-0.4.jar from an old package, even though the file was being claimed by the newer libeucalyptus-commons-ext-java 0.4.2-0ubuntu1
<jdstrand> mathiaz: yeah. somthing like the output of "egrep 'audit\(|apparmor|selinux|security' /var/log/kern.log"
<jdstrand> mathiaz: you can drop the selinux part, but may want to keep it just in case
<mathiaz> jdstrand: ok
<niemeyer> soren: This was solved by
<niemeyer> <nurmi> apt-get purge `apt-cache search eucalyptus | awk '{print $1}'`
<niemeyer> <nurmi> rm -rf /etc/eucalyptus /var/lib/eucalyptus /var/log/eucalyptus /usr/share/eucalyptus
<niemeyer> <nurmi> apt-get install eucalyptus-cloud
<jdstrand> mathiaz: that is taken from apport hooks that grab the stuff automatically
<mathiaz> jdstrand: apport hooks from with package?
<jdstrand> mathiaz: several actually. I grabbed the regex from evince
<jdstrand> mathiaz: /usr/share/apport/package-hooks/source_apparmor.py should have some good stuff in it
<mathiaz> jdstrand: ok - I've used a different approach for adding audit messages in the mysql apport hooks
<kirkland> mathiaz: if the american taxpayer is funding the delivery of pizza from St Louis to Washington DC, my opinion of obama will be even lower than it already is
<pmatulis> kirkland: wrong channel?  :)
<kirkland> pmatulis: sorry, yes, you're right
 * kirkland apologizes for going political :-)
<kirkland> pmatulis: that was for smoser's link
<pmatulis> kirkland: ah
<kirkland> pmatulis: we ate at that pizza joint last week in St. Louis
<smoser> kirkland, i wondered who paid for the 2 pizzas and "delivery"
<smoser> what do you tip on that ?
<kirkland> smoser: taking this to PM, as I don't want to get too political in #ubuntu-server :-)
<smoser> :)
<kaushal> hi
<kaushal> is there a way to find if any updates are available for a package
<kaushal> ?
<kaushal> For example autossh
<pmatulis> kaushal: apt-cache policy autossh
<pmatulis> kaushal: after an 'apt-get update'
<SirMontu> Hey guys, I just installed Ubuntu Server 8.10 and I'm trying to figure out how to install this Linksys nic, anyone have any directions or a link i could get?
<kaushal> jdstrand: hi again
<kaushal> i got a reply from the mailing list
<kaushal> Are you calling pam_limits.so somewhere in your PAM stack?
<kaushal> please help me understand this ?
<kaushal> for the ulimit issue
<jdstrand> kaushal: I am not a pam_limits.so expert, but they are referring to files in /etc/pam.d. probably most specifically /etc/pam.d/common-*
<J_P> hi all
<J_P> are there a problem with sources.list of jaunty?
<J_P> here is very very slow or stop..
<J_P> a apt-get update
<J_P> or apt-get dist-upgrade
<J_P> anyone know what is the problem?
<KillMeNow> haven't heard of any issue
<Pici> J_P: It may just be the mirror you are hitting, I've not seen or heard of any issues today.
<henkjan> J_P: you can try another mirror
<J_P> henkjan: humm, what are the list of mirrors?
<the-dude> or change country mirror
<henkjan> https://wiki.ubuntu.com/Mirrors
<J_P> the-dude: henkjan ok
<henkjan> J_P: https://launchpad.net/ubuntu/+archivemirrors
<henkjan> on the last one from launchpad you can check if the mirror is up2date
<henkjan> of course, the best one to use is nl.archive :)
<J_P> I change country mirror and works
<toehio> is there a package that contains everything necessary to turn ubuntu-server into ubuntu-desktop (Gnome + all other desktop apps)?
<uvirtbot> New bug: #362603 in unixodbc (main) "ODBCConfig fails on configure existing data source" [Undecided,Incomplete] https://launchpad.net/bugs/362603
<henkjan> toehio: apt-get install ubuntu-desktop
<toehio> henkjan: thank you!
<toehio> is there something similar for xfce?
<toehio> xubuntu-desktop :)
<henkjan> toehio: thats right
<toehio> So simple. I love it :)
<pan12345> http://www.thaiadpoint.com/tap8.1/bin/redir.php?p=2042&l=1357&u_id=363435
<zul> smoser: you might want to add a section about removing images with big fat security holes
<smoser> hm... doesn't that seem rude ?
<pan12345> http://www.thaiadpoint.com/tap8.1/bin/redir.php?p=2042&l=1357&u_id=363435
<zul> smoser: it might but better safer than sorry
<zul> im pretty sure rhel does it
<zul> just thought I would bring it up
<smoser> i'm not aware of any software release that actively destroys old release media
<smoser> ie, fedora doesn't remove install isos because they have security flaws, nor does ubuntu
<kees> smoser: nothing what was in release is removed, but anything between release and current -security or -updates is removed (though not the source)
<smoser> hm... i didn't realize that.
<borior> hi all, I'm running ubuntu-server 9.04 and am trying to get a xen-compatible kernel up and running. where can I find the default server kernel config? no /proc/config.gz... =(
<borior> oh, *duh*. /boot.... sorry for not looking there first!
<giovani> heh
<giovani> that's where they always are ...
<zul> kees: but didnt we release new isos when that ssh key vuln was found?
<kees> zul: correct.
<kees> zul: er, actually, I can't remember now
<soren> kees: Had you heard of TOTP and/or HOTP before?
<zul> kees, smoser: maybe have something like ec2-init check the ami id against a blacklist of amis  you are running and print out a big fat warning when the user login
<kees> soren: hadn't, no
<soren> kees: Alright.
<ruben23> hi
<ruben23> how do i completely stop an application running form my ubuntu server- even when the server is restarted....
<soren> ruben23: What's the application?
<ruben23> the application will not still run
<ruben23> like mysql and apache
<ruben23> that two application..
<soren> Eh? Are you trying to start or stop it?
<ruben23> i mean completely disable
<ruben23> the two service
<ruben23> anyone have idea...?
<ruben23> anyone...?
<soren> I don't understand your question.
<domas> update-rc.d
<zoopster> ruben23: use update-rc.d to remove it
<soren> Are we talking about apache and mysql or something *like* apache and mysql?
<soren> And are you trying to start it or stop it?
<ruben23> zoopster: how do i execute it..
<ruben23> yes--i said stop it
<uvirtbot> New bug: #302962 in mailman (main) "Mailman web interface does not work with suexec" [Undecided,Incomplete] https://launchpad.net/bugs/302962
<qman__> kees, yeah, new ISOs were built shortly after the SSH key vulnerability
<qman__> it was 6.06.1 IIRC
<George1> Hi Guys, basic question about Ubuntu server 9 running the cloud software. If I add a virtual machine into the cloud is that then running on a single server or does it run over multiple servers within the cloud?
<George1> Assuming  I had say 2 servers in my cloud config.
<KillMeNow> no idear
<guntbert> I wanted to know to which package "man" belongs, apt-file search "/usr/bin/man" gives several results but *nothing* for man itself - whats the trick?
<dmacnutt> /usr/bin/man
<guntbert> dmacnutt: ??
<dmacnutt> probably part of base-files
<dmacnutt> maybe doc-base
<guntbert> dmacnutt: let me test some ideas
<dmacnutt> nevermind it's called "man"
<kees> qman__: dapper wasn't affected :)
<guntbert> dmacnutt: do me a favor - please try dpkg -S man | grep bin/man on your system - that *should* give /usr/bin/man and a few more...
<jdstrand> guntbert: dpkg -S /usr/bin/man
<jdstrand> man-db: /usr/bin/man
 * soren is getting annoyed.
<soren> Can some please calculate the HMAC_SHA1 with key "12345678901234567890" and data 0 (ASCII 0, not '0')? I have a document that says it should yield one value, but I'm getting another.
<qman__> kees, ah, my bad, but I do distinctly remember a new build right after the vulnerability
<guntbert> jdstrand: strange here I get ...not found but  man-db is installed
<jdstrand> guntbert: what version of Ubuntu?
<guntbert> 9.04 server
<jdstrand> $ ls -l /usr/bin/man
<jdstrand> lrwxrwxrwx 1 root root 17 2009-04-24 18:03 /usr/bin/man -> ../lib/man-db/man
<jdstrand> dpkg -S /usr/lib/man-db/man
<jdstrand> man-db: /usr/lib/man-db/man
<jdstrand> guntbert: ^
 * soren headdesks
<soren> Never mind about that HMAC.
<guntbert> jdstrand: ok, thx - I finally understand - silly me
 * soren kicks himself and learns the difference between bits and bytes
<guntbert> soren: 8bits are .... uuhhmm what? ;-)
<KillMeNow> but what about nibbles guntbert??
<ScottK> guntbert: two nibbles.
<guntbert> KillMeNow: oh you naughty boy ;-)
<KillMeNow> LOL
 * KillMeNow likes nibbles
<soren> guntbert: Something very different from 8 bytes. I know that much.
<soren> Now.
<guntbert> soren: don't worry, I hear those sentences rather often (as in "an IPv4 address consists of 4 bit" :-))
<soren> mdeslaur: In other news, in case you're interested, I have a HOTP key generator in Python now.
<mdeslaur> soren: oh, cool :)
<mdeslaur> soren: so, besides adding time drift handling...is there anything missing to make a validator?
<mdeslaur> soren: did you order a token?
<soren> mdeslaur: Yeah, there are a few things like throttling, resynchronisation (in case someone accidentally generates a stack of keys that are never used..)
<soren> mdeslaur: I'm also not US based, so no.
<mdeslaur> I thought it was time-based...it needs resynchronisation?
<mdeslaur> oh! HOTP!
<mdeslaur> I thought TOTP
<soren> mdeslaur: That's next.
<mdeslaur> sweet :)
 * soren is enjoying having written unit tests for this.
<kees> qman__: yeah
 * soren calls it a day
<JanC> guntbert: 8 bits = 1 octet (I'm also not sure if 1 byte could not be 1 bit; is a 1-bit computer architecture possible? ;) )
<guntbert> JanC: lets not split hairs - I'm content if the general difference is understood (as "there are 10 kinds of people, those who understand binary and those who don't")
#ubuntu-server 2009-09-10
<KillMeNow> LMAO guntbert
<JanC> guntbert: well, do you also have a slogan for understanding ternary logic?  ;)
<KillMeNow> JanC:  isn't that the logic that got us in the economic mess?  hehehehe
<JanC> start at http://en.wikipedia.org/wiki/Ternary_computer if you wanna read about it
<mdz> smoser, ping
<uvirtbot> New bug: #404394 in kvm (universe) "qcow2 corruption regression" [Undecided,New] https://launchpad.net/bugs/404394
<uvirtbot> New bug: #427075 in php5 (main) "libphp5.so segmentation fault - apache2+mediawiki" [Undecided,New] https://launchpad.net/bugs/427075
<smoser> mdz, here now
<Techtronic> hello , i cant login to nagios ...  PAM: user 'nagiosadmin' - not authenticated: Authentication failure .....
<Techtronic> what i do wrong ? :/
<KillMeNow> http://www.linuxquestions.org/questions/linux-software-2/lost-nagios-admin-password...-help-695402/#post3399240
<KillMeNow> that shows how to reset the nagios admin user password
<Techtronic> i know pasword
<Techtronic> not helped this link
<Techtronic> PAM authenticate failure :/
<Techtronic> need disable mod_auth_pam.c
<KillMeNow> http://ubuntuforums.org/archive/index.php/t-275996.html
<KillMeNow> google Techtronic
<Techtronic> KillMeNow thanks you saved my night :D
<mm_202> Can someone please assist me with an apparmor issue?
<mm_202> Im trying to start mysqld and I get this lovely error: 090909 20:12:42  InnoDB: Operating system error number 13 in a file operation.
<mm_202> InnoDB: The error means mysqld does not have the access rights to the directory.
<KillMeNow> here is the best assistance i could give you mm:  toss apparmor
<mm_202> KillMeNow: yes, I fscking hate it.  But the ONLY reason I am reluctant is that it is a public server..
<mm_202> My first box that isnt behind a firewall
<mm_202> But I guess if someone gets shell access Im screwed anyways
<mm_202> How many people here run servers (ubuntu of course) without a firewall?
<KillMeNow> i have a public facing Ubuntu box, but it's all IPTabled up
<KillMeNow> and i don't use apparmor
<KillMeNow> i tried to get it to work, but it's a big stinking pile of poo
<KillMeNow> altho i've heard it's easier than SElinux
<mm_202> Yeah, my ubuntu servers at home, I killed apparmor on them as well
<KillMeNow> as long as you stay up on your patching and don't run anything that could cause you problems like IRC or something
<KillMeNow> or if you do i suppose you could run it in a jail
<mm_202> Yep, remove apparmor and works great now =)
<KillMeNow> big pile of stinking poo
<KillMeNow> i think that's what i called it...  yea..
<oh_noes> is it possible to remount / as ro from recovery
<oh_noes> or do i have to boot a live CD?
<twb> oh_noes: sudo mount -o ro,remount /
<twb> TIAS
<qman__> I haven't run into any problems with apparmor, but it's worlds better than selinux
<qman__> since with apparmor, if you're having an issue, you can just remove one profile that's causing it
<qman__> with selinux you have to disable it altogether, or find and fix the problem
<qman__> and the error messages aren't very friendly
<oh_noes> twb: doesnt work ... even after booting into recovery mode it says Device is busy
<oh_noes> and 'mount' shows . mounted as full rw
<oh_noes> which is where im confused
<qman__> apparmor is also a pretty nice alternative approach to jailing services
<twb> qman__: I would trust a jail more...
<twb> oh_noes: dunno, then, sorry.
<error404notfound> whats wrong with this cron: "10 4    * * *           freshclam; clamscan --bell -r --detect-pua=yes --max-dir-recursion=40 --log=/var/log/clamav/$(date +%b%d%Y%H%M%S).log -i /", it says: /bin/sh: Syntax error: end of file unexpected (expecting ")")
<qman__> error404notfound, there's no user listed for the job to run as
<error404notfound> qman__, no, thats not needed, all crons in root's crontab run without user
<error404notfound> there is something else
<error404notfound> without user mentioned explicitly*
<qman__> I use cron.d and friends, not root's crontab
<qman__> makes management easier
<error404notfound> i use one crontab :D
<foob12> does anyone software based mp3 player that supports socks 5 proxy client funtion
<maxagaz> hi
<qman__> error404notfound, I think I see it
<qman__> --log=/var/log/clamav/$(date +%b%d%Y%H%M%S).log
<qman__> because of that space, you need quotes
<qman__> though I don't know where you need them
<qman__> also, escaping that space may work
<error404notfound> hmmm, lemme check
<qman__> I thought that should have worked the way you have it
<qman__> but since it's in --log=, it may not apply normally
<qman__> that's the only place a missing ) makes sense
<qman__> I also don't know if dash supports the $() syntax, though I don't see why it shouldn't
<error404notfound> qman__, even tried date \+... , still same error
<error404notfound> \ before space
<qman__> I don't see any notes regarding $() in dash
<qman__> try using backticks just to see if it's the same error
<qman__> also, any particular reason you're scanning /?
<qman__> it's really not necessary, you only need to scan your file shares
<twb> foob12: mplayer probably
<error404notfound> qman__, i also tried `` and got: /bin/sh: Syntax error: EOF in backquote substitution , and i am scanning because a stupid user uploaded some stuff while i wasnt not around its infected, so just to be safe than sorry i wnat to scan whole "/"
<error404notfound> qman__, even if i scan file shares, home dirs, the error in the cron is still there, right?
<qman__> yes
<jmarsden> error404notfound: man 5 crontab and then escape all the % signs with \ or else cron will turn them into newlines :)
<error404notfound> jmarsden, aaaahhhhh :D lemme see
<qman__> that would do it
<error404notfound> and any comments on http://ubuntuforums.org/showthread.php?t=1262527 ?
<qman__> the keys were copied wrong
<qman__> it's failing when attempting to parse
<jmarsden> error404notfound: Looks like you put a GPG key in a config file, or something along those lines?
<qman__> ssh hosts files have just the key, on one line
<qman__> no ----BEGIN or anything
<error404notfound> jmarsden, i removed the config file altogether.
<qman__> one key per line
<jmarsden> error404notfound: pastebin the output of ls ~/.ssh ; file ~/.ssh/*     so we can see what the files in there are?
<error404notfound> okies
<error404notfound> qman__, jmarsden,  http://pastebin.ca/1560766
<qman__> waiting for pastebin.ca...
<jmarsden> Hmm, my browser is having trouble getting a response from pastebin.ca... trying again...
<error404notfound> qman__, jmarsden, http://pastebin.com/m3e38d075
<qman__> sure have a lot of files there
<qman__> I've only got known hosts files
<error404notfound> :D
<error404notfound> i work in too many places and dont wanna use same keys for more than one office
<qman__> good plan
<jmarsden> Yow, there is way too much junk in there to debug.  For testing, can you tar that lot up, save the tarball somewhere safe, then delete all the files from ~/.ssh/ except known_hosts and *one* pair of keys?
<jmarsden> Probably id_rsa and id_rsa.pub would be the logical ones to keep
<error404notfound> that's a 100% chance that would fix the issue
<error404notfound> thats*
<jmarsden> OK, so do it and then we can slowly add stuff back until we find the problem.
<jmarsden> This is called troubleshooting :)
<error404notfound> issue fixed...
<error404notfound> :D
<error404notfound> jmarsden, i am too lazy to do this alone, so stick with me, i am sooooooo lonely :P :D
<jmarsden> OK, add back new_id_rsa and new_id_rsa.pub and retest
<error404notfound> jmarsden, doing it :D
<jmarsden> As in, now you have the error?
<jmarsden> Or as in, now you are testing?
<error404notfound> misc* is causing the problem
<error404notfound> even renaming them doesn't solve the problem, and they are valid ssh keys as i cat them
<twb> None of those keys will be used unless you have code in .ssh/config or /etc/ssh/ssh_config telling it to.
<error404notfound> okay, this is strange, for one host the misc ones give rise to the error, for other hosts its a different pair, strange..
<error404notfound> i dont have a ~/.ssh/config and i havent specific anything in ssh_config, lemme pastebin
<error404notfound> http://pastebin.com/m45eb2184
<jmarsden> Looks pretty boring to me... nothing in there about using the other keys.  So you have been doing ssh -i whatever    all over the place to get it to use the special keypairs?
<error404notfound> jmarsden, i have aliases :P
<jmarsden> OK.   I'm doing some testing here... Apparently, if you have lots of keypairs in ~/.ssh, the default is to try all of them... ?  I just did      for i in `seq 1 50` ; do ssh-keygen -f junk$i ; done      and so generated 50 junk keypairs (held down the enter key for all the password prompts).
<jmarsden> I have a feeling there was a bug report about this and how to fix it somewhere in Launchpad...
<jmarsden> Most likely you can just specify the key for each host in ~/.ssh/config so it only presents one, not all of them?
<error404notfound> jmarsden, yup, it tries one by one all keypairs, and thats not what i want, for hosts i dont use "-i" i want it to go to password authentication directly
<jmarsden> Well, you should probably set up ~/.ssh/config to tell it that, or something close to that, then.
<error404notfound> jmarsden, yes, but for LAN machines, i use passwords, not keys, here at this office i have a 70 node LAN, 5server, for servers=keys, for other = passwords
<jmarsden> If you just put Host * IdentifyFile id_rsa  Host server1 IdentityFile whatever_rsa  and so forth lines in ~/.ssh/config it should work fine.
<jmarsden> No need for the -i nonsense if you configure SSH right :)
<jmarsden> That should be    IdentityFile id_rsa   in there, not IdentifyFile, weird typo
<jmarsden> See https://bugs.launchpad.net/bugs/374427 for a similar kind of issue.
<uvirtbot> Launchpad bug 374427 in openssh "doesn't accept multiple keys in id_rsa" [Undecided,Invalid]
<error404notfound> jmarsden, okay, what if i want to use same key for multiple hosts? will i need multiple hosts blocks? thats redudant and i will have to add say 30,40 entries :(
<jmarsden> I'm not sure, I think as long as you have a Host *  IdentityFile id_rsa in there as a default you can override that with -i if you really want to and like it :)
<jmarsden> But IMO 30 or 40 aliases are at least as bad as 30 or 40 lines in a config file :)
<jmarsden> And BTW, why do you need 30 or 40 keypairs anyway?
<error404notfound> jmarsden, i use one key for 5 servers at this place, one for 8 servers at another, 1 for 3 servers at home and my vps, and etc,
<error404notfound> jmarsden, not 30,40 keypairs, 30,40 hosts with which i use keys
<jmarsden> I don't know if you can do Host *.somedomain.com in ~/ssh/config, you'd have to experiment.
<error404notfound> Say host A and B uses id_rsa, and host C and D id_rsa, would i need 4 hosts blocks?
<error404notfound> jmarsden, i can do that.
<jmarsden> Looks like you can.  man ssh_config and search for the section titled PATTERNS
<k2en> hi
<k2en> i'm running hardy as a file server for about 30 clients , both XP and Ubuntu. It was running fine until a few days ago , now it takes the clients a long time to connect and browse the server.
<k2en> but i ran top on the server and nothing seem to slow it down
<twb> k2en: did you try reading the log files?
<k2en> twb, which log files should i check specifically ?
<twb> k2en: /var/log/*
<twb> k2en: I don't know, specifically.
<twb> Though for "network is slow" I would often resort to a simple packet sniff, to find out where in the connection the slowness occurs.
<k2en> twb,  ok what do i need for that? etherape?
<twb> I normally use tshark (wireshark) or tcpdump.
<twb> Primarily because with those I can dump a .pcap file and then analyse it later/elsewhere
<jmarsden> k2en: Whatever sniffer you already know how to use.  tcpdump, wireshark, use whatever works for you :)  BTW for "connect and browse", I'd be checking samba log files too... and wondering about DNS/browse master type issues.
<twb> jmarsden: ooh, good idea re DNS
<k2en> jmarsden, why should i check DNS?
<twb> hard-binding name services routinely fuck me w.r.t. that kind of symptom
 * twb glares at LDAP
<jmarsden> because if hosts can't resolve the server name using DNS they may time out and then retry using NETBIOS or whatever... and that all wastes time...
<k2en> jmarsden, i see.that would be a cleint problem then , no?
<jmarsden> Not necessarily.  Maybe your DNS server died?  or your winbindd is doing something bad?  or whatever...  Did anything change regarding DNS or the ISP you use or whatever that could be related to this
<k2en> jmarsden, no, i'm using different DNS for different boxes, but the problem is with all clients
<jmarsden> k2en: Basically, when "connect and browse" is slow, name resolution is a VERY common culprit, so I would suggest you test it instead of telling me it can't possibly be broken.  Just from experience :)
<k2en> jmarsden, sure
<k2en> jmarsden, how do i check that on the client?/
<jmarsden> Use nslookup
<jmarsden> Check using ipconfig /all that the XP client is using the DNS server(s) you think it is, too.
<jmarsden> Check that the hosts file in C:\WINDOWS\system32\drivers\etc is sane, if you thing someone or something might have messed with that.
<k2en> jmarsden, ok, thanks
<k2en> the reason i thought its a server problem is that suddently all clients reported a slow down
<k2en> but i will check the DNS and hists
<k2en> hosts
<k2en> also samba logs
<jmarsden> Sounds like a network problem of some sort, but may not be the actual SMB service that is the culprit.
<jmarsden> I've seen networks go nuts when someone plugs in a Cat5 patch cable ... both ends of it into the same switch :/
<k2en> jmarsden, `since my server has a fixed IP ,can i set the client to go directly to IP without a need for DNS?
<jmarsden> You can, but that's not really a good idea except for testing.
<k2en> i'm pretty sure the ubuntu clients do that
<jmarsden> Why, if you have (or *had*) working DNS on this network?
<k2en> jmarsden, going to checkthe logs, thanks for info, killing the gui now
<jmarsden> OK... BTW, Ubuntu server's do not have a GUI
<artillerytx> is there a text based aim client for ubuntu ?
<henkjan> artillerytx: irssi + bitlbee
<artillerytx> henkjan: is that better than centericq?
<henkjan> artillerytx: i've never used centericq.
<artillerytx> k cool
<henkjan> artillerytx: irssi is een irc client and bitblee a gateway to jabber/msn/aim/icq
<artillerytx> i've used irssi
<artillerytx> didn't know it has like extensions
<jmarsden> artillerytx: bitlbee is not irssi specific, it is a gateway so any IRC client can talk to other kinds of messaging servers.
<uvirtbot> New bug: #427190 in php5 (main) "php pages on localhost try to download instead of render in firefox most of the time" [Undecided,Incomplete] https://launchpad.net/bugs/427190
<soren> mdeslaur: lp:~soren/+junk/pyotp
<twb> Did I see something recently about infrastructure to install an arbitrary i386 .deb into an amd64 system (i.e. a biarch workaround)?
<twb> Can it be generalized into unpacking debs from one arbitrary arch into another arbitrary arch?  (Running the postinst is not necessary.)  Plan B is to try dpkg -x.
<mushroomblue> no.
<mushroomblue> well, maybe.
<mushroomblue> the reason it works with x86/x64 is because of a binary compatibility library that AMD released
<mushroomblue> I suppose something could be done for other archs, provided someone's written the glue.
<mushroomblue> otherwise, no.
<mushroomblue> it's a shame the crusoe didn't take off; it might've brought this sorta thing automatically.
<twb> mushroomblue: I intend to combine it with qemu's CPU emulators
<twb> In the imaginary scenario where my I won't be distracted from this goal by the end of the day
<k1en> hi, can anyone take a look at my samba log, i'm running a file server and recently clients have been complaining about a slow down
<k1en> http://pastebin.ubuntu.com/268431/
<k1en> the main error is " getpeername failed. Error was Transport endpoint is not connected"
<jmarsden> k1en: There is a somewhat inconclusive thread at http://lists.samba.org/archive/samba/2005-April/thread.html#104000 which might be relevant?
<k1en> i'll try "smb ports = 445"
<k1en> another error i get is : "call_trans2qfsinfo: not an allowed info level (0x102) on IPC$"
<k1en> i read here that an ugrade might solve it : http://forums.opensuse.org/network-internet/391249-samba-problem-after-upgrade-opensuse-11-a.html#post1847349
<k1en> i havent updated my server in months so i'll try it
<acalvo> Hi
<acalvo> when using winbindd, if I want to use it from another server, I need to install the winbindd program to be able to "talk" to the winbindd server?
<cocoa117> is there any NAS appliance available on ubuntu-server? i can just run
<twb> cocoa117: you want to buy a NAS unit that ships with Ubuntu pre-installed?
<cocoa117> twb, no, i have old machine lying around, want to put ubuntu on it with NAS software (Samba, web management, NFS...)
<cocoa117> don't like the NAS hardware, it have limited features
<twb> IME all web management blows.
<twb> Theoretically ebox is supported, but I wasn't impressed.
<cocoa117> so the best still ssh then
<mdeslaur> soren: wow...that is...incredibly simple. cool!
<apw> kirkland, seems our virutal kernel requires one of grub or lilo to be installed, we are wondering if there is any reason that we cannot also allow grub2 to be an option as we do for all the otehr kernel images
<smoser> soren, ping
<smoser> good morning erichammond
<erichammond> smoser: 'lo
<kirkland> apw: i don't know of any reason why not
<apw> i was pointed a zul, what timezone is he in
<apw> or are you happy to be definiative on that one
 * apw can't see any reason either
<apw> kirkland, ^^
<smoser> erichammond, i think you answered the question, but just to be sure, you're not aware of anyway to generate a manifest that [re]uses another's "<parts count='15'>"
<kirkland> apw: zul is in ottawa
<kirkland> apw: one hour ahead of me
<smoser> it really seems that this shoudl be acheivable, especially given the existance of euca2ools that generate them
<kirkland> soren: smoser, can grub2 be used in the ec2 kernel?
<apw> the ec2 kernel is different again, this is -virtual
<smoser> kirkland, no
<smoser> ec2 doesn't use a bootloader
<smoser> err, rather they use xen dom0 as the bootloader
<apw> i am a little confused that it would care at all that you have or do not have a bootloader
<erichammond> smoser: I haven't tried tweaking manifests.  I just use the ec2 AMI tools.
<smoser> erichammond, i've tried hacking at the manifest unsuccessfully... but i didn't re-do any of the crypto stuff, so likely the output of mine didn't validate.
<apw> i would expect that all the normal consumers of -virtual don't need one at all, and its making sure its installed in the host, so ... its not obvious that it should care at all, ie. any should be ok
<smoser> apw, kirkland, i'm missing something here.
<erichammond> smoser: ... Yep, I was about to make a comment about the encryption/signing.  You'd need to use Amazon's public key which I suppose is buried in the compiled Java code.
<smoser> erichammond, well somewhere/somewhow euca2ools can do it
<apw> the kernel flavour -virtual has an install depenancy on a bootloader, it requires grub or lilo to be installed when it installed
<smoser> ah.
<smoser> i'd say *maybe*.
<apw> we want to add grub-pc (grub2) to that list.  as far as i understand the use model you install it in the host anyhow
<smoser> the user of -virtual could be
<smoser> a.) someone using it on bare metal
<smoser> b.) someone using it in xen domU
<erichammond> smoser: It shouldn't be that difficult to simply recreate the image (ec2-unbundle) and rebundle it (ec2-bundle-image)
<smoser> c.) someone using it in kvm domU booting a disk/bootloader
<smoser> d.) someone using int in kvm domU booting with 'kvm -kernel/-initrd'
<smoser> for a and c above, you need a bootloader
<smoser> erichammond, correct. thats easy.
<apw> smoser, but any bootloader is acceptable, so adding grub2 seems reasonable.  yes?
<smoser> but then it you have to use a different prefix (or rename the image) to avoid collision on upload to s3
<smoser> apw, i would think so, yes.  i have no knowledge or reason to believe that grub2 does not work in kvm guest.
<apw> so that sounds like general 'its not mad, lets go for it' all round then
<smoser> erichammond, my goal in 'hacking' it was to use the same <part> pieces, and thus be obvious that "this is the same AMI but with changed kernel/ramdisk"
<smoser> i think that would be less obvious with rename
<erichammond> smoser: Nobody but the image creator can look at the contents of the manifest.
<smoser> i wondered how publi that would be. i think i'm old on just re-bundling
<smoser> s/publi/public/
<erichammond> smoser: I think anybody who cares to the level you are describing can simply run the old AMI with the new AKI+ARI.
<smoser> yeah. i think maybe i'm being overly concerned.
<smoser> i just know that lots of people don't like changing anything once their app is working.
<erichammond> smoser: Yep, I know some of those.  They're still running Gutsy on EC2.
<smoser> and such a change in the ami that its built on would possibly force another round of test
<smoser> if they could be convinced that the disk contents were identical, but with different kernel, maybe they'd waive those.
<erichammond> There's no way for anybody but the creator to know what the AMI contents are or to know that they are the same as any other AMI contents.
<erichammond> It's 6am here. I need to grab some sleep.
<smoser> erichammond, good night. thanks.
<smoser> i'm changing the doc to say we'll rebundle
<zul> morning
<zul> smoser: i was thinking last night that you might want upload a test image with the kernel modules from the ppa so people can test what they would normally do with an ec2 miage
<smoser> zul, test image with kernel  modules?
<smoser> i want to get something together today and send out a request for testing. something that wethink would work.
<smoser> it would be more useful if "very very soon" was defined with an actual time (as per launchpad's "Launchpad will be going offline for maintenance very very soon." message)
<shyam_k`> as i connect to my home router(&modem), i can ping to my router but can't access ping an external site.. i can telnet to my home router(&modem that the isp gave me) and can see that it can ping external sites. What can be the problem?
<shyam_k`> where will be the problem? can it be with the router, or the laptop, or even the isp's external node?
<shyam_k`> the laptop can ping the router. so i donno if it requires any more than that to get internet that the router has..
<shyam_k`> ah i forgot to say that under such a situtation,.if i reboot the router and reconnect the lap with router, everything works fine
<zul_> bah..my internet connection is sucking today
<shyam_k`> zul: mine too:(
<soren> mdeslaur: I almost finished a C implementation as well, but eventually had to slepe.
<soren> mdeslaur: sleep, even.
<soren> smoser: You pang, sir?
<smoser> si
<smoser> a couple things, soren
<smoser> a.) i think i give up on the 're-use image parts' (aka hack a manifest with newer aki/ari)
<smoser>  at least for the moment it doesn't seem to give much benefit
<soren> smoser: Alright.
<smoser> above, erichammond pointed out that no one othe rthan the author can see the manifest
<soren> smoser: By default, yeah.
<smoser> so it doesn't help "prove" anything or give stronger indication than a promise that the disk image didn't change
<smoser> i didn't know if there were possibly some keys there or something that you wouldn't want to share it.
<smoser> but anyway, i'm not going to bother chasing that right now
<soren> smoser: Alright.
<mdeslaur> soren: now we need to convince someone to buy us some tokens :P
<kirkland> soren: is vmbuilder in LP functional yet?
<soren> kirkland: Nope, sorry.
<smoser> (wouldn't hvae thought there were keys, but there are things like 'user_encrypted_key' in the xml
<soren> kirkland: Haven't gotten far on my todo list today at all, really.
<soren> kirkland: My dentist appointment involved a lot of waiting :(
<smoser> b.) had you investigated acutally packaging the ec2 kernel builds such that 'apt-get install linux-image-$(uname -r)' would work to get modules for your kernle ?
<smoser> i think that doing that would give more consistent usage with the rest of ubuntu, even with building private kernel modules (using linux-headers, config and such)
<soren> smoser: Not really. I did most of my thinking on the subject back when there were no network drivers in the default kernels, so apt-get was out of the question.
<smoser> i think we'd still want the initrd to house the network drivers
<smoser> so they'd be duplicated
<soren> smoser: There's also the problem of ABI bumps.
<smoser> what problem ?
<soren> smoser: Usually, we nuke packages with the old ABI when there's a new one.
<soren> smoser: ...which would render the instances using older kernels less functional.
<smoser> really. i was unaware that we took such rude stance on that.
<soren> smoser: ...since they can't install their modules anymore.
<smoser> it definitely would be a show stopper.
<kirkland> soren: what can I do to make vmbuilder functional?
<soren> kirkland: Install grub1.
<soren> kirkland: Or wait >(
<kirkland> soren: is there assistance i can offer on vmbuilder?
<soren> Er...
 * soren switches keyboard layout..
<soren> There. >) should have been :)
<kirkland> >) looks like a wincing smile
<soren> kirkland: I don't think your time would be very well spent trying to work things out in VMBuilder. that part of it is qite  opaque.
<smoser> soren, so, i still think that we should try to get 'apt-get install linux-image-$(uname -r)' to work inside a ec2 instance
<smoser> to deal with the deletion of old packages, we should make sure "reasonable" modules are loaded in the initrd (or copied through to the guest).
<soren> smoser: You should ask the archive admins, really. It's their decision whether they're willing to keep the binary packages around forever.
<smoser> but if we're telling people elsewhere "you really shouldn't use these kernels" then we should be sending that message on amazon too
<soren> smoser: I don't think that's good enough.
<smoser> soren, why not ? as it is right now, there is some limited list of modules that you get. if you want more your on your own
<soren> smoser: It will mean that stuff that used to work could suddenly cease to work without any hint or warning.
<soren> smoser: Ok, you lost me.
<smoser> how is that different from my server system ?
<soren> smoser: You server system has the modules *on disk*.
<soren> smoser: Restarting it will not remove them.
<smoser> yes, but maybe it doesn't have linux-headers (so i can't build a module)
<smoser> and i'm unable to get that for my system now because someone deleted them from the archive for me
<soren> smoser: If you haven't built it, you're not using it, and are not dependent on it.
<soren> smoser: On EC2, you may have been using the modules happily for a long time, along comes and ABI bump, and your modules go missing.
<smoser> my documentation on how to do somehing "used to work" and now doesnt
<smoser> (the something above is 'build a kernel module')
<soren> EC2 is really just very different here. It's *designed* to have people start up instances and blow them away *all* the time.
<smoser> maybe i've scripted all that, so its magic (as the kernel-module packages do ... like kqemu or vmware ... )
<soren> And if you install a new system in the real world, you'll be using a new kernel.
<soren> On EC2 you don't have the liberty to just go and upgade your kernel like you do on your other systems.
<soren> upgrade, even.
<smoser> i agree that its somewhat different, but not completely.
<soren> In short, there's nothing on your server system that will break that apt-get can't fix.
<soren> There will be on EC2 if the modules package goes missing due to an ABI bump.
<smoser> your argument is that you're "helping" users by allowing them to make full use of kernel's we've deleted for security reasons
<soren> smoser: Or other reasons.
<smoser> it seems like we're being less proactive in removal/deprecation of old kernel versions on ec2 than we are elsewhere
<kirkland> soren: okay, how do i force it to install grub1?
<soren> kirkland: On your *host*.
<kirkland> soren: oh, really ...  hmmf
<soren> smoser: We don't forcibly remove people's kernels on "regular" systems.
<soren> smoser: ...or the modules corresponding to old kernels.
<smoser> but they are not able to do anything *new* with that old kernel (like build a new driver/filesystem for it) if they had not previously installed all $(uname -r) packages
<soren> No, but they can just upgrade!
<soren> that's the point.
<soren> A quick apt-get, and they're done.
<nimrod0> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<nimrod0> !snmp
<ubottu> Sorry, I don't know anything about snmp
<nimrod0> !snmpd
<ubottu> Sorry, I don't know anything about snmpd
<nimrod0> is there any good ubuntu tutorial for snmp and mibs ?
<smoser> soren, a quick switch of ami would make the ec2 user 'done', no ?
<soren> smoser: It's really not necessarily that quick.
<soren> smoser: He may have rebundled or whatever.
<kirkland> soren: i should be able to run vmbuilder from within a vm (assuming it has enough disk space), right?
<soren> kirkland: Sure.
<smoser> in the re-bundle case, i agree. but then they could have easily installed those modules before rebundling
<soren> smoser: True.
<smoser> the only thing i have against the ec2 kernel update proposal (of stuffing all modules into initramdisk and then copying that to /) is that it is not consistent with the way ubuntu works other places.
<smoser> i'd suggest that we take that approach for kernel modules that we expect are highly likely to be used
<smoser> and for others, provide the package to get the rest, and document that those might go away
<smoser> soren, one other question i have on that... why not just 'modprobe' all the modules that were in the initrd as opposed to copying them to /lib/modules/$(uname -r)
<smoser> other than memory usage, it'd seem the same (and if you were concerned about that, the user could remove any modules they didn't need)
<soren> smoser: Hmm... I guess that could work.
<smoser> it just feels to me that the less different 'ubuntu-on-ec2' is, the better
<smoser> different than ubuntu-on-otherstuff
<soren> Certainly
<smoser> i was unaware of our stance on deleting things from the archive until yesterday. it just feels rude to me.
<smoser> i guess you could presumably build from source
<soren> smoser: We never delete stuff that was in he archive at release time.
<soren> smoser: -updates and -security (and -proposed) are different, though.
<smoser> right.
<soren> As to making ubuntu-on-ec2 as much like ubuntu-on-everything-else as possible, I'm not completely sure whether having a boatload of modules installed at boot time that are nowhere to be found on the filesystem is more like everything else than an approach that, after ec2-init has done its magic, leaves a filesystem with modules ready to be loaded, just like everywhere else.
<soren> I think I could be convinced either way at this point.
<smoser> fair
<smoser> i think from a documentation perspective, installing a linux-headers- and linux-image- package is nicely consistent
<smoser> i really would like for that to "just work" as it does elsewhere.
<smoser> hopefully existing files (copied from the initrd) to /lib/modules/$(uname -r) wouldn't cause install failure
<nimrod0> anyone has a good guide to setup snmpd on ubuntu server as the default install generates just a handfull of values and no cpu or memory valuest
<nimrod0> s/valuest/values
<soren> smoser: They won't.
<smoser> the 'for x in list-of-modules; do modprobe $x; done' just seemed easier than tmpfs and copying
<smoser> and would "just work" without the root filesytsem doing anything
<smoser> (if someone used our kernels/initrd for non-ubuntu ami)
<cocoa117> is the stricky bit only work for other user? "chmod u=rwx,g=rwxt,o= test2" always give me drwxrwx---. i thought it supports to be drwxrwt---, anyone?
<soren> cocoa117: replace your t with and s, and you should be good.
<soren> cocoa117: what are you trying to achieve, exactly?
<uvirtbot> New bug: #427236 in eucalyptus (main) "high memory usage by CC" [Undecided,New] https://launchpad.net/bugs/427236
<cocoa117> soren, so only owner can delete file, while others can still edit it
<genii> !info eucalyptus
<ubottu> Package eucalyptus does not exist in jaunty
<genii> Hm
<soren> cocoa117: Then you still want o=t.
<soren> cocoa117: g=s is something completely different
<cocoa117> so it has to be chmod u=rwx,g=rwx,o=rwxt test2
<cocoa117> soren, so it has to be chmod u=rwx,g=rwx,o=rwxt test2
<soren> cocoa117: You don't need o=rwx
<soren> cocoa117: o=t will do.
<cocoa117> i c
<cocoa117> soren, does that mean, other user can't read/write/execute the folder
<soren> cocoa117: Yes.
<cocoa117> soren, thanx
<soren> cocoa117: I presume that's what you want given you tried o= to begin with.
<cocoa117> soren, it is, only owner and group allow to access it
<mxzypltk> VirtualD:  did you have a chance to load the latest e1000e module last night?
<smoser> erichammond, awake?
<thebishop> i'm trying to install a telnetd server.  I can access it with "telnet localhost", but when i try to access from a remote server it doesn't connect.  I'm assuming this is a firewall issue, but i'm not sure.  Any ideas?
 * soren needs to go and buy food..
<twb> I hope you have a good reason for installing an insecure service like telnet.
<blue-frog> thebishop: you certainly need to do some PAT to redirect port 23
<thebishop> twb, unfortunately, i do :(
<thebishop> blue-frog, do I need to redirect?  I just want to open 23 to the outside world
<blue-frog> your server is directly on the internet or behind a router?
<thebishop> it seems to be open to itself
<hjmf> the-dude: wouldn't be better to use some kind of ssh tunnel to at least encrypt your telnet traffic
<hjmf> ?
<hjmf> sorry I meant thebishop ^^
<blue-frog> thebishop: as twb highlighted I assume that your are either trolling or looking for problems with your server
<thebishop> it's neither.  I have a legit need for telnet.  I don't have a choice unfortunately, and I know it's a bad idea
<blue-frog> thebishop: so do you have a router in between internet and your server?
<hjmf> at least you can tunnel that traffic; it wouldn't be hard to do it
<thebishop> blue-frog, it has a static ip on the internet.  it's a virtual server running from a web hosting service
<thebishop> i'd like to get basic functionality working before i try to secure it
<blue-frog> thebishop: then there is a good chance for your webhoster to refuse any connection to 23
<thebishop> i've got a ridiculously irrational person breathing down my back about it
<thebishop> blue-frog, that's an interesting suggestion
<thebishop> blue-frog, maybe i can bind telnet to another port?
<blue-frog> if you like to. use netcat
<thebishop> well, suppose it's not my host
<thebishop> i don't have a lot of experience with iptables to diagnose if that's dropping port 23 packages
<thebishop> *packets
<blue-frog> thebishop: well.. better asking god than his saints, no?
<thebishop> blue-frog, this host provides NO live support
<thebishop> again, not my decision...
<smoser> kirkland, maybe you know.  i want to "file a bug against ec2 images" with this url http://bugs.launchpad... that will automatically tag the created bug with 'ec2-images'. is that possible ?
<kirkland> smoser: point me to a sample url of a tagged bug
<smoser> https://bugs.launchpad.net/ubuntu-on-ec2/+bug/419306 is tagged with ec2-images and uec-images
<uvirtbot> Launchpad bug 419306 in python-boto "boto.utils.get_instance_userdata() hangs for a long time if no userdata is provided" [High,Fix released]
<kirkland> smoser: i tried a few things, unsuccessfully
<kirkland> smoser: ask in #launchpad
<smoser> i did
<jjohansen> smoser: bug #427288
<uvirtbot> Launchpad bug 427288 in linux "Karmic i386 EC2 kernel emulating unsupported memory accesses" [Undecided,New] https://launchpad.net/bugs/427288
<smoser> then tried you, as launhcpad superfly
<smoser> i just found : https://bugs.launchpad.net/ubuntu/+filebug?field.tags=ec2-images works
<jjohansen> smoser: there are 2 ways to deal with this apparently zul's kernel patch that disables xen from setting the cs segment and an alternate libc
<smoser> jjohansen, you have thoughts ? i dont think we want alternate libc unless there is good/very-good reason
<jjohansen> smoser: I am trying to asses which is the best route to go with, how objectionable is the alternate libc
<jjohansen> smoser: the kernel patch essentially disables xen's ability to do segment based protection
<smoser> i dont think we need to name call (assess)
<jjohansen> so the kernel patch could be consider as a security issue
<smoser> this is so much fun
<jjohansen> perhaps I should ping kees and get his take as well
<mathiaz> zul_: hi - re bug 424789
<uvirtbot> Launchpad bug 424789 in php5 "PHP random segfaults on session_start();" [Undecided,In progress] https://launchpad.net/bugs/424789
<mathiaz> zul_: you don't need to ask for a FFe if there aren't new features
<mathiaz> zul_: if the new upstream revision is just a bug fix release, then you can just upload it
<mathiaz> zul_: if there are new features, they should be documented in the FFe request
<RoyK> hi. with ufw, can I reorder the rules without removing and re-adding them?
<RoyK> this is 8.04.3 LTS
<jdstrand> RoyK: not via the cli command. later versions of ufw support 'insert' though (not 8.04)
<jdstrand> RoyK: but you can edit /var/lib/ufw/*rules
<jdstrand> RoyK: just be careful to move the whole stanze to the right spot
<RoyK> perhaps time to update to something newer
<jdstrand> stanza
<uvirtbot> New bug: #427141 in mysql-dfsg-5.0 (main) "mysql update does not install" [Medium,Incomplete] https://launchpad.net/bugs/427141
<jdstrand> RoyK: well, later versions of ufw don't let you reorder then, but you can remove a rule and insert it somewhere else
 * jdstrand can't type
<jdstrand> s/reorder then/reorder them/
<RoyK> jdstrand: I see
<RoyK> still, this is a private server, so keeping it on 8.04 isn't really that necessary
<jdstrand> RoyK: take a look in /var/lib/ufw/user.rules-- it should be pretty straight forward
<jdstrand> RoyK: back it up first just in case ;)
<RoyK> jdstrand: is that just iptables stuff?
<addisonj> hmm, curious about incremental backups, whats the best solution?
<jdstrand> RoyK: iptables-restore syntax, yes
<jdstrand> RoyK: with a little accounting via comments
<RoyK> I see. I've been using iptables for years - I just fell back to ufw of good old laziness
<jdstrand> RoyK: keep the comment and the rule together and it'll go fine
<jdstrand> RoyK: laziness or 'smartness'? if ufw does what you need, use it! :)
<smoser> jjohansen, it appears your kernels have interest beyond ubuntu. one of the users on that bug is using your kernel with fedora user space
<jjohansen> heh, the more testing the better :)
<cocoa117> if user belong to admin group, it have privilege to ignore the sticky bit set on the folder?
<qman__> cocoa117, no, that just allows them to use sudo
<qman__> if they use sudo, they can override a sticky bit
<cocoa117> qman__, i found the problem, the folder belong to ower, if i change it to root, the user behaviour same as others
<cocoa117> qman__, thanx for the help
<uvirtbot> New bug: #426968 in kvm (universe) "kvm qemu slow to start first time after boot" [Low,Incomplete] https://launchpad.net/bugs/426968
<uvirtbot> New bug: #293361 in samba (main) "not possible to browse or open cifs/smb files from netapp server" [Undecided,Incomplete] https://launchpad.net/bugs/293361
<Steve[work]> afternoon everyone
<KillMeNow> howdy Steve
<modeller_wahkor1> hello
<modeller_wahkor1> I have some question abouut proxy.
<erichammond> smoser: Just got up; now I'll be offline for a few hours and then online but working.  I can't monitor all the chatter on this channel.  If there's any way you could discuss ec2 things on #ubuntu-ec2 I could keep up with it all and give feedback.
<szczym> i have problem with no output from lsusb in interepid server - its been working 5 minutes ago
<erichammond> smoser, soren, mdz, zul, jjohansen: Remember that we're not just building kernels to work with the AMIs which Canonical builds.  These kernels must also work with Ubuntu AMIs that users build themselves.  It would also make Canonical a hero if the kernels happened to work well with other Linux distros (the current tester is using Fedora 11).  That last is obviously not a requirement, but if a simple decision makes it more possible w
<erichammond> I saw some talk about copying kernel modules into / from initrd.  At first glance, seems like a cool idea.  I don't know the startup time impact, but remember that seconds count.
<smoser> erichammond, absolutely we want to support re-bundled ubuntu ami images.  and i think we don't want to do things that make other distro use of the kernel/initrds more difficult unless there is some good reason
<smoser> erichammond, startup time probably absolutely trivial
<smoser> as copy from initrd to tmpfs is memory->memory of something on the order of small number of megabytes
<smoser> and then in user space, that same copy but to / (whatever sda1 is backed by)
<soren> smoser: Well.. I have >100MB of modules on my system.
<soren> smoser: But still, copying 100 MB from memory to memory is cheap.
<smoser> yeah... the -virtual kernel is significantly smaller, though. and thats what we'd be shooting for
<soren> smoser: Oh, right, right. My bad.
<smoser> additionally you could background the copy, its not terribly likely to fail. anything that needed it could block on waiting for a 'finished' file in /lib/modules/$(uname -r) or whatever. if it happened to be slow
<kees> mathiaz: did you create the ubuntu-server meeting on The Fridge ?
<kees> mathiaz: I'm trying to follow the instructions for the security team, but it doesn't show up
<erichammond> smoser: I'm not a fan of the background copy idea.  Kernel modules are often needed on boot and boot failures are difficult to debug on EC2.  Background copy could even make the boot failures sporadic based on timing.  Requiring users to wait would require educating users which has a high percentage of failure due to the impossibility of making users find and read documentation.
<erichammond> gotta run
<mathiaz> kees: hm - a looong time ago
<kees> mathiaz: I see it in the iCal, but it doesn't show up on the fridge web site
<erichammond> In case I haven't mentioned it yet, I am thrilled to see so much progress on the kernel lately. Thanks, folks.
<mathiaz> kees: are you following https://wiki.ubuntu.com/Fridge/Calendar ?
<kees> yeah
<smoser> we'd modprobe modules needed to boot (at least on ubuntu images) from inside the initrd.
<kees> except that I can't find "Check the box that says 'Guests can modify event' "
<kees> oh nm, I found it.  it's checked
<slestak> can someone tell me the rationale for ubuntu including dnsmasq in the desktop package selection?
<slestak> i mean there is no dnsmasq.conf, so i dont think it is doing anything as a dhcp or dns cache without having some sort of configuration
<giovani> slestak: since when is it in the desktop metapackage?
<slestak> i do not know, it is installed on every jaunty machine i have
<slestak> i didnt install it, so it had to come in with the instal lmedia
<giovani> ok, first -- #ubuntu is more appropriate
<giovani> since this isn't a server discussion
<giovani> but dnsmasq is in universe
<giovani> I didn't think universe was even enabled by default
<slestak> giovani: ok, sorry for being offtopic.  intersting.
<szczym> according to my problem with no output from libusb i upgraded usbutils becouse of that: https://bugs.launchpad.net/ubuntu/+source/usbutils/+bug/159189 and still no output from lsusb, could some one help me please ?
<uvirtbot> Launchpad bug 159189 in usbutils "lsusb : Fix or remove -t option" [Low,Fix released]
<slestak> giovani: i came here since i considered the product a server oriented choice, I'll check elsewhere.  thx
<giovani> szczym: it's not a direct dependency of ubuntu-desktop
<kees> dnsmasq has been in main since hardy
<giovani> slestak: well ... but you're asking about the desktop metapackage, not about how to use dnsmasq
<giovani> kees: no, it's in universe
<kees> dnsmasq | 2.41-2ubuntu2.2 | hardy-security/main
<kees> dnsmasq | 2.45-1ubuntu1.1 | intrepid-security/main
<kees> dnsmasq | 2.47-3ubuntu0.1 | jaunty-security/main
<kees> dnsmasq | 2.50-1          | karmic/main
<szczym> giovani: im running 8.10 server
<giovani> http://packages.ubuntu.com/jaunty/dnsmasq
<giovani> it says universe there
<giovani> szczym: you said you were talking about the desktop metapackage ... not a server
<szczym> giovani: where i could found a fix for server version lsusb ?
<giovani> szczym: sorry, I didn't mean to direct that towards you -- you had a similar length name containing nearly random-looking characters starting with s as slestak
<kees> giovani: the binary package "dnsmasq" is in universe, yes.  dnsmasq-base is in main, so the source package "dnsmasq" is in main
<martinjh99> Do I have to do anything else to enable mod_rewrite for things like gallery2 and drupal?  I did a2enmod mod_rewrite and restarted the server and nothing seems to work...
<kees> giovani: why it's installed, I'm not sure
<giovani> kees: ok, that's not dnsmasq though
<giovani> that's dnsmasq-base
<kees> giovani: try apt-get remove dnsmasq and see what else it tries to remove?
<giovani> kees: it's not my question/issue, direct it at slestak
<slestak> i will try that, im the one obsessing over this
<kees> slestak: heh, okay
<slestak> i was about to install dnsmasq on a 9.04 machine, and saw that it was already present.  then i checked some of my other machines and it was installed (although not configured) everywhere
<szczym> giovani: ok, sorry, mistake. but do you have any clue about that lsusb issue ? where i could look for help ?
<martinjh99> never mind - Found a forum post about it...
<giovani> szczym: no, I would've replied to your requests for help if I did
<szczym> giovani: sorry
<martinjh99> Followed the instructions here for enabling mod_rewrite and restarted the sever and it hasn't seemed to work... Anyone know how to enable?
<martinjh99> http://ubuntuforums.org/showthread.php?t=377410
<martinjh99> anybody here ;)?
<smoser> jdstrand, you know of a way to replace passwd entry in /etc/shadow with '!' (other than with awk or sed)... more looking for a 'chpasswd' like option that would just allow indication that this users password should be not set
<Hypnoz> you can set their default shell to /bin/false in /etc/passwd
<jdstrand> smoser: would 'passwd -l' fit the bill?
<smoser> i dont want to prevent login, only password based login, Hypnoz
<smoser> thats what i need, jdstrand. thanks.
<Hypnoz> ah good find
<smoser> a big 'duh' to me for not considering 'passwd'
<mushroomblue> is there a way to make sudo ask for the root password?
<jdstrand> :)
<jdstrand> mushroomblue: rootpw
<mushroomblue> I really hate having superusers by default.
<jdstrand> mushroomblue: see 'man sudoers'
<smoser> mushroomblue, really only the first user is superuser, no? default adduser doesn't put the user in admin
<jdstrand> mushroomblue: you'll of course need to actually set a password for the root user
<mushroomblue> right.
<smoser> if the user is not found in sudoers than they'll be prompted for root passwd
<jdstrand> smoser: they are prompted for their own password
<jdstrand> unless you use 'rootpw'
<Hypnoz> he's right, man sudoers and search for rootpw
<smoser> ah... i thought that default if not found was just to propmt for root passwd
<smoser> rather than just asking them for their password and then saying "no"
<jdstrand> smoser: wait, I think I misunderstood your statement
<Hypnoz> it gives some goofy message like "user not found in sudoers, reported to administrator"
<jdstrand> smoser: if the user is not in sudoers (eg not in the 'admin' group), you are prompted for the root password
<jdstrand> rootpw is for forcing users in sudoers to use a rootpw instead of their own
<smoser> jdstrand, i think you're wrong.
<smoser> :)
 * jdstrand should have read smoser's comment more closely
<smoser> at least in my test just now
<smoser> i have a user 'test', which is not in admin, and not mentioned at all in /etc/sudoers
<jdstrand> well, I just tried here
<smoser> if i become that user, and then type 'sudo ls'
<acemo> virtualmin gives the error: The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed. should i just disable suexec or move the virtualmin base directory to /var/www?
<smoser> $ sudo ls
<smoser> [sudo] password for test:
<smoser> test is not in the sudoers file.  This incident will be reported.
<Hypnoz> yep. If they're not in the sudoers they aren't allowed to sudo. But I think you can add to sudoers with the "rootpw" option like jdstrand was saying
<jdstrand> smoser: wouldn't you know, the user I tested *was* in the sudoers file and had rootpw (even though there isn't a root passwd set). Isn't that goofy... goes to fix that
<jdstrand> so I was both right and wrong :P
 * jdstrand will go back into his hole now
<smoser> it is kind of silly to prompt the user for their password and then say "ha ha, you cant do it anyway"
<jdstrand> smoser: I stand by my first 'rootpw' statement :)
<smoser> yes. i think that is correct.
<smoser> (and you verified :)
<mushroomblue> hrm.
<jdstrand> that was a truly ancient entry in my sudoers file...
<Hypnoz> smoser, linux seems like it doesn't like to give away info, so I would guess that it doesn't tell you the account isn't in sudoers until you type the right password, maybe to slow down hackers finding sudo accounts
<smoser> Hypnoz, yeah, that is reasonable.
<smoser> jdstrand, just fyi, it appears that chpasswd will also take a '!' token to indicate disable
<jdstrand> smoser: be careful with that one-- lest you introduce http://www.ubuntu.com/usn/usn-670-1
<jdstrand> but yes
<mushroomblue> another question. is it possible to make a user sudo to another user by default?
<mushroomblue> i.e. I want an unprivileged user able to sudo to another user with admin privs, then sudo to root
<pwnguin> what's that gain?
<mdz> smoser, soren, zul, jjohansen: I'm not sure i'm entirely in agreement with erichammond with regard to supporting arbitrary AMIs.  That's not something we should break without consideration, but our first priority should be to provide a complete, official stack
<zul> mdz: agreed
<mushroomblue> pwnguin: ultra-paranoid. box has been compromised a few times, and I want to make their job as hard as possible.
<guntbert> mushroomblue: if you want to play with sudo - please read man sudo and man sudoers
<mushroomblue> I was previously using NX to solve some of this.
<mushroomblue> guntbert: I am. :)
<mushroomblue> thanks, tho.
<smoser> mdz, i think everyone is in agreement there.
<smoser> its just "nice to have"
<smoser> "wishlist"
<mdz> smoser, zul, ok, sorry I missed the original discussion. eric seems to have disconnected
<mdz> smoser, could you follow up by email to make sure we close the loop?
<smoser> mdz, i thought the above was fairly clear from him
<smoser> " It would also make Canonical a hero if the kernels happened to work well with other Linux distros (the current tester is using Fedora 11).  That last is obviously not a requirement, but if a simple decision makes it more possible "
<smoser> 'happened to work well' and 'not a requirement'...
<mdz> smoser, oh, ok, thanks
<mdz> smoser, I had scanned the beginning of my scrollback and it looked like he had left already
<mdz> that looks fine
<smoser> kirkland, do man pages search no longer work at http://people.canonical.com/~kirkland/search.html
<smoser> or, rather, they dont seem to work for me.
<kirkland> smoser: hmm, you're right
<kirkland> smoser: i'll have a look at that
<qman__> mushroomblue, be aware that if you set a root password and you run sshd, you will probably want to change the sshd config to disable root logons
<qman__> the default setting allows root logons, but since root doesn't have a password, root can't log on
<mushroomblue> qman__: already done. thanks. :)
<erichammond> mdz: (scanned the logs)  I agree with smoser that you and I are in agreement :)
<erichammond> smozer: When I say "images built by users" I'm not just talking about rebundled Canonical images, but also images built with vmbuilder (and for the time being, with ec2ubuntu-build-ami which many folks are using and which I can update as needed to work short term with the new kernels).
<erichammond> There are also some commercial services which let users build Ubuntu images including CohesiveFT's elasticserver.org and rBuilder at rpath.org
<mathiaz> zul_: these are the dependencis that get pulled in when installing puppet - http://paste.ubuntu.com/268775/
<mathiaz> zul_: are these the one you were looking at when filling the MIR for puppet?
<Hypnoz1> Sun has these new NAS arrays, the 7000 series, the firmware on them is awful. Heads on them randomly fail over, disks randomly go offline. Steer clear, they are a good price but you get what you pay for...
<Hypnoz1> Sun is trying though, they're releasing updates constantly. I'm sure in a year or two the things will be solid
<Hypnoz1> but I feel like a damn beta tester for their product
<addison> hmm, what method of backup do you all prefer
<KillMeNow> Hypnoz1:  you actually PAID them to beta test their product
<KillMeNow> addison:  depends on your server
<KillMeNow> what types of files you're backing up
<KillMeNow> etc etc
<addison> well, one server is actually running moodle, mysql db and then just the data frontend
<Hypnoz1> haha yes we did. I am starting to realize why sun stock is worthless
<kirkland> jbernard_: howdy
<jbernard_> kirkland: hey man!
<kirkland> jbernard_: okay, so you're interested in working on alfresco
<kirkland> jbernard_: currently, iamfuzz is the canonical engineer who's been working on getting alfresco-community into the canonical partner archive
<jbernard_> kirkland: yep, im wondering what it takes to get it from the partner archive into universe
<kirkland> jbernard_: we'd like to get it into multiverse, for karmic, ideally
<kirkland> jbernard_: gotcha...
<kirkland> jbernard_: okay, so we're currently waiting on a few licensing clarifications from alfresco, to make sure that we have the rights to redistribute all of the included jars
<kirkland> jbernard_: i expect we'll get a new tarball from alfresco by monday
<kirkland> jbernard_: the other thing is sun-jdk has been dropped from karmic
<kirkland> jbernard_: alfresco says that they need sunjdk, we've asked for a list of issues that they have with openjdk
<jbernard_> kirkland: do we expect to have the licensing ambiguities clear up in that release?
<kirkland> jbernard_: we're waiting to hear back on that one
<kirkland> jbernard_: yes, the licensing issues are relatively straightforward, i don't see a problem
<kirkland> jbernard_: step two will be ensuring that it builds and runs against openjdk
<kirkland> jbernard_: step three will probably extend beyond karmic, and into karmic+1
<jbernard_> kirkland: yes, sunjdk is removed for karmic, as i recall
<kirkland> jbernard_: ideally, alfresco would *not* include all these jars, but instead depend on packaged versions of each in ubuntu, distributed like any other package
<kirkland> jbernard_: the way we handle this same situation for thousands of C and Python packages ;-)
<kirkland> jbernard_: see the work ttx did on eucalyptus in the last two cycles
<jbernard_> kirkland: are the sub-packages required for karmic?
<kirkland> jbernard_: it's impossible to accomplish by karmic
<kirkland> jbernard_: this part is a karmic+1 target for delivery
<jbernard_> kirkland: so just openjdk verification/debugging
<kirkland> jbernard_: but there's nothing wrong with starting on that after the openjdk task is done
<kirkland> jbernard_: right
<kirkland> jbernard_: meet iamfuzz
<kirkland> jbernard_: iamfuzz  is the canonical engineer who's been working on alfresco up until now
<kirkland> jbernard_: he's done a good job laying the foundation
<iamfuzz> jbernard_, Hi there, glad to have someone helping out on testing
<kirkland> and there's plenty more work to do ;-)
<iamfuzz> indeed
<iamfuzz> especially the JAR work for karmic+1
<jbernard_> iamfuzz: hello, im interested in helping out
<iamfuzz> I went through all the JARs we don't have and will be sending out a list on Monday
<kirkland> iamfuzz: i'm hoping jbernard_ can help prune some of those jars out, package them individually, and make runtime dependencies out of them
<kirkland> iamfuzz: can we start capturing all of this in a wiki page or something?
<jbernard_> iamfuzz: can you copy me on that list?
<kirkland> iamfuzz: now that there are a few cooks in the kitchen?
<iamfuzz> kirkland, will do, Jared is supposed to send me a definitive list to compare against my work
<iamfuzz> jbernard_, will do, what's your email?
<jbernard_> iamfuzz: bernardj@gmail.com
<iamfuzz> jbernard_, I'll go ahead and send a link to the PPA I'm uploading to now (it'll be a bit as my upstream is circa 1996ish)
<kirkland> iamfuzz: you could create an ubuntu-alfresco team in LP, if you so desire ;-)
<iamfuzz> kirkland, we have one, it's alfresco-isv
<kirkland> iamfuzz: ah
<jbernard_> iamfuzz: so monday the tarball should arive with the licensing cleared up, an we can begin verifying it on openjdk, is that basically the plan?
<jbernard_> iamfuzz: have you done any openjdk testing with the current partner deb?
<iamfuzz> jbernard_, basically, I just sent you an email about it.
<iamfuzz> aside from the licensing stuff, the package should run fine now
<jbernard_> got it
<iamfuzz> and no, very little testing against openjdk as I just found out yesterday Sun java is out
<iamfuzz> I did compile against it and it compiled fine, but would still only run against sun-java-6
<iamfuzz> however, this was the openjdk in Hardy, so it could work fine now
<jbernard_> does there exist any kind of testing framework?
<iamfuzz> yes, some automated, some not.  We are to receive that on monday as well
<jbernard_> awesome
<iamfuzz> we're ina  bit of scramble mode since I found out about sun-java being booted
<jbernard_> i can imagine :)
<kirkland> jbernard_: fyi, openjdk in karmic >> hardy
<iamfuzz> I was under the impressionw e would just release against it for karmic and then do everything proper like in universe for karmic+1
<iamfuzz> but that all changed :-)
<jbernard_> does it make sense to test the current partner deb against openjdk now, or just wait for the release on monday?
<iamfuzz> kirkland, jbernard_ I'm off all next week as well :-)
<iamfuzz> just to add to the fun
<kirkland> jbernard_: i'd suggest starting with the upload iamfuzz  is pushing to his ppa right now
<iamfuzz> jbernard_, whichever way you want to do it, but don't test the partner DEB, it bundles swftools, use the one I'm uploading now to my PPA
<kirkland> iamfuzz: correct me if i'm wrong, but i expect that upload to be more recent than the one in partner
<iamfuzz> kirkland, yes, mainly just the removing of swftools
<jbernard_> iamfuzz: ok, will do
<kirkland> mathiaz: around?
<mathiaz> kirkland: yeeeesss!!!!
<mathiaz> kirkland: are you around?
<kirkland> mathiaz: what's supposed to provide /etc/mysql/debian.cnf ?
<kirkland> mathiaz: you bet ;-)
<mathiaz> kirkland: zhee unmissable mysql-zerver-5.1 peickage!
<mathiaz> kirkland: well - it's a generated file
<mathiaz> kirkland: by the post install script
<kirkland> mathiaz: hrm
<mathiaz> kirkland: there is a special user added to mysql - debian-sys-maint that used by the init script to check the status
<mathiaz> kirkland: and shutdown mysql correctly
<kirkland> mathiaz: okay
<kirkland> mathiaz: i'm trying to get wordpress working
<mathiaz> kirkland: /etc/mysql/debian.cnf is used to store the credential of said user
<kirkland> mathiaz: its setup script is failing, looking for that .cnf file, which doesn't exist
<kirkland> mathiaz: and mysql-server isn't installed
<kirkland> mathiaz: i'm trying that now
<mathiaz> kirkland: is mysql-server-5.{0|1} installed?
<mathiaz> kirkland: mysql-server is just a meta-package that pulls in the latest mysql-server
<kirkland> mathiaz: nope. installing that now
<kirkland> mathiaz: i'm installing 5.1
<mathiaz> kirkland: right - that should help
<kirkland> mathiaz: okay
<mathiaz> kirkland: are you using the workpress package?
<ahe> i just got curious about the alfresco appliance
<ahe> what do you plan to build around alfresco to give it the blackbox feel of an appliance?
<KillMeNow> don't forget to install php5-mysql
<soren> kirkland: Man, grub2 is complicated!
<soren> kirkland: ...for a Xen image it shoudln
<soren> t matter, though?
#ubuntu-server 2009-09-11
<Bookman> I'm pretty new to this whole remote ssh computing.  How do I copy a file from one computer to another using ssh access in terminal?
<domas> scp file computer:
<ahe> Bookman: scp file user@computer:/path/where/to/put/the/file
<domas> my method is shorter!
 * domas giggles
<Bookman> Thank you kindly.
<Bookman> That is from local to remote, correct?  How about reverse?
<Bookman> A simple reverse would work?
<Bookman> scp user@computer:/file file
<ahe> yes
<erichammond> rsync -Paz localfile user@computer:/remotefile
<erichammond>  rsync -Paz user@computer:/remotefile localfile
<erichammond> :)
<Bookman> lots of ways, eh?
<erichammond> rsync can do compression and is super-smart about updating files which have minor changes.
<Hypnoz1> also rsync is smarter about copying symlinked directories
<Bookman> hmmm....having trouble with scp though.
<Hypnoz1> probably need to to do -r to have it copy recursively if you're doing directories
<Hypnoz1> what issue are you seeing with scp?
<Bookman> I'm having trouble copying a file with spaces in the name.
<Bookman> I have it between quotes
<Bookman> Here is what I tried http://pastebin.ca/1561630
<Hypnoz1> ya spaces in scp is a mess, I sometimes end up using *
<Bookman> Just a wildcard?
<Hypnoz1> I had that same issue a few days ago and never got it figured out, just did the wildcard to get the dir
<Hypnoz1> should be able to \ before the space right
<Hypnoz1> that would make too much sense though
<Bookman> I guess I can rename the file.....
<Bookman> Not sure if I have those permissions in that directory though.
<Hypnoz1> might try to google a little about scp with a space in the filename
<Hypnoz1> or use some wildcards to get it
<Hypnoz1> just replace each space with a * it should be ok
<Hypnoz1> gotta go, good luck
<Bookman> Thanks!
<Bookman> Anyone else know how to scp a file with spaces in its name?
<KillMeNow> you need to escape the spaces
<Bookman> I tried that
<KillMeNow> here is a link:  http://www.thingy-ma-jig.co.uk/blog/14-05-2007/how-to-scp-a-path-with-spaces
<Bookman> Ah, let me try again.....
<Bookman> KillMeNow: Thank you kindly.  Got it.  PITA though.
<soren> mdeslaur: C version of HOTP and TOTP done.
<KillMeNow> yes it is
<qman__> I'm pretty sure you can use quotes, but you have to format it like this
<qman__> scp -r user@host:"/path/to/file" user@host:"/path/to/file"
<Bookman> No problem, escaping the spaces works.  I just have to remember.
<Bookman> Thank you all for your help this evening.  Much appreciated.
<mdeslaur> soren: you rock :)
<smoser> soren, around ?
<smoser> Bookman, other option is probably to use lftp . i dont know why, but recently i'm really high on how nice lftp is (it supports scp)
<Bookman> I have to look that up!
<pmatulis> smoser: i wonder whether adding an application layer on top of ssh is a good thing
<smoser> pmatulis, i dont really understand.
<smoser> lftp does some really nice things. tab completion, caching of server side data. it does these things for http, ftp, ftps, https, ssh . really helpful.
<pmatulis> smoser: well if you connect with keys you're entrusting them with another program
<smoser> the one major benefit of it is 'pget' (parallel get)
<smoser> which does multiple opens/concurrent downloads . on high bandwidth and high latency links (like my cable modem) 5 parallel gets scales almost linearly in many cases.
<smoser> pmatulis, lftp meerly invokes ssh.
<smoser> so i dont think you're entrusting it to the key more than any other app that could potentially read it from ~/.ssh/...
<smoser> (at least i know for "fish" support it invokes ssh).
<pmatulis> smoser: i guess it's a matter of principle, it's the reason why i don't use gui programs to "help" me with my keys, it's bad enough the ssh-agent invokes some weird sub-process (seahorse-agent?)
<pmatulis> but thanks for the info on lftp and scp.  didn't know that
<robd> Hey guys
<robd> Can I use the default Ubuntu server ISO or the alternate install ISO and define my own boot args?
<robd> I'm trying to use my own preseeding file and I'd really rather not have to setup a TFTP server and all that jazz... Can I just use the media you guys provide?
<robd> At the moment I'm not sure how to just edit the boot parameters on the cd
<robd> Is there an easy way to break out of the retarded isolinux gui?
<kahrg> Heya, so I have a mini server play around that I am taking to class and I have only a network card installed on it (eth port burned up) I managed to get the wireless card on, but i do not know how to manage its connection through terminal. Is there a tool to help me do this?
<kahrg> Only has a wireless card i mean
<twb> kahrg: that depends on what wifi infrastructure you have installed.
<twb> If NetworkManager is installed, for example, you must talk to it using XML via dbus.
<twb> If only wpa-supplicant is installed, and you have configured it as a "wpa-roam" interface in /etc/network/interfaces as described in wpasupplicant's README.Debian, then you can use the wpa_cli and wpa_action to talk to it like a shell.
<aubre> hey , is the vmware support just announced by Eucalyptus only available in their commercial product, or is it coming to UEC as well?
<ball> I have a site with a small LAN (about ten workstations give or take a laptop or three).  We pay someone off site to host our Web site and email.  Given suitable hardware, would Ubuntu Server enable us to bring Web hosting and email in-house, as well as hosting our document files?
<ScottK> ball: Yes, but suitable also includes, connectivity, backups, offsite storage, and a lot of other stuff too.
 * ball nods
<ball> rsync is great for off-site backups.
<ball> ...also need to replace my tape drive :-/
<ball> What about easy administration?
<KurtKraut> ball, to host a website or an email server it would be rather important to have a static IP address and low demand on traffic on those services.
<ball> KurtKraut: we have that.
<KurtKraut> ball, the IP address has a reverse domain?
<ball> KurtKraut: Not recently, but in the past I've had a domain pointed to it.
<ball> (we would again)
<ScottK> soren: python-mhash accepted.  Some packaging improvements can be found in Bug #427692.  Please review and upload if you're good with the changes.
<uvirtbot> Launchpad bug 427692 in python-mhash "Please build python-mhash for all supported Python versions" [Undecided,New] https://launchpad.net/bugs/427692
<error404notfound> is there a way i can log all commands executed by any user on shell and then email those to a certain email address at the end of day, delete the log?
<ScottK> soren: I acceptedt the binaries that were done too.
 * ball thinks about giving up
<twb> IMO it's not worth the hassle of maintaining your own hardware in your own office.
<twb> Particularly here in .au, where bandwidth is expensive.
<twb> If I had a company, I'd stick the website and MTA on a VPS in .us, that I have root on.
<giovani> twb: depends on who your web audience is, right?
<twb> giovani: yes
<giovani> clearly if 99% of your visitors are .au -- then you won't want to be hosting in .us
<twb> Mainly I just hate dealing with read hardware :-)
<twb> *real
<giovani> abstractionist!
<giovani> vpses are evil
<twb> Certainly most VPS technology I've seen has been evil
<giovani> and it's all totally insecure
<giovani> I mean, I wouldn't trust any security-sensitive server on a virtualized system at this point
<twb> giovani: web and mail are sensitive now? ;-)
<cef> also depends on where the majority of your mail is going. if it's predominantly internal, having a mail server at your office makes sense (esp. given how expensive bandwidth is here)
<giovani> twb: depends on what they're hosting, right?
<twb> giovani: yep
<giovani> for us, mail is critical security-wise
<twb> end-to-end s/mime? ;-)
<giovani> depends on the individual
<giovani> but yes
<giovani> and everything is tlsed with client certs
<giovani> mail is only accessible from within the network, no webmail, etc
<giovani> vpn in is your only option
<giovani> and only authorized devices can vpn in
<twb> Local hosting is also a lot nicer if you have a dedicated machine room with a rack, proper ac, proper case, hot-swappable drives, etc.
<cef> volume is what kills it for us.. and why we host our own mail. that said, we've thought about hosting the primary MX outside and having it do the main grunt of spam/whatever (and face the brunt of DDOS), and then forward stuff to the real server here at the office
<twb> As opposed to a lot of what I am exposed to, which is an ATX tower stuck under someone's desk
<giovani> haha
<giovani> yeah, that would suck, twb
<cef> heh.. ours are ATX towers stuck on desks next to the rack cos the rack is full. ;)
<twb> It's hard to justify rack mounting when your client only has a dozen staff
<giovani> twb: I've rack mounted for companies of 2
<ball> twb: I dunno, it's nice to keep things tidy
<twb> giovani: yeah, but in YOUR rack, or their rack?
<giovani> theirs
<ball> ...same rack-mount UPS are expensive though
<ball> s/same/shame/
<giovani> I had them buy a 22U half-height locking APC cab
<giovani> and we installed 2 servers, 1 router, 1 switch, 1 patch panel
<twb> giovani: yeah, that could work
<giovani> fully locked, and controlled
<giovani> environmental monitoring, etc
<giovani> I've never visited the site since
<giovani> it's all IPMI managed
<twb> A lot of our customers are also running FC3 or CentOS4.2 still, too :-/
<giovani> yeah, that company I have running ubuntu
<twb> Set up by the previous generation of sysadmins
<giovani> yeah, at my day job ... we have a shitton of that
<giovani> 1,100 servers
<giovani> set up over the past 10 years
<twb> I tell myself "at least it's not solaris"
<giovani> 90% of it from the past 3 years
<twb> Or AIX
<ball> Is there some way to make Ubuntu Server easy to manage?
<giovani> heh
<ball> (for my successor?)
<giovani> yeah, learn to use linux
<twb> ball: document what you're doing
<twb> esp. etckeeper
<ball> twb: I don't know what an etckeeper is.
<twb> ball: apt-get install etckeeper
<twb> It keeps a history of /etc in version control
<ball> I don't have Ubuntu Server installed on a production machine.  I've thought about it, but I'm worried about the people who come after me.
<twb> ball: what are you using instead?
<ball> NetBSD.  Need to replace that, obviously.
<twb> Heh.
<twb> One of our customers has half a dozen staff... each has a FreeBSD workstation, which is also running part of their core services
<giovani> awesome
<giovani> we do that too
<twb> e.g. one is running NFS, one is running NIS, etc.
<giovani> we have desktops that trade a few million dollars
<giovani> it's horrific
<twb> And their last admin compiled stuff from source, with his own patches, "to make it more secure"
<giovani> twb: ... sure ... why wouldn't you?
<ball> twb: did he leave you the source?
 * JanC wants to know IPs to blacklist certain companies  :P
<twb> ball: I dunno, I'm not directly involved with those poor bastards
<giovani> JanC: blacklist for what reason?
<ball> twb: that seems like something to be thankful for.
<twb> Yeah... mostly I work on building desktop SoEs for use by remanded prisoners in DoJ gaols.  Requirements elicitation and security analysis is FUN.
<giovani> how do you do your "security analysis"?
<twb> As is getting new copies of the SoE onto their airgapped network
<twb> giovani: mainly by proactively adding layers and layers of cruft
<giovani> how is that analysis?
<giovani> analysis isn't action ... it's passive
<twb> Like removing gettys and xterms and gedit to make it harder to write sh scripts.
<giovani> oh god
<twb> giovani: yeah, OK, so not analysis
<giovani> I'm so going to break into a prison network just to prove a point
<twb> You can still write sh scripts using oowriter and putting "exec >output" at the top, saving them in /tmp (which isn't mounted -o noexec), and then chmodding and executing them in nautilus.
<JanC> well, if you have a mail client, you can always mail scripts and save them  ;-)
<giovani> twb: why would I have oowriter or nautilus on a server?
<twb> giovani: this is on the desktop
<giovani> oh, why do you care if people write shell scripts?
<twb> The server I have managed to prevent them putting x on at all, thank the gods.
<twb> giovani: like I said, layers and layers of cruft
<giovani> but why do you care?
<twb> If they can write their own sh scripts, they are one step closer to getting root on the local desktop.
<giovani> what is the shell script going to do?
<giovani> uh
<giovani> that's just false
<twb> Once they get root on the local desktop, they can remove the local firewall
<giovani> this is a disconnected chain of events
<giovani> anything you can write in a shell script file can be written directly into a bash shell -- trying to prevent them from writing to a file is foolish and simply security theater
<giovani> there's nothing in a shell script that's dangerous
<twb> They have no tty, so they can't run bash interactively.
<giovani> it's just a series of commands they can type manually
<giovani> twb: they don't have a shell? that's unlikely if they can start x
<twb> They have a *shell*, they don't have a terminal to run it in.
<giovani> this is a windows-like view on security
<giovani> there is nothing dangerous in a shell
<giovani> please stop this silliness
<twb> That's just one layer.
<giovani> no, it's not a layer
<giovani> it's theater
<giovani> "if they can't -see- the command line, then they clearly can't use it!"
<giovani> it's absurd
<twb> No, it just means it takes them longer to see the output
<giovani> no, it doesn't
<giovani> anyway, why can't I single-user the machine?
<twb> eh?
<giovani> reboot it and place it into single user
<giovani> change the root password, and now I own the box
<twb> Because you'd need to open the case to reset the BIOS password
<giovani> period
<twb> Or to boot it off local media
<giovani> the bios is not related to single user mode
<giovani> the boot manager is
<giovani> most bioses have generic passwords anyway
<twb> The bootloader (pxelinux) does not allow you to change anything on the client side.
<giovani> ok, so I either use a generic bios password, or I pop the jumper
<giovani> now what?
<giovani> I still own the box
<twb> You can't open the case without a torx screwdriver.
<giovani> right, because I can't buy those at any hardware store
<twb> giovani: not if you're in prison
<giovani> you've placed all the wrong security measures
<giovani> oh this is a prisoner-accessed computer?
<giovani> I thought it was just a regular computer in the prison
<twb> As I said initially, this SOE is for remanded prisoners.
<giovani> I don't know what SOE is
<twb> SOE just means a standardized environment
<JanC> twb: considering that prisoners succeed in getting knives, files, mobile phones, drugs, etc., why not a torx screwdriver?  ;-)
<giovani> you don't even need a torx screwdriver to take off a torx screw
<twb> JanC: OK, so smuggle in a torx screwdriver AND a hard disk with an OS on it
<ball> Do you use ltsp terminals?
<giovani> a flat piece of metal of the right size will work fine
<twb> ball: no, but something broadly similar
<ball> Sun Ray? ;-)
<twb> ball: custom x86 hardware and a netbootized version of the LTS desktop live CD
<ball> twb: Ah, there you go.
<ball> I'm thinking of rolling out ltsp, but I'm worried about ongoing support.
<twb> ball: I would like to switch to LTSP, but right now it's a little too much effort.
<JanC> twb: honestly, I'm sure this setup is 99.9% secure, but I won't bet any money on it unless it's never used without supervision...
<giovani> heh
<giovani> 99.9%?
<giovani> are you smoking crack?
<JanC> no, I'm just making up a number  :P
<giovani> it sounds very inadaquately secure
<JanC> and I think it's mostly secure considering most users probably don't know the difference between IE & the internet
<twb> Certainly the system we *replaced* was a bunch of Windows desktops
<twb> Where some guy's entire job was to go around opening them up, checking for contraband, putting them back together, reinstalling Windows
<JanC> lol
<twb> I would *like* to spend more time locking it down more, but what we've rolled out is orders of magnitude tighter than what they had
<JanC> and it's probably possible to automaticly detect tampering if you want too
<twb> Yeah, that'd be good.
<uvirtbot> New bug: #427718 in samba (main) "owner of sticky directory cannot delete files created by others" [Undecided,New] https://launchpad.net/bugs/427718
<uvirtbot> New bug: #418112 in qemu "qemu-img should give reasons for failing" [Wishlist,In progress] https://launchpad.net/bugs/418112
<PecisDarbs> How to change a limit of UNIX sockets within Ubuntu system?
<PecisDarbs> googling it, but can't find it
<twb> PecisDarbs: man limits?
<twb> man limits.conf, rather.
<twb> But that doesn't seem to cover it, so I guess it's an option in the kernel?
<PecisDarbs> yes
<PecisDarbs> but I can't find it
<PecisDarbs> twb: limits.conf is for files
<twb> Well, it also specifies core size and fork count, for example
<twb> Doesn't matter
<PecisDarbs> it specifies amount of memory how much you can use on socket messages
<PecisDarbs> I think you can create as much sockets as you want
<twb> btw, HOW do you create sockets?
<twb> I couldn't work it out the other day
<PecisDarbs> in application or from command line?
<soren> twb: You just start listening on them.
<twb> soren: I mean when the socket file doesn't exist yet
<soren> So do I
<twb> qemu didn't like that
<twb> e.g. qemu -serial unix:/tmp/x
<soren> twb: It tries to /connnect/, not listen.
<soren> qemu -serial unix:/tmp/x,server
<soren> is what you ant.
<soren> want, even.
<twb> soren: oh, duh, thanks
<twb> As it happens, I found -serial pty was more awesome
<twb> Then connect to it with "screen pts/27"
 * soren lunches
<stas> hi, anybody knows about how can i obtain stats from an apt mirror?
<stas> I have an apt mirror, and would like to see the monthly hits
<Jeeves_> stas: awstats?
<Jeeves_> wc ?
<stas> Jeeves_: I got it nevermind. I used visitors :)
<ahasenack> Sam-I-Am: hey
<ahasenack> Sam-I-Am: are you still having problems with sudo+ldap in karmic?
<uvirtbot> New bug: #427826 in openvpn (universe) "openvpn 2.1~rc7-1ubuntu3.5 bug" [Undecided,New] https://launchpad.net/bugs/427826
<mdeslaur> kirkland: thank you for your manpages.ubuntu.com...I use it every week.
<kirkland> mdeslaur: :-)  awesome!
<kirkland> mdeslaur: i have a new one for you, in case you're interested ...
<kirkland> mdeslaur: linuxsearch.org
<kirkland> mdeslaur: helps find resources across several linux distributions
<kirkland> mdeslaur: ie, you can search for a bug, and then narrow that search to ubuntu, fedora, debian, gentoo, etc
<kirkland> mdeslaur: really helps me as upstream maintainer of projects, and ubuntu maintainer of certain packages
<mdeslaur> kirkland: wow...that is _so_ cool
<kirkland> mdeslaur: :-)
<mdeslaur> kirkland: your site?
<kirkland> mdeslaur: yeah
<mdeslaur> cool
<rtg> kees, lool - can one of you guys gimme some MIR review for linux-ec2? bug #427658
<uvirtbot> Launchpad bug 427658 in ubuntu "Main Inclusion Request: linux-ec2" [Undecided,New] https://launchpad.net/bugs/427658
<ScottK> soren: Thanks for quickly following up on my suggestions about mhash.  You're correct that the XS-foo doesn't make a practical difference in this case, but from a python packaging best practices case it is preferred to have it there.
<lool> rtg: not even in the archive!
<lool> rtg: And I dont see it in NEW
<Sam-I-Am> ahasenack: not particularly with ldap, but sudo itself... that weird permission denied issue
<ahasenack> Sam-I-Am: ah, so you narrowed it down. I ask because I was just messing around with sudo-ldap yesterday and it's working
<ahasenack> at least for my test case
<Sam-I-Am> yeah
<Sam-I-Am> the things i've found broken with ldap enabled in nsswitch.conf (but not necessarily used) are su, sudo, and passwd
<Sam-I-Am> so whether or not i have sudoers: ldap doesnt seem to matter... but passwd: ldap does
<ahasenack> Sam-I-Am: you still using "compat" there? Tried changing it to "files"?
<Sam-I-Am> tried both
<Sam-I-Am> ordering sometimes fixes one or the other
<Sam-I-Am> spent most of last friday banging my head on the desk trying to figure out why my PAM passwd stack wasnt working... turns out passwd could not write /etc/.pwd.lock
<Sam-I-Am> unless i called passwd as root
<Sam-I-Am> which is strange since passwd is suid root
<soren> ScottK: No worries. Thanks for pointing it out.
<smoser> soren, ping.
<smoser> uec/ec2 images failed last night.
<uvirtbot> New bug: #427873 in qemu-kvm (main) "Please enable vde support" [Wishlist,New] https://launchpad.net/bugs/427873
<smoser> package dependency problems
<smoser> http://pastebin.com/f6e968b36
<soren> smoser: We should be shipping the euca2tools anyway.
<smoser> well the issues are greater than that
<smoser> ruby is not able to be installed? curl? upstart?
<soren> I would't worry that much about it. Archive inconsistencies are not rare in development releases.
<smoser> i will agree that we should ship euca2ools
<smoser> i wouldn't have noticed other than i was hoping to put a new set of images up with the new kernels
<ScottK> smoser: You can always check http://people.canonical.com/~ubuntu-archive/testing/karmic_probs.html and if you see the same issues there (e.g. upstart in this case) you know this issue isn't unique to your images.
<smoser> ScottK, thanks for that link
<soren> I don't believe that's the issue we're seeing, really. I don't think only main is enabled at that point of the ubild.
<soren> build,even.
<soren> smoser: I can't see what else it would be, though.
<smoser> soren, i'm going to re-try here in a bit from my account
<soren> smoser: alright. chances are it will just work.
<smoser> yeah.
<smoser> soren, please look at that bug i requested sponsorship of . it currently is marked as alpha6 milestone
<soren> smoser: Can you push them as branches on Launchpad? That makes my life so much easier.
<smoser> soren, yeah, easy enough
<smoser> let me do that.
<soren> smoser: ta
<uvirtbot> New bug: #427842 in openldap (main) "[karmic] frontend DB needs ACLs for base="" and cn=schema" [Wishlist,Triaged] https://launchpad.net/bugs/427842
<ruben23> hi anyone used zimbra opensource email system.
<smoser> soren, branches for karmic and trunk attached to bug 420581
<uvirtbot> smoser: Bug 420581 on http://launchpad.net/bugs/420581 is private
<smoser> well pfft to you uvirtbot
<niemeyer> Morning guys
 * ball waves
<niemeyer> soren: Does this ring any bells:
<niemeyer> $ euca-describe-images
<niemeyer> Warning: failed to parse error message from AWS: <unknown>:1:0: syntax error
<niemeyer> EC2ResponseError: 403 Forbidden
<smoser> niemeyer, what do you have for EC2_URL ?
<niemeyer> smoser: Some background: this was working fine, and it suddenly stopped working
<niemeyer> smoser: No changes in the configuration or anything
<niemeyer> If I login to the admin interface, it works..
<niemeyer> I then ask for a credentials zip file, and it returns a 0 bytes file
<rtg> lool, its never been clear to me that you're supposed to upload a package prior to MIR review. will do so now.
<smoser> niemeyer, so this is not ec2. i didn't know if you were talking ec2 or uec/eucalyptus
<niemeyer> smoser: Oh, yeah, it's Eucalyptus indeed
<lool> rtg: The process is a) upload source b) NEW source and binary c) MIR d) seed e) promotion
<lool> rtg: The problem with MIRing stuff in NEW or out of archive is that the uploaded thing can differ and we cant even compare them
<rtg> lool, ok, it'll be uploaded in a bit
<lool> What did you expect me to review exactly?   :-)
<rtg> lool, well, slangasek wanted an MIR before I uploaded the ec2 kernel package. pro forma?
<lool> Odd
<lool> slangasek: ^ I dont understand how we're supposed to review such a MIR
<rtg> lool, linux-ec2 uploaded
<lool> rtg: I prefer getting to it when it's through NEW in case it gets rejected + reuploaded
<lool> I dont think there's any hurry anyway; we can promote before MIRing
<rtg> ok, its the server dudes taht are hot for this
<lool> Yeah the server team certainly knows how to keep us busy with MIRs   ;-)
<zul> lool: sorry
<zul> my bad
<lool> zul: Eh I'm just kidding
<lool> It's certainly right to file MIRs
<zul> lool: yeah so am i
<KRyPTyK> Good morning all! Does anyone have experience with FOG imaging on Ubuntu Server?
<smoser> soren, i'm hitting the same error now as the nightly hit earlier
<soren> smoser: Interesting.
<smoser> or a bummer, depends on how you look at it
<smoser> its definitely not a universe/multiverse-not-enabled issue
<smoser> ec2-ami-tools is in multiverse
<soren> Precisely.
<smoser> ruby is in main
<soren> Oh!
<soren> I know what's wrong.
<soren> Look further up in the build log
<soren> 2009-09-11 05:12:42,243
<smoser> yep
<soren> It's the upstart thing.
<soren> It'll get fixed shortly. No doubt.
<slangasek> lool: you're supposed to decide whether it's reasonable to add another kernel source package to main, because I don't want that on me :)
<lool> A trap.
<lool> I'll pretend I dont know what linux-ec2 til I'm forced to keep my eye lids open
<smoser> ec2 is a trap. there is no doubt about that
<smoser> jjohansen1, are we to have the karmic-kernel/ec2 status meeting in 3 minutes here?
<jjohansen1> smoser: yes
<zul> succobus
<zul> hey rtg
<rtg> zul, dude
<soren> smoser: I thought those were at 1700 UTC?
<jjohansen1> it is 16:00 UTC shall we begin the EC2 kernel status meeting
<soren> jjohansen1: No,it'snot.
<jjohansen1> soren: no, I messed up the mail, and put 16:00 GMT but we are doing 16:00 UTC
<soren> That's an hour from now.
<soren> Really
<jjohansen1> ah, my bad.  I am messed up
<smoser> well i helped
<smoser> sorry
<soren> Who's representing the server team at the release team meeting?
<jjohansen1> np.
<apw> 16:00 GMT == 16:00 UTC by definition
 * smoser lifts soren's hand
<jjohansen1> we should just do the meeting now, so it doesn't conflict with the release team meeting
<soren> smoser: Gah, I hate that.
<apw> th release meeting is now
<soren> jjohansen1: Hahah.
<soren> jjohansen1: Dude.
<soren> jjohansen1: The release team meeting is now.
<jjohansen1> apw: hrmm, for some reason I thought that was an hour later
<jjohansen1> ah the joys of pain
 * soren puts "A UTC clock for jjohansen1" on his shopping list for christmas
<jjohansen1> and still being half asleep
<apw> nope they are both the same, we are however on BST right now, which means 16:00 GMT/UTC re now +1
<jjohansen1> apw: right, that is part of what messed me up
<smoser> apw, strictly UTC is an atomic time scale which only approximates GMT with a tolerance of 0.9 second.
<smoser> just to be a jerk
<apw> they are however in the same timezone :)
<jjohansen1> hehe
<apw> and utc is of course french so we have to hate it
<tarvid> vsftpd 530 Login incorrect. problem
<tarvid> jaunty
<tarvid> user has a local account with shell /bin/false
<tarvid> is this a pam problem?
<zul> yes
<zul> apw: the french hate everything
<apw> very true
<tarvid> any way to use local auth?
<soren> smoser: I actually haven't tested whether we can boot now with no user-data. Have you?
<smoser> no. its on the list today to publish a karmic nightly and use new karmic kernels also
<soren> smoser: I've tested the bits and pieces unit test style,but not a full "intregration test".
<smoser> yeah
<smoser> soren, you have suggestions on http://pastebin.com/f33bc2571
<smoser> thats from a attempt at a hardy build
<soren> smoser: The hardy builds need the ppa to work.
<smoser> i hate nectarine
<smoser> i knew it needed the ppa, but didn't think about the fact that it couldn't get there
<smoser> soren, maybe you can explain to me why (back to the karmic build failure)
<smoser> ['/usr/sbin/debootstrap', '--arch=i386', 'karmic', '/tmp/vmbuilderxwUgID/root', 'http://archive.ubuntu.com/ubuntu']
<smoser> would return success, after "Failure while configuring base packages."
<smoser> seems like that is wrong
<soren> Because debootstrap only pulls from main, and right now, upstart has a dependency in universe.
<smoser> i didn't ask why it would fail
<soren> oh,sorry :)
<smoser> i asked why it would fail and return success
<soren> Oh,sorry, started typing after your first line :)
<smoser> does debootstrap have general issues like that ?
<soren> I'm not sure. I'd ask Colin.
<soren> Well, no, I would probably stare at code for a few hours, but I /should/ ask Colin :)
<smoser> the scary thing is if apt is returning success to debootstrap
<smoser> as thats a largeer problem
<soren> smoser: debootstrap does not use apt.
<smoser> oh. wow.
<soren> smoser: It's the thing that installs apt :)
<smoser> i figured it installed apt, then started using it
<soren> No. Once apt works, debootstrap is done.
<soren> (de facto, not de jure)
<niemeyer> ARGH
<niemeyer> Eucalytpus stopped again.. :-(
<soren> Which part of it?
<niemeyer> soren: The same error I mentioned about euca-describe-images
<niemeyer> soren: I can't manage to bring it back to a usable state after this
<soren> niemeyer: How'd you fix it last time? Reinstall?
<niemeyer> soren: Yeah, remove, rip everything off, reinstall
<soren> niemeyer: All components or only cloud controlleR?
<soren> niemeyer: Can you check if your cluster controller is running?
<soren> niemeyer: And node controller?
<niemeyer> soren: Hmm
<niemeyer> soren: Only cloud controller.. I've only got it running
<niemeyer> soren: Or rather, only what /etc/init.d/eucalyptus-cloud starts
<soren> niemeyer: Oh.
<soren> niemeyer: Then I'm not sure, really.
<niemeyer> soren: They continue running, but wedged
<niemeyer> soren: I can login to the admin interface, for instance
<soren> niemeyer: They?
<macrocosm> Anyone have a tip on the safest way to email blast my leads without getting my IP blacklisted?  I have a legitimate cleaned list but still precautions are always good with email ..something that breaks it over multiple cron runs would be nice too.  Googling came up with a bunch of junk
<niemeyer> soren: But if I ask for my credentials, it returns an empty file
<niemeyer> soren: Yeah, there are multiple things running (ports 8443, 8773, 9001)
<niemeyer> soren: Ok, I'll try to capture someone from Eucalyptus to see if they want to debug it, next time it wedges
<clusty> any of you using puppet to manage confs?
<clusty> i am getting a hell of a time trying to get it running on server 9.04
<clusty> godamn certs are killing me
<soren> clusty: I use it a little bit.
<clusty> soren, i am getting cert not trusted
<clusty> on client
<clusty> cannot even get the barindead sudoes example running
<soren> Haven't seen that, sorry.
<clusty> got proper dns working on LAN ?
<clusty> curious if that is to be blamed
<uvirtbot> New bug: #424459 in eucalyptus (main) "Temporary file vulnerability in euca_conf" [Low,Triaged] https://launchpad.net/bugs/424459
 * soren dinners
<smoser> soren, so if we put lib6-xen into ec2 images, i would presume some negative affect on said images as kvm
<smoser> i'm guessing conflict with libc6
<clusty> do you guys use clusterssh?
<cemc> clusty: cssh ? I did a little bit
<clusty> cemc, i cannot get it running
<cemc> what does it say?
<cemc> it needs X
<clusty> crap. now i don;t have vnc running
<clusty> sec
<clusty> cemc, well first of all how do i specify list of machines i want to ssh into?
<cemc> clusty: cssh machine1 machine2 ...
<cemc> then it will open 1 command window, and one window for every machine
<Hypnoz> I'm not sure exactly what clusterssh does, but I use a tool called DSH to run commands on large groups of servers at once
<Hypnoz> its easy, $ dsh -f allmachines.list -- 'command'
<Hypnoz> then it runs the command on every machine in the list
<clusty> Hypnoz, works as you type?
<Hypnoz> not sure what that means
<clusty> cemc, warning unkown host <IP>
<clusty> Hypnoz, i mean is like demultiplexing keyboard
<clusty> typeing in 10 windows at once
<Hypnoz> oh, no
<Hypnoz> its just for sending one time commands to remote machines, its not streaming
<cemc> clusty: unknown host? it mean you didn't specify the hostname correctly I guess
<ScottK> cemc: You probably saw, the qpsmtpd backport got done, so I think we are all up to date now.
<vlazar_> cemc, WARNING: unknown host 192.168.0.201 (see -i switch, or ignore_host_errors in .csshrc) - ignoring
<clusty> that is me :D
<clusty> this is from both the command line
<clusty> and cloicking add host
<cemc> clusty: I don't use any .csshrc, I just run the command like this: cssh host1 host2 hostn
<clusty> cemc, me neither
<clusty> anyways fok it
<clusty> my patience is thin today
<clusty> thanks for help
<cemc> should work and it's really nice, IF you have a bunch of really similar servers
<clusty> cemc, they are identical
<clusty> :D
<clusty> 9 of them
<cemc> because every keystroke gets replicated to every server
<cemc> ScottK: yep, I saw, nice ;) I'll look at the php stuff this weekend
<jmedina> morning
<clusty> moin
<Hypnoz> would be nice if there was a tool like that for command line
<Hypnoz> instead of being a gui tool
<cemc> it would be harder to display all the server'
<cemc> s terminals ;)
<clusty> a small question: what is the permission number for this mode?
<clusty> -rw-r--r--
<clusty> ?
<smoser> jjohansen1, zul either of you have a minute to poke at bug 427288 ?
<clusty> u+wr a+r :D
<uvirtbot> Launchpad bug 427288 in linux "Karmic i386 EC2 kernel emulating unsupported memory accesses" [High,Triaged] https://launchpad.net/bugs/427288
<zul> smoser, jjohansen1 was working on it
<smoser> well, the plan was for me to test if simply installing libc6-xen fixed it. and it doesn't.  i definitely have it installed, but it appears to not be being picked up.  at least not used by the init process
<smoser> wanted to see if either of you wanted to poke at the system and maybe find out why
<erichammond> smoser: Did you also remove -i686 and add the nosegneg thing?
<erichammond> er, remove libc6-i686
<smoser> neither.
<smoser> :)
<erichammond> I got to the instructions in ec2ubuntu-build-ami through years of research, tips from others, and trial and error.  I don't always remember which statements fix which problems.
<smoser> yeah. hopefully we dont have to remove libc6-i686
<erichammond> For a long time I used to remove /lib/tls but then one day a simple apt-get upgrade broke the system: http://groups.google.com/group/ec2ubuntu/browse_thread/thread/1a3fd33f04766361/8f82524bd298a4a2
<erichammond> Please make sure that the sample perl command in that message works with the solution you end up with or things will be broken.
<smoser> erichammond, thats a great post, thanks.
<apw> smoser, the divert stuff at the end is also interesting
<uvirtbot> New bug: #277114 in vsftpd (main) "vsftpd quits when there's no working internet connection" [Undecided,Invalid] https://launchpad.net/bugs/277114
<niemeyer> soren: Do you know where libomxmlsec was moved to (was in librampart in 9.04)
<domas> hiii! what is the easiest way to reseed random?
<domas> whatever I do, gpg seems to wait for random stuff forever
<domas> 'reseed' in a loop doesn't help (it just sets urandom as far as I understand)
<uvirtbot> New bug: #271555 in vsftpd (main) "vsftpd: hard coded /home/ftp install breaks in NFS environment" [Undecided,Fix released] https://launchpad.net/bugs/271555
<uvirtbot> New bug: #308946 in vsftpd (main) "GnuTLS error" [Undecided,Incomplete] https://launchpad.net/bugs/308946
 * domas looks at sysctls
<domas> hmmm, apt-get install rng-tools
<domas> rngd -r /dev/urandom \o/
<Hypnoz> could you reseed random by tail -f /dev/urandom ?
<Hypnoz> hmm doesn't work like I thought it would
<Hypnoz> cat /dev/urandom does though
<Hypnoz> that rng-tools looks interesting if i used /dev/random for anything
<erichammond> apw, smoser: The xen-divert-tls-libc approach requires the user to always use that command to do upgrades which is not an acceptable solution to force on unsuspecting EC2 users.
<apw> erichammond, not sure it does, doen't it only go wrong if we add files to libs
<apw> libc?  i would expect it to mean when you see the libc files installing shove them over here instead
<smoser> that was my understanding (obviosly either my read of it or the doc could be wrong)
<erichammond> apw, smoser: The problem is that upgrades to libc6 can restore /lib/tls breaking the system.  The divert approach requires you to know this is going to happen and run a command before and after upgrading libc6.
<uvirtbot> New bug: #427553 in bind9 (main) "bind9 fails to start on boot" [Undecided,New] https://launchpad.net/bugs/427553
 * apw tries to imaging uvirtbot on #u-k ... it'd be like a torrent
<smoser> "But if a libc upgrade contains a new file for /lib/tls"
<erichammond> smoser: Fair 'nuff.
<erichammond> Still requires the user to know what's going on in a system that is not configured like normal Ubuntu.
<smoser> erichammond, the interest in it is because i really dont want to uninstall libc6-i686. right now our ec2 images are identical for ec2 and uec. that would penalize uec (i'm not exaclyt sure of the effects, but at very least, libc6-i686 is part of "ubuntu-minimal" metapackage which the images are installing at the moment
<smoser> i'm not sure how likely a libc upgrade including a new file in /lib/tls is over a given release (ignoring change-in-release upgrades at the moment)
<smoser> ec2 networking is completely random
<smoser> i do a wget of a file, and i get ~ 300k or something. then, using axel, it sustains better than 1.5M for 500M file
<erichammond> smoser: A year ago a simple "apt-get upgrade" broke Hardy servers on EC2.  It wasn't my favorite time.
<smoser> well, for some of the threads at least
<smoser> erichammond, zul do you have any ideas why canonicals hardy images do not have this issue ?
<zul> because its using libc6-xen
<erichammond> smoser: If Xen needs something different from KVM, then you may need different images.
<_nofear> Hi guys, does anyone know a good tutorial on what configuration must be done to authenticate a user in an OpenLDAP server?
<smoser> erichammond, well, yeah, but thats what we're trying to avoid :)
<erichammond> Or different bootup
<erichammond> nah, that's probably impossible with libc6
<mushroomblue> _nofear: do you have the server already set up?
<_nofear> mushroomblue: yes, I can authenticate Windows users with Samba already.
<Hypnoz> I forgot which link got me there, but I went through these 4
<Hypnoz> http://beginlinux.com/server_training/server-managment-topics/1016-ldap-server-on-ubuntu-804
<Hypnoz> http://linuxadministration.us/2008/05/17/ubuntu-804-hardy-ldap-client/
<Hypnoz> http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch31_:_Centralized_Logins_Using_LDAP_and_RADIUS
<Hypnoz> http://www.aselabs.com/articles.php?id=246&page=2&asesessid=fb756c0d4961f3f258c9927563f326f84cc89783
<mushroomblue> that'll do.
<_nofear> Hypnoz: thanks very much :)
<Hypnoz> the crappy part is the PAM files
<Hypnoz> if you don't set them up EXACTLY right, it fails
<_nofear> Hypnoz: That's exactly where I think I'm losing it.
<mushroomblue> yeah. that's my current issue.
<mushroomblue> you'd think someone would provide an updated LDAP howto that doesn't rely on slapd.conf
<Hypnoz> yep, i set up pam over and over in VM's till i got it working clean, it took forever
<mushroomblue> since it's now been deprecated.
<mushroomblue> "Ubuntu 7.10 was a nightmare when it came to setting up ldap"
<mushroomblue> lol. it's still a nightmare.
<Hypnoz> truth
<_nofear> Actually I gave setting this on Ubuntu, I'm using Debian 5 now.
<_nofear> *gave up
<uvirtbot> New bug: #425993 in samba (main) "Windows Network in Karmic" [Undecided,Incomplete] https://launchpad.net/bugs/425993
<domas> hypnoz: I have no idea why 'cat /dev/urandom > /dev/random' didn't work :)
<uvirtbot> New bug: #399199 in samba (main) "fstab cifs mounted drive won't write" [Undecided,New] https://launchpad.net/bugs/399199
<uvirtbot> New bug: #238684 in virt-manager (universe) "[patch?] alt-gr does not work inside kvm debian terminal" [Medium,Confirmed] https://launchpad.net/bugs/238684
<uvirtbot> New bug: #386372 in openssh (main) "sshd fails to execute PAM session modules on logout." [Undecided,New] https://launchpad.net/bugs/386372
<soren> niemeyer: I believe it's built into librampart or some such now.
<niemeyer> soren: Hmm.. euca 1.6 seems to depend on it still
<smoser> soren, quickliy glance at bug 426424 . you have opposition to that ?
<uvirtbot> Launchpad bug 426424 in vmbuilder "need md5sums created for uec-images" [Medium,Triaged] https://launchpad.net/bugs/426424
<NCommander> anyone here a SPARC wizard :-)?
<soren> niemeyer: Upstream, yes.
<soren> niemeyer: In Ubuntu, it shouldn
<soren> t.
<soren> niemeyer: We carry a patch to fix that.
<niemeyer> soren: Yeah, sorry, this was me trying to install from source to get a working environment somehow
<soren> niemeyer: There's a patch in the ubuntu source package. It uses quilt. Do you know how to find it?
<niemeyer> soren: I do, thanks.  I've just grabbed the apt-get source from it
<Hypnoz> _nofear:: are you still here, and interested in seeing how I set up my pam.d files for ldap?
<zul> NCommander: i used to be but that probably wont help you now
<soren> niemeyer: Alright, cool.
<niemeyer> soren: I got Neil giving a hand now, so will wait to see how this goes
<_nofear> Hypnoz: that sure won't hurt :)
<NCommander> zul, you know if a sunfire can be forced into proper TFTP booting?
<soren> niemeyer: IIRC, it's the debian/patches/04* one.
<NCommander> zul, I just had a kernel panic (or something) occur during a dist-upgrade, and the machine won't boot now
<Hypnoz> i'll paste them somewhere and link it to you, one sec
<zul> NCommander: stop-a doesnt work anymore?
<NCommander> Its a v120
<NCommander> zul, I can get into the PROM
<NCommander> zul, but it doesn't seem to want to talk to my TFTP server
<niemeyer> soren: Btw, I've reported the crazy behavior at #428010, just to keep track of it
<zul> NCommander: not sure :(
<NCommander> I can't remember how I forced Ubuntu onto it before (I had issues with this sunfire at installation)
 * NCommander is trying to fix ubuntu karmic on sun
<soren> bug 428010
<NCommander> Its a pity I didn't fix it BEFORE my SPARC decided to die
<uvirtbot> Launchpad bug 428010 in eucalyptus "Eucalyptus cloud controller stops working suddenly" [Undecided,New] https://launchpad.net/bugs/428010
<zul> NCommander: i got rid of my sparc's or more specific my wife got me to get rid of them
<NCommander> zul, they can be load :-/
<NCommander> The problem is my sunfire is the only thing that can do TTL serial, so I need IT to talk to an ARM development board I have
<zul> NCommander: especially when I had two sitting on my desk
<soren> smoser: Looks good to me.
<smoser> i do have one change to make to it
<smoser> i really, really hate sh -e
<smoser> in sh -e, the following is happily ignored:
<smoser> ( false )
<smoser> it can be fixed / worked around by:
<smoser> ( false ) || false
<smoser> so i'll append '|| false' to the end of those 2 gzip lines
<soren> smoser: That changed in bash recently, actually.
<smoser> changed to doing what it should you mean ?
<soren> Yes.
<smoser> someday i will fix that script (and others) to not use sh -e, but rather check and give error output themselves.
<soren> It happened to stumble upon this when debugging a kernel build issue with rtg last week.
<soren> "Last week"? Was it really last week?
<soren> It seems like a distant memory.
<smoser> i'm surprised they would intentionally change something like that
<Hypnoz> _nofear::  http://pastebin.com/d75fdac87
<Hypnoz> I know there's some stuff I'm missing, but if you have the server set up right, http://linuxadministration.us/2008/05/17/ubuntu-804-hardy-ldap-client/ should go a long way to getting some stuff resolved
<soren> smoser: They decided that the old behaviour was wrong.
<soren> smoser: I'm looking up the changelog entry.
<smoser> and anyone who depended on it should now be broken :)
<_nofear> Hypnoz: alright, thanks very much. I'll take a look, I guess I'm missing something to set on these files.
<soren> smoser: l.  Changed behavior of shell when -e option is in effect to reflect consensus of Posix shell standardization working group.
<smoser> ah. wow.
<smoser> so in theory dash should change too
<soren> smoser: dash will likely follow suit given the context.
<soren> right.
<soren> Eventually.
<smoser> change pushed.
<uvirtbot> New bug: #334588 in samba (main) "Don't get write permissions via smbmount on XP-Server, when the shared-folder-name has spaces" [Undecided,Incomplete] https://launchpad.net/bugs/334588
<J_P> Hi all..
<J_P> People, I install ubuntu server 9.04. and after install xorg and icewm. well, startx works ok. But resolutions are there in 1024x768, and I would like 800x600. But /etc/X11/xorg.conf is empty. where are the Xorg configurations ?
<J_P> anyone ?
<ScottK> J_P: It's off topic for ubuntu-server as we don't ship X.
<KillMeNow> http://ubuntuforums.org/showthread.php?t=83973
<KillMeNow> check that out
<KillMeNow> does that help?
<smoser> soren, on nectarine, can you update your automated-ec2-build directory ? you're at revision 5 and current is 7
<smoser> 2 things missing are md5sums and --lock-user
<soren> Feel free to do so yourself.
<soren> I'm about to head out.
<soren> Oh, right. You can't really, can you?
<soren> smoser: Done.
 * soren calls it a day (and week)
<smoser> well, i can...
<smoser> just have to ask sudo :)
<smoser> figured i'd be nice
<bobg> i am setting up a ldap server in jaunty and I am not finding much information about the new openldap /etc/slapd.d/ config method that jaunty uses by default.
<bobg> does anyone know of a "how to " on configuring openldap in jaunty?
<bobg> there are lots of how to's for older Ubuntus but that do not seem to apply any more
<ahasenack> mathiaz: fwiw, I just updated openldap-dit to use cn=config
<mathiaz> ahasenack: cool - thanks
<ahasenack> mathiaz: sample run in karmic: http://pastebin.ubuntu.com/269401/
<ahasenack> it was fun
<mathiaz> ahasenack: cool
<ahasenack> mathiaz: did you know that ldapdelete is not supported in cn=config?
<mathiaz> ahasenack: where are the admin tools now?
<mathiaz> ahasenack: hm - I thought so
<ahasenack> mathiaz: hmm, admin tools...?
<ahasenack> mathiaz: yeah, something to keep in mind and document, I may do it
<mathiaz> ahasenack: like - how do I add a user to this directory?
<mathiaz> ahasenack: a group?
<mathiaz> ahasenack: add  a user to a group?
<ahasenack> mathiaz: I will use smbldap-tools
<ahasenack> mathiaz: the structure is empty, it should be straight forward to use almost any tool out there, bar the "big" ones that want to take over the directory
<mathiaz> ahasenack: how would you manage the sudoer entries?
<ahasenack> mathiaz: ldapvi, apache directory studio, luma, gq
<ahasenack> mathiaz: not sure how a wrapper would look like, given that the official sudo admin tool is visudo
<ahasenack> i.e., a plain text editor
<bobg> how do you read the .gz files in the /usr/share/doc/... folders?
<ahasenack> bobg: less reads them
<bobg> ahasenack, thanks. It never ocured to me that less would decompress gz files. Thats a a lot easier that gunzup -> nano -> gzip :)
<ahasenack> welcome
<ahasenack> bobg: there is also zless in some distributions
<uvirtbot> New bug: #419590 in qemu-kvm "kvm core dump on hotplug (pci_add)" [Wishlist,Triaged] https://launchpad.net/bugs/419590
<tlyng> hmm, i'm reading up on eucalyptus, ubuntu and ec2. I'm pretty new with cloud computing, but do understand some of the terminology :) Amazon offer an EBS storage solution, what is Eucalyptus / Ubuntu's equivalent?
<Hypnoz> anyone know if M$ office can open an openoffice drawing file
<uvirtbot> New bug: #237635 in qemu (main) "qemu mouse and keyboard grab is an accessibility problem" [Medium,Triaged] https://launchpad.net/bugs/237635
<ahasenack> mathiaz: the karmic bind9 package is using the so called "dlz ldap" implementation/patch?
<ahasenack> mathiaz: have you ever used the bind9 ldap backend?
<mathiaz> ahasenack: I don't know
<mathiaz> ahasenack: I've never used it
<ahasenack> ok
<uvirtbot> New bug: #331331 in qemu "Non-root guest doesn't have permission to access sys-fs USB devices" [Wishlist,Won't fix] https://launchpad.net/bugs/331331
<clusty> got a small question: how can one install sun-java6-bin unattended?
<clusty> cause it bugs me about accepting license
<Hypnoz> get one of those rocking things with the water inside, and have it keep falling down and pecking on the Y key
<Hypnoz> I guess you would need two, one for Y and one for Enter, slightly staggered of course
<erichammond> Not sure who's building the EC2 images these days but had a suggestion for the manifest prefix which is currently: canonical-alphas-us/karmic-i386-alpha5.1.manifest.xml
<erichammond> Please include (1) the word "ubuntu" so that folks can find it when they search for that keyword, and (2) the date that the image was built so that folks know how fresh it is.
<ahasenack> mathiaz: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/227344 (which has a patch) is needed for ldap support in bind9
<uvirtbot> Launchpad bug 227344 in bind9 "bind-dlz and ldap api: invalid use of "%" character" [Undecided,Confirmed]
<mathiaz> lamont: ^^? does it make sense to include the patch?
<clusty> Hypnoz, not gonna work :D
<clusty> puppet needs to install package remotely
<erichammond> Ideally, all of these images would be using exactly the same format so that it is easy to scan down a sorted list and find the appropriate one.  Here's a proposed format: ubuntu-9.10-karmic-20090911-alpha5.1
<lamont> mathiaz: I've been waiting for upstream to fix it
<mathiaz> ahasenack: seems that poking upstream would get it included in debian/ubuntu
<lamont> mathiaz: I suppose I could also push it upstream
<ahasenack> mathiaz: the bug history shows that has not been working :)
<lamont> ahasenack: upstream refusing to accept it is a reason for me to choose to not diverge from upstream
<ahasenack> lamont: is dlz part of upstream? It's in contrib, no?
<ahasenack> lamont: and did upstream actually refuse?
<lamont> it's in the upstream tarball, in contrib - I didn't pull it from anywhere
<lamont> dunno if I've even ever asked
<lamont> my presumption being that dlz upstream was, you know, taking care of the code they'd gotten into the ISC distribution
<lamont> but yeah, history would tend to indicate that the code is being ignored
<ahasenack> lamont: I find it odd anyway. ./configure has an option to use it, but it's in contrib/
<ahasenack> lamont: so, it is in the code, but at the same time isn't
<lamont> contrib _is_ part of the code.  It's just explicitly not managed by ISC
<ahasenack> let me check how the real upstream for dlz is
<lamont> anyway, long week, runny nose, tired and almost thinking.  so... --> bed for now
 * ahasenack downloads from sourceforge
<ahasenack> lamont: fwiw, the *real* upstream didn't apply the patch either, that makes one wonder how well maintained this is
<uvirtbot> New bug: #341682 in qemu "Block I/O crashes after migration" [High,Fix committed] https://launchpad.net/bugs/341682
#ubuntu-server 2009-09-12
<uvirtbot> New bug: #391879 in qemu-kvm "migrate exec ignores exit status" [Wishlist,New] https://launchpad.net/bugs/391879
<uvirtbot> New bug: #392570 in kvm (universe) "kvm hanging on startup" [Low,Incomplete] https://launchpad.net/bugs/392570
<uvirtbot> New bug: #396219 in kvm (universe) "kvm guests hang after startup (dup-of: 393671)" [Undecided,New] https://launchpad.net/bugs/396219
<uvirtbot> New bug: #411709 in libvirt (main) "libvirt takes to long to start and kvm guests not always start" [Undecided,Incomplete] https://launchpad.net/bugs/411709
<uvirtbot> New bug: #419182 in kvm (universe) "Windows 7 can not find driver for es1370 card" [Undecided,Invalid] https://launchpad.net/bugs/419182
<uvirtbot> New bug: #428082 in kvm (universe) "Kernel 2.6.28-13 exposes interface causing libvirt to provide bad arguments to kvm and lock up win32 guest (dup-of: 393671)" [Undecided,New] https://launchpad.net/bugs/428082
<uvirtbot> New bug: #420320 in linux (main) "unhandled vm exit: 0x31" [High,Triaged] https://launchpad.net/bugs/420320
<uvirtbot> New bug: #421189 in kvm (universe) "package kvm-source 1:84+dfsg-0ubuntu12.3~intrepid1 failed to install/upgrade: subprocess post-installation script returned error exit status 101" [Low,Incomplete] https://launchpad.net/bugs/421189
<BoonamaI> I'm trying to establish an SSH connection remotely (On to Ubuntu Server). It works when I connect from inside the network. But when I try to connect from home via the interweb I can't connect. Now Ubuntu is behind a router. So I forwarded the ports to the server and contacted my ISP and they don't block ANY ports. Anyone have any idea what should I try next?
<KillMeNow> well are you local right now?
<BoonamaI> No
<KillMeNow> first i would check your IPtables on the machine
<KillMeNow> well if you're not local, then it's kinda fruitless
<KillMeNow> other than do a NMAP against your public interface
<BoonamaI> I'm kind of a newb with this tuff
<KillMeNow> only a couple possibilities...  ssh is listening on a different port than 22, IPTables is running and doesn't allow 22 TCP connects, Firewall is still blocking port 22
<BoonamaI> Do I check my IP tables from with linux or my router?
<Nafallo> BoonamaI: what address/ip are you trying to connect to?
<BoonamaI> I'm not that much of a newb
<KillMeNow> LOL
<Nafallo> ehrm
<Nafallo> right. so feel free to be without my help then.
<BoonamaI> ok
<BoonamaI> Alright I'll give those a shot
<KillMeNow> i think what Nafallo is asking, were you trying to connect to the public IP address of the firewall?
<Nafallo> yeah. and I also thought it would be worth doing an nc <ip> <port> from one of my servers
<BoonamaI> I was trying to connect to my router's address
<Nafallo> (if it wasn't in the RFC1918 address space)
<KillMeNow> ok
<KillMeNow> so maybe you can ask someone to do a NMAP to port scan 22
<KillMeNow> see if the port is open | filtered | closed
<BoonamaI> I checked with a port scnner website and it said it was stealthed
<BoonamaI> brb .. getting the ip
<sub> I'll assume that stealthed means filtered, as in blocked with a DROP rule and not a REJECT rule
<KillMeNow> yea, that's what i was thinking
<BoonamaI> So what would that mean exactly?
<KillMeNow> IPtables most likely
<Nafallo> ufw activated on the server I'd presume
<KillMeNow> that's what i'm thinking...  UFW = IPTables
<Nafallo> ehrm. no.
<Nafallo> ufw = frontend for iptabes
<Nafallo> s/be/ble/
<KillMeNow> ok, mr. picky
<KillMeNow> :oP
<BoonamaI> Oh actually I did open the port with ufw
<sub> So then you'll want to do two things: Verify the correct iptable rules (make sure it's allowing from all and not just addresses from the local network), and b) Check firewall/port forwarding rules on your router
<sub> NO, 3 things: Check the default gateway on the server
<Nafallo> and the firewall on the router, if any.
<sub> mmhmm
<KillMeNow> oh yea, forgot about the default gateway
<BoonamaI> WSorry but what do you mean the default gateway .. what setting should I be looking at?
<Nafallo> ip ro ls | grep default
<BoonamaI> alright
<BoonamaI> That will give me bunch of stuff to try out
<BoonamaI> Thanks guys!
<Nafallo> lol. I have a default route on the server I IRC from... that's odd.
<Nafallo> well. not odd, but unexpected :-)
<sub> How so?
<Nafallo> ospf added it :-)
<Nafallo> I normally don't bother with default routes :-P
<Nafallo> at least not on lumberjack and pony
<uvirtbot> New bug: #425206 in logwatch (universe) "Typo in exim filter script " [Undecided,New] https://launchpad.net/bugs/425206
<uvirtbot> New bug: #388520 in kvm "KVM (under Jaunty) virtual machine  OS win2008 cannot format qcow2 partition. Virtual machine crashes" [Medium,Fix released] https://launchpad.net/bugs/388520
<Bookman> How do I start a process on a remote server and leave it running when I log out via ssh?
<andresmujica> screen
<erichammond> nohup (or screen)
<Bookman> If someone responded, could they repeat as I had a system crash
<andresmujica> lol
<andresmujica> (22:28:45) erichammond: nohup (or screen)
<Bookman> ?
<Bookman> I read the man for nohup but I'm still not sure how to use it.
<andresmujica> nohup command
<Bookman> Yes, I understand it is a command.  How do I use it though?  Do I need an & after the command?  Can I interact with a GUI and then logoff and it will still run?
<andresmujica> i personally prefer screen,
<andresmujica> because you can start a screen
<andresmujica> start your process, disconnect from screen
<andresmujica> and later can access again to check how it's going.
<andresmujica> there's no need for the & after the command.. just nohup whateveryouwanttorun
<andresmujica> and it would left a nohup.out lying around so you can check the output later
<Bookman> I have to look up screen.
<Bookman> I only checked nohup
<incorrect> silly question, but does anyone know of a good way to test spam filters?
<djshotglass> is there any other way I can install ubuntu-server other than booting install cd? not one of my keyboard will let me select english when i boot from installer cd, so i cant get anywhere
<incorrect> djshotglass, you can always use pxe or debootstrap from a live cd
<incorrect> or you change change to english after you install
<djshotglass> i wish the language menu had a countdown
<djshotglass> keyboard would probably work after it :(
<djshotglass> how does pxe work
<djshotglass> when the machine is booting i see it say some stuff about pxe
<djshotglass> i guess i could just get a ps2 keyboard
<djshotglass> maybe that would work
<_3^3> hehe, I'm struggling how to install a package fro HTTP, without wget/curl/etc ;-)
<djshotglass> what distro you have that doesnt have wget
<djshotglass> or a package manager to install it with
<uvirtbot> New bug: #428350 in qemu-kvm (main) "FTBFS in pbuilder on amd64" [Undecided,New] https://launchpad.net/bugs/428350
<_3^3> djshotglass: well, rpm supports http installs, not dpkg
<_3^3> djshotglass: (and I have wget, just scripting download/removal/etc is _more_work_)
<_3^3> I think I'll make FUSE-based filesystem that fetches stuff from http!
<_3^3> dpkg -i /http/server/path/file.deb
<_3^3> \o/ sounds like plan9 or something
<uvirtbot> New bug: #403215 in qemu "2.6.31 guest vm's unable to use virtio" [Medium,Fix committed] https://launchpad.net/bugs/403215
<dvrcoder> anyone here knows why I have two copies of my slapd binaries, one in /usr/sbin and the other in /usr/local/sbin, the ones in /local/ being older?
<uvirtbot> New bug: #418473 in eucalyptus (main) "package eucalyptus-cloud eucalyptus-cloud_1.6~bzr452-0ubuntu3 fail to upgrade" [Undecided,Confirmed] https://launchpad.net/bugs/418473
<ruben23> hi
<ruben23> hi anyone setup zimbra here
<clusty> hey
<clusty> any1 around?
<clusty> i am still have some DNS issues on the local net. anybody willing to give me a hand?
<jack1> hello
<jack1> Could somebody help me?
<jack1> I want to create un server with a directory in which users could upload files but could not erase it, even the user's file. A solution?
<niels1> How can I create a snapshot of my ubuntu-server that I can open using vmware server? I would like to do this from the ubuntu-server commandline.
<trouserless> jackl do you mean upload via ftp or on a lan with samba?
<trouserless> nielsl: take a look at http://www.esxguide.com/esx/content/view/2/25/
<trouserless> createsnapshot halfway down
<trouserless> vmware-cmd createsnapshot name description quiesce memory
<niels1> trouserless: I wasn't aware of vmware-cmd - i was trying with vmware converter, thank you for the hint. Will report back later.
<trouserless> good luck
<twb> niels1: FYI there is also #vmware
<djshotglass> i need to install ubuntu-server without booting from installer cd, as none of my keyboards let me pick a language, which it asks once cd boots, and the fucking menu has no countdown to english
<djshotglass> what options do i have
<twb> djshotglass: you can boot from network, from hdd, from a USB mass storage device.
<djshotglass> if i booted say a gentoo live cd, is there a guide/tool i could use to install ubuntu-server to the hdd
<twb> I guess floppies might still work
<djshotglass> you miss the point, booting the installer WILL NOT WORK for me
<djshotglass> as i dont have a keyboard that it detects
<twb> Your best bet would probably be to make a USB install medium, and edit the syslinux.conf file on that to pre-answer the keyboard prompt
<twb> Or indeed to pre-answer all questions, in that case
<djshotglass> ah ;)
<djshotglass> didnt know you could do this
<ScottK> djshotglass: Did you try the alternate CD?
<djshotglass> win
<djshotglass> ScottK, i checked md5 of iso after downloading, and imgburn verified the cd after i burnt it
<djshotglass> cd is 100%
<twb> ScottK: alternate CD is the desktop installer... if djshotglass is installing ubuntu-server using the ubuntu-server install CD, he should get d-i anyway
<ScottK> twb: OK.  I was thinking it'd changed.
<twb> ScottK: sorry, maybe it has.  I mainly work with LTS
<twb> It's a pity that Ubuntu's d-i doesn't include GTK...
<ScottK> Apparently not.
<ScottK> (hasn't changed)
<djshotglass> u-s doesnt include a X system correct?
<djshotglass> i want a minimal install
<ScottK> That's correct
 * ScottK hasn't done a server install since ~ Hardy was released.
<twb> ubuntu-server does not have an X server (or clients) by default.
<twb> Nothing prevents you installing them.
<djshotglass> yeah, just didnt want to have to uninstall them
<twb> It's still not really MINIMAL... a bunch of stuff like less and w3m will be installed by default.
<djshotglass> yeah i just didnt want the bloated shit i experinced with kubuntu
<djshotglass> i cant find a guide on this usb install
<djshotglass> editing syslinux.conf etc
<twb> The Debian install guide covers various installation methods in its appendices.
<twb> It applies more or less unchanged to Ubuntu; I don't know if Ubuntu have copied the Debian install guides.
<djshotglass> http://www.debian.org/releases/lenny/i386/ ?
<twb> Dunno, looking
<twb> Yeah
<djshotglass> thanks
<twb> In particular appendix B.  Appendix D.3 is easy to screw up, so I don't recommend it
<twb> (D.3 is the approach: 03:24 <djshotglass> if i booted say a gentoo live cd, is there a guide/tool i could use to install ubuntu-server to the hdd
<djshotglass> ah :)
<djshotglass> so the preseed.cfg needs to be inside? ubuntu-9.04-server-i386.iso\install\initrd.gz
<djshotglass> or in ubuntu-9.04-server-i386.iso\install
<niels1> trouserless - is it possible that this is for windows only?
<niels1> trouserless - i am talking about the vmware-cmd tool you pointed out earlier.
<djshotglass> can someone pastebin /usr/share/zoneinfo/
<giovani> djshotglass: just an ls of it?
<djshotglass> yeah please
<giovani> what for?
<djshotglass> # You may set this to any valid setting for $TZ; see the contents of
<djshotglass> # /usr/share/zoneinfo/ for valid values.
<djshotglass> d-i time/zone string US/Eastern
<djshotglass> so i know what to set that to
<giovani> you set it to the same thing you'd set it to during the install
<giovani> what's your time zone?
<niels1> http://paste.ubuntu.com/269906/
<giovani> niels1: it's not going to give him the answer he wants
<djshotglass> ty niels1
<niels1> giovani: :-)
<giovani> djshotglass: once again -- you need to slow down and listen -- the directory listing won't provide the answer you need
<djshotglass> d-i debian-installer/locale string en_US
<djshotglass> is that incorrect?
<djshotglass> oops
<djshotglass> wrong one
<djshotglass> d-i time/zone string US/Pacific
<djshotglass> is that incorrect?
<djshotglass> u-s come with sshd?
<ScottK> djshotglass: Not in the standard install.  There's a tasksel option for it.
<ScottK> Default install of the base Ubuntu Server is delivered with no ports open to the outside world.
<jmarsden> djshotglass: Try something like    d-i pkgsel/include string openssh-server
<jmarsden> And more generally, read https://help.ubuntu.com/9.04/installation-guide/i386/appendix-preseed.html
<djshotglass> http://paste.ubuntu.com/269914/
<djshotglass> should do it
<djshotglass> i am reading that
<djshotglass> scroll up
<jmarsden> OK, well there is an line adding openssh-server in the pressed file that guide links to as an example.... :)
<jmarsden> So if you had read the example linked to by that article, you'd already have known how to add openssh-server ...
<djshotglass> its a debian guide, not ubuntu-server
<djshotglass> so i was asking if u-s had it or not
<djshotglass> the example is for debian
<djshotglass> not u-s
<djshotglass> please dont tell me what i did and didnt read
<djshotglass> it makes you sound ignorant :)
<jmarsden> Um.  Did you read it?  the example has d-i mirror/http/directory string /ubuntu so by definition it is not installing Debian.
<jmarsden> Now who didn't read it?
<jmarsden> Also tasksel tasksel/first multiselect ubuntu-desktop    -- does that look like a Debian example to you?
<jmarsden> djshotglass: I will leave it to others to determine who may or may not be ignorant here.  The evidence is that the example at https://help.ubuntu.com/9.04/installation-guide/example-preseed.txt is for Ubuntu. but you state it is for Debian (providing nothing by way of evidence or example to support your claim)...
 * djshotglass yawns
 * djshotglass gives you thumbs up
<djshotglass> # Suite to install.
<djshotglass> #d-i mirror/suite string &releasename;
<djshotglass> d-i mirror/suite string ubuntu-server?
<djshotglass> you're little guide doent even touch on this option
<jmarsden> ?  &releasename will turn into jaunty or karmic or whatever... the release name... the "suite" in Debian terminology.
<android60> I am trying to install from USB since i do not have a cd drive, and I get "THe CD-ROM drive contains a cd which cannot be used for installation" when it tries to detect and mount cdrom. I followed steps in wiki
<djshotglass> what about https://help.ubuntu.com/9.04/installation-guide/i386/preseed-contents.html#preseed-base-installer
<jmarsden> android60: Which page of which wiki?  And in particular, which CDROM image (.iso file) did you burn to that CD?
<djshotglass> d-i base-installer/kernel/linux/initramfs-generators string yaird or d-i base-installer/kernel/image string linux-generic
<android60> jmarsden: https://help.ubuntu.com/community/Installation/FromUSBStick . I want 9.10 server, but I have tried 9.04 alternate and another. the only one i can get to work is the regular ubuntu live cd
<djshotglass> tasksel tasksel/first multiselect ubuntu-desktop
<jmarsden> djshotglass: Just leave that commented out, I think... do you have a good reason to change the default there?
<djshotglass> will that install X?
<jmarsden> djshotglass: Yes, you want to change that if you are installing a server :)
 * djshotglass comments out
<jmarsden> tasksel --list will show you the tasks you can choose
<djshotglass> as for the base question, my keyboard doesnt work during install so im trying to uncomment/set everything
<djshotglass> so it doesnt ask me anything
<djshotglass> but if you think if i leave it commented it and it wont ask me about it i will leave it
<android60> djshotglass: so which image should i use?
<pmatulis>       /quit
<jmarsden> android60: OK, let me read that and see what I can figure out...
<jmarsden> djshotglass: Seems an unusual reason to use preseeding to me, but OK.  I'd try a new keyboard or maybe an older (PS/2) keyboard, if the current one is USB :)
<djshotglass> i dont have a ps/2
<djshotglass> tried every one in the house (all usb)
<djshotglass> debian and ubuntu-server are the only installers ever to give me a problem
<giovani> what kind of computer and keyboard?
<android60> jmarsden: i think i got it working now
<jmarsden> android60: OK, cool
<android60> on the unetbootin boot screen, i selected a straight install instead of default which i guess works around the mount problem
<jmarsden> djshotglass: Regarding that tasksel tasksel/first multiselect ubuntu-desktop, you may want to replace ubuntu-desktop with server    instead of commenting the line out.
<djshotglass> ok
<djshotglass> do i need to do anyhting but copy the contents of ubuntu-9.04-server-i386.iso to a usb stick and put my preseed.cfg in install/
<jmarsden> Probably... see the https://help.ubuntu.com/community/Installation/FromUSBStick info for USB boot info.
<djshotglass> ty
<jmarsden> I tend to be a traditionalist and use CD-RW or DVD-RW media rather than USB sticks for install tests, and then create a CD-R or DVD-R once I have one that works.
<blizzkid> lo all. what is in your opinion the best book about linux security (eg iptables)?
<giovani> blizzkid: you equate "linux security" to iptables?
<blizzkid> giovani: no, I see iptables as part of linux security
<giovani> hmm
<giovani> I wouldn't
<blizzkid> or to rephrase: linux/network security
<giovani> network security is an entire industry/discipline in itself
<blizzkid> ofcourse, but eg iptables is both linux and network...
<giovani> it sounds like you're looking for something all-in-one
<giovani> and, unfortunately, you'll just end up with a shitty book if you look for that
<giovani> blizzkid: so you want an iptable guide, or a book on security? they're totally different, imo
<giovani> iptables*
<blizzkid> I'm looking for one on security that covers ao iptables
<giovani> ok, well I'd advise not looking for that
<giovani> so if you'd like that, sorry, I can't help
<blizzkid> and a security one in general?
<giovani> so, security is a huge discipline ... I could recommend 5 or 6 books that offer a range of topics within security
<giovani> if you want to learn how to use iptables itself -- then you're better off with an online guide/howto -- it's really not very complex to do basic firewalling, and definitely doesn't need a book
<blizzkid> giovani: feel free to recommend all 5 of them ;)
<giovani> alright, let me sort through my list -- it'll take a few minutes
<blizzkid> np, you can pm me giovani I might be afk for a few minutes
<giovani> ok, so as my two intro-to-network-security books, I'd recommend these: Practical Unix & Internet Security and The Tao of Network Security Monitoring
<giovani> these are both theory-oriented, and not as much implementation-oriented -- this is on purpose -- I believe early on you should be focusing on concepts, and not tools
<giovani> both are not very modern -- and may be a tad out of date -- this isn't an issue with theory, in general
<jmarsden> Also see http://tldp.org/HOWTO/Reading-List-HOWTO/b80.html and the book "Real World Linux Security: Intrusion Prevention, Detection, and Recovery, 2nd edition, Bob Toxen, 2003, ISBN 0-13-046456-2, Prentice-Hall."  which is more practically oriented, if old now.
<blizzkid> k, I'll certainly have a look at all of them. Thx giovani!
<giovani> sigh, I so hate tool-oriented books
<giovani> even moreso ones that talk about "intrusion prevention" technology
<maek> whats the "thing" called that lets me prevent a pkg from getting upgraded when I run agt-get upgrade? pinning?
<giovani> apt-pinning
<maek> giovani: thanks
<giovani> no problem -- a google search for "pinning" would've shown you Apt-Pinning in the 2nd and 3rd results
<maek> ah, sorry. I wasnt sure if it was pinning. I spend most of my days in redhat land but got a new ubuntu server
<maek> I'm a bit confused is to bring in a new version with out upgrading everything that repo has to offer, and/or preventing something from upgrading? I want my php to stay the way it is regardless of there being an update available. thanks
<DragonLord> is it possible to install ubuntu-server (easy) on a 512Mb HDD?
<giovani> DragonLord: not unmodified, iirc
<DragonLord> any dist recmmendations for a 512Mb HDD, I just want to run ventrilo and a chat server I have written in Java
<giovani> DragonLord: unlikely that you can run ventrilo on a computer that has a 512MB hard drive
<giovani> it'd be ancient
<blizzkid> DragonLord: DSL?
<blizzkid> (Damn Small Linux)
<DragonLord> giovani, sorry I mean Ventrilo Server, not the client
<giovani> DragonLord: yes, I know that
<djshotglass> setup only detects usb stick im intalling from
<djshotglass> for a hdd to partition
<djshotglass> bios sees a 80gb hdd
<djshotglass> y not setup
<giovani> uh
<giovani> maybe the controller the drive is plugged into isn't supported
<djshotglass> ide
<giovani> yes, that doesn't tell us if the controller is supported
<blizzkid> djshotglass: that's like saying you have a diesel car when asked what brand of car you have
<mm_202> For a Colo server, running ubuntu server 8.04, with multiple domains (shared on one ip), what would be the easiest/best email package(s)?
<blizzkid> mm_202: I like postfix + dovecot best
<ScottK> That's also what's supported here.
<mm_202> blizzkid: okay, thanks.  On the ubuntu server docs, it mentions exim4, where would that fit in?
<blizzkid> mm_202: http://librenix.com/?inode=633
<ScottK> That's an alternative MTA (would replace Postfix) and it's in Main and has security support, but not what we cover in the server guide.
<ruben23> hi
<ruben23> anyone experience a linux box reboots itself
<ruben23> in a couple of mnutes
<giovani> look at the logs, ruben23
<giovani> it is most likely hardware-related unless there's something in the logs
<ruben23> giovani:what log would i be checking it..?
<guntbert> ruben23: start with /var/log/messages
<blizzkid> ruben23: I don't want to be rude... but should you be running Ubuntu if you ask _that_ question?
<ruben23> yes im on ubuntu..
<ruben23> LTS
<blizzkid> :S
<blizzkid> ruben23: that's not what I asked
<guntbert> blizzkid: you question *could* be more specific I guess - ubuntu (desktop) *is* intended for linux beginners - server is certainly not
<blizzkid> guntbert: since we're in -server I obviously implicitly mean -server
<blizzkid> and if the question was about desktop, it shouldn't have been asked here in the first place
<ScottK> You wouldn't have been the first to do it if you had though.
<ruben23> blizzkid: im doing it on a server platform
<blizzkid> ScottK: ??
<guntbert> blizzkid: right you are - I would have said "should you be running a server system...." - but thats just me of course
<blizzkid> guntbert: you're right, but he didn't get the question anyway ;)
<ScottK> It's not rare for people to show up here and ask desktop questions.
<blizzkid> ScottK: oh, yeah, that :) yeah, plain english seems to hard for some :)
<caribooredneck> Got problems setting up 8.04 Lts for virtual hosting as a testing server
<guntbert> ruben23: please don't think we want to discourage you - just make sure to keep you server strictly in a private network, and maybe read https://help.ubuntu.com/9.04/serverguide/C/index.html
<guntbert> *your server
<caribooredneck> still want access to the net in the future
<caribooredneck> I went through that and missing something
<guntbert> !details | caribooredneck
<ubottu> caribooredneck: Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<blizzkid> also !ask
<caribooredneck> Ubuntu 8.04 LTS
<blizzkid> caribooredneck: could you possibly phrase a question?
<caribooredneck> Trying to the name based virtual host, pardon me for being a dummy at this
<caribooredneck> I need to set up two web pages and want ot call them by name
<caribooredneck> to
<blizzkid> "trying to the name based virtual host".... I'm a polyglot myself, but I don't know a single language in which this is considered a question
<caribooredneck> What is the best way to go about it
<caribooredneck> sorry I would like to call named sites without going online?
<blizzkid> *sigh* Have you even _tried_ to look at some documentation?
<guntbert> caribooredneck: only to clarify: your server runs fine, has all the needed connectivity and you want to know how to configure your http server  (apache?) for name based virtual hosts
<caribooredneck> yuppers thanks for making the works for me
<blizzkid> caribooredneck: http://httpd.apache.org/docs/1.3/vhosts/ or http://httpd.apache.org/docs/2.0/vhosts/ depending on the version of apache you're running
<caribooredneck> running 2.2
<blizzkid> second link then
<blizzkid> I don't think there's much diff between 2.0 and 2.2 when it comes to virtual hosts anyway
<guntbert> caribooredneck: you *will* have to look at the docu yourself though, and then there is always #httpd
<caribooredneck> Yup thanks, the only place I did not look
<caribooredneck> Looked at many other ones, just got more confused
<caribooredneck> Got one more question that has be confused
<blizzkid> !ask caribooredneck
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<caribooredneck> LOL  I have server set to IP 192.168.1.66 Name myserver   Do I set up extra ip's per page?  Is that teh best way to go
<caribooredneck> the
<blizzkid> caribooredneck: _please_ read some _documentation_. Please.
<caribooredneck> I am, was just a question for advice if any one has done it before
<blizzkid> lots of people have done it before, and have documented it, that's why documentation exists in the first place
 * guntbert tosses a candy to blizzkid 
<caribooredneck> I know, everybody has their own opinion.  I was just getting confused by trying to many different ideas.  All I wanted to know, from past experiences which is the best and easiet to go?  Just looking for an opinion from those who have done this befor, as this is my first time
<blizzkid> lol guntbert. I just think people should 1. RTFM; 2. RTFM again; 3. RTFM once more; 4. Google; 5. Try; 6. come to irc
<caribooredneck> sorry for asking
<blizzkid> caribooredneck: I don't blame you for asking help, but it's very annoying to help people that don't seem to have searched docs/forum/...
<blizzkid> mind the "don't seem to"
<guntbert> blizzkid: I don't see it quite that way - a question on IRC often gives a good starting point/direction - but I agree that afterwards everyone should do the reading him/herself
<caribooredneck> I have been there for the last 2 hours, and could not find what I was looking for.  My problem is I am not sure how to ask teh question!
<caribooredneck> the
<blizzkid> guntbert: I guess it depends on the type of question... "Any advice on good security books?" is something completely different than "How do I install an app in Ubuntu?"
<guntbert> caribooredneck: you could start by going to www.apache.org, or search for: apache "name based" "virtual hosts"
<blizzkid> the first one is legit to ask on irc imho, since googling will not really help you there
<blizzkid> the second one is an easy google search that will show you many results
<blizzkid> obviously searching google is an art in itself
<caribooredneck> Thx I know about the google thing.  Sorry I am a dummy when it comes to this.  Been playing with this for 2 weeks on and off
<blizzkid> caribooredneck: don't apologize. The first thing you should do when learning something new, is read, read and read
<guntbert> blizzkid: yes - and I don't want to patronize - but still: ubuntu *should* mean something special (even on the server line - as long as nobody try to bring his server into the internet prematurely)
<guntbert> *tries **
<caribooredneck> I have read so much, that is why I am so confused.  One says this is the way to go, the other says this is the only way to go.  In the end neither worked
<blizzkid> caribooredneck: then you have obviously read the wrong books/sites/whatever ;)
<blizzkid> always start with the official documentation
<caribooredneck> I know that thanks to google
<blizzkid> guntbert: that's exactly the problem, Ubuntu _server_ is not meant for beginners, and beginners *should* read, read, read before they bring the server online
<blizzkid> unfortunately reading takes time, and people want instant satisfaction nowadays
<blizzkid> with all security issues coming with it
<caribooredneck> that is why I want if for testing offline first to learn it
<blizzkid> btw caribooredneck don't see my raging here as a personal attack, irc doesn't allow to express messages the way spoken word does
<caribooredneck> I have no problems with the reading and screwing things up. I just want to make sure I am screwing it up right................LOL
<caribooredneck> I understand your thoughts. I deal with it at my place of work everyday.
<guntbert> blizzkid: *very* true - but "not for linux beginners" can also mean "for beginning server admins" - and it was merely *our* attitude I wanted to question - (and I definitely said "our" and not "your") :-) - and before I get the !ot i let it be :-)
<blizzkid> guntbert: I won't give you the !ot ;) We seem to agree but express things slightly differently. Anyway, maybe there should be a channel #ubuntu-server-beginners or something like that
<caribooredneck> That would be good! So I don't feel so stupid asking these questions
<ScottK> blizzkid: This is supposed to be that channel.
<ScottK> (not only that, of course)
<blizzkid> but caribooredneck to give you one really good advice: google this: "howtoforge perfect server ubuntu"
<guntbert> blizzkid: good point - but I'd vote against splitting up - caribooredneck don't feel stupid for asking - its the "not asking" which makes us stupid
<maxb> caribooredneck: It would be easier for people to guide you if you were to ask very specific questions stating *exactly* what's not working - the more general the question, the more likely it is you'll be pointed to the documentation, because people don't want to type long essays into IRC that are already adequately covered in available documentation.
<blizzkid> ScottK: I know, but imho it should be split (like #ubuntu should be too), I'd prefer kind of a 1st, 2nd - 3rd level approach
<ScottK> blizzkid: It's an interesting theory, but I don't think it really works out in practice.
<caribooredneck> Been down that road, did not work.  I was missing something, not sure what.  It was set up to be an online server, not a LAN
<blizzkid> ScottK: imho it would (taken the 2nd and 3rd level would be invite channels)
 * guntbert calls it a night - bye
<blizzkid> caribooredneck: LAN or WAN setup is exactly the same
<blizzkid> nite guntbert
<caribooredneck> Thx guntbert for the smack upside the head    IT HELPED
<blizzkid> ScottK: take #ubuntu, try to ask a little more advanced question there... no-one will be able to help since 90% are beginners (nothing wrong with it obviously) and the other 10% is helping to answer basic questions
<ScottK> I don't have a good answer.  Splitting the channels has problems too.
<blizzkid> Ofcourse, perfection doesn't exist
<ScottK> Here I don't think it's so busy it's a big problem.
<blizzkid> true
<blizzkid> but then again, -server should be a little more advanced users, knowing they should do some research first (and if they have done so, show us they did)
<ScottK> That's why I added the link to the esr smart questions faq in /topic.
<ScottK> Not that it actually helps
<blizzkid> hehe, indeed, I wonder how many ppl actually read the topic
<caribooredneck> Thx guys think things are starting to make sense now as things are getting done the way I want.  Thx again for the smack upside the head to clear it out!
#ubuntu-server 2009-09-13
<djshotglass> aw snap
<djshotglass> ubuntu-server doesnt detect either of my wifi cards
<giovani> what chipsets are your wifi cards using?
<djshotglass> Atheros and RaLink
<giovani> uh, both should be detected
<giovani> dmesg | grep ath
<giovani> and lspci please
<giovani> pastebin both
<djshotglass> http://pastie.org/614977
<giovani> there's no pci-based wireless card pluggedi n
<djshotglass> lol there is defintly 2 pci wifi cards in the machine
<giovani> djshotglass: there definitely aren't
<djshotglass> want a picture?
<maxb> 00:09.0 Network controller: RaLink RT2500 802.11g Cardbus/mini-PCI (rev 01)
<giovani> the bios is either not presenting them
<djshotglass> i just installed wireless tools and i have a wlan0 in iwconfig
<giovani> oh, sorry, I was focusing on atheros
<djshotglass> Atheros card isnt there though
<giovani> isn't where?
<djshotglass> in iwconfig
<giovani> well that's probably because it's not recognized on your pci bus
<djshotglass> :/
<giovani> that's not linux's fault
<maxb> giovani: check dmesg for anything relevant
<maxb> oops
<maxb> djshotglass: I mean you
<djshotglass> ubuntu detected both cards, i chose ubuntu-server so i didnt have to mess around getting them to work lol
<djshotglass> (wanted to move machine to a desktopless os)
<giovani> what?
<giovani> why would ubuntu-server prevent you from having to "mess around to get them to work"?
<djshotglass> because ubuntu did :D
<giovani> well the ralink card is working, by your own admission
<giovani> I presume either your bios is wonky, the atheros card is dead, or it's not seated properly
<giovani> it will show up in lspci if it's on the pci bus, and functioning properly
<giovani> this is not an ubuntu/linux problem
<djshotglass> so you keep saying
<giovani> so you keep ignoring
<djshotglass> why do you assume i was ignoring you
<giovani> 19:19 < djshotglass> ubuntu detected both cards, i chose ubuntu-server so i didnt have to mess around getting them to work lol
<giovani> comments like that imply that you think this is ubuntu-related
<djshotglass> k i had ubunto installed everything worked great, installed ubuntu-server and now one card doesnt work
<giovani> sigh
<djshotglass> and this isnt relevent to ubuntu-server?
<giovani> nope
<djshotglass> give me some of your crack
<giovani> other things happened in between
<maxb> There is very little different between Ubuntu Desktop and Ubuntu Server that ought to affect basic hardware support like this
<djshotglass> thats what i thought
<djshotglass> why i chose it
<maxb> What version?
<djshotglass> 9.04
<maxb> Hmm.
<giovani> djshotglass: pastebin lsusb
<maxb> I wonder if any of the atheros related modules are even loaded
<maxb> lsmod | fgrep ath
<giovani> maxb: why would they be? they'd show up in dmesg
<maxb> oh, point
<giovani> and lspci would have to show the card if it's pci-based and recognized by the system
<giovani> there's an easy way to put his mind to rest though
<giovani> he can boot the ubuntu livecd and run lspci then
<djshotglass> guess pci slot 1 is fooked moved card to 3 and they both showed up
 * djshotglass repents
<giovani> ohh
<giovani> surprise surprise :)
<djshotglass> hmm
<djshotglass> http://pastie.org/614998
<djshotglass> now i cant ping google
<djshotglass> im such fail today
<djshotglass> eth0 is my lan router, wlan0 is ap1 wlan1 is ap2, ap 1 and 2 belong to friends 1 and 2
<djshotglass> i can ping the ap's
<djshotglass> if i jump on the aps with my laptop i can ping this machine
<djshotglass> and the net works when im on the ap with the latop
 * djshotglass grawls
<giovani> you need to specify the interface you want ping to use
<giovani> or remove some of your default routes
<giovani> you shouldn't have 3
<djshotglass> i was
<djshotglass> ping google.ca -I eth0
<djshotglass> ping google.ca -I wlan0
<djshotglass> ping google.ca -I wlan1
<djshotglass> none work
<djshotglass> how do i remote the wlans from default routes
<djshotglass> dhclient added them :/
<giovani> well what's the error when you run those commands?
<djshotglass> root@uber-slurpr:/home/dex# ping google.ca -I eth0
<djshotglass> PING google.ca (74.125.91.104) from 10.0.0.5 eth0: 56(84) bytes of data.
<djshotglass> just hangs there
<djshotglass> foreva
<giovani> ok, traceroute a specific ip
<giovani> like that one
<djshotglass> dont have traceroute installed
<giovani> alright, are you sure that your routers allow icmp through?
<djshotglass> i know eth0 does
<djshotglass> as i am on it right now and can ping
<djshotglass> apt doesnt have iproute2 or iproute :/
<djshotglass> o nvm apears to already be installed
<djshotglass> http://lartc.org/howto/lartc.rpdb.multiple-links.html
<djshotglass> trying to do this with my 2 wifi cards
<ball> djshotglass: are the links in different directions, or are you trying to use more bandwidth than your LAN supports on a single link?
<djshotglass> lol 2 different aps on 2 different modems
<ball> modems?
<djshotglass> i dont know what it means by IP network ($Pn_NET)
<djshotglass> yes, cable modems
<ball> ok
<ball> djshotglass: are they far apart?
<djshotglass> yes
<ball> ...in different directions?
<djshotglass> yes
<ball> That may help
<djshotglass> what does it mean by IP network ($Pn_NET)
<ball> Looks like an environment variable, but without knowing more about what you're doing, I shouldn't guess.
<djshotglass> lol
<djshotglass> http://lartc.org/howto/lartc.rpdb.multiple-links.html
<djshotglass> i dont know what it means by IP network ($Pn_NET)
<djshotglass> or why you asked me 101 questions about my situation when you have no idea either :p
<djshotglass> thanks anyway
<ball> djshotglass: hang on, I'll have a look at that link.
<ball> djshotglass: looks pretty straightforward to me. $Pn_NET means one of $P1_NET or $P2_NET
<ball> djshotglass: I've considered a similar arrangement.
<ball> ...with satellite Internet to back up a DSL line.
<ball> ...ideally I'd route things like file transfers through the satellite link leaving DSL free for VoIP, VNC etc.
<ball> ...but have it configured so that if either link goes down, all the traffic can be routed through the one that's working.
<djshotglass> I know $Pn_NET means one of $P1_NET or $P2_NET rofl as i made up $Pn_NET refering to $P1_NET and $P2_NET
<djshotglass> im asking what a "IP network" is
<djshotglass> or what that page means by "IP network"
<ball> djshotglass: if you don't know, then you should have someone else set this up... or perhaps sit through a short TCP/IP tutorial.
<djshotglass> i know my tcp/i[p
<ball> ...basically it's part of (or an implication of) an IP address.
<djshotglass> a range?
<ball> yes, sort of.
<djshotglass> example of a ipnetwork
<ball> The workstation I'm sitting in front of is 192.168.2.99
<ball> ...with a netmask of 255.255.255.0
<djshotglass> 192.168.2.0/8?
<ball> The IP network is 192.168.2.0
<djshotglass> ah ;0
<ball> (not /8)
<djshotglass> ic
<giovani>  /8? wtf?
<djshotglass> 8 bits
<djshotglass> a byte
<giovani> no ...
<djshotglass> (0-155)
<ball> djshotglass: no.
<djshotglass> 255*
<giovani> please don't pretend you know how CIDR notation works
<djshotglass> please dont be a fucking ass hole
<ball> djshotglass: I could have written 192.168.2.99/24
<giovani> a netmask of 255.255.255.0 is a /24 network
<djshotglass> im asking a question
<ScottK> giovani: There are more appropriate ways to make the point.
<ball> (24 bits of *this* IP address is for the network)
<giovani> you said "i know my tcp/i[p"
<ball> *but*
<ball> the Network itself is 192.168.2.0
<ball> (with no /24)
<ball> 99 is the node portion of my IP address.
<djshotglass> http://pastie.org/607132
<djshotglass> the extent of my tcp/ip knowledge
<djshotglass> wrote that the other night
<djshotglass> i didnt say i was a fucking guru
<ball> Can we stop cussing at each other and get on with the job in hand?
<giovani> I suggest you read up on CIDR notation
<ball> Sorry giovani, I don't think you cussed.
<ball> anyway.
<djshotglass> anyway. thats all i needed to know
<djshotglass> ty
<ball> You're welcome.
<ball> I'll extend your question though.
<ball> On Linux, what software would I use to achieve the traffic shaping that I described?
<ball> (and the failover)
<giovani> technically nothing other than the built-in routing functions in linux for the failover
<ball> giovani: does the built-in routing software have a name?
<giovani> no
<giovani> it's not software
<giovani> it's part of the kernel
<ball> Everything that's in the kernel is software ;-)
<giovani> i.e. the tcp/ip stack, that is used to handle the routing of your packets to interfaces normally
<giovani> ball: it's not (add-on) software
<giovani> it's part of the linux kernel
<giovani> you can set multiple routes
<ball> Does it have the ability to route traffic to a given interface depending on its type?
<giovani> and then set timeout values
<ball> s/to a/through a/
<djshotglass> iptables probably does
<ball> djshotglass: thanks.
<djshotglass> where you live to be cursed with sat net
<giovani> actually I think the Qos stuff isn't handled by iptables/netfilter
<giovani> it's handled in-kernel though
<giovani> you can configure it using tc
<ball> djshotglass: I'm not, yet, but I have considered it as a fall-back to DSL
<ball> (if I'm ever in a position where I need a redundant link)
<djshotglass> i had to use it in camp when i was drilling in mayo yukon
<djshotglass> 100kb/s, 1gb a month limit
<djshotglass> 2000ms ping
<djshotglass> shit was epic fail
<ball> djshotglass: you can see why I wouldn't want VoIP or VNC going out over that
<djshotglass> impressive for what it was
<ball> ...the round trip to space ;-)
<djshotglass> but not ideal home conneciton :P
<giovani> yeah, the traffic classifier isn't part of netfilter
<giovani> (i.e. iptables)
<djshotglass> http://www.ssi.bg/~ja/nano.txt i didnt get to read it all yet nor do i understant what i did read completely, was taking a shot in the dark with iptables as i seen some of it used there
<djshotglass> bed
<djshotglass> night
<djshotglass> thx again
<cemc> if I were to use virtual_transport = dovecot, do I have implicit support for quota in postfix too ? without patching postfix ?
<drurew> Im looking for a command similar to "scp" however different in function, I need to a push file, anyone have any ideas
<drurew> *to push a file
<erichammond> drurew: scp and rsync can both pull and push.
<ghostlines> anyone know any good c/c++ programming channels?
<domas> ghostlines: #c is awesome for C :)
<domas> anyone is doing profile-guided package rebuilds?
<uvirtbot> New bug: #428813 in openldap (main) "package slapd 2.4.15-1ubuntu3 failed to install : subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/428813
<roodyk> hello . How to make shell user with process Limit? in ubuntu server. help pliz. I need make user with 2 bg process
<twb> roodyk: edit /etc/security/limits.conf ?
<roodyk> like: @student        hard    nproc           20
<roodyk> like: student        hard    nproc           20
<twb> I don't know.
<twb> There should be a manpage.
<roodyk> ok thanks
<domas> crap, ubuntu php5 package removes ./configure line from phpinfo output
<twb> domas: apt-get source php5?
<domas> twb: of course, but we're running custom package with custom ./configure line ;-)
<twb> Ah, well.
<domas> I'm rebuilding now to use gcov profiles
<domas> have to backtrack all the changes others did, commit to our svn, and then get back to my custom build
<IRConan> hi there. I have a machine running ubuntu-server, I want to make it get everything except DNS servers from DHCP, how do I do this?
<domas> I guess you can set that up in dhclient configuration
<twb> Correct.
<twb> Tell /etc/dhcp3/dhclient.conf to supersede the name-servers.
<twb> Or, of course, tell your DHCP server not to supply that field
<cemc> I'm playing aroud with ipv6 autoconfiguration and radvd. are there any ipv6 tools to see who's on the network? or some good howto
<twb> cemc: that's probably outside the scope of this channel... maybe there's a networking channel that knows all about ipv6
<cemc> twb: good point ;)
<heath|otg> Hello, can quotas work over NFS shares?
<domas> at server-side, yes
<giovani> well the quota is handled on the file server
<heath|otg> I'm running virtualmin and would like to put the /home dir on my nfs server but keep quotas.
<heath|otg> I'm just having a hard time finding docs on the subject
<giovani> I'm unclear on what you want documentation for exactly
<giovani> the NFS server maintains the quotas on its filesystem ... the files are just exported over NFS
<giovani> there's no configuration
<giovani> other than setting up the quotas as normal
<heath|otg> giovani: the quotas will be set up through Virtualmin, not the nfs server if I have read everything correctly. Maybe I need a custom script to push the quota commands to the nfs server?
<giovani> heath|otg: you're not being clear, I don't know what virtualmin is ... nor how it relates to quotas, nor what "pushing quota commands to the nfs server" is
<heath|otg> giovani: I'm really just trying to figure out how other systems now what there quota limits are from the NFS server
<heath|otg> I found it: rpc.rquotad
<giovani> ok, finding out your quota limits is not the same thing as setting them, and where they apply -- the latter is what you originally asked about
<giovani> but yes, rquotad is the daemon used for that
<heath|otg> thanks
<DizzyDoo> Hi, setting up my new Ubuntu Server installation to connect statically, rather than by using DHCP. I've made what I think are the correct changes in /etc/network/interfaces and ifconfig works okay, but I'm not sure what to put under 'nameservers' in /etc/resolv.conf, anyone tell me, I'm quite the networking-newbie
<DizzyDoo> no matter what I seem to set it to, typing ping www.google.com gets me nowhere
<pmatulis> DizzyDoo: put in your ISP's nameserver
<cemc> how do i add an ipv6 address to an existing eth0 which also has an ipv4 address, how do I edit /etc/network/interfaces?
<RoyK> cemc: vi /etc/network/interfaces is a good way to edit that file
<cemc> RoyK: :) I ment what do I need to put in the file so I get both ip addresses on the same interface
<domas> hehe, sysadmin quiz: would 80M-sized /usr/bin/php with all debugging symbols be slower than stripped 6M binary? :)
<ScottK> domas: Yes.  The question is will it be enough to make a difference.
<domas> meh, ScottK has been sane before as well :)
<domas> scottk: no difference, to be exact
<domas> kernel doesn't read dwarf section
<ScottK> Well it'll be slower to start at the very least.
<domas> scottk: it won't
<ScottK> Likely not enough to care.
<ScottK> It doesn't all get read off of disk once?
<domas> loader/kernel doesn't read debug section at all
<domas> nope, it doesn't
<domas> ;-)
<ScottK> Interesting.
<domas> hmmm, should try to get my packages compiled in 32-bit-pointer-size mode, using additional x86_64 registers
<diogo_79> hi guys
<diogo_79> i have gopenvpn install
<diogo_79> i have configured the dnmasq.conf nameservers
<diogo_79> but when the update-resolv-conf file is call the resolv.conf file is not update
<diogo_79> i dont know why
<diogo_79> can some one help me
<diogo_79> ?
<uvirtbot> New bug: #425265 in samba (main) "dsf" [Undecided,Invalid] https://launchpad.net/bugs/425265
<uvirtbot> New bug: #426813 in net-snmp (main) "snmpd dies after requests with snmpwalk" [Undecided,Incomplete] https://launchpad.net/bugs/426813
<dawkirst> Double post from #ubuntu: I'm running Ubuntu server 8.04 in a virtual machine (VirtualBox) and I'm trying to install lamp-server with sudo tasksel install lamp-server, the tasksel configuration remains at 0%. Any clues?
<mm__202> Question, Im setting up a new server with RAID1, should the swap partition be logical or primary? :S
<mm__202> Or does it even matter?
<jmarsden> mm__202: It won't really matter, but if you have the choice, keep it simple and make it a primary partition
<ikonia> mm__202: doesn't matter
<mm__202> okay, thanks guys.  I figured as much, but just wanted to make sure.
<graphic> Yo, I'm using the package "webcam" but I dont want it to use FTP or SSH, just stick the files in a directory locally, the man page is really really unhelpful
<ikonia> ok
<jmarsden> graphic: webcam is specifically intended for use where you want to upload the images... you could probably set it to upload to localhost as a workaround :)
<mm__202> Guys, one more question, it is worth setting up a swap partition in RAID1?  The only reason I ask is if its being used on the two seperate drives and one of the fails than that swap data is gone.
<graphic> Thats what I was doing, but I would want to do it through SSH since I'm forcing everyone who uses this server to use SFTP and dont have FTP set up any way. The problem with that is it prompts for a password every time it uploads a new image
<graphic> And I want it to run as a daemon - I have the daemon script set up and it works fine except for always prompting for a password.
<graphic> is there another package I could use? I like this one because it has very few dependencies and doesn't come with a lot of extra junk I don't need
<jmarsden> graphic: Set up a special account for it and an ssh keypair with an empty passphrase
<jmarsden> For alternatives see what   apt-cache search webcam     shows up... it's not an area I know much about to be honest :)
<graphic> jmarsden: I tried that but I must have fowled up the process somehow do you know a good tut for the keypair thing?
<graphic> jmarsden: I have a "webcam" user already set up for that
<mm__202> jmarsden / ikonia:  The swap partition, should it be part of the RAID (1)?  Or what is the usual rule-of-thumb for that?
<jmarsden> graphic: Just do it :)    Log in as webcam, and run     ssh-keygen
<graphic> okay, but don't I need to more than just that?
<jmarsden> mm__202: I don't know if there is a convention for that, either way (part of RAI1 or not) will work fine.  Put it inside the RAID1 if you have the disk space, I suppose, so swap can work even if one disk dies.
<mm__202> jmarsden: okay, thank you.
<jmarsden> graphic: The usual thing, copy the ~/.ssh/id_dsa.pub into ~/.ssh/authorised_keys (hope I got all the filenames right there)
<graphic> huh
<jmarsden> graphic: Here is a forum post, but I've never used a tutorial for that :)
<jmarsden> http://ubuntuforums.org/archive/index.php/t-30709.html
<jmarsden> graphic: You can test whether it works by doing ssh webcam@localhost
<graphic> jmarsden: I did that, it works if I'm logged in already as webcam but not from any other user - plus this has to run as a daemon so really shouldn't I need to copy the key somewhere else?
<jmarsden> If the daemon is running as webcam, you are all set.  if it is running as root you could copy  ~/.ssh/id_dsa to (for example) /root/.ssh/id_dsa as long as root has no existing keypair
<graphic> how do I switch what user is running webcam?
<graphic> Im using the init.d script
<graphic> skeleton
<jmarsden> graphic: How are you starting the daemon..
<jmarsden> OK.  Let me look at that...
<garymc> anyone in th euk here?
<garymc> the uk *
<garymc> Ive got a BT hgv2700 business router and the udp ports dont seem to be working to well
<jmarsden> graphic: Hmm, webcam doesn't actually come as a daemon... did you create your own init script?  if so can you pastebin it somewhere so i can see it?
<garymc> ive opened all the ports i need but my sip device doesnt seem to work and when i use nmap to check the ports they say closed?
<graphic> yeah 'ang on
<jmarsden> garymc: I'm not in the UK but do the relevant ports appear open if you nmap scan them from inside the firewall/router?
<garymc> no
<garymc> tcp ports work well but udp show as closed?
<garymc> could it be these routers?
<jmarsden> Then by definition they won't show up as open via the router's port redirection either :)
<jmarsden> if you are scanning within the local LAN, the router is not in the picture...
<garymc> so how can you tell if the ports are open?
<garymc> im ssh ing to my servers from home
<garymc> ssh works great but the UDP ports required for SIP calls dont seem to work
<graphic> jmarsden: http://pastebin.com/d6b8d26d7
<jmarsden> nmap scan the SIP server device, from a machine that is inside the router/firewall device you are trying to configure.
<garymc> yeah i just need to check the ports are open on the router
<garymc> i think
<garymc> so will portforward check website not check the ports correctly?
<garymc> I put the ip addy in i want to check the ports on
<garymc> It tells me my port 80 22 and 21 are open
<jmarsden> garymc: I have no idea what portforward website might do.  You have a Ubuntu machine on that subnet, so use it to test with :)
<garymc> as soon as i put in 5060
<garymc> im a newbie and not sure how to do that
<jmarsden> graphic: That script has no obvious way to run the daemon as anything other than root.
<garymc> not sure of the best way
<graphic> Yeah thats what I figured
<jmarsden> <jmarsden> garymc: I'm not in the UK but do the relevant ports appear open if you nmap scan them from inside the firewall/router?
<jmarsden> <garymc> no
<jmarsden> Did you actually do this, or did you just guess "no" ??
<ftherese> hello, I am in a situation where one of my users on one server cannot access the internet
<graphic>  jmarsden: I think the best way would be to just copy that key to the roots keys, however I do not know where that is, since everything on Ubuntu is sudo done
<garymc> i used an Nmap -v -o ip addy port unumber thingy
<garymc> in the CLI
<graphic> there's no "root" in /home/
<jmarsden> graphic: the home dir for root is /root
<graphic> os
<ftherese> why would one single username be blocked from the internal network and from the internet?
<jmarsden> graphic: so sudo cp -p ~webcam/.ssh/id_dsa /root/.ssh/id_dsa     # should do it
<jmarsden> ftherese: Seems unlikely unless you have a router/firewall that can talk to the server and determine who owns which connections... which is rare.
<jmarsden> ftherese: If you create a new user on that same server the same commands (wget or lynx or whatever) work fine?
<ftherese> Jmarsden: the old users work fine, but I haven't tried creating a new user
<aubre> I'm trying out karmic's version of Eucalyptus, I'll be testing images tomorrow
<guntbert> ftherese: do you have access to that account? so we could do some testing?
<jmarsden> ftherese: OK... so then this comes down to what is different about the one blocked user.
<ftherese> jmarsden: I have also deleted the user account that was problematic and recreated it and still no dice
<ftherese> jmarsden: I have universal access
<aubre> anyone going to Atlanta Linux Fest / Ubucon ? hope to meet some server-oriented people there
<graphic> jmarsden: haha that worked but I don't think that webcam was meant to be run as a daemon
<ftherese> jmarsden: I am setting up the servers and working towards deployment
<jmarsden> ftherese: OK.  What is the command you are trying to check for Internet access?  wget http://example.com
<ftherese> jmarsden: Connection to example.com| 208.77.188.166|:80
<ftherese> jmarsden: and it sits there
<jmarsden> But the exact same thing as user users is fine?  This is very odd behaviour...
<jmarsden> *as other users
<ftherese> jmarsden: I had installed and deleted a squid proxy server, and I am afraid that there is a piece hanging aound
<jmarsden> Ah... OK.  We need to check all the proxy variables... wait a sec...
<ftherese> jmarsden: but the problem is on a different computer from the server where the proxy was installed...
<ftherese> jmarsden:  The setup is 4 servers
<ftherese> jmarsden:  Serving ltsp
<jmarsden> ftherese: At some point did you set up the server with the user account on it to use the proxy?
<ftherese> jmarsden: all four servers have a "user" account login and a "salledelectures" login, besides the admin login that is proper to each one
<jmarsden> ftherese: See whether  (as the user with the issue)    set | grep proxy    shows any proxy-related environment variables set
<ftherese> jmarsden: I had intenede to set up a proxy server to block internet access
<ftherese> jmarsden: to only the user salledelectures
<ftherese> jmarsden: and after deleting that, salledelectures is able to acces the network and internet on three out of four
<ftherese> jmarsden: the set |grep proxy returns nothing
<jmarsden> So on the fourth, it seems, something is configured to still try to use the (now nonexistent) proxy... I am guessing.
<jmarsden> OK.
<ftherese> jmarsden: right
<ftherese> jmarsden: the other users are fine on that computer
<ftherese> jmarsden: I have even wiped completely the offending account and recreated it
<ftherese> jmarsden: with the same problem
<ftherese> jmarsden: Once, when recreating the account I changed the uid to 1003 when it was originally 1002
<ftherese> jmarsden: and it started working
<ftherese> jmarsden: and then just as suddenly stopped again
<jmarsden> then it could be something in a config file that has that username in it?  Does    grep -r salldelectures /etc  show you anything relevant -- any unexpected config files with the name in it?
<heath|otg> I have enabled quotas on a NFS server. How do I view and set the quota information from a client computer?
<ftherese> jmarsden: that's it I think
<ftherese> jmarsden: there was a moment when I was trying to use linux firewall
<jmarsden> heath|otg: ssh to the NFS server and use edquota ?
<ftherese> jmarsden: and there is a pre-up entry that I must have left there in/etc/network/interfaces
<ftherese> jmarsden: oops
<jmarsden> ftherese: OK, sounds like we found it :)
<guntbert> jmarsden, ftherese: I still suspect a proxy setting - to rule that out ftherese please try telnet www.whatever.you.want 80 please - it should give "connected to..."
<guntbert> ftherese: forget me then :-)
<ftherese> guntbert: good suggestion, somebody tried to help me yesterday and gave that suggestion
<ftherese> guntbert: what happens there is that iptables just drops the requests made by the user
<ftherese> guntbert: but since I only verified the clearing of iptables by looking at webmin, the setting I had added by hand was not visible
<jmarsden> ftherese: And your pre-up entry was adding those firewall rules?
<guntbert> ftherese: :-) - yes that seems to be clear
<ftherese> jmarsden: Yeah, I guess I just assumed that clearing it through webmin and seeing it cleared would have done the trick
<jmarsden> ftherese: OK.  I'd trust the command line tools far more than I'd trust a web based app for system administration...  Anyway, we found it and it is now all fixed, right?
<ftherese> jmarsden: yup iptalbles -F and I am back on track
<jmarsden> Good :)
<guntbert> ftherese: 2 points though: 1) webmin is no longer supported on unbuntu; 2) if you use it for firewall settings you can tell it to display the actual working config instead of that from some file
<ftherese> guntbert: yeah, I noticed that it is no longer supported by ubuntu, but it helped me psychologically when I had to face the monolith of configuration options
<ftherese> But I actually had another problem with squid, and I finally gave up
<guntbert> ftherese: thats why I made point (2) :-)
<ftherese> guntbert: good point
<ftherese> guntbert: :)
<guntbert> !info fwbuilder if you want a GUI for your firewall
<ubottu> 'if' is not a valid distribution: dapper, dapper-backports, hardy, hardy-backports, intrepid, intrepid-backports, jaunty, jaunty-backports, karmic, karmic-backports, kubuntu-backports, kubuntu-experimental, kubuntu-updates, medibuntu, partner
<guntbert> !info fwbuilder  | ftherese  if you want a GUI for your firewall
<ftherese> guntbert: thanks, I'll take a look
<ftherese> !info fwbuilder
<ubottu> fwbuilder (source: fwbuilder): Firewall administration tool GUI. In component universe, is optional. Version 3.0.2-1 (jaunty), package size 1739 kB, installed size 4820 kB
<graphic> Hey does & force a process into the background?
<guntbert> graphic: yes (but no force is applied)
<graphic> okay so if I did &webcams /path/to/conf I'd get my console back while webcam does its thing?
<heath|otg> jmarsden: thanks
<giovani> graphic: you append "&" with a space to the end of the command
<giovani> i.e. "/path/to/application --some --switches /and/a/config &"
<graphic> ohs
<graphic> Alrighty then
<uvirtbot> New bug: #291629 in debian (main) "kipmi0 uses 100% cpu" [Undecided,Invalid] https://launchpad.net/bugs/291629
<ftherese> guntbert: it says there is a new version available... and the version of fwbuilder I have in front of me looks a little rough
<guntbert> ftherese: let me look
<ftherese> guntbert: should I download the newest version, or does the default one in the repository work jsut fine?
<graphic> whats the command to open another terminal in linux?
<ftherese> graphic: what kind? a graphical one?
<graphic> Oh no I mean if you have an SSH session open
<graphic> hmph it used to be like Alt+1 or Alt+F1 on minix
<ftherese> graphic: ok, sorry, I don't know
<guntbert> ftherese: 3.0.2 seems fairly recent - you can have a look at http://www.fwbuilder.org/docs/firewall_builder_packages.html and http://ubuntulinuxhelp.com/getting-started-with-firewall-builder/
<ftherese> guntbert: I triple clicked on it, and it crashed
<ftherese> guntbert: I'm going to take a look at the newer version if there is one
<guntbert> graphic: if you have only ssh access there is no GUI, but you can tunnel X for (single) apps
<guntbert> ftherese: I never used it on #ubuntu, but it takes a little reading... (rather than installing the latest, I guess :-))
<jmarsden> graphic: On a linux desktop, ctrl-alt-f1 gets a text mode console, up to ctrl-alt-f6.  ctrl-alt-f7 gets you back to the GUI (if there is one).  Inside an ssh session, I would use screen to get multiple shell sessions.
<mdz> graphic, I think you're looking for byobu or screen
<ftherese> guntbert: is it centered around iptables?
<guntbert> ftherese: it is able to manage several filter/firewall backends, one of them is iptables
<ftherese> guntbert: nice, ok
<guntbert> ftherese: have fun :-)
<killemall> good afternoon
<killemall> do you know a freenode channel where I might get some advice on recovering a partition
<mushroomblue> killemall: probably ask in your distro's channel.
<killemall> this is my distros channel :) I used clonezilla, and accidently clone sda1 to sda2, instead of sda1 to sdb1
<killemall> maybe i should post at the clonezilla forums, and go from there
<soren> killemall: If it copied everything from sda1 to sda2, you're not going to get what was on sda2 before back.
<killemall> hi thanks for the reply
<killemall> sda1  was 35GB parition, with only 5 GB of data on it
<killemall> sda2 was 100GB parition, with 90GB of data on it
<killemall> i dont 'think' clonezilla uses dd for this action, becuase the cloning of the parititon process with really quite fast
<killemall> i wondered if maybe i should just do a quick format of sda2 and then try some recovery software? man im so lost on this one
<killemall> i just posted over at the clonezilla forums as well,
<soren> You're going to get much more qualified help over there, I imagine.
<graphic> Hey if I start a process in the back ground like "make something-that-will-take-four-days &" how can I log out and have that task continue?
<heath|otg> um... that should do it I think
<soren> graphic: "nohup make something-that-will-take-four-days &"
<graphic> Yes but then if I log out it will kill the task no?
<soren> graphic: And then log out.
<graphic> awesome
<soren> graphic: some things don't need it, but adding nohup will make sure it keeps running after you log out.
<graphic> got nohup: ignoring input and appending output to `nohup.out'
<soren> Yup.
<graphic> soren: Another question, does anyone know a good command linen tool that can just take a snap shot from a webcam if given a specified device like "camcmd /dev/video0"?
<soren> "apt-cache search" suggests vggrabj
<soren> Sorry, vgrabbj
<graphic> cool, do you know how hard it would be to write something in C++ to grab an Image from a webcam? Got a school project, using a web cam to determine if there are open parking spaces in one of the parking lots behind my school. I'm writing what actually analyzes the two images in C++ with a alittle help from Magick++ but I dunno how to take the snap shot in C++ cant really find good info on it
<graphic> (parking is an annoying problem at my school)
<soren> The interface is called v4l, but it's not really on-topic for this channel.
<graphic> Oh hmm guess I should look there
<graphic> Know a good channel about Linux Programming?
<soren> Not really.
<soren> Not a general one.
<soren> I'd find one that deals with v4l.
<soren> like #v4l
<graphic> thats true
<graphic> I might just wimp out on that part until the more important stuff is taken care of
<heath|otg> Anyone ever used quota remote commands?
<graphic> THE HALLOWEENIES
<graphic> no I haven't though heath|otg
<SineDeviance> hi, i want to run ubuntu server 9.04 and i want to set it up with a basic gui (like lxde) and have it autologin so i can admin it entirely through vnc. is this possible?
<tsrk> SineDeviance, you shouldn't need autologin for that
<tsrk> just use a vnc that creates a new session
<SineDeviance> tsrk, i can do that? cause yeah i'd need to admin this system entirely over remote. it's a laptop with a busted keyboard/touchpad, and a cracked screen. the only thing that works is the power button :D so yeah i don't want to have to hook up a keyboard and mouse every time i need to change something
<tsrk> well generally you'd want ssh for that, but if you want a gui vnc should work fine
<SineDeviance> eh sorry about that
<tsrk> or if you can do *some* shell, you could "ssh -X" which will let you type things like "gedit" to get the window locally but running remotely
<SineDeviance> okay. well, assume i install ubuntu server and setup a gui how i want. how would i setup vncserver to make a new session?
<SineDeviance> uh, for reference right now i'm running this server on winxp pro and using winvnc to admin it. yeah, don't laugh :D
<SineDeviance> i have it set to autologin so i don't even have to type my pass
<tsrk> https://help.ubuntu.com/community/VNC/Servers#tightvncserver
<tsrk> TightVNC creates a new session by default
<tsrk> that's what i've used
<SineDeviance> tsrk, ahh, cool. thanks!
<tsrk> you shouldn't need any of the extra configuration stuff
<SineDeviance> okay
<SineDeviance> one more question
<uvirtbot> New bug: #429087 in eucalyptus (main) "after UEC front-end (cluster) install, key sync stage of registration cannot proceed without entering a password " [Undecided,New] https://launchpad.net/bugs/429087
<SineDeviance> in the ubuntu-server repos, will i still have access to packages for gui stuff? like xubuntu or blackbox or somesuch?
<jmarsden> SineDeviance: The repos are the same.
<jmarsden> SineDeviance: However, once you add a GUI to a Ubuntu Server install, you don't really have a Ubuntu Server any more, so asking for help on the GUI aspect of your custom setup here in #ubuntu-server is unlikely to get you a lot of help.
<jmarsden> Ah, he left already?
#ubuntu-server 2010-09-13
<ruben23> guys with this space can i install still application since my /  is already full...? if i used home as my directory..? ----> http://pastebin.com/Ct8SA62m
<ruben23> any idea guys
<rutri> hello
<rutri> Does anyone know if they got rid of /etc/inetd.conf  or /etc/xinetd.conf in Ubunu server 10.4?
<_Techie_> how well does ubuntu-server handle itself when no graphics adapter is present?
<rutri> very
<_Techie_> so theres nothing that ties into having a GPU present, even if its a really bad one
<rutri> _Techie_ I have run my Ubuntu server with just a regular accelerator for  years now
<_Techie_> rutri, im talking no GPU at all
<_Techie_> no onboard, no PCI and no PCIe
<rutri> _Techie_ oh sorry that I am not sure about
<rutri> _Techie_ However I do not see how you can get threw installation without even a basic one.
<_Techie_> my server is already installed and setup
<rutri> _Techie_ So you plan on removing it a now?
<_Techie_> when i get home
<ScottK> _Techie_: It's fine, just make sure you have ssh working before you remove it.
<rutri> Does anyone know if they got rid of /etc/inetd.conf  or /etc/xinetd.conf in Ubunu server 10.4?
<_Techie_> im currently running an 8600GT in my server and i have a dual x16@x16 motherboard in my desktop machine with the second PCIe16 spare, so you can see why im wanting to go completely GPU'less
<rutri> _Techie_ yea, i run my entire server off of SSH, the only time i use my monitor is for installation.
<_Techie_> rutri, i use a combination of SSH and web panels depending on where i am at the time
<rutri> _Techie_ then you should be fine.
<rutri> Is there anyone here that can answer my question?
<_Techie_> rutri, i would cehck against my server, but that still on 9.10
<_Techie_> check*
<demonspork> I am using an HP ProLiant DL380 G3 server and I can't get lm-sensors to detect anything
<demonspork> sensors-detect just comes back with no sensors detected
<rutri> _Techie_ one of them should exist in 9.10 since the instructions were written for it.  However they ask me to modify one of those files but I cannot seem to find ether of them.
<_Techie_> rutri, 9.10 has inetd.conf
<_Techie_> and xinetd
<rutri> _Techie_ where is it located /etc/?
<_Techie_> rutri, yep
<rutri> _Techie_ they must have gotten rid of it in 10.4 then, however I am confused as to what they use for internet services.
<_Techie_> they must rely on actual processes
<_Techie_> which seems stupid
<rutri> _Techie_ yea ill just have to install it.
<rutri> _Techie_ do you know what package installs inetd?
<_Techie_> rutri, nope
<rutri> _Techie_ thanks for the help
<_Techie_> rutri, no problem, its good to have somewhere i can feel helpful after i made the decision to leave #xubuntu
<Jeeves_Moss> has anyone here installed VMWare server before?  I'm having some premission issues, and I'd like to figure out what's going on with it
<Zyklon> hey
<Zyklon> anybody here?
<Zyklon> need some help with my ubuntu server
<Zyklon> :/
<_Techie_> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Daviey> hggdh, ack, thanks :(
<_Techie_> bbl guys
<_Techie_> yay, my server is now completely headless
<hggdh> Daviey: I can assure you it was not my pleasure
<uvirtbot> New bug: #636738 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/636738
<Daviey> hggdh, I reproduced it...
<Daviey> hggdh, i'm not convinced it's euca's issue TBH
<hggdh> Daviey: saw your note, but why this error now and not before?
<hggdh> something in d-i?
<Daviey> hggdh, perhaps... d-i complaining of "(libavahi-common3): package doesn't exist (ignored)"
<Daviey> is naturally concerning, but i'm not even convinced that is to blame as
<Daviey> it hasn't been touched *that* recently (27-Aug-2010).
<hggdh> still, we now get a failure in d-i -- so something changed somewhere...
<Daviey> ack
<hggdh> Daviey: on the other side, I could not connect to *any* instance
<hggdh> look at the cloud-error.log, lots of messages about a non-correlated correlation
<Daviey> :o
<hggdh> or whatever...
<Daviey> hggdh, I'm going to spend most of tomorrow trying to work out the install issue.. then reproduce that issue.. then probably make a phone call in the evening. :)
<hggdh> Daviey: roj. I will look at the (other) failures I got, and try to work them out from the debdeiff
<Daviey> hggdh, rocking.. thanks :)
<hggdh> Daviey: now -- please -- get the hell to bed ;-)
<Daviey> i should....
<hggdh> indeed.
<Daviey> hggdh, I have flagged it to cjwatson .. hopefully he'll be able to jump in with some help.
<hggdh> Daviey: perfect, he most certainly will figure it out
<Daviey> hggdh, I wonder if the archive is in an inconsistent state or similar
<hggdh> Daviey: hum. Might be an issue from the yesterday's ISO. Will try again tomorrow.
<hggdh> Daviey: another weird thing happened -- one *one* (and only one) of the NCs, I was getting an apparmour failure on dhclient3
<hggdh> I aa-complain-ed the sbin/dhclient3, and was able to bring the interface up. The other NC did not have any problems
<Daviey> hggdh, ah ha!
<Daviey> just looked at the cd build logs:
<Daviey> ? Unknown dependency libavahi-common3 (>= 0.6.16) by eucalyptus-udeb
<Daviey> ? Unknown dependency libavahi-core7 (>= 0.6.26) by eucalyptus-udeb
<hggdh> ooohhhhh
<Daviey> maverick has 0.6.27-2ubuntu1
<Daviey> so WTF
<hggdh> we might add it to debian/control, then, and get done with it?
<sbeattie> hggdh: was there any apparmor rejects listed in /var/log/kern.log?
<hggdh> sbeattie: a denied, yes (dhclient3 is in enforce mode)
<hggdh> sbeattie: I am still to look at it more carefully, though. I am not clear why two identical installs behave differently
<Daviey> hggdh, 0.6.16 >= 0.6.27-2ubuntu1 ???
<Daviey> err, other way around
<Daviey> The maverick version is higher than the version that is depends on.
<hggdh> Daviey: but it did not get pulled in for installing
<Daviey> yeah.... hggdh - my theory is inconsistent archive state... but poking around it looks like that isn't the case...
<demonspork> I can't find any sensors with sensors-detect on an HP Proliant DL380 G3 server, it can't be completely senseless can it??
<qman__> demonspork, you probably have to install the driver and supporting software package from HP
<demonspork> qman__, the supporting software package from HP only comes set up for suse and red hat
<demonspork> how I get one of those packages installed in Ubuntu 10.04
<qman__> you'd have to use something like alien, very hacky
<demonspork> ~~~
<qman__> HP had a driver package for ubuntu for my DL360, though
<qman__> just had to dig a little deeper
<qman__> that server is much newer than mine, I'm rather surprised they don't have Ubuntu in the OS list for it
<demonspork> qman__, I found the canonical partner page and the link for the G3 redirected me to the G5
<demonspork> I found everything I need now
<demonspork> and it is going to be a hell of a lot easier if I had physical access to this thing
<demonspork> but eh
<demonspork> this will have to do
<PyroPhelia> where are my gurus at?
<PyroPhelia> hmm anybody home?
<aarcane> PyroPhelia, I'm not on your normal list, but I fall near to the category of guru in some areas.  what sort of help do you need ?
<PyroPhelia> a near guru is better than nothing :P
<PyroPhelia> I've got a very sick server
<blackmatter> lol /o aarcane
<PyroPhelia> I have 3 raid6's in this box with a seperate IDE drive for the OS.  my problem is because of the raid6's can't be started the system fails on boot and drops into a ramdisk
 * aarcane facepalms
 * blackmatter loling
<PyroPhelia> I know why the raid isn't starting, I made a mistake of building the raid with /dev/sdk instead of /dev/sdk1 and now on every boot mdadm tries to add /dev/sdk instead of /dev/sdk1
<PyroPhelia> yea I know :/
<aarcane> that shouldn't happen.
<PyroPhelia> it is :/
<PyroPhelia> mdadm --detail of md2 gives me the wrong drive
<PyroPhelia> I did a force rebuild so that's how it got screwed up
<aarcane> can you fix it with a livecd ?
<blackmatter> omg y???
<PyroPhelia> massive poweroutage, with corrupt sectors
<blackmatter> thats what i recommended
<PyroPhelia> I had to zero out the bad sectors and force rebuild the array to save the data
<aarcane> hrrm
<PyroPhelia> the data is safe but now I'm trying to bring this box back online
<aarcane> and I'm assuming rescue mode isn't working, and I'm assuming you've tried removing+nuking the drive and replacing it using the proper designation
<PyroPhelia> this box has 45 disks.  1500w PSU and 15 amps.  a power outage does terrible damage to it
<PyroPhelia> no I haven't tried rescue
<PyroPhelia> I was wondering if it was possible to mount the system without having to load rescue
<PyroPhelia> if I just had access to fdisk I could fix this
<blackmatter> try then rescue can reconf grub as well
<PyroPhelia> so once inside a ram disk there's no way to boot the system?
<aarcane> well, if rescue can't fix it then you can fix it using a livecd if you can fix it at all
<PyroPhelia> it sees the OS disk, I just can't mount it for some odd reason
<PyroPhelia> aarcane, actually I've run into this before ><
<PyroPhelia> just reinstalling the OS cleaned things up perfectly
<PyroPhelia> once I was in, I rebuilt the raids by hand and I was back in business
<aarcane> PyroPhelia, I'm assuming that you don't want to reinstall.
<PyroPhelia> aye
<PyroPhelia> I'm just too much of a noob to know which of the files causes the problem
<PyroPhelia> whats odd is I can't even mount the boot partition
<PyroPhelia> mount /dev/sdk1 /mnt/boot gives me "failed: No such file or directory"
<PyroPhelia> something to do with the permissions of the ram disk?
<blackmatter> hmm
<aarcane> probably no /dev/sdk1.  do you have /boot on a raid6 ?
<blackmatter> r u sure sdk1 exist?
<PyroPhelia> yes /dev/sdk1 is there and no boot is not on the raid6
<PyroPhelia> /dev/sdk1,2 and 5
<PyroPhelia> sorry I think I confused you
<PyroPhelia> the drive that I screwed up in the raid is actually /dev/sdj not /dev/sdk
<PyroPhelia> well to be technically accurate it's /dev/sdaj ><
<PyroPhelia> here's what I get
<PyroPhelia> "loading. Please wait.....inux Kernel 2.6.33.2 root (hd0,0) etc
<PyroPhelia> md errors
<PyroPhelia> and then....
<blackmatter> try mount -a /dev/sdaj /mnt/boot
<PyroPhelia> you mean the boot disk right?
<PyroPhelia> /dev/sdk
<blackmatter> no
<blackmatter> :)
<PyroPhelia> you want me to mount the raid disk?
 * aarcane thinks a nice diagram would help...
 * blackmatter aggree
<PyroPhelia> ok
<PyroPhelia> 45 sata disks
<PyroPhelia> 3 raid 6s
<PyroPhelia> 15 drives each
<PyroPhelia> 1 IDE drive
<PyroPhelia> (IDE = /dev/sdk)
<PyroPhelia> ide drive = OS drive.  /boot: /: swap
<aarcane> what's your fstab look liek?  pastebin it
<PyroPhelia> might be a problem, that box doesn't have network access atm
<PyroPhelia> it's on the bench
<PyroPhelia> oh
<PyroPhelia> I might have over looked something
<PyroPhelia> after the md errors I get this
<PyroPhelia> WARNING bootdevice may be renamed.  Try root=/dev/sdb1
<PyroPhelia> that is something i've had problems with
<PyroPhelia> my ide drive is never /dev/sda
<PyroPhelia> the only way I could get grub to even boot off of it was to specify by drive ID
<PyroPhelia> Gave up waiting for root device. Common problems:
<blackmatter> ide cant be master when other present
<PyroPhelia> it worked fine when I had this on a 2.6.10 kernel
<blackmatter> does the drive even active?
<PyroPhelia> upgraded to 2.6.33 and my ide drive floats around
<PyroPhelia> yea, grub loads up fine
<blackmatter> yr drive dynamic?
<PyroPhelia> asks me which kernel I want to load
<PyroPhelia> not by choice
<PyroPhelia> the sata's are always the same
<PyroPhelia> it's the IDE drive that gets a different /dev/sd($) each time I boot up
<blackmatter> ofcorse
<PyroPhelia> why?
<PyroPhelia> If I didn't have to upgrade my kernel I never would have.  It worked great in 2.6.10
<PyroPhelia> my ide drive was always /dev/sda
<blackmatter> hmm
<PyroPhelia> I had to upgrade thought because of a bug in 2.6.10 with my sata backplanes
<PyroPhelia> and it's faster
<blackmatter> srry dont know how to help u on that one :(
<PyroPhelia> god damnit
<PyroPhelia> see it did it again
<PyroPhelia> now my boot drive is /dev/sda
<PyroPhelia> I think that's why it's freaking out
<PyroPhelia> if I could only get to my boot partition and look at the grub conf :/
<blackmatter> holdon!!
<blackmatter> did u tried to jumper the ide?
<PyroPhelia> it's on cable select
<blackmatter> as prime?
<PyroPhelia> erm
<PyroPhelia> I think I have before
<PyroPhelia> let me look
<blackmatter> XD
<PyroPhelia> it's def on CS, should i try master?
<PyroPhelia> but... if I do that I think i'm gonna have to change my grub conf...
<PyroPhelia> hmm....
<PyroPhelia> let me try this
<blackmatter> yes
<PyroPhelia> ah man that's gonna be a pita
<PyroPhelia> gotta get the tools, brb
<PyroPhelia> and if you're wondering no it's not a sun thumper
<PyroPhelia> I built myself using the backblaze design
<PyroPhelia> I built a 1PB cluster for less than 80k
<PyroPhelia> well just shy of
 * blackmatter like backblaze
<PyroPhelia> they saved the company so much money
<PyroPhelia> we do HD video so it was going to cost us an arm and a testical
 * blackmatter lolz
<PyroPhelia> made the changes
<PyroPhelia> booting up now
<PyroPhelia> if that's all it was I'm going to cry
<PyroPhelia> grub loaded
<PyroPhelia> it's gonna take awhile for it to boot, brb gonna grab some cancer real fast
<PyroPhelia> btw thans for the advice
<blackmatter> lololololol
<blackmatter> was it the jumpering??
<PyroPhelia> mmm cancer
<blackmatter> yum
<PyroPhelia> I don't know yet
<PyroPhelia> i'm actually waiting to see it now
<PyroPhelia> I don't think it will
<PyroPhelia> it's doing the same thing it did before
<blackmatter> brb
<PyroPhelia> it failed
<blackmatter> damn
<PyroPhelia> and my ide drive is sdk
<PyroPhelia> so the jumper didn't do a whole lot
<blackmatter> yup
<PyroPhelia> my grub conf has to be fubar
<PyroPhelia> it said warning /dev/sdb1 can't be found
<PyroPhelia> why can't I mount them?!
<blackmatter> i dont know
<blackmatter> its above my scope
<blackmatter> srry :(
<PyroPhelia> mounting /dev/sdk2 on /mnt failed: No such file or directory
<PyroPhelia> but the disk is in /dev
<blackmatter> hmmm
<PyroPhelia> ls -ls /dev/sdk*
<PyroPhelia> /dev/sdk
<PyroPhelia> /dev/sdk1
<PyroPhelia> /dev/sdk2
<PyroPhelia> /dev/sdk5
<blackmatter> do ls /boot/
<blackmatter> and ls /mnt/
<PyroPhelia> no such file or directory
<PyroPhelia> ls -ls mnt
<PyroPhelia> boot
<blackmatter> ls -ls /mnt/boot/
<PyroPhelia> .
<PyroPhelia> ..
<PyroPhelia> it's there
<blackmatter> sec
<blackmatter> wierd
<reggi> hello everyone
<blackmatter> u dont have grub on /boot/
<blackmatter> hello
<reggi> would someone pls point me in the right direction so i can read / learn how to fix my problem...
<PyroPhelia> remember i'm in a ram disk
<PyroPhelia> no /boot
<reggi> (typing my problem at the moment)
<PyroPhelia> busybox
<blackmatter> right :(
<blackmatter> im srry to tell but reinstall is the only option
<blackmatter> or getting the hd to a working system n generating new grub conf
<blackmatter> which idk if will work
<PyroPhelia> hmm
<blackmatter> reggi?
<reggi> I use a 3G USB dongle to connect to the internet (on my laptop) which I currently share on the network using Firestarter (a GUI firewall program) and an 8 port switch. DHCP runs fine. What I would like is for my machines on the network to be able to automatically get the DNS from my laptop. Currently I have to manually enter my host's DNS in the interfaces settings so the internet will work.
<blackmatter> reggi >> u should advertise the dns server from the dhcp
<blackmatter> its a dhcp proto option and not ubuntu issue
<reggi> hi blackmatter thanks for replying
<reggi> cool. would you know where I can read so I can do this?
<reggi> blackmatter, also, does this mean I don't need to set up bind9?
<blackmatter> is yr laptop is the dhcp advertiser?
<reggi> yes. my laptop is the gateway / dhcp advertiser (using firestarter)
<blackmatter> does the dhcp running from within firestarter?
<reggi> but I know enough to also setup dhcp3 manually (without using firestarter.
<reggi> firestarter uses dhcp3
<reggi> it auto configures dhcp3.conf
<blackmatter> can u plz pastebin yr dhcp conf?
<reggi> ok
<blackmatter> u can find it at /etc/dhcp/dhcpd.conf
<reggi> blackmatter, http://paste.ubuntu.com/492918/
<PyroPhelia> ah ha...
<PyroPhelia> I think i found it
<blackmatter> wot???
<PyroPhelia> well I got the system to mount
<blackmatter> how?
<PyroPhelia> i HAD to specify mount -t ext3 /dev/sdk1 /mnt/boot
<PyroPhelia> anything else would cause it to fail
<PyroPhelia> also when I look in my grub my boot drive is listed as /dev/sdb NOT UUID
<PyroPhelia> well there's your problem...
 * blackmatter nods
<PyroPhelia> that is so strange
<PyroPhelia> great now I have to find the UUID again
<Zyklon> anybody here know how to get MySQL to start again?
<PyroPhelia> I could have swore this was UUID
<Zyklon> 	MySQL database	 DEACTIVATED
<Zyklon> it states on my ubuntu server
<Zyklon> ?
<blackmatter> zykon >> sudo service mysql start
<PyroPhelia> /etc/init.d/mysql restart ?
<Zyklon> sec
<Zyklon> I'll check
<blackmatter> same ole same ole
<blackmatter> both will work
<Zyklon> yeah
<Zyklon> just that
<Zyklon> it won't start again
<Zyklon> for some reason
<Zyklon> :/
<Zyklon> what could have happened then?
<blackmatter> zyk
<Zyklon> root@ks33885:~# /etc/init.d/mysql restart
<Zyklon> * Stopping MySQL database server mysqld [ OK ]
<Zyklon> * Starting MySQL database server mysqld [fail]
<Zyklon> I get a fail
<blackmatter> take a look in the syslog
<Zyklon> ok
<Zyklon> where I find that?
<blackmatter> why its happening
<blackmatter> /var/logs/syslog
<Zyklon> understand but not so elite with ubuntu
<Zyklon> ok
<PyroPhelia> because you fail!
<PyroPhelia> sorry don't mind me, my server is pms'ing
<Zyklon> ok
<blackmatter> rofl
<Zyklon> hmm
<Zyklon> blackmatter: sure it's there?
<Zyklon> ok
<Zyklon> blackmatter: you still here?
<PyroPhelia> ah crap I just thought of something
<blackmatter> ???
<PyroPhelia> how do i update grub without an active kernel
<PyroPhelia> updategrub in a ramdisk means nothing
<blackmatter> indeed
<PyroPhelia> hmm
<PyroPhelia> well wait
<PyroPhelia> I only have to update grub if i'm installing a new image right?
<blackmatter> yup
<PyroPhelia> I shouldn't have to do it if i'm only change the location of root right?
<PyroPhelia> sweet
<PyroPhelia> lets try this
<PyroPhelia> ok going for cancer for real this time
<PyroPhelia> I don't want to watch this fail :/
<blackmatter> pyro is it working?
<PyroPhelia> holy bleep she's alive
<PyroPhelia> yeap
<PyroPhelia> that's all it was
<blackmatter> good to hear :)
<PyroPhelia> root was /dev/sdb
<PyroPhelia> now
<blackmatter> if i ever get into that ill know wot to do now XD
<PyroPhelia> here's the hardest question
<PyroPhelia> for the raid that has the bad drive id
<PyroPhelia> how do I change the raid so that it looks for the right drive?
<blackmatter> idk bout that
<blackmatter> check forum tho
<PyroPhelia> it keeps trying to load /dev/sdaj instead of /dev/sdaj1
<PyroPhelia> and in doing so, it's screwing up the partition table
<blackmatter> f**k
<blackmatter> u didnt wrote new grub conf??!
<blackmatter> after all of that work -__-
<PyroPhelia> thought i did
<PyroPhelia> wait what do you mean write a new grub?
<blackmatter> u need to overwrite the corrent conf file with a new one so it will know from wer to boot
<PyroPhelia> I did it booted fine
<PyroPhelia> but grub doesn't have anything to do with mdadm
<PyroPhelia> as far as I'm aware
<Trunkles> It's dumb question time. :) I'm on a windoze machine. Just to my left there's an Ubuntu server. What I want to do is run something like a telnet client on my doze box and connect to the server so I can use one machine for all things. Can I get hyperterminal to connect? Nope! So... any thoughts or ideas please?
<PyroPhelia> apt-get install sshd
<PyroPhelia> then install putty
<Trunkles> putty on doze?
<PyroPhelia> aye
<PyroPhelia> it does ssh/telnet
<Trunkles> Cool, thanks. I'll give that a try. :)
<PyroPhelia> I don't think ubuntu server has telent installed by default, if you must use it (I don't recomend it) apt-get install telnetd
<blackmatter> ubuntu server comes cln out of the box
<blackmatter> no services installed by default
<PyroPhelia> that's what I thought
<Trunkles> Doesn't have to be telnet, just some way I can get a terminal on my PC
<PyroPhelia> trunkles: sudo apt-get install sshd
<PyroPhelia> then download putty on the doze box
<PyroPhelia> and i'm sure somebody is going to correct me about using aptitude instead but whatever ;P
<Trunkles> sshd is installed now.
<PyroPhelia> do you know the IP of the ubuntu server?
<Trunkles> Putty has just downloaded so... I'll install and try it
<PyroPhelia> type ifconfig on the server to make sure you have the right IP
<PyroPhelia> also keep in mind you will not be able to root into your box by default, use a normal login
<Trunkles> Yep, I've got the right I{.
<Trunkles> Oops... IP
<Trunkles> Damn. Putty gives me network error connection refused
<Trunkles> I guess sshd needs some configuring
<PyroPhelia> it shouldn't
<PyroPhelia> what login are you trying to use?
<Trunkles> my own
<PyroPhelia> type sudo /etc/init.d/sshd restart
<PyroPhelia> are there any errors?
<PyroPhelia> oh
<PyroPhelia> what port are you using in putty?
<PyroPhelia> make sure your using ssh NOT telnet
<PyroPhelia> port 22
<Trunkles> Ooooo! I hadn't noticed the install of sshd says "can't find package sshd
<PyroPhelia> ah
<PyroPhelia> try apt-get install ssh
<_Techie_> .... are you guys morons
<PyroPhelia> yes
<_Techie_> sudo apt-get install openssh-server
<PyroPhelia> yea I just did a search
<PyroPhelia> type what he said
<Trunkles> ssh installed and putty connected. YAY!
<Trunkles> Only moron in here is yours truly. LOL
<PyroPhelia> f that.  I'm brutally murdering a 45 disk lvm.  <--- stupid
<blackmatter> wtf pyro!!!
<Trunkles> Why murder it? Wouldn't slow toture be more appropriate? snigger
<PyroPhelia> I fdisk the wrong drive again :P
<PyroPhelia> lol
<PyroPhelia> I fail
<Trunkles> Now all I have to do is get the myriad of other stuff working.
<Trunkles> Should keep me quiet for a few days.
<PyroPhelia> well at least I got back in the rack
<_Techie_> stuff is easy
<Trunkles> Things like configuring apache
<PyroPhelia> holy cow that thing is heavy
<Trunkles> Wot's heavy?
<PyroPhelia> i've got a 45disk 4u nfs server
<PyroPhelia> it weighs ~135lbs
 * blackmatter cry for pyro
<PyroPhelia> I can bench more than that, but that's a deadlift so it's all lower back
<PyroPhelia> it sucks so much
<Trunkles> Nah, that's a lightweight. Years ago I had a SUn 3/260 with a pair of 500MB Fujitsu Eagle drives in a seperate case. Each drive weeighed ~50 lbs and a 3/260 case is no lightweight either!
<blackmatter> lol trunkles
<PyroPhelia> o.o the hell
<Trunkles> Come to think of it, it was heavy on the electric bill. Just the cooling fans took 1.2kW
<blackmatter> ill shutup with my mainframe as950xr XD
<Trunkles> Nah... ignore my rantings. I've been playing with computers for 30 years, so I'm familiar with some of the old ones.
<PyroPhelia> each 4u draws about 15amps on startup but as long as you don't have to restart them they draw next to nothing
<Trunkles> as950 is an IBM box isn't it?
<Trunkles> Jeez Wayne! That';s a LOT of electricity.
<Trunkles> Must be hard on the coffee machine. And coffee is far more important than a running system.
<PyroPhelia> lol
<PyroPhelia> coffee machine is on a seperate breaker :P
<blackmatter> lol
<Trunkles> Ah! Wise move. ;)
<_Techie_> does it have its own UPS?
<blackmatter> duh
<PyroPhelia> each box shares a 1500w batery
<PyroPhelia> every 2 rather
<PyroPhelia> I need to get a new battery for them
<PyroPhelia> it's a GE rack battery and it sucks
<Trunkles> Which will cost a fair few bucks
<blackmatter> ppl
<PyroPhelia> well, if you compare the cost of the battery vs the server it's not that bad
<Trunkles> Anyone know what they're doing with configuring apache?
<blackmatter> we need to make a man for setting up a man for apache2+php5+mysql in 2 mins
<Trunkles> LOL I take your point. Browned out servers are a hassle
<Trunkles> Now THAT would be handy blackmatter
<Trunkles> Silly thing is that I bet there are plenty of people with available site files that would do exactly what I need with the domain names modded.
<Trunkles> I have one server that will host several, very standard,  sites.
<blackmatter> brb
<Trunkles> The docs don't even make it clear if you put everything in one availablesites file or seperate ones for each domain or what
<Trunkles> brb me too. The john calls...
<joschi> trunkles-brb: in debian-style configuration you'll put the virtual host configurations into /etc/apache2/sites-available (each virtual host in one file) and enable them with `a2ensite` or disable them with `a2dissite`
<joschi> blackmatter: there's already `sudo tasksel install lamp-server`. it takes usually less than 2 minutes (download of the packages not included)
<_Techie_> trunkles-brb, personally i would create one file per domain in /etc/apache2/sites-enabled/
<PyroPhelia> black
<PyroPhelia> Sep 13 02:46:29 fusco1 kernel: [  719.696144] Ending clean XFS mount for filesystem: dm-0
<PyroPhelia> that's what daddy was looking for :)
<PyroPhelia> now i just gotta let them run for a little while and make sure there's no problem with the rebuid
<PyroPhelia> arg
<PyroPhelia> speaking of daddy.  the gf just called wondering where I was
<PyroPhelia> :/
<PyroPhelia> I know this is the internet so i'm asking for trouble here...
<PyroPhelia> is it a GOOD thing to have a gf with a daddy syndrome?
<PyroPhelia> black, thanks for the help man.  I gotta run.  I got a naked vietnamese girl waiting for me at home.
<blackmatter> lol
<trunkles-brb> I gotta go too. It's nearly 19:00 here in New Zealand so FOOD calls.  :)
<trunkles-brb> TTFN
<trunkles-brb> quit
<reggi> hey blackmatter do you have a moment?
<blackmatter> sec
<Zyklon> no he's good and busy helping me
<Zyklon> :)
<reggi> lol
<reggi> cool
<Zyklon> :P
<blackmatter> wots in yr mind reggi?
<reggi> oh yeah blackmatter remember you mentioned wireshark?
<reggi> do you know which link I click on to bring up that DNS recorder?
<reggi> i mean, which menu option?
<blackmatter> srry all i g2g i hope ull find a solution
<uvirtbot> New bug: #636897 in bacula (main) "package bacula 5.0.1-1ubuntu1 failed to install/upgrade: problemi con le dipendenze - lasciato non configurato" [Undecided,New] https://launchpad.net/bugs/636897
<Kudos> i'm looking to set up a 1GB ramdisk for /tmp
<Kudos> but the ram devices appear to only be 256MB each?
<Kudos> halp
<au> heh
<joschi> Kudos: why not simply use tmpfs?
<Kudos> to reduce the io on the disk
<Kudos> tmpfs will swap
<Kudos> a ramdisk won't
<soren> Kudos: It'll only swap if you're short on memory. If you're short on memory, you'll be screwed with a ramdisk.
<Kudos> true
<Kudos> i'm thinking of it from the other angle though
<Kudos> limiting the amount in /tmp
<Kudos> so that it doesn't balloon in ram
<soren> You can adjust the size of tmpfs's.
<Kudos> orly?
<Kudos> i'll look into that, thanks
<soren> Kudos: Sure, just pass size=whatver to mount.
<Kudos> in fstab?
<Kudos> same thing?
<soren> Kudos: You can either give it a number of bytes or a percentage.
<soren> Kudos: What is in fstab just gets passed to mount. There's no magic in fstab.
<Kudos> the comma separated options section are just actual mount options? that's so obvious, and yet...
<Kudos> :P
<soren> Oh, actually, I suppose there is one half-magical part of it.
<soren> "defaults" is what you put if you don't want to pass any mount options.
<soren> You couldn't just leave it empty, since there are fields after it.
<Kudos> ah yes
<Kudos> passing size to it is having no effect when i mount -a
<Kudos> tmpfs           /tmp            tmpfs   size=1073741824,nodev,nosuid,noexec,mode=1777 0 0
<Patrickdk> was it already mounted?
<Kudos> yes
<Patrickdk> then it won't be mounted again
<Patrickdk> mount -o remount, size=1073741824,nodev,nosuid,noexec,mode=1777 /tmp
<soren> No space, but yes.
<Patrickdk> ya, stupid copy/paste
<Kudos> excellent, thanks guys
<Kudos> default had it at 4G
<Patrickdk> default is 50% of ram you have installed
<Kudos> lol
<rapage> hello
<rapage> is ufw a gui
<\sh> rapage: nope...it's just a cli frontend for iptables
<\sh> rapage: if you need a GUI for iptables, fwbuilder is your friend
<rapage> but
<rapage> ufw it says is a firewall
<bazhang> rapage, gufw if you need a frontend
<rapage> I have a routert that has linux build can I use iptables der too
<rapage> I want to block ips from the router
<bazhang> rapage, that has nothing to do with ubuntu
<rapage> go awey
<rapage> u just came here to fuck with me
<rapage> just after I came in
<bazhang> rapage, try ##networking
<bazhang> !ohmy | rapage
<ubottu> rapage: Please remember that all Ubuntu IRC channels share the same attitude of providing friendly and polite interaction with all users of all ages and cultures. Basically, this means no foul language and no abuse towards others.
<rapage> dont care if is not related
<rapage> where else can I find support for my router
<bazhang> rapage, I just told you
<rapage> hello
<rapage> I wanht to edit the ip tables off my linux capable router
<\sh> rapage: read the manual of your router...normally there is also a web UI for that...
<rapage> no web ui for iptables
<uvirtbot> New bug: #636995 in ntp (main) "package ntp 1:4.2.4p8 dfsg-1ubuntu2 failed to install/upgrade: ÐÐ°ÐºÐµÑ Ð°Ð±ÑÐ¾Ð»ÑÑÐ½Ð¾ Ð½ÐµÑÐ°Ð±Ð¾ÑÐ¾ÑÐ¿Ð¾ÑÐ¾Ð±ÐµÐ½ -- Ð¿ÐµÑÐµÐ´ ÑÐ´Ð°Ð»ÐµÐ½Ð¸ÐµÐ¼ ÐµÐ³Ð¾  ÑÐ»ÐµÐ´ÑÐµÑ Ð¿ÐµÑÐµÑÑÑÐ°Ð½Ð¾Ð²Ð¸ÑÑ." [Undecided,New] https://launchpad.net/bugs/636995
<rapage> lol people use windows as if there was not conspiracy to spy their activities
<Kudos> rapage: does your router run ubuntu server?
<rapage> no dont know waht it runs but is linux
<jussi> rapage: please use the appropriate place for your questions (perhaps ##networking) - this channel is just for Ubuntu server items.
<raubvogel> rapage: if it runs openwrt, there is a channel for that. The same goes for dd-wrt.
<tydeas> Hello ppl. What's wrong with the libphp5.so
<tydeas> module.... i try locate it and can not find it anywhere and the php5.load says that it must be in /usr/lib/apache2/modules/libphp5.so where there is not
<tydeas> the result is that the apache prompt my to download the php files instead of rendering them.
<tydeas> please help
<Daviey> tydeas, try restarting apache, and clear your browser cache
<tydeas> it's not cache issue
<Daviey> tydeas, Ah, sorry - missed your first line
<Daviey> tydeas, Do you have php installed? :)
<tydeas> yes
<tydeas> root@sindos2:~/ispcp-omega-1.0.6/engine/setup# php -version
<tydeas> PHP 5.3.2-1ubuntu4.2 with Suhosin-Patch (cli) (built: May 13 2010 20:03:45)
<tydeas> Copyright (c) 1997-2009 The PHP Group
<tydeas> Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
<tydeas> root@sindos2:~/ispcp-omega-1.0.6/engine/setup#
<tydeas> I am trying to install a isp control panel
<tydeas> and it f*&^ed up my system
<zul> morning
 * cwillu_at_work grumbles
<derknecht> i use encrypted user folders (adduser --encrypt-home) and user vsftpd as ftp service. i try to unlock the encryption when a ftp user logging in (when i use ssh it decrypts the user folder, i like to do the same with vsftp). How can i achive this? I found nothing when google for vsftp decrypt ecrypt
<derknecht> Can someone give me an hint?
<aitd> Greetings. I need to config an Ubuntu 8.04 LAMP install to display user accounts from the /var/www/index.html page. The accounts are used in a classroom setting.
<aitd> They are not individual web sites. But may contain site pages for a classroom lab
<aitd> I have Googled for the info and made changes to certain files but am unable to get the index.html links to display user home directory dirs and files.
<aitd> I may not be asking the right questions on my Google searches. Any help would be appreciated.
<derknecht> aitd: You need to allow access to other directories than /var/www. Add a <directory /home> ... </directory> section and allow the access
<derknecht> apache is preconfigured to only allow /var/www
<derknecht> aitd: Read this: http://www.brennan.id.au/13-Apache_Web_Server.html#users
<derknecht> (or a similar howto)
<aitd> derknecht: I have been working from that link. the /etc/apache2/httpd.conf file referred to in the page did not exist on my server.
<aitd> I created it and added the Directory sections as indicated to no avail.
<cemc> where do I set retry forever for pppoe in 10.04 ?
<aitd> derknecht: Also tried to simply add the file at /etc/httpd/conf/httpd.conf as directly shown in the site instructions although there was indication that the required file may not be in the same location server to server.
<zul> hggdh: ping
<aitd> derknecht: I had thought the standard LAMP install would have been sufficient and have set up other basic web servers. This is the first time I have needed the user dir access from the index page.
<aitd> derknecht: Basically the links do not open a user account index.html page, rather a list of user dirs and files would display.
<MACscr> anyone using ubuntu 10.4 as an pxe server? I cant seem to get it to work with tftpd-hpa. Keep getting access violations and absolute path errors
<aitd> User home dir access from index.html page resoved. Some sym links were missing. http://kimbriggs.com/computers/computer-notes/linux-notes/apache2-public_html-virtual-directories.file
<aitd> *resolved
<patdk-wk> macscr, I have no issues
<patdk-wk> but I set it up back in 8.04, and just kept upgrading
<MACscr> thats odd that your not having issues as there are a bunch of bugs listed concerning upgrading servers and it no longer working. There was some fixes, but they didnt work for me
<patdk-wk> the only thing, I can remember doing is, moving/symlinking the old path to the new one
<patdk-wk> hmm, looks like I did this modification to /etc/defaults/tftpd-hpa
<patdk-wk> #TFTP_DIRECTORY="/srv/tftp"
<patdk-wk> TFTP_DIRECTORY="/var/lib/tftpboot"
<hallyn> zul: hey, i'd like to talk about daily-vcs when you get a chance
<zul> hallyn: sure
<MACscr> patdk-wk: is that just hte path to the files used for boot?
<patdk-wk> yep
<MACscr> etc
<patdk-wk> that was the only change I had to do, to keep my pxe working
<hallyn> zul: thx, so ping me when you have a min :)
<zul> hallyn: sure
<hggdh> ttx: there?
<caution> can I reduce the amount of memory dpkg/apt-get uses?
<caution> I get "malloc failed (8192 bytes): Cannot allocate memory" even though I have 100MB free
<ttx> hggdh: yes
<Alborz> hi could some plz help setting up a vpn pptp service on my lucis server?
<Alborz> lucid*
<Alborz> any one ??
<Alborz> bump
<raubvogel> Unrelated question: which nameserver would you people recommend that will not do dataminin g(google and opendns might be out) nor redirection to their page (cox)?
<zul> hallyn: ping
<zul> hallyn: ping i have a minute
<hallyn> zul: ok, well basically this woudl be a great help in bughunting for libvirt/kvm, so just wondering if you have a preliminary howto wiki up?
<zul> hallyn: yep try the ServerTeam/KnowledgeBase page on wiki.ubuntu.com
<hallyn> zul: ok, thx, i see it.  i'll just look there and ping you again if i need help, or with feedback on the howto
<zul> hallyn: cool!
<mdlueck> I am noticing that apt-get wants to install a brand new package when doing a "-s dist-upgrade" The package is dash. Why would it want to add an additional package? Aptitude does not think any modifications need to be performed. Issuing "upgrade" does not wish to add the dash package.
<kaushal> hi
<ScottK> mdlueck: What's the package it wants to add?
<mdlueck> ScottK: dash
<ScottK> mdlueck: try "aptitude why dash" it's very unusual it's not installed on an Ubuntu system.
<mdlueck> ScottK: I ran that... $ aptitude why dash
<mdlueck> i   apt      Suggests aptitude | synaptic | gnome-apt | wajig
<mdlueck> p   wajig    Suggests apt-move
<mdlueck> p   apt-move Depends  dash
<ScottK> mdlueck: Do you have ubuntu-minimal installed?
<mdlueck> ScottK: I issued: $ dpkg -l|grep minimal... nope
<ScottK> OK.  That's a problem.  Install that.  It will probably pull in other stuff (like dash) and it's all needed.
<mdlueck> ScottK: But why would aptitude be happy and apt-get not happy?
<ScottK> They have different dependency resolvers.
<mdlueck> ScottK: This is a hosted VPS box, and I had to fix a few things in the preload.
<mdlueck> ScottK: aaahh, thanks!
<ScottK> OK.  You want dash installed.
<mdlueck> ScottK: For example, aptitude was removed and dselect was the package manager! aaakkk!!
<mdlueck> ScottK: I used debsums to fix as much as I could.
<ScottK> I'd try to install ubuntu-minimal and see if that works.
<mdlueck> ScottK: So what is the dash package needed for?
<ScottK> It's the default provider of /bin/sh
<ScottK> Also needed by bash.
<mdlueck> ScottK: aaahh, yes I do see ubuntu-minimal on other Ubunutu servers I have... might be on to something...
<ScottK> ubuntu-minimal is a set of packages your system is unlikely to work without.
<mdlueck> ScottK: aaakkk, wants to install many packages.
<ScottK> I'd be very suprised if you didn't want them all.
<mdlueck> ScottK: Partial copy/paste from "apt-get with -s" coming next...
<mdlueck> $ sudo apt-get -s install ubuntu-minimal
<mdlueck> The following NEW packages will be installed:
<mdlueck>   busybox-initramfs console-setup console-terminus dash dhcp3-client dhcp3-common dmidecode eject ethtool initramfs-tools laptop-detect libfribidi0 libiw29 mawk mii-diag netcat netcat-traditional
<mdlueck>   ntpdate pciutils pcmciautils startup-tasks system-services tasksel tasksel-data ubuntu-keyring ubuntu-minimal udev upstart upstart-compat-sysv upstart-logd usbutils util-linux-locales vim-tiny
<mdlueck>   wireless-tools wpasupplicant xkb-data
<mdlueck> 0 upgraded, 36 newly installed, 1 to remove and 0 not upgraded.
<mdlueck> Do I really need to add all of that stuff to this production web server?
<ScottK> Yes
<mdlueck> Gulp...
<ScottK> Without that stuff it won't boot.
<mdlueck> Boots fine! Had this VPS for almost a year now.
<mdlueck> Perhaps it is more Parallels Virtuozzo modifications...
<ScottK> OK.  Maybe some of that is provided by the host OS.
<ScottK> No idea.
<mdlueck> I think I will test adding dash and see if that satisfies "apt-get dist-update"
<mdlueck> ScottK: Yea, adding just dash appeases "apt-get dist-upgrade"... fffeeewww!!!
<mdlueck> ScottK: Thank you! :-)
<FunnyLookinHat> Is there a doc available anywhere to explain why "aptitude upgrade" is deprecated in favor of safe-upgrade ?
<cemc> I changed /etc/security/limits.conf, I added * soft nofile 8192 , then reboot, but 'ulimit -n' still gives me 1024
<kees> cemc: limits.conf is only useful for logins (not services)
<cemc> hmmm
<cemc> kees: so how do I change for services?
<patdk-wk> when I was testing it, hard/soft wouldn't work for setting that
<patdk-wk> you had to use -
<kees> cemc: in upstart, you can define use the "limit" keyword. see "man 5 init"
<cemc> kees: I understand this goes in /etc/init/*.conf ?
<patdk-wk> yep
<hggdh> Daviey: I am starting from scratch, cannot make sense from the errors
<hggdh> Daviey: so I will install a basic server, and then install Euca
<RoyK> what is euca?
<hggdh> RoyK: just a shothand for eucalyptus
<hggdh> s/shot/short/
<uvirtbot> New bug: #637437 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/637437
<zul> damn mysql
<RoyK> zul: anything particular, or just the same old? :)
<zul> same old
<RoyK> what did it do this time?
<RoyK> imho mysql works rather well if you stick to innodb
<RoyK> myisam sucks hard
<RoyK> zul: ?
<zul> RoyK: just general overall suckiness
<RoyK> myisam or innodb?
<RoyK> you can always use postgresql instead, you know
<RoyK> well, not always, but mostly
<zul> RoyK; nm i was just venting...dont need help
<RoyK> zul: you mean whining? :)
<Daviey> hggdh, Yes... auto reg should be fixed in the next 2 hours or so
<hggdh> Daviey: cool. Meanwhile I am manually installing. Found that manual install does not generate the ~/.ssh/authorized_keys
<RoyK> hggdh: normal install of ssh doesn't generate that
<Daviey> hggdh, Isn't that a known?
<Daviey> hggdh, You need to scp/rsync that
<hggdh> Daviey: oh. I expected it had been corrected
<Daviey> hggdh, I don't think there is an open bug for that
<hggdh> oh
 * hggdh will take care of that ;-)
<Daviey> hggdh, you keep the bug list populated, i keep it empty :)
<hggdh> heh
 * Daviey prepares his "WON'T FIX" :P
<zeratoun_> Hi, I have some questions about routing : How do I say to a ubuntu gateway server to route local traffic to local traffic ? (normaly it don't because it's causing bottleneck trouble))
<RoyK> hggdh: it's not a bug
<RoyK> zeratoun_: you mean with nat and all?
<RoyK> !nat
<RoyK> ubottu is stupid
<hggdh> why is it not a bug?
<RoyK> hggdh: why should that file be automatically created?
<RoyK> many installs don't use key auth
<zeratoun_> RoyK, if it must : yes. what I need is that : PC1 and PC2 comunicate via my Gateway
<RoyK> and if automatically created, what should it contain?
<RoyK> zeratoun_: just google for iptables masquerading
<RoyK> it's doable directly from iptables or from ufw (the latter with some hacks)
<zeratoun_> RoyK, Even if the two PC are on the same subnet ?
<RoyK> I setup a nat router recently on 10.04.1 and ended up using iptables directly instead of ufw
<RoyK> zeratoun_: detail your setup and I may be able to give an advice :)
 * jdstrand argues the term 'hacks' since the ufw-framework is designed for this sort of thing
<hggdh> RoyK: as far as eucalyptus is concerned, it is...
<RoyK> jdstrand: well, I followed numerous howtos but they didn't work very well, but then, an init script using iptables worked
<jdstrand> 'man ufw-framework' should have should provide the info to add whatever you need, with a few simple examples
<jdstrand> the rules files are just iptables-restore files, so whatever was used with an iptables script can basically be put in those rules files...
<timboy> my server was hacked this is what was done to it: http://pastebin.ca/1939923 but I don't see anything maliscious running... do I need to re-install anyway?
 * hggdh gives up
<tf2ftw> hello. my web app cannot write to some folders. i need help settin up the perms.  here is the current settings drwxrwsr-x  7 root www-pub 4096 2010-09-13 13:36 tmp
<tf2ftw> apache cannot write to it
<tf2ftw> *fixed it
<qman__> tf2ftw, that's because apache runs as www-data
<hggdh> Daviey: why would you wontfix eucalyptus not passing the public keys over to CC, SC, and NCs?
<RoyK> timboy: download a fresh copy of chkrootkit and run it
<Daviey> hggdh, i was teasing
<hggdh> Daviey: oh, OK
<Daviey> hggdh, Although.... it may come down to that.  :(
<Daviey> it might be quite a large undertaking for an edge case.
<Daviey> as in, the registration stuff might need re-factoring to work post install
<Daviey> possibly a natty bug now :(
<hggdh> Daviey: now, why am I not surprised? ;-)
<blackxored> hi, trying to setup postfix with gmail, i've followed the tuts, but now this is odd, it says /etc/postfix/sasl_password.db can't be found, although i', looking at it and it's 644 so readable, can someone tell me why this is happening?
<_Techie_> blackxored, postfix is probably chrooted
<blackxored> _Techie_, how can i check
<_Techie_> blackxored, also why the need to pass mail through gmail?
<blackxored> ?
<blackxored> _Techie_, because i have no domain?
<blackxored> and would like to use gmail as relay host ?
<_Techie_> blackxored, have a read around this, you should be able to figure out how to check - http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup
<papertigers> anyone have trouble with .htaccess?
<RoyK> nope
<RoyK> just AllowOverride Auth and it should work well
<papertigers> RoyK: AllOverride All?
<RoyK> in the apache config
<_Techie_> blackxored, also, you dont need a domain to send mail yourself
<RoyK> papertigers: don't use All - that allows for symlinks and whatnot
<papertigers> RoyK: this file? vim /etc/apache2/sites-available/default
<RoyK> papertigers: yes, or whatever vhost that is
<papertigers> RoyK: change All to Auth/
<papertigers> ?
<RoyK> yes
<RoyK> but then, if All doesn't work, something is bad
<papertigers> then i can just place .htaccess in /var/www
<RoyK> All includes Auth
<RoyK> should work
<papertigers> RoyK: I am trying to test forwarding to https and its not working
<RoyK> papertigers: <?php header("Location https://....."); ?>
<papertigers> i wanted to do it with htaccess so i can do an htpasswd
<papertigers> just for some files im hosting
<hggdh> Daviey: now I am really confused -- I am getting the same output on get-console-log as before the libvirt fix (to say, no output)
<MTecknology> I screwed up......
<MTecknology> I changed the ownership of most things in the file system... Is there any way to recover from this?
<MTecknology> Anything in /home/ is probably fine and the chmod part is right.. but the owner:group is really screwed up
<zul> i hope you have a good backup
<guntbert> MTecknology: backup /home, /etc and save your package list - then reinstall  -- or be prepared to do a lot of handywork
<oryxtec> hi all
<oryxtec> any one who has worked on apache and php on ubuntu 10.4?
<oryxtec> ?
<MTecknology> alrighty - I guess I'll go that one
<RoyK> oryxtec: for some time, yes
<RoyK> oryxtec: ask a question about what the problem is, and we might be able to help you
<oryxtec> i have dedicated server on which company from where i got this sever
<oryxtec> they install all LAMP pacgake
<oryxtec>  but now i think some thing has gone wrong
<oryxtec>  and now apache and php is not working at all
<oryxtec> apache and php is running but
<oryxtec> when i try to open any php website it does not work
<RoyK> oryxtec: write this script <?php phpinfo(); ?> in some file and try to execute it
<oryxtec> ok
<wickedSA> mod-php5 not enabled?
<wickedSA> maybe
<RoyK> it should be if it's installed
<oryxtec> wickedSA: r u saying to me?
<wickedSA> oryxtec: one thing at a time. try that phpinfo()
<oryxtec> i made a php file .. and when i try to browse through firefox
<oryxtec> firefox says downlad and open this file..
<oryxtec> save to location. and browse button is there
<RoyK> oryxtec: that means modphp is not enabled
<oryxtec> how can i enable it
<oryxtec> ?
<RoyK> check /etc/apache2/mods-enabled
<RoyK> and /etc/apache2/mods-available
<_Techie_> sudo a2enmod php5
<RoyK> _Techie_: thanks
<wickedSA> yeah you'd think installing libapache2-mod-php5 would enable it, but maybe not
<_Techie_> wickedSA, nah, installing modules just makes them available
<oryxtec> Royk: wht will be the complete command to check if mod is enabled or not
<wickedSA> _Techie_: right, bad assumption :)
<_Techie_> it is up to the sysadmin to enable them, if they auto enabled it would be a security risk
<_Techie_> oh yeah, almost forgot
<RoyK> _Techie_: really? if I, as a sysadmin, choose to install modphp, it should, IMHO be enabled
<_Techie_> after a2enmod php5, you will need to restart apache
<_Techie_> /etc/init.d/apache2 restart
<RoyK> or apache2ctl restart
<wickedSA> makes sense. want to control what is installed and enabled, not have the packaging system dictate that
<_Techie_> RoyK, what if you were on a system with two sysadmins, and the other sysadmin installed a module and it auto enabled and screwed up all your configuration that took hours the previous night
<RoyK> wickedSA: I'd think not installing it in the first place would be sufficient
<oryxtec> guys wht is complete command to check if mod is enabled?
<wickedSA> oryxtec: what _Techie_ gave you will either enable it, or tell you that its alrewady enabled
<RoyK> oryxtec: ls -l /etc/apache2/mods-enabled
<wickedSA> or that
<JasonMSP> is it possible to edit a certificate I have already created?  I need to change the name?
<_Techie_> JasonMSP, i would advise recreating the cert
<oryxtec> Royk: here is the result plz check http://pastebin.com/1gPGkMAQ
<_Techie_> im not even sure if you can modify a cert, and if you could it would be an extremely bad practice
<_Techie_> oryxtec, php5isnt loaded
<oryxtec> how can i fix it?
<RoyK> oryxtec: no php there
<_Techie_> is php5 actually installed?
<wickedSA> heh
<oryxtec> its already installed
<_Techie_> oryxtec,  ls -l /etc/apache2/mods-available
<JasonMSP> thanks
<oryxtec> _techie_ http://pastebin.com/rcr2uEFp
<oryxtec> here are the results
<_Techie_> oryxtec, php5 isnt installed
<oryxtec> :'(
<_Techie_> oryxtec, gimme a sec
<oryxtec> ok
<qman__> if the package is installed, a2enmod
<qman__> otherwise, install the package
<qman__> oh, mods-available
<sfalanga> where can I find which kernel module is needed to run an LSI SAS3041e-r w/lsisas1064e chip?
<qman__> not installed
<_Techie_> sudo apt-get update && sudo apt-get install libapache2-mod-php5 && sudo a2enmod php5 && sudo /etc/init.d/apache2 restart
<oryxtec> let me try
<oryxtec> 1 min plz
<_Techie_> run that and it should all be perfect
<sfalanga> it's a serial attached scsi controller card.  I don't need to use the RAID just one SAS port
<oryxtec> ERROR: Module php5 does not exist!
<oryxtec> error came up
<qman__> did libapache2-mod-php5 install correctly?
<_Techie_> hrmm
<papertigers> anyone know how I can use htaccess to forward me to https then use htpasswd
<oryxtec> qman: i don't know if it is or not :(
<_Techie_> oryxtec, im gonna feed you a few commands, if you could run them, and if they give a URL please paste it in here
<oryxtec> ok
<_Techie_> oryxtec,  sudo apt-get install curl
<_Techie_> oryxtec, sudo apt-get update | curl -F 'sprunge=<-' http://sprunge.us
<oryxtec> http://pastebin.com/9CkzTqzT
<_Techie_> oryxtec, i gotta go, my lan admin class is in a diff room and i may not be back
<oryxtec> http://sprunge.us/YeHC --- for 2nd comand
<qman__> oryxtec, I'd try `sudo apt-get purge libapache2-mod-php5 && sudo apt-get install libapache2-mod-php5`
<oryxtec> qman_ : here is the result
<oryxtec> http://pastebin.com/HGenw2US
<qman__> well, getting somewhere
<hggdh> Daviey: <sigh/> bug 637544
<oryxtec> so now?
<uvirtbot> Launchpad bug 637544 in libvirt "apparmor=DENIED operation=open parent=3343 profile=/usr/lib/libvirt/virt-aa-helper" [Undecided,New] https://launchpad.net/bugs/637544
<qman__> sudo a2enmod php5
<oryxtec> Module php5 already enabled
<qman__> though "Your apache2 configuration is broken, so we're not restarting it for you." is a bit worrying
<oryxtec> this is wht i got
<qman__> ok, then it's enabled
<RoyK> oryxtec: did you restart apache?
<qman__> sudo service apache2 restart
<oryxtec> let me do it
<Daviey> hggdh, AHHHHHHHHHHHHHHH
<oryxtec> fial to restart..
<Daviey> hggdh, Can you easily install from the archive?  PXE + netboot?
<oryxtec> waiting Syntax error on line 161 of /etc/apache2/apache2.conf:
<oryxtec> Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration
<hggdh> Daviey: I just disabled /usr/lib/libvirt/virt-aa-helper and am trying now
<qman__> oryxtec,  pastebin lines ~150-180 of apache2.conf
<hggdh> Daviey: couldn't I just upgrade the current system?
<Daviey> hggdh, a bug fix for the installer is building now
<oryxtec> ok
<qman__> or the whole file, whatever's easier
<RoyK> hggdh: no, just install windows
<Daviey> essentially a no-change rebuild, for the fixed avahi
<Daviey> hggdh, someone did an upload of avahi and removed the uec feature... desktop screwing the server saga :)
<hggdh> RoyK: heh. This would be like replacing a problem by a disaster ;-)
<RoyK> hehe
<oryxtec> qmna_: http://pastebin.com/pYCRqR8P
<hggdh> Daviey: will do it as soon as this test finishes
 * RoyK hands hggdh a winME cd
<hggdh> heh
<Daviey> hggdh, Great... the reason i mention netboot, as the daily ISO won't have it for another8 hours or so
<hggdh> Daviey: yes, I know. No problems. What is Yet Another Full Install in my life ? :-)
<oryxtec> qman: and here is the result from line 150 to 180
<oryxtec> http://pastebin.com/g13ePh1H
<Daviey> hggdh, heh
<qman__> yeah, there's nothing wrong with that
<oryxtec> then why error came up
<Daviey> hggdh, https://edge.launchpad.net/ubuntu/+source/eucalyptus/2.0+bzr1239-0ubuntu3/+build/1958179
<hggdh> Daviey: ack, will monitor
<qman__> that's the confusing part
<Daviey> hggdh, I'd also welcome your thoughts on the new theme in the web interface
<sfalanga> where can I find out specifically which kernel module is needed to run an LSI SAS3041e-r SAS controller card?
<hggdh> Daviey: well, *that* I can check now...
<Daviey> It will need another little polish, the initial login screen isn't quite right IMO
<qman__> oryxtec, sudo a2enmod access
<oryxtec> qman_: ERROR: Module access does not exist!
<qman__> err
<qman__> oryxtec, sudo a2enmod authz_host
<oryxtec> Module authz_host already enabled
<Daviey> hggdh, how is your availability for tomorrow btw?
<hggdh> Daviey: the logo looks cropped at the top: http://imagebin.ca/view/pMayQJ.html
<hggdh> Daviey: I will be here, so 100% :-)
<Daviey> hggdh, heh
<Daviey> yeah.. the initial login screen is less than clean
<oryxtec> qman__: now ?
<Daviey> hggdh, OK.. one thing that i'm going to be testing in the morning is lucid->maverick upgrades.  Providing i don't hit any kitten killers, can you test that aswell?
<qman__> oryxtec, well, what has happened is that for some reason, a number of apache modules are missing from your installation
<Daviey> hggdh,  so, spin up lucid.. run a few instances,... then upgrade?
<hggdh> Daviey: yes, no prob
<qman__> this one being part of the core of apache
<qman__> if you don't have any custom configuration, I'd just purge and reinstall apache from scratch
<hggdh> Daviey: after logging in, it is much cleaner
<qman__> but if you do, you're going to have to hunt them down and fix
<hggdh> I like it
<Daviey> hggdh, give me a ping when you first come online, and i'll let you know how mine went.  If it explodes in my face, then there isn't much benefit in you doing it aswell
<Daviey> but i have a good feeling about it :)
<Daviey> hggdh, great
<Daviey> hggdh, suggestions welcome... patches more so :P
<hggdh> Daviey: no prob. I will ping you as soon as I start the day
<oryxtec> qman__: wht else should we check?
<Daviey> hggdh, great... about what time in UTC do you think that will be?
<_Techie_> oryxtec, i managed to hijack a computer, in hope that the person wont turn up
<qman__> _Techie_, php wasn't the only module missing from his installation
<hggdh> Daviey: UTC will be at around... 13:00, 0800 CDT
<qman__> something happened and now several are gone
<Daviey> hggdh, ok, great - that gives me a good morning to get some testing in :)
<_Techie_> qman__, thats not good
<qman__> oryxtec, do you have any important custom configurations?
<oryxtec> no
<oryxtec> i don't have any thing important config.
<qman__> then I would just purge apache and all related packages and reinstall
<oryxtec> rite
<Daviey> hggdh, ok. i'm walking away for 30 mins or so... then i'm gonna test a fresh install from here with *ubuntu3
<Daviey> should be on the arcvhive by then (amd64)
<oryxtec> plz can you guide me remove all pacakges and re-isntall?
<qman__> oryxtec, http://tuxtweaks.com/2010/01/how-to-uninstall-lamp-in-ubuntu-9-10-karmic-koala/
<qman__> this should apply equally to lucid
<oryxtec> let me try
<qman__> afterward, verify that it's cleaned out by seeing if /etc/apache2 is gone
<qman__> if it is, you're ready to reinstall
<oryxtec> i ve removed al packages..
<oryxtec> apche2 folder is deleted as well
<oryxtec> now?
<qman__> ok
<qman__> oryxtec, sudo tasksel install lamp-server
<oryxtec> installing
<oryxtec> plz hold i will let u know
<oryxtec> http://pastebin.com/DxypzZXS ....... after installtion for these msgs
<qman__> This error occurs if you run a command in a directory which no longer exists.
<qman__> were you in /etc/apache2 when you ran it?
<oryxtec> ooh yes
<oryxtec> my bad
<oryxtec> should i try browsing>?
<qman__> cd; sudo tasksel install lamp
<qman__> should do it
<qman__> err
<qman__> cd; sudo tasksel install lamp-server
<sfalanga> where can I find out specifically which kernel module is needed to run an LSI SAS3041e-r SAS controller card?
<oryxtec> qman__: that command has sucessfully run..
<oryxtec> i give mysql password
<oryxtec> and it install all packages
<qman__> should be working completely now
<oryxtec> nop still same
<oryxtec> http://109.108.140.31/test.php
<oryxtec> check
<_Techie_> oryxtec, you will need to run that command i gave you before
<_Techie_> wait
<oryxtec> _Techie_ which one ?
<_Techie_> update, install, loadmod, restart apache
<_Techie_> that one
<qman__> sudo apt-get update && sudo apt-get install libapache2-mod-php5 && sudo a2enmod php5 && sudo /etc/init.d/apache2 restart
<_Techie_> qman__, thanks, i lost all my scrollback when moving rooms
<oryxtec> let me try
<qman__> a bit surprised it's not working, did a full purge and reinstalled with tasksel
<qman__> but even so, that string should do it
<qman__> the files should all be there for sure now
<oryxtec> http://109.108.140.31/test.php
<oryxtec> this is workig fine now..
<oryxtec> but my main pages
<oryxtec> http://109.108.140.31/vicidial/admin.php
<oryxtec> http://109.108.140.31/a2billing/admin/Public/index.php
<qman__> try
<oryxtec> not even opeing up
<qman__> sudo service apache2 stop; sleep 5; sudo service apache2 start
<oryxtec> tried but still same
<qman__> I've noticed with upstart that some services and some conditions cause "restart" to move too quick
<qman__> ah
<JasonMSP> when sending mail using the mailx command from a shell prompt where is the user/email name of the sender determined from?
<qman__> oryxtec, md5sum /etc/apache2/mods-available/php5.*
<oryxtec> 595831b79587f9307fe8e79941c3d869  /etc/apache2/mods-available/php5.conf
<oryxtec> b9feb531674e956201af17f3d83ca123  /etc/apache2/mods-available/php5.load
<qman__> ok, files are good
<oryxtec> qman__ if possible can you check it out through ssh on my server?
<qman__> sure
<oryxtec> let PM my details
<qman__> ok
<_Techie_> qman__, remember, your gonna be on someone elses server, play nicely
<qman__> of course
<oryxtec> :)
<oryxtec> qman: u got all details?
<qman__> yes
<oryxtec> let me know once u r in
<qman__> may have found the culprit
<qman__> yep
<_Techie_> qman__, what seems to be the problem?
<qman__> /usr/lib/apache2/modules/libphp5.so
<qman__> the md5sum doesn't match
<qman__> and it's the same version as mine
<Zyklon> I have a problem with running my www properly
<Zyklon> Notice: Undefined variable: HTTP_SERVER_VARS in /opt/lampp/htdocs/include/bittorrent.php on line 43
<Zyklon> any ideas what's causing it?
<_Techie_> Zyklon, obviously line 43 of bittorrent.php calls a funtion tha doesnt exist
<Zyklon> ok line 44 also
<Zyklon> _Techie_: is there an easy fix for it?
<_Techie_> Zyklon, make sure you have defined all variables in the config files
<Zyklon> ok
<qman__> oryxtec, all fixed
<oryxtec> really
<oryxtec> let me check
<qman__> PMing you my history
<Zyklon> Notice: Undefined variable: HTTP_SERVER_VARS in /opt/lampp/htdocs/include/bittorrent.php on line 44
<Zyklon> 1045
<Zyklon> as you see line 44 is pretty much same error
<Zyklon> I have checked most of the config files in lampp but need help it seems
<qman__> turns out it was a bad download of libapache2-mod-php5
<qman__> purged the package, removed the archive from cache, and reinstalled it
<Zyklon> _Techie_: you experienced with such type of config?
<Zyklon> blackmatter :)
<Zyklon> I'm still strugling
<Zyklon> http://213.251.168.126/
<Four2zero> Hello to all I have just installed ubuntu-server and i plugged in my external hard drive via usb and now i would like to share it over the network, how can i do this in ubuntu-server ?
<Four2zero> would nfs be what im looking for ?
<_Techie_> Four2zero, NFS, or maybe samba
<_Techie_> depends onthe clients
<Four2zero> _Techie_ well, im doing this via command line, so no gui. And basically i just need to share the Movie Library and Music Library as well as Some other Directorys that are created on the external hard drive.
<qman__> Four2zero, if you haven't already, you need to make a mount point for the drive, and then you can share it with NFS or samba, or some other service
<qman__> if you have windows clients I suggest using samba
<Four2zero> I did before with gnome-gui but i was read it was not necessary to install a gui since it'll be more to update packages and security leaks as well.
<qman__> if you have a wireless network, or an otherwise not tightly secured network, I suggest against using NFS
<Four2zero> Samba will do just fine.
<qman__> simple enough
<qman__> so, where are you hung up?
<Four2zero> basically mounting it
<qman__> ok, first you'll want to pick a mount point
<Four2zero> gonna check fstab.
<qman__> I suggest something like /srv
<qman__> or something in a home directory, like /home/public/share
<_Techie_> qman__, altough for ease of use, he may wish to create a samba share of /media/ and use the automount
<Four2zero> i'd prefer to use /home/public/share
<SpamapS> root      4457  0.0  0.0   2272   760 ?        S    09:57   0:00 /bin/dd bs 1 if /proc/kmsg of /var/run/klogd/kmsg
<SpamapS> is that something that hardy did for kernel logging?
<Four2zero> Techie that would nice, i
<qman__> well, the trouble with automount is sometimes it's not consistent
<Four2zero> so /media/hd
<qman__> plus, I don't think it's installed by default on server
<qman__> I assumed that was part of gnome
<_Techie_> qman__, im not meaning to share /media/mount/   im talkign about sharing /media/
<Four2zero> gnome worked well when i installed it got it working just fine.
<Four2zero> but this time no gui for me
<Four2zero> since its just a home server
<qman__> yeah, providing that feature might require installing desktop
<qman__> I wouldn't do it that way
<qman__> in any case, create the directory where you want it mounted with mkdir
<Four2zero> so samba and sharing /media/ directory
<qman__> then add it to /etc/fstab
<qman__> with the filesystem and options you want
<qman__> I suggest auto,user
<blackmatter> morning all
<Four2zero> mkdir /media/freeagent desk
<Four2zero> okay directory created in /media/freeagent
<Four2zero> now need to configure fstab
<Four2zero> cd ..
<Four2zero> um how do know what dev/ to look for
<Four2zero> ls /dev*
<Four2zero> can i use " sudo apt-get install usbmount
<Four2zero> now im loooking for the device id, http://pastebin.com/MZggU8V1
<Four2zero> what im looking for is it: " sdb:sdb1
<Four2zero> im looking for sdb1 and i found it
<Four2zero> _Techie_ what should the fstab be setup as, i currently have this: /dev/sdb1 /mnt/extdisk auto auto,user
<_Neytiri_> how do i bridge interfaces and set up a ipfw firewall on 10.4.1
<_Techie_> Four2zero, i dont work with fstab, i either mount things myself or let the automounter handle it
<Four2zero> how come when i plugged int he extdisk it was not detected
<Four2zero> with automoutner
<Four2zero> automounter*
<_Techie_> not sure
<uvirtbot> New bug: #637622 in nmap (main) "ping scan returns no hostnames or ips" [Undecided,Invalid] https://launchpad.net/bugs/637622
<Daviey> cjwatson / hggdh: you'll no doubt be pleased to hear the UEC/avahi install time is now working... thanks for your help chaps :)
<Daviey> ttx, ^^ FYI
<_Neytiri_> how do i bridge interfaces and set up a ipfw firewall on 10.4.1
<hggdh> Daviey: \o/
<hggdh> Daviey: also going thru a net install now
<cjwatson> Daviey: oh good
<Daviey> hggdh, same here :)
<_Neytiri_> how do i bridge interfaces and set up a ipfw firewall on 10.4.1
<_Techie_> any news on the 10.10 beta?
<jpds> _Techie_: Erm, it's been out for ages?
<_Neytiri_> how do i setup a firewall bridge on ubuntu 10.4
<_Techie_> jpds, what i mean, is what can we expect... are they working on the issues that made 10.04 such a catastrophic failure for older hardware?
#ubuntu-server 2010-09-14
<Shapeshiftr> Hey.
<_Techie_> !hi
<ubottu> Hi! Welcome to #ubuntu-server! Feel free to ask questions and help people out. The channel guidelines are at https://wiki.ubuntu.com/IRC/Guidelines . Enjoy your stay!
<_Techie_> now that thats out of the way, how can we help ya Shapeshiftr
<Shapeshiftr> Hey, actually, I think I may have found out my problem.
<Shapeshiftr> One second, while I try this out.
<Four2zero> _Techie_ okay i have mounted the extdisk, now do i need to add samba to get windows to recognize the directory ?
<Daviey> hggdh, ok... i'm NOT seeing the libvirt issue you saw
<Daviey> but i am seeing a meta data issue :(
<Four2zero> And doing sudo apt-get install samba will install SAMBA on the ubuntu-server correct ?
<_Techie_> Four2zero, sudo apt-get install smbd
<Four2zero> okay, thanks
<Four2zero> Reading package lists... Done
<Four2zero> Building dependency tree
<Four2zero> Reading state information... Done
<Four2zero> E: Couldn't find package smbd
<Four2zero> was that a typo you made ?
<qman__> the package is samba, not smbd
<Four2zero> i figured.
<Four2zero> thanks qman__
<qman__> it's easy to configure a simple share, too
<_Techie_> hrmm
<qman__> there are some examples at the bottom of the config file
<_Neytiri_> how do i instyall a gui from command line?
<_Neytiri_> onto a server instalation
<_Techie_> _Neytiri_, which GUI would you like?
<Four2zero> sudo apt-get install ubuntu-desktop
<Shapeshiftr> Hey, I'm failing at using grep.
<_Techie_> Shapeshiftr, what do ya wanna grep?
<Shapeshiftr> I, erm, don't know where my Listen directive is?
<Shapeshiftr> That's what the guy over at #httpd said...
<_Techie_> errmm
<_Techie_> i dont quite follow
<Shapeshiftr> One second, haha.
<hggdh> smoser: there?
 * Daviey launches a sigh
<northstar> aufs au_xino_do_write:372:mount[21265]: I/O Error, write failed (-27)
<northstar> in my syslog. pertains to the samba client trying to mount a share
<northstar> could use a clue on directions
<randomOfAmber> how can I get a .deb and all it's dependencies into a folder? I don't know what it's dependencies are
<northstar> a direction anyway
<Shapeshiftr> Okay, okay, back.
<Shapeshiftr> So, basically, I'm trying to set up a website/apache webserver, but I can't connect to it outside of my local intranet
<Shapeshiftr> I CAN connect to the domain inside my local intranet.
<Shapeshiftr> What do?
<SpamapS> Shapeshiftr: you need to modify the Accept/Deny permissions...
<Shapeshiftr> Hm?
<Shapeshiftr> Where?
<Shapeshiftr> I'm a total newbie to this, so please do bear with my total ignorance >_<
<SpamapS> Shapeshiftr: basically you need to create a file in /etc/apache2/sites-available that defines what you do want to allow access to
<Shapeshiftr> Listen directive?
<SpamapS> Shapeshiftr: no not Listen
<_Techie_> Shapeshiftr, now i think i understand what you mean by listen directive
<Shapeshiftr> SpamapS, what would this file be named, and what would I put in it?
<SpamapS> Shapeshiftr: if you just want to run one single site on the server, you can modify /etc/apache2/sites-available/default
<SpamapS> Shapeshiftr: if you'd like to have multiple sites (virtual hosting) then you can create a file per site in that directory... then enable them with a2ensite
<Shapeshiftr> Modify it with what info?
<Shapeshiftr> Ah, ninja'd
<Shapeshiftr> Oh.
<Shapeshiftr> Wait, no.
<Shapeshiftr> Just one site.
<Shapeshiftr> So, what do I put in it?
<SpamapS> Shapeshiftr: Well if you look at it now, you'll see Order allow, deny, allow from all. That should allow anybody to access the "it worked" page in /var/www
<Shapeshiftr> I already have an index.htm set up, but yeah.
<Shapeshiftr> Ah!
<Shapeshiftr> This is this.
<Shapeshiftr> I was looking for this...
<Shapeshiftr> Oh, wait, I've been in here before.
<Shapeshiftr> Is this right:
<Shapeshiftr> http://pastebin.com/LRq67FYZ
<SpamapS> Shapeshiftr: yeah, but that has to appear in a Directory section
 * SpamapS must be going
<Shapeshiftr> D;
<SpamapS> Shapeshiftr: good luck
<Shapeshiftr> Thanks?
<Shapeshiftr> THanks.
<Shapeshiftr> **Thanks.
<Shapeshiftr> That's in the directory /var/www Directory tab section.
<Shapeshiftr> So, _Techie_ , my sites-available default file seems to be set up properly.
<Shapeshiftr> What's the next thing that could go wrong?
<_Techie_> Shapeshiftr, can you pastebin your /etc/apache/sites-enabled/default
<Shapeshiftr> http://pastebin.com/By6dnbGY
<Shapeshiftr> There.
<_Techie_> hrmm, i cant seem to see anything wrong, just to recap... what was the problem?
<Shapeshiftr> Website.
<Shapeshiftr> I can connect in my local intranet
<Shapeshiftr> Other people outside of my local intranet cannot.
<_Techie_> hrmm
<Shapeshiftr> Ports are forwarded.
<Shapeshiftr> UFW exception allowed.
<Shapeshiftr> What wrong?
<_Techie_> no clue
<Shapeshiftr> Httpd said something about the Listen directive
<_Techie_> im just presuming that when you say that ports are forwarded and you have a UFW exception, taht it was done correctly
<Shapeshiftr> Yes.
<Shapeshiftr> People can connect to a different port on the same server.
<Shapeshiftr> So yes.
<Shapeshiftr> So, Listen directive: what is/where can I find/what do I do with it?
<_Techie_> well if im not mistaken, its the ip that its listenign on
<_Techie_> but your usign a wildcard directive, so you should be fine
<Shapeshiftr> Okay, that's a start.
<Shapeshiftr> Hm, you mean the *.mydomainnamehere.com?
<wickedSA> Shapeshiftr: what in /etc/apache2/ports.conf
<wickedSA> *whats
<Shapeshiftr> Oh!
<Shapeshiftr> Okay, new lead.
<_Techie_> Shapeshiftr, i can provide you with soem of my configs as references
<_Techie_> but keep in mind i have alot of vhosts
<Shapeshiftr> http://pastebin.com/7U1C8D5b
<Shapeshiftr> Yeah, it's cool.
<Shapeshiftr> wickedSA, that link was @ you.
<wickedSA> Shapeshiftr: pretty much default, what I expected
<Shapeshiftr> Bad or good?
<wickedSA> Good
<_Techie_> Shapeshiftr, heres my vhost for some of my non SSL sites  http://sprunge.us/GTaP
<Shapeshiftr> I notice this line:
<Shapeshiftr> <VirtualHost 219.88.71.17:80>
<Shapeshiftr> My line looks like <VirtualHost *:80>
<Shapeshiftr> Does that matter?
<wickedSA> Shapeshiftr: I'm starting to think the port forwarding / firewall is not setup right. if you can get to your web server locally, and outside clients cannot
<_Techie_> Shapeshiftr, should, i have mine like that as its for a subdomain so its gotta be on my external IP
<_Techie_> Shapeshiftr, shouldnt*
<Shapeshiftr> Ahm.
<Shapeshiftr> wickedSA, unless I have to do something other than how I normally forward ports in my router and something other than allow port 80 in UFW, I really don't think so.
<_Techie_> wait a sec
<_Techie_> does your ISP allow webhosting?
<_Techie_> some ISP's block port 80
<_Techie_> try it on a different port
<Shapeshiftr> Oh, hm.
<Shapeshiftr> Okay.
<Shapeshiftr> How would I go about changing that?
<wickedSA> Shapeshiftr: can you get a shell outside, and telnet your_host 80 (or whatever port)
<Shapeshiftr> How would I do that, wickedSA
<Shapeshiftr> (get a shell outside)
<wickedSA> Shapeshiftr: well, start by getting a shell on some machine someplace else. or trust one of us with your external IP for a minute.
<Shapeshiftr> Oh, well, does it have to be Telnet?
<Shapeshiftr> Would trying to connect to my external IP do the same thing?
<wickedSA> Shapeshiftr: what I'm proposing is to try to talk to your web server directly, over telnet
<Shapeshiftr> Okay, I'm unfamiliar with telnet, but I'll get someone who does.
<_Techie_> Shapeshiftr, theres an easier way of doing this, your ISP's website should say if they block ports
<Shapeshiftr> Okay.
<wickedSA> Shapeshiftr: yeah maybe thats too complicated.
<Shapeshiftr> >_<
<_Techie_> usign telnet to check a port is like using a diffraction pattern generated from the outer rim of a coin to find out which coin it is, when you could just look at it
<Shapeshiftr> Because Port 80 is often used by malicious software, including viruses and worms, Optimum Online, like many ISPs, blocks this port for all standard Optimum Online customers.
<Shapeshiftr> Fuuu--
<Shapeshiftr> *sigh*
<_Techie_> hold up
<_Techie_> lemme ook into it
<_Techie_> look*
<Shapeshiftr> Curses.
<_Techie_> Shapeshiftr, dotn give up yet
<Shapeshiftr> You have to buy a $30/m. business plan to use 80, it seems.
<wickedSA> _Techie_: using telnet to check a port and query a web server? I do it all the time.
<Shapeshiftr> Same with SMTP!
<Shapeshiftr> No wonder it wasn't wonder.
<_Techie_> Shapeshiftr, port 25 is international standard
<Shapeshiftr> Ah, okay, lol.
<_Techie_> Shapeshiftr, do you know anyone that has their own web server?
<Shapeshiftr> Well, 80 is what matters.
<Shapeshiftr> Yeah, I can get really cheap hosting from a friend.
<Shapeshiftr> But, why?
<_Techie_> you could up the port by 10 or so, and get him to host a proxy directive
<Shapeshiftr> Hm?
<Shapeshiftr> **or?
<_Techie_> i do it all the time to secure non secure services on my server
<Shapeshiftr> Do explain.
<_Techie_> Shapeshiftr, the first virtualhost in http://sprunge.us/GTaP
<Shapeshiftr> Copypasta?
<_Techie_> it listens for queries to shoutcast.technz.info and proxies them transparantly to http://192.168.10.1:8000/
<_Techie_> its also a safe way to host webservers on other servers in your network without allowing non http traffic to them
<Shapeshiftr> Erm, that's an internal IP.
<Shapeshiftr> What?
<_Techie_> its a transparant proxy
<_Techie_> check it out for yourself
<Shapeshiftr> Okay.
<_Techie_> http://shoutcast.technz.info/
<Shapeshiftr> transparant proxy
<Shapeshiftr> Hm?
<_Techie_> Shapeshiftr, transparant in the fact that you dont even realise that youve been proxied
<Shapeshiftr> Ah, erm, uh...
<Shapeshiftr> I'm still...
<_Techie_> confused..
<Shapeshiftr> Okay, so, you have the server hosted on another computer?
<_Techie_> no
<Shapeshiftr> And that computer redirects the traffic from x.x.com to 192.168.10.1
<Shapeshiftr> ?
<Shapeshiftr> No.
<Shapeshiftr> Okay.
<_Techie_> wait yes
<Shapeshiftr> Yes?
<Shapeshiftr> Correct?
<_Techie_> welll sorta
<_Techie_> your understandign is correct
<_Techie_> but its nto a seperate server
<Shapeshiftr> ...
<Shapeshiftr> Go on?
<_Techie_> the shoutcast web panel is hosted by a different process, that cant map to a subdomain by itself
<_Techie_> so i use apache to map it to its own subdomain
<_Techie_> Shapeshiftr, and here you can see examples of mapping a non SSL server to an SSL connection      http://sprunge.us/bjPN
<Shapeshiftr> Hm.
<_Techie_> Shapeshiftr, so if you can find someone to provide you with bandwidth equal to what you estimate your site will use, and almost no storage space, then you can use it as a transparant proxy
<a1fa> does anyone know whats realistic line speed on 10Gbe interface?
<a1fa> single connection, TCP->FTP
<Shapeshiftr> depends on your ISP
<Shapeshiftr> You could have the best network card in the world, and have a really shitty ISP, and still have a horrible connection.
<Shapeshiftr> AFAIK, the network card sets a maximum connection.,
<Shapeshiftr> If you only have a 10mbps card, you can only have a 10mbps speed, max.
<uvirtbot> New bug: #637694 in dbconfig-common (main) "package dbconfig-common 1.8.44ubuntu1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/637694
<Shapeshiftr> Okay, so, _Techie_, what should I tell them to do?
<_Techie_> Shapeshiftr, are you going through a friend or a company
<Shapeshiftr> Friend.
<Shapeshiftr> I already use his webhosting.
<_Techie_> get them in here
<_Techie_> thatl make things easier
<Shapeshiftr> Hm, he's not around right now.
<a1fa> Shapeshiftr: that's not true
<_Techie_> well, you have some of my vhosts as a reference
<Shapeshiftr> Okay, much thanks.
<a1fa> you can never achieve theoretical maximum on a network card
<_Techie_> get him to enable the proxy and rewrite modules
<a1fa> so with a 10mbps, you are looking at realistic 5mbps
<Shapeshiftr> So, tell him I want to forward all incoming connections to my domain to my server from his server...
<Shapeshiftr> ?
<Shapeshiftr> I'm still not exactly sure what the plan is.
<Shapeshiftr> Yeah, of course, alfa
<Shapeshiftr> I was talking theoretically.
<_Techie_> from his sever to yours on a different port using apache2's proxy and rewrite modules
<a1fa> Shapeshiftr: i am trying to find real world figures for 10Gbe interface
<Shapeshiftr> There are no figures, per say.
<Shapeshiftr> It depends on your ISP.
<Shapeshiftr> Okay, thanks, Techie.
<Shapeshiftr> Wait.
<Shapeshiftr> Couldn't I just run Apache off another port?
<_Techie_> yes, thats what you will be doing
<Shapeshiftr> But, surely I can just change Apache's port, and then forward that and go?
<a1fa> Shapeshiftr: but I am the ISP :P
<Shapeshiftr> Without proxy redirection and such.
<_Techie_> the whole proxy is so that clients can go to http://mydomain.com/ rather than  http://mydomain.com:90/
<Shapeshiftr> Alfa, you provide your own internet?
<Shapeshiftr> Ah, ah, okay.
<a1fa> sort of ;)
<Shapeshiftr> That actually makes sense.
<a1fa> i am a cross-over cable away from my "internet"
<a1fa> haha
<Shapeshiftr> You must go through Optimum Online or Comcast or something of the like.
<_Techie_> Shapeshiftr, thanks for understanding... very few people can understand the idea of such a proxy without thinking it over alot
<Shapeshiftr> Well, I mean, in order to go to webadmin, lets say, you have to type in IP:10000
<_Techie_> yep
<Shapeshiftr> You don't want people to have to type in domainname.com:90 all the time.
<_Techie_> exactly
<Shapeshiftr> So, you make people connect to port 80 on another server, then forward the connection on port 90 to my server.
<_Techie_> bingo
<Shapeshiftr> Right?
<Shapeshiftr> :D
<_Techie_> thats why you dont actually need any storage on their server
<Shapeshiftr> That actually makes sense.
<Shapeshiftr> Awesome, thanks :D
<_Techie_> Shapeshiftr, and you can setup services on your domain name so only port 80 is pointed to his ip
<_Techie_> so that you can retain use of the domain name
<Shapeshiftr> Yeah.
<Shapeshiftr> Should I just go to GoDaddy and point my domain to his external IP?
<_Techie_> yep to start with
<Shapeshiftr> Okay.
<_Techie_> and once you get your head around services
<_Techie_> then you can set that up and point the domain back to your ip
<a1fa> ah
<aetaric> I want to boot the Ubuntu Server ISO via PXE, is that possible? I'd rather not use the netboot ISO
<ScottK> aetaric: Why not?
<aetaric> ScottK: i've PXE booted that before and i kept getting download errors
<ScottK> OK.  I don't think you can, but I'm reasonably certain that if you could it would work the same.
<computerwiz_222_> hello everyone - i'm having some issues troubleshooting ubuntu 10.04 and I would really appreciate someone's help. I was running Ubuntu 9.04 since last September with no issues. The previous installation was RAID1 on a PCI SATA Card. I've since changed the motherboard and CPU and reinstalled to 10.04. The operating system is installed on a RAID1 array on the onboard sata (no problems) and there is a RAID1 1.5TB array on the
<computerwiz_222_> original PCI SATA card (problems...).
<Four2zero> i have ISPConfig3 installed on my computer with pure-ftpd and the problem im having is access other directory to upload to, how do i configure that from ispconfig3
<aetaric> ScottK: for netboot, you only have to tell the client the kernel file and it grabs the initrd on its own and nothing else... i want to boot it like RHEL/CentOS... you know give it an NFS server to grab the cd files from
<computerwiz_222> it seems that if i mount each drive (/dev/sdc or /dev/sdd) independently i can write to them no problems (verified by checksumming some known files generated from /dev/urandom)
<computerwiz_222> but as soon as i put them into a raid1 array i get MANY errors on the monitor attached to the server. some say failed command: write dma ext
<aetaric> computerwiz_222: you are trying to software raid1 two raid1 drives?
<computerwiz_222> aetaric:  correct
<aetaric> now THAT is redundancy
<amstan> aetaric: incorrect
<amstan> aetaric: he has 2 raid1's working in parallel
<computerwiz_222> aetaric: sory, i misread
<computerwiz_222> aetaric: i am actually raid1'ing two drives - two independent arrays
<amstan> computerwiz_222: you're giving too much info, forget the onboard raid
<aetaric> yeah i got confused...
<computerwiz_222> aetaric: what i want to end up with is two raid 1 arrays, one is 1TB, one is 1.5TB - each array has two drives
<aetaric> ok...
<aetaric> you are making the arrays BEFORE install, right?
<computerwiz_222> the 1TB one, yes - the 1.5TB one, no because it had data on it - but now it doesn't
<aetaric> ok... the 1.5TB isn't working?
<computerwiz_222> aetaric: right now i have a raid1 array that holds the OS and the data - this array functions perfectly. I am attempting to add a 1.5TB array to the system - the 1.5 drives function properly independently, but when i raid them together i get errors flying by on the monitor attached to the server
<aetaric> computerwiz_222: is this hardware raid or software raid?
<computerwiz_222> software
<aetaric> oh....
<pting> how do i have apt only upgrade php5 related projects if i have maverick builds added to my source.list?
<amstan> pting: synaptic or aptitute could probably do that
<aetaric> i've no idea then.. i've never used software raid. only hardware
<computerwiz_222> aetaric: thanks anyways, this is an unusual problem
<pting> amstan, hum, i want to have apt-get upgrade only show upgrade from maverick for php5.. all else should not show up... i'm thinking of doing some sort of apt pinning... would this be the appropriate approach?
<amstan> pting: hold on.. why are you doing this? trying to install maverick php on lucid?
<amstan> pting: i tried that once.. to do with xorg, i found myself with a nonworking x server that refused to go back to normal(previous release)
<ScottK> pting: What you are trying to do is distinctly unsupported in Ubuntu.
<pting> ScottK: i want try try out the php-fpm which is only available in 5.3.3
<ScottK> pting: If it's a test box, then you could try changing /etc/apt/sources.list to maverick, do apt-get update, do apt-get dist-upgrade, cancel it and then pick out the list of packages you want to upgrade.
<ScottK> I'd never do that for anything other than a test.
<ScottK> For a test box though, you might as well just run Maverick.
<pting> ScottK, heh, it's off my laptop... i don't want to fubar it
<ScottK> There's no risk free way to do it.
<pting> screw it, here i go, wish my laptop luck
<ScottK> pting: What kind of video does your laptop have?
<pting> video? videocard? nvidia 140M
<ScottK> OK.  I have all Intel stuff, so no advice on that.
<pting> i've been waiting for like 2 years for fpm to finally get pushed into php's codebase
<aetaric> pting....uh
<aetaric> i'd just build from source...
<pting> ... i no longer have to maintain a separate deb for myself
<aetaric> but that is just what i'd do
<matthewl> Anyone know if it's possible to drop to a shell during boot? I need to fix fstab, and it's stuck trying to mount a drive that doesn't currently exist on the machine. I'm trying do this without using a CD...
<aetaric> matthewl: when grub pops up, edit the initrd entry. remove quiet and splash and add single
<aetaric> then boot
<matthewl> Thanks, getting stuck in the same place though.
<aetaric> oh... matthewl no clue then. i guess a live cd is the only option
<ScottK> I have a vague recollection that hitting "S" or something during boot will skip the thing it's waiting on.
<ScottK> I can't remember the details, but I think there's a bug that the text for how to skip is hidden.
<ScottK> Google may know the details.
<matthewl> https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/571444
<uvirtbot> Launchpad bug 571444 in mountall "Boot hangs and unable to continue when automount disk in fstab is not available (Off or Disconnected)" [Medium,Confirmed]
<matthewl> That seems to be pretty close to what I'm seeing.
<a1fa> [  3]  0.0-10.0 sec    973 MBytes    816 Mbits/sec
<Four2zero> how can i enable write permission to /www directory so i can upload to the apache2 server ?
<Four2zero> im trying to upload files to an apache2 server /www directory but i dont have write permissions how do i set this correctly ?
<au> Four2zero: I would upload it to your home directory, then use sudo mv FILE/FOLDER /var/www
<Four2zero> au, i will test that out...one sec
<au> Four2zero: make sure your user is in /etc/sudoers :)
<Four2zero> 20:57:33	Error:	/home/ReadMe.txt: open for write: permission denied
<Four2zero> 20:57:33	Error:	File transfer failed
<au> try to /home/user/ReadMe.txt
<au> as /home just contains the users folders :)
<au> Four2zero: alternatively, as root: adduser -G www-data username
<au> Four2zero: username being the username that you log into FTP with (on the system, non-root of course)
<Four2zero> au, i had to upload to /home/four2zero
<Four2zero> thansk
<au> yep :)
<au> if you do 'adduser -G www-data four2zero' you could upload files directly to /var/www :)
<Four2zero> i rather do that....thanks for the tip
<au> np!
<Four2zero> i want to copy a file to a /www/directory but i keep getting this error: cp: omitting directory "media..."
<Four2zero> should i do this command: cp -r orginal_file new_file
<Four2zero> to overcome that error ?
<_Techie_> Four2zero, yep
<Four2zero> :)
<Datz> hi, I just switched my ubuntu server vm to a different install, and now eth0 can't be brought up
<Datz> I had a static address set..
<Datz> I loaded a different vm and networking works, so it must be with ubuntu server
<RudyValencia> Datz: I had this happen to me... check udev rules for network configuration?
<RudyValencia> I can't recall exactly what I did
<RudyValencia> but I got it to work
<Datz> RudyValencia: hehe
<Datz> ok..
<Datz> I don't really know how to check udev rules
<Datz> when I try ifup eth0, I get device not found..
<Datz> SIOCSIFNETMASK: No such device
 * Datz goes to sleep
<Four2zero> okay, when i try to access the shared directory, and be prompted for password and username which i did not specify in my smb.config http://www.upload3r.com/serve/130910/1284446022.jpg
<Four2zero> why do i keep getting the prompted to enter the username and password ?
<twb> Four2zero: you're accessing it using smbclient(1), or what?
<Four2zero> accessing via win7
<Four2zero> basically sharing the the the directory from ubuntu-server to windows home network.
<Four2zero> lol. three "the"
<Four2zero> i will paste bin my smb.config
<Four2zero> im only sharing one directory for all family member to access read only
<twb> Four2zero: produce the problem with smbclient first
<twb> That way 1) we know it's not Windows' fault; and 2) someone here probably knows how to deal with it.
<Four2zero> so that means i have to install a smbclient for win7
<twb> Er, no.  You install smbclient on the host that's running samba
<twb> Otherwise, you don't even know if its a network issue
<ruben23> hi guys i tried crontab -e but i cant get out on it any ideas hwo do i do it..?
<twb> ruben23: that depends what editor you're using
<twb> ruben23: the default should be nano, which IIRC is ^X (control+x).
<twb> ruben23: another likely candidate is vi(m), which you can exit using :q! (to discard changes) or :wq (to save changes)
<ruben23>  twb: i tried both actually but still it wont work..?
<ruben23> i mean it wont work.
<twb> ruben23: pastebin or imagebin what you see on the screen.
<ruben23> http://pastebin.com/fbME5vjS
<twb> ruben23: I can't tell from that what editor you're in.
<twb> Remember that if you're in vi, you need to type ^[ (ESC) to leave edit mode.
<Four2zero> google brings no good results fo samba client for windows 7 x64
<twb> Four2zero: if you want help with Windows clients, you should ask ##windows.
<twb> Four2zero: if you can produce the problem using the server and client on the same Ubuntu server, we can probably help.
<Four2zero> im using putty
<_Techie_> Four2zero, windows has a built in samba client
<Four2zero> okay, i will figure it out.
<_Techie_> Four2zero, what you need to do is enable guest access to the share and lock it to guest only
<twb> More precisely: Samba is a CIFS server; Windows includes a CIFS library and client (explorer)
<twb> _Techie_: ah, thanks, I didn't grok that was his goal
<ruben23> twb: _ someone told me its joe editor.
<Four2zero> _Techie_ i do have the "guest ok = yes" switch enabled.
<twb> ruben23: oh gods
<twb> ruben23: yes, the joe package Fucked Up and makes itself the default editor for everyone if it's installed
<twb> ruben23: IIRC it has some instructions at the top of the screen about how to bring up the menu
<_Techie_> Four2zero, heres my smb.conf modified  http://paste.ubuntu.com/493488/
<Four2zero> http://pastebin.com/EhtMMumR
<_Techie_> if you take my smb.conf enry and modify it to fit your needs it should work
<_Techie_> the main parts you want are guest only, and guest account
<Four2zero> I will test your config out and report back.
<Four2zero> _Techie_ okay i also tried your code with no luck. Hmm could it be possible that i might be running two processes that is conflicting each other ?
<Four2zero> however, i should n't be running two processes of smb.conf
<_Techie_> Four2zero, did you sudo /etc/init.d/samba restart    ?
<Four2zero> that command is not found
<Four2zero> i keep getting that for some odd reason
<_Techie_> sudo /etc/init.d/samba restart
<_Techie_> unless they renamed it to something else in 10.04
<Four2zero> four2zero@media-server:~$ four2zero@media-server:~$ sudo /etc/init.d/samba restart
<Four2zero> four2zero@media-server:~$: command not found
<Four2zero> sudo service smbd restart
<Four2zero> from what twb says: sudo service smbd restart
<_Techie_> then that
<_Techie_> maybe it was renamed from samba to smbd in 10.04
<Four2zero> i did try did not resolve
<_Techie_> =(
<Four2zero> i will uninstall samba and restart
<Four2zero> thanks for replys
<Four2zero> is there any other place other than /etc/directary samba resides ?
<Four2zero> and after i remove samba do i need to reboot ?
<Four2zero> i find it odd, that after i uninstalled samba, windows still shows it in my network after the refreshh
<ikonia> I'm trying to use the lib-virt (Virtual Machine Manager) gui, rather than make changes within the config files
<ikonia> I can't see how using the gui you can create pass through networking connectivity from the host, to the guest OS
<ikonia> the guest OS appears to be able to route or "proxy" out of the host, but the host can't reach the guest
<daxroc> Morning
<daxroc> I reinstalled mysql after a problem with passwords etc and it has stoped starting on boot any one know why that would happen ?
<daxroc> starts fine from init.d / start mysql
<au> daxroc: sudo update-rc.d mysql defaults
<daxroc> au that added a few scripts but also gave an error update-rc.d: warning: /etc/init.d/mysql missing LSB information
<tdn> I have created a user during installation and said Yes to "Encrypt home dirs?". How do I get back to non-encrypted home dirs?
<uvirtbot> New bug: #633725 in mythexport (main) "mysql thread_stack parameter too low, causing usage problems." [Undecided,Incomplete] https://launchpad.net/bugs/633725
<TBult> hi
<TBult> i will set up a central user management
<TBult> for our sys amins
<TBult> *admins
<TBult> which way can you recommend?
<aliverius> i want to use my box as both a server and a router. would it be ok to use ubuntu to do both or should i preffer running a router in kvm?
<joschi> TBult: that depends on your requirements
<joschi> TBult: but usually you would use some LDAP server and maybe kerberos for that
<TBult> every admin should have his own account and a own "shell log"
<uvirtbot> New bug: #637889 in bacula (main) "bacula-director-mysql : debconf: Unknown template field '_description'" [Undecided,New] https://launchpad.net/bugs/637889
<blackmatter> ?
<d3vic3> wmii filesystem mount corrupted http://paste.ubuntu.com/493558/
<uvirtbot> New bug: #635664 in php5 (main) "php5 crashed with SIGSEGV in sapi_header_op()" [Medium,New] https://launchpad.net/bugs/635664
<jo-erlend> I recently install updates for a lucid mail server. I can't receive mail anymore. Is this a known bug, or any ideas what might have happened?
<twb> jo-erlend: that is not a bug *I* know about.  Investigate further (e.g. read logs).
<progre55> hi guys. I'm trying to install ubuntu server from a usb startup disk, but it's not detecting my hard drives to partition.. any suggestions, please?
<uvirtbot> New bug: #637951 in bacula (main) "package bacula-director-mysql 2.4.4-1ubuntu5 failed to install/upgrade: el subproceso post-installation script devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/637951
<rahman> Hi, I am trying to find a file upload date to my apache server. I know the file name but what should I search for in apache access logs? If I search for the file name I get lots of logs about downloads of the file.
<ttx> SpamapS: looks like your recent changes broke the burnup graph?
<joschi> rahman: the contents of POST requests are not logged usually
<Daviey> rahman, Try adding "POST" to your grep
<joschi> Daviey: since the POST parameters are not logged by default, this won't get him far
<Daviey> or head :)
<Daviey> joschi, Are you sure?
<joschi> Daviey: yes
<rahman> Thanks dudes, but you are right, POST method contents are not logged. So I see when a file is uploaded but cant see the file name. So can I configure apache to log the complete contents of the post methods?
<joschi> rahman: you could use mod_dumpio. but that will produce *huge* log files
<joschi> rahman: a better alternative is to let your application log the file names and dates
<rahman> joschi: how huge  should they get? I am rotating apache logs daily and one day log file is ~50 mb uncompressed. and I am keeping up to 6 month old log files. Do the mod_dumpio also dump the complete binary file data to the log file? If so you are right it is useless for me
<joschi> rahman: yes, it dumps *all* I/O  to the logs
<uvirtbot> New bug: #637987 in openssh (main) "package openssh-server (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/637987
<zul> morning
<sommer> yo, morning :-)
<binBASH> Oops...
<zul> ttx: where is the list of rc bugs again?
<ttx> https://wiki.ubuntu.com/ServerTeam/MaverickReleaseStatus
<ttx> or search for the server-mrs tag for something more current
<ttx> zul: You have bug 582963 on your plate
<uvirtbot> Launchpad bug 582963 in server-papercuts "SSL pass phrase dialog can't read input" [Medium,Confirmed] https://launchpad.net/bugs/582963
<ttx> if anything can be done at this stage
<zul> ttx: i dont think anything can
<ttx> Then two others seem promised to you:
<ttx> Bug 596064
<uvirtbot> Launchpad bug 596064 in samba "nmbd fails to start on boot - problem with upstart " [Medium,Triaged] https://launchpad.net/bugs/596064
<ttx> Bug 561750
<uvirtbot> Launchpad bug 561750 in squid "squid starts and stops immediately (after upgrade from karmic to lucid)" [Medium,In progress] https://launchpad.net/bugs/561750
<MTecknology> I've been getting a few thousand messages per day looking like this - http://dpaste.com/243234/ - Any ideas why I'm getting them and how I can stop them from happening?
<jpds> MTecknology: That's coming from apparmor.
<ttx> JamesPage: ping
<jdstrand> MTecknology: you need to add 'k' for that path in your smbd profile
<MTecknology> jdstrand: What's in there now is "@{HOMEDIRS}/** lrw," I also get a message in the logs about profile="/usr/sbin/smbd" requested_mask="r::" denied_mask="r::" - shouldn't the r in there make those messages not come up?
<jdstrand> MTecknology: for sure you need to add 'k' to the 'lrw'. as for the 'r', I need the complete line
<MTecknology> jdstrand: ok- is there anything I need to do to reload that profile?
<MTecknology> I see why you need that line... It wants r on /var/log/samba/
<jdstrand> MTecknology: sudo apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.smbd
<reggi_au> hey folks, does anyone here know which channel I should connect to ask about PXE related questions? I'm trying to set up network boot because I want to install Windows XP and other operating systems over the network.
<MTecknology> jdstrand: thanks :D
<jdstrand> MTecknology: sure
<JamesPage> ttx: ping
<ttx> JamesPage: wanted to bring your attention to two bugs in the Java libraries that were recently pushed in our direction
<ttx> First one is bug 552613
<uvirtbot> Launchpad bug 552613 in xmlbeans "[MIR] xmlbeans" [High,Incomplete] https://launchpad.net/bugs/552613
<ttx> Both issues are about our main/universe split, that makes us different from Debian
<MTecknology> jdstrand: In AppArmor, is there any way to tell it a process can start working in this directory, but then it can't go above that level?   Like... It starts /path/to/some/foo/bar.py it can't read anything above /path/to/ ?
<ttx> we sync from debian new "feature support" (here the E4X)
<ttx> JamesPage: that adds a build-depends
<MTecknology> jdstrand: That would be the most awesomest thing in the world if it can..
<ttx> JamesPage: problem is, the package is in main, and the build-depend is in universe
<ttx> JamesPage: so the package fails to build until you do Main Inclusion Requests for the offender in universe
<JamesPage> ttx: the offender being xmlbeans?
<ttx> however, this can result in a lot of dependencies of dependencies
<ttx> yes
<ttx> which, in turn, depends on saxonb
<ttx> the problem is that we discover those late in the cycle
<wbit> How can I check if a user has reached it's open file/socket limit?
<ttx> when we look at FTBFS (fails to build from source) reports
<ttx> and sometimes it's a bit late to fix those. For that first bug, we'd need FFE (feature freeze exception) for the E4X support
<ttx> + 2 MIRs
<hggdh> morning Daviey
<Daviey> afternoon hggdh :)
<ttx> JamesPage: so for that one I consider disabling the E4X support and the new build-dep
<ttx> *but*
<ttx> we should not forget about this one, otherwise it will bite us again next cycle
<ttx> we need to fix that when it's the right moment in the cycle to fix them
<ttx> the second bug is...
<ttx> bug 635895
<uvirtbot> Launchpad bug 635895 in libcommons-fileupload-java "libcommons-fileupload-java (main) build-depens on libportlet-api-2.0-spec-java (universe)" [High,Confirmed] https://launchpad.net/bugs/635895
<ttx> for that one, it's portlet API support that was added to commons-fileupload
<ttx> JamesPage: here it's even more MIRs that are needed, since we pull all the maven stack to main
<hggdh> Daviey: I see we already have a patch for the 500 error
<ttx> that's something we need to do at one point... but at the start of a cycle is a better time :)
<JamesPage> ttx: OK - to summarise both these issues need to be resolved by removing the dependencies now
<MTecknology> jdstrand: I'm also curious if there's somewhere that explains the denied masks. Sometimes it's ::k and sometimes it's k:: - Now I'm getting pretty interest in what's going on. :P
<JamesPage> but ensuring that we don't lose them for the next cycle (i,e. I need to remember :-)
<ttx> JamesPage: exactly.
<ttx> i'll comment on both bugs. You might be interested in proposing a fix for them
<jdstrand> MTecknology: man apparmor.d
<ttx> JamesPage: do you think you have time for that ?
<jdstrand> MTecknology: though tbh I've not thought about when the kernel reports ::k vs k::
<ttx> JamesPage: those are RC bugs that we'd better fix before Thursday, so that means your fix proposal should come in ~ wednesday noon so that I can sponsor it
<blackxored> hi guys, i'm setting up openvpn client on a new machine, it doesn't redirect my traffic neither pushes the default gw, the logs says error 7 around adding some route, any clues?
<ttx> JamesPage: if you already have other things on your plate, I can do them.
<JamesPage> ttx: I think so; I've been looking at Hudson integration with mathiaz but I can put that down
<JamesPage> ttx: want to get to know the process; I'll take a look now.
<ttx> OK, I'll assign those to you... and I'll pick them up on wednesday afternoon if you don't make it
<MTecknology> jdstrand: No significant difference probably?
<jdstrand> MTecknology: certianly not when profiling an application. you could ask jjohansen when he comes online if you are curious
<jdstrand> s/certianly/certainly/
<noname> hi guys , can someone guid me to backup a folder to a folder in my home directory colled backupfolder
<noname> etc/tmp/mydat : mydata is the name of the folder that i want to backup
<JamesPage> ttx: OK
<MTecknology> jdstrand: ok, thanks again :)
<ttx> jamespage: your LP userid is jamespage ?
<JamesPage> ttx: james-page
<ttx> JamesPage: done -- ping me anytime for advice or other
<JamesPage> ttx: thanks -- I'll shout if I need any help
<Daviey> hggdh, that is purely my patch.. wanted to see what upstream thought of it
<Daviey> (it does fix it, fwict) \o/
<hggdh> great!
<Daviey> hggdh, disappointing that eucalyptus didn't get back to us like they said they would... also following 2 emails!
<hggdh> yes indeed. Weird
<hggdh> Daviey: and I understood this was tested
<ttx> Daviey: did you push this to a new upload ?
<Daviey> hggdh, everything that lands there has passed their QA.. is what they tell us.
<Daviey> ttx, I have a branch waiting.. but was really hoping to nab one of upstream for comment before pushing it.  Perhaps just push it regardless?
<hggdh> Daviey: I wonder why they added the context.clear line there also. What about while we wait for comments we push & test it?
<Daviey> hggdh, yeah - i'm trying to get the login screen better.. seems like a good idea to make uploads somewhat more useful
<Daviey> but this is a critical issue.. so i guess just push
<hggdh> Daviey: go for it -- login screen is good but we can deal with it later
<Daviey> hggdh, well 2 instances start really fast!  With the patch.. so it looks good
<ttx> Daviey: Ideally we'd have an ISO tomorrow with that fix
<Daviey> ttx, Oh.. that is my intention
<hggdh> ttx: I can netboot and check it as soon as it is published
<ttx> so you can give it a couple more hours
<ttx> to give upstream a chance to answer
<Daviey> (which explains why i've been working on this past midnight, twice this week - trying to ensure the following days iso is good) :)
<Daviey> hggdh, I'll push it to a PPA right now... and leave it a few more hours for upstream to comment.. That way you can get some testing in :)
<Daviey> ttx, ^ ?
<mathiaz> Daviey: you should ask access to the system where you can trigger iso builds
<ttx> Daviey: ack
<mathiaz> Daviey: I don't see why you should be blocked on the next day iso and work late to make it in time
<Daviey> mathiaz, I can see that point.. but i'm happy with ttx being the gatekeeper i think
<mathiaz> Daviey: rather - ask the ability to spin isos
<Daviey> ttx, What are your thoughts?
<ttx> mathiaz: the current spin time lets me get a fresh ISO when I wake up, so it's perfectly fine by me
<ttx> no need for an earlier spinnage, unless Dave needs it
<mathiaz> ttx: agreed
<mathiaz> ttx: it seems that Daviey needs it as outlined above
<ttx> when I say "have an ISO tomorrow with that fix" I really mean, you should upload before EOB today
<Daviey> i *prefer* working from netboot TBH... The main reason for trying to ensure it lands late at night, is for other people to test the ISO.
<mathiaz> jdstrand: hey!
<mathiaz> jdstrand: have you already seen this libvirt issue http://paste.ubuntu.com/493661/?
<jdstrand> mathiaz: no
<Daviey> eeek
<jdstrand> mathiaz: are you redefining the default network?
<Daviey> hggdh, pushing to PPA now
<hggdh> Daviey: ack, thanks
<jdstrand> mathiaz: hi btw :)
<edge> is it possible to download the documentation that is web based, in a complete PDF format ?
<mathiaz> jdstrand: this is the network definition: http://paste.ubuntu.com/493663/
<mathiaz> jdstrand: it used to work on lucid
<mathiaz> jdstrand: fails on maverick
<jdstrand> mathiaz: what are you doing exactly? the default network should come up automatically
<SpamapS> ttx: broken? The graph looks fine to me...
<mathiaz> jdstrand: I've slightly change the default network definition
<mathiaz> jdstrand: there isn't any dnsmasq started
<mathiaz> jdstrand: as I start my own dnsmasq with it's own configuration
<ttx> SpamapS: if "fine" means that the line is in the middle of nowhere, then I'd agree with you
<jdstrand> mathiaz: ok I see that now
<SpamapS> ttx: which one?
<jdstrand> mathiaz: so, maverick seems a bit more finicky on redefining the network
<ttx> SpamapS: let me upload a picture showing how it should be
<jdstrand> mathiaz: I do:
<jdstrand> virsh net-dumpxml default > /tmp/xml
<jdstrand> virsh net-destroy default
<mathiaz> jdstrand: hm - port 69 is tftp
<jdstrand> virsh net-undefine default
<jdstrand> edit /tmp/xml
<SpamapS> ttx: this one isn't right? - http://people.canonical.com/~pitti/workitems/maverick/canonical-server-ubuntu-10.10.html
<jdstrand> virsh net-define /tmp/xml
<jdstrand> /etc/init.d/libvirt-bin stop
<jdstrand> killall dnsmasq
<jdstrand> /etc/init.d/libvirt-bin start
<jdstrand> virsh net-dumpxml default    # should show the network is changed
<ttx> SpamapS: no it isn't
<jdstrand> virsh net-list               # should show the default network
<ttx> SpamapS: should be http://people.canonical.com/~ttx/meuh.svg
<ttx> i.e. the line should draw to the DONE point on D-1
<jdstrand> mathiaz: I haven't perfected the algorithm yet, but basically, you need to destroy it, undefine, then define it
<ttx> not somewhere random at the bottom of the graph
 * mathiaz ndos
<ttx> SpamapS: mine is generated with rev219, same DB.
<jdstrand> mathiaz: I think doing something like the above will get libvirt into a state where it will do what you want
<ttx> SpamapS: looks like your "inprogress" status lost it.
<ttx> SpamapS: do I make sense ?
<SpamapS> ttx: ok I see the difference. yes.
<SpamapS> ttx: the way those plot objects are created/managed is really, really weird
<SpamapS> ttx: it would have been blocked that messed it up, not inprogress
<ttx> SpamapS: right, "blocked"
<ttx> SpamapS: looks like the line is drawn to the amount of "in progress" items rathe than to the amount of DONE ones
<ttx> SpamapS: I can look into it tomorrow if you're too busy to fix it
<SpamapS> ttx: no, I will fix it today
<SpamapS> ttx: pitti gave me commit access so I can actually fix it. :)
<ttx> SpamapS: nice strategy :)
<ttx> break it to the point that you get commit access to fix it
<SpamapS> :)
<robgault> good morning; is there an upgrade path from 10.04 to 10.04.1 TLS?
<Daviey> robgault, sudo apt-get dist-upgrade
<joschi> robgault: aptitude update && aptitude full-upgrade
<jcastro> you don't even need the dist-upgrade Daviey
<jcastro> if you're just doing updates normally you'll be fine
<robgault> Daviey: thanks I was using "do-release-upgrade"
<robgault> jcastro: it wasn't doing the upgrade w/ just a normal apt-get upgrade
<jcastro> robgault: that's for release-to-release, point releases are basically just a roll up of all the existing updates
<jcastro> O_O
<robgault> is there an advantage to using aptitude over apt-get?
<joschi> robgault: better dependency resolution in some cases. if apt-get works for you, stay with it
<robgault> thanks everyone for the help!
<robgault> majordomo isn't packaged for ubuntu?
<zul> umm...probably not but mailman is
<mathiaz> jdstrand: would there be a reason why libvirt couldn't open qcow2 files stored in ecryptfs on maverick?
<robgault> I've never used mailman, how does it compare to majordomo?
<mathiaz> jdstrand: my qcow2 files backing my vms are stored in my home directory which is managed by ecryptfs
<mathiaz> jdstrand: libvirt fails to start my vms in maverick
<mathiaz> jdstrand: if I move my vms to /srv libvirt is able to start them
<jdstrand> mathiaz: yes, but it has nothing to do eith ecryptfs
<jdstrand> mathiaz: oh, well, hmm, maybe then
<mathiaz> jdstrand: well - and when I start from /srv it seems that the guest isn't brought up
<Daviey> hggdh, https://edge.launchpad.net/~davewalker/+archive/uec-devel/+build/1959401
<jdstrand> mathiaz: do you have any apparmor denied messages in kern.log?
<hggdh> Daviey: thank you
<jdstrand> mathiaz: check your xml for the disk: does it say '<driver name='qemu' type='raw'.../>' or '<driver name='qemu' type='qcow2'.../>'?
<mathiaz> jdstrand: I only see apparmor profile reload/replace messages
<mathiaz> jdstrand: http://paste.ubuntu.com/493686/
<jdstrand>       <driver name='qemu' type='raw'/>
<jdstrand>       <source file='/home/mathiaz/reference/vms/m-base/disk.qcow2'/>
<mathiaz> jdstrand: hm right
<mathiaz> jdstrand: let me fix that
<jdstrand> mathiaz: libvirt 0.8.3 requires the type to match the image
<mathiaz> jdstrand: well - how do I fix that?
<mathiaz> jdstrand: <disk type='file' device='disk'> -> ?
<jdstrand> mathiaz: I wrote libvirt-migrate-qemu-disks for this
<jdstrand> mathiaz: it should have been called on upgrade. are these new images or existing?
<mathiaz> jdstrand: this is a new image
<mathiaz> jdstrand: I've checked existing images and they're indeed upgraded
<jdstrand> ok, then that is why libvirt-migrate-qemu-disks wasn't used
<jdstrand> mathiaz: how did you create the image?
<mathiaz> jdstrand: copied a libvirt.xml from a lucid host
<mathiaz> jdstrand: and then edited by hand
<jdstrand> mathiaz: ok-- part of your process will need to include adding '<driver name='qemu' type='qcow2'/>' to the xml before you define it. then you should be fine
<mathiaz> jdstrand: great - thansk
<jdstrand> mathiaz: look at your paste to see where to put it (ie, libvirt added the 'raw' line since it wasn't in the xml when you defined it)
<mathiaz> jdstrand: ok - it worked
<mathiaz> jdstrand: however libvirt can't access files stored in ecryptfs
<jdstrand> mathiaz: what are the permissions of your $HOME?
<mathiaz> jdstrand: drwx------
<EvilPhoenix> o.o
<jdstrand> mathiaz: that is probably why. libvirt in maverick now runs qemu guest as libvirt-qemu:kvm
<mathiaz> jdstrand: indeed - I noticed that the backend files had changed ownership
<jdstrand> mathiaz: you have two choices-- adjust your permissions to by 0750 mathiaz:kvm (I think that should work, if not, you get the idea) or adjust /etc/libvirt/qemu.conf to have:
<jdstrand> user = "root"
<jdstrand> group = "root"
<jdstrand> heh, actually, you could try to adjust the user and group to be yourself
<jdstrand> anyway, you get the idea
 * mathiaz nods
<jdstrand> mathiaz: fyi, in lucid we run as root:root, which is generally fine if you leave the apparmor security driver enabled
<mathiaz> jdstrand: right
<mathiaz> jdstrand: this is for system instances
<mathiaz> jdstrand: though.
<jdstrand> oh yes
<jdstrand> qemu:///system
<jdstrand> qemu:///session always runs as you
<mathiaz> jdstrand: right - I could try to use session instead :)
<jdstrand> mathiaz: that is a third option, but you lose a lot. it starts a libvirtd as you, so you don't get the fancy networking or apparmor protection (among other things)
<SpamapS> domo
<SpamapS> domo
 * SpamapS is caught red handed rocking out to stynx
<mathiaz> jdstrand: it works now - I've set 750 mathiaz:kvm on /home/mathiaz/
<jdstrand> \o/
<mathiaz> jdstrand: thanks for helping out!
<jdstrand> mathiaz: sure thing. 0.8.3 brought a number of changes
<mathiaz> jdstrand: I'm not sure I understand why changing /home/mathiaz fixed it?
<jdstrand> mathiaz: look at the qemu process with ps auxww
<jdstrand> mathiaz: it is running as an unprivileged user, so it could read the inside of your directory when it was 0700
<jdstrand> err
<jdstrand> couldn't
 * mathiaz nods
<thafreak> I had 2 identically configured ubuntu lucid servers, both with a bridge device configured identically in the /etc/network/interfaces file. One server, it would be up automatically on boot, the other it wouldn't...
<thafreak> Any ideas what could cause that?
<ttx> SpamapS: should i target bug 625882 to Maverick ? i.e. do you intend to fix all of it ?
<uvirtbot> Launchpad bug 625882 in rrdtool "libdbi0: ABI breakage without package name change" [High,In progress] https://launchpad.net/bugs/625882
<thafreak> The only difference, is I may have installed one box with 10.04 and the other with 10.04.1
<SpamapS> ttx: I think it would be a shame not to fix it.
<thafreak> but both were completely up to date with updates, and both at 10.04.1
<ttx> SpamapS: I'll add it to the ttx nagging list then
<SpamapS> ttx: I've already done all the rebuilds / tests .. I was just dragging my feet because I wasn't sure who to contact next.
<EvilPhoenix> is it possible to remove "sudo"
<EvilPhoenix> as in the actual command
<EvilPhoenix> so that root on a server is the only one that can do root stuff
<Laverne> you can set a password for root and then remove the users from the admin group
<pmatulis> why not just leave one person in the admin group?
<SpamapS> EvilPhoenix: its actually more secure to simply remove access to sudo from all but one admin user
<EvilPhoenix> such as root
<EvilPhoenix> right
<SpamapS> EvilPhoenix: now an attacker must compromise *two* passwords.
<EvilPhoenix> i already did that
<EvilPhoenix> well
<EvilPhoenix> they also have to break through ssh-key-only auth
<EvilPhoenix> just to get to ssh
<SpamapS> right, so they have to compromise the ssh key of the admin user..
<SpamapS> then get his password..
<SpamapS> unless you go NOPASSWD for all.. which is.. not recommended on production servers. ;)
<SpamapS> ssh'ing as root is not recommended either.
<SpamapS> EvilPhoenix: what risk do you see in sudo vs. direct root access?
<trashguy>  have a server that sends mail out for a zenoss instalattion but there was a bad address and now mail is stuck in  my
<trashguy>                   relay que on my mail server
<trashguy> does ubuntu by default deny all incoming mail?
<EvilPhoenix> doesnt matter the reasoning atm
<EvilPhoenix> *yawn*
<SpamapS> trashguy: Ubuntu's default MTA, postfix, will not relay mail to domains it doesn't know about by default.
<SpamapS> EvilPhoenix: the answer to your question was yes, of course you can. We're just trying to steer you away from adding risk to your system.
<trashguy> where is the conf file
<trashguy> i dont see teh obvious mail dir under etc
<SpamapS> trashguy: /etc/postfix
<trashguy> is it not installed in base?
<SpamapS> trashguy: no, it only gets installed when you install something that needs an MTA
<trashguy> interesting
<bhauff> So I have a VM provided to me from my admin of 10.04 and I noticed it has 5 postgres processes running.  I don't particularly need postgres, or apache for that matter which is also running.  Are these things that I can cleanly remove now, or should we reinstall making sure they aren't there?  I am trying to prepare a gold image that we will use.
<trashguy> to stuck on with fbsd this linux stff has a different practice :D
<EvilPhoenix> SpamapS, yeah i realize
<EvilPhoenix> i'm in the middle of fixing what someone broke
<EvilPhoenix> so...
 * EvilPhoenix is very annoyed and busy
<bhauff> Also, free -m is showing ~250MB of memory used, which seems high for a just installed VM doesn't it?  The VM has 1GB of memory.  I saw that the slicehost article for setting up a VM had only 25MB of memory used, although his VM had only 256MB of available memory.
<SpamapS> trashguy: turns out most systems don't need an MTA.. beside.. there is too much email in the world already.. we don't need to encourage more people to send more email. :)
<uvirtbot> New bug: #638171 in bacula (main) "package bacula-director-pgsql 5.0.1-1ubuntu1 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/638171
<SpamapS> bhauff: apt-get remove postgresql apache2
<SpamapS> bhauff: to make it 100% clean, you can purge the data/config files too..  dpkg --purge postgresql ; dpkg --purge apache2
<SpamapS> bhauff: you may also want to run 'apt-get autoremove' to get rid of all the dependencies that are no longer needed.
<bhauff> SpamapS: Thanks, that is a big help, is that just as good as doing a new install?
<SpamapS> bhauff: purge should leave *no* trace of a package. If it does, file a bug. ;)
<SpamapS> bhauff: its one of the big goals of Debian and Ubuntu to be able to remove and manage software cleanly so there's no feeling that a system needs a reinstall. :)
<bhauff> SpamapS: I appreciate that, my admin setup this VM, and I am trying to get the memory down, did you see my message about the memory from above?
<bhauff> SpamapS: Does the dpkg --purge also remove the install package, or do I need to do the apt-get remove and the dpkg?
<SpamapS> bhauff: dpkg won't remove anything that depends on those packages, so you may "break" your system by doing the --purge first.
<SpamapS> bhauff: apt-get remove will say "oh, drupal6 depends on apache2, which you're removing, so I'll remove it too"
<bhauff> SpamapS: ok, so aptitude remove first, then the dpkg purge for cleanliness:)
<SpamapS> bhauff: --purge is just a nice final step to get rid of config files and data
<bhauff> SpamapS: Ok cool, do you know if ubuntu will use more memory if it has more available to it?
<uvirtbot> New bug: #638177 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: podproces zainstalowany skrypt post-installation zwrÃ³ciÅ kod bÅÄdu 1" [Undecided,New] https://launchpad.net/bugs/638177
<SpamapS> bhauff: of course it will. :)
<SpamapS> bhauff: any RAM not in use by programs will be used to cache and buffer disk access.
<bhauff> SpamapS: ok, that makes sense, I was wondering why free -m is showing 250MB of usage with a just brought up server
<SpamapS> bhauff: yeah, thats a good thing. :)
<bhauff> SpamapS: ok, apt-get is telling me that postgre is not installed, but I see 5 processes of it with ps aux
<bhauff> postgresql
<bhauff> SpamapS: http://gist.github.com/579288
<sjm> bhauff, SpamapS can't you do both in one step with "aptitude purge apache2 postgresql"  ?
<SpamapS> sjm: I dunno, I've had some bad luck with 'apt-get purge' and I don't really know aptitude
<SpamapS> bhauff: dpkg -S /usr/lib/postgresql/8.4/bin/postgres will tell you what package owns that file
<sjm> bhauff, I don't think it will stop any already running processes.  You need to stop them and then they should be gone.
<bhauff> SpamapS: postgresql-8.4
<trashguy> interesting
<trashguy> wth is eaitng up 48GB of ram
<trashguy> :/
<SpamapS> trashguy: got mysql? ;)
<trashguy> not that big
<trashguy> its a Zenoss box
<SpamapS> mysql can eat RAM like crazy
<trashguy> yea
<trashguy> although
<trashguy> i am runnign zoneminder too
<bhauff> SpamapS: Thanks a bunch, everything is good to go now, and I learned alot about packages!
<SpamapS> trashguy: ps auxw O r   <-- sorts all processes by their memory size, ascending, so the last thing you see is the biggest eater of RAM.
<SpamapS> bhauff: any time
<bhauff> ok, general question what is the difference between dkpg apt-get and aptitude?
<trashguy> Spunk and zenoss :/
<trashguy> odd
<sjm> bhauff, As I understand it, dpkg is the underlying package manager, but doesn't do any dependancy resolution.  apt-get and aptitude are basically the same, but some say aptitude is "more powerful".
<SpamapS> trashguy: how happy are you with Splunk? Last time I tried it, it was actually pretty awesome.. but way too pricey.
<sjm> bhauff, aptitude and apt-get both do dependancy resolution.
<SpamapS> sjm: btw, the prerm scripts of the packages should stop all running daemons before removing the package
<sjm> bhauff, aptitude run without any options does give you a more graphical interface that apt-get doesn't have
<bhauff> sjm: was aptitude an iteration of development on top of apt-get or just a whole new tool?
<sjm> bhauff, no idea.  Also not sure which was first.
<bhauff> sjm: thanks
<trashguy> hrm
<trashguy> cant seem to find this memory hog
<SpamapS> sjm: apt-get was first.. aptitude came later as an attempt to replace apt.
<SpamapS> bhauff: ^^
<SpamapS> trashguy: is it really "using" the RAM, or is it all just used in buffers/cache ?
<trashguy> i founc it
<trashguy> found
<trashguy> zoneminder had a file stuck
<trashguy> a vidoe stream form a security cam
<trashguy> Man
<trashguy> spunk is so awesome
<trashguy> splunk even
<RyanP> I have a machine that's running a number of openvpn client processes. I want to use monit to monitor them, but trying to define more than one service returns the error " Error: service name conflict, openvpn already defined."
<pmatulis> spunk?
<trashguy> Splunk
<aetaric> anyone know where the kernel and initrd.gz live on ubuntu server iso?
<SpamapS> RyanP: just name each one something different?
<pmatulis> aetaric: can you not mount the ISO and use find?
<RyanP> SpamapS, the config file looks like this: http://pastebin.com/bLrpUtsb the process has to be 'openvpn', or else it doesn't recognize that it's been restarted properly after a failure. It only lets me define one 'openvpn' service, even if there are different pid files.
<SpamapS> RyanP: ah, maybe monit can specify a different "name" for each one that isn't the actual process name?
<RyanP> SpamapS, I hope so, but didn't find anything in the documentation. An 'alias' command or something would be useful here. Was hoping that someone would know.
<SpamapS> RyanP: you could always just write upstart jobs to do the same thing. :)
<RyanP> SpamapS, Sure. I'm just trying to make sure that a bunch of openvpn connections stay open. I haven't looked at upstart much. Is there something you can point me at that would be useful?
<SpamapS> RyanP: Ugh, I wish there were. I'm actually working on a set of best practices right now.... basically you just need to create a simple file in /etc/init
<SpamapS> RyanP: something like this would work  http://pastebin.com/fHxG7uXn
<SpamapS> RyanP: you'd want to add some other things, like start on net-device-up
<SpamapS> and I'm not entirely sure how the instance stuff works to be honest
<RyanP> SpamapS, Thanks. I just found something in the monit docs that might be what I want. If that doesn't work out I'll approach it from that direction.
<SpamapS> RyanP: cool. I think OpenVPN is on the list of things we're convirting to upstart.
<uvirtbot> New bug: #638238 in samba (main) "samba failed to install and crashes on login - package samba-common 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/638238
<elb0w> Are there any ubuntu server images for AWS?
<cwryuu> elb0w: I don't know if there are any available, but you can try building your own http://alestic.com/2010/01/vmbuilder-ebs-boot-ami
<RyanP> SpamapS, Just so you know, setting the config file like: http://pastebin.com/0uL0D2Ec seems to do the trick. I'm curious about doing it in upstart though, so I'll take a look there too.
<zoopster> elb0w: you mean EC2? or something different?
<zoopster> elb0w: if you want EC2 AMIs...the 10.04 ones are listed at http://uec-images.ubuntu.com/releases/10.04/release/
<elb0w> yea ec2
<SpamapS> RyanP: I like monit a lot.. it has some key advantages over upstart for some things. But upstart is sort of.. "the future" for background process management.
<elb0w> zoopster, who do I login as?
<elb0w> amazon wants root
<zoopster> elb0w: ubuntu
<Skaag> is there a utility in ubuntu which re-runs a service if it failed?
<wickedSA> I'm a fan of runit
<RoyK> OpenIndiana seems like a promising project :)
<Skaag> cool
<RoyK> http://openin.org/announcement/
<RoyK> press conference is at its end, though
<panfist> i'm ssh'd into an ubuntu server from an ubuntu desktop. i'm trying to execute a graphical app over ssh on the ubuntu server, but it says: Error: Can't open display: sshclient:0.0
<RoyK> panfist: enable ssh X forwarding
<Skaag> wickedSA: how do you setup apache in ubuntu to be supervised by runit?
<Skaag> I understand I need to create a directory
<panfist> RoyK it is enabled, and i connected with ssh -X
<RoyK> wierd
<RoyK> works for me (tm)
<Skaag> actually, /etc/sv/apache already exists
<wickedSA> Skaag: I wouldnt do that with apache. do you find that apache dies on you?
<Skaag> yes it does because of a RAM problem
<Skaag> until I replace the RAM, I want it to be reloaded
<wickedSA> Skaag: I would just whip up a shell script and run that out of cron
<wickedSA> and hopefully cron doesnt die too
<wickedSA> heh
<mathiaz> sommer: hey!
<mathiaz> sommer: looking at the puppet page
<sommer> mathiaz: cool
<mathiaz> sommer: I think there needs to be a ; at the end of each ressource definition (ie apache2 package and service)
<sommer> mathiaz: mmmm... it worked without it
<sommer> mathiaz: I can add that though
<mathiaz> sommer: ok - I may be misguided here then
<mathiaz> sommer: I'd recommend to use puppetmaster-passenger instead of puppetmaster
<mathiaz> sommer: however -passenger is in universe
<Skaag> you're right, I whipped it up with cron
<Skaag> simpler
<sommer> mathiaz: ya, I was going for a very simple example... since puppet can get very complicated very quick, heh
<sommer> mathiaz: I can add puppetmaster-passenger for natty though
<mathiaz> sommer:  puppetmaster-passenger is already in maverick
<mathiaz> sommer: it's just a matter of apt-get install puppetmaster-passenger
<sommer> mathiaz: right, but it's way past string freeze
<mathiaz> sommer: and it's up-n-running
<mathiaz> sommer: fair enough
<mathiaz> sommer: the rest looks good to me
<sommer> mathiaz: sweet, thanks for taking a look, I appreciate the feedback
<bjaanes> I use backuppc for backup. I just installed my NFS server and was wondering if backuppc backups up hard drives that are connected but NOT mounted. I have a hard drive connected with like 1TB with data and would very much not like to see pool full tomorrow morning (tomorrow night, the day after - whenever it finishes)
<Skaag> any of you know a solution that synchronizes files quickly between servers?
<Skaag> not drbd based
<Skaag> and not rsync based
<oryxtec> hello world
<giovani> Skaag: what do you want, exactly?
<giovani> i.e. why is rsync not an option
<RoyK> Skaag: those are the ones - unison works too, but is dead slow
<Skaag> I am using csync2 for a while
 * RoyK can't wait to install openindiana 
<oryxtec> i m trying to load a php base agi but i m unable to.
<giovani> Skaag: is there a reason you're not using a distributed/network file system?
<Skaag> such as?
<giovani> AFS/Coda
<RoyK> oryxtec: agi?
<Skaag> OpenAFS?
<Skaag> I need multi-master
<Skaag> and I need it to not be read-only
<RoyK> glusterfs?
<Skaag> that is, I want to be able to delete a file
<Skaag> I tried glusterfs
<Skaag> I'm actually using it, for machines that are on the same switch
<Skaag> but they are not yet done with their WAN support
<Skaag> so if you try glusterfs over WAN, it kills your machines
<Skaag> I actually tried it
<RoyK> you mean slow links?
<Skaag> yes
<oryxtec> Roynk: i m running asterisk on ubuntu and in asterisk i m tyring to load one php based agi but i does not work.. i had some issues on php and apache yesterday qman__: help me to fix those errors
<RoyK> imho glusterfs isn't meant for slow links
<Skaag> well, they are not really that slow... just between several data centers
<oryxtec> today every thing is working fine.. but now
<Skaag> but with 50ms ~ 60ms latency between them
<oryxtec> php based agi is not working
<RoyK> oryxtec: php-cgi?
<oryxtec> yes
<RoyK> oryxtec: perhaps the guys at #asterisk can help
<Skaag> RoyK: That's right, it's not, but I discussed with them, they have one guy working on it
<RoyK> better ask there
<RoyK> Skaag: ok
<oryxtec> let me try ther
<qman__> oryxtec, I know LAMP very well, but I know nothing about asterisk
<RoyK> oryxtec: does the script run as a normal user or the asterisk user?
<RoyK> you might have to feed it with some info to test it, though
<oryxtec> normal user
<oryxtec> when i run this command
<oryxtec> php /var/lib/asterisk/agi-bin/a2billing.php -v
<RoyK> well, I don't know (and currently, I'm still banned from #asterisk after blaming them for being rather less professional than what I thought possible)
<oryxtec> i get this error
<oryxtec> PHP Parse error:  syntax error, unexpected T_GOTO, expecting T_STRING in /usr/src/a2b/common/lib/phpagi/phpagi.php on line 1227
<RoyK> seems like a bug in the script to me
<oryxtec> this is not an asterisk issue
<RoyK> nope
<RoyK> it's a script issue
<oryxtec> yes
<oryxtec> but on my other sever same script is working fine
<RoyK> different php version?
<oryxtec> same
<axisys> is there a way to save some work and just clone a user account ?
<oryxtec> i read from on form regarding this issue .. and they said
<axisys> otherwise.. i will just make sure new account has same group and sudo privs
<oryxtec> i had't installed php-pear package
<Skaag> ok coda looks interesting
<qman__> oryxtec, php-pear is installed
<oryxtec> how can i check if this packge is installed on my server
<Skaag> I need to remember if I failed it and on what basis, when I did my research 6 month ago
<oryxtec> humm
<RoyK> axisys: just set sudo to use a group and add that user to the group
<oryxtec> rite
<qman__> you can verify with `dpkg -l | grep php-pear`
<axisys> RoyK: yep.. that is what I have.. so sudo part is not an issue.. but how about adding the user to same set of groups ?
<oryxtec> qman__: yup its installed
<axisys> i dont have a problem doing the manual way.. but dont want to miss out if there is some tool to do that quicker
<RoyK> dunno if useradd can do that
<RoyK> perhaps scripting up usermod will help
<oryxtec> qman: any idea
<oryxtec> on this?
<qman__> sounds like a broken script to me
<RoyK> axisys: perhaps scripting up usermod will help
<qman__> that or it's not compatible with your PHP version
<axisys> RoyK: sure.. i could just use puppet or chef solo i guess
<RoyK> iirc something changed in gotos around php5.3
<oryxtec> how can i check my php ver?
<RoyK> php --version
<qman__> I know there were a lot of scripts that broke with 5.3
<oryxtec> hum
<RoyK> backwards compatibility isn't really a high priority in php
<RoyK> sadly, but true
<RoyK> php has even broken backwards compatibilty in minor versions
<oryxtec> qman__: please can you check this comments on ths form
<oryxtec> http://forum.asterisk2billing.org/viewtopic.php?f=33&t=7799
<RoyK> oryxtec: I really think this is an asterisk case, not an ubuntu server case
<qman__> oryxtec, the software isn't compatible with 5.3 yet, according to those posts
<oryxtec> Roynk: this is not an asterisk issue :( according to to this form php 5.3.2 is not compatilbe with
<oryxtec> yes
<oryxtec> php 5.2 is compatible. :(
<oryxtec> can we install php 5.2 on it?
<qman__> not cleanly or easily
<oryxtec> can we try?
<qman__> you'd have to grab packages from karmic, pin them to the old versions, and hope nothing breaks
<qman__> or, find a PPA or compile from source
<qman__> in any case, not something I'd run in production
<RoyK> oryxtec: just uninstall the current php version, apt-get source the php package, copy the debian/ directory into the old php source tree and make a new package
<oryxtec> server is not in production..
<RoyK> using the current source and grabbing the debian/ dir for making a new package is far cleaner than using an old package
<oryxtec> from last 1 week i have messing up with this server.. and finally qman__: help me to fix it up.. but now the issue is with php ver... i would love to try to uninstall and install all packages again but i don't wana mess up with this server again... i have to put this server in production in 1 day. :( other wise i will be in a really big troble
<oryxtec> job risk :'(
<_Techie_> oryxtec, what php script is stuffing up?
<oryxtec> php ver 5.3.2 compatibilty issue
<RoyK> oryxtec: it probably isn't too hard to fix the script
<_Techie_> oryxtec, i dont wanna know the problem, i wanna know the script... we might be able to find an alternative
<RoyK> _Techie_: hardly - it's some asstrix-thing
<oryxtec> sorry for asking again but can u ssh into my server?
<RoyK> there aren't too many of them around
<RoyK> oryxtec: just upload the script somewhere or give me a link to the download site
<oryxtec> ok
<RoyK> oryxtec: you really don't want to ask people on an open channel to login to your box - beleive me
<_Techie_> unless you trust them
<RoyK> sure
<oryxtec> http://pastebin.com/sNx22Fs6
<RoyK> oryxtec: do you have an url for the original download? this was rather large.....
<oryxtec> thanks for advice.. yes u r right
<qman__> I see what's going on, it's defining a function called "goto()"
<qman__> which was probably okay before, but isn't now
<oryxtec> yes
<oryxtec> i have the URL
<oryxtec> do u want me to give it to u
<oryxtec> ?
<RoyK> perhaps rename that to ast_goto
<RoyK> and its references
<RoyK> oryxtec: otherwise, why would I ask?
<oryxtec> ook
<oryxtec> wget http://www.asterisk2billing.org/downloads/A2Billing_1.5.1.tar.gz
<oryxtec> dman__:  ast_goto where is that syntax?
<oryxtec> any findings?
<RoyK> how should I test it?
<oryxtec> php /var/lib/asterisk/agi-bin/a2billing.php -v
<RoyK> give me a few minutes
<oryxtec> sure
<RoyK> I used to work with asterisk for about five years
<RoyK> I hate that code
<RoyK> but then - helping out somehow isn't bad
<oryxtec> thanks :)
<RoyK> just need to do a little svn magic - I hate diffing by hand
<kirkland> SpamapS: sweet
<kirkland> SpamapS: ajaxterm = awesome
<oryxtec> Royk: in all forms it says that AGI is compatible with php 5.2 not with 5.3.2
<RoyK> I guess the changes required are rather small
<oryxtec> oooh ok
<hggdh> Daviey: 0ubuntu3.1 works :-)
<hggdh> so far...
<axisys> what is the solaris `passwd -f uid ' equivalent in ubuntu? i want to force the user to change his password during first ssh login
<RoyK> axisys: iirc you need to do some shadow magick for that
<guntbert> axisys: does http://www.linux-noob.com/forums/index.php?/topic/2228-force-password-change/ help?
<RoyK> oryxtec: the problem is, as mentioned earlier, is that they create a system call 'goto', which exists on newer versions of php. I can't figure out any references for that
<oryxtec> soo wht should we do now?
<RoyK> asterisk has that in its dial plan, which is ok, but I don't know anything about the relation between phpagi and this - it's not documented and not readable in the code
<RoyK> for a start, try this one
<RoyK> http://pastebin.com/P57r4Wg0
<RoyK> download, cd into the dir with phpagi and patch -p0 < nameofdownloaded.patch
<RoyK> or just apply the patch manually - it should be trivial
<oryxtec> this is only 22 lines code which u sent me rite
<RoyK> no, see - or +
<RoyK> - means 'take away', + means add
<RoyK> _two_ lines of code
<RoyK> I find no references of the goto call anywhere in that code
<RoyK> so changing the function name may be enough
<oryxtec> let me do that
<SpamapS> kirkland: how does it handle byobu?
<kirkland> SpamapS: really well
<kirkland> SpamapS: i have it going in my ec2 instance
<kirkland> SpamapS: F-key shortcuts don't work
<kirkland> SpamapS: but ctrl-a-<whatever> screen style does
<kirkland> SpamapS: it's repainting the screen perfectly every time
<kirkland> SpamapS: i can easily create a new binary package, byobu-webui, that depends on and configures ajaxterm
<oryxtec> Royk : i have to admit you guys are really professinal and helpful.. you guys are really kind from last 2 days you have help me alot... thanks alot to you and qman__: finally this issue has been fixed as well
<RoyK> works?
<oryxtec> i m raelly greatful for you guys
<oryxtec> yes
<RoyK> nice
<oryxtec> thanks alot once again
<oryxtec> :)
<RoyK> post my name and email on the patch :)
<oryxtec> hehehhe sure
<SpamapS> kirkland: yeah, marry that with ssl+mod_auth_pam and you have an ssh-free secure admin experience that works through most web proxies.
<oryxtec> well i didn't patch i simply replace those syntax
<RoyK> oryxtec: Roy Sigurd Karlsbakk <roy@karlsbakk.net> that is - they won't like it, though, the asstrix guys aren't very friendly with me, even if I did pay for the development of the jitterbuffer and PLC code......
<kirkland> SpamapS: we can team up on the next fedex day if you like ;-)
<SpamapS> kirkland: can EC2 key pairs be downloaded as SSL certs?
<kirkland> SpamapS: don't know;  that's a question for smoser
<SpamapS> would be pretty cool to be able to install it as an accepted client cert
<smoser> i guess i dont understand what you're after.
 * RoyK installs indianaOS
<smoser> you get the private key when you create it
<SpamapS> I mean, I'm still going to use SSH.. but I can see the occasional ruby dev turned sysadmin really appreciating it.
<smoser> the public key is generatable from the private key, or obtainalbe from inside an instance
<SpamapS> smoser: RSA key pairs are just that.. so if you could turn it into an x.509 cert, you could install it in your browser and use it to gain access to any SSL daemons that accept client certs
<oryxtec> Roynk: you won't belive me.. once i paid some one in asterisk chanl that guy took my money and never finish my work
<smoser> well, you have access to both private and public, so whatever you can do with that, you can do with that :)
<RoyK> oryxtec: I do beleive you :)
<SpamapS> kirkland: I'm down for doing that on the next fedex day for sure. Hopefully its before March. ;)
<mathiaz> SpamapS: looking at http://people.canonical.com/~pitti/workitems/maverick/u/mathiaz-ubuntu-10.10.html
<mathiaz> SpamapS: how often is the trend line calculated?
<axisys> guntbert: thanks a lot
<ttx> mathiaz: the trend line is based on day - 1
<ttx> mathiaz: so it changes every day.
<SpamapS> mathiaz: I believe the trend is turned up once a day has been superceded.
<mathiaz> SpamapS: ok
<guntbert> axisys: you're welcome :-)
<SpamapS> so tomorrow yours may be closer to straight. ;)
<mathiaz> SpamapS: I'd like to have it dynamic
<mathiaz> SpamapS: it'd be better for my satisfaction ;)
<ttx> mathiaz: like, using the current day value ?
<mathiaz> ttx: well - when I update my WI - I'd like to see the progress I made
<mathiaz> ttx: not something that is stale ;)
<SpamapS> mathiaz: Agreed.. feedback is king. :)
<ttx> mathiaz: but but but
<mathiaz> SpamapS: o^5
<ttx> mathiaz: you see that the green is above the line, that means "good"
<mathiaz> ttx: right. I should also learn to read the burn-up chart
<mathiaz> ttx: The only thing I'm looking at for now is the angle of the trend line
<SpamapS> I've always ignored all the trend lines because they tend to be very distracting IMO.
<ttx> the problem with using day 0 data is that the trends line ends up being pessimistic
<mathiaz> SpamapS: could add a hide/show trendline button on the webpage?
<mathiaz> SpamapS: ;) - I'm joking
<ttx> mathiaz: or a mouseover so that the trends line shows if you hover on day 0 data
<ttx> mathiaz: want to discuss your hadoop thing now ? Or else i'm reviewing jamesPage proposed branches.
<mathiaz> ttx: re hadoop packages in maverick - WDYT about an email to ubuntu-devel@?
<mathiaz> ttx: outlining the proposal and asking for feedback?
<ttx> mathiaz: hmm
 * SpamapS is about 1 for 4 on getting feedback when emailing ubuntu-devel
<uvirtbot> New bug: #638401 in php5 (main) "automated tests run during build fail due to apparmor protections for mysqld unless build is done in /tmp" [Undecided,New] https://launchpad.net/bugs/638401
<kirkland> SpamapS: agreed!
<kirkland> SpamapS: maybe we'll have one right after RC
<SpamapS> kirkland: I was thinking it should be right before the rally/sprint, where we can present it there.
<SpamapS> If we can squeeze one in the week before UDS that would be cool too.. but I'm sure we'll all be busy preparing for sessions. :)
<kirkland> SpamapS: i can make a little time, maybe :-)
<SpamapS> kirkland: what would be awesome would be if ajaxterm's backend could be enhanced to say "if they used a client cert, cool drop them to the configured user's home dir, otherwise, pop up a getty"
<Lichte> what's the command to find where a package has installed it's files ???
<soren> Lichte: dpkg -L package_name
<Lichte> thanks soren
<soren> Sure.
<Lichte> jeez, I can't believe how hard it is to get Trac installed
<SpamapS> Lichte: A lot of web apps are never really packaged right for distribution.. they're just homegrown things that somebody tars up and throws out to the world. ;)
<hallyn> jdstrand: how are you generating './configure' for the libvirt bzr tree?
<jdstrand> hallyn: I'm not touching it
<hallyn> it doesn't ship with git,
<jdstrand> hallyn: at least, not intentionally
<hallyn> oh, you start from the debian package?
<jdstrand> hallyn: oh, for a new version?
<jdstrand> hallyn: yes
<hallyn> right
<jdstrand> hallyn: do you want to know the full steps to compile from git?
<hallyn> to most closely reproduce the ubuntu setup, yes
<hallyn> well, i'll just do autogen with no options and see how that compares :)
<jdstrand> hallyn: this is what I have in my notes to compile from git: http://paste.ubuntu.com/493835/
<jdstrand> hallyn: you can do 'make dist-gzip' which should get you a release tarball. then you can untar it and toss the debian/ directory in there and go
<jdstrand> hallyn: you may want to disable all the patches in debian/patches/series when doing that though, since they almost always have to be redone
<Daviey> hggdh, yeah.. odd eh :)
<hallyn> jdstrand: yes, i've pulled out the already-applied patches, and i just took debian/ from libvirt-0.8.3...
<hallyn> jdstrand: but configure doesn't come with debian/, so not sure of my best approach
<hallyn> i could just copy it in from maverick
<jdstrand> hallyn: there is no configure with 'make dist-gzip'?
<hallyn> serge@sergelap:~/delme/libvirt/libvirt-0.8.3$ make dist-gzip
<hallyn> There seems to be no Makefile in this directory.
<hallyn> You must run ./configure before running `make'.
<hallyn> jdstrand: well, i'll look at the plain debian package and figure something out, thx
<jdstrand> hallyn: I think I'd run autogen.sh without args and then use the debian/ directory
<hallyn> jdstrand: that's where i'm at - which dies when trying to do make install-docs (in sbuild)
<hallyn> jdstrand: i wasn't sure whether that would give me the right setup, but i'll see
<jdstrand> hallyn: I had started a daily builder script
<jdstrand> hallyn: it doesn't work, but I would apt-get the stuff I mentioned, do a git checkout, run autgen without args and then make dist-gzip
<hallyn> (yeah, daily builder script is what i'm after)
<jdstrand> hallyn: I can say that on any given day trunk may not build
<hallyn> hm, maybe that's all it is then.  should'a tried that first
<lifeless> SpamapS: whose our java dude now?
<SpamapS> lifeless: that would be James Page :) not sure his IRC name
<lifeless> SpamapS: I just remembered that I needed to raise the abi-in-package-name thing so that we don't have these massive-pileups when have a dep set is changed.
<SpamapS> lifeless: right, I don't know how java manages ABI compatibility. From everything I've seen, there's a lot of embedding of specific revisions because there's no strong binding like native libraries have w/ soname
<SpamapS> lifeless: James is in the UK, so we'll have to wait until tomorrow to ask him. ;)
<lifeless> so a preponderance of java packages build via maven
<lifeless> and use that to define the needed jars to compile
 * SpamapS is somewhat amused by the confusion a word like tomorrow has when talking over the international date line
<SpamapS> right, and the debian maven helper seems to do a good job of corralling that
<lifeless> its a kludge
<lifeless> several reasons
<lifeless> firstly, its legitimate with the (noun forgotten) plugin method to have multiple versions of the same dependency loaded live into an appserver
<lifeless> e.g. you load eucalpytus and hudson and they have different dependencies, the appserver can partition the loaded versions
<lifeless> secondly,  because we can't represent the full richness of a maven repo, the helper is essentially lying :)
<SpamapS> lifeless: I believe yes the debian maven helper defaults to creating a symlink that creates a special maven "debian" version if your maven spec doesn't ask for a specific revision
<SpamapS> lifeless: but the actual versioned jar and spec should be there, and so, loadable.
<SpamapS> lifeless: that said, I see what you're getting at, that we really need to package *all versions* if that is to work.
<lifeless> SpamapS: the closure of referenced versions, yes. (Like we do with C library ABIs)
<SpamapS> lifeless: the difference there is, the convention with C libs is to build depend on 'lib-dev' and then only diverge from that when the library changes in a huge fundamental way. The convention in java is to depend on the version you've tested with, and never really revisit that.
<SpamapS> java programs tend to say "revision X works with lib version Y" and not update that version until a new version comes out.
<SpamapS> So we'd end up with a lot more versions in the repository.
<hggdh> Daviey: revno 1240...
<lifeless> SpamapS: OTOH that gives a certain stability
<Daviey> hggdh, I am aware :)
<lifeless> SpamapS: it tends to mean that you can take a latest-release X and run it on ooold servers
<Daviey> hggdh, Looks like an odd fix tbh
<hggdh> Daviey: looking it up
<Daviey> hggdh, Going to try it, but it looks like it attempts to - then logs a failure
<Daviey> can't quite see how it resolves the real issue
<hggdh> Daviey: what is the URL... I am confused by the many different versions of eucalyptus on bzr
<SpamapS> lifeless: it also means you're supporting a lot more versions of libraries for the lifetime of the release though.
<lifeless> SpamapS: policy vs implementation
<lifeless> SpamapS: currently our implementation gives just one policy choice : one-version, and a downside - heinous transitions and inability to reliably rebuild/rebootstrap the java package chain.
<SpamapS> Indeed, its not good. Thats why ttx had to fight so hard to get tomcat6 working just right.. and its a mature java stack.. something new like Cassandra has so much changing already, to throw in java library versions is a little scary.
<SpamapS> lifeless: I'd hope, too, that it would only be a few versions each release that ended up being retained.. probably not as bad as it sounds when you actually do it.
<Daviey> hggdh, http://bazaar.launchpad.net/~eucalyptus-maintainers/eucalyptus/2.0.0-lp/revision/1240
<hggdh> Daviey: thank you. This is getting out of control :-(
<Daviey> hggdh, awesome eh?
<hggdh> Daviey: quite so, if I may say...
<SpamapS> lifeless: one thought I had was to simply add a field to the packages that basically says "this package embeds this version of java library X" and then you just let them all embed their own jars.
<lifeless> SpamapS: hell no.
<SpamapS> lifeless: which would still let you repeat the build, as you could get the same verisons of said libs
<Daviey> SpamapS, and if you need to fix a security issue in libjava-foo ?
<SpamapS> Daviey: java doesn't have security issues ;)
<Daviey> heh
<Daviey> SpamapS, everything in java works perfectly :)
<SpamapS> You would fix it in said version, and then look for packages that embed that version, and update them all.
<hggdh> Daviey: is this is correct, the only thing I can think of is the groovy change (we usually get a lot of syntax errors on the groovy scripts)
<Daviey> hggdh, nah.. looking at the merge history - looks to be unrelated
<elb0w> How do I specify a different data directory for mysql
<elb0w> in ubuntu
<elb0w> We made the change in app aromor
<elb0w> armor
<elb0w> and now I just killed it
<hggdh> Daviey: then I wonder how putting it in a try{} & reporting an exception is magic (unless the exception goes on to create the context)
<SpamapS> elb0w: the apparmor profile should be loaded when you start it the next time.
<SpamapS> elb0w: are you still getting a permission denied?
<zul> elb0w: you will have to modify the apparmor profile as well
<hggdh> Daviey: hum. That might well be it -- the exception in not percolating up the code now
<uvirtbot> New bug: #638476 in openldap (main) "package slapd 2.4.21-0ubuntu5.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/638476
<Daviey> hggdh, So... currently it's going bang - and therefore throwing a 500
<Daviey> now that is nicely handled, so continues to process the rest of the request
<Daviey> is current theory
<hggdh> sounds plausible. But there is only way to find out...
<hggdh> but I still hate when fixes get mixed together with no explanations
<Daviey> hggdh, totally
<hggdh> Daviey: and I am not sure why we need to log an error *every* time an instance starts... but oh well.
<uvirtbot> New bug: #638479 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu5 failed to install/upgrade: sous-processus script post-installation installÃ© tuÃ© par le signal (ComplÃ©tÃ©)" [Undecided,New] https://launchpad.net/bugs/638479
<Daviey> hggdh, agreed
<Daviey> hggdh, if i push this patch to a PPA... are you around to test it?
<Daviey> I need to go to bed :(
<hggdh> Daviey: like if we had other things to do ;-)
<hggdh> Daviey: yes, of course
<hggdh> Daviey: push it off and get to bed, I will test it
<Daviey> hggdh, splendid
<Daviey> hggdh, Uploading now..
<Daviey> hggdh, please out your feedback on either the ml, bug report or pm me here, and i'll see it in the morning
<Daviey> hggdh, you rockin'
<Daviey> hggdh, *ubuntu3.2 fwiw
<Daviey> (although really r1240)
<hggdh> Daviey: will do
<Daviey> hggdh, :)
 * Daviey grabs some much needed Zzzzzz's
<Daviey> o/
<hggdh> :-)
#ubuntu-server 2010-09-15
<smokie> hey guys, is there a way to find out if the ubuntu version im running supports ipv6 or not?
<qman__> smokie, all supported ubuntu versions have ipv6 enabled by default
<qman__> I would say all versions, but I'm not sure about really old ones, before dapper
<smokie> qman__, im trying to run HE ipv6 tunnel on my ubuntu, but its always giving me destination unreachable when i try to ping6.. from what i read it has something to do with protocol41.. do you know anything about it?
<qman__> but dapper and all since do
<qman__> sorry, I don't
<qman__> I know you can verify that ipv6 is enabled with a simple ifconfig
<qman__> your interface should have an ipv6 address
<qman__> but I'm not familiar with configuring tunneling
<smokie> it is showing up there
<smokie> and i can ping6 the ipv6 localy fine
<smokie> but cant ping6 anything outside my network
<_Techie_> smokie, does your ISP support IPv6?
<smokie> _Techie_, yes it does
<smokie> i got it working.. user error
<smokie> i had the ips switched
<fundacion> hola
<fundacion> ayudenme con esto
<fundacion> estoy convenciendo a unas personas para que se cambien de win a linux
<fundacion> entonces quiero preparles una esposicion del porque pasarse a linux
<fundacion> ademas
<fundacion> quiero mostrarles unos detalles sobre la inseguridad que tiene win
<fundacion> y es lo que estoy buscando ahora
<fundacion> me pueden ayudar?
<fundacion> nadie en espaÃ±ol?
<smokie> one last thing, might b unrelated, if i have a shell script to run, is there a way to track what it does?
<hggdh> fundacion: the official language here is English. You can try #ubuntu-es
<fundacion> ok thanks
<wickedSA> smokie: -x will give you verbose output, at least for bourne shell derivs. sh -x ./script.sh
<Crankygeek> Can anyone explain to me how to install a SSL Cert? I have already requested it and have the cert, just not sure how to import it
<qman__> Crankygeek, it's in the server guide, allow me to link you more directly
<Datz> Hello, having some trouble with networking.. sudo ifup eth0 -> SIOCSIFADDR: No such device. eth0: ERROR while getting interface flages : No such device. Bind socket to interface: No such device
<qman__> Crankygeek, for apache, see the section "HTTPS Configuration" here: https://help.ubuntu.com/10.04/serverguide/C/httpd.html
<qman__> Datz, looks like you don't have an eth0
<qman__> did you recently replace a network card?
<Datz> qman__: well, using vmware, other VM's work. I just moved this VM after an install.
<Datz> should have told ya, sorry
<qman__> it probably just changed MACs
<qman__> you have to clear the udev persistent rules for the new one to get eth0
<Datz> humm, I see
<Datz> although, I'm not sure how to go about it.
<qman__>  /etc/udev/rules.d/70-persistent-net
<qman__>  /etc/udev/rules.d/70-persistent-net.rules contains the information
<Datz> ok thanks, taking a look now
<qman__> you can delete it or modify it
<qman__> then reboot
<Datz> so I can delete 70-persistent-net.rules and reboot?
<qman__> yes
<qman__> it will regenerate
<Datz> awesome, trying now. thanks :)
<qman__> with the first attached NIC getting eth0, etc
<Datz> ah, great :)
<Datz> haha.. working. I didn't think it would be that easy. thanks a bunch qman__!
<poki> hello
<poki> i cant found corect code for install ubuntu desktop
<Four2zero> hello everyone, i just setup a samba server for file shareing a specific directory, and i am able to access on one machine, but as for wireless access im not able to access the samba shared directory " Windows cannot access \\media-server\movie library" How can i trouble shoot this ?
<YankDownUnder> Four2zero, Check the settings in your smb.conf to see if the IP address of the wireless network is allowed access mate.
<Four2zero> YankDownUnder what am i looking for in smb.conf ?
<YankDownUnder> interfaces = XXXXXXXXX blah blah blah
<YankDownUnder> Four2zero, It's directly under the ## NETWORKING ## header
<Four2zero> YankDownUnder i will check
<Four2zero> YankDownUnder the comment is still enabled, " interfaces = 127.0.0.0/8 eth0
<Four2zero> should i uncomment that section
<YankDownUnder> Four2zero, On my server here, and on all the servers I setup, I just comment them completely out so that there is access on every interface.
<Four2zero> so leave as default with ;
<Four2zero> so already comment them out
<YankDownUnder> Yes.
<Four2zero> still same issue windows cant access
<YankDownUnder> Ditto with "bind interfaces only = yes"
<Four2zero> after i did reloads samba
<YankDownUnder> Um...if you make a change, you have to 1.) Restart samba, 2.) Reboot the Windows workstation.
<YankDownUnder> Is the security set to user or share?
<Four2zero> okay, yeah, i restarted the user
<Four2zero> security set for user
<Four2zero> bind interfaces is commented out as well.
<Four2zero> rebooting the machine.
<YankDownUnder> Four2zero, Here is mine: http://pastebin.ca/1941056
<uvirtbot> New bug: #638585 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Confirmed] https://launchpad.net/bugs/638585
<hggdh> Daviey: for when you wake up: (1) obviously, power is back ;-); (2) so far... never been better, ~1,000 instances ran, no failures; (3) heading to bed
<hggdh> Daviey: oh, yes, still ~1,000 instances to go.
<Four2zero> YankDownUnder, thank you for your smb.conf but still did not fix the issue.
<Jeeves_Moss> is there a way to prevent VMWare server from grinding the host OS to a halt?
<Four2zero> i used exact same settings you provided.
<Four2zero> could be a permission issue ?
<Four2zero> could it be a permission issue ?
<Jeeves_Moss> Four2zero, what's the issue?
<Four2zero> Jeeves_ samba shared directory.
<Four2zero> i'm able to access the shared directory on my desktop running windows7
<Jeeves_Moss> Four2zero, and you're having issues with people connecting?
<Jeeves_Moss> you need to make sure the users are in the samaba group
<Four2zero> but my other devicese such as netbooks under user accounts cant access the shared directory and they too are windows 7
<Jeeves_Moss> hummm, max # of clients set?
<Jeeves_Moss> same user/pass?
<Four2zero> in windows 7 netbook it says: The network path was not found
<Jeeves_Moss> can you ping the server?  see the share with "net use"?
<Four2zero> from the netbook
<Jeeves_Moss> the one that's having issues connecting
<Four2zero> ping from netbook is successful
<Four2zero> sent 4 rec 4
<Four2zero> 0 lost
<Four2zero> thing is when trying to connect to the netbook does not get no prompt for username or password to be entered
<Four2zero> when trying to connect it gets a pop up, Windows cannot access \\media\movie library
<YankDownUnder>  Four2zero Was out
<Four2zero> np
<YankDownUnder> Four2zero, Windows what?
<Four2zero> windows still giving me same error
<YankDownUnder> Um...have you possibly overlooked the obvious?
<Four2zero> windows cannot access \\MEDIA-SERVER\Movie Library
<YankDownUnder> Rename the share to something simple. "Movie Library" is NOT simple. No capitals, no quotes, nada.
<Four2zero> okay.
<YankDownUnder> Four2zero, So if you rename the share in your smb.conf to a simpler name, restart samba, that should resolve that issue.
<YankDownUnder> Four2zero, Just as an example, on a server I admin, I called the movie share simply "video" => also, I have "documents" and "pictures" => get the picture?
<Four2zero> got the picture
<Four2zero> Windows cannot access \\MEDIA-SERVER\videos
<YankDownUnder> Samba does not like to utilise complex names - that's for all-around compatibility. However, if your clients were something other than Windows, you'd have a bit more success...but that not being the case, you have to live with a kludge.
<YankDownUnder> Four2zero, Check/edit the share information in your smb.conf, then also DOUBLE CHECK the actual pathname in linux.
<YankDownUnder> Four2zero, Just to be more clear, if you've got a linux directory called "Movie Library" - before you're sharing it, rename it to possibly Movie-Library => then in your path to the share in the smb.conf, you can do /blahl/blah/Movie-library => restart samba.
<Four2zero> okay
<Four2zero> hahaha
<Four2zero> i figured it out....finally
<Four2zero> what it was
<Four2zero> that was preventing the access
<Four2zero> sudo umount -t ntfs /dev/sdb1 /media/storage -o uid=1000,gid=100,utf8,dmask=027,fmask-137
<Four2zero> minus the u
<Four2zero> in "umount"
<YankDownUnder> Right oh.
<Four2zero> i went ahead and umounted the drive as so... without the "-o uid=1000,gid=100,utf8,dmask=027,fmask-137
<Four2zero> and was able to access with netbook.
<Four2zero> so i would like to understand why i had to edit the line in the fstab, so it can be accessable ?
<YankDownUnder> In all reality, sharing from a "removable" device is a bit silly, but hey, to each their own.
<Four2zero> I notice with "writeable = yes" set, Anyone can read/write to it....what is the option to set to read only for different users ?
<Four2zero> i dont want all family members to delete any files within that specific directory.
<Four2zero> is this possible
<_Techie_> Four2zero, yes, permissions
<Four2zero> _Techie_ is what i need to modify ?
<Four2zero> File creation mask is set to 0700 for security reasons. If you want to
<Four2zero> # create files with group=rw permissions, set next parameter to 0775.
<_Techie_> not quite
<Four2zero> _Techie_ what did you mean by "permissions" ?
<_Techie_> you want your read only users to be connected via guest, and you want to login with a user that is the owner of the files
<_Techie_> so you will want the permissions to be 774
<Four2zero> right. i want the rest of the house hold to only have read-only
<_Techie_> that way only the owner and the group of the file will be able to write and execute, everyone else will be read only
<Four2zero> okay, so i need to add this to the same area as my [Shared] section
<_Techie_> yep
<Four2zero> gotcha, will test out right now.
<Four2zero> 774 or 0774
<_Techie_> 0774 for good luck
<Four2zero> lol i first tryed 774, no luck, it was 0774....lol
<Four2zero> thanks
<uvirtbot> New bug: #638641 in ntp (main) "package ntp 1:4.2.4p8+dfsg-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/638641
<uvirtbot> New bug: #638565 in php5 (main) "php5 crashed with SIGSEGV in strcasecmp()" [Undecided,New] https://launchpad.net/bugs/638565
<uvirtbot> New bug: #638568 in apache2 (main) "apache2 crashed with SIGSEGV in strcasecmp()" [Undecided,New] https://launchpad.net/bugs/638568
<uvirtbot> New bug: #638663 in elinks (universe) "Startup Error  $HOME directory" [Undecided,New] https://launchpad.net/bugs/638663
<MrPPS> hey guys - I'm looking to do virtualization on a server: what's my best option?
<MrPPS> (ubuntu server)
<MrPPS> (lucid)
<SpamapS> MrPPS: what is the intended purpose of virtualization?
<MrPPS> SpamapS: to run 2 to 3 small virtual root servers for others to use
<SpamapS> MrPPS: do you want to be able to setup/teardown nodes easily, or just want to run 3 or 4 things on one big box isolated from one another.
<MrPPS> SpamapS: being able to setup and tear down the VM's easily would be nice, but not essential: i really just want to isolate the systems
<SpamapS> MrPPS: if you use UEC they'll be able to create and destroy VMs themselves.
<SpamapS> MrPPS: otherwise just setup kvm.. seems to have better support than xen.
<MrPPS> SpamapS: how does UEC compare to Xen or KVM, both in support, and ease of setup?
<SpamapS> MrPPS: UEC uses KVM
<SpamapS> MrPPS: it attaches a frontend to it, and uses the EC2 API, so people can use tools built for managing EC2
<MrPPS> ah ok - are there any good setup guides for getting KVM up and running, and how does KVM's performance compare to Xen?
<MrPPS> or could you suggest any guides that work for Xen on Lucid?
<MrPPS> SpamapS: well, thanks for the suggestions :)
<SpamapS> MrPPS: https://help.ubuntu.com/community/KVM :)
<SpamapS> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<MrPPS> SpamapS: thanks, I'm on that page now - i think i won't have any trouble with that, but my main trouble will come from networking
<MrPPS> i have a dedicated box, which has 1 primary IP, and 3 additional IP's available on the 1 interface
<MrPPS> figuring out how to pass them onto a xen machine as a dedicated IP so they can be reached from the internet may be difficult?
<SpamapS> MrPPS: bridged should work fine with that.
<SpamapS> MrPPS: you'd just take them off the host OS's eth0, and put them onto the eth0's of the guests.
<SpamapS> I think
<SpamapS> I admit, I've never done a kvm setup.. just Xen.
<MrPPS> i would really like Xen, but it doesn't appear to be ubuntu friendly at the moment
<MrPPS> and i dont really want to go to debian or opensuse if i can avoid it
<Four2zero> Configure database for phpmyadmin with dbconfig-common, i said yes to this is not recommned, or can i revert back to say No
<Four2zero> by just reinstalling phpmyadmin ?
<SpamapS> Four2zero: sudo dpkg-reconfigure phpmyadmin
<Four2zero> SpamapS i figured it out thanks
<Four2zero> however can you explain why i get this: http://pastebin.ca/1941153
<SpamapS> Four2zero: no clue, what is printing all of that stuff out?
<SpamapS> Four2zero: FYI, I do not recommend using phpmyadmin
<Four2zero> phpmyadmin
<SpamapS> Four2zero: its worth your time to learn the mysql command line.
<Four2zero> really.
<Four2zero> so i should remove it
<Four2zero> SpamapS do i want to pur the database for phpmyadmin ? since im uninstalling it ?
<SpamapS> Four2zero: I don't know. I'd say no if you're not 100% sure.
<Four2zero> well purge the database for phpmyadmin? if its, not installed then I should purge it if im correct
<Four2zero> okay i removed phpmyadmin
<Four2zero> SpamapS can you take a look at this link please ?
<Four2zero> can i pm u the link
<Four2zero> that's a no
<mil132> anyone run squid?
<Four2zero> whats squid ?
<mil132> squid proxy
<qman__> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<mil132> well, I am specifily looking for the rough successes rate of the cache function. looking to implement it and see if i could make out a rough "reduction of bandwidth" percentage to write on my proposal
<qman__> that depends a whole lot on what you do with the internet, and what settings you use
<qman__> it's all customizable
<qman__> I use squid to cache updates
<mil132> windows, or just ubuntu
<qman__> ubuntu, as windows update is proxy unfriendly
<qman__> if you're looking to consolidate windows updates specifically, look into WSUS
<Four2zero> or opendns
<qman__> opendns is not a proxy
<Four2zero> i know.
<mil132> well, the enviroment that this would be deployed in is a student dormitory, so basicly, just looking to cache websites
<Four2zero> HTTtrack
<qman__> well, it'll reduce the number of times the facebook logo gets downloaded, but stuff that only gets looked at once, or updates constantly like twitter or news articles, it won't help with
<mil132> this would have to be transparent to the users, so squid in a transparent proxy form would be the role
<qman__> it will reduce your bandwidth, but depending on usage it could be minor, a few percent
<mil132> are we talking like 10-15?
<qman__> and to be effective you need a few hundred gigs of proxy data
<qman__> if they're heavy youtube users, 1%
<mil132> well, I was planing on giveing it a ~4tb storage pool to use
<mil132> and a hefty amount of RAM
<qman__> good choice
<qman__> with that much space you could cache much bigger files
<qman__> so it really depends on how many files get requested repeatedly
<mil132> there looks to be a kinda beta for youtube cacheing on squid
<qman__> if they visit the same sites and watch the same videos and such, it'll be a significant reduction
<mil132> they are college students, facebook is like 40% of the hits on the gateway some days
<qman__> try to track where they go and parse for repeat requests
<qman__> then I think you'd see notable improvement, lower bound 3%, upper bound 20%
<mil132> sounds about right
<qman__> but yeah, unfortunately, windows update doesn't work with a caching proxy
<mil132> wouldent expect it to
<qman__> it does some nasty things that break it
<mil132> basicly, all http will be ran threw the proxy
<mil132> that should not fuss to much with WU right?
<qman__> no, it'll still work, it just won't cache the updates
<mil132> that was not a goal anyway, so that is not a problem
<qman__> you're going to want to mark some sites (such as blackboard) as never cache, or with short cache times like 5 minutes
<qman__> but most sites will work fine with a 12-24 hour cache cycle
<mil132> good point, putting that in my notes
<ttx> SpamapS: the graph is still broken. More subtly, but still :)
<mil132> is there any HA guide for squid aswell, or will that have to be implemented in the roughter
<mil132> err, router
<qman__> I don't know about squid's abilities in that regard
<qman__> but I know you could do some routing tricks to have a backup server
<qman__> or to just let traffic through normally if the server goes down
<mil132> well
<mil132> yea, but, the students are kinda, well, not the most well manerd users
<mil132> so if it goes down, management would have my... head
<mil132> at least until it came back up
<qman__> right, you can configure a router to detect if it goes down and just switch over
<qman__> and when it comes back, switch back
<mil132> that was kinda the plan, as i did not see any HA docs on the squid wiki
<qman__> not sure about doing that with ciscos or what have you, but with a linux or BSD router you could
<mil132> sonicwall, but yea, it is a function
<qman__> script a check to make sure it's up
<mil132> you think a dual 3.0 xeon with 4tb raid5 and 8gb ram would do the trick, becase that is what I had spec'd out
<qman__> that should be fine for at least a few hundred users
<mil132> think it is 300-400 depending on the time of year
<qman__> might want a little more RAM if it's slow
<qman__> but that's a good choice
<mil132> yea, 16?
<qman__> yeah
<qman__> gigabit backbone?
<mil132> fiber to each floor, then 100mb to each room
<qman__> yeah, that should work fine
<qman__> just want to make sure the link between the router and the proxy server is fast and clear
<uvirtbot> New bug: #638708 in tomcat6 (main) "Cannot start as logged in user" [Undecided,New] https://launchpad.net/bugs/638708
<qman__> to work effectively, it's going to need testing and tweaking
<qman__> of cache sizes and parameters
<mil132> that is what I plan to spend the most time on
<mil132> hopefully only about a half day of no internet, then ~4 days of tweeking
<qman__> should only take maybe ten minutes of no internet at all
<qman__> then a few days tweaking
<mil132> well, I always quote more, just in case
<qman__> yeah
<mil132> plus it makes you look better :)
<qman__> and during the testing you'd have lots of momentary downtimes
<qman__> of course that's a good time to set up and test the automatic failover
<qman__> if it doesn't break the internet when you restart squid, you'll be set there
<mil132> testing will be done on a sperate network, then once all is solid on the network end, we will move the servers over
<qman__> good show
<qman__> my school didn't have the budget for that
<qman__> but definitely the right way to do it
<mil132> heh, we are a private compnay
<mil132> we own a few buildings and all of them are student housing
<qman__> ah
<mil132> so we have kids that go to a few differnat colleges
<qman__> well, done right, it should definitely improve performance and reduce overall bandwidth used
<mil132> being done right the key qualifyer
<mil132> thanks for your help qman
<qman__> no problem, good luck
<uvirtbot> New bug: #459048 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind() (dup-of: 343870)" [Medium,New] https://launchpad.net/bugs/459048
<Four2zero> is webmin good to use on ubuntu-server, or should there be another recommended panel
<Four2zero> what panel should i use to administer the my ubunut-server ?
<qman__> !webmin | Four2zero
<ubottu> Four2zero: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<qman__> !ebox | Four2zero
<ubottu> Four2zero: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Four2zero> thank you qman__
<qman__> of course I wouldn't recommend using a web GUI at all, but that's my preference
<Four2zero> qman__ why is your opinion ?
<Four2zero> why, what is your opinion on that
<qman__> more trouble than they're worth, I'd rather just use SSH
<qman__> when you use one of them, you're limited to what they offer
<qman__> if you need configuration outside of that, they cause trouble rather than make things easier
<Four2zero> that's food for thought there !
<Four2zero> I will keep that in mind.
<MrPPS> what's the equivalent of the "tunctl" command in ubuntu?
<uvirtbot> New bug: #638738 in libcommons-fileupload-java (main) "Enable portlet API in commons-fileupload" [Wishlist,Triaged] https://launchpad.net/bugs/638738
<ttx> JamesPage: nice and quick work on those libraries !
<soren> MrPPS: tunctl.
<soren> MrPPS: It's in uml-utilities.
<soren> MrPPS: Next time, if you want the equivalent of something rather than the thing itself, it might be helpful to specify what you want to do.
<MrPPS> soren: sorry, i just wanted to find the tunctl util
<MrPPS> to i did an aptitude search
<MrPPS> couldn't find it in there, and figured you used a different utility
<MrPPS> thanks for letting me know
<soren> MrPPS: That's what I'm saying. If we didn't have tunctl, you should specify what you want to do so that we can point you at the right tool.
<MrPPS> soren: ok, thanks for the help
<donttrustem> hi guy's is there a debootstrap script for lucid?
<soren> of course.
<donttrustem> soren:I am running an old edgy box running xensource so I can use apt to retrrieve the lastest debootstraps ...
<soren> donttrustem: Then you're screwed.
<soren> In so many ways, it's not even funny.
<donttrustem> Really ...
<soren> edgy went out of support /years/ ago.
<donttrustem> only 2 years ago
<soren> I don't even want to think how many high-risk kernel vulnerabilities that thing must have.
<donttrustem> OK .... point taken
<donttrustem> I will upgrade the system
<SpamapS> soren: I ran 3 RH 8.0 boxes up until May of this year.. ;)
<SpamapS> that one, old, proprietary, statically linked, PoS app that wouldn't work on any other version.. just refused to die.. ;)
<donttrustem> soren: Can I download the lucid script seperatley
<soren> SpamapS: When did that go out of support? I don't follow RedHat's release cycle at all :)
<soren> donttrustem: You can try.
<soren> donttrustem: It's in the debootstrap package.
<SpamapS> soren: hah.. 2004. ;)
<soren> :(
<donttrustem> soren: I just want to build the domU ... How do I extract the .deb
<soren> Just install it?
<donttrustem> OK...
<soren> Or extract it with dpkg-deb if you insist.
 * SpamapS has just realized that he completely forgot to go to bed
 * SpamapS passes out
<soren> donttrustem: Oh, by the way..
<donttrustem> I will upgrade the server next week
<soren> donttrustem: We don't support Xen dom0 anymore.
<donttrustem> I am moving to xenserver
<donttrustem> soren: Citrix version
<soren> I'm not sure what that means in this context.
<soren> Do they provide the dom0, then?
<donttrustem> soren:http://www.citrix.com/English/ps2/products/product.asp?contentID=683148
<donttrustem> soren: the do it a different way
<soren> I'm not in the mood to read marketing material.
<soren> Ever.
<soren> :)
<donttrustem> OK
<donttrustem> :)  http://community.citrix.com/
<soren> Doesn't look much better.
<soren> Do they provide the dom0 is all I'm asking.
<soren> Because Ubuntu doesn't.
<soren> Not that I really care. I'm just saying that Ubuntu doesn't, so if you rely on Ubuntu to provide a dom0, you're screwed.
<donttrustem> dunno need to check but the DC I am using run this on all there ubuntu servers
<donttrustem> so it must work
<soren> Ubuntu Edgy provided a dom0.
<soren> We grew up, got wiser, ditched Xen.
<donttrustem> soren: virtualistion is the way to go ...
<soren> Yes. Xen isn't.
<donttrustem> soren: what do you suggest
<soren> KVM.
<ttx> that's not just what soren suggests, that's the thing we support.
<ttx> post-edgy.
<soren> A surprising coincidence :)
<ttx> yes, there must have been a reason for keeping those old insecure boxes around :)
<soren> donttrustem: However, if your hardware is from the Edgy era, you're probably screwed.
<donttrustem> soren: poweredge 1950
<jpds> ttx: They work?
<soren> donttrustem: I don't speak Dell.
<maswan> We're slowly moving our dapper machines up to lucid now. But then we got more time by chosing LTS releases.
<donttrustem> LOL
<jpds> soren: Doesn't Ever Last Long - yes.
<soren> maswan: *gasp*
<maswan> soren: We're getting better at it, I think our last couple of breezy machines were about a year out of support by the time we finally ditched them. :)
<soren> I actually found a laptop on a shelf recently that still ran Breezy.
<soren> Aw, breezy. Great days.
<donttrustem> crap ...I ran the dpkg and it wiped out my scripts from /usr/lib/debootstrap/scripts
 * Daviey did the same with dapper... and couldn't remember by login details :)
<Daviey> my*
<donttrustem> where does it install to please
<ttx> jpds: depends on your definition of "work"
<donttrustem> fpind them
<ttx> jpds: i wouldn't want to trade security vulnerabilities in exchange of "don't touch it if it works"
<jpds> ttx: Oh, I thought you meant old == age of the box, not the release.
<donttrustem> All working ...  :)
<RoyK^> how can I change the screen resolution on the console in 10.04?
<RoyK^> it's way too small :)
<soren> donttrustem: /usr/share/debootstrap where they've always belonged.
<donttrustem> :(  W: Failure trying to run: chroot /mnt/xen dpkg --force-depends --install /var/cache/apt/archives/base-files_5.0.0ubuntu20_amd64.deb /var/cache/apt/archives/base-passwd_3.5.22_amd64.deb
<RoyK^> or - resolution is too large, that is
<donttrustem> soren: any idea on that error?
<soren> no
<donttrustem> does anyone know
<ttx> yay, all server $bugs triaged
<twb> donttrustem: what are you trying to achieve?
<donttrustem> twb: debootstrap lucid /mnt/xen http://gb.archive.ubuntu.com/ubuntu/
<twb> donttrustem: pastebin the entire transcript
<twb> donttrustem: also, if you're doing that ON a lucid host, try cdebootstrap or multistrap
<donttrustem> twb: the debootstrap script
<twb> donttrustem: run script -c "debootstrap lucid /mnt/xen http://gb.archive.ubuntu.com/ubuntu/"
<twb> donttrustem: it will create a file called "typescript".  Pastebin the contents of "typescript"
<ttx> SpamapS: working on EU tz ?
<donttrustem> twb: http://pastebin.com/3tb8UncB
<twb> donttrustem: are you running this as root?
<donttrustem> yeah
<ttx> Daviey: is there any value in me installing a fresh UEC right now ? (i.e. do you have another upload pending ?)
 * ttx needs to reproduce bug 628055 again
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<twb> donttrustem: what does "grep /mnt /proc/mounts" say?
<donttrustem> "/dev/vg1/cccam.root /mnt/xen xfs rw 0 0"
<twb> OK, run the same script command again, but pass --verbose to bootstrap
<donttrustem> twb: I ran as --verbose but the output was the same
<donttrustem> twb: script -c "debootstrap --verbose lucid /mnt/xen http://gb.archive.ubuntu.com/ubuntu/"
<twb> Does dmesg | tail give any hints?
<twb> Are you running this on a host that's *already* a domU or so, or are you running it on a "real" ubuntu machine?
<donttrustem> I am running it on the Dom0
<Daviey> ttx, Hmm
<Daviey> ttx, Well i do have an uploading pending... but the binary ~= what is in my PPA
<donttrustem> twb: which is the real ubuntu machine
<Daviey> ttx, the change being fix to metadata service.
<ttx> hm. I can install from ISO, upgrade to your PPA
<donttrustem> twb: no entry in dmesg ....
<Daviey> ttx, So if you tested installation from current archive, then upgraded to my PPA you'd get a good test
<ttx> ack
<Daviey> (nothing in regards to installation procedure has changed from my PPA)
<Daviey> ttx, Depending how much time you have spare.. testing lucid->maverick upgrade is also something that really needs to get done today aswell (on my hit list, but more eyes the better)
<donttrustem> let me try another distro
<donttrustem> twb: I have done this many times and it works .. but this is the first time with Lucid
<ttx> Daviey: ew. maybe not time for that. will try
<twb> donttrustem: right; I don't know why it isn't working
<donttrustem> twb: what  was the distro before lucid
<jpds> karmic
<twb> hardy
<Daviey> ttx, I'm expecting success - the last test was successful.. so don't need to panic about it.
<Daviey> (or seemed to be successful... but i guess today i want to add confidence testing)
<donttrustem> hmm! same problem
<donttrustem> maybe I can run that part of the script  manually
<donttrustem> twb: chroot /mnt/xen
<donttrustem> groups: cannot find name for group ID 0
<donttrustem> I have no name!@xen:/#
<donttrustem> twb: http://pastebin.com/fwjpiW3L
<twb> That's because /etc/passwd (provided by base-files) isn't unpacked
<twb> debootstrap *should* be unpacking a bunch of core packages before it does the first chroot
<donttrustem> twb: is there a problem with the scripts
<twb> I don't know what is up with those EBADFD's
<twb> Try cdebootstrap
<donttrustem> OK
<twb> It's faster anyway
<donttrustem> twb: I don't have that installed
<twb> So install it
<donttrustem> Man I going to get the server rebuilt ....
<donttrustem> twb: can't install the package dependencies
<oryxtec> an we block all traffic coming to my server on port 5060 udp and we can only allow some specific IP to come and register on 5060 udp port?? through IPtables
<oryxtec> ?
<shauno> I believe rule work off the first match, so as long as the address-specific rule comes first, should work as described
<oryxtec> please can you guide me.. how to make iptables rules
<Dona|d> oryxtec > http://www.google.dk/search?hl=&q=iptables+rule+generator
<twb> !ufw > oryxtec
<ubottu> oryxtec, please see my private message
<twb> oryxtec: oh, sorry, 5060 is SIP.  SIP doesn't just use one port, it's tricky
<twb> oryxtec: maybe have a chat with #shorewall or #netfilter
<oryxtec> twb: acutally there are some IP addreses
<oryxtec> who are hitting my asterisk server .. trying to regiester with my server
<oryxtec> i want to block those ip address
<oryxtec> how can i do that?
<twb> oryxtec: man hosts.deny?
<oryxtec> wht is that?
<oryxtec> :)
<twb> oryxtec: sorry, I don't care to help you further.  Wait patiently; maybe someone else will.
<oryxtec> k.
<bobslaede> Hey. Im trying to wrap my head around setting up a dev-server at home, behind my router, with several virtual hosts, and I want each virtual server, to have its own subdomain, on my domain. Should I do some DNS server, or reverse proxy?
<bobslaede> virtual hosts = virtual machines
<joschi> bobslaede: try dnsmasq
<bobslaede> joschi: I have been looking into that. Will that enable be to map dev1.example.com to one VM, and dev2.example.com to a second one, while i only have one wan-ip
<joschi> bobslaede: that's not possible at all
<joschi> bobslaede: you'll need to do some portmapping/NAT/PAT
<bobslaede> thats why i havent found any articles on it
<bobslaede> joschi: i have been thinking about doing a reverse proxy with nginx
<joschi> bobslaede: you could do something like port 10022 maps to vm1, port 22/tcp; 20022 maps to vm2, port 22/tcp etc.
<joschi> bobslaede: if you use only http/https that will work
<joschi> bobslaede: but not with much else
<bobslaede> joschi: yeah, but then i would have to have dev1.example.com as example.com:1022 instead right?
<joschi> bobslaede: yes
<bobslaede> yeah, thats what im trying to avoid
<bobslaede> I think it can be done with nginx, but then it would still only be for http/https
<joschi> bobslaede: what exactly do you want to achieve?
<bobslaede> site1.dev1.example.com, site2.dev1.example.com db1.example.com
<bobslaede> as virtual machines
<bobslaede> with one wan-ip
<bobslaede> having *.example.com mapped to the wan ip
<bobslaede> and routed to the server
<bobslaede> if that makes any sense at all :)
<joschi> bobslaede: ok. you can use a proxy for some services, e.g. http. but that only works because these protocols send the hostname in-band (HTTP/1.1 host header for example).
<joschi> bobslaede: this won't work with other services, like MySQL or SMTP, so you'll need to use port-mapping for these
<bobslaede> joschi: yeah, that was my worries, and why i was thinking about some dns setup.
<joschi> bobslaede: which won't get you anywhere
<bobslaede> joschi: nginx however, is able to translate for smtp, and couchdb at least
<joschi> bobslaede: why do you need to make your development boxes externally available anyway?
<bobslaede> joschi: well, mostly for fun, and to enable clients to the progress on websites
<joschi> bobslaede: couchdb uses http as its application protocoal
<joschi> s/protocoal/protocol/
<bobslaede> joschi: then, that explains that :) havent used it before, but wanna try it out
<bobslaede> joschi: if clients wants to check out a website in progress, or bug fixing, its easier to go to dev1.example.com than example.com:1022
<joschi> bobslaede: and now tell me again why you need any other service than http available externally...
<bobslaede> joschi: or if im running a 3rd party cms tool or something, that doesnt work well with ports
<bobslaede> joschi: that parth would be the just for fun part of it. Just to try
<bobslaede> and learn
<Daviey> hggdh, Are you around?
<hggdh> Daviey: yes
<Daviey> hggdh, two mins, on a call.
<hallyn> jdstrand: do you know why libvirt on lucid is failing to build (https://launchpad.net/~ubuntu-server-qa/+archive/regression-test/+build/1960449)?  (well, it's bailing bc it finds no macvtap support in kernel headers, but...)
<jdstrand> hallyn: I never looked into it. I brought it up with you and kirkland way back when I uploaded 0.8.3 and encouraged an interested party in fixing it :)
<jdstrand> clearly, I wasn't that interested party
<jdstrand> ;)
<jdstrand> oh
<hallyn> jdstrand: you did?
<jdstrand> hallyn: lucid
<jdstrand> ah, I assumed maverick/powerpc
<jdstrand> let me actually look at what you asked me to look at
<jdstrand> hallyn: you are building maverick's package on lucid? interesting. uhm, yeah, as mentioned, this is the line: configure: error: Installed linux headers don't show support for macvtap device.
<jdstrand> hallyn: looks like you need --without-macvtap for lucid
<jdstrand> hallyn: look at DEB_CONFIGURE_EXTRA_FLAGS in debian/rules
<pkhamre> Is this behaviour expected with vmbuilder? I created a virtual machine with vmbuilder and specified a destination directory with -d. Something in vmbuilder failed and recursively removed everything in the destination directory
<soren> pkhamre: Can I see the full command line?
<pkhamre> I specified /var/lib/libvirt/images as destination, which also was home to some images for other virtual machines
<Mutru> pkhamre: I've also had the same problem. Shouldn't be expected behaviour, I think.
<Mutru> Luckily I was just setting up the server so I only deleted some fresh installations.
<pkhamre> soren: yes, here you go: http://pastebin.com/ptsgzEtG
<soren> pkhamre: Then yes.
<soren> pkhamre: -o means overwrite.
<pkhamre> overwrite == remove old stuff?
<pkhamre> "Force overwrite of destination directory if it already exist."
<pkhamre> it accidentally deleted my private email- and webserver, but fortunately i had offsite backup :)
<rahman> Hi, I am trying to install phamm packages. But I get "Setting up phamm (0.5.15-1) ... dpkg: error processing phamm (--configure): ...  subprocess installed post-installation script returned error exit status 10" I tried purging and reinstalling multible times without any success. Doing sudo dpkg-reconfigure  phamm also gives "/usr/sbin/dpkg-reconfigure: phamm is broken or not fully installed"
<hallyn> jdstrand: i'll take a gander at fixing that (when i get a chance), thanks
<soren> jdstrand: Secret trick when uploading packages that are managed in bzr /and/ use a patch management system: Make sure you apply the patch and commit that to bzr (along with whatever extra files quilt puts in .pc)
<soren> jdstrand: Otherwise we end up with:
<hallyn> jdstrand: and, while i'm yappin' about libvirt, have you looked at any of the virt-manager segfaults (segfaulting in glib/libc)?
<soren> jdstrand: Uh... Well, try going into  your libvirt bzr checkout and do an update or a pull, and you'll see.
<jdstrand> hallyn: I haven't but mdeslaur has. iirc he said it was python that was the problem
<hallyn> soren: are you saying if i do a bzr co of lp:ubuntu/lucid/libvirt, i won't get the latest?
<jdstrand> soren: I didn't commit anything to .pc or with quilt. my changes where all within debian/
<soren> hallyn: No, that's not what I'm saying.
<hallyn> jdstrand: ok, so i'll leave those bugs alone.  lately i can't reproduce anyway
<soren> jdstrand: Yes.
<soren> jdstrand: That's the problem :)
<soren> jdstrand: ...because when the importer thing comes along, it /does/ apply things and imports the package that way.
<soren> jdstrand: I made the exact same "mistake" with the previous upload.
<mdeslaur> hallyn, jdstrand: I uploaded a new gtk-vnc that should fix most of those virt-manager segfaults
<soren> jdstrand: I can fix it up so that you can just pull/update, but I just wanted to let you know.
<hallyn> mdeslaur: cool, that might explain why i can't reproduce
 * jdstrand is a bit confused as the +N files in .pc were the 9025 files that soren added
<mdeslaur> hallyn, jdstrand: There is another fix in upstream git that may fix some more...but my virt-manager doesn't segfault anymore
<jdstrand> mdeslaur: dude, that is awesome! :)
<mdeslaur> hallyn, jdstrand: if you guys see anymore segfault, let me know
<hallyn> mdeslaur: thx
<soren> jdstrand: I might now have taken appropriate care myself. I may have been assuming I'd be uploading it myself so I'd get to check up on this before uploading.
<jdstrand> soren: I guess what you are saying is I need to be sure to 'quilt push -a' before committing
<soren> s/now/not/
<soren> jdstrand: Yes, /and/ add the resulting files in .pc/<name of patch>/.
<Daviey> hggdh, Sorry.. been on a call.  Do you have plans today?
<jdstrand> right
<jdstrand> soren: ok. thanks for that, I've added it to my notes
<jdstrand> soren: sorry I missed it
<soren> jdstrand: the package importer automatically moves our branch out of the way, puts the new one as lp:ubuntu/libvirt and proposes a merge.
<soren> jdstrand: I'm doing the merge now.
<soren> jdstrand: Hey, don't worry about it. It's hardly obvious. At all. It's really quite annoying.
<Daviey> shame how crappy quilt and bzr work together :(
<Daviey> makes merge proposals really ugly :(
<b0gatyr> anyone familiar with clonezilla?
<jdstrand> soren: so did you say you are going to fix this up?
<soren> jdstrand: Yes.
<jdstrand> soren: cool, thanks :)
<hggdh> Daviey: yes -- keep on euca tests
<hggdh> Daviey: I am looking at the long run I letf during the night: after about 1300 instances things went south
<Daviey> hggdh, That is GREAT news
<hallyn> soren: jdstrand: that flies against how I'd understood it, so to be sure i grok it: you want the bzr working tree to have all quilt patches applied when checked into bzr?
<Daviey> hggdh, Do you have any capacity for me to throw stuff at you? :)
<soren> hallyn: Yup.
<hggdh> Daviey: yes, I am all euca now.
<Daviey> \o/
<hggdh> Daviey: I am still to find out WTF happened after 1300 instances. Right now any euca-* command does not return
<hallyn> soren: jsut to help me remember which way is up - what's the good of that?
<soren> hallyn: Otherwise you end up with conflicts when the package importer does its thing.
<Daviey> hggdh, OK..   What would be *really* awesome if you could install lucid i386, run a couple of instances just to make the system dirty.  Then upgrade to maverick.. keeping an eye out for bug 628055
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<Daviey> hggdh, Is the viable?
<Daviey> That way, i386 gets tested, upgrade and attempt to reproduce the bug :)
<Daviey> Would that be ok, or are you swamped already?
<hggdh> Daviey: yes, it is, I can take a few to do it. But we will have to get back to Maverick and Euca stuck
<hallyn> soren: what is the package importer?  (is it the bzr equiv of 'uscan', or a lp tool, or something else?)
<soren> hallyn: It's the thing that takes package uploads and puts them into bzr branches.
<hallyn> soren: is that done automatically by lp? or is there a bzr command?
<soren> hallyn: You mentioned lp:ubuntu/lucid/libvirt yourself.
<soren> hallyn: That's created based on uploads. Automatically. by the package importer.
<hallyn> soren: i thought a person did that
<soren> hallyn: https://wiki.ubuntu.com/DistributedDevelopment
<hallyn> soren: cool, thanks, i'll look at that
<soren> hallyn: yw
<Daviey> soren / hallyn: Which causes headaches if you work on unreleased bzr branches as a team effort, and someone branches from the ~ubuntu-branches
<Daviey> hggdh, How many beers do i owe you now?
<soren> Daviey: Yeah, upstream bzr branches and package branches is a very unhappy love story.
<hggdh> Daviey: actually, none, but I will be glad to drink one with you on UDS :-)
<Daviey> \o/
<zul> Daviey: probably enough that hggdh doesnt need to think about an alcohol budget at UDS ;)
<hggdh> LOL
<hallyn> jdstrand: stupid question - i assume i should open a bug about the failure to build (if only to have something to point the fixed bzr tree at)?
<hallyn> (or would that be a faux pas?)
<jdstrand> hallyn: I don't think it is required. just say something like 'fix FTBFS when building on lucid' or similar. if you want a tracking bug, feel free to file and assign to you
<ttx> Daviey: ping
<soren> jdstrand: Fixed.
<soren> jdstrand: Do you expect to work more on libvirt before final freeze?
<ttx> Daviey: I did install UEC, was fine. Then I upgraded to your packages, and then the CC doesn't start due to cluster cert mismatch
<ttx> Daviey: so it looks like registration is still not idempotent
<Daviey> ttx, 2 mins - on call :(
<ttx> Daviey: right -- would like your thoughts before opening a bug
<hallyn> jdstrand: ok, cool, if i can get away without filing a bug all the better, thanks
<jdstrand> soren: no. the bug that seems most annoying is bug #628055, but contrary to the message, it doesn't seem related to apparmor
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<jdstrand> oddly, it is still assigned to me
<jdstrand> (once I have all the requested info, I can look at it more)
<look> is there a support channelf or Arch linux?
<jdstrand> hallyn: is your change for maverick?
<look> oh wait wrong channel, sorry
<soren> jdstrand: Cool. I'll do an upload this evening and that'll be it.
<hallyn> jdstrand: no, for lucid
<jdstrand> hallyn: I'm confused. what do you plan to do with the maverick libvirt on lucid in the archive?
<Daviey> ttx, This is odd :/
<Daviey> ttx, Can i see your registration.log?
<ttx> sure
<ttx> can't make the NC work either
<hallyn> jdstrand: what are you talking about?
<hallyn> 'the maverick libvirt on lucid' ?
<ttx> Daviey: note that I re-rebooted and it didn't break my certs again
<hallyn> jdstrand: ok, seems i've confused myself
<Daviey> ttx, ...
<jdstrand> hallyn: i386 build of libvirt 0.8.3-1ubuntu10+regressiontest20100915 in ubuntu lucid RELEASE
<hallyn> jdstrand: i was thinking that was the official lucid libvirt repo, but i see it's not
<hallyn> jdstrand: so nm all that
<jdstrand> hallyn: ok, heh
<hallyn> back to real work
<jdstrand> hallyn: I don't know what ubuntu-server-qa is doing, but you can at least pass them the --without-macvtap thingie
<ttx> Daviey: http://pastebin.ubuntu.com/494217/
<ttx> the usual double stuff
<ttx> + line 68
<hallyn> jdstrand: right, but do i have upload rights to that ppa even?
<ttx> Daviey: for some reason auca_conf --list-cluster didn't answer, so we reregistered, and it broke the cert
<jdstrand> hallyn: I just meant tell whoever is responsible for that build about why it is failing and that they can use --without-macvtap to fix it
<ttx> (on line 68)
<jdstrand> hallyn: not that you should fix it
<Daviey> ttx, Hmm.. think the sleep needs increasing ?
<hallyn> jdstrand: oh, ok.  it's be a trivial enough fix if i did ahve the perms :)  but ok
<ttx> Daviey: note the absence of the "cluster is already registered" message
<jdstrand> hallyn: I'll leave that up to you :)
<ttx> hm, strike that
<ttx> Daviey: well, they should rather make registration really idempotent
<ttx> Daviey: like it used to be
<Daviey> ttx, they have.. their QA proved it as such.
<ttx> or fix euca_conf so that it returns correctly
<ttx> Daviey: oh right, we must be getting something wrong.
<DigitalDeviant> Hey everyone!
<DigitalDeviant> I have a question about pure-ftpd
<DigitalDeviant> Is someone available to answer a quick question about it
<hallyn> soren: hggdh: is ubuntu-server-autotest a robot?
<soren> hallyn: Yes.
<ttx> Daviey: I fixed my NC by reregistering the node. My CC certificate fixing must have borked it
<DigitalDeviant> I am trying to figure out how to create a conf file for pureftp and have it set a chown on uploads for the users. Has anyone had a setup like that?
<ttx> Daviey: but we are left with a potential break-on-reboot thing
<Daviey> ttx, But need to find the underlying issue
<ttx> Daviey: shoudl I reopen the bug ?
<Daviey> ttx, I guess so :(
<Daviey> ttx, somewhat suprised me and carlos haven't seen this
<ttx> I think it was never fixed, just euca_conf was working sufficiently well so that we never re-registered
<fabianhoward> hi all, I'm having trouble accessing my apache2 server from other computers. I can access it on the localhost. Is their a default to block remote connections?
<Daviey> ttx, *sigh*
<ttx> Daviey: if euca_conf works, you can't see it
<progre55> Hi guys. I was installing ubuntu server from an installation cd, but after a restart it falls to (initramfs) saying "Gave up waiting for root device. Common problems: - Boot args (cat /proc/cmdline); - check rootdelay=(did  the system wait long enough?)". Any suggestions, please?
<hallyn> soren: does he use a lp daily source build recipe to do uploads?  where do i see the recipes?  is there someone else i should be bugging instead of you?
<progre55> fabianhoward: you sure it's not blocked by a firewall?
<progre55> fabianhoward: I mean, the port 80
<fabianhoward> progre55, is their a firewall on ubuntu-desktop by default?
<progre55> fabianhoward: no, but maybe it's somewhere between your desktop and your other computer where you want to access from
<fabianhoward> maybe but i can ssh to it...
<fabianhoward> progre55, i think its unlikely
<progre55> fabianhoward: try to telnet to port 80 =)
<soren> hallyn: Me or hggdh. I'm working on it right now, actually.
<soren> hallyn: And no, it doesn't use lp's recipe thign.
<fabianhoward> nothing
<fabianhoward> progre55, maybe their is a firewall by default
<fabianhoward> progre55, iptables is showing rules, I'll check
<progre55> fabianhoward: yeah, I'm sure it's a firewall
<DigitalDeviant> I am trying to figure out how to create a conf file for pureftp and have it set a chown on uploads for the users. Has anyone had a setup like that?
<hallyn> soren: hggdh: is there some place i can see the source for ubuntu-server-autotest?  and where he runs?
<storrgie> I created a new user on my server, I want them to be able to use gnu screen.... do I need to assign them to a special group or something?
<DigitalDeviant> also, I am getting this error => there is 1 zombie process....what does that mean?
<soren> hallyn: It runs on one of my servers. I think the code is somewhere on Launchpad. Let me check.
<storrgie> DigitalDeviant, zombie processes are processes that were created by a 'parent process' (this is called forking) and the parent has stopped. They have no parent... so they are a zombie.
<storrgie> I actually dont know how to detect which process is a zombie, and stop it
<storrgie> im assuming you can grep the ps command to find it
<storrgie> something like:
<storrgie> ps -ef | grep [ZOMBIE CRITERIA]
<DigitalDeviant> ha, it was screen
<storrgie> ps -ef| grep -i defunct
<storrgie> do I need to be an admin user to run screen?
<Pici> No.
<storrgie> Pici, how do i make a user who is username:users be able to use screen
<Pici> storrgie: You don't need to do anything special for a user to be able to use screen.
<hggdh> hallyn, soren: I have a branch on bzr+ssh://bazaar.launchpad.net/~hggdh2/autotest/automated-ubuntu-server-tests/
<storrgie> since this is a two liner I'll put it here:
<storrgie> storrgie@minerva:/home/agd$ screen
<storrgie> Cannot open your terminal '/dev/pts/6' - please check.
<DigitalDeviant> screen -x
<hggdh> hallyn, soren: I think the original (from soren) is at ~soren/...
<DigitalDeviant> try that
<storrgie> its permissions to pts/6
<soren> hallyn: It wasn't on launchpad. It will be in a few minutes.
<soren> hggdh: I've set up an ssh key for the user on the server. If you make changes on the server, just commit and push.
<hggdh> soren: cool! I intend to get back to it as soon as I am done on Eucalyptus (sigh, never?), and update all to Maverick
<soren> hggdh: I just did that.
<hggdh> soren: sir, you rock!
<soren> hggdh: I thought I did that a couple of days ago, but I didn't do it properly. Now I did.
<hggdh> Daviey, ttx: please see bug 639639
<uvirtbot> Launchpad bug 639639 in eucalyptus "euca-* commands stopped responding" [Undecided,New] https://launchpad.net/bugs/639639
 * ttx cries
<hggdh> ttx: believe me, you are not alone
<hggdh> ttx: I would say this is another barf on the jetty server (or related to it), so I am restarting the whole bloody thing with '--debug'
<hggdh> but I will only monitor it, I have to finish my remaining QA tasks
<Daviey> hggdh, that is good.. thans
<Daviey> hggdh, can you add your thoughts to the bug.. i've added an upstream task to it
<hggdh> Daviey: will do
<Daviey> hggdh, \o/
<Daviey> hggdh, I don't want you to miss your other WI because of us :)
<hggdh> Daviey: should we mark it High?
<ttx> smoser: a problem with cloud-init on a lucid instance, see http://pastebin.ubuntu.com/494234/
<ttx> smoser: any clue ?
<hallyn> hggdh: soren: thanks much
<Daviey> hggdh, We don't get to use Medium or Low very much these days :)
<Daviey> hggdh, This issue hasn't yet been reproduced.. but certainly looks valid.  Thankfully, this is an issue that can perhaps be fixed post-release.. So it's not as alarming to me as some of the other issues we have been encountering
<Daviey> ttx, that fair to say?
<smoser> ttx, i can't really look at it right now
<hggdh> Daviey: I agree with the reasoning
<smoser> "consuming user data failed!" i'd start where that message comes from
 * Daviey suspects it's related to the context issue
<kpettit> anybody know of a good text editor / ide that has bzr support built in?
<smoser> ttx, which lucid image ?
<smoser> the original releases of lucid image did not have as good of debugging as more recent ones
<ttx> smoser: hm, looks like I'm still running a borken metadata service
<ttx> investigating
<smoser> yeah. that is what i suspected. but for some reason i thought you said ec2
<smoser> which, of course, never has metadata issues :)
<andreserl> ttx, i'll be probably disabling pacemaker support in RHCS later today :(
<RoAkSoAx> gosh
<RoAkSoAx> im getting confused on what irc session to use
<RoAkSoAx> lol
<ttx> RoAkSoAx: I prefer it disabled before FinalFreeze, rather than maybe-fixed in two weeks.
<RoAkSoAx> ttx: yeah me too. I'll just do that now then
<ttx> RoAkSoAx: +1
<SpamapS> ttx: https://code.launchpad.net/~clint-fewbar/ubuntu/maverick/libdbi/upstream-0.8.4/+merge/34365
<SpamapS> ttx: the libdbi issue is fixed in that merge proposal (actually its more like a sync proposal)...
<SpamapS> ttx: once that is uploaded, the other bug tasks can all be fixed by rebuilding and retargeting to libdbi-dev
<ttx> SpamapS: won't have time to look into that branch today -- maybe see with matiaz for review
<ttx> mathiaz
<ttx> SpamapS: the graph is still broken btw, in a subtle way now
<SpamapS> ttx: will do
<SpamapS> oh?
<ttx> you have to have designed it to see the issue, I guess :)
<ttx> the end of the dotted trends line
<ttx> should match day-1 bar height
<ttx> should be at 85, not at 77
<ttx> ~
<ttx> so it's probably missing some of the stacking
<ttx> SpamapS: at first glance, I'd say the inprogress ones
<SpamapS> ttx: ok
<tydeas> how do i list configured vhost with apache on ubuntu server - lucid ?
<jpds> tydeas: apache2ctl -S
<andreserl> ttx, done bug #635884
<uvirtbot> Launchpad bug 635884 in redhat-cluster "redhat-cluster fails to build from source in maverick" [High,Confirmed] https://launchpad.net/bugs/635884
<ttx> andreserl: won't have time to upload it today, maybe ask zul or mathiaz for sponsoring
<andreserl> ttx, ok :)
<andreserl> zul, ping
<zul> andreserl: pong
<andreserl> zul, oculd you please sponsor bug #635884
<uvirtbot> Launchpad bug 635884 in redhat-cluster "redhat-cluster fails to build from source in maverick" [High,Confirmed] https://launchpad.net/bugs/635884
<zul> andreserl: ack...in a meeting right now will do it after lunch
<andreserl> zul, sure thanks :)
<SpamapS> ttx: fixed the chart line, please check in 2 hours. ;)
<ttx> SpamapS: I will :P
<uvirtbot> New bug: #639712 in libvirt (main) "PCI Pass Through via libvirt cannot remap IRQ's" [Undecided,New] https://launchpad.net/bugs/639712
<Daviey> hggdh, Your overnight testing, what package were you testing against?
<hggdh> Daviey: euca 2.0+bzr1239-0ubuntu3
<Daviey> hggdh, sure?
<Daviey> hggdh, 3 is the version in the archive
<hggdh> Daviey: darn! no... 0ubuntu3.2
<Daviey> hggdh, hmm... interesting... ttx is seeing a similar issue with 0ubuntu3.2
<hggdh> yes, same version
 * Daviey sobs
<Daviey> ... and walks away for a bit.. before his head explodes.
<hggdh> Daviey: and I have another one (just had a look at the test running): of 1400 instances started, only ~400 succeeded
<Daviey> hggdh, I suspect that is the same issue
<hggdh> Daviey: no, not quite: on my first run eventually *NO* euca-* command returns
<Daviey> is my maths right in saying a 1 in 3.5 chance of seeing the issue :)
<Daviey> aHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
<hggdh> on this current run it is still responding
<hggdh> Daviey: so it sounds like Yet Another Issue
<Daviey> hggdh, when you get a  monent, can you upload your logs including euca-get-console(s) ?
<hggdh> for the current run?
<Daviey> "1400 instances started, only ~400 succeeded" .. That one
<hggdh> yes, current. I will cancel the run, and upload
<Daviey> hggdh, thanks...
 * hggdh thinks another bug is warranted
<Daviey> i'm going afk for a bit.
<Daviey> o/
<KillMeNow> Anyone here use / have experience with Freenas?
<holstein> KillMeNow: its been a while
<holstein> i had some issues with user management
<holstein> but i think i would do better now that i know more
<KillMeNow> the freenas channel is so quiet i can hear a pin drop
<holstein> i would use it again
<KillMeNow> i'm having trouble getting it to install on a Dell Powervault 745n box
<holstein> AH
<holstein> i finally just started saving the config to floppy
<holstein> and running it from CD
<holstein> easy to upgrade
<holstein> :)
<KillMeNow> yea, i tried to install it with the LiveCD and it crashes after the menu
<KillMeNow> the installation menu that is
<KillMeNow> wondering if i need to get an older version
<KillMeNow> i downloaded the new full version, but it's not in an ISO or some other format i don't recognize
<holstein> i really didnt see any advantage to installing it
<holstein> when i was testing
 * pmatulis thought freenas was based on freebsd
<holstein> yup
<pmatulis> sooo
<holstein> there was talking of moving it to linux
<holstein> but i dont think they did
<KillMeNow> it is based on FreeBSD
<pmatulis> right, so why ask about it in here?
<KillMeNow> not sure if the new version is LInux...  there is talk about integrating to Ubuntu
<holstein> i really havent needed it since i got more comfortable with setting up services in linux
<holstein> 12:46 < KillMeNow> the freenas channel is so quiet i can hear a pin drop
<pmatulis> so this is the catch-all channel?
<KillMeNow> sure, why not...  since i'm usually in this channel anyways, figured i would ask if anyone in here had experience with it
<holstein> ive been wanting to try http://www.openfiler.com/
<KillMeNow> what difference does it make really?
<KillMeNow> yea i was looking at that as well
<KillMeNow> but Freenas has a few more features
<pmatulis> KillMeNow: imagine what this place would be like if everyone used your logic?
<KillMeNow> yea, maybe more people would expand their experience...
<holstein> KillMeNow: you feel like you cant do the job with a server install?
<KillMeNow> Ubuntu server?  probably
<holstein> yeah
<KillMeNow> but if someone has something out there that already does it....  besides, it makes me learn something new and different
<KillMeNow> but i'll stop discussing it in this channel
<holstein> i like these too http://www.turnkeylinux.org/
<holstein> those are based on ubuntusever
<holstein> i think some of them are still hardy
<KillMeNow> hadn't heard about that
<zul> andreserl: done
<andreserl> zul, thank yuo :)
<KillMeNow> holstein:  wow.  I suppose that's good for a complete linux nuub
<holstein> i tried the drupal and joomla ones
<holstein> stupid easy
<holstein> actually, i think i was the wordpress and joomla appliances
<KillMeNow> but it's good to know about, had no idea that project existed
<holstein> i did a drupal install on a PPC server
<holstein> those were quite a bit easier ;)
<ssureshot> I'm trying to create an upstart script but when I use respawn then script it will not respawn
<ssureshot> any reason why?
<ssureshot> actually my script isn't running at all
<thafreak> soren: hello, I'm the one from the mailling list having bridging issues...
<thafreak> soren: let me know if you have an ideas of things I can try to debug the bridge creation process during startup.
<uvirtbot> New bug: #639768 in samba (main) "Samba process gets hung on maverick update" [Undecided,New] https://launchpad.net/bugs/639768
<drean> Hi, can anyone point me to some docs about installing Ubuntu Server 10.4 from usb. I've tried to use netbootin and Universal usb install, it says that it cant find the cdrom.
<ideopathic> drean: https://help.ubuntu.com/10.04/serverguide/C/index.html
<hggdh> Daviey: bug 639781 (link to the logs there)
<uvirtbot> Launchpad bug 639781 in eucalyptus "[AbstractSystemAddressManager:New I/O client worker #2-10] Found 2 vms with the same address: ClusterAddressInfo 10.55.55.101 172.19.7.131 orphanCount=0 ->  i-363305B7(PENDING) i-3DE70712(RUNNING)" [Undecided,New] https://launchpad.net/bugs/639781
 * SpamapS smells fried chicken.. wonders if the pigeons strattled the powerlines again..
<Daviey> hggdh, thanks
<Daviey> SpamapS, sounds like your lunch is set for today :)
<Daviey> ttx, Do you still have your maverick i386 setup, or did you trash it?
<Daviey> ttx, bug 628055
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<mathiaz> RoAkSoAx: hey - re bug 635884
<uvirtbot> Launchpad bug 635884 in redhat-cluster "redhat-cluster fails to build from source in maverick" [High,Confirmed] https://launchpad.net/bugs/635884
<mathiaz> RoAkSoAx: so we'll drop pacemaker?
<RoAkSoAx> mathiaz: yes!
<RoAkSoAx> unfortunatelly
<RoAkSoAx> mathiaz: all because of cluster-glue and pacemaker
<RoAkSoAx> mathiaz: we'll provide packages in PPA though
<RoAkSoAx> for natty we'll split pacemaker's libraries on its own packages to get this over with, but I'm not sure about what's gonna happen with cluster-glue since ivoks is in charge of it
<ttx> Daviey: trashed it, have an amd64 now
<mathiaz> SpamapS: o/
<mathiaz> SpamapS: reviewing the libdbi bug
<mathiaz> RoAkSoAx: how does bug 635884 apply to cluster-glue?
<uvirtbot> Launchpad bug 635884 in redhat-cluster "redhat-cluster fails to build from source in maverick" [High,Confirmed] https://launchpad.net/bugs/635884
<RoAkSoAx> mathiaz: the reason of redhat-cluster's FTBFS was because cluster-glue and pacemaker are not in main
<mathiaz> RoAkSoAx: right - however there is a task open for cluster-glue
<mathiaz> RoAkSoAx: does the bug require any work on cluster-glue to get fixed?
<mathiaz> RoAkSoAx: should the bug be marked as Invalid/Fix Released for cluster-glue?
<RoAkSoAx> mathiaz: well it does, to be able to get it into main cluster-glue needs to be "fixed". However, we just decided on dropping pacemaker support so I guess it will be Invalid
<mathiaz> RoAkSoAx: ok - I'll mark the bug as invalid for cluster-glue then
<RoAkSoAx> \just did it :)
<mathiaz> RoAkSoAx: thanks for taking the time to untangle this issue
<mathiaz> RoAkSoAx: cool - thanks!
<RoAkSoAx> np :) Though I wish we could have had this cluster-glue issue fixed to have redhat-cluster with pacemaker-s support.
<mathiaz> RoAkSoAx: that's ok - we'll target natty instead
<mathiaz> RoAkSoAx: natty opens for business in less than a month
<mathiaz> RoAkSoAx: if you work on providing a PPA with maverick packages, you may be able to push everything early on in natty
<RoAkSoAx> mathiaz: yes that's indeed the plan :)
<mathiaz> RoAkSoAx: o^5
<SpamapS> mathiaz: great! thoughts?
<mathiaz> SpamapS: well - I was about to ask about the status
<mathiaz> SpamapS: I'm not sure I fully understand what needs to be done
<mathiaz> SpamapS: could we get 0.8.4 in maverick?
<SpamapS> mathiaz: the merge proposal does just that
<SpamapS> mathiaz: not having 0.8.4 in maverick means potentially having very confusing error messages
<mathiaz> SpamapS: once 0.8.4 is uploaded, does it require any other source upload?
<mathiaz> SpamapS: or 0.8.4 actually reverts the ABI break from 0.8.3?
<SpamapS> mathiaz: yes, all of its build deps. They're all marked as bug tasks on bug 625882
<uvirtbot> Launchpad bug 625882 in rrdtool "libdbi0: ABI breakage without package name change" [High,In progress] https://launchpad.net/bugs/625882
<SpamapS> mathiaz: 0.8.4 bumps soname
<mathiaz> SpamapS: IIUC it also changes the -dev package name?
<SpamapS> mathiaz: the original packaging had some mistakes.. so libdbi0-dev becomes libdbi-dev...
<mathiaz> SpamapS: thus requiring source changes to all dependencies?
<SpamapS> mathiaz: yep
<mathiaz> SpamapS: ok - exploring another option
<mathiaz> SpamapS: what happens if we don't do anything?
<SpamapS> mathiaz: I'd rather do that than have a confusing -dev package name (libdbi0-dev -> libdbi1??)
<SpamapS> mathiaz: anybody who has built programs linked against libdbi0-dev and used the error enums gets weirdness.
<mathiaz> SpamapS: I'm trying to figure out if we should proceed given where we are in the release
<SpamapS> mathiaz: the archive will be fine, none of them use the broken parts of the ABI
<SpamapS> mathiaz: I'm more concerned with developers
<mathiaz> SpamapS: right.
<SpamapS> people who are building something new that we don't package.
<mathiaz> SpamapS: understood
<SpamapS> mathiaz: another option is to just have the dev lib remain the same for maverick
<mathiaz> SpamapS: is libdbi mainly used on server application?
<SpamapS> mathiaz: its a database abstraction layer.. so most of its uses are in server apps yes.
<SpamapS> tho gammu is a dev tool for talking to mobile phones
<mathiaz> SpamapS: option "have the dev lib remain the same" would still require a rebuild of dependencies in the archive
<mathiaz> SpamapS: however we wouldn't need to change their source
<SpamapS> mathiaz: right, they'd be noop rebuilds at least.
<SpamapS> smoser: what was that url with the list of AMI's for maverick that is easily greppable?
<kirkland> smokie: ping
<kirkland> smokie: sorry
<kirkland> smoser: ping
<kirkland> smoser: when is /etc/hostname created in ec2 images?
<smoser> early
<Daviey> ttx, ok
<smoser> SpamapS,
<smoser> uec-query-builds latest-ec2 --stream=daily --suite=maverick --build-name=server
<phretor> I need to compile nginx because I need a custom module. What would be the best way to make the installation process as Ubuntu-friendly as possible?
<smoser> or, http://uec-images.ubuntu.com/query/
<smoser> (i think you wanted the ladder)
<SpamapS> smoser: sweeeet
<SpamapS> smoser: actually no I wanted the former. :)
<smoser> kirkland, its created by cloud-init (/usr/bin/cloud-init)
<kirkland> smoser: okay, cool ... and at instantiation of the instance?
<smoser> once per instance, yes.
<SpamapS> been writing up a bunch of things to do automated builds/tests on ec2.. but I'm tired of changing the ami every day. ;)
<kirkland> smoser: perfect, thanks
<soren> thafreak: Hi. Still having problems?
<pting> is there a way to get logrotate to name the files by the current date/time or epoch time?
<phretor> anyone about my question on compiling and installing nginx in a Ubuntu-friendly way?
<pting> SpamapS, I'm using a vanilla ubuntu ami and customizing it with puppet
<soren> thafreak: Ok, here's the thing:
<soren> thafreak: The way it works is that every time an interface comes up (meaning the the kernel discovers it), an event is generated.
<SpamapS> pting: man logrotate
<SpamapS> pting: if you use 'dateext and dateformat you can do what you want
<soren> thafreak: This event triggers a script that checks if the interface in question is listed in another interfaces bridge_ports.
<soren> thafreak: If it is, this other interface is brought up.
<soren> thafreak: So, in the words of the guy who implemented this:
<soren> 16:22 < slangasek> soren: for a bridge, I don't know that you need any 'iface eth0' stanza at all; the 'iface br0' + 'bridge_ports eth0' + 'auto br0' seems to be enough, unless  your eth0 needs other configuration
<soren> thafreak: Can you make it so, check if it works, and if it doesn't I can tell you how it's meant to work, then perhaps you can instrument things with debug blah yourself.
<pting> SpamapS, thanks! i swear i was blind when i read the man pages the first time
<SpamapS> pting: it happens. :)
<thafreak> soren: sorry, was afk....I ended up fresh-reinstalling my two machines side by side
<thafreak> soren: the only difference between the two it seems was that the one that didn't work, I manually partitioned the disk (and may have added extra mount options to some mount points)
<thafreak> soren: Do you think that if I added say nodev to /tmp or /usr that it may have caused those problems? I know I put noatime on everything
<thafreak> It's just odd that it works now, and litterally the only thing different was my partitioning scheme and some mount options
<soren> thafreak: Depends.
<soren> thafreak: Er... I mean: Yes.
<soren> ..since you asked whether it may have caused problems. It might. Or it could be something completely different.
<thafreak> Well, it had to have been related to mount options, as that's the only thing I did differently this time and it works now.
<soren> thafreak: How did you do the partitioning? All from the installer?
<thafreak> yeah, one machine I must have done manual partitioning (and probably also messed with mount options), the other I just did guided lvm to make it quick
<soren> Separate /var ?
<thafreak> yeah, when I do manual, I tend to do all the important ones separate
<thafreak> so /, /var, /usr, /home, /tmp
<thafreak> I may have done nodev on /var and noatime...and maybe nosuid
<soren> thafreak: Would you have /manually/ split out /var or done it from the partitioner in the installer?
<thafreak> but I remember going back and removing everything but noatime from most of them just in case...
<soren> If the former, I have a reasonably good idea what your problem was.
<thafreak> I would have used the installer, and put /var on lvm manually...why?
<soren> Sorry, i'm confused.
<soren> Did you use the installer to put /var on a separate partition or did you do it manually?
<thafreak> during the installer, I choose manual as the partioning scheme...
<soren> Did moving /var to its own partition (or lv or whatever) involve the instaler.
<soren> Ok.
<soren> then that's not it.
<soren> The installer does the right thing.
<thafreak> what could have happened?
<soren> Things get /really/ wonky if there isn't a /var/run at all times.
<soren> So, if you have a separate /var, you still need a /var/run on your root filesystem.
<soren> once /var gets mounted, it'll block access to the underlying /var/run, but for the time between / getting mounted and /var getting mounted, you still need a /var/run that you can mount a tmpfs on.
<soren> Or at least write state to.
<thafreak> ah, well I know there was one, cause /var/run/network/ifstate was there and had the bridge in it, even though the bridge wasn't getting brought up
<soren> Without it... Well, things get really wonky.
<thafreak> oh hmmm
<thafreak> so maybe that's why it worked fine with just a root fs and no /var...
<soren> So, for instance..
<soren> Something may want to write to /var/run/network/ifstate.
<soren> But..
<soren> Gah, I can't even wrap my head around it right now.
<thafreak> right...I think I get what you're getting at
<soren> You just get all sorts of weird problems where you half the time have stale old data and half the time everything's great.
<soren> But usually, the time with stale old data is gone when you've booted up far enough to log in and see what's going on.
<thafreak> so, maybe I just make /var/log a separate lv, and not all of /var :)
<soren> Having /var separately is fine. I do it all the time myself.
<thafreak> Well, I really appreciate your help, and the community as a whole.
<soren> hallyn, hggdh: Sorry, I completely forgot to post you this link: https://code.launchpad.net/~ubuntu-server-autotest/+junk/autobuilder
<soren> thafreak: Sure. I would have loved to find out what the heck was going on :)
<hallyn> soren: thx, noted
<hallyn> zul: https://bugs.edge.launchpad.net/ubuntu/+source/mysql-dfsg-5.1/+bug/627723
<uvirtbot> Launchpad bug 627723 in mysql-dfsg-5.1 "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Medium,Incomplete]
<thafreak> soren: me too...but at the end of the day, it's time to move on and actually get these machines doing real work :)
<hallyn> zul: i wonder if we should find a better way to resolve this than have everyone come up with their own dangerous dieas :)
<hallyn> ideas
<zul> hallyn: yeah i know :)
<hallyn> zul: but so far you don't know of any?
<hallyn> zul: duncan's solution was pretty brilliant!
<zul> hallyn: i would have to think hard though
<hallyn> don't start a fire
<zul> :P
<cipher42> i'm getting weird usb error's since I updated 10.04 last
<cipher42> the error is "usb 1-3: device descriptor read/64, error -110"
<tydeas> How can i config php5-mcrypt>
<tydeas> ??
<tydeas> I have install mcrypt/libmcrypt/libmcrypt-dev and php5-mcrypt as well...
<tydeas> what should i add to the php.ini?
<tydeas> This is what i found in the php.ini http://www.pastebin.org/876170
<administrador> hola
<uvirtbot> New bug: #639946 in samba (main) "System crashes on samba update - unable to recover" [Undecided,New] https://launchpad.net/bugs/639946
<tydeas> Why apache runs to many times?
<tydeas> http://www.pastebin.org/876495.
<tydeas> *http://www.pastebin.org/876495
<Four2zero> hello everyone, my network interfaces is setup for static ip and today when i tried to connect ftp it will not connect to same ip address, but when i switched monitor inputs, and logged in to the ubuntu-server, eth0 shows a different lan ip than what /etc/network/interfaces shows why ?
<_Techie_> Four2zero, can you please put yor /etc/network/intefaces on pastebin
<_Techie_> Four2zero, you should be used to this by now
<Four2zero> http://pastebin.com/ZG5GQbf9
<Four2zero> i checked my /etc/hosts as well and it was set to 127.0.1.1 so i think that might have something to do with it.
<_Techie_> nah
<_Techie_> IIRC 127.0.1.1 is used to bind to local domain
<_Techie_> sudo ifdown eth0 && sudo ifup eth0 ?
<Four2zero> okay, its back to eth0 192.168.0.100
<qman__> Four2zero, the problem is that you have to run `sudo service networking restart` or reboot the computer after changing to a static IP, otherwise dhclient stays running in the background, and when your lease expires, it renews it, overriding the static assignment
<soren> qman__: Restarting networking will not help.
<pedahzur> Don't know if this fits here or not, since I *am* running server, but I suppose it could be a more general question: Googling and reading docs seems to indicate to the negative, but it is possible, with LVM2, to take atomic snapshots of multiple LVs?
<EvilPhoenix> is there a way to tell rsync to not sync a specific folder and its subfolders, assuming I am doing a recursive rsync?
<pedahzur> EvilPhoenix: --exclude=/path/to/folder
<EvilPhoenix> ah was looking for that
<EvilPhoenix> thanks
<pedahzur> np
 * EvilPhoenix now goes to rsync 500GB of data over wifi >.>
<pedahzur> EvilPhoenix: No physical connection anywhere, eh?
<EvilPhoenix> pedahzur, dead ethernet nic card
<EvilPhoenix> pedahzur, laptop
<pedahzur> ack.
<EvilPhoenix> ikr
<EvilPhoenix> i'll rsync it in 50GB parts
<pedahzur> You can't remove the drive? External drive connections are only $20-$30.
<EvilPhoenix> throughout the next few hours
<EvilPhoenix> pedahzur, rsync to a VPS
<EvilPhoenix> so no
<pedahzur> EvilPhoenix: Oh.
<pedahzur> EvilPhoenix: You can mail drives to Amazon S3. :-D
<EvilPhoenix> s/VPS/server\ \/\ VPS/
<EvilPhoenix> x]
<EvilPhoenix> i think i typed that correctly... hitting the spaces and special symbols...
<EvilPhoenix> :/
#ubuntu-server 2010-09-16
<fluvvell> anywhere I can check on a system to see if there is a proxy server setting ?
<uvirtbot> New bug: #640080 in samba (main) "package samba-common-bin 2:3.5.4~dfsg-1ubuntu4 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/640080
<pmatulis> fluvvell: try under /etc/apt
<fluvvell> pmatulis, solved it thanks.
<pnunn> Hi Guys,  got a bit of an issue here with eucalyptus 2.0.  I've got the UEC servers up and running OK, can start an instance OK, but when I try and attache a volume (which seems to be created OK) it never shows up in the instance on the /dev/ I'm giving it.  Any ideas? Any idea where to look for the issue?
<pting> does anyone know if you have logrotate with dateext, is the date in UTC or system time? I'm guessing system time
<uvirtbot> New bug: #640121 in dovecot (main) "package dovecot-imapd 1:1.2.9-1ubuntu6.1 failed to install/upgrade: dependency problems - leaving unconfigured" [Undecided,New] https://launchpad.net/bugs/640121
<fluvvell> anybody used a gsm wireless as a main access interface and set it up under /etc/network/interfaces ? I seem to have screwed up NetworkManager, its hiding and wont come out to play.
<fluvvell> and i need it nailed up anyway.
<demonspork> I have an Ubuntu server 10.04 that I can log into and it takes 5-10 seconds to prompt and accept authentication via SSH. I have Ubuntu server 9.10 on an old 700mhz celeron that takes less than a second to respond during login. What could be causing this lag in the newer faster server?
<demonspork> new server is dual Xeon 2.4Ghz, HP Proliant DL380 G3
<qman__> demonspork, it's probably one of the scripts that run at login
<demonspork> with a default Ubuntu 10.04 install
<qman__> yes
<qman__> mine sometimes hang noticeably on the one that checks for updates
<demonspork> but this delay is occuring before the password challenge
<demonspork> it delays before asking the password
<demonspork> I thought all the login scripts ran after you log in, not while it is waiting for you to give your password?
<qman__> they do, that must be something else
<qman__> is your server getting lots of SSH connection attempts?
<demonspork> how do I check that?
<demonspork> I am spending the first couple of weeks learning how to configure firewall and stuff like that
<qman__> netstat would show a lot of half-open or recently completed ones
<qman__> and if it's a brute force attack, /var/log/auth.log would show lots of failures
<qman__> if you have SSH open to the internet, you will get hit by bots
<qman__> lots of ways to mitigate the impact of that
<demonspork> is that where fail2ban rules come into play?
<qman__> that's one option
<qman__> firewall connection limiting is another
<demonspork> or do I just set up iptables rules for excessive requests over a time period
<demonspork> I have been reading through iptables documentation
<qman__> both work, it's up to you
<qman__> UFW supports it too
<demonspork> and I recently found iptables-apply, which is going to help keep me from bricking my server
<demonspork> so the last failed attempt was 3 attempt root logins from the same host about an hour ago
<qman__> but yeah, a brute force attack would explain slow SSH logins
<qman__> are local logins also slow, or just SSH?
<demonspork> I haven't been able to log in locally since this last saturday when I put it in the data center
<demonspork> and I think I did notice something odd
<qman__> ah
<qman__> well, I would implement the firewall option and see if it fixes the problem
<qman__> if it doesn't, there could be another reason
<qman__> they're hard to pin down though
<demonspork> when I was pinging to test that the network was fully functional there was a similar feeling delay before it began giving me the ping results, whereas a slow as computer I have with 9.10 server has no delay before it starts pinging and giving results
<demonspork> the results aren't longer response times than they should be, it just has a delay before it starts feeding them to me in the console
<demonspork> but other things work instantly without an discernable delay, including apt-get and such
<meltingwax> i recented installed UEC with one cluster master and one node, and when i go to the web admin page for the cluster master i am required to login, however the account i made during installation does not work. How do I create an account I can log in with? I can ssh and get to root on the machine
<qman__> demonspork, I'd run netstat and see if you have a lot of incoming connections
<qman__> netstat -ln | grep -v ^unix
<qman__> err
<qman__> netstat -n | grep -v ^unix
<qman__> bah, wrong again
<qman__> netstat -an | grep -v ^unix
<qman__> there
<qman__> you should obviously have some, depending on what you're running
<qman__> but pages upon pages of connections would indicate some problem
<demonspork> yeah, they are all accounted for
<demonspork> either me, IRC networks or the users of my bouncer
<au> D:
<demonspork> hello face person
<demonspork> how easy is it to configure 4 lower powered servers to work as mirrors of sites hosted on the main server
<demonspork> also less hdd space
<au> howdy :)
<au> demonspork: you could use rsync
<demonspork> but how do incoming connections hit the mirror instead of the main?
<demonspork> is that simply with a DNS entry or some sort of load balancing setup
<au> it's easy - http://www.howtoforge.com/mirroring_with_rsync
<au> rsync just synchronizes files and directories from one location to another
<fmontezuma> Someone can help me build a private cloud?
<fmontezuma> Someone can help me build a private cloud?
<qman__> demonspork, round-robin DNS
<qman__> for static content anyway
<battossai> hi all
<blackmatter> hello
<battossai> iptables v1.4.4: Couldn't load match `nth':/lib/xtables/libipt_nth.so: cannot open shared object file: No such file
<_Techie_> hello
<battossai> how can i fix this kind of error
<qman__> what kernel are you running?
<battossai> is there some one can help me
<battossai> qman__ : 2.6.32-21-server #32-Ubuntu SMP Fri Apr 16 09:17:34 UTC 2010 x86_64 GNU/Linux
<qman__> well, I don't have that file, and a search on the ubuntu packages turns up nothing
<qman__> what are you doing when that error occurs?
<battossai> qman__ : i try to do this "iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 --every 3 --packet 1 -j SNAT --to-source xxxx "
<qman__> also, have you compiled anything from source, or changed any module configuration?
<battossai> i'm not complied anything yet
<battossai> that's why i'm need help about it
<qman__> from what I'm reading, it looks like -m nth is deprecated
<qman__> though I'm not sure what function of it you need
<battossai> it's kind like marking packet
<battossai> same function on mikrotik router os
<qman__> it was apparently replaced with different modules in kernel 2.6.18
<qman__> so anybody familiar with the changeover should be able to help
<qman__> unfortunately I'm not, so I don't really know what you should be using instead
<qman__> maybe -m statistic, or -m random
<battossai> yes ... i'm stuck on it
<battossai> it say running well on centos
<qman__> "The RANDOM, nth, and some other module which escapes me right now, were all merged into the Statistic module."
<qman__> so I'd try -m statistic
<qman__> it may just work, or the syntax may be different
<qman__> but that should at least point you in the right direction
<qman__> it's a change made in the debian upstream, so it should be well-documented
<battossai> what about xtables-addons-common packages
<battossai> is it the same one for that lib ?
<qman__> searching the ubuntu packages site revealed that no packages contained that file
<qman__> though that only may be for main
<qman__> that package does not contain the nth module
<qman__> as shown here: http://packages.ubuntu.com/lucid/i386/xtables-addons-common/filelist
<battossai> yes
<qman__> the statistic module is supposed to provide that functionality, and is built into the kernel
<battossai> Please add nth and random match modules and related iptables support to the iptables-mod-ipopt and iptables-extra packages. Modules and iptables patches are included with the 2.6 kernel and available with old patch-o-matic patches for netfilter for the 2.4 kernel.
<battossai> is it kind of solution ?
<SpamapS> battossai: are those modules in the latest release of iptables?
<battossai> SpamapS : how do i check it ?
<SpamapS> battossai: download the source from netfilter.org
<battossai> actually i just need to change my out ip for x packet
<battossai> to avoid block for postfix
<battossai> my idea is : every 3 packet change the outging ip
<SpamapS> uh
<SpamapS> that sounds like a bad idea. ;)
<SpamapS> are you spamming?
<battossai> no
<battossai> i do this for prevent my client marked as spam
<battossai> i'm kind tiny internet provider in my town
<SpamapS> battossai: you shouldn't have to worry about being marked as a spammer then
<SpamapS> battossai: if you're just sending regular email.
<SpamapS> battossai: if your users are sending spam, then you should be enforcing strict authentication, and making sure the headers show that, so you can respond to abuse complaints.
<battossai> it's kind a hard to tell it to my customer
<SpamapS> tell what?
<SpamapS> that they can't send spam anymore? ;)
<battossai> their trafic for email is high
<SpamapS> Yes, because they're probably spamming people.
<SpamapS> If they have actual closed-loop email, and follow best practices in their email content, they should have no problems.
<battossai> customer must be blaming me if their email get spam because of them
<battossai> i've already have spam assain on postfix
<SpamapS> battossai: you should not be marking spam on a relay. That will cause you lots of problems IMO.
<battossai> thas's why i have idea to prevent my customer complaining if they have trouble sending email
<battossai> not every day i marked as spam
<battossai> but i'll try to minimalize it
<SpamapS> battossai: you can avoid being marked as spam by being very responsive to complaints, and cutting users off who do not follow your acceptable use policies, which disallow sending email to users who have not explicitly requested it.
<SpamapS> battossai: it doesn't really matter how many IP addresses you spread over.. eventually they'll just all be on RBL's unless you stop sending email that users are complaining about.
<battossai> i wish i could do that :(
<battossai> customer always right
<battossai> :(
<battossai> SpamapS : i think i have to use manual solution
<battossai> bind postfix
<SpamapS> battossai: lol, you are a spam-enabler then. At least charge them more money for the trouble.
<battossai> SpamapS : hahahaha ... i wish i could do that too
<battossai> mean while ... i keep using manual solution
<battossai> if complaint come .. use bind on postfix
<battossai> thanks anyway for your support SpamapS  and qman__
<SpamapS> battossai: This will only buy you, I would guess, a few weeks.
<SpamapS> battossai: do you get a lot of complaints?
<battossai> not al ot for this week
<SpamapS> What do you do with the complaints?
<battossai> just get 1 black list from Fiveten : added 2001-04-20; we do not accept mail from china
<battossai> Return codes were: 127.0.0.2
<dylanvassallo> Hi, I am running Hardy Server and I need to install a later version of avahi-daemon than what is available in the Hardy repos. Is it safe to download and install a version from the repo of a more recent release?
<SpamapS> battossai: thats very old ;)
<battossai> hahahahaha
<dylpkls91> Yes, I have reasons for needing to run Hardy though.
<SpamapS> dylpkls91: it might already be in backports
<dylpkls91> It's not :(
<battossai> well ... it's ok for now i thing
<battossai> just using manual troubelshoot
<SpamapS> dylpkls91: safest thing is to download the source package and try to build it on hardy.
<battossai> :D
<dylpkls91> Okay, I'll try. Could I break things by trying to install the Lucid package in Hardy?
<SpamapS> battossai: Please, please please, consider finding another way to make money... you are basically stealing resources from every email provider on the planet by allowing your clients to abuse your mail server. :-/
<SpamapS> dylpkls91: it likely won't work without adding the dependencies too.
<battossai> SpamapS : my client only using my smtp just for outgoing only
<dylpkls91> I see. Thanks
<battossai> and i filter it by ip
<SpamapS> dylpkls91: if the build works without any changes, you should consider submitting a backport request for it with the information that it built and installed without changes. :)
<SpamapS> !backports
<ubottu> If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<dylpkls91> SpamapS: I will try compiling and submit a backport request if it succeeds.
<dylpkls91> ubottu: I checked, there's no backported version of avahi-daemon for Hardy.
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
 * SpamapS is reminded that he wanted to backport the latest moin to hardy/lucid too
 * dylpkls91 is feeling stupid for trying to converse with a bot
<ttx> SpamapS: about bug 375371 -- wondering if you have a clear solution to follow now
<uvirtbot> Launchpad bug 375371 in mysql-dfsg-5.1 "MySQL must not use /tmp" [Medium,Confirmed] https://launchpad.net/bugs/375371
<SpamapS> ttx: I think that one will be fine. Not sure if the apport limitations on SELECT INTO OUTFILE and LOAD DATA INFILE are worthy of release notes.. but they'll certainly be felt by some users.
<SpamapS> ttx: err, I mean, I think the code int he merge proposal will be fine
<ttx> SpamapS: it's not been sponsored yet, right
<SpamapS> ttx: but we should probably open tasks against the pacakges that build-depend on mysql-server just to check them out.
<SpamapS> ttx: there are only two (mathiaz already uploaded a working php5 package)
<ttx> SpamapS: ok. I'll sponsor that one before FinalFreeze hits, then
<SpamapS> ttx: woot!
 * ttx wathces with anxiety his todo list grow
<SpamapS> ttx: I have to get some sleep now.. tty in 8 hours. ;)
<ttx> yep
<rahman> Hi, I am trying to import some new schemas to openldap. In ubuntu 10.04 server guide it says "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif" and it works but I cant import phamm.scema, radius.schema files same way. As I understand the command expects ldif format? If so, why 3rd party apps provide schema files instead of ldif files? And how can I import the schema files?
<maswan> \sh: hey, you might know. is there a source for current hpacucli debs, or is aliened rpms as good as it gets if you need something to support p812s?
<kaushal> hi
<kaushal> I have 02:08.0 Ethernet controller: Intel Corporation 82546EB Gigabit Ethernet Controller (Copper) (rev 03)
<kaushal> when i try to load 8.04 it says Network module not found
<kaushal> is there a way to overcome this issue ?
<\sh> maswan: hmm..only that what's available for debian/ubuntu on http://h18004.www1.hp.com/products/servers/software/debian/index.html?jumpid=reg_R1002_USEN
<kaushal> is there a way to load e1000 module while installation ?
<maswan> \sh: ok
<\sh> maswan: hm..the latest ubuntu version support looks like is karmic
<\sh> maswan: and regarding p812s there is nothing on http://h20000.www2.hp.com/bizsupport/TechSupport/DriverDownload.jsp?lang=en&cc=us&prodNameId=4103887&taskId=135&prodTypeId=329290&prodSeriesId=4103885&submit.y=0&submit.x=0&lang=en&cc=us
<\sh> eventually you have to alienate the rpms from RHEL5
<maswan> well, that's what we have done
<maswan> we were just wondering if we missed anything obvious
<\sh> maswan: nope...we need as well some new drivers for lucid at some time...but HP Germany is not as Linux affine as I wished
<maswan> \sh: Of course, had we really been annoyed at them, we could have failed acceptance testing for these machines unless they make a deb, I think. ;)
<bigbrovar> am having this error "soft lockup - cpu#1 stuck for 61s [swapper:0] anyone encountered it before?
<uvirtbot> New bug: #640312 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/640312
<uvirtbot> New bug: #640320 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade" [Undecided,New] https://launchpad.net/bugs/640320
<ztripez> what version is needed for Ubuntu Enterprise Could? I downloaded 10.04 but there was no install option for UEC on the boot screen
<AnAnt> Hello, I need help about some setup, I got an Ubuntu machine in my network that I use as a server, I got bind9 installed on it, and I got a router that runs DHCP, the question is: is it possible to configure the DNS server on Ubuntu to get the hostname,ipaddress pairs ?
<uvirtbot> New bug: #640319 in samba (main) "[Maverick] dpkg hangs on samba update" [Undecided,New] https://launchpad.net/bugs/640319
<kaushal> hi
<kaushal> is there a way to load network module while installing 8.04
<twb> What network module?
<kaushal> e1000
<kaushal> twb: I mean ethernet controller card module
<kaushal> when i try to load 8.04 it says no network module
<\sh> maswan: the question is, how can we force HP to release actually updated hp utils or even the hp utils they have for newer ubuntu releases
<kaushal> 02:08.0 Ethernet controller: Intel Corporation 82546EB Gigabit Ethernet Controller (Copper) (rev 03)
<twb> kaushal: run "lspci -nn".  Paste the output into http://kmuto.jp/debian/hcl/
<kaushal> sure
<twb> Oh, that one is "sudo modprobe e1000"
<twb> It should Just Work
<kaushal> yeah
<kaushal> I mean while installing the OS 8.04
<kaushal> I am using pxe image to load 8.04 on the server
<twb> I *believe* that should also Just WOrk
<twb> You're trying to load the installer (debian-installer kernel and ramdisk) over PXE, right?
<kaushal> yes
<kaushal> twb: am i clear ?
<kaushal> twb: Ubuntu 10.04 works perfectly fine
<twb> OK, one moment
<kaushal> while ubuntu 8.04 does not get loaded since it does not have network module for 02:08.0 Ethernet controller: Intel Corporation 82546EB Gigabit Ethernet Controller (Copper) (rev 03)
<twb> The e1000 driver is in the hardy d-i ramdisk
<twb> zcat /boot/ubuntu-hardy-i386.initrd | cpio -t | grep e1000
<twb> $ zcat /mnt/boot/ubuntu-hardy-i386.initrd | cpio -t | fgrep e1000.ko ==> lib/modules/2.6.24-26-generic/kernel/drivers/net/e1000/e1000.ko
<kaushal> ok
<kaushal> twb: not sure i understand that
<twb> It means it should Just Work
<kaushal> ok
<kaushal> twb: if i need to load it externally ?
<kaushal> is that possible
<kaushal> twb: got it
<kaushal> it has that module
<kaushal> zcat initrd.gz | cpio -t | fgrep e1000.ko
<kaushal> lib/modules/2.6.24-19-generic/kernel/drivers/net/e1000/e1000.ko
<kaushal> not sure why it fails while loading
<twb> kaushal: you shouldn't need to
<twb> If you do, switch to vt2 and run "modprobe lib/.../e1000.ko", where ... is the rest of the path
<kaushal> twb: got it
<kaushal> twb: whats the latest kernel version available in hardy
<twb> 2.6.24
<twb> Kernel versions are fixed at release time
<kaushal> ok
<aliverius> guys, is there any package for vlc-cli only?
<uvirtbot> New bug: #640348 in samba (main) "package winbind 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/640348
<twb> aliverius: grep-aptavail -S vlc -s Package
<twb> aliverius: that finds a "vlc-nox"; try that
<AnAnt> Hello, I need help about some setup, I got an Ubuntu machine in my network that I use as a server, I got bind9 installed on it, and I got a router that runs DHCP, the question is: is it possible to configure the DNS server on Ubuntu to get the hostname,ipaddress pairs from the router's DHCP service ?
<soren> ttx: Does Eucalyptus support EBS snapsohts?
<ttx> soren: I didn't test that. Daviey or smoser might have a more current answer
<Daviey> soren, Sorry.. it's not something i've been testing.. I can test it, but won't have an answer for you within the next 2 hours.
<ttx> will this mysql testsuite run ever end...
<Daviey> ttx, no
<soren> ttx, Daviey: Don't bother. I was just idly wondering. It doesn't really matter much.
<Daviey> soren, I am now interested for myself :)
<soren> I don't know if it works, but there at least seems to be some code in Eucalyptus that's meant to handleit.
<Daviey> soren, Interesting.. it's not a procedure i've ran.  But if you have a handy linky to "how" to do it, i would appreciate that
<Daviey> (even if it is how to do it on AWS)
<soren> No idea, really. I've only ever used it once and that was from Elasticfox.
 * ttx hopes the testsuite will end before the big freeze
<soren> Daviey: Ah, worked it out. It does seem to support it. It uses lvm on the EBS server (which I forget what is called).
<soren> Whether it works is a different story, of course.
 * soren does not miss navigating around Java code... at all.
<ttx> soren: I guess you particularly don't miss navigating around *this* Java code in particular ;)
<soren> No comment :)
<domas> hi!
<J_P> hi all
<J_P> How is possible to mount a network dia via smb with normal user?
<J_P> with root not problem, but with normal user I have message: "mount error(1): Operation not permitted"
<ttx> *sigh* Completed: Failed 1/711 tests, 99.86% were successful.
<soren> ttx: Which package?
<ttx> mysql-5.1
<soren> ttx: Was the source package renamed since lucid?
<soren> Ah, yes, there it is.
<ttx> soren: apparently, yes.
<ttx> soren: I quickly got lost trying to understand the mysql source package names :)
<soren> Is this in a ppa?
<ttx> soren: it's a proposed branch that moves /tmp to /var/tmp
<soren> The one in ubuntu proper seems to build fine. What's the problme?
<ttx> https://code.launchpad.net/~clint-fewbar/ubuntu/maverick/mysql-5.1/maverick-beta-papercuts/+merge/32558
<ttx> looks like one of the tests should have been kept in the loop
 * ttx could use auto-building of proposed branches, that would help in only getting buildable branch merge proposals
<ttx> (cough) Gerrit (cough)
<soren> "Gerrit"?
<ttx> gerrit does that.
<soren> I see.
<BuZZ-dEE> hello, i want to start a java-program at ubuntu startup and this program needs write access to .../tomcat6/webapps/folder. how can i do that?
<uvirtbot> New bug: #640408 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu5 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/640408
<ztripez> what version is needed for Ubuntu Enterprise Could? I downloaded 10.04 but there was no install option for UEC on the boot screen?
<smoser> soren, i'm fairly sure, yes.
<b0ot> anyone know of anything that would allow you to stream videos on demand accross your LAN with a decent frontend?
<frans> q
<frans> hi, all
<ztripez> b0ot, vlc? there is a bouch of front/backen build with a vlc base
<Martens1984> I'm trying to add both a Ubuntu machine and server to a W2K3-server AD/DC but it wont work. With Likewise I keep getting: Error: Lsass Error [code 0x00080047]
<Martens1984> 9502 (0x251E) DNS_ERROR_BAD_PACKET - A bad packet was received from a DNS
<Martens1984> server. Potentially the requested address does not exist.
<Martens1984> what could be wrong?
<zoopster> ztripez: the option is in the 10.04 server cd boot -
<uvirtbot> New bug: #640452 in samba (main) "package winbind 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/640452
<uvirtbot> New bug: #640441 in tomcat6 (main) "package tomcat6 6.0.24-2ubuntu1.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/640441
<uvirtbot> New bug: #640449 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/640449
<zoopster> b0ot: there are several options...ztripez mentioned vlc, several htpc respins have simple setups for this
<kaushal> hi
<b0ot> zoopster, the problem for me has been finding something wtih a front end for the client
<kaushal> when i try to load 8.04 using pxe image i get
<zoopster> b0ot: how do you mean? myth's front end is simple
<kaushal> http://pastie.org/1162744
<kaushal> please suggest further
<kaushal> zcat initrd.gz | cpio -t | fgrep e1000.ko
<kaushal> lib/modules/2.6.24-26-generic/kernel/drivers/net/e1000/e1000.ko
<ttx> jdstrand: i'm reinstalling an i386 node controller to answer your questions on bug 628055
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<zoopster> b0ot: I had been using my ps3 as a FE too
<kaushal> I have e1000.ko module too
<ttx> jdstrand: we'll try to have a closer feedback loop, that will prevent me from having to reinstall each time :)
<b0ot> zoopster, do you have any specific software suggestions... or maybe a link to a good vlc tutorial?
<zoopster> b0ot: not really...google is your best friend there - too many ways to do it.
<Martens1984> Who has experiance with intergrating ubuntu to Windwos AD/DC
<uvirtbot> New bug: #640472 in mysql-5.1 (main) "mysqld causes 2-3 wakeups per second on idle" [Undecided,New] https://launchpad.net/bugs/640472
<zoopster> Martens1984: you might want to find a likewise channel or mailing list
<hallyn> SpamapS: have you seen bug 639768?  do you have time to look into it?
<uvirtbot> Launchpad bug 639768 in samba "Samba process gets hung on maverick update" [High,Triaged] https://launchpad.net/bugs/639768
<qwert> How to install ubuntu server
<qwert> ?
<Pici> qwert: Burn server iso to disc, boot off of disk.
<uvirtbot> New bug: #640511 in squid "squid in lucid adds bogus port number to Host: line if one isn't provided (in original or via vport=)" [Undecided,New] https://launchpad.net/bugs/640511
<qwert> Pici: Is the installtion difficult?
<Pici> qwert: In my opinion, no.
<qwert> Pici: Could you link me to its installation?
<Pici> qwert: It looks similar to the alternate install that the desktop cd uses: https://help.ubuntu.com/10.04/installation-guide/i386/index.html
<Pici> That information there makes it out to be alot harder than it actually is, since it goes through every single option.
<thafreak> So this new "Amazon" linux that they have an AMI for...what's it REALLY under the hood? Is it centos, fedora, or ubuntu?
<as> i just upgraded one of my domu's from hardy to lucid and it now dies with "init: procps main process (508) terminated with status 255" upon boot
<as> i am pretty much lost, does anyone have a pointer?
<thafreak> So this new "Amazon" linux that they have an AMI for...what's it REALLY under the hood? Is it centos, fedora, or ubuntu?
<ttx> thafreak: apparently it's a customized redhat/centos
<ttx> thafreak: with ubuntu's cloud-init stuff baked in
<ttx> mathiaz: o/
<mathiaz> ttx: o/
<mathiaz> ttx: wazzup?
<ttx> mathiaz: just noticed a bug apparently about the samba you sponsored yesterday
<ttx> bug 639768
<uvirtbot> Launchpad bug 639768 in samba "Samba process gets hung on maverick update" [High,Triaged] https://launchpad.net/bugs/639768
<ttx> haven't had time to investigate, and wil have eucacall and eod soon, so I was wondering if you had any spare cycle
<ttx> I wonder how that patch could cause that, but hey
<ttx> maybe before it was failing fast, and now it's running slowly, or something
<mathiaz> ttx: right
<mathiaz> ttx: it probably is a side effect of the new package
<mathiaz> ttx: worth investigating though
<mathiaz> ttx: but I doubt the actual patch causes that
<ttx> mathiaz: i'll assign to you, feel free to bump to spamaps if needed
<mike3> hi guys, i just upgraded to 10.04 from 8.04. Is there anything I should know?
<mathiaz> ttx: sure - there is also a security update that was pushed out earlier
<mathiaz> ttx: may be related to that one
<ttx> mathiaz: yes, I guess it just needs some time for reproduction work
<ttx> strange, but has seen widespread reproduction over the last hours
<hggdh> Daviey: good afternoon, we have a new patch ;-)
<mathiaz> ttx: I'll look into it
<ttx> FinalFreeze sceduled at 1700UTC
<Daviey> hggdh, linky?
<Daviey> hggdh, I'm swapping at the moment :(
<hggdh> Daviey: http://bazaar.launchpad.net/~eucalyptus-maintainers/eucalyptus/2.0.0-lp/revision/1241?start_revid=1241
<hggdh> Daviey: no hurry, I am also still finishing up my tasks on QA
<hggdh> given time, I will add it in and throw into my PPA
<cwillu_at_work> as, uses yum
<uvirtbot> New bug: #640547 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/640547
<uvirtbot> New bug: #640553 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.6 failed to install/upgrade: le sous-processus post-installation script a retournÃ© une erreur de sortie d'Ã©tat 3" [Undecided,New] https://launchpad.net/bugs/640553
<czr_> hi there. I need to get a scanner working (please bear with me). proprietary driver requires usbfs (missing in lucid). I've never used kvm, so the question: can lucid + kvm be used to setup a (say) karmic in a VM so that a single USB device can be "exported" into the vm?
<czr_> I could then run the scanner stuff within the VM
<czr_> if it can be done, what would be the best way to do it? (using which tools).
<Laverne> afaik that should be possible. easiest to test would be installing virtualbox
<Laverne> have you checked out sane-project.org ?
<czr_> Laverne, sure, I've even tried to hack at the proprietary driver backend shim, that's not the point now :-).
<Laverne> hehe, just checking the obvious ;)
<czr_> yeah, stay away from Canon P-150.
<czr_> (used to use Hardy couple of months back and got the scanner working there after some trials and tribulations, but usbfs is missing in Lucid, so it's.. bad).
<Laverne> any idea why it is not in lucid anymore?
<czr_> some badness was introduced by a "fix" from suse in between 2.6.32 and .33 somewhere
<czr_> so the whole driver was disabled in the lucid kernel
<czr_> (plus the whole driver is obsolete and no one seems to care about this, it's weird).
<czr_> a lot of proprietary crap that talks with usb devices uses usbfs.
<Laverne> i guess people thought buying a new scanner is less of a hassle :P
<czr_> yeah, if only it would be that easy.. (I did a fair amount of research before buying this one).
<czr_> and it's not just scanners. but anyway, do a search against lucid in lp with usbfs as keyword and you'll see.
<czr_> so, vbox then. hmm.
<czr_> I've been putting off learning KVM so many years.. and I guess I'll put it off still some
<czr_> been using vmware for ages (since workstation 1.x-series)
<Laverne> ah, one thing you'll have to keep in mind, the -ose version does not have the usb support
<czr_> so what exactly should I install then?
<czr_> (also, older virtual boxes also use usbfs btw :-).
<Laverne> I added "deb http://download.virtualbox.org/virtualbox/debian lucid non-free" to my sources.list but I havent tried using any usb stuff
<czr_> ah, so not the vbox-ose package in the stock repos. I'll check it out, thanks
<SpamapS> ttx: that branch built fine on maverick 3 weeks ago.
<SpamapS> ttx: I'm repeating the steps I took for that build.. very confusing that the test you saw would be the one to break.
<ttx> SpamapS: after a few hours of running, it failed :)
<czr_> Laverne, ugh, I just realized. vbox is oracle software!
 * czr_ feels so dirty now
<fmontezuma> I need help to create a private cloud
<fmontezuma> someone can help me?
<SpamapS> ttx: I wonder if the apparmor changes that were introduced in ubuntu7 broke it somehow
<ttx> SpamapS: given the test failure output I wouldn't be surprised
<ttx> sounds like it tries to access /tmp, and now the apparmor profile prevents it to do that
<ttx> no ?
<SpamapS> ttx: I started it building here, have to take the baby to daycare.. you're about at eod yes?
<SpamapS> ttx: oh I missed the full output failure
<ttx> SpamapS: looks like this won't make it for Maverick, unless this is considered a security issue
<SpamapS> mysqltest: Could not open connection 'default' after 500 attempts: 2002 Can't connect to local MySQL server through socket '/tmp/iVh6FPzXYn/mysqld.1.sock' (111)
<ttx> SpamapS: yes I am
<SpamapS> right
<SpamapS> ttx: ok, I think we'll just have to live without that one for maverick. :(
<SpamapS> I think the right answer is to fix the tests to not use /tmp but rather @tmpdir
<ttx> SpamapS: yes
<SpamapS> but... too late :p
<SpamapS> ttx: actually...
<SpamapS> ttx: the build should not be subject to the apparmor profile...
<SpamapS> ttx: were you running the tests directly or as part of the build?
<ttx> part of the build, sbuild chroot
<SpamapS> ttx: because mysql-testsuite only depends on mysql-server-core
<ttx> SpamapS: and.. ?
<SpamapS> ttx: still should not have failed because the tests dont run /us/sbin
<ttx> SpamapS: sounds like an interesting puzzle to solve, only takes 3 hours to reproduce :)
<qwert> After setting up SMTP on a server, which email client is advisable?
<SpamapS> ttx: only 1 on a c1.medium ;)
<ttx> go go go cloud
<SpamapS> ttx: thought about going with a large instance, but $1 to reproduce an issue just seems excessive. ;)
<SpamapS> ttx: anyway, I'll let this build finish for my own curiosity. Thanks for trying.
 * SpamapS disappears for a bit
<qwert> I have a server setup using SMTP, does it allows me to have my own domain for my clients?
<royalty> hey, I'm new to upstart. I've defined a custom job as found here: http://paste.ubuntu.com/494825/ I'd like to specify the user to run the program (styx.python ...) - is this possible with the exec stanza?
<thafreak> royalty: I know you can use different usernames if the binary you're exec'ing supports changing uid/gid (I use upstart for spawning php in fastcgi mode)
<thafreak> If the binary you're running doesn't explicitly do it, you could probably do it with su/sudo...I think I've seen upstart jobs do that...
<royalty> thafreak: the binary I'm running is my own build of python - so effectively what you're seeing in that script is a custom python binary executing a python script I wrote
<royalty> thafreak: doing it with sudo is a sensible idea, though I'll investigate seeing if I can natively do it through the python binary
<uvirtbot> New bug: #640595 in samba (main) "package libpam-smbpass (not installed) failed to install/upgrade: sub-processo script pre-removal instalado retornou estado de saÃ­da de erro 1 (dup-of: 639768)" [Undecided,New] https://launchpad.net/bugs/640595
<thafreak> royalty: yes, you should be able to change uid in the python script since it's essentially getting run as root initially. sudo might be the easier option though.
<uvirtbot> New bug: #640588 in samba (main) "package winbind 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 639768)" [Undecided,New] https://launchpad.net/bugs/640588
<royalty> thafreak: thanks
<\sh> ivoks: ping pacemaker, upstart RAs? is it already working for lucid or do we have somehow a backport where we have a OCfied upstart RAs , especially for monitoring resources?
<kaushal> hi
<kaushal> can someone please guide me about my post on https://lists.ubuntu.com/archives/ubuntu-server/2010-September/004642.html ?
<ivoks> \sh: oh, i have it
<\sh> ivoks: means? it's working in lucid or do I need somehow a backport of mavericks pacemaker pkgs?
<ivoks> \sh: https://edge.launchpad.net/~ubuntu-ha-maintainers/+archive/ppa
<\sh> ivoks: pacemaker 1.0.9.1-2ubuntu2~ppa1 ?
<ivoks> \sh: those are maverick backports
<\sh> ivoks: cool...I'll try that out this evening and tomorrow morning :)
<ivoks> \sh: example: crm configure primitive upstart:vsftpd .......
<\sh> ivoks: nice :) is it already upstream or just ubuntu only? :)
<kaushal> hi ivoks
<ivoks> \sh: http://developerbugs.linux-foundation.org/show_bug.cgi?id=2406
<\sh> ivoks: btw..you know that you are mentioned in Michael Schwartzkopffs book "Building Clusters with pacemaker" (don't know the real english title) 2nd Edition ;)
<uvirtbot> developerbugs.linux-foundation.org bug 2406 in LRM "Need support for upstart services" [Major,New]
<czr_> Laverne, thanks for the hint. the scanner works now.
<ivoks> \sh: me?
<ivoks> \sh: lol why me
<\sh> ivoks: yes
<\sh> ivoks: THe ubuntu package maintainer Ante Karamatic.... blabla :)
<ivoks> hahaha
<ivoks> \sh: thanks :)
<kaushal> ivoks, I am installing ubuntu 8.04 and i have issue with network device
<kaushal> it says No network interfaces were found.
<kaushal> zcat initrd.gz | cpio -t | fgrep e1000.ko
<mike3> kaushal: why 8.04 ?
<kaushal> lib/modules/2.6.24-26-generic/kernel/drivers/net/e1000/e1000.ko
<kaushal> mike3, I have dependencies about scribe application
<ivoks> you need newer e1000
<kaushal> ivoks, i did downloaded netboot.tar.gz
<ivoks> there's a package called linux-backports-something
<mike3> oh okay
<kaushal> http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-amd64/current/images/netboot/
<ivoks> linux-backports-modules-hardy-server
<ivoks> ^^ install that
<uvirtbot> ivoks: Error: "^" is not a valid command.
<kaushal> ivoks, I am using pxe image
<kaushal> not sure how i can use it
<kaushal> ivoks, apologies if I have asked you
<kaushal> is there a way to port the newer e1000.ko in initrd.gz ?
<ivoks> kaushal: install with CD and then manually install couple of packages
<kaushal> ivoks, so install 8.04 CD and then give command apt-get install linux-backports-modules-hardy-server ?
<SpamapS> ttx: rpl.rpl_innodb_bug28430                  [ pass ]  37108
<SpamapS> ttx: I gave it some thought though, and I think its a good thing that we save this change for the very beginning of the natty cycle
<SpamapS> ttx: give people the entire alpha/beta/etc. cycle to test their apps. I'm worried about seriously breaking LOAD DATA INFILE
<zul> yeah....if you are talking about the /tmp change in mysql its waaaaay too late
<ivoks> kaushal: you won't have network, so you'll have to download packages and install them manually on the server (usb stick or something)
<SpamapS> zul: I think the change to the tmpdir to /var/tmp would have been fine, but the apparmor profile change is way more intrusive
<kaushal> ivoks, which packages i need to download
<ivoks> for a 32bit:
<ivoks> /http://hr.archive.ubuntu.com/ubuntu/pool/main/l/linux-backports-modules-2.6.24/linux-backports-modules-2.6.24-28-server_2.6.24-28.37_i386.deb
<ivoks> bah
<ivoks> linux-backports-modules-2.6.24-28-server_2.6.24-28.37_i386.deb
<ivoks> linux-backports-modules-hardy-server_2.6.24.28.30_i386.deb
<ivoks> and linux-image-2.6.24-28-server_2.6.24-28.77_i386.deb
<SpamapS>  /win 1
<SpamapS> doohh
<SpamapS> bug 639768
<uvirtbot> Launchpad bug 639768 in samba "[Maverick] Samba process gets hung on maverick update - waiting on cups to start" [High,Fix released] https://launchpad.net/bugs/639768
<SpamapS> hallyn: you asked me about that one.. ?
<SpamapS> ahh looks like mathias handled it. :p
<pmatulis> will purging mysql-server delete data or only the binaries/libraries and the configuration file?
<SpamapS> pmatulis: purges the data too
<pmatulis> SpamapS: thx
<SpamapS> pmatulis: you can always read the postrm script to see exactly what purge does
<SpamapS> pmatulis: /var/lib/dpkg/info/$packagename.postrm
<pmatulis> SpamapS: nice
<SpamapS> looks like it does give you the option to say no to purging the databases
<pmatulis> SpamapS: how do i "say"?
<kaushal> ivoks, Thanks a lot
<SpamapS>   db_get mysql-server-5.1/postrm_remove_databases || true
<SpamapS>   if [ "$RET" = "true" ]; then
<kaushal> appreciate it
<SpamapS> pmatulis: of course, if you are ignoring high priority debconf questions, then the default is false, so you'll be safe. :)
<uvirtbot> New bug: #640634 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/640634
<uvirtbot> New bug: #640626 in samba (main) "package winbind 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/640626
<SpamapS> wow.. mysql has pages of lintian warnings. :(
<hallyn> SpamapS: yeah, the smb one got handled by those whose feet i'm not fit to wash, fortunately
<fmontezuma> I need help to create a private cloud. Someone?
<pmatulis> fmontezuma: maybe ask a more specific question
<mike3> fmontezuma: what are your uses of a private cloud?
<uvirtbot> New bug: #640654 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: there is no script in the new version of the package - giving up" [Undecided,New] https://launchpad.net/bugs/640654
<bobboau> I'm trying to install a few printers on a server, they're both network printers, one is a xerox Phaser 6280DN, the other is an HP Officejet Pro L7600, I have them installed on my local machine so I can look up whatever configurations my workstation uses.
<fmontezuma> pmatulis: Im trying to setup an Eucalyptus cloud, but I'm always getting not enough resources message
<fmontezuma> pmatulis: when I try to create an image instance
<fmontezuma> pmatulis: I created 2 vm ubuntu-cloud installations... 1 for the cloud controller and 1 for the node controller
<smoser> SpamapS, you should fix them all
<fmontezuma> pmatulis: but when I run "euca-describe-availability-zones verbose" it always show me free/max as zero.
<fmontezuma> pmatulis: I'm running it on my notebook so maybe it doesnt have enough resources. But its weird... not even for a small image?
<pmatulis> fmontezuma: i don't know.  i haven't got onboard to cloud yet
<pmatulis> fmontezuma: i know you can choose different sized images
<fmontezuma> pmatulis: yes, but none of them are working for me. Maybe because I'm running it on a restricted hardware notebook as VMs. I don't know.
<qwert> How to setup spam-assasin?
<ScottK> qwert: The Ubuntu server guide (see information in /topic) covers that.
<bobboau> ok, so, I have no idea where to even start getting these printers installed, I need to have printers available to my server so it will be able to print the results of some cron scripts, the process of installing printers is all automated in the desktop version and I've never had to mess with it on a server before, I've installed cups and lpr, I installed webmin and added a printer via that interface but it doesn't work, I don't know how to find or i
<bobboau> nstall the drivers that the automated printer configuration uses in the desktop environment, can anybody help me?
<qwert> ScottK: No, it doesn'y
<ScottK> qwert: What Ubuntu release are you using?
<qwert> ScottK: Same as what the intends to instruct on
<qwert> ScottK: *guide
<ScottK> qwert: We have versions of the guide for every release.  Which one are you using?
<qwert> ScottK: Ubuntu 10.04
<ScottK> OK
<ScottK> qwert: https://help.ubuntu.com/10.04/serverguide/C/mail-filtering.html
<qwert> ScottK: Thanks :)
<qwert> ScottK: Sorry oversight
<pushpop> whats the default admin password for ubuntu cloud?
<qwert> ScottK: Is ClamAV required for virus protection?
<qman__> bobboau, the only way I've gotten it to work is with smbclient
<qman__> if you have a samba printer shared, smbclient lets you pass the file to print, user and password, server and printer in a script
<bobboau> there are not connected to a computer, and I'm not sure if they support samba directly.
<pmatulis> anyone know about mysqld constantly restarting after upgrade from 9.10 to 10.04?  some kind of data corruption?
<panfist> i have two version of a package, one in /usr/lib/pymodules/python2.6/ and the other in /usr/local/lib/python2.6/dist-packages/ ... is it ok to just rm the first one?
<qwert> Can a ubuntu server have windows(desktop) as client
<qman__> panfist, no, that will break whatever package that file is a part of
<bobboau> this seems like the sort of thing that would come up enough that there would be a common answer...
<panfist> mmm i'm sorry qman__ i think i might be using the incorrect terminology
<qman__> bobboau, put simply, most people don't print anymore, especially not from servers
<qman__> CUPS can do it, but I don't know how
<panfist> i think one is a deb, and that lives in dist-packages/ and the one in pymodules (I think) was manually installed
<qman__> panfist, not likely, debs should not be installing to /usr/local
<qwert> qman_: Can a ubuntu server have windows(desktop) as client
<bobboau> well, yeah, but the desktop can do it so easily, why is it so dificult to get it to work on a server.
<pmatulis> qwert: what do you mean by client?
<qwert> bobboau:pmatulis: I mean Ubuntu-server will be the main server. The other computers which are connected to it(clients), can they be Windows?
<qman__> qwert, that depends on what exactly you mean by client, what software you intend to run, what purpose your server is serving
<RoyK> qwert: just use samba if the thing is about file storage
<bobboau> connected how? as in file sharing? authorization? web?
<qwert> qman_: bobboau: web
<qman__> then yes, web is web
<bobboau> then yeah, anything with a web browser will work
<bobboau> </hivemind>
<qwert> qman_: bobboau: Well i will setup Ubuntu server to have SMTP, SqiurrelMail, SquidProxy..
<ttx> SpamapS: ack
<qwert> qman_: bobboau: and post fix imap etc... Still?
<bobboau> yeah, that has nothing to do with the OS
<bobboau> it's all the client software you use, and windows has clients for all of that AFAIK
<qwert> bobboau: Yeah.. i mean i was wondering as in the ubuntu would be only a medium for the client to work. But anyways had doubt if it can affect the server
<qman__> those are all universally supported
<bobboau> for example you can use outlook or thunderbird for IMAP and SMTP
<qwert> AFAIK?
<bobboau> as far as I know
<qman__> the problem arises with stuff like active directory and file sharing
<qwert> Oh:)
<qman__> where windows does its own thing
<qman__> and ubuntu may or may not be able to
<qwert> qman_: Like what?
<qman__> samba can provide simple windows file sharing, and NT-style domains, but not active directory
<qman__> there currently is no way to have a linux active directory replacement
<bobboau> but file sharing has always worked great between windows and linux, in fact linux seems to work better than windows machines when it comes to file sharing
<qman__> samba 4 is going to change that, if/when it finally releases
<qman__> but as of now, it's impossible
<qwert> qman_: Well as i understand it would be trouble or file sharing
<qman__> but normal internet-based services are universally supported, and the OS you use doesn't matter
<bobboau> god, your names are too similar looking
<SpamapS> ttx: No worries, I think it would be foolish to push that sort of behavior change into a release any time after alpha3 ... people will need time to adapt their apps that use LOAD DATA INFILE and SELECT INTO OUTFILE ...
<qwert> qman_: Thanks
<qwert> bobboau: Yeah :)
<Aqwert> bobboau: qman_: I had another issue.. with mails
<mconigliaro> has anyone else have trouble with some apps not being able to resolve hostnames after upgrading from ubuntu karmic to lucid?
<mconigliaro> i can resolve manually, but apps like apache, jetty, etc cant resolve anything
<Aqwert> bobboau: qman_: The clients reaching client (OS) from web, first reaches the host then to the recipient..I am not able to understand why? Same is the issue when any mail is sent from client to other, it first reaches the host then the actual recipient
<Aqwert> bobboau: qman_: The *mails* reaching client (OS)...
<Aqwert> bobboau: qman_: Any idea as to why?
<Aqwert> !howdy| StrangeCharm
<ubottu> StrangeCharm: Hi! Welcome to #ubuntu-server! Feel free to ask questions and help people out. The channel guidelines are at https://wiki.ubuntu.com/IRC/Guidelines . Enjoy your stay!
<\sh> ivoks: you don't support hb_gui somehow? if so, in which package is it? ;)
<ivoks> none :)
<ivoks> \sh: none at the moment... once i find some time, i'll work on those
<qman__> Aqwert, the clients don't know where the final destination is, they only know where their local SMTP relay is
<qman__> the server then reads the mail, and delivers any mail it knows where to deliver, and if not, it passes it on to another SMTP server on the internet
<Aqwert> qman_: But the copy of mail reaches Host as well
<Pici> Which computer are you designating the 'host'?
<Aqwert> qman_: Every mail is first reaching the host and then reaching the destination...
<qman__> what host?
<mconigliaro> does anyone know why i would be able to resolve hostnames with dig, but my applications cant resolve at all?
<Aqwert> qman_: The Hostname , domain thing which comes during installation
<qman__> the mail server? of course it reaches it
<uvirtbot> New bug: #640709 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 349469)" [Undecided,New] https://launchpad.net/bugs/640709
<Aqwert> qman_: My servers Host is in UK.. and the server in Hungary
<Aqwert> qman_: No not that
<qman__> ok, I see what you have
<Aqwert> qman_: While setting up server on Ubuntu-server, one gets the option to feed in hostname and domain-name. right?
<qman__> your mail reaches your local mail server, which then decides if it needs to be delivered locally
<qman__> if it does, it delivers it, if not, it forwards it to the next mail server in line, which is this server in the UK
<qman__> because that is how it knows to get mail to the internet
<Aqwert> Yes agreed, but in my case, every mail is first sent to Host..
<qman__> is that where your clients are configured to send mail to?
<Aqwert> qman_: Reaching host should be the last option
<Aqwert> qman_: By clients, i mean computers. I am using Ubuntu server in Hungary with clients (comp) attached to it  in Hungary alone
<qman__> yes
<qman__> if the mail clients are configured to send mail there, instead of your local server, that will happen
<Aqwert> qman_: Mail clients are configured,, as in?
<qman__> evolution, thunderbird, outlook, mailx
<Aqwert> qman_: Yes. i am using SquirrelMail
<Aqwert> qman_: There is nothing like that configures
<Aqwert> d
<qman__> then it would have to be either a problem with SMTP configuration in squirrelmail, or postfix is badly misconfigured and doing something wrong
<qman__> normally, if postfix gets a mail sent to an address on the local server, it just delivers it, it doesn't forward it to the relay
<qman__> so either something is broken with that, or squirrelmail isn't sending mail via the local postfix, it's sending it straight to the relay in the UK
<Aqwert> qman_: By realy you mean the Host?
<Aqwert> qman_: *relay
<flodin> hi, i'm trying to use an sqlite table for virtual_mailbox_maps in postfix, and postfix generates this log message: postfix/smtpd[1019]: fatal: dict_open: unsupported dictionary type: sqlite:  Is the postfix-sqlite package installed?
<flodin> but there is apparently no such package in the ubuntu repository
<flodin> any suggestions?
<qman__> personally, I wouldn't use sqlite, as in my experience, flatfile is faster
<qman__> but as for the missing package, do you have universe and multiverse enabled?
<flodin> i haven't specifically enabled it no, isn't it enabled by default?
<qman__> good question, it wasn't a while ago, but I don't know if it is now
<guntbert> flodin: no you have to do it
<guntbert> !repos | flodin
<ubottu> flodin: The packages in Ubuntu are divided into several sections. More information at https://help.ubuntu.com/community/Repositories and http://www.ubuntu.com/project/about-ubuntu/components - See https://wiki.ubuntu.com/RecommendedSources for the recommended way to set up your repositories
<flodin> they are enabled in my sources.list
<flodin> do you know if flatfile will work if i need to look up accounts both with dovecot and postfix?
<flodin> i'm trying to share the same table between them so i don't have to do the work twice
<qman__> I don't, but if you need a database, I'd suggest postgres or mysql over sqlite
<flodin> i don't need a database, i will only have ~10 email accounts
<flodin> i picked sqlite because it seemed most lightweight
<qman__> IME, it really isn't
<qman__> I know that's what it's supposed to be, but every time I've used it it ends up being very heavy and slow
<qman__> much slower than any other option
<guntbert> flodin: could it be that the error message read "Is the postfix-sqlite patch installed?" (instead of -package)
<flodin> i copy-pasted it verbatim
<qman__> the ubuntu packages search indicates that that package has never existed in any version of ubuntu
<guntbert> and on http://www.treibsand.com/postfix-sqlite/ they talk about a ...-patch
<flodin> well the repositories has postfix-ldap, postfix-mysql, postfix-pgsql packages so a postfix-sqlite analog would make sense
<flodin> but i guess it doesn't matter, either way it doesn't exist and I can't install a patch without building from source
<qman__> for only 10 accounts I'd look into whether dovecot can use the flatfile
<qman__> but mysql and pgsql are both good high performance options
<flodin> is that the name of the table type? Cause I don't see it listed on http://www.postfix.org/DATABASE_README.html
<qman__> flatfile would be a postifx list
<qman__> a non-database configuration
<flodin> ok
<flodin> thanks for your time... i'll try pgsql first just so to see if i can get something up and running
<geoffmcc> I was unable to install libssh2 using pecl, kept giving me make error. was able to get working using packages libssh2-1-dev
<geoffmcc> and libssh2-php
<geoffmcc> sorry for the break - i was pasting ... anyways should i be concerned using package install of this
<qman__> compiling from source should be a last resort
<qman__> the packages are supported and updated
<geoffmcc> thank u
<hggdh> smoser: I got a failure when running euca-bundle-image on today's UEC kernel 20100916.1, but 20100916 was OK
<hggdh> smoser: http://pastebin.ubuntu.com/494964/
<uvirtbot> New bug: #640829 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/640829
<guhcampos> I have a ubuntu-server installation on software raid stuck on 33% of the partition proccess. Is that normal (I mean, it's been 20 minutes, should I wait more?)
<uvirtbot> New bug: #640856 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script killed by signal (Terminated)" [Undecided,New] https://launchpad.net/bugs/640856
<guhcampos> anybody?
<guhcampos>  I have a ubuntu-server installation on software raid stuck on 33% of the partition proccess. Is that normal (I mean, it's been 20 minutes, should I wait more?)
#ubuntu-server 2010-09-17
<demonspork> guhcampos, I had that issue with a hardware raid recently and it turns out I just needed to wait
<guhcampos> hmmm
<demonspork> so let it sit for a while, it seems to be doing something that takes a long time when it is at 33%
<guhcampos> it's taking a lot long
<guhcampos> but I'm wainting
<demonspork> yeah, it stauyed there for 45+ minutes
<guhcampos> let's see how long it will make me wait
<guhcampos> oh god
<demonspork> of course I was formatting a 660GB partition on a 6 drive RAID 5
<demonspork> do any of you know how to add IP addresses without dropping all current connections on the already configured IP? I have 4 I need to add on top of the 1 that is currently configured and I would prefer that the 30 some connections that are active on the current IP do not get dropped
<uvirtbot> New bug: #640880 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/640880
<SpamapS> demonspork: just running 'ifup eth0' should add any missing IPs from the interfaces configuration
<smoser> hggdh, i've seen that before, but i'm not sure where it comes from.
<smoser> did you try more than once?
<hggdh> smoser: no, I did not. Will try it again
<hggdh> Daviey: so far 1400 instances started, 1350 success, 9 failed. So far, so good.
<smoser> hggdh, wow. thats great.
<hggdh> smoser: it is... one wonders if *this* time, *this* time...
<smoser> :)
<smoser> let me know about trying that euca-bundle again
<smoser> i just can't imagine what does it, but i have seen it before, and swear that its random
<hggdh> will do
<smoser> hggdh, please update bug https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/509562
<uvirtbot> Launchpad bug 509562 in eucalyptus "euca-bundle-image returns Odd-length string error" [Medium,Invalid]
<smoser> with an indication that you saw it, and whether or not it goes away
<smoser> i'll poke at it tomorrow if it is reproducibl
<smoser> i know what it is
<smoser> i think that this code : iv = (hex(BN.rand(16 * 8))[2:34]).replace('L', 'c')
<smoser> is not guaranteed to be consumable by unhexlify
<smoser> hggdh, i was right. bug updated. you can run that again, and > 99% you'll have success
<arrrghhh> so i'm having samba issues.  my win7 laptop will randomly ask for a password when trying to get to the share, but my girlfriend's win7 laptop never does.  i'd prefer to not require a password to get into samba, assuming they're on my LAN.  I don't think samba is even accessible over the WAN, so I don't really see the need of putting a password on the share.
<hggdh> Daviey: 2,000 instances run, .986 success rate!
<hggdh> Daviey: will start a second run.
<talcite> hey guys. I'm having a problem with snmpd where the agent isn't detecting any incoming snmp requests. I'm certain it's not the firewall interfereing
<talcite> interfering*
<talcite> atleast, iptables. could it be comething else? Does snmp do anything weird with portmapper or something?
<arrrghhh> can you snmpwalk the localhost?
<talcite> arrrghhh: nope, that's what I'm using to test, along with scli
<talcite> snmpd's logs don't even show that something's connecting, whereas with scli from localhost, it shows up in the log
<talcite> however, it's not the firewall, since I have a rule letting it through, and when I take it out, the dropped packet messages show up in the logs
<arrrghhh> so wait
<talcite> and of course, when I put the rule back into the firewall, there aren't any dropped packet messages
<arrrghhh> you can't snmpwalk the local machine?
<arrrghhh> i think you should be able to do that...
<talcite> oh the local machine? yes I can
<arrrghhh> lol ok.
<talcite> sorry, I misread that
<arrrghhh> just making sure snmp works :P
<arrrghhh> and are you on a LAN?
<arrrghhh> or are you doing this over the internet?
<hggdh> Daviey: \o/ 2,000 instances submitted, 1.971 successes! yay!
<talcite> a university LAN, yes
<talcite> I've had the proper ports opened, and my firewall test seems to confirm that there's no dropped packets
<talcite> dropped packets in transit by an upstream switch I should say
<arrrghhh> hrm
<arrrghhh> have you nmapped it?
<talcite> yes, the port doesn't show up as open
<talcite> which is a bit strange
<arrrghhh> are you using ufw
<arrrghhh> or iptables
<talcite> firehol
<arrrghhh> on the ubuntu server?
<talcite> It doesn't work even if I shutdown firehol
<talcite> yes
<talcite> both machines are running ubuntu server
<talcite> 10.04
<arrrghhh> huh never heard of firehol.
<arrrghhh> is it another front-end for iptables...?
<talcite> it's pretty handy.
<talcite> Yes it is
<talcite> it's more or less cross-distro as well, meaning you don't need to learn more than 1 firewall syntax to administer mixed environments.
<arrrghhh> huh
<arrrghhh> cool
<arrrghhh> but if you can't nmap the port, it's probably not open on either a) the firewall on your machine or b) the firewall in your network.
<talcite> actually I tested it from another machine on the same switch (which means it doesn't enter the university network), and it's still no good.
<talcite> one sec, I'm going to nmap it again with different options
<talcite> there's several ports opened and it didn't pick them all up
<arrrghhh> well
<arrrghhh> if you couldn't do it on the same switch...
<arrrghhh> then you've gotta have sometihng wrong in firehol.
<arrrghhh> i'm assuming you can still poll iptables
<arrrghhh> i think it's iptables -L
<talcite> I stopped it completely (unloaded all the rules from iptables) and it's still not working
<talcite> OH!
<talcite> damnit I bet you snmpd binded to the wrong interface
<talcite> There's multiple on these machines
<arrrghhh> lol
<arrrghhh> that would do it too
<pyrophelia> is there a "safe" way to shut a system down that is currently doing a raid rebuild?  It takes ~4-5 days to resync this raid I don't want to loose my current progress
<uvirtbot> New bug: #641001 in puppet (main) "cacrl should be use instead of hostcrl when generating apache2 passenger configuration" [Medium,Triaged] https://launchpad.net/bugs/641001
<hggdh> Daviey: second test is at 1,500 instances run, 10 failures. Looks good, will find how it ended tomorrow morning
<hggdh> Daviey: in fact, it has *never* been so good :-)
<_Techie_> when connecting to the internet via a 56k dial up modem, what is the interface name for the connection?
<computerwiz_222> Hello, I'm having difficulty setting up a software raid1. I have an advanced format drive from Western Digital which uses 4kb sectors rather than the usual 512. Has anyone had any experience with this?
<netritious> is there are package available to tell me which Ubuntu mirror is the fastest from my location?
<Daviey> netritious, There is one for the desktop, but i don't think we have this on the server :(
<Daviey> (and TBH, the desktop one is based on ping time, rather than speed)
<Daviey> iirc
<netritious> Daviey: thanks. Was about to try and work out one with PHP or python but wanted to make sure something wasn't already out there.
<Daviey> netritious, Sounds awesome... make sure you share it with us :)
<netritious> Daviey: Of course :)
<Daviey> netritious, I would suggest python... it could even be in the Natty :)
<Daviey> netritious, writing in PHP means we need depend on that... python is already installed.
<Daviey> so python++
<netritious> Daviey: I considered that..the dependency thing
<netritious> BUT i'm not a python coder :)
<Daviey> netritious, well do what is best for you :)...  Learning python could be fun :)
<netritious> Daviey: I completely agree
<netritious> i'm taking a stab at it with python first
<Daviey> netritious, awesome!
<uvirtbot> New bug: #641125 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/641125
<uvirtbot> New bug: #641131 in samba (main) "package samba 2:3.5.4~dfsg-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/641131
<maedox> Hi guys, one (maybe not so easy) question: I have one server that is a SSH gateway for all the other server from WAN. I have disabled all sudo access and set a very strong root passwd. I want a script to run if someone gains root. Right now I have it in ~root/.bashrc. Any thoughts on that?
<maedox> what the script does is email me some info about the login, `last` etc.
<uvirtbot> New bug: #641151 in multipath-tools (main) "multipath flush always returns 1" [Undecided,New] https://launchpad.net/bugs/641151
<uvirtbot> New bug: #641153 in dovecot (main) "Dovecot installation from Aptitude fails" [Undecided,New] https://launchpad.net/bugs/641153
<Daviey> maedox, a pam script might be better
<maedox> Daviey, thanks for the tip, I'll look into that.
<Daviey> maedox, cool... would love to hear how you get on.
<ztripez> i have a server with 2 nics.. they show up in lspci but when i do a /etc/init.d/networking restart it say that eth0 and eth1 cant be found...
<maedox> ztripez, they might not be named eth0 and eth1.
<ztripez> maedox,  where can i found the name of them?
<maedox> they are set in /etc/udev/rules.d/70-persistent-net.rules here, your filename may be different.
<ztripez> maedox,  ok since i switched network cards the addressing is wrong i guess?
<maedox> yes that could happen
<ztripez> maedox, any easy way to restet or do i have to du it manualy?
<maedox> I think you can change the names in that file and then do sudo service udev restart and then restart networking.
<ztripez> maedox, ok i got one of them to work (was assigned to eth2) but the other one doesn't work
<ztripez>  dmesg | grep eth
<ztripez> [    0.992214] 0000:00:19.0: eth1: (PCI Express:2.5GB/s:Width x1) 00:1d:09:84:59:1f
<ztripez> [    0.992217] 0000:00:19.0: eth1: Intel(R) PRO/10/100 Network Connection
<ztripez> [    0.992236] 0000:00:19.0: eth1: MAC: 7, PHY: 7, PBA No: ffffff-0ff
<ztripez> [    8.894663] udev: renamed network interface eth0 to eth2
<ztripez> so it finds eth1 but..
<maedox> is the mac address correct in the udev file?
<ztripez> maedox, how do i get the mac adress?
<maedox> good question, I honestly can't remember right now. give me a minute.
<ztripez> hm.. when i do a ifconfig -a i get eth2 and eth1_rename
<maedox> oh yeah, doesn't the mac address get listed on ifconfig?
<ztripez> dooh, yes it does
<maedox> as HWaddr
<maedox> :)
<Martens1984> Doh, can someone tell me how I can enter #ubuntu
<maedox>  /join #ubuntu doesn't work?
<ztripez> maedox, got it to work now, thanks just had do edit the udev rules and restart ;)
<maedox> ztripez, great :)
<maedox> ztripez, it's probably some service that needs restarting, but a reboot solves it alright :P
<Martens1984> maedox: Nah, it tells me: #ubuntu Cannot join channel (+r) - you need to be identified with services
<maedox> Martens1984, aha, you probably need to register your nick with NickServ.
<Martens1984> maedox: I thought I did, I get this ubuntu/unregged server witch asks me a question, if I anser it, I should be able to join #ubuntu, but no...
<ztripez> trying to put up a UEC.. got it controlers installed.. both nics working eth0 as public and eth1 as private.. but don't i have to configure the dhcp server to lease ip's to the private network?
<maedox> Martens1984, did you do /msg NickServ identify password ?
<Martens1984> maedox: I forgot to ferify... :(
<Martens1984> I gues I can post my prob here aswell...
<Martens1984> If I ping to <servername> my ubuntu tries to reach e.g. 10.1.0.1 instead of 10.0.1.1, what could be wrong?
<maedox> what does host <servername> give you?
<Martens1984> both
<maedox> ok, then that's why. I'm not sure how it selects which one to ping.
<Martens1984> thats cuz I entered 10.0.1.1 in the hostfile
<Martens1984> I gues
<Martens1984> but how can I remove the wrong IP?
<maedox> that's weird, it should use the one in your hosts file.
<maedox> you have to edit the DNS server config.
<Martens1984> the DNS server gives only the right Ip... :S
<maedox> huh?
<maedox> then I don't know where it gets 10.1.0.1
<Martens1984> and on the windows machine I'm on ping <servername>  works perfectly
<maedox> do they use the same DNS server, and is your /etc/hosts file correct?
<Martens1984> yes
<Martens1984> I get this reply if I ping:
<Martens1984> From icmp_seq=1 Destination Host Unreachable
<Martens1984> From <this_pc> (xx.xx.xx)  icmp_seq=1 Destination Host Unreachable
<Martens1984> I simply gues I fuck up to much trying to integrate Ubuntu-server to W2K3-server
<maedox> if you type in nslookup - ip.address.for.dnsserver    and then query it for the servername, does it give the right one?
<maedox> yes, I don't know, this all sounds weird. I'm not sure what's up.
<Martens1984> hah... it throws out both ip's
<maedox> then there is something up with the DNS
<maedox> what's the output of the query?
<Martens1984> Name: <servername>
<Martens1984> Address: 10.1.0.10
<Martens1984> Name: <servername>
<Martens1984> Address: 10.0.1.10
<maedox> then there must be two A records with same servername and different IP-addresses in the DNS.
<Martens1984> <servername> being servername.domain.name
<maedox> or the DNS is doing some strange stuff :)
<Martens1984> if I use nslookup from another pc, it only gives the right address
<maedox> right, you mentioned that. very weird indeed.
<maedox> there should not be any caching of dns by default in ubuntu, but that's the only thing I can think of.
<Martens1984> it runs a DHCP server... but so does the server I try to reach, this server did not lease any IP
<maedox> I'm out of ideas. Maybe try rebooting or at least service networking restart.
<sCOTTo> hey guys, I am setting up a ubuntu server to serve Virtual servers on inside an office. One VS will be a windows server. I have a machine with 2 x 1 TB SataII drives. Should I be striping these or Mirroring them or keeping them as two ???
<au> I would mirror them for backup reasons
<sCOTTo> How does that help for backup? would it not be better to have daily backups running ?
<maedox> sCOTTo, yeah, mirroring is the way to go if they need to be up all the time.
<sCOTTo> or does the mirror allow for Redundancy ?
<Martens1984> tru, but mirroring... wel you just figured it out
<maedox> sCOTTo, backups mean you have to reinstall the backup. RAID 1 will let you change one disk while the other works. Assuming they are hot-swap disks/controller.
<sCOTTo> ok so the next question... can I use SOFTWARE within Ubuntu to set up the mirror or do I need a Sata Raid Card setup ?
<Martens1984> If one crashes, you simply replace it and continu servering
<sCOTTo> ok sweet - sold on mirror.
<hggdh> Daviey: second run: 2,003 instances submitted, 1,975 successes
<sCOTTo> lol
<Martens1984> A hardware raid is preferable
<sCOTTo> I dont have the raid card or ability on the MB thats all :(
<sCOTTo> its a AMD 64-but MB
<maedox> sCOTTo, just make sure that hot-swap is possible. ;)
<sCOTTo> I do think so...
<sCOTTo> I should GG the mb huh lol
<maedox> sCOTTo, If a small down-time is acceptable you can shutdown, change disk and reboot.
<sCOTTo> yeah a small downtime should not be a problem...
<sCOTTo> should I buy a stack of the same HDDs so I ahve back up drives ??
<Daviey> hggdh, I'm pretty happy with those stats as stress testing goes :)
<sCOTTo> hmmm it has RAID 0,1 whats that ?
<maedox> sCOTTo, 0,1 just means it can do RAID 0 or RAID 1. RAID 0 being striping (data divided between disks) and RAID 1 being mirroring.
<Martens1984> http://en.wikipedia.org/wiki/Redundant_Array_of_Independent_Disks#RAID-0 ;)
<sCOTTo> ok so the MB can Mirror then yes ?
<maedox> yes
<sCOTTo> :D I guess thats a good thing ;) now I gotta figure out HOW
<sCOTTo> lol
<maedox> yes, that it the question. there is probably a hotkey for configuring it when you boot up your machine.
<Martens1984> lol... reboot and check BIOS startup carefully.... you should enter a combination of keys to enter the raid setup
<Martens1984> ... ore there should be a driver to acces the raid setup within Windows... in ubuntu I'm not sure
<sCOTTo> found the Manual ;)
<sCOTTo> RTFM :D
<Martens1984> GL & HF
<sCOTTo> GL & HF ???
<sCOTTo> good luck
<sCOTTo> hace fun
<sCOTTo> ok
<Martens1984> Good Luck & Have Fun
<sCOTTo> thanks :D
<sCOTTo> hehehe
<maedox> :D
<sCOTTo> I am doing this one for one of the most HATED Politicians in Australia ;)
<sCOTTo> hehehe
<sCOTTo> i LURVE ppl who are politically incorrect :D
<maedox> make sure to put in a remote killswitch then :P
<sCOTTo> hehehe nah - I like him :D
<sCOTTo> lol how do I make a remote killswitch btw ;)
<Martens1984> 20 pounds of TNT next to the server...
<Martens1984> or C4
<sCOTTo> that would work
<sCOTTo> or... INSTALL WINDOWS :D
<sCOTTo> tee hee hee
<Martens1984> Windows, and your switch in instantly killed
<sCOTTo> thats why I am VIRTUALISING the windows server they want to run hehehe
<sCOTTo> its a LOT safer :D
<Martens1984> so... thats what's going wrong here... I got w2k3-server and am running Ubuntu virtualy
<sCOTTo> oh dear...
<sCOTTo> thats BLASPHEMY!
<Martens1984> I know... but it's out of my hands
<sCOTTo> if you have the KB... then it aint ;)
<sCOTTo> hehehe
<sCOTTo> bbs
<Martens1984> DOH, my unconfigurable DNS-server is f****d up
<sCOTTo> unconfigurable ?
<Martens1984> Yeah... it's inside the router
<sCOTTo> hmm
<sCOTTo> upgrade the firmware
<sCOTTo> ;)
<Martens1984> modem/router ADSL internet thing
<sCOTTo> just reboot it. that normally clears it
<Martens1984> yeah... gonna try that now
<Martens1984> how do I kill a zombie process
<au> ps x
<au> kill process
<au> 23:25 < au> ps x
<au> 23:25 < au> kill process
<maedox> you can't kill a zombie. it's already dead.
<maedox> no pun intended :)
<Ethos> hi guys, I've installed fail2ban but I'm receiving "Restarting authentication failure monitor fail2ban                           start-stop-daemon: Unable to set gid to 0"
<Ethos> Any ideas?
<hurra> when will there be a kernel update for 10.04?
<smoser> kirkland, ping
<smoser> or maybe daviey or ttx know.
<smoser> how is /etc/motd.d/* executed on login ?
<ttx> smoser: ask and you shall find
<smoser> i can't trace this.
<ttx> I think it's through pam-motd
<smoser> i suspect pam_motd.so, but nothing says that it should update that.
<smoser> yeah
 * ttx looks
<smoser> so something updates /etc/motd, and i can't find what
<smoser> (it does so by runparts of /etc/update-motd.d)
<Daviey> and people don't see the point of shipping the server guide on the install....
<Daviey> smoser, $ w3m /usr/share/ubuntu-serverguide/html/C/pam_motd.html
<ttx> http://manpages.ubuntu.com/manpages/maverick/man8/pam_motd.8.html sounds a bit out of date
<smoser> so pam runs (as root) stuff in /etc/update-motd.d on *every* login ?
<Daviey> erm
<Daviey> don't think it does
<smoser> not root. you're right.
<Daviey> hmm
<smoser> as root
<smoser> verified
<Daviey> dave@bootie:~$ cat /etc/update-motd.d/100-date
<Daviey> #!/bin/sh
<Daviey> echo "*** test"
<Daviey> date
<Daviey> whoami
<Ethos> any of you chaps using fail2ban?
<Daviey> *** test
<Daviey> Fri Sep 17 15:32:12 BST 2010
<Daviey> root
<mdeslaur> yes, it's in a ubuntu-specific patch, guys
<Daviey> Ethos, yes
<Ethos> Finding it good? :)
<smoser> yeah. daviey, i just did the same thing.
<smoser> as root, and every time.
<Daviey> Ethos, functional :)... I actually use that and Denyhosts depending what the server is, what i'm in the mood for, if it's raining or sunny  :)
<Ethos> heh
<Daviey> smoser, heh
<Ethos> Cool, I've just thought about security on my linode and realised I was a bit slack with it
<maedox> There is also sshd-autoban, which can add IP-addresses to either hosts.deny or iptables.
<thafreak> Ethos: I just switched to fail2ban from denyhosts
<ttx> SpamapS: ping
<thafreak> It seems to use a constant ammount of ram, where denyhosts slowly used more
<thafreak> I was wary of using something that messed with iptables at first, but it runs well
<Ethos> interesting :)
<Ethos> I'll check out the alternatives too
<MTecknology> How do I reload an apparmor profile?
<MTecknology> found it
<SpamapS> ttx: pong, sup?
<ttx> SpamapS: dude!
<ttx> SpamapS: was wondering if you wanted to try to sneak a fix for bug 624361 before release. If yes, i'll target it against Maverick.
<uvirtbot> Launchpad bug 624361 in openssh "service ssh restart does not test the configuration file" [High,Triaged] https://launchpad.net/bugs/624361
<ttx> SpamapS: but then another bug surfaced...
<ttx> that might require even more of your attention...
<ttx> bug 641384
<uvirtbot> Launchpad bug 641384 in memcached "memcached binaries seeded in Ubuntu.Maverick supported-misc-servers seed" [High,Incomplete] https://launchpad.net/bugs/641384
<ttx> apparently we are short of a few MIRs there
<SpamapS> ttx: No, that one has no real easy solution w/ upstart. :(
<ttx> SpamapS: I thought so.
<ttx> Will keep it out of scope for the moment then.
<ttx> SpamapS: could you debunk bug 641384 ?
<SpamapS> ttx: I think long term the answer is going to be to add a "verify" capability to upstart jobs
<SpamapS> ttx: weird, don't they see the LP bug numbers *in the commit logs* ?
<ttx> SpamapS: "see" ?
<ttx> SpamapS: "they" ?
<ttx> SpamapS: "weird" ?
<ttx> SpamapS: "numbers" ?
<ttx> SpamapS: "logs" ?
<ttx> SpamapS: ?
 * ttx is in a playful mood
 * SpamapS is in an "annoyed with AT&T mood"
<ttx> SpamapS: I'm not sure I got your last question rigth
<ttx> SpamapS: do you mean "shouldn't LP autoclose bugs based on LP bug numbers in debian changelogs" ?
<SpamapS> oo AT&T is here
 * ttx hands SpamapS a mask
<SpamapS> ttx: I told you I'm not going to your weird party in the countryside
<SpamapS> actually, the bug #'s aren't in the commit logs
<SpamapS> just the blueprint names
<SpamapS> we really do need to fix the seed management process
<zul> i think ttx started a bit early this weekend
<ttx> I'm already 2 minute IN my weekend.
<ttx> SpamapS: assigned.
<SpamapS> Comment added w/ pointers to the MIR's
<ttx> SpamapS: I think doko's point is that the dependencies were not MIRed
<SpamapS> ttx: err, all of those are from the libmemcached source package
<ttx> SpamapS: just a sec
<ttx> SpamapS: you need a MIR filed for each and every dependency
<SpamapS> ttx: MIR's are by source package. Yes?
<ttx> yes
<ttx> ah, you mean all thise are binaries from libmemcached ?
 * ttx looks with more attention
<SpamapS> http://paste.ubuntu.com/495382/
<SpamapS> all from libmemcached source
<SpamapS> Build-Depends: debhelper (>= 7.0.50), perl, memcached (>= 1.4.1), automake (>= 1.10), autoconf, libtool
<SpamapS> All of those are covered..
<SpamapS> so .. yeah I think Build-Depends: debhelper (>= 6), libevent-dev, quilt (>= 0.46-7)
<SpamapS> So yeah, I think we're all good
<ttx> they must have missed promotion.
<ttx> SpamapS: feel free to ping some MIR team member about that.
<SpamapS> Honestly, the whole MIR process and promotion issue for non-dependencies is really confusing.
<SpamapS> ttx: Aren't you supposed to be enjoying your friday evening by now?
<uvirtbot> New bug: #641468 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: Paket ist in einem sehr schlechten inkonsistenten Zustand - Sie sollten  es erneut installieren, bevor Sie es zu entfernen versuchen." [Undecided,New] https://launchpad.net/bugs/641468
<RoyK> http://simnet.is/freebsd/stopping_named.txt
 * cloakable grins
<blackxored> hi guys, i have a openvpn setup which is supposedly pushing dns information pointing to itself since I have dnsmasq installed on that server, but i'm somehow still using my company's dns, i want to know why and how to solve this???
<Mahara> I'm trying to install Nginx following the instructions from http://wiki.nginx.org/NginxInstall , after I refresh the repos and run apt-get install nginx it gets the stable version instead of the ppa version why ? is the ppa broken or what?
<Mahara> the stable version from the standard repos not that ppa
<beawesomeinstead> PLEASE PLEASE HELP ME MY COWORKERS GOT ME DRUNK. how to fix this?/??? THIS IS THE FIRST TIME I'M DRUNK??
<Mahara> nvm I need some sleep :D I need to replace /stable with /development
<Daviey> beawesomeinstead, Really, Really not appropriate for here.
<beawesomeinstead> i know know know\
<uvirtbot> New bug: #641519 in samba (main) "samba install hangs in 'samba.postinst configure'" [Undecided,New] https://launchpad.net/bugs/641519
<beawesomeinstead> maybve
<Daviey> smoser, awesome! bug #509562
<uvirtbot> Launchpad bug 509562 in euca2ools "euca-bundle-image returns Odd-length string error" [Undecided,Confirmed] https://launchpad.net/bugs/509562
<blackxored> i have a openvpn setup which is supposedly pushing dns information pointing to itself since I have dnsmasq installed on that server, but i'm somehow still using my company's dns, i want to know why and how to solve this???
<smoser> yeah. once i took 10 minutes to actually look at it, it was obvious that only 1 thing could really be causing the failure.
<Daviey> smoser, now you mention it.... replace('L', 'c') <-- LOL :)
<Daviey> smoser, I guess that should have jumped out at us sooner :)
<smoser> well, the 'L' being replaced is the last letter of 0xABCDEF....GBL
<smoser> (ie, 'Long')
<smoser> and they "fixed" that issue that they were no doubt seeing 1 in 10 times or so by adding the replace
<Daviey> :)
<smoser> (it just bought them an extra digit)
<Daviey> smoser, Are you planning to SRU that?
<smoser> well, we'll see if they let it into maverick
<smoser> i uploaded.
<Daviey> i saw it in the queue... i would imagine that will get through
<smoser> i guess the replace would buy make it 16x less likely to occur
<smoser> right?
<RoyK> what sort of backup software do you guys (or girls) use?
<Daviey> smoser, well... it seems saner than it is now...
<incidence> RoyK: Script called rsync-backup =)
<Mahara> RoyK, Bacula ( http://www.bacula.org/en ) , KLEO (http://www.kleobackup.net/), RedoBackup ( http://redobackup.org/ )
<smoser> well, now i think it should never fail
<Daviey> smoser, Trying your patch now :)
<smoser> but without their replace, i think it was probably failing like 1/10 or something
<smoser> with replace it goes to 1/160 or so
<incidence> Can I get more than 1 IPv6 address from tunnelbroker? Confused with those.
<Daviey> smoser, i'll try your test bash script shortly
<RoyK> Mahara: I guess I'll do some more testing on Bacula...
<smoser> yeah, i even uploaded an image (only once) and ran it to make sure that there was no hidden issue with what i was doing.
<Daviey> smoser, It looks very logical... I'll test it here.. update the bug report... Then it seems even more likely it'll get through... But tbh, it looks good as it is :)
<aubre> how can I change the IP address on a network interface ?
<pmatulis> aubre: with the 'ip' command
<aubre> thanks!
<aubre> I know - I was just showing the power of the irc channel and you helped
<SpamapS> pmatulis: thats not permanent tho
<SpamapS> aubre: you probably want to change it permanently yes?
<aubre> yes
<SpamapS> aubre: if its static, it should be defined in /etc/network/interfaces
<aubre> thanks !
 * pmatulis is singing the blues
<ruben23>  i have a full HDD, now i have an extra HDD can i add it up so i can copy the files there for backup..? any solutions
<ttx> SpamapS: yes, I am.
<smoser> ttx, go to bed
<_Techie_> anybody here using ubuntu-server setup as their router with a 100mb network
<Patrickdk> techie, no, but I am with gigabit
<_Techie_> hrmm
<_Techie_> can i get you to get me some numbers
<Patrickdk> what?
<_Techie_> i need you to use traceroute on your sever to anywhere and get me the hop time between server and modem
<Patrickdk> ok
<Patrickdk> dunno why 100mbit is required for that though :)
<_Techie_> well im usin 100mbit
<Patrickdk> well, you better hurry up and tell me, or I will have to leave :)
<_Techie_> so i wanted to try keep it as close to my network as possible
<_Techie_> but a gigabit readout wl do
<Patrickdk> wait, you want to compare my hop times, from server to modem to your server to modem?
<_Techie_> yes
<Patrickdk> cause I have no modem
<Patrickdk> I'm on fiber
<_Techie_> oh
<Patrickdk> directly plugged into my server
<_Techie_> damnit
<_Techie_> stupid NZ internet
<_Techie_> were still on ADSL
<Patrickdk> cable modem? or dsl?
<Patrickdk> hmm
<_Techie_> nto een ADSL2+
<_Techie_> even*
<Patrickdk> dunno much about dsl, well, I know about it, but don't use it :)
<_Techie_> oh well
<_Techie_> thanks for your time anyway
<Patrickdk> but cable, adds 10-30ms of delay
<Patrickdk> pastebin your results
<_Techie_> Patrickdk: http://ubuntu.pastebin.com/vQ56zhS0   from a mac laptop inside my network conected to wireless
<Patrickdk> hmm, alittle high, but that depends on your dsl people
<_Techie_> immore interested in my LAN rather than my WAN atm
<Patrickdk> the 2.3ms?
<_Techie_> yeah
<_Techie_> #1 is laptop to roter, #2 is router to modem
<Patrickdk> what is laptop to router? wifi?
<Patrickdk> that would be the issue there :)
<_Techie_> yes
<Patrickdk> ya, wifi is normally +2ms
<Patrickdk> 802.11g?
<_Techie_> yep
<Patrickdk> 54mbit max, so 22mbit usable
<_Techie_> so you dont think that my server s taking an excess amont of time to route packets?
<IamReck> Hi I am looking for help getting 10.04 to syslog to Centos 5.5.
<guntbert> IamReck: you will have to debug that on the centOS side I'm afraid, as syslog requires no acknowledgement from the syslog server ( if I remember correctly )
<IamReck> Question for the Ubuntu one, though, if I edit the /etc/syslog.conf, will those settings be obeyed by rsyslog/
<IamReck> ?
<RoyK> IamReck: just log to @your.centos.box
<IamReck> RoyK, that's what I'm doing.
<RoyK> obviously the centos box will need to listen to 514/udp
<IamReck> syslog is listening.
<Four2zero> i did a mistake on a command, and removed a initrd.image from ubuntu-server by mistake how can i retrieve this file back ?
<RoyK> IamReck: that should be all iirc
<RoyK> IamReck: can you try to sniff outgoing udp traffic from the ubuntu box?
<Four2zero> this is the command i accidently used sudo rm -rf /initrd.img
<Four2zero> is there any way to retrieve this file back ?
<guntbert> Four2zero: I don't think you can -- so learn to be *very* cautious when working with root rights
<nakhlawi> Four2zero: http://www.debian-administration.org/article/293/How_Do_I_Make_an_initrd_image
<Four2zero> how important is /initrd.img ?
<guntbert> Four2zero: very, see ^^
<Four2zero> nakinak im showing that link is dead on my end.
<maswan> Four2zero: you won't be able to boot. dpkg-reconfigure on the kernel package should fix it up
<Four2zero> unable to connect
<RoyK> Four2zero: if the system is up and running, just reinstall the kernel package of choice
<RoyK> oh
<RoyK> then you're fscked
<Four2zero> okay.
<RoyK> Four2zero: the initrd contains all loadable modules for the kernel, and in most distros, that also includes the sata/ata/scsi/whatever drivers, and without those, the kernel can't find its drives
<Four2zero> oh snaps....!
<guntbert> Four2zero: why are you unable to connect?
<Four2zero> RoyK, when i ran dpkg-reconfigure it says please specify a package to reconfigure ?
<Four2zero> guntbert Firefox cant establish a connection to the server at www.debian-administration.org
<Four2zero> problem loading page.
<Four2zero> gunthber and im not using proxy
<Four2zero> also with chrome with same issue
<Four2zero> guntber and same with IE
<guntbert> Four2zero: and from where do you chat?
<Four2zero> US
<guntbert> Four2zero: no, how do you chat/irc if you have no network connection?
<Four2zero> guntbert oh...just specific page i cant load
<Four2zero> internet connection is fine
<Four2zero> hahahah...i had program running peerblock
<Four2zero> now im able to access the page
<guntbert> Four2zero: how is that specific page related to your problem? you should be able to reinstall the kernel as Royk suggested
<Four2zero> that's fixed now, so anyhow im doing what he suggested.
<uvirtbot> New bug: #641632 in samba (main) "[maverick] upgrade process cannot stop smbd, prerm script hangs and blocks upgrade process" [Undecided,New] https://launchpad.net/bugs/641632
<guntbert> Four2zero: Good luck :-) I'm off
<Four2zero> but im getting a /usr/sbin/dpkg-reconfigure: please specify a package to reconfigure
<guntbert> <RoyK> Four2zero: if the system is up and running, just reinstall the kernel package of choice
<Four2zero> yes, the system is up and still running. im googlining that info right now
<Four2zero> so basically need to reinstall the kernel ?
<Four2zero> correct
<Four2zero> Is what im looking for: http://ubuntuforums.org/showthread.php?t=311158
<uvirtbot> New bug: #641647 in vsftpd (main) "package vsftpd (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/641647
<Four2zero> okay i repaired it.
<uvirtbot> New bug: #641657 in openssh (main) "SSH connections freeze after a period of time" [Undecided,New] https://launchpad.net/bugs/641657
<lapsusbrutus> anyone knows id chmod 644 on the /dev/mem file will crash anything?
<RoyK> lapsusbrutus: not unless you let me into your system
<RoyK> or any other - or you have a faulty php script - or ......
#ubuntu-server 2010-09-18
<hggdh> hallyn: there?
<veebull> anyone know where to find a description or explanation of the install options presented by the Server install CD?
<veebull> They don't seem to be covered in the official docs, and the pages on boot options and boot parameters in the Community Docs are for the Desktop Live CD version... which doesn't appear to match.
<veebull> Specifically I'm curious about the 'F4 Mode' options, which used to be graphic mode options but now are labeled 'Normal', 'OEM Install', 'Minimal Install', 'Install virtual machine'...
<vbabiy> How can I find out how many file descriptors are in use?
<vbabiy> this does not make sense to me
<vbabiy> vbabiy@vbabiy-laptop:~$ lsof | wc -l
<vbabiy> 7989
<vbabiy> vbabiy@vbabiy-laptop:~$ ulimit -n
<vbabiy> 1024
<hallyn> hggdh: if it's any help, i'm here now
<hggdh> hallyn: heh. No shabbos for us, it seems
<hggdh> hallyn: but now I have forgotten what it was :-( Ah well. Hopefully I will remember by next MOnday.
<echosystm> has anyone here used ubuntu UEC?
<echosystm> hm
<echosystm> must be really popular.
<lifeless> its pretty popular
<hggdh> indeed it is.
<vbabiy> what is the correct way to find out how much memory a process is using?
<echosystm> top
<demonspork> using Ubuntu 10.04 on an HP Proliant DL380 G3, when I SSH into my server it takes 5-10 seconds to challenge for authentication (either password or key) but the server has like a 45ms ping when I ping it directly
<demonspork> I also have another possibly related bug with minecraft, when logging into the server it sometimes times out the login for minecraft
<demonspork> I have no idea where to being solving this
<echosystm> anything suspicious in your ssh logs?
<echosystm> ssh -vv when you log in and see if anything weird pops up too
<demonspork> echosystm, it seems like it hangs after the line "debu2: key: /home/me/.ssh/id_dsa ((nil))
<demonspork> it is there for several seconds
<demonspork> debug2*
<demonspork> spork#666
<pex> demonspork I have the exact same proliant with the same server version
<HarryMuffin> I had that same issue but fixed it with a manual entry for the connecting host in the /etc/hosts file. Dunno why it worked but it did
<demonspork> HarryMuffin, explain this fix further plase
<demonspork> what type of entry
<demonspork> what did you have to add
<HarryMuffin> it was on a land so I added the hostname / ip to the /etc/hosts file
<HarryMuffin> er.. lan
<HarryMuffin> so the line was "machine-name   ipaddress"
<demonspork> which machine
<demonspork> are you talking about the local machine or the one trying to connect
<demonspork> HarryMuffin
<HarryMuffin> the one you are connecting to
<demonspork> HarryMuffin, I just tried that and it didn't seem to do it :(
<demonspork> just want to make sure I understand it entirely: say the server is named "server1" and the computer I am on right now is named "bob"  in the /etc/hosts/ for server1 I need to add what exactly?
<HarryMuffin> be sure to do a "/etc/init.d/networking restart"
<cwillu_at_work> editing /etc/hosts doesn't require a networking restart
<HarryMuffin> nevermind that last line then
<cwillu_at_work> there's an option for sshd to not try to resolve connecting ip addresses, which is probably a better fix
<HarryMuffin> there ya go
<cwillu_at_work> that should actually be the default
<cwillu_at_work> or maybe not
<cwillu_at_work> UseDNS in /etc/ssh/sshd_config
<demonspork> useDNS
<cwillu_at_work> should be no
<demonspork> right
<demonspork> k
<HarryMuffin> right on, didn't know about that
<Iceman_B> how can I check from the command line what HDD's are connected inside my system and how full they are ?
<au> Iceman_B: df -h
<Iceman_B> ok, that gives an idea
<Iceman_B> and how do I get the physical model info?
<qman__> Iceman_B, sudo fdisk -l
<Iceman_B> w00t
<Iceman_B> thanks you 2
<Mateo_> Hi everyone !
<Mateo_> I have a simple question to start :) I'm using pure-pw and i have created a user , owner of /home/mywebsite/
<Mateo_> the user is in the ftpgroup
<Mateo_> to be able to connect via ftp
<Mateo_> the problem is, i need to use auto-upgrade with wordpress, and i can't use it because the folder has to belong to a user in the www-data group
<Mateo_> so my question, can a user belong to 2 group ?
<_Techie_> Mateo_, yes
<_Techie_> Mateo_, a user can belong to two or more groups, dont askme how to do it because i dont know and im heading to bed
<_Techie_> !group
<_Techie_> hrmm
<_Techie_> oh well
<_Techie_> good night
<Mateo_> thanks _TechAway_
<guntbert> Mateo_: a user can be member of many groups, try with adduser <user> <group> and see man adduser
<techcomputernerd> i need help with ubuntu server
<guntbert> !ask | techcomputernerd
<ubottu> techcomputernerd: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Mateo_> guntbert: and can a folder belongs to 2 users ?
<techcomputernerd> I am trying to set ubuntu server to share a hard drive between five computers, two are windows, two are mac and one is ubuntu (desktop) I am trying to set up a dynamic ip but i dont know what to enter for the netmask, network, broadcast and gateway in /etc/network/interfaces
<guntbert> Mateo_: a folder can belong to one user and to one group
<techcomputernerd> i mean a static ip
<guntbert> techcomputernerd: I guess that question will be better answered in ##networking
<Mateo_> guntbert: ok so that's problematic, because i need this folder to belongs to www-data for the automatic upgrade, and to be able to ftp with another user (of course)
<techcomputernerd> sorry, i thought i should post it in ubuntu-server because it is about ubuntu serrver :)
<guntbert> Mateo_: so you give it to some group with write access and make the user a member of that group
<amanita_> Hi, anyone using a server (multiple cpus, quad core, xeon etc, sata/sas raid etc) with gnome as a general desktop?
<au> I have before
<amanita_> au: I am going to buy hp z200 or proliant tower server for gnome and math apps
<au> cool :)
<jpds> au: Does it run faster?
<amanita_> jpds: two quad-core xeon
<au> jpds: it runs fast, but linux as my main os is not my taste :)
<Kamikazepinguin> Hi!
<au> hiya
<Kamikazepinguin> Has ynyone here a source for ubuntu server 10.x  for sparc-plattforms?
<Kamikazepinguin> *anyone
<joschi> Kamikazepinguin: what's wrong with the official cd image?
<joschi> Kamikazepinguin: http://cdimage.ubuntu.com/ports/releases/10.04/release/
<RoyK> damn - didn't know ubuntu ran on SPARC :)
<joschi> RoyK: 10.04 is the last release that officially will
<Kamikazepinguin> joschi, its a i386 image
<joschi> Kamikazepinguin: no, it's not
<Kamikazepinguin> o0? really?
<joschi> RoyK: https://lists.ubuntu.com/archives/technical-board/2010-August/000441.html
<shauno> none of the /ports/ tree are i386
<hggdh> hallyn: I remembered: https://launchpad.net/~ubuntu-server-qa/+archive/regression-test/+build/1963857/+files/buildlog_ubuntu-lucid-amd64.libvirt_0.8.3-1ubuntu11%2Bregressiontest20100917_FAILEDTOBUILD.txt.gz
<jdstrand> hggdh: just passing through, but if that is the same one I looked at the other day, you need to build it with '--without-macvtap'
<hggdh> jdstrand: thanks for passign by :-)
<jdstrand> sure :)
 * jdstrand wanders off
<extor> Is it pretty straightforward to migrate Xen domains into KVM domains? I'm having terrible stability issues that remain unsolved on a centos-xen kernel box and am desperate to try anything. Every 12-24 hours my box just cripples itself with an "init reloading" message. Nothing in the logs...
<extor> I'm at the point where I could almost just install ubuntu server just for the opportunity to have a newer Xen kernel running things
<extor> A shot in the dark...but when you can't see anything then all you can do is shoot randomly in the dark
<wickedSA> extor: pretty straightforward in my experience. a disk image is a disk image is a disk image...
<wickedSA> extor: some extra steps if any of it lives on LVM, but othersise its easy
<extor> wickedSA, so KVM also uses the disk image format?
<extor> Non propreitary?
<extor> well an LVM still shows up as a block device once you "map" it right
<wickedSA> extor: yes. right
<SamWhited> Anyone here know anything about configuring Tor with Polipo? I can't seem to get it to allow me to connect (for a while it was allowing only SSL connections, now it's refusing everything)
<uvirtbot> New bug: #642223 in samba (main) "package smbclient 2:3.4.7~dfsg-1ubuntu3.1 failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/642223
<RudyValencia> OK is anyone in here familiar with configuring oidentd for IRC clients on a network?
<uvirtbot> New bug: #642273 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu7.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 3" [Undecided,New] https://launchpad.net/bugs/642273
<demonspork> For anyone who remembers my problem with the slow SSH login, it is traced back to a crappy DNS server provided by the hosting company.
<demonspork> now I am just using the google DNS
<uvirtbot> New bug: #642280 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/642280
<Qwert> Ubuntu-server runs on tty1. Is it recommended to install KDE or gnome?
<uvirtbot> New bug: #642295 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/642295
<mdlueck> Has recognition of USB drives been disabled in Ubuntu Server 10.04 recently? It was working fine about six or seven weeks ago, but not this weekend. Nothing shows up in syslog, and usually I see PnP messages in there.
 * RoyK is somehow converting to openindiana these days.....
<mdlueck> Both USB HDD's and USB Flash Drives
<extor> What version of Xen does ubuntu server include as default?
<mdlueck> extor: Depends on the version of ubuntu server, check http://packages.ubuntu.com/
<extor> lets say "stable" ubuntu
<qman__> extor, if you mean LTS, there are two currently supported LTS versions, 8.04 and 10.04
<extor> qman__, I was just concerned whether it would permit me to overcommit RAM
<qman__> well, the above link, http://packages.ubuntu.com/ will allow you to find out what version of xen is available for each supported version of ubuntu
<mdlueck> extor: Ubuntu is a bit different than Debian... there are multiple "stable" releases at the same time.
<extor> looks like 3.3
<mdlueck> extor: for a new server, right now I would suggest 10.04 LTS
<extor> 3.3.0-1ubuntu11: amd64 i386
<extor> lucid
<mdlueck> extor: Ja, lucid
<qman__> yeah, go with lucid unless you run into hardware issues
<extor> I already am running into hardware issues
<extor> unfortunately
<extor> Under centos 5.5
<mdlueck> extor: If you have nothing at this time, make sure you DL the 10.04.1 updated images
<qman__> I'm not a fan of centOS
<extor> I'm becoming less of a fan of centOS by the day
<qman__> but what I was getting at is that lucid has trouble on some obscure graphics cards
<qman__> the new KMS and full resolution terminal setup doesn't have quite the same level of compatibility as the old way
<extor> qman__, why would graphics matter on a server
<extor> I ssh to it anyway
<qman__> to install in the first place
<corecode> hey
<corecode> not sure if this is the right place:  anybody ever converted a mdadm RAID1 to a RAID4?
<corecode> and/or expanded a RAID4?
<RoyK> corecode: iirc you can't convert a mirror to something else
<RoyK> corecode: also, why use raid4 when raid5 is around?
<corecode> it is mostly read with low throughput, so i can put one drive to sleep
<RoyK> corecode: still, I don't think you can move from a mirror to raid[456] without a backup/restore
 * RoyK uses zfs for storage :Ã¾
<diana1068> hi everyone!! :)
<diana1068> can anybody help with upgrading issue?
<RoyK> just ask if you have an issue, but be precise
<diana1068> i got a problem with upgrading my current kernel 2.6.32-24.43 to a newer one (2.6.32-25.1)
<diana1068> im running ubuntu 10.04 lts
<diana1068> i've received the update notification the other day, but couldnt fulfil it properly
<diana1068> here is what i get in terminal http://pastebin.com/mWZstfDm
<diana1068> (not fully english)
<diana1068> i began to receive an errors even afater  after simple adding or removing programs in terminal, synaptic or soft center that failure
<diana1068> applications work fine after such a weird installation thou
<diana1068> its all about generic kernel i think. thats it. who got an idea?
<EvilPhoenix> diana1068:  you'll need another pastebin...
<EvilPhoenix> yours expired
<diana1068> http://pastebin.com/z6GFJfbQ
<EvilPhoenix> lines 34, 35, and 36 explain your main issue
<EvilPhoenix> dpkg: dependency problems prevent configuration of linux-generic:  linux-generic depends on linux-image-generic (= 2.6.32.25.27); however:  Package linux-image-generic is not configured yet.
<EvilPhoenix> oop
<EvilPhoenix> actually
<diana1068> so what does it mean?
<diana1068> is it serious?
<EvilPhoenix> looks like there's more than one dpkg error
<EvilPhoenix> i'd wait for the experts to come around though (i'm okay, but they know more than I_
<EvilPhoenix> )
<diana1068> ok.  thanks anyway :)
<JanC> #
<JanC> Running postinst hook script /usr/sbin/update-grub.
<JanC> #
<JanC> /etc/default/grub: 28: Syntax error: EOF in backquote substitution
<JanC> that's the real bug
<diana1068> how can i fix it?
<JanC> can you put the contents of /etc/default/grub in a pastebin?
<JanC> or maybe you can see the problem yourself when you look at that file
<JanC> I suppose the problem is in line 28
<diana1068> wait...
<diana1068> i forgot to mention that i've edited this file before
<diana1068> as i got a problems with iverheating of my toshiba's fan
<diana1068> http://pastebin.com/6agMSSCq
<diana1068> here it is
<JanC> hm, no line 28, but the error message is for an error in line 9
<JanC> GRUB_CMDLINE_LINUX_DEFAULT="quiet splash acpi_osi=force"
<JanC> try changing it to that
<JanC> diana1068: ^^^
<diana1068> this is what im afraid of actually
<diana1068> this string is the main thing for the cou fan
<JanC> it can never work like it is now  âº
<diana1068> some toshiba's laptops runs ok with that, some nees to be edited in my way
<diana1068> but i'll try
<JanC> and there is just the " too much
<guntbert> diana1068: in line 9 there are 3 quotes (one too much or not enough)
<hallyn> hggdh: glad it worked out :)
<diana1068> how many quotes should i put there?
<diana1068> oh, sorry
<diana1068> u've already showed me :)
<diana1068> so basically it's just because of quotes??
<JanC> diana1068: double quotes inside double quotes doesn't work unless you escape them, but I doubt that it is required there, which is why I removed it
<diana1068> its miracle my dear helper !
<diana1068> it has updated
<diana1068> its miracle my dear helper !
<diana1068> i've got no errors inside of terminalits
<diana1068> and it seemed to be all because of stupid quotes :)
<JanC> and the fans work?  ;)
<diana1068> it looks so
<diana1068> but how could it work with 3 " before??
<diana1068> im going to sleep now. thank u very much. KISSES
<JanC> maybe because that line is only used when you run update-grub (which happens automaticly when you install a new kernel)
<ruben23> any idea with this guys when i monut ntfs hdd on my ubuntu server4----------------> http://pastebin.com/6MXYhcnD
<ruben23> mount ntfs on the additional hdd on my ubuntu server
<qman__> ruben23, as the message indicates, there is a problem with your NTFS filesystem which needs to be repaired from within windows
#ubuntu-server 2010-09-19
<RoyK> with openindiana coming, if btrfs doesn't pick up soon, the linux community will have a bit of a problem catching up
<Reck> Hi - I just installed an Ubuntu 10.04.1 on VMware Workstation and the networking isn't working, I have eth0 in the /etc/network/interfaces file but it isn't showing up in ifconfig -a, eth1 is, I was wondering if could tell me how to correct this error?
<ruben23> hi guys linux pendrive dnt have ubuntu-8.04 LTS what should i do if i want taht version..? any idea guys..?
<phyfus> my ubuntu linux server is failing to upgrade successfully to the newest kernel release
<phyfus> it ran ok through till the "Running postinst hook script /sbin/update-grub." step
<phyfus> then it just stayed there for 20 minutes until i killed it
<phyfus> looked  at the process tree and noticed that "/usr/sbin/grub-probe --device /dev/sde1 --target=fs_uuid" is marked as dead
<TimR> as anybody ran into debootstrap warning when trying to install the server
<ruben23> guys anyone used linux pen drive on installing ubuntu server server ..? problem is my version is not on the list whihch is ubuntu-server 8.04 LTS
<ruben23> how do i worked around with this..? please
 * RadioListener The best balkan irc network irc.balkancafe.org visit us :) if you from balkan ;)
<markatto> ruben23: try unetbootin
<markatto> ruben23: also, you might want to consider running a more modern release
<enzoplex> !postfix
<ubottu> postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer
<TimR> can anybody help me with a issue that is causing debootscript warnings
<sjr> I just put in a new hard disk 2.0 TB, and put Ubuntu 10.04 on it, (previously had 9.04), for some reason it only boots off the hard disk sporadically.
<jetole> Hey guys, I need to give access to all the servers I run to a lot of users and was wondering what anyone can suggest for auditing all actions?
<electrofreak> SJr, what seems to be the problem?
<SJr> I dunno
<SJr> right now I am trying to reinstall
<SJr> but Ubuntu keeps hanging on the partitions formatting 33%
<electrofreak> not sure why that would be...
<electrofreak> sure the drive is good?
<squidly> have you checked the logs for errors
<squidly> and how big are the drives?
<jetsaredim> what's the best way to setup a virtual machine server on my network
<jetsaredim> was thinking about using xen, but ubuntu desktop doesn't seem to have the virtualization kernels
<au> hmm
<au> jetsaredim: sun virtualbox
<jetsaredim> right - i sorta wanted to be able to host the guests on a separate machine other than the one I'm running my main desktop on
<jetsaredim> au: also, fwiw, it's oracle vbox
<jetsaredim> looking to setup on of my servers on my network as a vm server so i can run windows and linux guest on there and not tie-up my main desktop
<jetsaredim> just not sure what the best method is for that
<jetsaredim> i always thought virtualbox was sorta like vmware player
<uvirtbot> New bug: #642526 in munin (main) "munin-limits crashed with SIGSEGV in Perl_gv_check()" [Medium,New] https://launchpad.net/bugs/642526
<extor> what the hell...this server was giving me mad drive i/o errors when it was in the rack but now at home it's acting perfect
<kozmund> Tried it in the rack without hooking up the network cable? Maybe a power conditioning issue? Murphy having his way with you?
<kozmund> I have a variety of suggestions but I'd generally recommend isolating variables like power, load, vibration, light, smell, etc.
<kozmund> Several of those are overly silly, but you get the idea.
<qman__> vibration, and by association, noise, are especially pertinent to hard drives
<qman__> but bad power or a loose cable could just as easily be the culprit
<oracle> whats this new kernel updar
<oracle> is it sefcurity relarted?
<oracle> no answer
<qman__> 56 seconds
<SJr> Hmmmm My Ubuntu installation (kind of fresh) isn't booting. It just says /dev/sda2 clean, and then sort of hangs, if I hit ctrl+alt+del it will reboot.
<draik> I have installed postfix, but I'm not able to get a localhost connection started. It terminates after a second or two
<draik> What should I be looking at to have this resolved?
<draik> Yes, I have 'netstat -an' showing that port 25 is on LISTEN
<draik> Never mind. I got it. :)
<au> ok :)
<ARTSIOM> Hi! I am trying to build driver from sources for my RAID-SAS controller. I have dowloaded sources and copied them to /usr/src/linux-headers-2.6.32-21-server/drivers/scsi/aacraid folder. Can someone please help me now with the command to build this driver?
<corecode> is there any way to use luksClose?
<corecode> i keep getting "Device ... is busy."
<corecode> or i need to tell lvm to stop using it?
<corecode> vgchange -a n
<Shapeshifter> Hi. Has this hole been fixed in linux-server 2.6.24.28.30? http://www.h-online.com/open/news/item/Hole-in-Linux-kernel-provides-root-rights-1081317.html
<uvirtbot> New bug: #642750 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/642750
<Shapeshifter> And anyway, how come I have Package: linux-image Version: 2.6.24.28.30 but uname -a 2.6.24-26-server
<smokie> hey guys, how can i change ownership of /var/www to a different user? right now its set to root only
<pmatulis> smokie: 'sudo chown USER /var/www'
<pmatulis> smokie: 'man chown'
<smokie> thanks pmatulis
<smokie> was chown user:group directory
<ehcah> hello. if I have 2 DL380 G4's in my rack. The first is production, the second is test. My production box is starting to give me trouble. Can I remove the 2 mirrored drives from production and reboot the test box to become production? Would the only problem become the MAC address of my original product eth0 NIC? Sorry if this is a stupid question.
<joschi> ehcah: if your test box has similar (or better identical) hardware it shouldn't be a problem.
<joschi> ehcah: and for the MAC address: just clean/modify /etc/udev/rules.d/70-persistent-net.rules before migrating
<ehcah> joschi: That would be awesome if it were that simple.
<ehcah> The hardware is identical.
<coafcv> hi. I have a public/private key pair in ~/.ssh for my server, however I didn't specify it when connecting: ssh <ip-here> -l <username>. But I still could connect without being asked for the password. how's that possible? how does ssh know which key to use?
<hggdh> coafcv: by default it will use your ~/.ssh/id_rsa*
<coafcv> hggdh: I have no such files. I renamed all key files.
<ehcah> joschi: I forgot to clean the 70-per... file before my reboot.
<ehcah> Went in after a successfull boot and not appear to have eth0~3 in a dual NIC box.
<coafcv> is it possible to be noobish enough to allow keyless and passwordless logins and I accidentally did that?
<coafcv> or is there something else going on?
<ehcah> Can I rename eth2 & 3 back to 0 & 1 and reboot? After deleting the faulty lines?
<joschi> ehcah: yes. just edit the 70-persistent-net.rules file accordingly
<ehcah> Ok. I tried it anyway and rebooted. I think this machine has eth1 with a smaller last digit MAC ID then eth0.
<ehcah> My other box is smaller on eth0 if that makes sense. I must have reversed them.
<ehcah> one last question. are all networking services defaulted to either eth0 or eth1? Meaning that I do not have to change any other files?
<joschi> ehcah: just check /etc/network/interfaces to be sure
<ruben23> guys how do i read this capacity---------> drwxrwxrwx 2 root root 45096960 2010-09-18 12:19 ORIG
<hggdh> ruben23: not sure what you are actually asking about, but it says "full access to everybody and their cousins, owned by root
<Patrickdk> 45megs?
<hggdh> oh, capacity... I read 'capability', sorry
<ftpd> Hi.
<ftpd> I have ubuntu-server with lighttpd + php5 + mysql and 1GB RAM and php+mysql use ~800MB.
<ftpd> How to improve the performance?
<ftpd> I've enabled suhoshin in php, but it didn't helped much.
<au> umm
<au> how much is php using?
<ftpd> http://cl.ly/2e5d121809d26e0bcd70 - here's htop output
<uvirtbot> New bug: #642866 in openssh (main) "openssh client logs into server without specifying the correct key file." [Undecided,New] https://launchpad.net/bugs/642866
<ehcah> Joschi: Thank you for your help. Everything is working again. Can I bother you with one more question?
<pkhamre> will I loose data if I delete the superblock of two raid1 devices with 'mdadm --misc --zero-superblock' and then create a new raid1 with mdadm --create ?
<jetole> morning lagies and gents
<jetole> *ladies
<jetole> Can anyone recommend a good method to audit all activity on all servers?
<jetole> basically an ongoing audit so I can see what has been done.
<jetole> I was thinking something along the lines of process accounting, audit daemon, splunk and tripwire
<Mateo_> hey :)
<Mateo_> i can't get xdebug to work ... strange, i've configured my php.ini, installed php5-xdebug
<halvors2> How to set the configuration.php file writeable?
<ruben23> guys any have tried using unebootin on installing ubuntu server..? 8.04 LTS
<jetole> halvors2: chmod +w configuration.php
<jetole> ruben23: you mean unetbootin
<ruben23>  jetole: yes, on the installation after keyboard its displaying erro no dcrom detetced
<jetole> ruben23: which release? That sounds like a error
<jetole> I have been using preseed for a while and it's been around even longer so requiring a CD seems like a pretty big error since there has been other methods of install since before CD existed
<halvors2> jetole: But where is configuration.php located?
<halvors2> jetole: Can i do it global?
<jetole> halvors2: I don't even know what you're referring to. You just asked how to make it writable
<jetole> that command I gave you applies to any regular file and a lot of special files to
<jetole> *too
<ruben23>  jetole: release of unibotin-its version.?
<jetole> ruben23: actually I meant the OS release but I don't care anymore. I'm kinda busy. My suggestion to you would be to use a different tool then unetbootin
<draik> I'm trying to connect to my Ubuntu server (10.04) via 110 and I get the following error message
<draik> -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections.
<jetole> what pop3 server are you using?
<draik> So then I try to connect on 995, but get disconnected instantly
<draik> jetole: Dovecot
<jetole> /join #dovecot
<draik> Thank you.
<jetole> np
<ruben23> hi guys during installation of ubuntu 8.04 server i get this error------>http://pastebin.com/fTVhEhLT
<jetole> ruben23: why are you installing 8.04?
<ruben23> ubuntu 8.04 LTS..
<jetole> why?
<ruben23> its been a requirement for my application its tested and running for that version..
<jetole> I see
<halvors2> How set the configuration.php file writeable at all vurtual hosts under apache?
<jetole> halvors2: try #httpd
<Name141> Would I want Ubuntu server edition if I wanted to use my old 10GB pentium 2 for a file serving?
<Name141> or would the minCD be more compact?
<jo-erlend> ubuntu server fits well in that space.
<Name141> Will it install stuff I don't want too? like apache, etc?
<jo-erlend> no.
<jo-erlend> it uses tasksel to let you choose which services you want. If you don't choose any, then only the base system is installed.
<Name141> OK, I imagine the MinCD is going to download a lot of data since it has no packages ?
<jo-erlend> I don't know what MinCD is.
<Name141> https://help.ubuntu.com/community/Installation/MinimalCD
<jo-erlend> well, then it will download what you need.
<Name141> the server edition is too big for me to download now too, 672MBs
<_Techie_> jo-erlend, its a cd with just the installer
<jo-erlend> oh, ok. Then that sounds like a good choice.
<Name141> My daily bandwidth cap is 425MBs, which my meter is showing 382MBs left
<Name141> I hope the min install wont download much
<Name141> or it'll have to wait
<jo-erlend> Name141, if you're only going to use it for nfs, then you'll save quite a bit of bandwidth by using the minimal cd.
<Name141> OK.
<Name141> I have unlimited bandwidth between 1-6 AM
<Name141> but sometimes I'm asleep
<_Techie_> Name141, then thats when id install it just incase
<Name141> _Techie_: my ISP allows me one "FAP" reset
<Name141> per month
<Name141> after that it's an extra $13.50
<Name141> or wait 24 hours
<_Techie_> errrm, im sorryy... fap reset?
<Name141> Yeah Fair Access Policy
<_Techie_> i see
<_Techie_> because fap, means something different
<Name141> AKA: how they rape you when you can't get nothing but sat access in the country
<_Techie_> anyway sounds good
<_Techie_> i would still wait till 1- 6 am to install it though
<_Techie_> or atleast not do it same day
<_Techie_> and ive gotta shut down my pc now to remove a graphics card im selling
<_Techie_> fun fun
<Name141> is it something like a 5670 or 9800 GT?
<_Techie_> 8600GT
<Name141> or 4770 with GDDR5
<Name141> oh
<Name141> my 4670 probably out does it
<_Techie_> unfortunately my 5770 turbos are mine
<_Techie_> and i wont be selling those for quite awhile
<Name141> I thought about waiting for the 6000 series to release and getting a 4770 for cheap
<jetole> Name141: why do you have a daily bandwidth cap?
<Name141> since I'm in XP anyway and on DX9
<Name141> jetole: Hugeshnet
<jetole> and they give you a daily bandwidth cap?
<Name141> Yes
<_Techie_> anyway, bbs... now wheres that damn screwdriver
<Name141> Wildblue gives you a monthly cap
<jetole> thats pretty fucked up
<Name141> with no unlimited hours
<Name141> so I said 'uh ok bye" and hung up on them
<_Techie_> RudyValencia, what are you doing in here?
<jetole> afaik I don't have a monthly cap but either way, I can download tons of ISO in a day
<Name141> yeah I should move closer to the city (2 miles)
<jetole> Name141: I'd get the whole ubuntu server CD. split it in two since it's available via ftp
<guntbert> !ot
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<Name141> I could get DSL and cable
<jetole> get cable
 * jetole hates DSL
<Name141> they wont run out this far
<_Techie_> guntbert, dont be a killjoy
<RudyValencia> _Techie_: My server runs Ubuntu
<Name141> but yet suddenlink says they are 'expanding coverage all the time'
<jetole> all of the servers I run except for one centos all run ubuntu
<jetole> 20 something
<guntbert> _Techie_: why don't you take it to #ubuntu-offtopic ?
<_Techie_> guntbert, its not harming the channel
<Name141> jetole: I'll schedual the server ISO for 1AM
<guntbert> _Techie_: it is off topic and it might hide a genuine support request
<_Techie_> also its a conversation between a select group of users that belong to this channel, not the spammy mess of #ubuntu-offtopic
<_Techie_> guntbert, if a support requiest comes along, we will see it
<Name141> jetole: but I'll go ahead and try the minCD to see how much it'll download now
<jetole> Name141: I'm pretty sure it will download more then the stock ISO
<Name141> jetole: just for openssh-server and samba ?
<jetole> Name141: well it install the whole server afaik and even with the stock it spends a while downloading updates on the install when it's net connected on a 100mbps line in the data center we use
<jetole> thank god I use a apt cache/proxy since I do net installs via preseed+pxe
<Name141> so the best bet would be to wait on the server ISO to download later tonight ?
<jetole> yeah
<jetole> Name141: you have dial up?
<Name141> well it looks like I'll have to wait anyway
<Name141> the minISO didn't even boot
<Name141> took me straight to the desktop
<Name141> aint that a waste of a CD-R
<jetole> should have but the minISO, afaik, is just the bare minimum to boot the system
<_Techie_> !unetbootin | Name141
<ubottu> Name141: For information about installing Ubuntu from USB flash drives, see https://help.ubuntu.com/community/Installation/FromUSBStick - For a persistent live USB install, see: https://wiki.ubuntu.com/LiveUsbPendrivePersistent
<Name141> USB1.1 install ?
<_Techie_> yeah
<Name141> :-|
<Name141> monkey crazy.
<jetole> yeah you can install via USB
<_Techie_> if your motherboard supportws bootign from USB
<Name141> I doubt it supports anything
<jetole> I've done it a dozen+ times before
<Name141> I have to force ACPI
<_Techie_> i do it all the time, i hardly ever have blank discs around
<Name141> since it's before 2000
<jetole> ouch
<_Techie_> okay, maybe thats a bit to excessive for your machine then
<jetole> I'm reading a tripwire how to on Linux Journal that is really weird
<jetole> the way the guy keeps spelling stuff, I don't know what country he is from
<jetole> After everythin' has been placed in th' proper directories, either from a binary package or compilin' th' sources, th' first action t' take as root is t' generate two robustâthat is, hard t' guessâpassphrases
<jetole> wtf
<_Techie_> makes sesnse to me
<jetole> what dialect is that?
<_Techie_> no clue
<jetole> Irish?
<_Techie_> but i can read it perfectly fine
<jetole> I can understand I don't think I have ever seen any english written like that
<jetole> *I can understand it bur I don't
<jetole> *but
<_Techie_> jetole, my brain automaticaly corrects typo's as i read so things make sense
<jetole> well I had a couple but what I quoted from that article isn't a typo
<jetole> it's a dialect
<_Techie_> yes, but the same brain function operates
 * jetole nos
<jetole> *nods
<jetole> ah I can't type worth a crap when I'm hung over
<Name141> Anyway, looks like the server-iso is gonna have to be the option
<Name141> I don't see nothing with the min cd in
<_Techie_> i cant type for crap either, my fingers move faster than my brain
<Name141> that even says 'press here to boot'
<Name141> or anything at all
<jetole> Name141: do you know how to burn an ISO?
<Name141> jetole: I burnt it like the rest
<jetole> Name141: also, is your computer set to boot off one
<Name141> with Ashampoo
<Name141> jetole: it always had before
<jetole> I don't know what ashampoo is but ISO are not like writing normal files to disk and if the minimal CD didn't boot then I don't know why the stock ISO will be any different
<_Techie_> Name141, may i suggest using imgburn, it works well and is almost impossible to stuff up
<_Techie_> also its free
<Name141> _Techie_ jetole: I just got rid of Nero cause I could get Ashampoo 2010 for free and legal.
<Name141> I don't see why I'd start dancing around ISO/music/DVD burning programs ;/
<_Techie_> Name141, im not suggesting it because i want it to be your mainstream burning program
<jetole> Name141: I didn't suggest you do. I just said make sure you burn it properly
<_Techie_> im suggestign it because i know it works, and its almost impossible to screw up and select a wrong option
<Name141> all the files are burnt properly, I put it in this machine and can see them with explorer
<Name141> rather than an ISO file
<jetole> Name141: then look into why it didn't boot otherwise you will likely have the same issue with the stock ISO too
<Name141> jetole: Let me toss in the desktop edition CD
<Name141> to see
<_Techie_> anyway, im heading off very soon
<_Techie_> i would give it a go with imgburn just incase it was a problem with the way ashampoo burnt the iso, one disc is cheaper than the bandwidth for the server CD
<Name141> gah
<Name141> The desktop edition isn't coming up now .
<Name141> Maybe the boot order got changed or CD-RW went out
<_Techie_> check your boot options in the bios
<_Techie_> CD then HDD
<Name141> yeah it looks to be correct..
<Name141> ATAPI CD-ROM Drive
<Name141> removable devices
<Name141> hard drive
<_Techie_> cya everyone
<Name141> is the order
<jetole> and they are all enabled
<jetole> ?
<Name141> yes
<jetole> then perhaps your CD drive is fubar
<Name141> maybe the $20 CD-RW I paid for 8 years ago went boom
<Name141> I guess I can check in ubuntu
<Name141> odd, I'm not setting nothing but 'file system' and 'floppy' under Computer
<Name141> well it shows up now after I ejected and put the CD back in
<Name141> and now the desktop CD is booting properly
<Name141> .. odd
<Name141> I'll try the min CD again
<Name141> yeah now it boots
<Name141> that's an odd one
<Name141> jetole: of course I'm thinking about just shooting the machine or taking it in for scrap parts.. since the case weights about 4x what mine does
<Name141> I bet I can get about $15 out of it
<Name141> jo-erlend: the min ISO seems to  come with the base system?  It hasn't downloaded anything yet.
<Name141> the base system install is at 55%
<uvirtbot> New bug: #643041 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/643041
<draik> How do you set the date, time, and timezone via CLI?
<draik> disregard
<RoyK> when using upstart, how can I list the started/stopped services?
<lifeless> service status
<lifeless> I think
<RoyK> --status-all
<RoyK> thanks
<hggdh> initctl list
<vibedigital> hi i have magento(content managing system like joomla) running on local web server i can access it from inside my network but when i try access ofrm other computer the page dont load why could be?
<vibedigital> i'm using apache on ubuntu server 10
<vibedigital> .04
<uvirtbot> New bug: #643092 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.7 failed to install/upgrade: subproces installed post-installation script gaf een foutwaarde 1 terug" [Undecided,New] https://launchpad.net/bugs/643092
<uvirtbot> New bug: #643100 in dhcp3 (main) "Recent update broke dhcp" [Undecided,New] https://launchpad.net/bugs/643100
#ubuntu-server 2011-09-12
<spill> looking for a way to daily email log files to a external email from maverick server, any ideas?
<twb`> logcheck
<spill> twb, do i need a email server configure for that to work?
<twb`> If your server cannot send email, it is broken
<twb`> It is critical that any Unix server be able to send email, because this is how services like cron, atd, smartmontools, mdadm send panic emails about the system dying.
<twb`> Note that this doesn't mean you have to be able to *receive* emails as well.
<spill> twb, well, its a default install of maverick with postfix installed but I've never sent mail from it, is why I ask.
<jmarsden> spill: sudo dpkg-reconfigure postfix      # will configure it, in that case :)
<spill> jmarsden, k thanks ;)
<twb`> postfix isn't installed by default unless you configure RAID
<twb`> (Which IMO is a bit of a silly distinction -- it happens because mdadm Recommends: m-t-a)
<twb`> FWIW I use msmtp on my satellites, rather than configuring a full-on MTA on each of them
<twb`> And then have msmtp set to syslog to the central loghost
<dravekx> anyone familiar with scponly?
<dravekx> Im trying to figure out how to add a user to that.
<twb`> http://paste.debian.net/129510/ <-- the Right Thing, AFAIK
<dravekx> twb` yeah. i got that but they can still login to shell.
<twb`> And "Subsystem sftp internal-sftp" of course
<twb`> dravekx: then you did it wrong
<dravekx> :S
<twb`> If ForceCommand is working, they can't get to /bin/sh or anything
<dravekx> ok. let me recheck
<twb`> Pastebin your whole sshd_config
<dravekx> http://pastebin.com/fJ9ucpZN
<twb`> dravekx: is the user in question in the sftponly group?
<dravekx> checking
<dravekx> ah no.
<dravekx> let me try their login now.
<twb`> Also you need >= 5.1 or so
<dravekx> ahh ok. I forgot to add them.
<dravekx> works now. :)
<dravekx> thanks.
<twb`> Before that sftp-internal didn't exist- ok, good
<dravekx> twb` any idea on how I can use a script for adding users for web hosting? I have userdir setup with public_html in home directories, but I want to automate a batch file to add new people.
<twb`> for i in alice bob trent mallory; do adduser $i; addgroup $i sftponly; done
<twb`> You should probably make their chroot into /home/%u/public_html in that use case, so they can't create e.g. .forward files
<dravekx> k
<greppy> you could also look at using mysql for user auth, libnss-mysql
<twb`> Except then you'd be using mysql, and mysql is crap
<twb`> If you really want to do it properly, go study kerberized LDAP, but don't expect to get it working in an afternoon.
<Myrtti> ooo novel
 * Myrtti makes a note
<twb`> FWIW I use unkerberized LDAP + slapo-ppolicy + exop + TLS-only, with an autonomous X.509 hierarchy, and no root binddn whatsoever.  It means NFS is wide open, but it works well enough for my homogeneous lucid environment.
<greppy> *shrug* there may be "better" options, but mysql can work :)
<twb`> greppy: so can flat files.
<greppy> twb`: true, but if you want to manage users with scripts/web apps, mysql can make it easier.
<twb`> It should also be noted that anyone logging in via SSH keys will bypass PAM entirely.
<twb`> greppy: if you are managing users from a web UI you are already screwed.
<greppy> it works for me, and for them.
<twb`> There are people out there who think that *webmin* works for them
<greppy> true.
<greppy> I use froxlor to manage web/mail hosting customers, everything else is managed over ssh.
<dravekx> hmmm.
<dravekx> man. I understand what needs to written for the bash script, but I have no idea how to format it. lol :S
<ersi> dravekx: start with something and then worry about the iterations/layout :P
<ersi> and remember to test and debug it as you go
<dravekx> k
<jamespage> morning all
<dravekx> where do I save a bash script if I want to run it anywhere on the server? /etc/init.d/ ?
<remix_tj> dravekx: /usr/local/bin/ ?
<dravekx> k
<dravekx> bin or sbin?
<Daviey> How is everyone this fine Monday morning?
<dravekx> head scratching
<Daviey> dravekx: As dravekx said, /usr/local/bin/ for system wide, or ~/bin/ for just your user.
<dravekx> Daviey I know. Im trying to make this work: http://pastebin.com/DDejSKdH
<dravekx> I want to put addwebuser user1 user2 user3 and it run the command for all 3 users. :S
<lynxman> Daviey: good morning to you sir o/
<jamespage> dravekx: hmmm - so whats not working for you ATM
<remix_tj> dravekx: if i said bin is bin
<dravekx> jamespage i want to type addwebuser user1 user2 user3 and it run the command for all 3 users.
<dravekx> almost works
<jamespage> dravekx: OK so I can see what you want todo - but what is not actually working for you ATM - the script? or locating it so you can just type addwebuser xx xx xx?
<Daviey> ~mornign lynxman
<dravekx> I keep getting an error on line 3.
<dravekx> ./usr/local/bin/addwebuser: line 3: parbarman: command not found
<dravekx> parbarman = user
<eagles0513875> hey guys i have a dovecot-imapd server + postfix MTA
<gac> you don't need "do $u"
<jamespage> dravekx: OK - you need to remove the $u from that line - the script is trying to execute $u
<Daviey> dravekx: google for bash for loop. :)
<dravekx> k
<eagles0513875> how can i adjust the size of attachments that are acceptable by my server
<dravekx> jamespage echo doesnt run teh commands though, does it? it just prints them on screen?
<dravekx> the*
<gac> it's the "do $u" that's confusing it though
<jamespage> dravekx: yes - so remove echo to make it run them
<gac> the echos will work, but you're crashing out before getting to the loop
<dravekx> cool
<jamespage> gac: aye - thats whats causing the error
<dravekx> k test run #5 :)
<dravekx> instead of adding sudo to each line, can I remove that too and say sudo addwebuser user1 user2?
<dravekx> hmm group add didnt work :S
<dravekx> cool. everything else did :) woot!
<dravekx> usermod
<rohlik> Hello, I would like to ask, if it is possible to run a virtual machine with GUI (preferably natty desktop) on a non GUI server. This virtual machine should be accessible from network, to allow users to work on it and use the server memory. Can you please point me to what I should read? Is KVM the thing I need?
<greppy> You should be able to do that with VirtualBox
<hgb^harry> rohlik: vmware server would be a very easy solution to start with... (probably not the best regarding performance)
<dravekx> i keep adding a user to a group with usermod -g group user, but it's not showing the user as a part of the group when I edit /etc/group. any idea why?
<maxb> sounds like you have some confusion between primary and supplementary groups
<ersi> rohlik: Yes, it's totally possible.
<greppy> use -G for supplemental groups.
<dravekx> ah
<greppy> you can also do that with adduser, to avoid having to run multiple commands.
<dravekx> that was it. i was getting there. :)
<dravekx> greppy looking into that also. :)
<dravekx> so for adduser, i would just add -G group to the end of it?
<rohlik> thank you guys )
<rohlik> :)
<rudra> i want to create a web based mail server can some one help me out please?
<rudra> i'm seriously struck with this help needed in this
<ersi> rudra: Do you have the mail server setup already? In that case, I suggest looking at Roundcube
<rudra> hey <ersi> i dont have it i want it from scratch
<rudra> <ersi>i dont have it i want it from scratch
<ersi> rudra: I suggest starting here: https://help.ubuntu.com/10.04/serverguide/C/email-services.html
<rickb|> Hello, I have a 11.04 x86 machine hooked into my hd tv via vga.. i can't see anything that is on the left. the dell bios screen comes up fine, setup comes up fine centered, no missing areas. What's going on?? :(
<ersi> Please do note that I chose the ubuntu 10.04 version, adjust that to the version you're running (10.10, 10.04 etc)
<ersi> 11.04*
<Daviey> jamespage: I'm right in saying sudo dmidecode -s system-product-name doesn't work on arm?
<jamespage> Daviey: Confirmed - sudo: dmidecode: command not found
<ServerTech> Help : Okay so I installed Ubuntu 11.04 Server Edition without setting up DHCP, and now after i have plugged in my internet to the server, it does not find it. What should i do?
<zul> adam_g: ping when you are around
<hallyn> Daviey: ok, so re bug 828782 - do you have a roadmap in mind?  For this release, are you thinking only spice itself?  or spice-gtk too?  And if spice-gtk too, then how about the kvm-spice?
<uvirtbot> Launchpad bug 828782 in Ubuntu Oneiric "[FFE] Please sync spice 0.8.2-2 (universe) from debian unstable (main)" [Wishlist,In progress] https://launchpad.net/bugs/828782
<hallyn> (I'm sorry, I'm a bit confused about where we left it last time, and whether there is evan an Acked kvm-spice package ffe)
<hallyn> I guess there's no way we can FFE kvm-spice for o
<hallyn> (and we can't enable it in qemu-kvm as spice is heading for universe, so PPA it will have to be)
<Daviey> hallyn: So i've put in the spice sync..
<Daviey> I wanted to talk to you about spice-gtk..
<Daviey> As in, whilst it it is universe - i still think we (you?) should look after it for the life of Oneiric.
<Daviey> If that is OK.. then lets do it.
<Daviey> hallyn: I don't know anything about kvm-spice
<Daviey> If it is a totally different source package, then sounds safe?
<hallyn> Daviey: yes, i don't see how i'd have any choice but to look after it for the life of O anyway :)
<hallyn> Daviey: kvm-spice is same source, but different packaging, as qemu-kvm,
<hallyn> Daviey: it compiles with --enable-spice, calls the result qemu-kvm-spice, so it doesn't conflict with qemu-kvm
<Daviey> Yeah, i mean for distro view. Is it a seperate source package or built from qemu-kvm?
<hallyn> i had it as a separate source package (https://launchpad.net/~serge-hallyn/+archive/spice2/+files/qemu-kvm-spice_0.14.0%2Bnoroms-0ubuntu8.dsc)
<hallyn> should be possible to do it in qemu-kvm package itself
<hallyn> just needs to rebuild qemu-kvm with --enable-spice, and rename the result
<hallyn> Daviey: if i proceed with a new binary package in the qemu-kvm source package, is that more likely to be FFE'd?  o ris it too late anyway for this cycle you figure?
<hallyn> i always forget - it's the binary packages, not source packages, that are designated to main/universe right?
<Daviey> hallyn: both..
<Daviey> A main binary package should be built from main binary, and binary in main should be built from main source.. but not all binaries need to be in main
<Daviey> So, kvm-spice could be in universe from a main source package, for example.
<Daviey> hallyn: if the impact on the rest of the package is minimal, a FFe is still viable.
<sjefen6> Hi I am trying to install http://releases.ubuntu.com/11.10/ on my Dell Optiplex GX260 and the install stops after dhcpv6 have run during regular install. Is there a bug or something?
<hallyn> Daviey: great!
<sjefen6> I ment http://ftp.uninett.no/linux/ubuntu-iso/oneiric/ubuntu-11.10-beta1-server-i386.iso
<hallyn> Daviey: when do you think the spice package might go to archive?
<hallyn> (as that affects the qemu-kvm-spice package of course)
<Daviey> hallyn: blocked on an AA accpeting it.
<hallyn> Daviey: ok in any case i'll try to get a proposal ready for the binary package by EOD
<Daviey> Might get done today, or whenever.
<Daviey> I gave it a FFe ack.
<hallyn> saw that, thanks!
<Daviey> super
<zul> Daviey: just in the process of uploading swift 1.4.3 final
<Daviey> zul: eeeeeek
<hallyn> Daviey: say i wonder if bug 819486 is fixed
<uvirtbot> Launchpad bug 819486 in qemu-kvm "cannot boot from network - roms missing" [Medium,New] https://launchpad.net/bugs/819486
<Daviey> hallyn: that is surely a dupe of the one you fixed a while ago?
<hallyn> i think so
<Daviey> hallyn: send a ping on the bug for it to be checked.
<hallyn> Daviey: but, no,
<hallyn> Daviey: we haven't yet made it suggest/recommend/depend ipxe
<hallyn> as i recall soren was complaining that the purpose of kvm-pxe was to pull the simpler ones out of etherboot
<hallyn> but, since ipxe is now in main, that's moot
<hallyn> (a potential cause for huge pain, but moot :)
<Daviey> hallyn: Really, it should be a recommend.. but not everyone with kvm really needs this - i'd make it a Suggest
<Daviey> which doesn't really mean anything tbh
<hallyn> Daviey: but that was the whole basis of this bug,
<hallyn> 'suggests' wasn't enough for the guy
<Daviey> I wonder how many people that use kvm need network booting?
<hallyn> no idea.
<hallyn> but can you think of a good place to document it?
<Daviey> apt now exposes suggests as a comment, doesn't it?
<hallyn> yes, i see it when i install
<hallyn> so should we just call that bug wontfix for now?
<hallyn> Or maybe mention it in the package descrition?
<Daviey> Can you paste the comment you see?
<hallyn> 'network booting is supported with the extra ipxe package' ?
<Daviey> on the bug report, stating why you feel it's WONT FIX
<Daviey> hallyn: Yeah, adding it to the extended description of kvm wouldn't hurt
<Daviey> hallyn: for alice i did that, http://pb.daviey.com/EKZo/ (see last line)
<Daviey> it's marked as a Suggests, but i added it to the extended description aswell
<hallyn> Daviey: http://paste.ubuntu.com/687685/  (text when isntalling)
<Daviey> hallyn: Yeah, i would say adding it to the description would help.. If that bug gets more noise, we can reconsider.
<hallyn> ok.  i'll do that and cite it as fixing that bug
<hallyn> which then leaves us with only the capslock bug for qemu, meaning 0.15 is hard to justify :)
<hallyn> Daviey: so should i add ipxe to the suggests, or replace kvm-pxe?  (or neither)
<hallyn> i guess i'll replace
<Daviey> hallyn: kvm-pxe doesn't have a place anymore, does it?
<Daviey> genuine question.
<hallyn> what do you mean?
<hallyn> it's probably going away, but it's still in universe
<Daviey> hallyn: You added symlinks to ipxe to make kvm notice the roms, right?
<hallyn> yup
<hallyn> uh, but did you? :)
<Daviey> So i can't see what kvm-pxe offers anymore.
 * hallyn goes and check ipxe
<hallyn> yeah that change is there
<Daviey> talking of ipxe... lynxman, did you try that branch?
<lynxman> Daviey: on it
<Daviey> lynxman: Would like to upload that today, based on your feedback. :)
<hallyn> what changes?
<lynxman> Daviey: you'll have my feedback in ~1 hr tops
<lynxman> Daviey: was busy with cloudfoundry :)
<Daviey> lynxman: bah, excuses!
<lynxman> Daviey: but hey, they're very good excuses
<lynxman> Daviey: :)
<Daviey> lynxman: mediocre, at best.
<lynxman> rofl
<hallyn> Daviey: is changing the Suggests something that needs FFE?
<lynxman> Daviey: will try to make them better
<hallyn> Daviey: put another way:  http://paste.ubuntu.com/687695/   can i just dput that?
<Daviey> hallyn: nah.. Suggests don't mean anything.. If an admin has instal Suggests by default, they are doing it wrong.
<hallyn> ok
<Daviey> hallyn: ask it's a more techie audience, you could add - "which provides the boot roms"
<Daviey> s/ask/as/
<lynxman> frak, the daily build is badly broken today :/
<hallyn> Daviey: oh yeah, then there is bug 814222.  I think after some arguing my patch was accepted upstream, so i should be able to cherrypick that cleanly
<uvirtbot> Launchpad bug 814222 in qemu-kvm "kvm cannot use vhd files over 127GB" [Medium,Triaged] https://launchpad.net/bugs/814222
<smoser> hallyn, around ?
<hallyn> Daviey: ok will add 'which provides the boot roms'
<hallyn> smoser: yeah
<Daviey> lynxman: how so, i see powerwake breaks the cd.. but what else?
<lynxman> Daviey: tried to install a VM and installer couldn't proceed because "didn't find any suitable package for the kernel"
<lynxman> Daviey: I'm trying with yesterdays
<Daviey> lynxman: ah. might want to use the prior cd image
<Daviey> that will be a transient issue
<lynxman> Daviey: :)
<Daviey> super
<Daviey> RoAkSoAx: Around?
<Daviey> kees: Have you been able to look at nova MIR yet?
<Daviey> Ursinha: How did you get on with your apport investigation?
<soren> hallyn: I'd recommend building a package that holds only the ROM's relevant to kvm from the ipxe source package and recommend/suggest/whatever that from qemu-kvm.
<soren> hallyn: IIRC, the full ipxe package is rather heavyweight?
<RoAkSoAx> Daviey: yes
<RoAkSoAx> Daviey: what's up?
<Daviey> RoAkSoAx: scapy is still a depends of powernap?
<RoAkSoAx> Daviey: yes it is
<RoAkSoAx> Daviey: no no not depends
<RoAkSoAx> just Suggests
<Daviey> RoAkSoAx: are you sure?
<RoAkSoAx> Daviey: uhmm wtf! I know what happened
<RoAkSoAx> Daviey: I uploaded a new upstream bugfix release which didn't have that change
<Daviey> ahh
<Daviey> RoAkSoAx: you broke the daily ISO :)
<RoAkSoAx> Daviey: argh.. sorry :(
<RoAkSoAx> Daviey: fixed again
<TheEvilPhoenix> Daviey:  oh, so the ISOs are still brokenish?
<TheEvilPhoenix> ;P
<RoAkSoAx> Daviey: ok made sure the change is in trunk too
<GrueMaster> RoAkSoAx: Hey,sorry about not getting back to you about your preseed file.  Still running the install.  I got distracted Friday after starting it, and just noticed it was prompting me for task selection.  Will let it continue and see what I can see.
<RoAkSoAx> GrueMaster: Hey! No worries man! thanks though
<kees> Daviey: that's today (nova)
<Ursinha> Daviey, not really far, sorry :/.
<Ursinha> was working on prioritized report... you might like it
<adam_g> zul: pong
<zul> adam_g: hey can we switch to the  ubuntu archive version of nova/swift/glance in the ensemble formulas?
<adam_g> zul: yeah, its configurable in each formulas config.yaml
<zul> adam_g: cool can you make it default?
<adam_g> zul: it is
<zul> adam_g: cool thanks
<adam_g> check config.yaml in any of the formulas
<robbiew> Ursinha: can you approve my ubuntu defect analyst team membership?
<Ursinha> robbiew, sure
<Daviey> kees: rocking!
<Daviey> Ursinha: looking forward to it.
<Ursinha> robbiew, done
<robbiew> thx
<SpamapS> wow.. the rebuild fairies were busy this weekend.. 518 messages in oneiric-changes.. :-p
 * genii-around makes a note not to check his email from the phone today
<hallyn> soren: true, it is
<hallyn> soren: perhaps for P, I should make it a point to update kvm-pxe to use ipxe source, then point kvm back at kvm-pxe
<hallyn> but i don't expect that for o
<hallyn> don't expect to have time for that for o
 * zul lunches
<spill> having problems with "logrotate" not emailing logs when it rotates them, any sugestions?
<lynxman> Daviey: ipxe patch tested, it's golden :)
<koolhead17> hi all
<Daviey> lynxman: golden as in sweet as a nut?
<lynxman> Daviey: yeah, it works smoothly
<spill> having problems with "logrotate" not emailing logs when it rotates them, any sugestions?
<lynxman> spill: that means you have the problem twice?
<lynxman> spill: jokes aside, I'd check my mail logs and see why it's not emailing them if the config is correct
<spill> lynxman, ;) well, Im using postfix and it manually sends a test mail fine, just wasnt sure if that what logrotate was using to send the logs
<lynxman> spill: it should use the default MTA, which is postfix
<Daviey> spill: Do you have a root alias?
<Daviey> it's probably emailing them to root, and you don't have a root alias.
<spill> Daviey, how do I fix that?
<spill> Daviey, also I'm emailing to an external address, again postfix does this fine manually.
<lynxman> spill: edit /etc/aliases check if root has an alias, if not add one, then run newaliases
<spill> lynxman, roger that, I'll give it a shot. thanks for the tip.
<lynxman> spill: no worries ;)
<spill> lynxman, ok, I had an alias from root to my admin account and still nogo on the email.
<lynxman> spill: and did you check the mail logs? did something go through? :)
<lynxman> spill: can you pastebin your logrotate configuration somewhere?
<spill> lynxman, opps, let me take a look now ;)
<lynxman> spill: did you actually modify it to send an email?
<spill> lynxman, i'm using webmin to configure it.
<lynxman> eurgh
<cloakable> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<spill> ubottu, thats a bummer, well, I can configure it in a terminal. let me take a look and see whats its doing then, didnt realize webmin was an issue.
<ubottu> spill: I am only a bot, please don't think I'm intelligent :)
<spill> just replied to a bot ;) trying to be polite. geeeze.
<cloakable> xD
<uvirtbot> New bug: #848055 in amavisd-new (main) "amavisd-release not working when message contains empty X-Envelope-To-Blocked" [Undecided,New] https://launchpad.net/bugs/848055
<uvirtbot> New bug: #847744 in samba (main) "Panic or segfault in Samba" [Undecided,New] https://launchpad.net/bugs/847744
<GrueMaster> RoAkSoAx: Ok, I finished with your preseed installing on SD only.  It fails to create a fat partition for the bootloader, and also sets up an odd partition table.  247 heads, 63 Secctors.  Should be 255/63 with Cylinders matching ($Drive-Size/$heads/$sectors/512).
<GrueMaster> I think it is part of bug 806751.
<uvirtbot> Launchpad bug 806751 in debian-installer "Boot partition on SD is too small on omap/omap4" [Medium,New] https://launchpad.net/bugs/806751
<GrueMaster> Not sure.
<RoAkSoAx> GrueMaster: uhmm I see
<RoAkSoAx> yeah that might be right then
<GrueMaster> afaik, the recommended install path for netinstall is usb anyways, with SD only for bootloader.
<RoAkSoAx> GrueMaster: ok cool, that what I'll end up doing
<GrueMaster> My preseed is here:  http://paste.ubuntu.com/687793/
<GrueMaster> It works without fail.
<RoAkSoAx> GrueMaster: cool! thanks!!
<Blegh> Good evening, I'm afraid I'm here to be a support leech, could somebody please point me in a direction to send all mail except for a few local addresses to one of the local accounts?
<Blegh> I've been trying to figure it out for 6 hours -_-
<Blegh> Hmm, or even stop it from sending out towards the internet, oic, it's postfix btw
<jml> hi
<jml> I was wondering if someone could give me a hand trying to fix this bug: https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/845536
<uvirtbot> Launchpad bug 845536 in rabbitmq-server "rabbitmq user showed as being logged in" [Medium,Confirmed]
<Blegh> Nevermind, got it sorted.
<methods1> does ubuntu server use upstart too ?
<spill> exit
<ersi> methods1: Yes.
<RoyK> methods1: the difference between ubuntu desktop and server is mostly the set of packages installed
<RoyK> methods1: only exception I can think of, is the kernel
<SpamapS> RoyK: is there kernel even different anymore? I don't think it is.
 * SpamapS tends to try really hard to ignore the kernel
<dravekx> Hi.
<hallyn> Daviey: http://people.canonical.com/~serge/qemu-spice-sep12.2011.debdiff
<hallyn> seems to be working here.
<dravekx> why would you do this? usermod -d / user
<dravekx> or better question.. why would you do that if you want to jail your users to /home/user ?
 * hallyn bbl
<ruben23> hi guys i have installed apache2 on my ubuntu server now, i wanted to enable web server on port 8080= i already set the apache2 to listen to port 8080 but still i get this error ---->http://pastebin.com/kq9V7jMM---------------.
<ruben23> http://i53.tinypic.com/el8nrm.jpg
<ruben23> see tath ^^
<dforthman> did you restart the webserver after changing the port?
<Jeeves_> ruben23: You need to fix your vhost definition
<hallyn> Daviey: and hey - that version of kvm with spicec client is looking very nice
<hallyn> Daviey: debdif attached to the FFE bug.  i'm out for awhile
<Daviey> hallyn: cool, will look tommorrow
<Daviey> adam_g: What orchestra bugs were you blocked on?
<sms_> rtorrent won't keep downloading after I detach the screen session, and logout
<sms_> The logout part stops it
<cloakable> hmmm
<cloakable> local session or ssh?
<sms_> either way
<cloakable> Because stuff I run in screen keeps running
<sms_> Yeah the process is running after I log back in, but the downloads have halted
<sms_> rrrr.. I don't get it
<sms_> Oh
<sms_> I also can't ftp into it after I logout
<sms_> "File chunk write error no such file or directory" rtorrent says on one of the torrents after I restart it
<GrueMaster> BTW, not sure if anyone noticed, but we now have ubuntu-core images available for x86 & amd64.  For more info, see https://wiki.ubuntu.com/Core.  Much easier than createing from debootstrap. (not a replacement).
#ubuntu-server 2011-09-13
<alaska13> I'm having trouble with setting up a l2tp/ipsec-psk server on 11.04, client connections seem to fail in phase 2 of ipsec connection.  Any suggestions?
<samtheman> hi guys\
<samtheman> just need some ideas please
<samtheman> i wanted to add more ubuntu servers to my network
<samtheman> i have monitoring and all that
<its> hello
<its> whats a good app for remote connections?
<samtheman> any production servers you can suggest??
<samtheman> rdesktop is a good and simple one
<its> i have x11vnc installed right now...
<samtheman> use it to remote to windows clients
<samtheman> rdp client
<its> what about mac?
<samtheman> mmmm
<samtheman> not sure about that one
<SpamapS> samtheman: you mean what hardware do we recommend?
<samtheman> never realy tried
<samtheman> no
<samtheman> like apps
<samtheman> mmmm
<SpamapS> its: what do you mean "remote connections" ?
<its> like, screen sharing
<samtheman> like i have nagios cacti
<its> I want to be able to rack mount my server
<its> and then remote into it using another machine
<SpamapS> its: ssh is all you need. :)
<samtheman> yeah ssh
<its> yeah ssh
<SpamapS> samtheman: ahh, well I think servers should probably use all that electricy they have going through them to solve problems .. what problems do you need to solve?
<samtheman> i dont have any atm
<samtheman> just trying to implement more ubuntu in the networ
<samtheman> i was think instant messaging
<its> more ubuntu? Thats odd.
<samtheman> i dont like windows
<samtheman> im working on network load balancing
<samtheman> but that project is not due for ages
<its> well i think linux is really good
<samtheman> haproxy for that one ---- thats good one rite??
<its> im super new to ubunter server edition
<SpamapS> samtheman: again, thats like saying do you guys know where any nails are that I can hit with my hammer? .. more appropriate to find reasons to use nails. :)
<samtheman> do you know how i can install webgui cms
<samtheman> i thought that could be better than my knowldgetree document sharing
<SpamapS> If you want a CMS, Drupal is the current powerhouse there
<samtheman> it does intranet, document sharing stuff like that??
<SpamapS> Its a CMS, so it... manages.. content. :)
<patdk-lap> I always perfer the ones that self-manages :)
<adam_g> RoAkSoAx: are you still around?
<twb`> Will someone tell me why this watershed crap is still trying to run a vgchange -ay *12 hours* after a reboot?
<twb`> http://paste.debian.net/129693/
<SpamapS> twb`: thats run by /lib/udev/rules.d/85-lvm2.rules on my oneiric system..
<twb`> Yeah
<SpamapS> twb`: is it possible you have an intentionally not-activated pv somewhere?
<twb`> I was going to blame that for locking my lvm layer, but apparently it's not his fault
<twb`> root     20379  0.0  0.0  32208 15844 ?        D<Ls 08:18   0:00 lvcreate --quiet --snapshot --size 64G --name understudy /dev/omega/collectd
<SpamapS> I don't recall exactly what sets ID_FS_TYPE .. but if its from the partition table.. maybe you have one thats marked inactive and has no defined vg
<twb`> ^^ still stuck in D state
<uvirtbot> twb`: Error: "^" is not a valid command.
<twb`> Stupid bot.
<samtheman> sorry what are we talking about??
<samtheman> watershed???
<twb`> OK, the actual problem is that "lvs" and all other LVM commands act like this: http://paste.debian.net/129695/
<twb`> This issue arose after deploying a backup solution that works by taking an LVM snapshot of each LV in turn, fscking the snapshot, mounting it, rsync the data off, then unmounting and lvremoving it.
<SpamapS> twb`: I've used that scheme before and its pretty effective usually (as long as your daemons stop writing while you snapshot)
<SpamapS> or all write atomically
<twb`> I think the problem is collectd REALLY likes writing
<SpamapS> twb`: so the lvcreate for thes napshot just sits there forever in disk wait?
<twb`> And I didn't realize lvsnapshot needs the system to be quiescent
<twb`> Yeah
<SpamapS> yes thats true
<twb`> 10:54 <twb> Evidence: http://paste.debian.net/129696/
<twb`> On other systems I was calling "sync & sync & wait" before each lvcreate --snapshot IIRC
<SpamapS> I've always found the handwaving people do about collectd's every-5-seconds-write-like-its-1999 behavior to be unconvincing :)
<SpamapS> Its not that it has to be totally quiescent
<twb`> SpamapS: do you use collectd yourself, and if so do you know how to make it be less write-happy?
<twb`> SpamapS: I'm thinking either crank up the buffering options and/or deploy rrcached or whatever it's called
<SpamapS> twb`: I've only evaluated it. I found the writing too intense for most light weight servers.
<twb`> Yeah, I'm getting completely reamed here by its default config and about 20 servers sending it stats over UDP
<SpamapS> the rrd caching daemon is a must
<twb`> OK, I will make that a priority
<twb`> (afk few minutes, talking to $boss)
<SpamapS> twb`: I'd be curious to hear if your snapshots complete and how full they are right after they do complete. It shouldn't be as painful as you're describing, even with a tiny write every 5 seconds.
<twb`> Let me show you an iostat
<twb`> Hmm, that's actually not too bad
<twb`> http://paste.debian.net/129697/
<twb`> dm23 is /var/lib/collectd
<twb`> I have seen that up around 6000 when everything else was more like 128.
<uvirtbot> New bug: #828719 in glance "glance/common/config.py find_config_file() loads config files from "."" [Low,Fix committed] https://launchpad.net/bugs/828719
<twb`> SpamapS: OK explain this to me, I tried "lxc-freeze --name hugin" (the collectd container), and I also tried kill -STOP all the procs in that container, and the I/O write load is unchanged on that LV
<twb`> OK what the shit, even after I stop the entire container and all its procs are gone, the I/O write load is still high
<twb`> OK, *now* it's finally gone down
<lifeless> dirty pages being flushed ?
<twb`> The lvcreate --snapshot that was hung in D state is also gone, BUT I ran "lvs" and that's not in uninterruptable D state
<RoAkSoAx> adam_g: im here
<RoAkSoAx> what's up
<twb`> I also noticed that I'm getting write amplification at the md layer (compare md1 with its underlying sda/b/c)
<twb`> lucid's parted and kernel don't support --alignment optimal, but Debian Sid's does -- I'm wondering if I should have a flag day, turn everything off, and reprovision everything on top of partitions created from a sid live environment
<samtheman> hi guys
<samtheman> quick one
<samtheman> theres a user here who is going to pay 5k for an app that changes pdf to flipbook
<samtheman> is there a linux free app thats does the same??
<twb`> samtheman: define "flipbook"
<samtheman> so it looks like a book
<samtheman> runs on flash i think\]
<samtheman> u can turn pages
<samtheman> anyone got any ideas please:)
<Martyn> "Fried Oreo Sandwiches"
<Martyn> There's a doozy of an idea for oyu
<samtheman> thanx
<Martyn> Also, here's a recycled one -- fried peanut butter, honey, and banana sandwiches
<Martyn> "The Elvis"
<Martyn> I think I'll convince the people at the Royal Caribe to make them this time :)
<twb`> samtheman: sorry, I don't do flash.
<T3CHKOMMIE> hey everyone, im trying to modify my grub menu. i made the changes i believe i needed. but the grub menu is not changing. any ideas?
<T3CHKOMMIE> :(
<ascheel> Can someone tell me why r8169 is still loading even though I've blacklisted it?  http://pastebin.com/5VRVwzci
<stgraber> ascheel: try running "sudo update-initramfs -u" and then reboot
<crass> hallyn: did you ever make a patch for https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/691590 ?
<uvirtbot> Launchpad bug 691590 in libvirt "libvirt should not take ownership of ISO images" [Low,Triaged]
<crass> hallyn: I see now that you made the patch, but did it ever get accepted upstream?
<twb`> WTF?
<twb`> "This filesystem will be automatically checked every 0 mounts or 0 days, whichever comes first.  Use tune2fs -c or -i to override."
<twb`> Gee, thanks, mke2fs.
<twb`> This is why we can't have nice things
<jmarsden> twb`: That just means someone set the fs to not do mount checks.  setting to 0 or -1 disables them, IIRC.
<twb`> I just made it
<twb`> "mke2fs /dev/sdc"
<twb`> I mean: I didn't ask it not to
<jmarsden> Hmm... OK.  Did you accidentally ask it not to, in   /etc/mke2fs.conf ??
<linocisco> hi
<twb`> Don't think so
<twb`> Hmm 	enable_periodic_fsck = 0
<twb`> No idea how that got there tho
<linocisco> After one unpropershutdown and reboot, I lost my ssh with putty to my ubuntu 10.04 LTS server. what would be the most likely problem ? If I use on server, it is fine. From terminal with ssh client is not fine
<linocisco> ssh localhost is fine
<twb`> etckeeper says it changed Sat Jul 23 01:47:19 EST 2011  twb
<twb`> During the upgrade -e2fsprogs 1.41.12-4 +e2fsprogs 1.42~WIP-2011-07-02-1
<jmarsden> twb`: Aha, I was (sort of) right.  So, a package upgrade changed the mke2fs defaults to doing no checks!  That's... bad.  Although the ~WIP... numbering scheme suggests it may not have been exactly the most refined/tested/stable version of e2fsprogs ever :)
<twb`> Maybe I got it out of experimental or something -- this is a debian sid/experimental host btw
<twb`> nope, that's sid
<jmarsden> Ah, OK, that would make more sense... I was wondering what version of Ubuntu would use that, since oneiric is still only at 1.41.14-1ubuntu3
<twb`> Sory about that
<jmarsden> linocisco: Is the server at a static IP address?  If it uses DHCP, maybe the reboot gave it a new and different IP address?
<linocisco> jmarsden: sure
<linocisco> jmarsden: it is with static
<linocisco> jmarsden: IP
<jmarsden> linocisco: OK.  So, from the server console can you ssh to its network IP (not localhost) OK?
<twb`> http://bugs.debian.org/632637
<linocisco> jmarsden: yes. it is I can ssh to it's network ip if I ssh on server desk
<linocisco> jmarsden: the thing is it can't be ssh from other machine
<jmarsden> linocisco: OK, so do you have any firewalling or packet filtering on the server?  ufw, perhaps?
<jmarsden> linocisco: You can do     sudo ufw status     to check if it is turned on, and    sudo ufw disable   to turn if off if you need to.
<koolhead17> hi all
<linocisco> jmarsden: status = inactive
<linocisco> jmarsden: what do I do ?
<twb`> Oh lame
<twb`> debootstrap --limit-priority avoids downloading optional/extra packages, but it still LISTS them in its Packages file
<jmarsden> linocisco: That means ufw is not the issue.
<jmarsden> linocisco: Basically you need to troubleshoot this as a networking issue.  Can you ping from workstation to server, and from server to workstation?
<linocisco> jmarsden: yes. it is fine vice versa
<jmarsden> OK.  From the workstation if you    telnet 1.2.3.4 22     (where 1.2.3.4 is the IP of the server), what happens?
<linocisco> jmarsden: not ok
<jmarsden> linocisco: Be specific!  What error message do you see?
<linocisco> jmarsden: I did telnet 1.2.3.4 22 from my windows XP.  no error message found. just cursor blinking and after one more keystroke. back to command prompt. I didn't see any telnet prompt or login prompt
<linocisco> jmarsden: i have rebooted server 3 times.
<jmarsden> linocisco: I need to go away from the computer soon... Windows telnet should (I think) either show you a connect message and the SSH version number in the banner, or it should (after a minute or so) give yu an error message.  So I am not sure what the issue is.
<linocisco> ok
<jmarsden> linocisco: wait... you did change the 1.2.3.4 into the real local IP of your server, right?
<linocisco> jmarsden: what do you mean ?
<jmarsden> Instead of 1.2.3.4 use the actual local IP address of your server.
<linocisco> jmarsden:  on server, I tried both ssh localhost and ssh server-ip . not ok.
<linocisco> jmarsden: then again from client XP, i tried telnet server IP 22 . not ok
<linocisco> jmarsden: i didn't change server 's IP
<jmarsden> OK.  I don't know what the issue is.  I need to go; hopefully someone else can help you some more.
<linocisco> jmarsden: thanks anway
<jmarsden> linocisco: You're welcome.
<uvirtbot> New bug: #848643 in nova (universe) "eucatools not working" [Undecided,New] https://launchpad.net/bugs/848643
<linocisco> fter one unpropershutdown and reboot, I lost my ssh with putty to my ubuntu 10.04 LTS server. what would be the most likely problem ? If I use on server, it is fine. From terminal with ssh client is not fine [11:25] <linocisco> ssh localhost is fine
<dravekx> i need some help. I enabled the admin group for sudoers, and now I cant use my administrator user to sudo anything. If i try to sign in as root, it tells me bad password. anyone have a clue how to fix this?
<sms_> I can't ftp into my server while logged out, (Response:	331 Please specify the password. Command:	PASS ******** Error:	Connection timed out, is as far as it goes) And rtorrent keeps seeding, but halts downloading in a detached screen session if I log out. What could this be?
<SpamapS> sms_: possibly some kind of restriction in your pam rules.
<sms_> What are pam rules?
<SpamapS> heh.. not something you probably tweaked on your own
<sms_> I installed rtorrent, then noticed it won't keep downloading, and then I couldn't ftp into it either. If I'm logged in locally/via ssh everything works
<sms_> "File chunk write error no such file or directory" was on one of the torrents in rtorrent
<sms_> but not always
<dravekx> ugh. I think I'm screwed
<sms_> The harddrive is connected via a sata pci card, if that could mean something
<sms_> My home directory is encrypted too, and rtorrent was downloading into my home directory
<ersi> You probably have some magic which locks your home directory when you log out then.
<sms_> I hate magic :-/
<ersi> It's not magic
<sms_> Maybe I'll reinstall without encryption, I haven't gotten much configured yet
<ersi> Or you could spend some time to unroll this and learn a little in the progress, if you got time (Meant in the most sincere way, realized it might sound snotty)
<sms_> No I have time :), just that I'm completely lost
<_GoRDoN_> sms_: Are you using full disc encryption or Ubuntus home-dir encryption? I also had some problems with home-dir encryption so I switched to full disc encryption.
<sms_> home encryption
<_GoRDoN_> sms_: Check your processor usage when you add a new torrent. I think the problem is that rtorrent tries to allocate new space for torrents and that takes too long so it fails.
<_GoRDoN_> sms_: But there is no problems with full disc encryption
<sms_> hmm ok
<_GoRDoN_> sms_: And you can test if the encryption is problem by running rtorrent from /tmp, that should work without problems
<Daviey> Good Day People!
<Daviey> Everything looking dandy on the ship?
<twb`> It's not that kind of ship, mate
<ersi> _GoRDoN_: He did mention logging out.
 * ersi sticks https://help.ubuntu.com/community/EncryptedHome#Caveats into the channel
<sms_> hehe I love how the installer mentions "seamlessly"
<ersi> It's seemless if you do not wander into the Caveats
<sms_> Indeed
<lynxman> Daviey: g'day o/
<koolhead11> hey all
<koolhead11> why the alpha release gives no information about the same in lsb-release file :(
<koolhead11> am inserting it on my pressed to do it for me now
<koolhead11> i want the reason for the same.
<sms_> Yeah, _GoRDoN_, ersi, rtorrent kept going in /tmp. I don't exactly need encryption, can I remove it?
 * koolhead11 looks at Daviey 
<Daviey> hey lynxman
<Daviey> and koolhead11
<koolhead11> Daviey: what is a reason for not mentioning alpha/beta with release dates :(
<koolhead11> it becomes troubling when we are testing things on daily build. :(
 * koolhead11 wonders whom he should run after for the answer :P
<Daviey> koolhead11: uh?  I don't follow
<koolhead11> Daviey: i wanted to know why lsb-release file doesn`t make/give exact information about the distro, like alpha/beta with release date
<koolhead11> :D
<Daviey> koolhead11: Maybe you are looking for. https://wiki.ubuntu.com/OneiricReleaseSchedule :)
<ersi> koolhead11: Uh, there's no field for date in /etc/lsb-release
<koolhead11> ersi: indeed
<ersi> Or do you mean that alpha/beta should preferebly be in DISTRIB_DESCRIPTION?
<Daviey> koolhead11: part of the problem, is that we don't /exactly/ know what version of an archive snapshot will be the alpha / beta or even release
<koolhead11> ersi: yeah it should be there with the date of built :P
<Daviey> Once the archive has changed from what is on the released ISO, it's no longer THE alpha or beta.
<ersi> koolhead11: uname -a :P
<ersi> or uname -v
<koolhead11> ersi: that does not solve my issue :D actully
<sbeattie> koolhead11: /var/log/installer/media-info should have the specific information about what build it was installed from.
<koolhead11> sbeattie: yeah, i found the date. :) but more detailed description needed
<koolhead11> :D
<linocisco> hi . i have WDmybookworld  NAS. I want to console log in to this. I dont want to reset. Do I know how I can know it's IP without knowing its IP range ?
<ersi> lenios_: You could check the manual. Or do a broadcast ping. There's several methods. If you can log onto your router/switch, you could check the ARP tables/ports
<sbeattie> koolhead11: the date + nearby milestone is all that there is for daily snapshots (it will include a respin revision if such things happen); what are you looking for or are trying to solve?
<koolhead11> sbeattie: testing some apps on the daily built of oneric :D
<rbasak> Does apt-get --download-only require a -y? I can't test right now as everything is up to date :-/
<koolhead11> sbeattie: yeah, i think lsb-release should have more detailed description
<sbeattie> alas, it would require updating the base-files package for each respin.
<koolhead11> sbeattie: redhat on the other hand gives much detailed description on the same  i think
<rbasak> koolhead11: what it sounds like you need is a list of all installed packages and their versions. Would that help? dpkg-query -W will give you that
<koolhead11> rbasak: thanks. I got what i wanted. :D
<uvirtbot> New bug: #848844 in asterisk (universe) "application PickupChan failure" [Undecided,New] https://launchpad.net/bugs/848844
<RoyK> SpamapS: there's a -server and a -generic kernel - IIRC the -server kernel uses 100Hz and not preempt, both better for server stuff, while the -generic uses CONFIG_PREEMPT_VOLUNTARY
<RoyK> that is, seems both are using 100Hz
<euphor][a> hi guys, I'm having issues with install 10.04 on a Dell PowerEdge 2600 server. It seems the kernel version causing panics with the raid controller. Anyone come across this and/or got any suggestions please?
<RoyK> euphor][a: never seen that - make sure you're using the latest release - 10.04.3
<garymc> How do I make a launcher  load a page in firefox or google chrome. some sites i use I want to launch in chrome as they display better in my FAT clients
<garymc> or should I ask elsewhere?
<RoyK> garymc: I somewhat doubt that's server related...
<garymc> yeah ok
<garymc> im LTSP
<euphor][a> RoyK: thanks, I have the latest release -- ironically an older release works as it has an older kernel
<RoyK> euphor][a: then you've hit a bug
<RoyK> euphor][a: what do you mean older? older 10.04 or older distro?
<euphor][a> older distro, 8.04, having an older kernel
<euphor][a> RoyK: yes, it does seem to be a bug
<RoyK> euphor][a: there's a backported 2.6.35 available for Lucid as well, but I doubt there's an install CD with it
<RoyK> euphor][a: you may try to boot without acpi or apic (press f6 in the initial grub menu)
<euphor][a> RoyK: thanks, I'll give it a shot
<euphor][a> RoyK: the bug persists up until 2.6.35 afaiaa, so it's 2.6.29 or older only I believe
<euphor][a> (that I have to use(
<RoyK> have you tried 10.10 or 11.04?
<RoyK> not optimal if you want to run LTS, but then, 12.04 isn't that far off
<euphor][a> looking at LTS only unfortunately
<TheEvilPhoenix> well 10.04 is an LTS build.  You could theoretically try that
<euphor][a> As opposed to 10.04.3?
<TheEvilPhoenix> sorry, i interchange them.  10.04.3 is the LTS build
<TheEvilPhoenix> 10.04 - 10.04.3 are all LTS
<TheEvilPhoenix> but its in the 10.04 family :P
<TheEvilPhoenix> regardless, its an LTS.
<euphor][a> I have tried 10.04.3, it kernel panics randomly
<euphor][a> I'll try 11.04 now, just to see
<TheEvilPhoenix> well if 10.04.3 kernel panics randomly
<TheEvilPhoenix> then its likely that 11.04 will as well
<TheEvilPhoenix> is this, say, ancient system hardware you're on?
<TheEvilPhoenix> >= 4 years of age?
<euphor][a> yes
<euphor][a> Dell PowerEdge 2600, EOL
<TheEvilPhoenix> heh
<euphor][a> I could run 8.04 LTS, but had trouble accessing EFI partitions
<TheEvilPhoenix> EFI?  *loads google*
<euphor][a> EFI GUID Partition support (NEW)
<TheEvilPhoenix> EFI = ....?
<euphor][a> to access 4Tb partitions
<TheEvilPhoenix> you still havent explained what EFI is :P  *resorts to google*
<TheEvilPhoenix> ahh
<euphor][a> it's a partitions schema
<CluelessPerson> Hello
<CluelessPerson> How do you completely reinstall something when you've F**** up all the config files and etc?
<CluelessPerson> and need it ALL completely reset?
<CluelessPerson> ?
<euphor][a> hi guys, I have a 4Tb external firewire drive that, when connected to 8.04, says 'sdb: unknown partition table'
<euphor][a> It was created and worked fine on Gentoo, but doesn't mount on Ubuntu?
<hallyn> crass: I don't recall what happened with that.
<hallyn> somehow I think I thought I was waiting for an update from hggdh
<hallyn> crass:  take it you see libvirt still doing that?
<hallyn> hggdh: bug 691590, do you still see that behavior?
<uvirtbot> Launchpad bug 691590 in libvirt "libvirt should not take ownership of ISO images" [Low,Triaged] https://launchpad.net/bugs/691590
<hggdh> hallyn: I *think* so -- but there is a setting on qemu.conf that disables it, as long as you are running libvirt as root
<hggdh> which I have been doing since
<hggdh> I can test it easily, though -- right now I am jumping off the fire to land in the frying pan (ISOs changing ownership and blowing out ISO update, or libvirt-as-root and blowing up security)
<uvirtbot> New bug: #848932 in cloud-init (main) "chef support has static mapping for ruby version -> packages" [Undecided,New] https://launchpad.net/bugs/848932
<hallyn> hggdh: does that mean the bug is still worth fixing for your end?
<hggdh> hallyn: ISOs should not change ownership, mostly should not have ownership set to a system account. Yes, if it still happens, certainly is worth fixing
<zul> good morning
<hggdh> morning zul
<zul> hey hggdh
<hallyn> hggdh: i'll follow up, thanks
<hallyn> hggdh: well, to be clear - you're saying that running as root is giving you its own set of problems, right?
<hallyn> (so i can prioritize)
<hallyn> i'm forgetting what the core of the problem was.  a mirror updating the cdrom backing file seems problematic regardless of uid changes
<hallyn> oh well.  patch -> list
<hggdh> hallyn: sorry, wife called
<hggdh> hallyn: we should not need to run libvirt as root. I am rerunning my scenario to see if it still is a problem
<Daviey> hohoho
<hallyn> hggdh: 'should not need to' where need is defined by special cases doesn't really help to prioritize :)
<hggdh> hallyn: out default install does not run libvirt as root. Having to do so is a deviation
<hallyn> IOW, the behavior you want can be argued either way.  So my question was whether the workaround does in fact cause you different problems
<hggdh> hallyn: no problems, except running libvirt as root. I am personally confortable there, this is *my* machine
<hallyn> hggdh: I honestly believe that having the user provide an iso which is specific for the VM makes more sense, than designing libvirt to handle isos being overwritten by a mirror
<hallyn> but if the workaround caused problems, then it would be worth it
<hallyn> However, it appears I really dropped the ball by neither marking the bug wontfix, nor forwarding the bug to upstream
<hggdh> hallyn: OK. It is a question of usage and of interpretation. I accept it, and I have a workaround. I am cool, no matter what you decide
<hallyn> hggdh: cool, thanks - so i'll fwd it upstream, but if they don't take it, then i'll mark it wontfix rather than patch in ubuntu.
<hggdh> hallyn: certainly
<kpettit> Good morning.
<kpettit> What's considered the best VNC version latetly?   Wanting to put something on all the PC's here so I can remotly monitor/support and such.
<cr3> what would be the recommended way to use cloud-init to deploy an application in ec2 using one shared configuration, revision controlled, and one private configuration, containing my access token and secret for launchpad?
<zul> Daviey: where do you see this block-migration stuff in Openstack?
 * pmatulis wonders why samba's testparm did not pick up 2 contradicting 'passdb' entries...
<rbasak> So I'm looking at cobbler, and the docs are very RHEL-centric. If I just follow the instruction but with an Ubuntu ISO and preseed file with cobbler from oneiric, will it work, or are there other docs I can use?
<jamespage> rbasak: i think there are some on help.ubuntu.com
<jamespage> https://help.ubuntu.com/community/Cobbler
<rbasak> jamespage: aha, thanks! I searched wiki.ubuntu.com; didn't realise that help.ubuntu.com was separate
<jamespage> rbasak: np
<jamespage> zul: have the fixes errant qemu-nbd processes landed in nova yet? and do you want me to test if so?
<zul> jamespage: not yet...it landed in trunk...it should land in ubuntu this friday
<jamespage> zul: ack - lemme know when
<andreserl> rbasak, if you find something not working from the docs or anything just let me know
<zul> jamespage: sure
<RoAkSoAx> rbasak: errr if you find something not working from the docs or anything just let me know
<RoAkSoAx> \lol
<rbasak> ok, thanks :)
<uvirtbot> New bug: #795930 in apache2 (main) "When using function get_domain_by_name() from libvirt-php i get segmentation fault 11 and apache crashes. " [Medium,New] https://launchpad.net/bugs/795930
<uvirtbot> New bug: #812028 in apache2 (main) "apache2 crashed with SIGSEGV in _zend_hash_add_or_update()" [Medium,New] https://launchpad.net/bugs/812028
<lajjr> kim0, are you online ??
<kim0> lajjr: yep
<lajjr> great...
<kim0> what's up
<lajjr> I have a ??
<kim0> shoot :)
<Daviey> Does anyone want to smoke test the openstack dashboard?
<kim0> Daviey: do I have to install a full openstack env for that ?
<lajjr> can I also take 15 - 16 ?!?
<Daviey> zul: How is the migration looking?
<zul> getting there
<zul> now that i understand it
<kim0> lajjr: heh sure! You can take whatever you want as long as you promise to complete it :)
<Daviey> kim0: hmm, pretty much - but should be possible on an all in one node.
<Daviey> (or VM)
<lajjr> chapters that is.. I also am going to kill bugs for the mail part..
<lajjr> heh of course..
<kim0> lajjr: AWESOME .. please add yourself to http://pad.ubuntu.com/serverguide
<al-maisan> hello there, how do I pass the "--master" flag to "/etc/init.d/mongodb start" ?
<Daviey> zul: are you taking notes?
<lajjr> OK ..also file server is done and didn't look at the bugs my bad... :(..
<zul> Daviey: yep
<lajjr> kim0, add, you mean to said chapter I mentioned right???
<kim0> Daviey: Is there any doc on how to install this all in one openstack to test the dashboard ?
<kim0> lajjr: I mean write your name on http://pad.ubuntu.com/serverguide besides those chapters (like the rest of the chapters)
<lajjr> yep doing it right just making sure was in the right frame of mind LOL..
<kim0> lajjr: hehe cool :)
<lajjr> kim0, added...
<lajjr> will try to complete ASAP.. bugs too...!.
<lajjr> heh..
<cr3> smoser: ^^^ what would be the recommended way to use cloud-init to deploy an application in ec2 using one shared configuration, revision controlled, and one private configuration, containing my access token and secret for launchpad?
<Daviey> kim0: not off the top of my head, sorry
<caribou> lajjr: I just saw that you signed in to update the chat chapters on the Server Guide
<caribou> lajjr: I was about to do it myself (just set up the bzr branches). If you want, I can take care of the chat chapter. I'm not too good with version control
<jamespage> smoser: any plans to add arch=arm support to cloud-utils
<smoser> cr3, "access token" == "ec2 credentials" ?
<jamespage> cloud-publish-image is reluctant todo it at the moment - "arch must be i386 or x86_64"
<smoser> for ec2 credentials you most certainly should use 'iam' , and create some credentials that can only do what you want.
<Daviey> smoser: for ec2 creds, or aws creds? :)
<cr3> smoser: not ec2 credentials, just credentials specific to the application being deployed so that it can connect to launchpad without prompting for openid and oauth credentials
<RoAkSoAx> is anyone free to try a PXE boot atm?
<RoAkSoAx> I'm getting an endless loop
<smoser> then, i would probably seed those (and your launchpad credentials) into the instance via '#include-once' that lynxman wrote.
<lynxman> smoser: \o/
<cr3> smoser: is #include-once supported in lucid running on the instance where I'm deploying?
<smoser> jamespage, you want to open a quick bug ? and we can get it fixed.
<smoser> include-once is not supported by lucid. :-(
<jamespage> smoser: sure
<smoser> cr3, so i would recommend doing some one-time url (or expiring) and maybe that would work with lucid...
<smoser> i'm wondering what would happen on subsequent boots.
<Daviey> jamespage: Yeah, i edited mine in-place
<smoser> if that url is still there to be #included, but just with other data (not the secret from the first time) it would probably be OK.
<smoser> jamespage, so euca-bundle-image wont complain about arch as arm ?
<cr3> smoser: not sure how that would work: I could probably commit the url pointing to my credentials but couldn't people then access that url?
<smoser> cr3, yes. so you need a one time use or expiring url
<smoser> and you pass it a url like myhost.com/<some long secret here>
<smoser> you can use s3 expiring urls.
<jamespage> smoser: might do - Daviey might know the answer (I have not "fixed" mine locally"
<smoser> let it live for 10 minutes
<Daviey> i'm pretty sure i was able to bundle whatever i wanted.
<Daviey> I might have 'fixed' it locally :)
<smoser> so i guess i'll just ditch the 'arch' sanity check.
<jamespage> smoser, Daviey: bug 849093
<smoser> and, let it fail later if it does
<uvirtbot> Launchpad bug 849093 in cloud-utils "ARM tarball/image support" [Undecided,New] https://launchpad.net/bugs/849093
<Daviey> smoser: Hmm, for aws your logic still makes sense
<smoser> yeah, but no way to really know.
<smoser> that sucks
<smoser> but what can you do
<Daviey> smoser: for this release --force-arch=arm ?
<smoser> nah.
<cr3> smoser: the content of the url would be a cloud.init script, right? ideally, it would preseed the credentials I need, right?
<Daviey> hmm
<Daviey> that is crappy
<smoser> its not like you're going to do that more than once.
<smoser> cr3, right. it can be any cloud-init supported content.
<jamespage> is it possible to have an openstack cloud running both arm and x86 hardware i.e. can it tell where to locate instances based on architecture?
<Daviey> smoser: as long as you support commodore64, i am happy
<jamespage> or is it one or the other
<Daviey> jamespage: no
<Daviey> jamespage: currently nova assumes everything can run on what it is thrown at.
<cr3> smoser: I'm not seeing anything about preseeding on the wiki page, do I just make it a script and preseed as if I were on the command line? https://help.ubuntu.com/community/CloudInit
<jamespage> hmm - that makes me a little sad
<smoser> i just let it fail for the user.
<Daviey> So, throwing an amd64 image at an i386 compute node will just fail.
<smoser> it sucks, that the failure actually happens on 'register'
<smoser> after you've potentially uploaded hundreds of megabytes of useless garbage
<smoser> :)
<smoser> i just tested ec2-bundle doesn't complain, but ec2-register does.
<Daviey> jamespage / smoser: Did you see the arch type on this bug i raised? 831704
<Daviey> bug 831704
<jamespage> that makes me a little more sad
<uvirtbot> Launchpad bug 831704 in nova "No validation of arch type on image upload" [Wishlist,Confirmed] https://launchpad.net/bugs/831704
<jamespage> nope
<smoser> cr3, what do you mean ? preseed ?
<smoser> oh..
<smoser> i said 'seed'.
<smoser> i just mean however you would insert data. there is no specific support in cloud-init for ec2 credentials
<Daviey> jamespage: Yeah, i uploaded a bundle decalred as type commodore64 to our openstack deployment :)
<jamespage> As there is no real ARM server hardware this is all a bit hypothetical anyway
<jamespage> Daviey: nice...
<Daviey> jamespage: Well i hoped to land the branch i had that would support arm via qemu arm emulater.
<Daviey> But we've not had great success in starting arm images outside of openstack.. right utlemming / rbasak ?
<cr3> smoser: preseed as in debian shove my own values into the configuration of a package at install time :)
<jamespage> that might actually be OK - so long as it won't try to run it on a nova-compute node unless its the right arch.
<rbasak> Daviey: I still need to sync with utlemming on that
<rbasak> Not sure what the current status is
<smoser> preseed as in debian, cloud-config has support for doing that.
<Daviey> jamespage: No, it should matter of the arch type.  libvirt handles starting of kvm or qemu emulator.
<cr3> smoser: a quick search shows that it's been postponed for natty though, probably got introduced in oneiric: https://launchpad.net/ubuntu/+spec/cloud-server-n-cloud-init
<utlemming> Daviey: correct, everything that I am seeing is that qemu is broken for OMAP
<Daviey> utlemming: rocking!
<jamespage> Daviey: think libvirt is currently borked on ARM unless zul has fixed it - have not tried to test it yet
<Daviey> utlemming / rbasak: you two probably need to grab hold of the arm team to try and find out what to do :/
<smoser> cr3, http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt
<smoser> see 'debconf_selections'
<cr3> smoser: cheers!
<jamespage> have been trying to reproduce the java task hang I've seen a few times
<smoser> and that was backported to lucid
<Daviey> jamespage: Hmm.. No, we are at cross-wires.
<Daviey> jamespage: libivrt on amd64/i386, starting qemu to virtualise a fake arm cpu.
<jamespage> Daviey: yeah - I got that
<jamespage> I was really talking about lxc containers under openstack on ARM hardware
<cr3> smoser: I was grep'ing around for preseed but debconf returns exactly what I was looking for, thanks again
<smoser> yeah.
<smoser> that sucks. i did the same.
<smoser> i should add those strings to that doc.
<smoser> debconf does hit, though, cr3
<utlemming> rbasak: I think I may have a handle on booting qemu arm images
<rbasak> cool
<utlemming> rbasak: hopefully, I'll have something shortly
<rbasak> OK I'll leave you to it then!
<tvaldes> I need help with fstab (I believe). There are 3 drives that I swap in and out of a swap drive bay. I would set it up to auto mount sda1 or sdb1... but it's not always the same for some reason (I believe due to a new raid controller). So I have 3 seperate lines mounting the UUID's to the same point. The problem is if the first one isn't present, it gives an error on boot and never mounts. If I sudo mount -a, it works but shows 
<koolhead17> hi all
<defghanistan> Good morning, I am trying to mount an NFS share onto an ubuntu server box using /etc/fstab, via ip address (not dns). When I run mount -a it says that DNS resolution failed for //(ip address): Name or service not known. I have googled this to death, any suggestions?
<just-a-visitor> defghanistan: Try to include the Ubuntu box's IP address into the NFS server's (providing the share)  /etc/hosts file.
<uvirtbot> New bug: #849230 in clamav (main) "package clamav-daemon 0.97.2+dfsg-1ubuntu1.11.04 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 128" [Undecided,New] https://launchpad.net/bugs/849230
<its> hello
<its> can someone help me screen share my ubuntu server from a mac laptop?
<its> I have x11vnc installed and all but, I'm not sure how to get the screen sharing set up on the mac
<uvirtbot> New bug: #849255 in vsftpd (main) "package vsftpd 2.3.2-3ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/849255
<its> if anyone can help me I'll give them a cookie
<pmatulis> its: what kind?
<its> what kind of what?
<pmatulis> its: of cookie
<its> chocolate chip
<pmatulis> its: i'm sorry i can't help you
<its> oatmeal raisin?
<its> :/
<Pici> its: #ubuntu would probably be a better place to ask, as the Server install doesn't even have a gui installed normally.
<its> well
<its> i installed the gui
<its> ubuntu-desktop
<dravekx> anyone running an IRC BOT on ubuntu server? I kinda want to, but not sure where to start.
<genii-around> Maybe start by experimenting with the eggdrop bot
<dravekx> Im reading about eggdrop bot, still a little confused. :S
<Pici> I found supybot a lot simpler myself.
<pmatulis> yes, i run supybot too
<dravekx> I guess I can setup a user account on ubuntu for the bot and run it from the home directory?
<dravekx> ahh found a tut
<dravekx> i wonder if i should make a user account just for the bot.
<dravekx> :S
<dravekx> how do you clone download something?
<Pici> dravekx: What do you mean?
<dravekx> Pici, supybot instructions says "Now clone download Supybot from git"
<dravekx> *after opening a terminal.
<dravekx> ah I got it.
<pmatulis> i usually just install the ubuntu package...
<kirkland> soren: ping
<jfb_h20> anyone have a pointer on setting up postfix to work as the mail server for mediawiki? It seems an 'apt-get install sendmail' worked, but postfix doesn't.
<soren> kirkland: wazzup?
<kirkland> soren: -> pm
<j0nr> hey folks...I am having problems installing video driver so that I can just run xbmc in an X window session (I do not want to install a desktop environment on my server)
<j0nr> but I do want to be able to run xbmc on my tv which is plugged into my server
<hallyn> zul: is 811951 aimed at you?
<zul> bug #811951
<uvirtbot> Launchpad bug 811951 in xen "Failure to create HVM DomU at  Xen 4.1 ( kernel 3.0.0-5-generic) " [Undecided,Fix released] https://launchpad.net/bugs/811951
<hallyn> zul: bc it doesn't make any sense to me
<hallyn> (i.e the version # he's talking about)
<zul> hallyn: kind of...i know what he is talking about though
<hallyn> zul: ok, cool
<j0nr> can anyone help me get video driver installed on my server so I can run graphical programs remotely
<genii-around> !info xvfb
<ubottu> xvfb (source: xorg-server): Virtual Framebuffer 'fake' X server. In component main, is optional. Version 2:1.10.1-1ubuntu1.2 (natty), package size 791 kB, installed size 1944 kB
<j0nr> genii-around: would that actually output via my vga port though? to a monitor?
<warzauwynn> j0nr: no, it's a virtual frame buffer.  nothing is displayed on the monitor.  it's useful for remote graphics.
<warzauwynn> j0nr: http://en.wikipedia.org/wiki/Xvfb
<j0nr> ok when I try and launch xinit, I get a few errors, mainly saying no supported AMD display adaptors were found.
<j0nr> I just have fglrx installed
<j0nr> if I uninstall that and install xserver-xorg-video-radeon then I get errors when runngin xinit that it cant find fglrx components...
<warzauwynn> j0nr: you said remoteâ¦ do you need local too?
<j0nr> I'm lost
<j0nr> remote as in I will control it remotely.
<warzauwynn> j0nr: so you don't need local?
<j0nr> Very basically, it is a laptop with ubuntu server on it, sitting under my telly. I want to plug my telly into it and run xbmc
<j0nr> I don't want a full on desktop env because it will slow the machine down
<warzauwynn> j0nr: that's not remote, that's considered local because no network is involved.
<j0nr> warzauwynn: ok, sorry for that
<warzauwynn> no worries.  uninstall xvfb and just install the normal xorg stuff
<j0nr> warzauwynn: i never installed xvfb.... would would the 'normal' xorg stuff be?
<j0nr> I think all I am missing is the correct video driver
<warzauwynn> you already have a graphical environment running?
<j0nr> no, just ubuntu-server
<warzauwynn> install xserver-xorg
<j0nr> think I have done that
<warzauwynn> wellâ¦ actually there might be an approved way to do this for xbmc.
<j0nr> yes I have
<warzauwynn> xbmc might not need everything like the wm and stuff.
<warzauwynn> did you install gnome / kde / xfce / or anything else?
<j0nr> well it will need a working display adaptor at least
<j0nr> warzauwynn: nope, nothing like that installed
<j0nr> i've run graphical programs from a server before via ssh and tunneling... I see it as similar to that
<warzauwynn> what verison of ubuntu?
<j0nr> although it is all local, but it needs a working display adaptor right?
<j0nr> warzauwynn: 11.04
<warzauwynn> j0nr: nah, it's not like that.  those apps send the GUI information over the net, then your client renders them.  here we need the pc itself to render them.
<j0nr> warzauwynn: ah ok
<warzauwynn> j0nr: did you do this? http://forum.xbmc.org/showpost.php?p=786004&postcount=8
<j0nr> warzauwynn: http://pastebin.com/hbcGAeej  current output when I run xinit
<warzauwynn> reason i ask is that installing xbmc might auto-resolve all the dependencies to make it work.
<warzauwynn> perhapsâ¦ not certain.
<warzauwynn> really though, this is less of a server question and more of a desktop question.  you might ask in #ubuntu
<j0nr> I used this: sudo add-apt-repository ppa:team-xbmc/unstable    which is meant to be what you should use for natty
<warzauwynn> in fact, you'd probably have much better luck in there.  i can't remember the last time i installed xorg and graphics stuff.
<j0nr> warzauwynn: oky dokes... thanks anyway!
<aarcane> how can I force dpkg/apt-get/aptitude to accept that a package is properly configured when the configure script fails regularly.  it's failing to start a service, which I've configured not to start (and indeed successful starting would be disastrous) and everything else is properly configured.
<drbobb> hello
<drbobb> I was installing 11.04 on a 2TB pristine clean hard drive
<drbobb> I created a LVM PV, and 2 LV's, for root fs and swap
<drbobb> at the end of installation, boom: error installing grub
<drbobb> unbootable system
<drbobb> nothing works
<aarcane> drbobb, you should probably try with a GPT partition table and make sure there's a bios-grub partition.  it sounds like grub probably couldn't install due to a bad partitioning scheme.  and yes, you can use LVM atop gpt seamlessly.
<drbobb> yes after poking around a little I discovered the installer had used GPT on the drive
<drbobb> and this definitely did not work, seamlessly or at all for that matter
<drbobb> how do I make a bios-grub partition? the installer offered no such option
<drbobb> and I definitely suspect that if I want to dual-boot windows, I should stay away from GPT
<aarcane> dual boot windows works from gpt on 64 bit for both vista and 7.
<drbobb> well for the moment booting ubuntu doesnt work for me, how do I fix that?
<aarcane> also: you use gparted or parted from the installer.  the server installer excludes parted for some reason, as well as apt-get, so you need to use the desktop installer to partition your disks prior to installing ubuntu server.
<drbobb> actually I worked around it by using grub-install --force, but I got some dire warnings
<aarcane> can you pastebin your dire warnings?
<drbobb> aarcane: I don't understand you
<drbobb> I was definitely able to partition the drive in the server installer
<drbobb> parted sees nothing wrong with those partitions
<aarcane> drbobb, parted and gparted are utilities that give you detailed control over partitioning and allow you to manually inspect your partitions and ensure that a bios-grub partition exists.
<drbobb> aarcane: I can't pastebin, the said pc is half-installed and in my office, and I'm at home
<drbobb> but it said something about blocklists
<aarcane> drbobb, these utilities are erroneously absent from the ubuntu server install, so you must use the desktop install to access them if you don't have access to a working environment.
<drbobb> aarcane: I booted the server cd in rescue mode, and was able to access parted in that environment
<aarcane> drbobb, alright then.  create a small partition at the beginning of the GPT volume and set the bios-grub flag and the boot flag.
<drbobb> I mean when chrooted to the server root fs
<aarcane> erm..  that might not work then.
<drbobb> damn, why isn't that documented anywhere?
<drbobb> I lost like 2 hours trying to figure this crap out
<aarcane> drbobb, I don't know.  Most people don't use GPT partitions though, so it's uncommon.
<drbobb> but I never asked for GPT, the installer applied it silently
<drbobb> I guess I need to start over then, a couple of hours more down the drain
<aarcane> it's not that bad.  now that you know what you're doing it'll go faster.
<drbobb> but how do I ensure that the installer won't use GPT?
<aarcane> on a 2TB drive you want (might need, must fact check) GPT partitions.
<drbobb> I guess I should start by partitioning from a rescue environment
<aarcane> just use the ubuntu desktop live cd.  it's very simple to use and provides gparted which will let you properly configure the bios-grub partition.
<aarcane> only create the one partition, let the installer handle the rest of the procedure.  the bios-grub partition should be small (8MB should be enough) with the flags bios-grub and boot enabled near the beginning of the drive.
<drbobb> but the desktop installer won't let me configure LVM iirc
<drbobb> this doesn't make any sense to me, I go through the installer with no error or warning even, and end up with an unbootable system
<warzauwynn> drbobb: what hardware and what software version?
<drbobb> 11.04
<drbobb> the hw is pretty common
<warzauwynn> pretty common as in BIOS?
<drbobb> nothing special about it
<drbobb> yep
<warzauwynn> what motherboard?
<drbobb> pretty common as in a PC, not a blade or rack server
<warzauwynn> only one disk, 2tb?
<drbobb> right
<warzauwynn> pc's have EFI.  i just built a mini-ITX with efi.
<drbobb> a pc like a pc you get from a pc store
<warzauwynn> like an asus motherboard?
<drbobb> yeah might be an asus, can't check right now
<warzauwynn> asus makes EFI motherboards.
<drbobb> there is no EFI on that PC
<warzauwynn> ok.
<warzauwynn> disks?
<drbobb> nothing remotely resembling EFI
<warzauwynn> are you sure your install media burned correctly?
<drbobb> a 2TB SATA drive, seagate or something
<warzauwynn> i've done installs where the install media silently corrupted during burn, and i beat my head for hours over it.
<warzauwynn> actually more than once, which is why i try not to use CDs anymore...
<drbobb> I seriously doubt that is the issue
<warzauwynn> =/
<warzauwynn> ok.
<warzauwynn> 64 or 32 bit OS?
<drbobb> 64bit
<adam_g> RoAkSoAx:  http://paste.ubuntu.com/688646/
<adam_g> RoAkSoAx: cloud-init wont consume the hostname and domain name from there, will it? and it will consider no hostname from metadata, and update /etc/hosts with localdomain
<RoAkSoAx> adam_g: that's the issue I found and we agreed with smoser that cloud-init should probably respect that
<RoAkSoAx> adam_g: and tht's why he did the change on cloud-init and that's why hostname is setting correctly
<RoAkSoAx> adam_g: because it used to set itself to ubuntuhost
<RoAkSoAx> adam_g: so I think he'll probably have to do the same he did for hostname, for domain
<adam_g> RoAkSoAx: so cloud-init was modified recently to look for hostname in the kernel paramters?
<RoAkSoAx> adam_g: smoser what did you do to make cloud-init not set the hostname to ubuntuhost?
<RoAkSoAx> smoser: remember we discussed that few days ago, because it was changing what was provided in the kernel parameters
<drbobb> Is the use of LVM what's causing my install to fail? or is it something else?
<warzauwynn> drbobb: which partitioning method did you use?
<drbobb> manual
<RoAkSoAx> adam_g: we just need to make sure that cloud-init is not overwriting that, and that --hostname when adding a system is set
<drbobb> I was never aware that GPT would be used on the drive
<RoAkSoAx> adam_g: and that should be enough to set the hostname
<warzauwynn> drbobb: did you create a reserved bios boot area?
<drbobb> and I have no idea of its (in)compatibilities or requirements
<warzauwynn> drbobb: i'm playing with it now, it looks like gpt is the default and you need a 1mb reserved bios boot area at the beginning of the disk.
<drbobb> there is not a single mention of that in the ubuntu install guide
<drbobb> there is no warning in the installer, wither
<drbobb> either
<drbobb> to me that is seriously broken
<warzauwynn> drbobb: incidentally, i can't find any mention of either MBR or GPT.
<warzauwynn> however, the automatic installer does create a GPT with the necessary BIOS boot area.
<crass> hallyn: thanks for looking at this again. I think my problem is more common than hggdh's, though philosophically we're on the same page.
<drbobb> ok, so the solution would be to create this boot area with parted, and re-apply grub install?
<drbobb> good, I'll give that a try
<crass> hallyn: I just have an iso that will never be updated or sync'd to some mirror, but that was downloaded by the user and so is owned by the user and her default group
<crass> hallyn: I don't think that running libvirt as root is a good solution, for security reasons, and there's no reason why libvirt shouldn't be able to read the iso if there's world read perms set on it. I'm not sure why it should ever try to change the ownership for any RO media.
<warzauwynn> drbobb: you may want to play with it in a virtual environment where things go quicker and non-destructive.
<drbobb> warzauwynn: I don't really need to, the PC is pristine and there is no data to lose
<warzauwynn> ok.
<drbobb> I just don't have the time to redo the install over and over
<warzauwynn> yeah, i know what you mean. =/
<drbobb> I must say I'm very disappointed with how the ubuntu installer behaves wrt this, though
<hallyn> crass: just updated the bug with a link to my email to upstream.  we'll see waht they say
<Xptical> I just installed Cherokee and I'd like some advice on how to manage my directories.  Should I move /var/www to /home/user/www?  Or should I give that user a symlink and permissions to /var/www?
<Xptical> So that a user can FTP to his virtual host?
<uvirtbot> New bug: #831496 in Ubuntu Oneiric "[FFe] Add cobbler enrollment support to server cd image" [High,New] https://launchpad.net/bugs/831496
#ubuntu-server 2011-09-14
<dominicdinada> if i do a network boot would i be able to install a copy of natty via internet.... PC is headless, no cd, no floppy.... ya it has usb but the bios only supports usb drives such as floppy-cd
<Smaug> hey all
<Smaug> i have ubuntu 8.04.4 with python 2.5.2.    How should I go about installing python 2.7?  I am aware that I will need to have both 2.5.2 and 2.7 exist on the machine
<adam_g> RoAkSoAx: https://code.launchpad.net/~gandelman-a/ensemble/fqdn-fix <-  this is small and adds the cobbler system name to cloud-inits metadata, which'll do the trick for now
<adam_g> RoAkSoAx: i lost my scrollback of what you and smoser were pondering, so this is probably a hack until that gets done. but i believe it'll get us going in the meantime
<dominicdinada> can someone help me setup a network boot ? ugh frusterating ?
<Smaug> i have ubuntu 8.04.4 with python 2.5.2.    How should I go about installing python 2.7?  I am aware that I will need to have both 2.5.2 and 2.7 exist on the machine
<toddnine> Hi guys.  Can anyone recommend a good replacement for AD?  We're using Apple's open directory at the moment, but we want LDAP for auth and Kerberos for network shares( with samba) that supports OS X, Ubuntu Workstations, and Windows 7 workstations
<dominicdinada> samba itself
<toddnine> dominicdinada: do you have any examples or doc I can use as a reference?
<toddnine> I know how to use LDAP (I'm a java dev) and kerberos, but I'm not sure how to hook it all up as a service on a domain every computer can join
<dominicdinada> toddnine: https://help.ubuntu.com
<dominicdinada> atm i am working on something
<toddnine> Network Authentication?
<toddnine> https://help.ubuntu.com/11.04/serverguide/C/index.html
<toddnine> Also, are there any pre-canned utilities to sync using the google sync tools for app customers?
<linocisco> how to recover ssh on my server ?
<linocisco> how to disable screen saver on my server ?
<patdk-lap> how do you *loose* ssh?
<airtonix> looking to get the mod_shared_roster_ldap installed on lucid server
<linocisco> patdk-lap: ssh localhost on server is fine. ssh server-ip on server is fine. but from other computer using ssh client is not ok
<linocisco> patdk-lap: after one unproper shutdown or forced shutdown or power loss , i found that the next day
<uvirtbot> New bug: #849672 in libvirt (main) "make libvirt trivial to backport to lucid" [Undecided,New] https://launchpad.net/bugs/849672
<uvirtbot> New bug: #849682 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/849682
<stiv2k> ok
<stiv2k> can someone help me figure out why i cant use 'freedns' as a protocol in ddclient?
<stiv2k> it says
<stiv2k> WARNING:  file /etc/ddclient.conf, line 5: Invalid Value for keyword 'protocol' = 'freedns'
<jmarsden> stiv2k: Check the protocl names listed in /usr/share/doc/ddclient/README.gz -- are you sure your version of ddclient supports a protocol called freedns ?
<stiv2k> jmarsden: i guess it doesn't, but googling suggests that >3.8.0 supports freedns
<stiv2k> so im a little confused on that
<stiv2k> i've been a zoneedit user for years and i'm getting sick of them constantly reducing the number of free features
<jmarsden> Are you confusing a dynamic DNs provider name with a dynamic DNS protocol name?
<stiv2k> jmarsden: what
<stiv2k> no
<stiv2k> well, zoneedit and freedns are both provider names
<stiv2k> freedns uses their own protocol iirc
<jmarsden> stiv2k: You can see what protocols ddclient works with by doing       fgrep '=> {' ddclient |sed -e 's/ => {//'
<jmarsden> Or just read the Perl code :)
<jmarsden> Make that    fgrep '=> {' /usr/sbin/ddclient |sed -e 's/ => {//'
<tiger2wander> I'm recovering my ext4 partition with e2fsck -b block_number /dev/sdxx but after mount it has no file/folder inside mount point
<tiger2wander> but `df` command show it is used 68% :(
<tiger2wander> Could anyone help me to solve this? please!
<tiger2wander> I'm using Ubuntu Server 10.04.3 amd64
<tiger2wander> Tried almost superblock backup but no luck
<CluelessPerson> I can't get php5 to work on my server. >.<
<ersi_> tiger2wander: Have you checked if there's any LOST+FOUND folder where everything's stacked into?
<tiger2wander> not yet, I keeping not touch anything until got more information
<ersi_> that's wise
<tiger2wander> before use e2fsck -b I was made a mistaken that act mkfsck -b (after run mkfsck -n to find superblock)instead e2fsck
<CluelessPerson> php5 isn't processing, edditing the httpd.conf file in apache2 is blank, I'm new to linux and lost at this. >.>
<tiger2wander> so that partition got formated as Ext2 :(
<tiger2wander> I think Journal meta data was cleared by that command, right?
<tiger2wander> just checked lost+found folder and see there are many file with prefix as #
<tiger2wander> so how can I recovery from lost+found?
<CluelessPerson> >.>
<Daviey> Gooooooooooooood Day people.
<tiger2wander> CluelessPerson, what's version of Ubuntu running on your server?
<CluelessPerson> tiger2wander, 11.04
<CluelessPerson> tiger2wander,   I believe.  Also, I screwed up the configurations for apache2 and completely reinstalled that.
<CluelessPerson> but that works now, just not the php
<tiger2wander> did you forget to install package: libapache2-mod-php?
<CluelessPerson> tiger2wander,  .. >.> most likely.
<CluelessPerson> here I go
<CluelessPerson> tiger2wander,   alright, that installed, but I got several errors
<CluelessPerson> tiger2wander, Syntax error on line 6 of /etc/apache2/httpd.conf: Cannot load /etc/apache2/modules/mod_php.so into server: /etc/apache2/modules/mod_php.so: cannot open shared object file: No such file or directory
<CluelessPerson> tiger2wander, Ah, works now.
<CluelessPerson> tiger2wander,  Thank you very much.
<CluelessPerson> tiger2wander, checking with php.info()
<CluelessPerson> tiger2wander, Thank you very much.  Everything works. :D
<tiger2wander> CluelessPerson, you are welcome :)
<CluelessPerson> tiger2wander, How does it feel to be very helpful?
<tiger2wander> CluelessPerson, what's thing you are asking for?
<CluelessPerson> tiger2wander, How does it feel to be very helpful?
<jamespage> Daviey: would you be OK to sponsor a Jenkins upload for me later today - latest LTS bugfix release came out yesterday (does not need a FFE)
<Daviey> jamespage: Maybe.. what is it worth?
<jamespage> Daviey: hrm - or maybe not - pulls in a new dependency to fix a bug which we don't have packaged.
<Daviey> jamespage: grr
<jamespage> Daviey: I may just patch that out - the feature that uses it is borked in the current version so may be better to remove than get lots of bug reports.
<Daviey> jamespage: check to see if it's worth the effort at this stage to start making changes.
<jamespage> Daviey: think its minimal effort - just looking now
<jamespage> Daviey: or maybe not - going to leave as is
<Daviey> jamespage: ok :(
<jamespage> Daviey: :-(
<uvirtbot> New bug: #849871 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/849871
<uvirtbot> New bug: #849893 in mailman (main) "package mailman 1:2.1.14-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/849893
<Daviey> jamespage: I just thought, it needs a minimal deb and a udeb, otherwise at build time - it's still going to link against the bloated library.
<jamespage> Daviey: specifically which library are you using in the install?
<jamespage> sorry - udeb
<Daviey> jamespage: libxmlprpc-core-c3-0, that pastebin i gave you, i went back one too many rev's
<jamespage> Yep - got that
<Daviey> jamespage: dang, it would be so much easier to just build this from a seperate source package, but not ideal.
<Daviey> jamespage: http://pb.daviey.com/GdAD/ , is a start.
<jamespage> anyway - eat then scratch head
 * jamespage lunch
<rbasak> Is there a beta1 server iso image?
<rbasak> I can't find one on cdimage
<Daviey> rbasak: http://releases.ubuntu.com/oneiric/
<rbasak> Thanks Daviey. I think I'm still as lost as ever!
<Daviey> heh :)
<tanathos> Hi, is there a way to scan port 25 to see if php sends emails?
<jamespage> Daviey: I don't think you can strip down the udeb any further
<jamespage> if you don't use one of libwww or libcurl - you don't get a client
<jamespage> and the other disable options are for other parts of the syse,
<pmatulis> tanathos: yes, use a packet sniffer like tcpdump
<jamespage> all of those other deps are pulled in by libcurl
 * jamespage goes to take a look there
<tanathos> thanks
<patdk-wk> tanathos, normally php doesn't send email via port 25, unless you programmed in smtp support yourself
<Daviey> jamespage: ah!
<jamespage> Daviey: which is a good example of how to build multiple versions of the same source code BTW
<soren> Daviey, jamespage: udebs? I hope we're not still talking about Jenkins? :)
<jamespage> now there is a thought....
<soren> Otherwise, what are you smoking^Wup to?
 * jamespage wonders whether libwww might be lighted on deps
<soren> What's it for?
<jamespage> its for the cobbler/orchestra hardware discovery/registration tool which runs from the installer
<jamespage> we need a udeb for xmlrpc-c to chat with cobbler
<jamespage> but ATM it uses libcurl3 which pulls in a load of other dependencies
<uvirtbot> New bug: #849943 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/849943
<zul> ewwww
<soren> jamespage: Can't you fake it with straight curl or wget?
<jamespage> soren: not sure - Daviey did you look at doing that first? ^^
 * soren does not quite remember how complex Cobbler's RPC protocol is
<Daviey> soren: generating xml via curl / wget isn't going to be clean
<soren> Yes? You're not making a very convincing argument. :)
<Daviey> using a token etc.. sure it's possible
<Daviey> The cleaner solution seemed to be to use a C library for this :)
<Daviey> soren: http://bazaar.launchpad.net/~davewalker/+junk/cobbler-enroll/files/6
<zul> my eyes they burn
<jamespage> Daviey: I think building a stripped down udeb for libcurl might be possible
<Daviey> jamespage: rocking, but unless i am mistaken it needs a libcurl3-minimal*.(deb,udeb) ; to build against aswell.
<jamespage> yep
<Daviey> soren: Fancy fixing nova/test.py to support skip'ing of classes? :)
<Daviey> it should be supported via unittest, but nova is hiding that functionality.
<zul> Daviey: i think soren has gone afk
<Daviey> bah
<RoAkSoAx> smoser: ping
<smoser> RoAkSoAx, yo.
<smoser> i was looking for you.
<smoser> :)
<smoser> so where do we stand? i dont particularly like the "manage-etc-hosts".
<smoser> i'd like the meta-data solution (populated by cobbler), or, save that, i think we could do a better job of getting a default hostname in cloud-init by explicitly parsing /etc/hosts.
<smoser> (as the installer will have, i think, written an entry in /etc/hosts with what you give it for hostname)
<RoAkSoAx> smoser: ok... but I was testing
<smoser> yeah, thats fine.
<smoser> and what did you find ?
<RoAkSoAx> smoser: and if we set a --hostname for a system (machine.domain.com) then the hostname and domain name are passed as kernel arguments
<RoAkSoAx> smoser: however, in the cloud init fix, you only fixed for hostname
<smoser> well, thats because domain name is non-determinable
<RoAkSoAx> smoser: that's why cloud-init keeps putting the domain name as ubuntudomian (or whatever cloud-init puts there)
<smoser> localdomain.
<smoser> the reason i booted on domainname is because the only thing i knew at the time to get it was running 'hostname -f'
<RoAkSoAx> smoser: right, but if we tell cloud init to *not* set the domain when it is not passed on the config (as done with the hostname), then cobbler will automatically set the hostname
<smoser> which explicitly says in the man page, DO NOT RELY ON THIS
<smoser> right. and that will work. i agree.
<smoser> but i think we have the chance to make cobbler look more like ec2, and i think we should take that chance.
<RoAkSoAx> smoser: yeah we have the chance, but IMHO, we should make cobbler set the domain name either way
<smoser> the problem we're trying to solve, though, that ensemble scripts use 'hostname -f' a lot, is really a problem.
<smoser> if you've not read that man page, you shoudl read it, basically thats a bad idea.
<smoser> :)
<RoAkSoAx> smoser: hehe yeah I read
<RoAkSoAx> smoser: but my point being is that regardless what type of integration we decide to do with cobbler, we should make sure that cobbler is able to set the domain name regardless of whether we are using cloud init or not, so that means, cloud init should not be changing the domain that's passed thru the kernel
<smoser> cobbler should be able to set the domain name, yes, and apparently it can. so i have a hard time arguing with your point, and thus the solution of 'manage-etc-hosts'
<smoser> i assume that in /etc/hosts of a provisioned system you have an entry for
<smoser>  127.0.1.1 <HOSTNAME> <FQDN>
<smoser> right?
<smoser> actually, its probably : 127.0.1.1 <FQDN> <HOSTNAME>
<RoAkSoAx> smoser: right, the domain is passed thru the kernel on the PXE file... which is the similar case as what happened with bug #838280 we just need to make sure that cloud-init doesn't change the hostname
<uvirtbot> Launchpad bug 838280 in cloud-init "Cloud-init overwriting hostname given to kernel on baremetal" [Medium,Fix released] https://launchpad.net/bugs/838280
<RoAkSoAx> smoser: let me check
<rbasak> What should the permissions/ownership of /var/lib/libvirt/qemu/? I think I've screwed mine up.
<smoser> $ ls -l /var/lib/libvirt/qemu -d
<smoser> drwxr-xr-x 5 libvirt-qemu kvm 4096 2011-09-12 19:59 /var/lib/libvirt/qemu
<rbasak> Hmm, that's what I have
<rbasak> I ran out of room in /var
<rbasak> So I moved /var/lib/libvirt to /home
<rbasak> And symlinked it
<rbasak> (stopping libvirt-bin and restarting it after)
<smoser> lxc ?
<rbasak> But now I'm getting permission issues with sockets not able to be created in /var/lib/libvirt/qemu
<rbasak> No just kvm
<smoser> no. duh. kvm.
<smoser> hm..
<rbasak> (using libvirt)
<smoser> i've seen other issues (lxc) with libvirt not liking symlinks
<smoser> oh
<smoser> i know why. i think
<smoser> it might be app armor related
<rbasak> Ah
<rbasak> Yes, there's stuff in /etc/apparmor.d/libvirt
<rbasak> (that refers to the old paths)
<RoAkSoAx>  q/win 3
<RoAkSoAx> errr
<smoser> RoAkSoAx, /etc/hosts ?
<rbasak> It looks like libvirt dynamically configures those files, and there's no configuration variable to set the path
<rbasak> So I might be stuck :-/
 * rbasak never expected to put virtual machines in /var
<rbasak> (they belong to me, not the system!)
<Daviey> rbasak: repossession of your /home.
<RoAkSoAx> smoser: re-deploying a system. will take ~5 minutes
<floown> hello
<floown> I have a problem to receive mails truth my Ubuntu server
<floown> # /usr/bin/mailq
<floown> mailq: fatal: bad string length 0 < 1: myhostname =
<floown> why I have this error please?
<rbasak> Daviey: :)
<jdstrand> when applying policy, apparmor resolves the symlinks. the that apparmor driver in libvirt uses realpath to avoid this problem
<floown> I have read and apply this tutorial http://www.howtoforge.com/perfect-server-ubuntu-11.04-ispconfig-3-p6
<jdstrand> you should look in /var/log/kern.log, dmesg or /var/log/audit/audit.log (if you have auditd installed) to see if you are getting apparmor denials. if not, then apparmor shouldn't be the problem
<iggi_> Hello,
<rbasak> jdstrand: thanks, I'm getting stuff like type=1400 audit(1316008945.990:24114291): apparmor="DENIED" operation="mknod" parent=1 profile="libvirt-32560cff-6b32-f675-d7cf-ba096875473e" name="/home/libvirt/qemu/oneiric-b1-test.monitor" pid=25261 comm="kvm" requested_mask="c" denied_mask="c" fsuid=133 ouid=133
<jdstrand> right-- so that is the monitor file
<rbasak> yeah, they all seem to be
<rbasak> For pre-existing machines it can't bind to the socket
<rbasak> For new machines it can't create the socket
<jdstrand> (as opposed to the disk, which uses realpath)
<rbasak> (incidentally, I see no socket)
<jdstrand> yes, you won't see the socket because apparmor stopped it
 * jdstrand looks at something
<iggi_> I seem to be having a problem with bonding in Ubuntu Server 11.04. I was able to get two NICs bonded, but every time I reboot the machine one of the NICs goes into 100mbit mode (they are supposed to be gig)
<jdstrand> rbasak: right, so that path is hard-coded by the monitor. moving all of /var/lib/libvirt somewhere else could cause a number of issues
 * Daviey wonders if the thing jdstrand has turned to look at, is the same thing that is concerning me.
<jdstrand> s/by the/for the/
<jdstrand> Daviey: it isn't. I am waiting for kees to come online
<smoser> RoAkSoAx, ... actually, platform.node() seems to be doing what i would have been doing.
<Jeeves_> iggi_: Are they different chipsets?
<rbasak> jdstrand: OK, thanks. It sounds like I can just move the images and symlink those, or if not I'll work around it. Thanks!
<jdstrand> rbasak: all you should really *have* to move is the /var/lib/libvirt/images directory
<iggi_> Jeeves_, Nope, both are the same and both are onboard
<rbasak> jdstrand: yep, I'm with you
<Jeeves_> iggi_: But to different switches?
<smoser> err.. ug. i cant tell now.
<iggi_> Jeeves_, both to the same switch, the swithc shows gig capability and auto negotiation on the port, but only 100mbit speed
<smoser> but sometimes it will give a fqdn.
<Jeeves_> iggi_: And if you switch the cables?
<jdstrand> rbasak: that said, if you must move everything, you can adjust /etc/apparmor.d/abstractions/libvirt-qemu for your paths. you are also allowed to edit the /etc/apparmor.d/libvirt/libvirt-<uuid> file
<iggi_> Jeeves_, that does pose a problem, since its an offsite machine, but it looks like that might be the next course of action
<jdstrand> rbasak: the /etc/apparmor.d/libvirt/libvirt-<uuid> file is autogenerated only if it doesn't exist
<smoser> so... i await access to your fresh installed box
<jdstrand> rbasak: but don't edit /etc/apparmor.d/libvirt/libvirt-<uuid>.files cause it is dynamically generated on vm start
<Jeeves_> iggi_: That's all I can think of,  really
<jdstrand> rbasak: so that is a lot of info! :) I recommend putting everything back in /var/lib/libvirt, then adjusting your domain xml to put the disks wherever you want
<rbasak> jdstrand: that's useful to know, thanks. Although I don't see any mentions of /var/lib/libvirt in /etc/apparmor.d/abstractions/libvirt-qemu, but moving everything but the images back seems to have worked
<RoAkSoAx> smoser: ok so /etc/hosts sets 127.0.0.1 fqdn hostname
<RoAkSoAx> smoser: and /etc/hostname is just hostname
<rbasak> (so I've symlinked /var/lib/libvirt/images -> /home/libvirt/images but not touched the other directories)
<smoser> RoAkSoAx, right it will always be.
<jdstrand> rbasak: no, there is no mention of /var/lib/libvirt in /etc/apparmor.d/abstractions/libvirt-qemu. that is because the libvirt driver dynamically adds the monitor for that machine to the dynamic profile
<smoser> so, i think cloud-inti could do a better job of falling back and not requiring network.
<RoAkSoAx> smoser: right, yes, I believe we should still go ahead with your suggestion on doing it throuhg ensemble/cobbler for cloud-init
<RoAkSoAx> smoser: however, we also need to make sure that cloud-init does not change what the kernel parameter is specifying
<iggi_> Jeeves_, I think you are right, looks like the link is bouncing, must be a bad cable.
<smoser> RoAkSoAx, i just don't like "kernel parameter is specifying"
<smoser> :)
<smoser> it makes it sound like there is a setting somewhere explicitly for fqdn
<smoser> when there is not.
<RoAkSoAx> smoser: there's a jhostname and a domain settings though
<smoser> what do you mean by domain settings ?
<RoAkSoAx> smoser append initrd=/images/oneiric-3-i386/initrd.gz  locale=  locale=en_US text priority=critical  auto url=http://192.168.123.2/cblr/svc/op/ks/system/node03 hostname=node03 domain=domain.com suite=oneiric
<smoser> hm.. i didn't realize that 'domain' would be specific. i thought you were just appending to hostname.
<smoser> http://paste.ubuntu.com/689237/ is what i think is reasonable to read /etc/hosts as a fallback.
<RoAkSoAx> smoser: nope, that's why I was saying, cloud-init needs to respect that
<smoser> well, its not *that* is what i disagree with
<rbasak> Now if only I could get the BIOS to PXE boot. It seems to be ignoring the boot options :-/
<smoser> cloud-init doesn't ever see *that*
<RoAkSoAx> smoser: I agree, but yet again, it should not change it
<smoser> in this specific situation, it would be ok to call 'hostname -f'
<smoser> but what i don't like about that is the randomness. so i think i  just parse /etc/hosts to avoid hostname doing network operations if it would
<RoAkSoAx> smoser: right, but that's why I'm saying, we can still use your approach to ensure that things are set correctly, but cloud-init should still respect what's passed to the kernel if no domain option has been passed to cloud-init
<Daviey> rbasak: failing that, you could use ipxe on non-arm hardware
<rbasak> Daviey: I'm starting off trying to get cobbler to build me an i386 server inside kvm
<rbasak> Daviey: (so I can find my way around cobbler and know it works)
<Daviey> rbasak: sounds wise
<Daviey> rbasak: RoAkSoAx is the king for that
<Daviey> smoser might have done it aswell.
<Daviey> and smoser probably did it without using sudo.
<smoser> well, i did it with being in libvirtd
<smoser> and libvirtd group == root
<smoser> so, it doesn't count.
<smoser> rbasak, if you just want to play with cobbler....
 * RoAkSoAx will brb
<smoser> cobbler-devenv is reasonable as a place to look at a working setup.
<rbasak> I seem to have broken it beyond where I was now. "Error starting domain: operation failed: failed to retrieve chardev info in qemu with 'info chardev'"
<rbasak> smoser: I added myself to libvirtd
<smoser> rbasak, that is coming from libvirt ? that error ?
<rbasak> smoser: Yes. I don't think I changed anything. I've only been fiddling with the BIOS boot options in the guest
 * rbasak has tried restarting libvirt-bin
<smoser> rbasak, i
<smoser> i'm not sure what is going wrong. is libvirt actually trying to start qemu/kvm ?
<smoser> you should get a kvm.log somewhere from libvirt that might have some info
<rbasak> aha
<rbasak> kvm: -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:bc:56:31,bus=pci.0,addr=0x3: pci_add_option_rom: failed to find romfile "pxe-virtio.bin"
<rbasak> So I did actually persuade it to pxe boot :)
<jamespage> Daviey: I think this is just about as small as I can make it: http://paste.ubuntu.com/689248/
<Daviey> jamespage: that is ldd of cobbler-enrol ?
 * rbasak installs kvm-pxe
<Daviey> rbasak: nooooooo
<Daviey> rbasak: use ipxe
 * rbasak purges kvm-pxe!
<jamespage> Daviey: nope - thats libcurl
<Daviey> jamespage: ok, rocking - thanks!
<jamespage> so we would need udeb's for curl,xmlrpc-c, and libidn
<rbasak> Actually that didn't help anyway, same problem. I suspect that a missing rom might be why it wasn't doing the booting but I think my info chardev error is a separate issue
 * rbasak investigates further
<jamespage> feels really messy tho.
<Daviey> jamespage: if it compiles, shit it - is my mantra.
<Daviey> erm, ship it.
<Daviey> jamespage: really odd that we /need/ libidn.. :/
<jamespage> difficult bit is how to make xmlrpc-c use the right version of libcurl - i.e. minimal
<jamespage> otherwise we disable xmlrpc over a load of other protocols
<jamespage> bah
<Daviey> jamespage: libcurl isn't installed by default.. so if there is a new binary package, there is no impact.
<jamespage> not sure I understand - or maybe phrased my concern correctly
<Daviey> jamespage: Hmm. I understood your concern to be, if both variants, fat and thin are installed concurrently?
<Daviey> that can't (or mustn't) happen
<Daviey> Conflicts :)
<jamespage> Daviey: lemme just gather my thoughts
<caribou> This is not specific to the Server version, but has more impact on Server : Does someone knows why makedumpfile has become dynamically linked b/w Maverick and Natty ?
<caribou> This renders kdump totally useless in Natty & Oneiric
<jamespage> Daviey: so xmlrpc-c Build-Deps on libcurl3-openssl-dev
<jamespage> We are proposing a libcurl3-minimal-dev + others; but thats pretty ugly for xmlrpc-c as switching the dependency will reduce what it can do?
<Daviey> jamespage: Ah
<Daviey> i see what you mean
<jamespage> well at least I think thats the case
<jamespage> I guess we could have another source package to build xmlrpc-c and hold two in the archive -one to provide the udeb
<jamespage> and one as its
<jamespage> /its/is/
<jamespage> or we could do the udebs for the normal version of curl
<Daviey> udebs for the nomral version oulls in ldap and kerbos, no?
<jamespage> yes
<robbiew> Daviey: yo!  what's up with the ARM netbook for rbasak?
<Daviey> robbiew: I posted him the pandaboard, as that seemed more appropriate.
<Daviey> robbiew: I thought we did dicuss this?
<robbiew> we did...I though both was being sent...no big deal...I just knew you used yours for a picture frame
<robbiew> or something
<robbiew> lol
<Daviey> robbiew: hah.. no, that isn't true.
<Daviey> The netbook was more concerning to me, as i know it has my ssh and gpg key on it.. and i wasn't entirely sure just a rm was enough to stop rbasak retrieving it.
<Daviey> :)
<rbasak> :-P
<smoser> RoAkSoAx, ok. so i think, this time for sure , that i have a good solution.
<smoser> could you please try: http://paste.ubuntu.com/689276/
<smoser> just run that on your installed node
<smoser> and it should basically give the same thing as 'hostname -f' but without consulting dns
<jamespage> Daviey: think I can get rig of IDN as well
<jamespage> rig/rid
<jamespage> typing bad today
<Daviey> jamespage: Oh goody
<jamespage> Daviey: still think we will need a xmlrpc-minimal source package tho
<Daviey> jamespage: I think you might be right :/
<lynxman> smoser: ping
<smoser> lynxman, here.
<RoAkSoAx> smoser: conference call at the moment
<RoAkSoAx> smoser: where will that go?
<smoser> into cloud-init. then it will fall back to using that if no local-hosname
<RoAkSoAx> ok cool
<TheEvilPhoenix> can anyone recommend some kind of web-based administration tool for an ubuntu-server?
<TheEvilPhoenix> something like webmin but not
<TheEvilPhoenix> because webmin is evil
<jmarsden> !ebox
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<jmarsden> TheEvilPhoenix: Try Zentyal... but the real answer is to learn to admin a server using SSH and a shell :)
<TheEvilPhoenix> jmarsden:  indeed, which I know how yo do.  I still want the actual GUI part (for quick tasks for which initiating an entire SSH connection isnt worth it)
<robbiew> SpamapS: yo...so I can defer this, right? -> https://blueprints.launchpad.net/ubuntu/+spec/server-o-postfix-enhancements
<rbasak> How do I point kvm/libvirt at an ipxe rom? I can see /usr/share/qemu/pxe-virtio.rom but no idea how I'm supposed to add it
<robbiew> hallyn: I'm thinking this can be punted to P with possibly tyler helping? -> https://blueprints.launchpad.net/ubuntu/+spec/server-o-ecryptfs-testsuite
<SpamapS> robbiew: I suppose so.
 * robbiew pulls his leg back...and punts!
 * SpamapS admires the hangtime
<rbasak> It does seem as if I have /usr/share/qemu/pxe-virtio.rom but qemu is looking for /usr/share/qemu/pxe-virtio.bin
<hallyn> robbiew: sounds good to me
<robbiew> hallyn: cool, thx
<hallyn> rbasak: can you (a) switch to ipxe for the moment, and (b) file a bug for kvm-pxe?
<rbasak> Aha!  "ln -s pxe-virtio.rom pxe-virtio.bin" in /usr/share/qemu fixed it
<hallyn> rbasak: qemu recently switched
<hallyn> rbasak: kvm-pxe didn't get updated bc it's deprecated
<hallyn> but we should updated it of course until it gets removed (even though it's in universe) or switched to using ipxe sources
<rbasak> hallyn: I'm using ipxe; dpkg -S /usr/share/qemu/pxe-virtio.rom reports it's owned by ipxe
<hallyn> rbasak: oneiric?
<hallyn> that should have been updated
<rbasak> hallyn: yes oneiric, ipxe	1.0.0+git-2.149b50-1ubuntu1 which seems to the latest that rmadison sees
 * hallyn looking
<hallyn> d'oh!  I thought Daviey had pushed that debdiff for ipxe
<hallyn> hm, he did
 * Daviey wonders if he is in trouble
<rbasak> Shall I leave it with you? The symlink will do me for now.
<rbasak> (or would you like a bug?)
<hallyn> rbasak: please do file a bug if you don't mind
<Daviey> hallyn: What is the problem?
<rbasak> Daviey: ipxe drops in /usr/share/qemu/pxe-virtio.rom but qemu is looking for /usr/share/qemu/pxe-virtio.bin
<hallyn> Daviey: I think I got confused with the .bin vs .rom .  Was it only qemu 0.15 that switches?
<utlemming> rbasak: so, I successfully booted the OMAP kernel into qemu
<rbasak> utlemming: cool!
<utlemming> rbasak: I'm thinking that by tomorrow or Friday, we should qemu-able images being generated daily
<utlemming> rbasak: I have a repeatable way of generating the disk format which includes uboot, etc
<rbasak> utlemming: excellent!
<hallyn> Daviey: yeah, so ipxe/debian/ipxe.links needs to switch back to being .bin not .rom for all
<utlemming> rbasak: my problem is that I was using the OMAP4 uboot instead of the OMAP3, which was causing the kernel to be loaded in the wrong memory address space
<hallyn> unless we quickly push qemu 0.15 :)
<Daviey> hallyn: Having smoke 0.15, i wouldn't block that - but you need to be able to handle any technical issues that might arise.
<Daviey> As in, do you have enough capacity?
<hallyn> Daviey: we trust that upgrades will be coherent, and only have *.bin,
<hallyn> Daviey: or should ipxe just create both *.bin and *.rom?
<hallyn> Daviey: well, as I've said, I was using it for weeks on my laptop with no issues, so I'm pretty confident.  But no I don't have much spare time if things go kerblooy
<rbasak> hallyn: https://bugs.launchpad.net/ubuntu/+source/ipxe/+bug/850154
<uvirtbot> Launchpad bug 850154 in ipxe "qemu cannot find ipxe roms" [Undecided,New]
<Daviey> hallyn: yeah, i was using it the other day - and it 'seemed' to work for me ok.. but yes, the kicker is the fallout.
<rbasak> hallyn: you might as well symlink them during a transition period so both *.bin and *.rom work I suppose.
<Daviey> hallyn: hmm, do we need symlinks for both
<Daviey> ?
<hallyn> Daviey: http://people.canonical.com/~serge/ipxe-bin.debdiff
<hallyn> no, we only need symlinks for one or the other.
<hallyn> rbasak: thanks
<Daviey> smoser: Have you sponsored a package yet?
<hallyn> he sponsored one for me :)
<hallyn> libcgroup iirc
<Daviey> hallyn: you should be able to do your own signing :)
<Daviey> hallyn: did you miss off the # for the bug closure on purpose?
<hallyn> Daviey: oh, no.  I had it as '######' until rbasak hadned his bug over, then i converted it badly :)
<hallyn> Daviey: i'm still waiting for pkg to build for a test, just to make sure
<Daviey> k
<hallyn> i don't know wtf is going on with my apt-cache.  slow right now
<hallyn> oh, maybe it got corrupted with my unscheduled poweroff
 * rbasak pulled the power on his laptop this morning. With no battery inserted :-/
<hallyn> all i can figure is mine got too hot
<hallyn> Daviey: updated http://people.canonical.com/~serge/ipxe-bin.debdiff . tested, works fine
<hallyn> Daviey: don't know what you want with 'my own signing'.  Of course I signed it, but debdiff doesn't carry that...
<Daviey> hallyn: sorry, i mean sign and dput :)
<Daviey> (signing a package that you are not uploading seems overkill anyway :)
<Daviey> smoser: Fancy reviewing and sponsoring hallyn's debdiff?
<hallyn> Daviey: you think I have upload rights to that???
<smoser> oksurefine
<Daviey> hallyn: no, but you /should/ have upload access.
<Daviey> hallyn: incidently, you do have upload access to etherboot :/
<hallyn> yes but it is obsolete :)
<hallyn> Daviey: yes, i'll try to get on the schedule for server upload rights in the next 2-3 weeks
<Daviey> hallyn: cool.
 * Daviey afk's
 * koolhead17 is singing juju juju juju !!!
<pmatulis> black juju?
<TheEvilPhoenix> !offtopic
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<Ursinha> TheEvilPhoenix, juju is totally ontopic :)
<koolhead17> Ursinha: +1
 * koolhead17 looks at TheEvilPhoenix
<Ursinha> if you don't know, you might! :) -> juju.ubuntu.com
<koolhead17> http://twitter.com/#!/Canonical/status/113985182066937856
<koolhead17> hehehe Ursinha :) when did this happen? and is channel name changed too?
<Ursinha> koolhead17, happened today, it seems :)
<Ursinha> the channel question I don't know
<Ursinha> koolhead17, #juju has server people in it, #ensemble is empty, so I guess it's a yes :)
<koolhead17> Ursinha: am allready there :D
<talntid> anyone here think it's a decent idea, to store logfiles on a seperate server? every once in a while, my logfiles fill up my filesystem....
<talntid> I have a virtualized environment, and 20 VM's...
<talntid> I could start a log server, and nfsmount the logdir to the log server... ?
<Ursinha> talntid, well... I'd rsync the logs every once in a while
<Ursinha> might be safer
<Ursinha> write locally then copy over
<talntid> problem is, they have the ability to fill the filesystem pretty quickly..
<talntid> from yesterday to today, i got 6.8gb of logs.
<pmatulis> talntid: a log server is an old concept, you configure each log source by pointing it to the server
<talntid> on just my webserver
<pmatulis> talntid: you don't mount anything, it's built in to the log system
<rbasak> I seem to have debian-installer exiting immediately and stuck in a loop because init keeps restarting it. Using a preseed file via cobbler. Is this likely to be a problem with my preseed?
<Ursinha> pmatulis, how is that?
<Ursinha> cool
<talntid> syslogd?
<pmatulis> talntid: we use rsyslog for a while now
<talntid> when an application (apache, for example) asks for a logdir.. doesn't it write directly there?
<pmatulis> talntid: see for a starter: http://www.rsyslog.com/sending-messages-to-a-remote-syslog-server/
<pmatulis> talntid: apache is special, it has it's own logging system. maybe you can forward its messages too, i'm not sure
<pmatulis> talntid: rsyslog is pretty powerful for remote logging, you can drop low priority messages if there are too many to handle, for instance
<pmatulis> talntid: can also go directly into a d/b like mysql or postgresql
<talntid> hmmm
<talntid> the issue is never with the system logs...
<talntid> always with apache or asterisk
<pmatulis> talntid: well, asterisk should be an issue.  as for apache:
<pmatulis> http://www.google.com/search?client=ubuntu&channel=fs&q=rsyslog+remote+apache+logs&ie=utf-8&oe=utf-8
<pmatulis> *asterisk should not be...
<talntid> roger that
<rbasak> No joy with the default cobbler preseed on beta 1 either :-(
<koolhead17> rbasak: what is the issue
<smoser> RoAkSoAx, bug 850206
<uvirtbot> Launchpad bug 850206 in cloud-init "cloud-init should try harder to get domainname in fallback case" [Undecided,In progress] https://launchpad.net/bugs/850206
<rbasak> koolhead17: I think the issue is that I'm booting a normal kernel inside kvm, so it can't find any disks. Is there a standard way to tell cobbler that I want the virtual kernel image? I can't seem to find anything other than a generic image in what cobbler has imported into /var/www/cobbler.
<koolhead17> rbasak: https://help.ubuntu.com/community/Cobbler
<rbasak> koolhead17: I could be wrong, what I'm seeing is that debian-installer keeps dying and being restarted by init.
<rbasak> koolhead17: yeah I'm using that
<koolhead17> so you have a profile ready with you and Vm on same network with boot from network enabled?
<rbasak> koolhead17: yes, and it pxe boots ok and goes into the installer
<rbasak> koolhead17: it's the preseed that seems to fail after that, at this stage debian-installer goes into a restart loop
<rbasak> (after the installer has downloaded udebs)
<rbasak> I think it's a partman issue
<rbasak> and /proc/partitions is empty
<rbasak> It's in kvm so I would expect to see a /dev/vda
<koolhead17> rbasak: read the cobbler profile parameters your passing
<koolhead17> and let pressed do auto partitioning
<uvirtbot> New bug: #850205 in lxc (main) "lxc-clone drops hostname" [Undecided,New] https://launchpad.net/bugs/850205
<uvirtbot> New bug: #850206 in cloud-init "cloud-init should try harder to get domainname in fallback case" [Undecided,In progress] https://launchpad.net/bugs/850206
<koolhead17> or to be precise dont use pressed file for first VM see how installation is happening, if its going well then introduce preseed and play with it :)
<RoAkSoAx> smoser: cool,.t hanks!
<Alison_Chaiken> Morning all.    I want to spin up a Lucid AMI in EC2 and save the result of my work in EBS.   I am confused because the list of AMIs on Canonical's website does not match what I see offered at amazon.com.
<adam_g> RoAkSoAx: if metadata is generated outside of the orchestra provider, where is it going to come from?
<RoAkSoAx> adam_g: meta-data is not really generated outside. It actually comes from the provider
<adam_g> RoAkSoAx: currently it does, but the plan is to gut that and only provide cobbler with the user data to parts of the ks late command, no?
<smoser> Alison_Chaiken, can you elaborate on that ?
<RoAkSoAx> adam_g: it is not "really" as it grabs the UUID from cobbler and just creates the late command to pre-populate it
<RoAkSoAx> adam_g: yes, the idea is only to pass user-data in base64 and we will store that into a ksmeta variable, which will be used on a late_command
<RoAkSoAx> adam_g: and leave cobbler to provide the meta-data itself
<adam_g> RoAkSoAx: the uuid ends up as metadata in /var/lib/cloud/seed/nocloud-net
<Alison_Chaiken> smoser, I want to run a build system on Lucid.    I'm comparing https://console.aws.amazon.com/ec2/home?region=us-east-1#s=Images with "ebs/ubuntu-images/ubuntu-lucid-10.04-amd64" in the search box tohttp://cloud-images.ubuntu.com/lucid/20110913/
<RoAkSoAx> adam_g: and the meta-data has the UUID of a system as instance-id
<adam_g> RoAkSoAx: ok, so thats my question.. where does the meta-data itself come from, if not from juju?
<RoAkSoAx> adam_g: meta-data only contains instance-id which *is* the UUID of a *cobbler* system
<Alison_Chaiken> I was going to use the ubuntu.com site as a guide to pick the right AMI, but none of the ubuntu.com AMIs appear to be available from EC2 at the moment.
<RoAkSoAx> smoser: I was thinking on maybe also using a python module to obtain the meta-data, what do you think? (I'm already using an orchestra python module to do some stuff with keys I generate for rsyslog)
<Alison_Chaiken> Filling the search box as I have lists 8 AMIs on EC2, and I can't figure out how to choose among them.
<smw> Alison_Chaiken, cloud.ubuntu.com/ami
<Alison_Chaiken> The owner of all is 099720109477, which is Canonical?
<smw> Alison_Chaiken, choose the ebs ami in the region you want.
<Alison_Chaiken> http://cloud-images.ubuntu.com/ami is 404 for me.
<smoser> Alison_Chaiken, http://askubuntu.com/questions/53582/how-do-i-know-what-ubuntu-ami-to-launch-on-ec2/53586#53586
<Alison_Chaiken> So smw, all 8 are the same?
<Alison_Chaiken> Thanks smoser, I'll look.
<smw> Alison_Chaiken, what about cloud.ubuntu.com/ami?
<rbasak> koolhead17: yeah, I was going to try and rip out the preseed next if I can figure out how (since the whole point of cobbler is to use one, it's there by default). I need to go now but I'll carry on tomorrow - thanks for your help!
<Alison_Chaiken> Aha, ami-63be790a is on both ubuntu.com and EC2!    Thanks you guys.
<smw> Alison_Chaiken, is it ebs backed? (can you make a micro instance?)
<Alison_Chaiken> smw, this is my first use of EC2, and I don't know what a micro instance is.   EBS-backed, apparently.
<smw> Alison_Chaiken, good. Many people start out without ebs-backed instances and it does not hurt them until much later.
<Alison_Chaiken> "ebs" is in the image name, so as a n00b, I think it must be backed.
<smw> Alison_Chaiken, sounds good :-)
<Alison_Chaiken> As soon as I finish my build, I'll stop the instance and make sure it's still there right away.
<smw> Alison_Chaiken, if you have the option to stop the instance it is the right one ;-)
<skrite> hey all
<skrite> hey all, i am looking for a simple to use means to view data bytes as they come in on a TCP socket.
<RoAkSoAx> adam_g: btw.. i'll be changing everything to juju as well
<RoAkSoAx> in the orchestra side of things
<jdstrand> Daviey: kees and I talked. please see my comment in the bug
<MasterRoot> hello all, does anyone know if mdadm will allow a RAID5 array to be migrated to a RAID0 array, or would I need to recreate the array?
<cloakable> MasterRoot: recreate
<cloakable> RAID5 is nothing like RAID0 at the disk level
<MasterRoot> cloakable: I see, no problem. Thanks for confirming it for me :-)
<Alison_Chaiken> smw, I've just been reading FAQ about "stop" vs. "terminate" and take your point.   Thanks again for your *helpful* advice.
<Alison_Chaiken> I'm still a bit puzzled by the security groups.    Presumably the apt-gets I need to do are TCP, but what ports do I have to have open for them to work?
<Alison_Chaiken> The security groups configures inbound access, so maybe closing all ports but ssh won't affect apt-get, as the request will be initiated inside the VM?
<hazmat> Alison_Chaiken, access to external systems from an ec2 host are always fine.. security groups are inbound traffic filters
<smw> Alison_Chaiken, you can get more help with Amazon specific stuff at #ubuntu-cloud and ##aws
<Alison_Chaiken> Right hazmat, so my instance can always download files from other places, as long as it initiates the request it's considered "outbound"?
<Alison_Chaiken> Thanks, smw.
<hazmat> Alison_Chaiken, yes.. assuming its external to ec2.. if its too another ec2 host, then the other host's security groups come into play
<uvirtbot> New bug: #850309 in libvirt (main) "libvirt fails to autostart VM attached to a bridged port" [Undecided,New] https://launchpad.net/bugs/850309
<Alison_Chaiken> Thanks hazmat.    I'm going to launch!
<jj995_> hi all, I'm trying to migrate my NIS master to a new server.  I was reading the section "Chaning NIS master servers" in O'Reilly's Managing NFS and NIS, but the instructions aren't working (they seem outdated).  Any suggestions?
<cr3> out of curiosity, I'm imagining it might be useful to have postgresql (or any database for that matter) running in the cloud where the data would reside in ebs. in such a case, should mounting, creating filesystem, configuring postgresql, etc. be handled by something like cloud-init and/or ensemble?
<cr3> smoser: ^^^
<hltan> hey has anybody got "sudo iptables -A OUTPUT -m owner --gid-owner fn -j DROP" to work?
<hltan> exit
#ubuntu-server 2011-09-15
<smoser> cr3 is gone, but ask again tomorrow.
<b0gatyr> join #windows-server
<the_fool> Hi, i'm working on setting up a friend with ubuntu, but I can't seem to get the wireless up and running, it looks like the driver is good, but i'm no expert - anyone willing to walk me through this? Thanks
<avoine> the_fool: join the #ubuntu channel and I will help you there
<cjs226> I'm having a problem with shutdown and reboot not waiting for a shutdown script to complete. Â i verified it's being run. Â i assumed the system would wait for each K script to complete. Â is this not the case?
<avoine> cjs226: I think it kill scripts after a certain time, I'm not sure
<avoine> cjs226: the timeout is 5 seconds by default -> http://upstart.ubuntu.com/cookbook/#kill-timeout
<cjs226> ah, that explains it.  THANKS!
<SpamapS> cjs226: when you say the "K" scripts .. what # is it receiving in /etc/rc0.d ?
<SpamapS> cjs226: there is definitely no timeout for those scripts.. they are run one after the other
<cjs226> i have it as K01 in rc0, 2 and 6
<cjs226> what's the best procedure to impliment an app's shutdown script such that it has time to shutdown gracefully.  for me i need a minute and a half
<SpamapS> cjs226: it should work to just have the K script in there
<SpamapS> cjs226: note that it needs an S script in the previous runlevel as well, or it won't be killed as the system won't think it was running
<cjs226> spamaps: ok, i'll test that, thx
<SpamapS> cjs226: typically the defaults given to a script by update-rc.d work fine
<SpamapS> cjs226: note that if you switch to an upstart script, you want 'stop on starting rc RUNLEVEL=[016]'
<SpamapS> otherwise the system will only wait about 10 seconds for it to stop
<SpamapS> (known bug)
<SpamapS> cjs226: good luck
 * SpamapS signs off for a bit
<cjs226> thx, appreciate it!
<uvirtbot> New bug: #850587 in cloud-init (main) "cloud-init fails to install if /tmp directory is noexec" [Undecided,New] https://launchpad.net/bugs/850587
<sbeattie> Daviey: FYI, update-notifier-common (which lets you know you need to reboot your server in motd) used to be in the default server install in lucid http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.lucid/server, but got dropped for maverick and later.
<sbeattie> Daviey: are you sure that it should have been dropped?
<ujjain1> do I need to run seahorse with sudo to use it? and I get a gnome-keyring communication failure error.
<Corey> Like an idiot, I just blew away the squid init script (/etc/init.d/squid).  How do I get apt / aptitude to reinstall it?
<lifeless> sergevn: is it bad that rmmod iwlagn inside a container removes the module successfully ?
<lifeless> sergevn: sorry, wrong serge ;)
<lifeless> hallyn: is it bad that rmmod iwlagn inside a container removes the module successfully ?
<ScottK> Corey: sudo apt-get purge squid then sudo apt-get install squid and you'll get it back.
<WinstonSmith> what about dpkg-reconfigure? wouldn't that do the trick?
<ScottK> No.
<ScottK> When you manually remove the file, dpkg will assume that means you didn't want it until you purge and then it forgets you did that.
<soren> lifeless: You need to drop the sys_module capability.
 * soren runs off for a half hour or so
<Corey> ScottK: Thanks.  Unfortuantely as it turns out this is Ubuntu 6.xx, so those packages aren't available anymore.  Whoops.
<ScottK> Corey: They are on old-releases.ubuntu.com
<ScottK> You really should upgrade though.
<ScottK> You'll just need to adjust /etc/apt/sources.list to point at it.
<Corey> ScottK: Not my choice.
<ScottK> OK.
<Corey> ScottK: And thanks. :-)
<ScottK> You're welcome.
<Corey> ScottK: Unfortunately the client's preferences eclipse my own.
<ScottK> I know how that is.
<ScottK> They should hire me to tell them they're wrong.
<ScottK> ;-)
<Corey> ScottK: They've already done that with me. ;-)
<Corey> ScottK: Mind if I ask what your contribution was that got you Ubuntu membership?
<ScottK> Development.
<ScottK> It was also in 2007, so things have changed a bit.
<lifeless> soren: probably dhouldn't be on by default :)
<uvirtbot> New bug: #338766 in vm-builder (universe) "vm-builder should support proxy servers" [Wishlist,Fix released] https://launchpad.net/bugs/338766
<uvirtbot> New bug: #850672 in nut (main) ""port = auto" does not work with bcmxcp_usb (powerware 5115)" [Undecided,New] https://launchpad.net/bugs/850672
<soren> lifeless: How are you running your containers?
<soren> lifeless: Using libvirt or lxctools?
<lifeless> soren: lxc-start ...
<Nafallo> hi. who handles php these days? :-)
<lifeless> Nafallo: noone :) </troll>
<Nafallo> lifeless: heh
<Nafallo> I had to "upgrade" to the packages from sid on an oneiric server yesterday because our php5-sqlite only has sqlite3 support :-P
<Nafallo> and sid had a different ABI
<soren> lifeless: bug 850687
<uvirtbot> Launchpad bug 850687 in lxc "Should disable cap_module by default" [Undecided,New] https://launchpad.net/bugs/850687
<lifeless> thanks :)
<soren> Nafallo: And what did you need (if not sqlite3)=
<soren> ?
<Nafallo> soren: sqlite
<Nafallo> (sqlite2)
<soren> I had no idea anyone still used that for anything.
<Nafallo> roundcube wanted it at the very least ;-)
<lifeless> probably pastebin.ubuntu.com
<soren> Nafallo: I've only ever used roundcube with MySQL :-/
<Nafallo> I bet there are more things, but it took me a good while to figure out and "work around" it :-P
<soren> lifeless: If it helps at all, libvirt does it correctly (removes CAP_SYS_MODULE).
<lifeless> soren: cool
<lifeless> soren: [it doesn't, but cool]
<Daviey> Nafallo: Erm, i thought it was an effort this cycle for us to remove sqlite support?
<Daviey> Or at least, get it out of main
<Nafallo> Daviey: well, not haivng a working roundcube-sqlite package would be a regression :-)
<Daviey> Nafallo: Sure, fancy fixing roundcube?
<Nafallo> Daviey: I tried to find out if I could convince it to use sqlite3 yesterday, and restorted to upgrading from sid.... just saying.
<Nafallo> I'd rather have php5-sqlite in universe with libsqlite dependency (if main is the reason we can't have working things)
<Nafallo> alternatively we could have php5-sqlite and php5-sqlite3
<Daviey> Nafallo: I think you are calling for php5-sqlite to be a seperate source package.
<Nafallo> having php5-sqlite being only sqlite3 wasn't helpful :-P
<Nafallo> source/binary.. whatever works.
<uvirtbot> New bug: #850687 in lxc (main) "Should disable cap_module by default" [Undecided,New] https://launchpad.net/bugs/850687
<Daviey> Nafallo: fancy trying http://www.roundcubeforum.net/3-news-announcements/12-general-discussion/4954-making-sqlite-3-x-work.html , but see if you can avoid using pear?
<Daviey> Although, why you'd use sqlite over mysql is a mystery to me :)
<Nafallo> Daviey: I fancy a working setup OOTB. that's why I run Ubuntu.
<Daviey> Nafallo: Hang on, you use the development release of Ubuntu to have stability. You are doing it wrong,
<Daviey> I assumed you were running the development version to help fix issues before release.
<Nafallo> and since it took me half a year to get round to setting up a new VM and install roundcube, not in a 11.10 timeframe ;-)
<Nafallo> Daviey: yes. issues like the one I ran into and that we are talking about :-)
<Nafallo> I always try to run the development version when and where it's convenient for me to do so
<uvirtbot> New bug: #850690 in samba (main) "package samba-common 2:3.5.4~dfsg-1ubuntu8.4 failed to install/upgrade: there is no script in the new version of the package - giving up" [Undecided,New] https://launchpad.net/bugs/850690
<Daviey> Nafallo: Sorry.. Looks like you are sad out of luck then.. Happy to help you fix this issue, but we don't have the time to fix it for you.
<Nafallo> right. okay.
<Nafallo> the issue is obviously one created by Ubuntu, since Debian doesn't have this problem, but yeah... I won't get much done by whining about this here :-)
<matti> a3:)
<matti> ;)
<matti> Ops.
<matti> Hey Nafallo
<Nafallo> hi matti
<koolhead11> hi all
<Daviey> Nafallo: you have been around long enough to know how this works :).. Have you even raised a bug?
<Nafallo> Daviey: yes, and I plan to do so again ;-)
<Daviey> Nafallo: What is the bug number?
<Nafallo> Daviey: sorry, but I tend to discuss before raising them. it is currently scheduled for this evening when I get home from work.
<Daviey> Nafallo: Okay, give me a ping when there is a patch attached... and we'll get it fixed!
<Daviey> rocking.
<jamespage> Daviey: udeb work - libcurl3-minimal-udeb looking OK - going to look at xmlrpc-c-minimal today
<jamespage> (and good morning BTW)
<Nafallo> Daviey: didn't say I'd get time to do any patching mate...
<Daviey> Gooooood Morning jamespage
<Daviey> jamespage: You sir, are a life saver.
<Daviey> Nafallo: Oh sure, branches are equally as good.
<koolhead11> hey Daviey jamespage
<lynxman> morning all o/
<Daviey> hey koolhead11 & lynxman
<jamespage> morning koolhead11, lynxman
<lynxman> Daviey, jamespage o/
<koolhead11> Daviey: so we have to wait for Debian guys to fix the dbconfig bug!! :D
<Daviey> koolhead11: oh noes.. What one?
<koolhead11> Daviey: https://bugs.launchpad.net/debian/+source/dbconfig-common/+bug/807038
<koolhead11> :D
<uvirtbot> Launchpad bug 807038 in dbconfig-common "dbconfig-common fails to preseed phpmyadmin on natty/lucid" [Medium,New]
<Daviey> looking
<Daviey> grr
<koolhead11> :)
<rbasak> koolhead11: From yesterday, the problem seems to be that my machine inside kvm doing netboot off oneiric server b1 isn't picking up a virtio disk, so it is giving me an iscsi option only
<rbasak> Is this expected - is there a different image I'm supposed to be using?
<koolhead11> rbasak: no there is no saperate image for KVM AFAIK
<koolhead11> rbasak: i would suggest check KOAN as well
<rbasak> koolhead11: AIUI, doesn't koan only help if I already have a machine installed?
 * rbasak tries using a SCSI bus instead
<koolhead11> rbasak: i would suggest please check it. As i have not worked on/with KVM i have tried cobbler for my physical machines.  It be great if after the test you will blog about the same. :)
<jamespage> hmm - tomcat6 is not in the ubuntu-server packageset - how odd....
<jamespage> rbasak: you need RoAkSoAx - he demoed  what you are trying todo at UDS-O
<koolhead11> jamespage: +1 yeah :D
<koolhead11> jamespage: even there is no openjdk-6-jre which jenkins depends on :(
<Daviey> smoser also worked on doing it slightly differently.
<jamespage> koolhead11: in oneiric? it depends on default-jre-headless which should pickup the right java
<Daviey> rbasak: check out lp:~smoser/+junk/cobbler-devenv
<Daviey> The how-to might be of use.
<jamespage> Daviey: any chance you could sponsor https://code.launchpad.net/~james-page/ubuntu/oneiric/tomcat6/CVE-2011-3190/+merge/75495 - whilst I work on xmlrpc-c-minimal
<uvirtbot> jamespage: Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190)
<koolhead11> jamespage: so i should not install openjdk-6-jre on my oneiric clients ?
<jamespage> koolhead11: sorry - are you talking about jenkins slaves or a jenkins master?
<koolhead11> jamespage: slaves :D
<jamespage> koolhead11: try the jenkins-slave package - it installs the right bits for you
<jamespage> supports both running via SSH from the master OR starting up locally and connecting to the master server
<Daviey> jamespage: Have a call starting now, but right after - sure
<koolhead11> jamespage: is it in the ISO, base pkg ?
<jamespage> koolhead11: nope - jenkins is all in universe
<koolhead11> jamespage: ok :(
<koolhead11> i don`t have internet at time am running cobbler. seems like i have to do this just after machine gets provisoned
<koolhead11> i have simple ISO of oneiric which feeds as repo for me
<koolhead11> anyways am back to my LDAP love, catch you guys later.
<Daviey> LDAP 'love'?  Hmm, i'm yet to find that.
<memoryleak> hi
<rbasak> It seems that both virtio and scsi don't work for cobbler+kvm - but ide emulation is OK
<jamespage> Daviey: how do we test all this new udeb stuff?
<Daviey> jamespage: give me 10, then we'll chat
<jamespage> Daviey: OK  - I have a minimal xmlrpc with udeb working as well now
<jamespage> all looks OK but it needs review
<soren> jamespage: Where can I see it?
<jamespage> soren: all branches attached to bug 831496
<uvirtbot> Launchpad bug 831496 in Ubuntu Oneiric "[FFe] Add cobbler enrollment support to server cd image" [High,New] https://launchpad.net/bugs/831496
<jamespage> I've uploaded xmlrpc-c-minimal (NEW) and curl to ppa:james-page/discovery
<uvirtbot> New bug: #850771 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/850771
<Daviey> jamespage: Fancy a call?
<jamespage> Daviey: one moment
 * Daviey holds himself.
 * Daviey gets on with stuff.
<jamespage> Daviey: OK now
<jamespage> Daviey: ldd cobbler-enrol - http://paste.ubuntu.com/689885/
<jamespage> I've just uploaded cobbler-enrol to ppa:james-page/discovery
<jamespage> I might suggest that we move all of the branches to a team location so we can both work on them
<jamespage> hmm   I'd test but I'm not near my cobbler system
<jamespage> Daviey: I know this is targetted to the ISO but it should be possible todo the same thing from a network PXE boot as well?  Could be a menu option for unregistered systems from cobbler
<Daviey> jamespage: that is the honest primary purpose.
<jamespage> coolio
<Daviey> cobbler sending a preseed value for these debconf questions down the wire
<smoser> rbasak, most certainly any server kernel we have should support virtio disk
<smoser> most likely as modules... maybe you had an out of date iso that you booted from, which would mean the installer does not find a matching kernel module package
<rbasak> smoser: Ah, I see - so the installer looks for a kernel module package in the archive that matches the image it is using?
<smoser> yes.
<smoser> but it does give a reasonable error
<rbasak> I'm using the b1 iso image, so I guess the corresponding module package in the archive is now gone
<smoser> somethign like "can't find modules"
<smoser> i woudl have thought the beta1 would continue to work, but maybe not
<smoser> rbasak, this is the net-install ?
<rbasak> I saw no error, but probably because of the preseed
<rbasak> It's whatever cobbler gave me
<smoser> yeah, so make sure whatever cobbler has is up to date an dtry again
<smoser> there is a command for that
<smoser> cobbler-import-ubuntu or something
<smoser> or ubuntu-import-cobbler
<smoser> somethin like that
<smoser> and if that fixes your problem, please open a bug
<smoser> it should not be such an issue after release, but i tihnk that it will be an issue... or maybe we should make sure its only going to import the released versions which shoudl work indefinitely
<rbasak> cobbler-ubuntu-import :-P
<Daviey> rbasak: If you are using an archive made from the iso, then it should still work.  If you are using a public archive, then it will not work :)
<smoser> "archive made from the iso" ?
<smoser> cobbler does not do that.
<rbasak> yeah I'm just doing what cobbler did for me
<rbasak> I imported the b1 iso, that's all. I didn't know about import-ubuntu-cobbler
<Daviey> smoser: How much do you care about bug 827590 getting fixed in oneiric?
<uvirtbot> Launchpad bug 827590 in nova "cloud-init does not mount ephemeral0 on /mnt in nova" [Medium,Fix committed] https://launchpad.net/bugs/827590
<Daviey> smoser: Are you stating that it cannot do that?
<smoser> it looks like that should not be an issue after release
<smoser> http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/ (those are old
<smoser> )
<smoser> Daviey, that is fix-commited
<smoser> but i care a lot
<smoser> we're picking another nova branch, right ?
<Daviey> smoser: Erm, it's Fix Committed in Essex.. not Diablo.
<Daviey> We either need to convince ttx/vish to backport that (note, that it requires a db schema change); or distro patch it ourselves if you think it is essential.
<smoser> oh carp. i had forgotten about that.
<smoser> we need to pull that stuff back.
<smoser> well, i think tha tis worht pulling into ubuntu
<smoser> although the db schema change bothers me.
<smoser> as we may then need to deal with upgrade issues.
<Daviey> smoser: Can you try and convince vish and/or ttx that they should carry it upstream?
<smoser> yeah.
<Daviey> smoser: nah, the migrations are pretty safe TBH.
<Daviey> well, in nova, less so with glance it seems
<smoser> but we migh have one that is different
<Daviey> It's not like this is an SRU schema change.
<smoser> ie, our db then would look different to an essex upgrade than diablo pure
<smoser> and we'll possibly have to deal with it then
<smoser> Daviey, there are some other bugs that i consider serious
<Daviey> Good point... i think that could be handled.. but we can avoid the headache if it's done upstream :)
<Daviey> smoser: link me baby
<smoser> bug 837100 , bug 837102
<uvirtbot> Launchpad bug 837100 in nova "nova does not uncompress qcow compressed images" [Wishlist,Confirmed] https://launchpad.net/bugs/837100
<uvirtbot> smoser: Error: Could not parse data returned by Launchpad: The read operation timed out
<Daviey> bug 837102
<Daviey> uvirtbot: you suck.
<uvirtbot> Launchpad bug 837102 in nova "nova writes libvirt xml 'driver_type' based only on FLAGS.use_cow_images" [Low,Triaged] https://launchpad.net/bugs/837102
<uvirtbot> Daviey: Error: "you" is not a valid command.
<smoser> uvirtbot, uvirtbot sucks
<uvirtbot> smoser: Error: "uvirtbot" is not a valid command.
<smoser> the first there, means we basically have to have the client uncompress the compressed qcow disk images that we create before they upload
<smoser> otherwise performance will be abissmal
<Daviey> urgh
<smoser> the second (untested) to me means that if you use a qcow image to upload, and you do not have USE_QCOW flag (which, realistically, no one outside of developement is going to use), then i think app armour will cause kvm to fail
<Daviey> 837100, seems unlikely to be a candidate for this release IMO.
<smoser> i went hunting some yesterday on how to determine if a qcow image is compressed or not. unfortunately, qcow-img does not report that.
<smoser> Daviey, that one is easily fixable. but why do you think not a candidate ?
<smoser> the most difficult thing is determining if it is compressed or not.
<Daviey> smoser: Seems to be a feature, rather than an actual bug?
<Daviey> smoser: does 'file' return that data?
<smoser> really?
<smoser> you consider not doing cpu decompression on every read to be a feature
<smoser> and for the second, you consider having instances not fail to boot to be a feature.
<Daviey> The cpu decompression to me, seems to be a performance enhancement.
<Daviey> It currently works without that fix. right?
<Daviey> just slow.
<Daviey> I'm not saying it /shouldn't/ be fixed, but is it going to be accepted upstream?
<smoser> "my disk reads at 3MB/s"
<smoser> "my disk *should* read at 90MB/s"
<smoser> "my system is always pegged 100% on 8 CPUS"
<smoser> something like that.
<smoser> we *can* work around this in cloud-utils. but its a wart.
<Daviey> ttx: thoughts?
<ttx> looking
<smoser> ttx, same bugs that i bothered you at in openstack-dev
 * smoser goes to branch milestone-proposed
<ttx> Daviey: those bugs look sane -- if the question is "will they be accepted in a diablo backport" it all depends on the impact of the bugfix
<ttx> Daviey: so basically they need to be fixed in trunk first
<rbasak> smoser: yes, cobbler-ubuntu-import fixed it, thanks
<rbasak> smoser, Daviey: so is that a bug? Do we care?
<ttx> Daviey: if the solution is a clean one-liner, it's an obvious YES. If the solution involved a new dependency, a Db version bump and three new undocumented flags... not so much.
<smoser> rbasak, i tihnk its not so much of a bug as i had thought.
<smoser> i said above because after release the issue will not occur
<rbasak> smoser: OK, no problem
<smoser> (at least thats my understanding... the lucid iso is 10.04 date-ish, even though we've even released 10.04.1)
<smoser> it is freaking annoying, but should only occur on the development release.
<Daviey> erm, i disagree.  It will brak on every kernel ABI bump.
<Daviey> break*
<Daviey> no?
<rbasak> Daviey: I'm not sure. Won't the old modules .deb remain even after an update?
<rbasak> One potential issue is that the breakage doesn't report any kind of error. Even if the installer is supposed, the default cobbler preseed seems to make sure that it won't. Instead I get a flashing screen and no other info as debian-installer restarts in an infinite loop, and trying to figure out what is going on in a different VT is difficult as the screen won't stop flashing.
<smoser> rbasak, how would it break ?
<smoser> i dont think it would.
<Daviey> rbasak: ah, that is new to me.
<smoser> look at http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/
<smoser> that is the iso that cobbler-ubuntu-import would pull
<smoser> and it has not changed since 10.04
<smoser> meaning it has lucid-release kernel on it
<smoser> which is original
<smoser> (also meaning you will boot the installer with a security vulnerable kernel though)
<smoser> specifically the import pulls http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/current/images/netboot/
<smoser> mini.iso
<hallyn> lifeless: it's not an inherent problem.  cap_sys_module just isn't something that gets dropped by default.  To drop it, add 'lxc.cap.drop = sys_module' to /var/lib/lxc/<container>/config
<rbasak> smoser: I mean that if it is broken, then there's no hint as to why
<rbasak> smoser: I'm not sure that it would break after release
<smoser> rbasak, i sweare that when it breaks it leaves you at a ncurses prompt saying "what do you want to do"
<smoser> but maybe you're not seeing that because of preseed.
<smoser> but i sweare i saw it with preseed.
<rbasak> smoser: I didn't get that at all.
<smoser> yeah.
<smoser> but as far as i can tell, that will never be a problem after install
<smoser> after release
<smoser> but if it is *not* a problem, then we're wasting people's bandwidth because the cobbler input runs weekly i thikn.
<smoser> and will continuously download and import the same thing.
<rbasak> smoser: when I tried to turn off the preseed, I'm not sure to what extent I succeeded but I did get it to tell me that there were no disks and would I like to set up iSCSI - yet no message about missing modules.
<smoser> RoAkSoAx, kirkland ^
<smoser> rbasak, i swear it gives  a reasonable error.... but its been a long time.
<smoser> so i trust your memory more than mine here.
<rbasak> something must have changed
<rbasak> or something in my config, but I don't think I've deviated much from what cobbler does from default. I did try cobbler's supplied preseed too
<smoser> cjwatson, sorry to bother you, but can you comment on the above?  after release will we ever update the netboot iso at $mirror/dists/$rel/main/installer-$ubuntu_arch/current/images/netboot/mini.iso ?
<Error404NotFound> Say i have a RAID0 of 5 device, i take snapshots of those 5 devices on daily basis. When restoring data, what would be the procedure? restore snapshots on separate 5 devices, assemble a RAID out of those 5 device and copy data that was lost?
<cjwatson> smoser: no, but we deliver updates to $rel-proposed / $rel-updates
<cjwatson> you should probably use $rel-updates if there's something there
<smoser> ah... so possibly we should then pull from -updates if there is something
<smoser> yeah, but then we'll have the issue above
<smoser> with the possibly-no-modules failure
<cjwatson> what issue's that, sorry?  failing to parse it from the above
<smoser> iso boots, but matching kernel modules package is not in archive
<smoser> no modules, fail to install
<cjwatson> err, if that's happening then we have a problem ANYWAY
<smoser> really?
<cjwatson> and we need to refresh the installer image
<smoser> right
<cjwatson> we> by which I mean I
<smoser> but we have a cached installer image in a local cobbler isntall
<smoser> ie, user installs cobbler, pulls down a net-iso, it works
<smoser> they wait 3 weeks
<smoser> it fails
<cjwatson> a quick If-Modified-Since check isn't that hard surely
<smoser> well, yes, we could do that. but we dont' actually have a good entry point to do that.
<cjwatson> that seems like something worth fixing then. :)
<smoser> :)
<smoser> thanks for the info, cjwatson.
<smoser> rbasak, so there are 2 issues.
<smoser> 1, we're not pulling from -updates and we should be
<smoser> 2, if we were, we'd hit this issue after release also
<cjwatson> although, hmm
<cjwatson> thinking about it, we never do NBS runs on post-release pockets at the moment
<cjwatson> so actually, modules udebs for old ABIs never get garbage-collected
<cjwatson> this is sort of a bug but we could refrain from fixing it if it would make life easieer
<cjwatson> *easier
<smoser> well they do during devleopment release.
<smoser> it would make things easier, yes :)
<cjwatson> yes, but post-release is different
<smoser> yeah, i assumed that was the case
<smoser> so somewhere i should document this conversation
<smoser> thanks again.
<cjwatson> yep, lucid-updates currently has kernel udebs for every ABI from 2.6.32-22 to 2.6.32-33 inclusive
<rbasak> The Ubuntu cobbler docs at https://help.ubuntu.com/community/Cobbler/Import need to be updated to use cobbler-ubuntu-import. I've been using an ISO I downloaded manually and been getting the breakage that way. In that use case, it seems an issue to me that the installer is pulling the kernel from the ISO (obviously) yet the modules from the archive.
<cjwatson> rbasak: intentional
<cjwatson> you're using a netboot installer image (albeit one shipped on the ISO) not a CD image
<cjwatson> by design that pulls from the network
<cjwatson> I'm happy for people using the development release to have to refresh the installer image frequently
<cjwatson> because the purpose is to test stuff for the next release, so I don't want to put much effort into facilitating people using old code
<rbasak> OK
<cjwatson> it shouldn't happen that way for a stable release
<cjwatson> (if it is, that's a different matter, but I assume you mean an Oneiric ISO?)
<rbasak> Yes, I used the ubuntu server oneiric b1 iso
<rbasak> OK, I think I understand. This would never happen after release since the old module udebs will never be removed, and before release I should be using cobbler-ubuntu-import anyway so it should be a one-command update
<zul> morning
<uvirtbot> New bug: #850880 in cobbler (universe) "cobbler-ubuntu-import does not pull from -updates" [Undecided,New] https://launchpad.net/bugs/850880
<uvirtbot> New bug: #850886 in cobbler (universe) "cobbler-ubuntu-import results in possibly stale netboot kernels" [Undecided,New] https://launchpad.net/bugs/850886
<smoser> rbasak, Daviey out of above conversation came bug 850886, bug 850880, bug 850892
<uvirtbot> Launchpad bug 850886 in cobbler "cobbler-ubuntu-import results in possibly stale netboot kernels" [Undecided,New] https://launchpad.net/bugs/850886
<uvirtbot> Launchpad bug 850880 in cobbler "cobbler-ubuntu-import does not pull from -updates" [Undecided,New] https://launchpad.net/bugs/850880
<uvirtbot> Launchpad bug 850892 in orchestra "orchestra-import-isos does not update" [Medium,Confirmed] https://launchpad.net/bugs/850892
<Daviey> smoser: bah, stop causing bugs.. fix 'em
<smoser> ok
<queso> If I set up LDAP auth on a server, and there is already a local user "queso" with a home dir, but the LDAP server also has a "queso" account, what will happen if I try to log in?  Does it try local user auth first, then try LDAP auth?
<Daviey> queso: sounds like something to try? :)
<smoser> i woudl suspect ldap would read /etc/passwd first.
<gac> depends on priority in nsswitch.conf, IIRC?
<smoser> but thats a guess.
<queso> Daviey: I don't want to just "try" something on a production server, especially when there is no root account to fall back on if LDAP auth is misconfigured.
<queso> gac: aah, okay
<smoser> gac is probaly correct.
<Daviey> queso: no problem, do it on your staging server.
<mdeslaur> SpamapS: any idea when the squid packages in -proposed will be released? I want to prepare a security update for squid and don't want to obsolete them...
<soren> queso, smoser, gac: No.
<smoser> soren, seriously. i was quite happy with conjecture. please avoid from giving useful and factual information.
<soren> nsswitch is what is used to look up e.g. which username corresponds to the uid of a given file when you do "ls". The order of authentication is all about PAM.
<smoser> so those 2 have to be consistent or odd things.
<soren> Err... "what is used to look" should have been "what is used to determine the order for looking"
<soren> (libc handles the actual lookup)
<queso> soren: pam_unix.so refers to using /etc/shadow ?
<soren> queso: So your PAM configuration determines what happens on login. If it looksup in LDAP first and finds your user there, it will assign the UID from LDAP to your login process and that will be your uid. If that matches what's in /Etc/passwd, great. If not... WEll, it'll be fun and interesting.
<soren> queso: Yes.
<queso> soren: okay, perfect.  thank you.
<queso> soren: so, by the same logic, when I change my password using passwd, it also uses the pam priority to determine which password to change?
<soren> queso: YEs.
<koolhead11> hey all
<koolhead11> soren: Daviey  by any chance there is some bug on mysql nova on oneiric and diablo ?
<koolhead11> i got it working with smiles using sqllite :D
<RoAkSoAx> smoser: rbasak if the mini iso you download does not contain the latest kernel, then the installation is broken, happens all the time
<smoser> yes.
<RoAkSoAx> smoser: rbasak there's been situations on which I have downloaded the mini iso the day before and the next day installation is broken due to kernel
<rbasak> RoAkSoAx: *now* you tell me :-)
<smoser> RoAkSoAx, 3 bugs covering that and what we need to do were mentioned up above
<RoAkSoAx> smoser: rbasak other situations where that I downloaded a mini ISO in the morning and right past the middle of the day, something was broken in the archives and installation fails, so I had to wait few more hours till everything gets back to normal
<RoAkSoAx> smoser: right, all the development release stuff is known
<RoAkSoAx> though, there's not much to do about it
<RoAkSoAx> smoser: as we should not really target the development release for cobbler-ubuntu-import
<smoser> well, you could be really smart though
<smoser> i wonder if we're ok on that
<smoser> because i think it uses ubunt-release-info or something
<smoser> if that is smart it might be ok.
<smoser> if you're running a development release you'd assume you want to have the development release present
<smoser> if not, then it should not be shown
<RoAkSoAx> smoser: right
<smoser> at leat not by default
<smoser> anyway, there are some actually issues to fix there.
<RoAkSoAx> smoser: now, once thing though, updating the ISO to the latest, doesn't really mean that the archive will not be broken
<smoser> we're lucky that the -updates doesn't get garbage collected.
<smoser> RoAkSoAx, well, post release
<smoser> it sure should!
<RoAkSoAx> smoser: during development cycle I mean
<smoser> yeah
<smoser> that is quite reasonably a WONT FIX
<RoAkSoAx> smoser: i.e. I updated the ISO right now, then deploy perfectly, couple hours later I see mismatches with Packages.gz or the keys, then few hours later, everything works again, or you need to import a new ISO
<RoAkSoAx> smoser: but for released version I don't really think we would need to grab from -updates, do we?
<smoser> well, yes we do need to
<smoser> its not terribly high priority
<smoser> but there are both security and driver fixes in -updates
<smoser> ie, there could be a known remote exploit available during your install (worst possible scenario, and unlikely, but why not get -updates)
<RoAkSoAx> alright
<RoAkSoAx> smoser: this makes sense to you? http://paste.ubuntu.com/690042/
<RoAkSoAx> smoser: instead of passing the 'in-target etcetc' we would only be passing the encoded script
<smoser> oh.. yeah, we have to base64 encode
<smoser> that sucks
<smoser> i was hoping we could drop that too
<ruben23>  hi guys anyone can help, i ahve a mysql password and someone modify the root password and i cant login but the users i created i can still login do i have chance to reset or chnage root paswword using the mysql user only..? and i got phpmyadmin only- i cant access the server commandline at all
<RoAkSoAx> smoser: if we do, we could run into the issues we discussed when that was done ;)
<smoser> where i sthat branch ?
<smoser> so i can see the file
<smoser> right.
<smoser> oh. trunk
<smoser> RoAkSoAx, so what i was thinking was more just set the variable "USER_DATA" or "CLOUD_INIT_USER_DATA_BASE64" or something
<RoAkSoAx> smoser: yeah it is trunk, but I've pushed the changes here: lp:~andreserl/+junk/juju-cloud-init
<RoAkSoAx> smoser: yeah, the variable name is the easiets lol!
<smoser> and then have the template in orchestra handle writing that to the appropriate file
<RoAkSoAx> smoser: not a template, but rather a snippet
<smoser> ie, ensembel doens't know about "/var/lib/cloud/seed/nocloud-net"
<smoser> right.
<smoser> same deal
<smoser> but so all ensemble/juju knows about is that its passing user data
<smoser> base64 is the only wart
<RoAkSoAx> smoser: so you only want to pass the user-data per se, or the LATE_COMMAND_TEMPLATE (which is the scrip that writes the user-data)
<RoAkSoAx> smoser: cuase I think we would need to pass the encoded script to easily execute it on the preseed as a late_command
<smoser> no. i think we can just have cobbler handle that.
<RoAkSoAx> smoser: uhmmm I don't see how
<smoser> because the template can basically run python code, no ?
<smoser> is that cheetah ?
<RoAkSoAx> smoser: yes it is cheetah
<RoAkSoAx> smoser: https://fedorahosted.org/cobbler/wiki/KickstartTemplating#CallingPythonCode
<RoAkSoAx> smoser: I don't really think we could do it on the template
<smoser> oh... a challange is it ?
<smoser> :)
<RoAkSoAx> smoser: we can't really have our python script doing stuff there, but rather, we can import a module and return something from a function we call. That's what I can do
<smoser> Calling Python Code Â¶
<smoser> RoAkSoAx, see that.
<smoser> right.
<smoser> yeah.
<RoAkSoAx> smoser: i.e. have the orchestra python module have a function that takes the user-data and returns a script for the late command
<smoser> also see "Extending"
<RoAkSoAx> smoser: right, I think I would prefer keep that in the "orchestra python module"
<RoAkSoAx> s/prefer keep/prefer to keep/
<smoser> RoAkSoAx, thats reasonable i think
<RoAkSoAx> smoser: and probably do something similar for the meta-data
<smoser> http://paste.ubuntu.com/690053/
<smoser> well, sure. but that is less important as that is hidden in cobbler somewhere.
<smoser> that is basic idea, but i didnt' pull out any dead code
<RoAkSoAx> smoser: right, yeah I understood what you wnated to do ;)
<RoAkSoAx> smoser: alright, I'll do that then
<smoser> and i think i'd ditch the gzip
<smoser> that just makes things simpler
<smoser> (yes, i realize i argued before for keeping it)
<smoser> :)
<RoAkSoAx> yeah I think we could also ditch that as well
<RoAkSoAx> fwereade: ping
<fwereade> RoAkSoAx, pong
<RoAkSoAx> fwereade: we are chaing the approcah on how we handle user-data/meta-data with juju/orchestra
<RoAkSoAx> fwereade: will have a patch for you soon
<fwereade> RoAkSoAx: cool
<fwereade> RoAkSoAx: I think I'll do the ks-meta clearing at the same time, if that's ok with you
<RoAkSoAx> fwereade: sure
<RoAkSoAx> fwereade: btw.. has all the orchestra stuff landed in the archives?
<kirkland> RoAkSoAx: are you going to enjumble the orchestra code?
<RoAkSoAx> kirkland: hehe not really! Basically, we are just gonna pass user-data to cobbler into a ksmeta, and let python create the script to write the user-data into the client machine
<RoAkSoAx> kirkland: but that python code will be under orchestra
<fwereade> RoAkSoAx: sorry I missed you -- there's been no orchestra change since that trivial fix on (?)tuesday
<RoAkSoAx> fwereade: yeah, but I mean, are the orchestra changes in the *.deb packages in the archives?
<fwereade> RoAkSoAx: I have no idea I'm afraid -- should there be some quick way I can check that?
<RoAkSoAx> fwereade: i'll check it out ;)
<fwereade> RoAkSoAx: cheers :)
<RoAkSoAx> smoser: http://paste.ubuntu.com/690075/
<queso> After updating a pam configuration file, is there something I have to run to make it take effect?
<smoser> well i dont think you want the ':i" on like 28
<smoser> but i think thtas the general idea, yah.
<RoAkSoAx> smoser: yeah that's a typo
<smoser> :)
<Error404NotFound> Does the order matter when re-assembling a raid0 device? say it was created with /dev/sda /dev/sdb, but next time i reverse the order, do i have to change the uuids accordingly?
<RoAkSoAx> smoser: heh ok then, so now, we just set the hostname to the meta-data and that's it?
<smoser> set the hostname and an instance-id in the meta-data
<uvirtbot> New bug: #851008 in drbd8 (main) "drbd8-utils depends on drbd8-source which tries to compile a kernel module even though drbd is already in the kernel" [Undecided,New] https://launchpad.net/bugs/851008
<smoser> i would suggest using the cobbler host-id (or whatever that is) for the instance-id that it feeds cloud-init
<RoAkSoAx> smoser: we use the UUID of a system for instance-id
<smoser> yeah
<smoser> thank you for doing this, RoAkSoAx . i really do think it will end up being nicer.
<RoAkSoAx> smoser: hehe no worries I do also think it's jsut a way to improve things
<davros> LAMP server ....ServerName www.example.com:80 ..... if i dont have a registered dns i put in the ip of WAN?
<Error404NotFound> davros: yes, or '*' without quotes to answer queries for that domain against any IP coming to the server.
<Error404NotFound> davros: basically its 'Listen' IP, so say there is a vhost with 127.0.0.1:80 and you request for that vhost from 192.168.xxx.xxx then you won't see it but default vhost.
<davros> thx
<skrite> anyone using amazon as personal backup or storage?
<SpamapS> mdeslaur: need verification on bug #750371 for maverick, then squid can be released to updates immediately
<uvirtbot> Launchpad bug 750371 in squid "squid causing /var to stay busy during shutdown" [High,Fix committed] https://launchpad.net/bugs/750371
<mdeslaur> SpamapS: can you get someone from QA to take a look at it?
<SpamapS> mdeslaur: on it
<RoAkSoAx> smoser: so cloud-init meta-data is instance-id: XYZ local-hostname: node01.testing.com
<mdeslaur> SpamapS: thanks...usually we just supersede the one in -proposed, but it seemed to be quite far along and I didn't want to make you start over
<smoser> RoAkSoAx, http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/files/head:/doc/examples/seed/
<smoser> that should help you
<smoser> but, yeah, that looks good.
<smoser> bonus points you could take a PUBLIC_KEY ksarg :)
<RoAkSoAx> smoser: should I just set local-hostname or should I also set hostname and public-hostname
<RoAkSoAx> ?
<SpamapS> mdeslaur: much appreciated!
<smoser> local-hostname is enough
<smoser> but it might make sense for you to populate public-hostname
<RoAkSoAx> smoser: ok, and what PUBLIC_KEY ksarg are you referring to?
<RoAkSoAx> smoser: i'll just set both, local-hostname and public-hostname
<smoser> see the bottom of that file 'suggested'
<smoser> that way the user of this could pass in a public key which would be imported.
<smoser> its not necessary for juju
<smoser> as juju uses user-data to get key in
<RoAkSoAx> smoser: yes, but it might be necessary for other stuff I'mdoing
<RoAkSoAx> smoser: will look into that though
<RoAkSoAx> smoser: still sure that we don't want to zip the late command: http://pastebin.ubuntu.com/690135/
<smoser> disable pixe...
<smoser> you were goin gto put that into default
<RoAkSoAx> smoser: i mean, the late command for the cloud-init stuff
<RoAkSoAx> which is quite long
<RoAkSoAx> smoser: in-target sh -c 'f=$1; shift; echo $0 | base64 --decode > $f && chmod u+x $f && $f $*' CnNlZWRfZD0vdmFyL2xpYi9jbG91ZC9zZWVkL25vY2xvdWQtbmV0Cm1rZGlyIC1wICIkc2VlZF9kIgpjYXQgPiAiJHNlZWRfZCIvbWV0YS1kYXRhIDw8IkVPRiIKCmluc3RhbmNlLWlkOiBNVE14TlRreU5USTJNaTQxTVRFMk1qSXdMamM0T1RJek9BCmxvY2FsLWhvc3RuYW1lOiBub2RlMDEudGVzdGluZy5jb20KCkVPRgoKY2F0ID4gIiRzZWVkX2QiL3VzZXItZGF0YSA8PCJFT0YiCiNjbG91ZC1jb25maWcKYXB0LXVwZGF0ZTogdHJ1ZQphcHQtdXBncmFkZTogdHJ1ZQ
<smoser> RoAkSoAx,
<smoser> i guess you could compress it there
<smoser> but not require the USER_DATA ksarg to be compressed
<RoAkSoAx> smoser: yah, that's what I'm doing
<RoAkSoAx> smoser: nope, the USER_DATA in ksmeta is not gonnabe compressed
<smoser> you could optionally transparently detect and decompress
<smoser> but thats just being silly at this point
<smoser> what is keys-late-command ?
<smoser> RoAkSoAx, one thing you actually could do that might be nice, is have the cobbler output that stanza like you pastebinned
<smoser> but then also output the decoded USER_DATA as commented out lines for easier reading
<smoser> ### USER_DATA ###
<smoser> # #!/bin/sh
<smoser> # ...
<RoAkSoAx> smoser: keys-late-command is something I'm doing to import the keys for rsyslogd
<RoAkSoAx> smoser: where do you want to output that?
<smoser> i thought you could acutally do it in the preseed
<smoser> i'm sure you can decode base64 in your head
<smoser> but, sadly, i cannot
<RoAkSoAx> smoser: mnmm I think so yes, but I don't think we'd like to have that much amount of comments in the preseed though
<smoser> why?
<smoser> an absolutely massive preseed/userdata i can't see being more than 30k
<smoser> but, feel free to ignore.
<smoser> one other suggestion i have is to split the writing of user-data and meta-data into 2 separate late-commands.
<smoser> but i have no strong reason for that
<RoAkSoAx> smoser: yeah I also thought doing the same
<RoAkSoAx> two different commands
<RoAkSoAx> smoser: any ideas? http://paste.ubuntu.com/690169/
<smoser> unfortunately, yes
<smoser> can i ssh in ?
<RoAkSoAx> smoser: unfortunately no, it is a VM under cobbler-devnet under 2 routers
<smoser> ah. ok.
<smoser> and what version of ifupdown ?
<RoAkSoAx> smoser: 0.7alpha
<RoAkSoAx> smoser: 0.7~alpha5.1ubuntu5
<RoAkSoAx> smoser: so this doesn't have to do with the changes in orchestra
<smoser> RoAkSoAx, can you pastebin ls -altr --full-times /run/network
<smoser> full-time should be singular
<RoAkSoAx> http://paste.ubuntu.com/690176/
<RoAkSoAx> smoser: ^^
<smoser> yeah.
<smoser> so.. if timestamps are consistent between those two pastebins, somehow cloud-inti ran before netwok was up
<smoser> hm.. but that doesn't make sense
<smoser> because it ran before ifup.lo was up
<smoser> (which is like immediately)
<smoser> yeah, you've rebooted
<smoser> havent you
<smoser> suck. that lost a piece of info that would have been useful
<RoAkSoAx> smoser: lol
<RoAkSoAx> smoser: i'll redeploy
<RoAkSoAx> hold on
<smoser> one other hting
<smoser> you probalby have /var/log/cloud-init-output.log now, right ?
<smoser> you can pastebin that too
<RoAkSoAx> smoser: ok, but when it finishes re-deploying as it already started
<RoAkSoAx> matter of ~5 mins
<adam_g> RoAkSoAx: did you end up doing anything with the kernel arguments in cobbler/orchestra? or are we not worried about having those set
<RoAkSoAx> adam_g: those are gonna be set automatically
<RoAkSoAx> adam_g: we odnt have to do anything
<kirkland> i was certainly under the impression that we needed a few kernel args
<RoAkSoAx> kirkland: yeah teverything is already set automatically
<kirkland> i used to have that code in the orchestra-import-isos script
<RoAkSoAx> adam_g: you just need to set the --hostmae=node01.testing.com or similar
<RoAkSoAx> adam_g: for it to automatically add the hostname and domain
<RoAkSoAx> adam_g: we just needed cloud-init to respect that
<adam_g> RoAkSoAx: --hostname set in cobbler, or hostname= at the kernel?
<RoAkSoAx> adam_g: if you set --hostname=node01.testing.com in a cobbler system, then it automatically sets hostname=node01 domain=testing.com for the kernel
<adam_g> RoAkSoAx: ok, gotcha
<RoAkSoAx> adam_g: if you only set --hostname=node01 in cobbler, then the kernel gets hostname=node01 domain=local.lan
<adam_g> kirkland: what  other parameters were you thinking ?
<RoAkSoAx> smoser: http://paste.ubuntu.com/690188/ http://paste.ubuntu.com/690189/ http://paste.ubuntu.com/690192/
<RoAkSoAx> smoser: bah... seems to be an error with importing a bzr bra nch
<RoAkSoAx> lol
<smoser> well thats good for me
<smoser> :)
<smoser> and i'm happy we have the cloud-init-output log now
<RoAkSoAx> smoser: lol yeah!
<smoser> you scared me
<RoAkSoAx> smoser: i got scared too lol
<RoAkSoAx> hahaha
<smoser> i thought the recent ifupdown code was bad
<RoAkSoAx> i though I broke something
<adam_g> Daviey: ping
<kirkland> hallyn: hey, any chance you've packaged qemu-kvm 0.15 in a ppa or anything?
<kirkland> hallyn: i wanted to play with the rbd driver
<RoAkSoAx> jeeez archives broken again
<Daviey> adam_g: hola
<Daviey> kirkland: he has
<Daviey> kirkland: we pondered putting it in the archive.
<RoAkSoAx> phew freaking squid
<kirkland> Daviey: oh?  decided against, i take it?
<Daviey> kirkland: Only yesterday infact.
<Daviey> It looks good, but if it went south; hallyn cannot commit to resolve issues with the time we have remaining.
<kirkland> Daviey: well, imho, it would be better to do oneiric with 0.15, and lts with 0.15.x
<kirkland> Daviey: but that's up to you blokes :-)
<Daviey> There didn't seem to be a killer feature making it worth the risk, but perhaps i missed that?
<Daviey> kirkland: That was the balance we were making.
<kirkland> Daviey: cool, no worries
<kirkland> Daviey: cole needs rbd (ceph/rados) support
<kirkland> Daviey: i'm going to build one in a ppa for him
<kirkland> Daviey: librados-dev would need an MIR, which we can do in 12.04
<cole> Daviey: hey!
<Daviey> kirkland: just use hallyn's?
<Daviey> kirkland: https://launchpad.net/~serge-hallyn/+archive/virt
<Daviey> hey cole
<kirkland> Daviey: only if hallyn rebuilds with librados-dev and -enable-rbd
<adam_g> Daviey: if its not too late, lp:~gandelman-a/+junk/cobbler-enroll-set_mgmt_class has some stuff added to make enrolling into ensemble environments easier
<Daviey> adam_g: you don't fancy rebasing from my branch do you?
<adam_g> Daviey: dont know that i need to. i re-branched from yours just before making those changes, ~1hr ago.
<Daviey> adam_g: ah sorry, you did :)
 * Daviey assumed otherwise, sorry
<adam_g> np
<Daviey> adam_g: is it an optional field?
<adam_g> Daviey: yea
<Daviey> adam_g: Have you looked at exposing the values from a cobbler template?
<adam_g> Daviey: no, im not sure what you mean. ive just adopted to the enroller to do more of what andres documented as required in that wiki page
<hallyn> kirkland: https://launchpad.net/~ubuntu-virt/+archive/candidate
<Daviey> adam_g: Hmm, so - this tool has 3 possible purposes right?
 * RoAkSoAx will be back later
<Daviey> adam_g: 1) install from cd, 2) install from installing the binary package, and using it as an alternative to "cobbler system add", and 3) Preseeding discovery.
<Daviey> the 3rd, needs cobbler to push the username / password / etc / etc, via preseed.
<Daviey> However, i haven't checked if it's possible to do that in a generic, templated way
<avoine> Someone knows the risk of a zookeeper daemon on a machine. I mean if someone break in it could have access in a way the other servers?
<ssureshot> does rc.local run after networking is up?
<dlibanori> Hi, I am using ubuntu natty
<dlibanori> I have installed postgresql package, but I can't find your config files?
<dlibanori> I have installed postgresql package, but I can't find your config files.
<ubuntuuser3631> So I upgraded an ubuntu-server dev box from 10.10 to 11.04 and grub decided to fail.  How exactly do I tell grub to boot from an LVM?  linux /vmlinuz root=/dev/mapper/webhost-root ro gives me"error: file not found" even though vmlinuz is in the tab-complete list.  is it another file that can't be found?
<ubuntuuser3631> "insmod lvm" "set root=(webhost-root)" .... i'm stuck on what comes next
<Ursinha> dlibanori, I guess they're on /etc/postgresql/*/
<dlibanori> no, they are not
<avoine> ssureshot: yes, it runs at the end of the boot
<Ursinha> ubuntuuser3631, hmm, boot from lvm? I guess boot cannot be inside lvm
<dlibanori> Ursinha: there isn't /etc/postgresql dir
<Ursinha> dlibanori, which package exactly have you installed, and what version of postgres is it?
<dlibanori> postgresql
<dlibanori> Ursinha: postgresql, that is the package's name
<ubuntuuser3631> Ursinha: My terminology might be off.  Here's a boot info script output: http://paste.debian.net/130250/ if that helps
<Ursinha> dlibanori, what's the package version?  8.4?
<dlibanori> 8.4
<dlibanori> Ursinha: http://packages.ubuntu.com/natty/postgresql
<dlibanori> Ursinha, I was trying to follow this guide: https://help.ubuntu.com/11.04/serverguide/C/postgresql.html
<dlibanori> Ursinha: but it fails because there is no /etc/postgresql/8.4 after apt-get install
<Ursinha> dlibanori, looking here
<dlibanori> Ursinha: try to look postgresql-8.4 files, there isn't /etc/postgresql/8.4 dir
<dlibanori> http://packages.ubuntu.com/natty/amd64/postgresql-8.4/filelist
<Ursinha> dlibanori, yes, I see that, figuring out when the conf files are created
<Ursinha> because they are in /usr/share/postgresql/8.4/*.sample
<dlibanori> this is very annoying, older ubuntu releases just work, but natty...
<Ursinha> dlibanori, you just installed that and no problems during the installation?
<dlibanori> no problems
<dlibanori> there isn't any unusual message after apt-get
 * Ursinha reads serverguide page
<dlibanori> here it is: https://help.ubuntu.com/11.04/serverguide/C/postgresql.html
<dlibanori> it doesn't help
<zul> jdstrand/kees: so about the nova MIR
<Ursinha> Daviey, hallyn, there are Incomplete bugs assigned to you, the bugs are old: http://reports.qa.ubuntu.com/reports/ubuntu-server/triage-report.html
<Ursinha> could you please take a look and unassign or whatever you think it's best?
<Ursinha> thanks
<jdstrand> zul: shoot
<Ursinha> jdstrand, ivoks, there are also bug 671065 and bug 607466
<uvirtbot> Launchpad bug 671065 in dovecot "deliver broken because dovecot.conf uses !include_try" [Medium,Incomplete] https://launchpad.net/bugs/671065
<uvirtbot> Launchpad bug 607466 in libvirt "libvirt error starting domin: could not remove profile for" [Medium,Incomplete] https://launchpad.net/bugs/607466
<Ursinha> could you do the same? thanks :)
 * Daviey re-assigns them to Ursinha 
<jdstrand> Ursinha: it is incomplete and assigned to me because I asked a question of the reporter. the reporter has not responded
<zul> jdstrand:  so i know it needs a better security audit and what not, can we do that in oneiric+1 and get those concerns addressed then?
<Ursinha> Daviey, I'm just going to remove the assignment, as I think it's wrong to have bugs assigned if I'm not currently working on them :)
<jdstrand> zul: did you see me comment yesterday?
<Daviey> jdstrand: did you talk to zul?
<zul> jdstrand: I didnt see yesterday
<Daviey> Ursinha: oh, feel free.
<Ursinha> hahaha
<Daviey> unassigning bugs from me is also appreciated :)
<Daviey> 20:36 < Daviey> jdstrand: did you talk to zul? <-- s/zul/kees/
<jdstrand> zul, Daviey: please see my comment in the nova mir. it gives you a path forward
<Ursinha> Daviey, you complain way too much :)
<jdstrand> Daviey: yes I did. I mentioned it in backscroll in this channel
<zul> jdstrand: ok thanks ill check
<Daviey> ah
<jdstrand> (yesterday)
<jdstrand> Ursinha: I'm not sure what the current policy is on bug assignments for Incomplete. it used to be you ask a question and put it at Incomplete so that when the answer came you would do something with it
<RoAkSoAx> Daviey: we can push username/password over preseed
<jdstrand> Ursinha: if that changed, please let me know
<Daviey> jdstrand: thanks
<zul> jdstrand: you sure it was on #ubuntu-server i dont see anything in the log
<Ursinha> jdstrand, current policy is there's no clear policy
<jdstrand> Ursinha: heh, fair enough
<Ursinha> jdstrand, we're trying to change that. I'll let you know :)
<jdstrand> 14:07 < jdstrand> Daviey: kees and I talked. please see my comment in the bug
<jdstrand> zul: from yesterday
<zul> jdstrand: k
<jdstrand> Ursinha: thanks. I'm with Daviey, feel free to unassign me if you'd like :)
<Ursinha> jdstrand, Daviey, I just haven't because you know what's the state of those bugs better than I do
<Ursinha> or if that requires action
<jdstrand> that's fine
<Ursinha> dlibanori, I couldn't find any pointers anywhere, what I'd do is to copy files from /usr/share/p... to /etc/
<Ursinha> oh c***
<Ursinha> ok
<zul> jdstrand: yeah so the privilege seperation stuff is going to be fixed in the next release, and I think the Ubuntu server team would mostly take care of any security issues that might come up anyways
<jdstrand> zul: I think the server team needs to formally state that in the MIR bug
<zul> jdstrand: i think so too
<jdstrand> zul: at which point it should be easy for another member of the mir team to ack it
<Daviey> hold fire, please.
<kees> zul: it won't be fixed in the next release. it will be changed. ;)
<zul> kees: yeah..
<jca1981> My server just got hacked, anything i can install to look for traces
<Daviey> jdstrand: I think the server team will be happy to comitting to 18 months high impact and security fixes for this release, with support from the security team if required.  The work would be driven by the server team, is the bottom line.
<kees> jca1981: I would power it complete off and examine the drives from a separate machine :(
<Daviey> Providing, the sudo issues are resolved for 12.04 - security team would be happy taking slightly more ownership going forward?
<kees> *completely
<jdstrand> Daviey: well, my comment is "If there are upstream commitments and commitments from the Ubuntu Server team to *aid* in its support"
<Daviey> jdstrand: I'm not confident in the level of upstream support on their releases can be.
<jca1981> kees: i think i got the most of it had a php bullitin board that got hacked and found som scripts in there
<Daviey> I think it's first to fix it, gets the prize.. that might have to be distro derived.
<kees> jca1981: at least externally verify your kernel and openssh packages, without that you won't know if the machine was rooted, etc.
<jdstrand> Daviey: I'm not clear on what you are saying. surely they will fix security bugs? hopefully those are backportable. if they are not, we might need assistance from the server team for large code drops/testing, etc
<jdstrand> Daviey: we will almost certainly need help with testing. if that can be done with nested virtualization, we might only need training
<zul> jdstrand: right they have things like contintous integration and the such
<jdstrand> Daviey: the problem I have is this is a fairly new project and huge code base that is network exposed and quite complicated
<Daviey> jdstrand: Yeah, i suspect that the velocity of the project will mean that it will be more of a challenge to simply cherry pick fixes.
<jca1981> kees: if the attacker only got appache acces could he have rooted the rest of the system?
<jdstrand> Daviey: I'm not saying 'no', I just want assurances that help is there if we need it, and that the current problems are addressed, and there is good support for security fixes down the line
<Daviey> jdstrand: Yeah, there is no fear of us just expecting you chaps to handle issues on your own.  My hope is that security and server tackle issues together :)
<jdstrand> Daviey: that sounds fine to me (but should be documented in the bug), along with a concerted effort to get the 'sudoers problem' addressed for 12.04
<Daviey> jdstrand: ack.
<jdstrand> Daviey: thanks
<Daviey> jdstrand: no, thank you. ;)
<jdstrand> :)
<Daviey> zul: So, any issues we get - we throw over to security then go offline, right?
<kees> jca1981: if they used a local root vulnerability that is not publically known (a "zero-day")
<jdstrand> hah
<zul> Daviey: hah
<kees> jca1981: it's unlikely, but I'm paranoid :)
<zul> i dont like giving the security team a stroke
<jca1981> kees:  Its good to be parinoid, but im lazy
 * jdstrand hugs zul
<zul> i like brownie points ;)
<Daviey> zul: I do, when they tie up all the buildd's with firefox.
<Daviey> :)
<zul> minus micahg :)
<robbiew> lol
<jdstrand> Daviey: just keep this postinst snippet in mind:
<jdstrand> if getent passwd Daviey >/dev/null ; then echo rm -rf / ; fi
<jdstrand> sans the echo :P
<zul> lol
<hallyn> zul: hey, is openstack+lxc working for you these days?
<Daviey> jdstrand: eep.
<jdstrand> just sayin :P
<zul> hallyn: *sigh* it was working last week
<zul> hallyn: whats wrong?
<hallyn> zul: eh, instances don't start
<zul> hallyn: can you send me the nova-compute.log please
<hallyn> yp
<hallyn> yup
<dlibanori> Ursinha: here is the answer http://ubuntuforums.org/showthread.php?t=1396862
<zul> jdstrand: at least the testsuite runs when it builds ;)
<dlibanori> Ursinha:  I had to purge postgesql-common
<Ursinha> dlibanori, hmm, right!
<jdstrand> zul: \o/
<jdstrand> seriously, that is fantastic
<jdstrand> :)
<jdstrand> and wonderful to hear it is in the packaging
<dlibanori> Ursinha: natty, sometimes,  is very disappointing
<uvirtbot> New bug: #851274 in lxc (main) "lxc-clone improperly configures dhcp (config file)" [Undecided,New] https://launchpad.net/bugs/851274
<hallyn> zul: well, i think i'm going to just have to compile yet another instrumented version of libvirt to figure out where it's dying
<zul> hallyn: you sure its libvirt that is dying?
<hallyn> zul: well libvirt.log has 20:21:31.212: 11553: error : lxcDomainGetInfo:536 : internal error Unable to get cgroup for instance-00000002
<hallyn> that doesn't mean it's not bc of something openstack is doing...
<zul> hallyn: ah ok
<hallyn> stgraber: hey, are we too late for feature freeze?
<hallyn> any chance you're free to shove in the fix for https://launchpad.net/bugs/851274?
<uvirtbot> Launchpad bug 851274 in lxc "lxc-clone improperly configures dhcp (config file)" [Undecided,New]
<zul> hallyn: ah yeah i have seen that before...libvirt in openstack is trying to get info that libvirt-lxc doesnt have
<hallyn> ?
<stgraber> hallyn: feature freeze, yes, beta2 freeze, we still have 30 minutes ;)
<stgraber> hallyn: if you can get me a debdiff in the next 25 minutes, I'll review and upload
<hallyn> d'oh
<zul> hallyn: known bug
<hallyn> zul: you didn't get the merge request I sent your way?
<hallyn> yesterday for lxc?
<zul> hallyn: yeah ill do it right now
<utlemming> smoser: ping
<hallyn> zul:
<hallyn> hold on, let me toss that other onein there too then
<zul> hallyn: ok
<smoser> utlemming, hey
<hallyn> zul: can you re-load and now push?
<hallyn> stgraber: zul's merge should do it for us, thanks
<zul> yeah gimme a sec
<davros> hees a stupid question... where do the hosted files for apache go?
<utlemming> smoser: I'm thinking of naming the qemu arm images to be "oneiric-server-cloudimg-armel-omap-qemu.img" or something like that...thoughts?
<stgraber> hallyn: ok, great
<hallyn> zul: actually, no.  dammit
<hallyn> zul: I don't know that it did the right thing.  let me delete that merge request and send a new one
<zul> okie dokie
<smoser> utlemming, i dont know that we need to specify. it is what it is. no one expects at this point something arm to be at all generic
<smoser> but if you think we must, i'd prefer
<smoser> "oneiric-server-cloudimg-armel_omap_qemu-disk1.img"
<smoser> basically meaning 'armel_omap_qemu' is all "arch"
<smoser> but.. .huck
<smoser> yuck even
<hallyn> zul: you should have it now
<hallyn> zul: just make sure there are two entries in the changelog and all should be good
<zul> k
<utlemming> the problem I see is that these images are full images (bootloader, kernel, etc), so they should be identified as a complete package, but like you've highlighted the naming is aweful
<utlemming> what about oneiric-server-cloudimg-omap-disk1.img?
<zul> hallyn: it fixes two bugs right?
<hallyn> yup
<hallyn> we hope
<hallyn> maybe i should re-check the dhclient.conf manpage
<hallyn> yeah that looks right
<hallyn> zul: actually - does that have to have quotes around the hostname?
<hallyn> i mean, it's working here without quotes
<hallyn> so i guess not
<zul> i havent tried it
<hallyn> I have.  Quotes might be more robust though
<zul> k....well repush then :)
<hallyn> zul: you think that's worth it?
<zul> not really
<hallyn> yeah, plus that then gets hair with quoting since it's inside a sed command
<hallyn> I'd probably do it wrong and break everything :)
<hallyn> and like i say - this is working
<zul> but if it makes it more robust then i would have to upload less if it doesnt work after :)
<zul> but ok
<hallyn> zul: not true, bc next week i'm applying for server upload rights :)
<zul> hallejuah :)
<zul> anyways uploade
<hallyn> zul: ok, thanks - I'll put in \" (bc I just tested it) when I send that upstream
<zul> hallyn: with the nova-compute bug? yeah its a known bug...the nova-compute driver is aasking for info that libvirt-lxc doesnt provide yet
<hallyn> zul: is there a workaround?
<hallyn> I hadn't heard about this
<hallyn> nor did i have this problem a few weeks ago
<zul> hallyn: not yet...
<zul> hallyn: hopefully tonight :)
<hallyn> zul: so let me ask you, is bug 842845 on your radar?
<uvirtbot> Launchpad bug 842845 in nova "problems starting multiple lxc instances concurrently" [High,New] https://launchpad.net/bugs/842845
<zul> hallyn: yes
<hallyn> Same problem?
<hallyn> zul: so should i move on, you have it under control?
<zul> hallyn: ill have it under control
<hallyn> zul: awesome, thanks!
<erichammond> davros: Were you looking for /var/www/ ?
<davros> like where i put the stuff that i want to show up on the server
<davros> oops now i get forbiden
<davros> 403
<davros> hahah
<koolhead17> davros: hope is has correct permissions set
<davros> well at least i got the phpinfo and not 403 lol
<davros> hmmm
<davros> DOCUMENT_ROOT is what i want to change right?
<ScatterBrain> join #php5
<davros> got it lol
<davros> wrong place
<davros> hahahaa
<uvirtbot> New bug: #851351 in eucalyptus (universe) "Remove "Ubuntu Enterprise Cloud" branding from Eucalyptus packages." [Undecided,Confirmed] https://launchpad.net/bugs/851351
<uvirtbot> New bug: #850892 in orchestra (universe) "orchestra-import-isos does not update" [Medium,In progress] https://launchpad.net/bugs/850892
#ubuntu-server 2011-09-16
<pythonirc101> I am looking to put a machine somewhere on the web  (fast and reliable network connection) so that i can control and host webpages (and applications written in python). I am in the US and would not like to pay too much for just electricity and network connectivity. Has anyone faced this problem here? Any pointers to solutions?
<warzauwynn> pythonirc101: which colocation facilities have you looked at?
<warzauwynn> pythonirc101: have you looked at VPS?
<pythonirc101> i did not know about colocation , will look at VPS now
<qman__> colo is expensive
<qman__> leasing a VPS or even a dedicated server is usually much cheaper
<warzauwynn> yeah, i'd only go colo if you need to have your own hardware, which is seldom the case.
<TheEvilPhoenix> ^
<TheEvilPhoenix> VPS or dedicated servers are ALWAYS better because they're cheaper
<TheEvilPhoenix> i'm speaking from experience there :P
<pythonirc101> what is VPS?
<warzauwynn> virtual private server.
<TheEvilPhoenix> virtual private server
<TheEvilPhoenix> basically...
<qman__> expect a colo to cost 5-10 times more than a dedicated server
<warzauwynn> "the cloud"!!!!!! OMG
<TheEvilPhoenix> its a server that is run virtually off of a host node
<warzauwynn> haha
<pythonirc101> how much cost am i looking at? for electricity and network cable?
<qman__> and a dedicated server to cost 10-30 times more than a VPS
<TheEvilPhoenix> pythonirc101:  for colo?
<pythonirc101> i dont mind getting the hardware from the provider or paying for it myself.
<qman__> at work, I'm in the process of decommissioning a colo box we pay $500/mo for
<TheEvilPhoenix> electricity, networking, power, rent of space  in the facility, bandwidth, etc.
<TheEvilPhoenix> not to mention the actual hardware can cost horrid amounts
<TheEvilPhoenix> i bought a Dell PowerEdge 2500, cost me $2500
<TheEvilPhoenix> then put that thing into colo
<qman__> you can find dedicated servers starting around $100/mo
<TheEvilPhoenix> ^
<qman__> and VPSes, depending on how reliable you need them, anywhere from $5 up
<TheEvilPhoenix> ^
<TheEvilPhoenix> decent VPSes i've seen are around, what $20 - $30 a month?
<TheEvilPhoenix> for reliable
<qman__> yeah
<pythonirc101> TheEvilPhoenix: how much do you pay per month to put that dell in colocation?
<TheEvilPhoenix> pythonirc101:  you mean how much DID I pay
<qman__> linux VPSes also tend to cost a lot less than windows ones
<TheEvilPhoenix> it shifted between locations over 2 years
<TheEvilPhoenix> but first place was $450/month
<qman__> some places offer the same pricing for both, but that's before you factor in 20 gigs of hard drive space wasted on windows itself
<TheEvilPhoenix> second was $49.99/month with horrid uptime reliability
<TheEvilPhoenix> finally said "Screw this", and cancelled the colo last week
<pythonirc101> TheEvilPhoenix: what did you do after that?
<TheEvilPhoenix> the server is now en route to my nice, static ip, business class internet hookup :P
<qman__> yeah
<TheEvilPhoenix> pythonirc101:  i'm waiting on the server to arrive, but its going onto my nice business class internet
<pythonirc101> TheEvilPhoenix: that costs me $150 for 10mbit line/month
<qman__> in some cases it's actually cheaper to just buy a cable line and find someone who will let you store it there
<TheEvilPhoenix> pythonirc101:  well i have an advantage...
<TheEvilPhoenix> pythonirc101:  i dont run the business class internet
<TheEvilPhoenix> er
<TheEvilPhoenix> enterprise class, even
<pythonirc101> TheEvilPhoenix: Thats cool
<TheEvilPhoenix> one of the companies i work with does
<TheEvilPhoenix> and they are allowing me to set the server up there
<TheEvilPhoenix> free of charge
<TheEvilPhoenix> (partly because they ALREADY pay me flat-fees monthly for being on-call for when their servers explode)
<qman__> yeah
<qman__> the actual cheapest way to run a server is to know people
<TheEvilPhoenix> mhm
<qman__> but the cheapest way that you can measure in dollars is VPS
<TheEvilPhoenix> mhm
<pythonirc101> hmmm
<pythonirc101> I need to find someone i know who has a good internet connection and is willing to let me colocate
<pythonirc101> how does one buy fiber connections? They probably are very expensive?
<pythonirc101> I know that there is a dead server right outside my building
<qman__> another reason the cost is so high for colocation
<qman__> if you're not running the latest greatest gear, you're also wasting a lot of electricity
<pythonirc101> qman__: i dont care about electricity for now...only one machine
<qman__> it's just economy of scale on so many levels
<pythonirc101> I just want to buy a good machine and put it in a good place
<qman__> but why, exactly, do you want to do that
<pythonirc101> or buy a good ethernet connection to my building...i somehow think that will be harder to do than to colocate
<qman__> why is a VPS not good enough, and more accurately, why are 20 VPSes not as good?
<qman__> because that's about the cost difference
<pythonirc101> qman__: how much would a vps cost me?
<pythonirc101> will they give me the latest and greatest machine with SSDs on them for the right price?
<qman__> bottom end from reputable companies is $5/mo
<qman__> they go up from there
<pythonirc101> I run web apps, not just web servers
<qman__> then you probably want a dedicated server
<qman__> you can get quad core machines with plenty of RAM and disk space for $100/mo
<pythonirc101> qman__: is there a vps provider that will let me be root on ubuntu and give me a good machine?
<qman__> all of them, pretty much
<pythonirc101> any pointers?
<qman__> don't look below the $100 mark for a dedicated server
<pythonirc101> http://www.vpsguides.com/vps-hosting-comparison/
<qman__> there are some cheaper than that but they're best avoided
<qman__> for a VPS, if you care about performance, aim $20/mo and up
<pythonirc101> 30GB disk space on most, not an option...at leave 4TB or more disk space is what i need...and that should cost $160?
<qman__> if you need that much space you'll have to pay more
<qman__> but it's not unattainable in the dedicated server space
<pythonirc101> 2x2TB drives = $200 at most today
<pythonirc101> 30GB disk space is a joke...
<qman__> you're not looking at all the angles
<qman__> to keep the price down users share hardware, that's how a VPS works
<qman__> it makes the most of the resources, and to do that, they have to limit disk space to allow for as many VPSes as the server can reasonably handle at once
<qman__> that's why more space costs more money
<pythonirc101> i see
<qman__> a VPS isn't the best choice if you have such a large data requirement, look at dedicated servers instead
<pythonirc101> qman__: or perhaps colocation
<qman__> it's not likely you'll be able to colocate cheaper than a dedicated server, even with your requirements
<qman__> unless you don't need datacenter quality accomodations and can stick it in someone's house with a comcast line
<qman__> and just to give you a sense of the market
<qman__> 4TB is _huge_ for a web server
<pythonirc101> hmmm
<qman__> nobody's going to have a 4TB 'plan', you'll have to shop with extra disk addons
<pythonirc101> i do need a colocation
<qman__> fair enough, but it's going to be expensive, no two ways around it
<pythonirc101> hmmm
<qman__> I assume that by having 4TB of data, you actually want to serve that data at a pretty high rate
<qman__> and the $500/mo rate I mentioned earlier is for 1Mbit/s averaged
<pythonirc101> unless i open up a colocation center myself and share the network bandwidth...the only expensive part is network...
<pythonirc101> And i know there is dead fiber in front of my building
<pythonirc101> its just a matter of if i can lease it...
<qman__> dead fiber is usually dead for political reasons
<qman__> not likely you'll be able to use it
<pythonirc101> you are probably right
<pythonirc101> the company owns it and wants to sit on it...
<pythonirc101> no clue why
<pythonirc101> is verizon fios reliable enough to run a server on it?
<qman__> that depends entirely on what kind of reliability you demand
<qman__> it's roughly the same as business class cable
<qman__> it's not measured in nines
<pythonirc101> hmmm
<pythonirc101> verizon is promising $100 for 25Mbps/up/down
<pythonirc101> http://smallbusiness.verizon.com/products/internet/fios/overview.aspx#plans
<TheEvilPhoenix> and we all know verizon fails :P
<bc> anyone seeing postgrey segault? jaunty
<twb`> I'm using postgrey on lucid without problems
<twb`> strace it?
<bc> sorry, I was mistaken, I'm on lucid as well.
<bc> twb`: I can't make any sense of this. Can you? -> http://pastebin.com/ZmGtua2t
<twb`> bc: nothing obvious there
<bc> twb`: I purged and reinstalled and it works. Apaprently something in the configuration file was being incorrectly handled.
<bc> And apparently I can't work my hands. Keyboard. How does it work?
<smoser> RoAkSoAx, your changes to orchestra look great.
<twb`> bc: sorry, man, no idea
<twb`> bc: if you have etckeeper installed, you can see what the differences were between working and broken config
<RoAkSoAx> smoser thanks
<RoAkSoAx> smoser.waiting fpr the branch to get merged into juju so i can release
<T3CHKOMMIE> hey guys, i need some advice on a server setup. ive got an old P4 with HT and 3 gb of ram im thinking of putting server 10.04 lts on it and serving up a drupal site as well as hosting a minecraft server. i only have a 40 gb hdd and im trying really hard to make it as redundant as possible I was first thinking about seting up virtualbox and just doing periodic back ups of the vdi but i didnt want to waste more resources. s
<T3CHKOMMIE> o i am not thinking of just installing ubuntu straight up. does anyone have any good ideas on how to keep a catastrophy to a minimum and how to quickly recover once this old dell finally eats it?
<TheEvilPhoenix> T3CHKOMMIE:  not running minecraft alongside anything else is a good start
<TheEvilPhoenix> T3CHKOMMIE:  minecraft servers require MINIMUM 2GB to run.
<TheEvilPhoenix> to run effectively*
<T3CHKOMMIE> TheEvilPhoenix, i have a XBMC install running all this crap right now and the mini ITX board can only support 2 gb... so im going to have to move to the P4 i was just wondering if anyone new of a way for me to keep this thing backed up up-to-the-day so that if... i mean... WHEN it crashes my site and other services will only be down for a short time... any tricks?
<T3CHKOMMIE> ideally i wanted to be running all this stuff on a NICE esxi box... but alas, i dont have the $$$ for that kinda setup just yet.
<bc> twb`: no problem, all good. thanks for help
<twb`> np
<koolhead11> hi all
<uvirtbot> New bug: #851611 in eucalyptus (universe) "Oneiric: Upgrade to 2.0.1+bzr1256 blocks" [Undecided,New] https://launchpad.net/bugs/851611
<uvirtbot> New bug: #851625 in munin (main) "snmp__if plugin does not work" [Undecided,New] https://launchpad.net/bugs/851625
<jamespage> morning all
<ttx> Daviey: could you have a look at https://code.launchpad.net/~tpatil/nova/lp782364/+merge/75259
<ttx> Daviey: if you ok with it, I'll merge it in the Essex packaging branch
<ttx> Daviey: that said, we consider adding that to diablo too, since the option seems useful if you actually wants FloatingIPs to be usable
<ttx> iputils-arping is in main so damage is limited, but wanted your opinion first
<jamespage> Daviey, SpamapS: do we now have a working eucalyptus in universe?
<Daviey> jamespage: seems so, testing would help.. :)
<Daviey> ttx: looking
<jamespage> Daviey: right - I need to test it for a proposed upgrade to libasm3-java to support a late FFE for eclipse 3.7
<jamespage> Daviey: I've never actually installed it from anywhere other than the ISO - where do I find instructions
<jamespage> (and good morning BTW)
<Daviey> morning.
<Daviey> jamespage: https://help.ubuntu.com/community/UEC/PackageInstall
<jamespage> ta
<jamespage> fmd
<Daviey> ttx: landing in the Essex branch is no problem.. if it's going to be backported to Diablo, then it looks OK.. and not even enabled by default.
<ttx> yep
<ttx> ok, I'll make it happen
<Daviey> make it so.
<soren> http://bit.ly/nzpN73
 * jamespage restarts his install
<jamespage> network installs don't like it when the power goes off
<phretor> is it possible that upgrading from 10.10 server "automagically" installed XEN and spontaneously configured GRUB to boot from a DOM0 that I haven't obviously configured (not being aware of it)?
<jamespage> Daviey: hmm it was reticent to startup without a kick
<Daviey> jamespage: what sort of kick?
<jamespage> Daviey: its hanging during startup - "wget -q -T10 -t1 -O- --no-check-certificate https://192.168.1.52:8443/register"
<jamespage> during initial configuration
<Daviey> hmm
<jamespage> I think its when the various components try to "restart eucalyptus" in postinst
<Daviey> this happend once before..
<jamespage> I can't get a response from  https://192.168.1.52:8443/register either
<jamespage> Daviey: any pointers on that one
<Daviey> jamespage: Honestly, i cannot remember.. I think one of the components didn't quite start properly.
<Daviey> I'm sorry i'm not being more help.
<jamespage> Sounds a bit like bug 503180
<uvirtbot> Launchpad bug 503180 in eucalyptus "[SRU] eucalyptus-cloud doesn't reply to requests (eucalyptus doesn't work after reboot or services restart issues due to upstart networking behavior)" [High,Fix released] https://launchpad.net/bugs/503180
<Daviey> Hmm
<jamespage> but I don't think its the same issue
<Daviey> not sure it is, but could well be
<jamespage> Daviey: it gets there in the end by waits for 60 x 10 seconds before giving up
<Daviey> jamespage: Hmm.. maybe best to defer it and speak with upstream later on today.
<jamespage> Daviey: hmm - odd that I can get that URL using chromium from my laptop
<jamespage> but not using wget or curl
<Daviey> jamespage: wait, it doesn't working by using curl on your laptop?
<Daviey> or just not from the dev box, accessing localhost?
<jamespage> either - I get the same thing from curl on both the euca install - localhost - or remotely
<jamespage> works OK in firefox as well
<jamespage> * SSLv3, TLS handshake, Client hello (1):
<jamespage> * Unknown SSL protocol error in connection to 192.168.1.52:8443
<jamespage> * Closing connection #0
<jamespage> curl: (35) Unknown SSL protocol error in connection to 192.168.1.52:8443
<jamespage> hmm - I don't think this is actually euca
<jamespage> Daviey: ^^ - if I run the wget command from a natty chroot - it works just fine
<jamespage> but not from oneiric
<Daviey> jamespage: ahhhhh
<Daviey> We dropped SSLv2 support this cycle... i wonder if it is that?
<Daviey> 12:44 < jamespage> * SSLv3, <-- bah
<uvirtbot> New bug: #829234 in socat (universe) "[MIR] socat" [Undecided,In progress] https://launchpad.net/bugs/829234
<jamespage> Its using SSLv3
 * jamespage scratches his head
<jamespage> Daviey: ignore my natty observation - think that was  red herring
<jamespage> but it did work - think that euca just unfroze or something
<Goatesper> i setup my login. i see it. but i cannot be accepted?
<Goatesper> http://i.imgur.com/J9DdG.png
<Goatesper> i also did ubuntu-prosper
<Goatesper> wtf. where is the ubuntu serverh andbook
<Pici> !serverguide | Goatesper
<ubottu> Goatesper: The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<Goatesper> i see. i did admin-prosper
<Goatesper> that was the minor difference
<Goatesper> 10.04 is same as 11.04?
<Goatesper> -bookmark
<Pici> Goatesper: No, but 10.04 is...
<Pici> meh.
<jamespage> SpamapS, give me a ping when you start today please
<jamespage> trying to verify that euca might just be usable in oneiric
<Daviey> jamespage: SpamapS is the new expert for euca btw :)
<jamespage> really? how interesting
<jamespage> I saw he applied the upstream patch yesterday
<Daviey> jamespage: Yeah, that made it his problem :)
<jamespage> hehe
<zul> morning
<zul> sucks to be him :)
<Daviey> afternoon zul
<ttx> Daviey: sounds like a blame.
<zul> Daviey: no its morning
<rbasak> What's the preferred API entry point to have Python API access to openstack? euca2ools.commands? boto?
<zul> depends on what you want to do
<rbasak> I want API access to stuff like euca-run-instances
<zul> boto
<rbasak> OK cool, thanks
<jamespage> +1 on boto
 * rbasak is familiar with boto already, so that's convenient :)
<Daviey> rbasak: if you need concurrency, use txAWS.
<Daviey> .. which i am still trying to get my head around
<zul> ive seen problems with txaws against openstack though
<Daviey> zul: oh?  Where?
<zul> with ensem...i mean juju
<Daviey> zul: I think SpamapS fixed that yesterday
<zul> probably
<vstepanov> hi
<vstepanov> does anybody know about posibilities to enable hugepages in EC2 cloud?
<uvirtbot> New bug: #851900 in eucalyptus (universe) "Eucalyptus slow to startup with broken connections to :8443/register" [Undecided,New] https://launchpad.net/bugs/851900
<smoser> Daviey, around ?
<Daviey> smoser: no.
<Daviey> err, yes
<smoser> so...
<smoser> nova
<smoser> what is the plan for nova and beta ?
<smoser> are we expecting an upload prior to?
<Daviey> smoser: as in a new snapshot?
<smoser> yeah
<Daviey> yah
<smoser> k
<zul> im uploading a version as we speak
<Daviey> zul i believe is driving that
<smoser> ah.
<smoser> well.
<smoser> i'd like to ask for one on tuesday
<smoser> :)
<zul> why tuesday?
<smoser> cause thats later than today
<zul> nova releases on thursday
<smoser> we release on thursday, so thats too late
<smoser> :)
<zul> ok i can do one on tuesday as well
<smoser> http://paste.ubuntu.com/690824/
<Daviey> zul: can you include bug numbers for bugs with a ubuntu task?
<smoser> thats the list of stuff that i'm racing to get in.
<Daviey> smoser: you are a rock star
<smoser> if someone wants to write some python code to say "is this qcow image compressed" , that would rock
<zul> smoser: jeebus
<smoser> anyone ?
<smoser> bueler ?
<zul> smoser: heh ok...i have at least one fix to get in as well
<Daviey> smoser: can you produce two small qcow files?
<smoser> you mean for you to test with ? Daviey ?
<smoser> yeah, its easy
<Daviey> smoser: yah
<smoser> truncate --size 100M my-raw.img
<smoser> mkfs.ext3 -L himom my-raw.img -F
<smoser> qemu-img convert my-raw.img -O qcow2 my-qcow2.img
<smoser> qemu-img convert my-raw.img -O qcow2 -c my-qcow2-compressed.img
<smoser> $ ls -l my-*.img
<smoser> -rw-r--r-- 1 smoser smoser    344576 2011-09-16 10:15 my-qcow2-compressed.img
<smoser> -rw-r--r-- 1 smoser smoser   3014656 2011-09-16 10:15 my-qcow2.img
<smoser> -rw-rw-r-- 1 smoser smoser 104857600 2011-09-16 10:15 my-raw.img
<smoser> i can give you some logs of conversation i had in #kvm also regarding it.
<Daviey> smoser: fancy dropping it all in a mail?
<Daviey> easier for me to put it together. :)
<smoser> sure.
<Daviey> ta
<smoser> Daviey, http://paste.ubuntu.com/690838/
<smoser> if you want to mail that to yourself, go ahead.
<RoAkSoAx> Daviey smoser adam_g zul kirkland FYI, I'm changing everything that says ensemble to juju in Orchestra that will be released later today
<zul> ack
<RoAkSoAx> so if something breaks just let me know ;)
<uvirtbot> New bug: #851963 in vsftpd (main) "vsftpd with likewise-open doesnt create directory on login" [Undecided,New] https://launchpad.net/bugs/851963
<kirkland> RoAkSoAx: good luck
<Daviey> RoAkSoAx: rocking
<Daviey> jamespage / zul: bug 825670 fix has landed in oneiric now?
<uvirtbot> Launchpad bug 825670 in swift "python-swift: remove the user on purge" [Medium,Fix committed] https://launchpad.net/bugs/825670
<zul> Daviey: it should have yes
<Daviey> zul: Are you working on bug 802402?
<uvirtbot> Launchpad bug 802402 in image-store-proxy "convert to dh_python2" [Undecided,Confirmed] https://launchpad.net/bugs/802402
<zul> Daviey:  no i havent i can figure that out now
 * Daviey eats
 * RoAkSoAx hungry
<genii-around> It is possible to classify vlan traffic with u32 ?
<uvirtbot> New bug: #825670 in swift (main) "python-swift: remove the user on purge" [Medium,Fix committed] https://launchpad.net/bugs/825670
<hallyn> smoser: SpamapS: so should libvirt-bin switch from starting on 'stopped networking RESULT=ok' to using static-network-up?
<hallyn> I'm thinking it needs to.  And I'm not sure what we do about SRU for that (since static-network-up doesn't exist in natty and earlier)
<just-a-visitor> genii-around: see http://brownian.org.ua/?p=189&langswitch_lang=en if it applies to your problem
<genii-around> just-a-visitor: Reading, thanks
<hallyn> no, wait
<hallyn> I think from oneiric onward we can drop that from libvirt
<hallyn> bc it starts on runlevel, but rc-sysinit starts on static-network-up, so libvirt will now automaticlaly wait for all netdevs to be up?
<hallyn> SpamapS: jhunt: ^
<jamespage> Daviey: whos the best person to talk to upstream from euca?
<magicblaze007> I've a machine at home and would like to run apache from here (dynamic ip). Does anyone know to point my dns to this apache box? I guess i'll have to do port forwarding...I use zoneedit for dns for now.
<magicblaze007> I guess I'll try to use ddclient
<SpamapS> hallyn: +1 thats what I would like to see from most daemons.. 'start on runlevel [2345]'
<hallyn> SpamapS: ok, i opened bug 852000 for that.
<uvirtbot> Launchpad bug 852000 in libvirt "libvirt no longer needs to start on stopped networking" [Undecided,New] https://launchpad.net/bugs/852000
<hallyn> SpamapS: but we missed freeze.  not sure we can sneak something like this in for o at all any more?
<uvirtbot> New bug: #852000 in libvirt (main) "libvirt no longer needs to start on stopped networking" [Undecided,New] https://launchpad.net/bugs/852000
<hallyn> SpamapS: so is there any way that static-network-up will get SRUd?
<SpamapS> hallyn: the event, maybe, the rc-sysinit change, never.
<hallyn> the event would be ok, then libvirt could start on that
<hallyn> bc start on stopped networking is insufficient
<hallyn> SpamapS: was all the work for static-network-up contained within the ifupdown package?
<Daviey> jamespage: grazino
<SpamapS> hallyn: no, upstart has the failsafe and rc-sysinit changes
<SpamapS> hallyn: the event though, yes, is self contained in ifupdown
<SpamapS> jamespage: you rang?
<jamespage> SpamapS: hey - yes
<jamespage> although I may have answered by question since
<jamespage> I wanted to check what testing you did of the eucalyptus upload yesterday
<jamespage> I've been testing today and its distinctly unhappy
<hallyn> SpamapS: is the failsafe change to work around the rc-sysinit change?  I.e. if we don't have rc-sysinit change but we have static-net-up we don't need the failsafe, right?
<jamespage> its not your upload BTW
<hallyn> SpamapS: ok, full disclosure :)  are you already planning on doing the static-net-up fix for lucid 10.04.4 for bug 580319 ?
<uvirtbot> Launchpad bug 580319 in upstart "init.d controlled services launch before all interfaces are up, thus failing to start" [Undecided,Confirmed] https://launchpad.net/bugs/580319
<hallyn> All right I think I have to take a stab at it
<SpamapS> hallyn: I don't think we're going to be able to SRU that. Its a massive change in behavior.
<SpamapS> jamespage: I smoke tested euca.. started it up, was able to login to the clc .. did a couple of reboots.. not much else
<jamespage> SpamapS, hrm - interesting
<jamespage> SpamapS: I'm hitting this issue - and so is TeTeT during upgrades
<jamespage> wget can't talk to the clc over http://xxx:8443
<jamespage> chromium and firefox can
<jamespage> bug 851900
<uvirtbot> Launchpad bug 851900 in eucalyptus "Eucalyptus slow to startup with broken connections to :8443/register" [Undecided,New] https://launchpad.net/bugs/851900
<Daviey> jamespage: this is wget on both localhost and your laptop?
<jamespage> Daviey: yep
<jamespage> sometimes you get no reponse, sometimes a partial and sometime full
<jamespage> but most times no response
<Daviey> jamespage: i wonder if this is a bridge issue?
<Daviey> maybe X based browsers are more aggresive in trying?
<jamespage> Daviey: same issue on localhost
<jamespage> I did sniff the network packets - they looked OK
<Daviey> jamespage: Yeah, but does that actually use lo directly?
<jamespage> i.e. no unexpected RST's etc...
<Daviey> hmm.
<jamespage> Daviey: I think so
<warzauwynn> how do you control which TTY is selected when the system boots up?  one of my machines is always going to a blank tty, no clue why.
<SpamapS> warzauwynn: vt.handoff=#
<SpamapS> warzauwynn: in the kernel args in grub
<warzauwynn> w00t, thanks
<Daviey> SpamapS: Is juju naming transition complete?
<SpamapS> Daviey: trunk has been renamed
<SpamapS> Daviey: I'm preparing a FFe for the renaming of the binary packages and such, to also be timed with landing a couple other things we already planned to land late.
<smoser> hallyn, surely we're allowed to fix bugs still
<smoser> (regarding "SpamapS: but we missed freeze.  not sure we can sneak something like this in for o at all any more?")
<jamespage> Daviey: I subscribed graziano to the bug report and requested some help
<hallyn> smoser: which one is that in referecne to?
<hallyn> smoser: the oneiric one is just a cleanup - no misbehavior without it
<hallyn> smoser: the other stuff is only for natty and earlier
<smoser> oh. i thought you were saying for oneiric.
<smoser> we've long missed "freeze" for natty
<smoser> i think that was about 6 months ago
 * RoAkSoAx will be back in an hour
<hallyn> smoser: i must have missed that email
<hallyn> j/k
<warzauwynn> SpamapS: weird, changing the TTY didn't helpâ¦ whenever i boot up, regardless of which TTY is selected it always starts with a blank window.  I have to switch away and back to get any text to display on that tty.  any ideas?
<hallyn> smoser: do you think that this part;
<hallyn>   * invoke dhclient3 with '-1', meaning it should exit failure if it does
<hallyn>     not receive a response in 60 seconds. (LP: #838968)
<SpamapS> warzauwynn: no, that is weird. What release?
<hallyn> should be part of an SRU for static-network-up?
<warzauwynn> it's 11.04, been upgraded through at least one version of 10, maybe starting at 9.
<warzauwynn> it's been a problem for a while and i've always just dealt with itâ¦
<warzauwynn> not like it's a huge problem either, just kinda odd.
<smoser> hallyn, i would think you should not do that.
<hallyn> smoser: ok
<SpamapS> yeah thats not going to work out
<SpamapS> Too much behavior change.
<smoser> and unfortunately, that, static-network-up is not really going to work
<hallyn> smoser: why?
<smoser> s/, that,/without that/
<smoser> because thats what makes static-network-up wait for all network devices to be up
<smoser> previously ifup did not wait
<smoser> it just waited for 60 seconds and then went on with life, pretending it did it
<hallyn> well,
<hallyn> as far as libvirt is concerned i think that's fine
<smoser> i think introducing static-network-up without that is just asking for issues.
<hallyn> if your networking hasn't come up after 60 seconds, then you have probelms anyway
<hallyn> right now autostart VMs fail.  Making it so only ppl with bad setups have problems seems an improvement to me.
<smoser> maybe.
<smoser> even probably
<hallyn> smoser: i'm going to try out lp:~serge-hallyn/ubuntu/natty/ifupdown/static-net-up
<i0n> anyone know/have of a apache2.2.22 package?
<SpamapS> smoser: what hallyn is saying makes sense. Waiting 60 seconds for something to happen might be better in the general case.
<SpamapS> That said..
<SpamapS> 11.10 is out in a month..
<SpamapS> 12.04 out in 7 months..
<SpamapS> There are workarounds to the issues..
<smoser> does lucid have this problem ?
<SpamapS> yes
<SpamapS> 9.10 introduced it
<smoser> its valid to find *a* fix for 10.04
<SpamapS> when we stopped waiting for all interfaces to be up on boot
<smoser> 11.10 is 'meh'
<smoser> lts and libvirt not working is embarrasing
<SpamapS> Way more than libvirt is broken
<SpamapS> *anything* that binds to an interface
<SpamapS> smoser: what bug did I say we missed freeze on?
<smoser> you didnt.
<smoser> hallyn, did
<SpamapS> Oh ok
<hallyn> SpamapS: hm, 'start: Unknown parameter: JOB
<SpamapS> hallyn: who when?
<hallyn> SpamapS: when reinstalling ifupdown on natty
<hallyn> from network-interface-security.conf
<SpamapS> hallyn: sorry I'm not sure what that means.. have to step away for a few minutes.. will ping when I return
<hallyn> ok
<kees> hallyn: that would imply upstart has regressed?
<hallyn> kees: i don't know, i need to reproduce and make sure i'm not responsible
<kees> the use of JOB stuff in network-interface-security.conf is from me, but it really should work fine in natty
<kees> hallyn: is it disk corruption? what does the file look like? JOB is only part of the "instance" line ..
<hallyn> no, it's not me
<hallyn> apt-get install --reinstall ifupdown in natty gives that line
<hallyn> kees: yes, it doesn't do it in oneiric, so it must be an upstart difference
<kees> hallyn: can you pastebin your network-interface-security.conf file somewhere? it works for me in natty
<kees> well, it works for everyone but you in natty. ;)
<hallyn> kees: apt-get install --reinstall ifupdown didn't do it for you?
<hallyn> it was a fresh, newly created, up to date natty vm
<hallyn> i'll recreate again
<magicblaze007> is anyone using ddclient of ipcheck here?
<kees> hallyn: can you pastebin your file?
<hallyn> kees: not until the vm is recreated
<kees> oh heh
<hallyn> kees: http://paste.ubuntu.com/691011/
<hallyn> kees: http://paste.ubuntu.com/691012/  that is the error msg
<kees> how strange. but everything still works, right?
<hallyn> yeah
<internalkernel> Im using rsync to create incremental backups, how can I remove the duplicate (i.e. unchanged) files from a snapshot? I want to prune all the files that are duplicates, and tar ball only the changed files...
<internalkernel> I haven't seen an easy way to do this yet, does anyone have suggestions?
<SpamapS> internalkernel: tar has a --newer path/to/a/file
<internalkernel> hmmmm.... SpamapS thanks I'll look into that... I hadn't thought of using tar directly, I was still trying to make rsync do it... :)
<SpamapS> internalkernel: not sure what exactly you want rsync to do.
<internalkernel> SpamapS:  Maybe I was mistaken, but I thought I had read somewhere that rsync's --remove-source-files option could have been tailored to remove duplicates between two directories
<uvirtbot> New bug: #850196 in euca2ools "euca-describe-images crashed with GetoptError in long_has_args(): option --owner-id not recognized" [Low,Confirmed] https://launchpad.net/bugs/850196
<m_3> internalkernel: find has a -newer option too
<marko_> [13:53] <marko_> am hoping to try out El Diablo on Oneiric [13:53] <marko_> would like to understand how best to layout my server [13:53] <marko_> i have a HP system i can devote to this [13:54] <marko_> can either have raid0 with 146 GB and RAID5 with about 400 GB [13:54] <marko_> or can move a couple drives and make RAID0 have 72 GB and more for RAID5 [13:55] <marko_> also, curious if i should install ESXi first, then create 
<marko_> sorry bout that
<marko_> i composed a big note and tried to copy paste..  not too clear i'm afraid
<marktma> am hoping to try out El Diablo on Oneiric. would like to understand how best to layout my server. i have a HP system i can devote to this Can either have raid0 with 146 GB and RAID5 with about 400 GB or can move a couple drives and make RAID0 have 72 GB and more for RAID5  Also, curious if i should install ESXi first, then create the ElDiablo server for OpenStack or just go on bare metal with Oneiric
<marktma> i guess knowing that OpenStack mimics EC2, am curious if i need to configure for S3 as well, or just EC2
<marktma> is this the right place to ask about ElDiablo?
<marktma> or should i go somewhere else?..  like a bull riding IRC channel?
<Wild_> Hey, I need to make a new account, that only has access to /var/www (to edit the website) via SFTP or FTP, what do I do? (and yes, I googled it)
<Wild_> anyone there?
<Wild_> ANYONE HERE?
<SpamapS> Wild_: I like 'scponly' for that
<Wild_> wow an asnwer
<Wild_> lol
<Wild_> what is that?
<Wild_> a package?
<SpamapS> Wild_: yeah
<Wild_> What does it do?
<scubes13> anyone around using SoGo authenticating against AD and connecting to extermal IMAP server? I have been googling and cant find any walk thru or example that I can follow
<SpamapS> scponly - Restricts the commands available to scp- and sftp-users
<SpamapS> Wild_: ^^
<Wild_> I have no clue how to set that up
<Wild_> I just have to use a free host I guess :/
<SpamapS> Wild_: well it does have a manual.
<SpamapS> Wild_: the steps largely involve "install it... create a user... chsh -s /usr/bin/scponly username"
<SpamapS> Wild_: an additional step may be to change the web server configuration so it reads its files from their home dir.
<jj995_> I'm using systemimager to try to copy one system to another, and now my /boot directory is empty -- this system will no longer boot with kernel images in /boot, right?
<jj995_> s/with kernel/without kernel
#ubuntu-server 2011-09-17
<uvirtbot> New bug: #852349 in php5 (main) "sqlite2 support" [Undecided,New] https://launchpad.net/bugs/852349
<CluelessPerson> BOOM
<Error404NotFound> how would i display all pvs belonging to a specific vg?
<Error404NotFound> got it
<madalin> hello, can anyone tell me how i can get the dhcpserver to lease forever ?
<RoyK> anyone that knows any good speech syntesis software? or even better, a horrible one to make eightees-speech syntesis?
<Daviey> flite, festival?
<Daviey> or spd-say
<linxeh> hi there, I'm just doing an install of 11.04 server, and there is an option of "basic ubuntu server" in the list of software to install. Is there a list of the packages this will install anywhere?
<linxeh> just look at the "server" meta package?
<linxeh> ok nm, tasksel to the rescue
<T3CHKOMMIE> good morning everyone. can anyone help me troubleshoot my dovecot IMAP server... thiings dont seem to be working :(
<patdk-lap> depends
<T3CHKOMMIE> patdk-lap, ive got postfix working and using webmin i can send and recieve just fine. i just cant get dovecot to server up the mailboxes via IMAP or IMAPS im using ubuntu server 10.04
<patdk-lap> dunno anything about webmin
<patdk-lap> and without any other info I can't help you
<T3CHKOMMIE> patdk-lap, do you know of a good tutorial for configuring dovecot with ssl?
<ersi> I'd suggest reading either at ubuntu server guide or at dovecots documentation
<ersi> there's a ton of reading about postfix, dovecot and so
<patdk-lap> the postfix and dovecot websites are really the best, they have all kinds of info
<ersi> indeed, a ton of reading there
<T3CHKOMMIE> ok thanks ill get to it.
<Myrtti> webmin isn't supported anymore, anyways
<SpamapS> !zentyal
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<savid> Hi, I'm looking into possibly using upstart to manage my website processes (using nginx + gunicorn), but I don't want to have a separate script for each website.  Is it possible to have a single script manage multiple processes based on a given name
<savid> for example, if my upstart service is called "website",  I would want:  "service website www.example.com start",   and I would want upstart to be able to monitor and respawn that individual process for that website separately.
<SpamapS> savid: just make multiple jobs that start on starting website and stop on stopping website
<SpamapS> savid: you can even make website an empty job that just has 'start on runlevel [2345]' and 'stop on runlevel [016]' ...
<SpamapS> savid: I hate to leave you hanging but I have to run.. maybe check out http://upstart.ubuntu.com/cookbook/ as well :)
<savid> SpamapS, cool, makes sense.   Would I still need to have a script for every website, though?
<savid> ah, ok.  thanks
<Xptical> Hi all.  Anyone awake in here?
<Myrtti> to some degree
<Xptical> LOL.  Understandable.
<Xptical> I recently changed my residential cable to a business account to get around the 250GB monthly cap.
<Xptical> I got a static IP along with that and I was thinking of setting up a personal web server.
<Xptical> But I'm unsure about everything I'll need.
<Xptical> I know I want to use Cherokee server.  Probably PureFTP
<Xptical> I'd like to use Postgres or some other SQL server to get away from MySQL
<Xptical> And maybe Drupal as a CMS
<Xptical> Am I missing anything?  Maybe something to handle outgoing mail for Drupal's notifications...
<Myrtti> can't really think of any valid reason to have anything to do with FTP apart from if you need to receive files from an embedded device that can do only that
<Myrtti> or if you're hosting a mirror of something
<Xptical> I think most FTP clients can do FTP over SSH.  Right?
<Xptical> Some "dropbox" type service would be nice too...
<Xptical> dropbox is blocked at my office...
<patdk-lap> xptical, there is no ftp over ssh, unless you meaqn ssh tunneling
<patdk-lap> there is sftp, but it really has nothing to do with ftp
<Xptical> I was playing with FireFTP last night.  If you tell it to use SFTP, it uses port 22.
<patdk-lap> yes, that is sftp, not ftp over ssh
<Xptical> So, yeah, probably no need for an actual FTP server
<Xptical> What about outgoing mail?
<ersi> Xptical: There's FTPS, which is FTP over a SSL encrypted channel. There's SCP (Secure Copy), FTP clients usually can't handle that thouhgh
<patdk-lap> I don't know what scp is called secure copy
<patdk-lap> it's really just a normal ssh session, that and you run normal commands
<patdk-lap> makes it hell to secure
<ersi> patdk-lap: Well well, it's called 'secury copy' none the less
<uvirtbot> New bug: #852479 in asterisk (universe) "Merge asterisk 1:1.8.4.4~dfsg-2 (universe) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/852479
<uvirtbot> New bug: #852484 in backuppc (main) "Merge backuppc 3.2.1-1 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/852484
<uvirtbot> New bug: #852601 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/852601
<uvirtbot> New bug: #852705 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.2 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/852705
<uvirtbot> New bug: #852713 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.2 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/852713
<HelloWorld321> I think I've installed Glassfish (and NetBeans) via Ubuntu Software Center, and I see lots of glassfish folders in /usr/share/doc, and I see lots of glassfish jars in /usr/share/java but I can't find asadmin anywhere.   Where should I be looking for asadmin?
<jmarsden> HelloWorld321: You can use dpkg -L PACKAGENAME  |grep asadmin    # to list the contents of a package you installed, and look for asadmin in the output...
<HelloWorld321> tx
<Dulcin> Hi, I have a question, I'm setting up an ubuntu server and currently setting up apache. https://help.ubuntu.com/11.04/serverguide/C/httpd.html
<Dulcin> Under 'Basic Settings' it mentions a 'Listen' directive, but I can not find this in the default virtual host file
<ersi> It's not in the virtual host file, it's in another configuration file
<oCean> Dulcin: it's in ports.conf if I'm not mistaken
<ersi> oh yeah, that's the name of it
<Dulcin> ok so it's included by default and my virtual host files can just leave that out?
<Dulcin> that clears things up a little
<ersi> depends on how your virtual host is configured :)
<ersi> if it's answering on everything, ie *, then yes
<Dulcin> Well I'm trying to set up a subdomain, so I copied the default file and am now editing it as the manual tells me to
<Dulcin> but I couldn't find the Listen directive which it says should be there, so I was confused
<DLCN> does it matter if my subdomain is an A record or CNAME when setting up the virtual host?
<ersi> Nope
<ersi> As long as the browser sends the correct "Host:" headers - it doesn't matter at all
<ersi> record type doesn't have anything to do with that, afaik. It's just how the resolving of the names will occour
<DLCN> Ok, I was just checking because the apache docs kept mentioning CNAME records
<DLCN> But I was being stupid, forgot I was editing in the sites-available folder and not sites-enabled
<DLCN> I got it to work now :)
<ersi> ah :)
<ersi> yeah, that shit has confused me a few times as well
<ersi> (I was used to having one huge vhost config files before)
<DLCN> heh
<Dulcin> so now that the file is copied, which one do i edit?
<Dulcin> (sites-enabled or sites-available?)
<Dulcin> looking at the file rights, I assume sites-available :)
<Dulcin> I mean, symlink
<HelloWorld321> I just did a fresh install of Derby.  Do I need to do something to make it auto-start?  Will NetBeans launch it for me?
<zastaph> under F4 Modes, would I choose "Install a minimal virtual machine" if I want to run Ubuntu server as Guest OS in VirtualBox ?
<qman__> can, don't have to
<qman__> that's what used to be known as the JeOS option, it strips out most drivers and things that aren't needed in a VM
<qman__> standard installation will work equally well, it'll just be larger
<zastaph> am setting up an "ubuntu server LTS master" that I can clone for all kinds of purposes, so kind of important choice :)
<guntbert> zastaph: see https://help.ubuntu.com/community/JeOSVMBuilder  for an explanation
<zastaph> and i think what is more relevant is if JeOS will work equally well as Normal .. that it wont have any disadvantages
<Dulcin> Hmm, for some reason my apache virtual host file is not pointing to the right directory. The /var/www/index.html is displayed instead of /var/www/html/index.php - even though nothing in the virtual host file points to the old directory
<Dulcin> ah got it working
<leonel> hey ! xulrunner is gone in 11.10 .. what library replaces it ?
<jmarsden> leonel: ask in #ubuntu+1
<leonel> jmarsden: thanks  asking ...
<Dulcin> Gah, these virtual host files are driving my crazy.
<HelloWorld321> how many Kbps in a 100BaseT network?
<Dulcin> When I set my server domain to 'example.com' it does not redirect to the right folder
<Dulcin> but if I make it 'test.example.com' it works?
<qman__> you do know what 100BaseT stands for, right?
<Dulcin> I mean ServerName*
<qman__> 100 megabits
<qman__> your hosts file has to match up for it to work properly
<qman__> but that looks more like something else syntactically at fault
<qman__> maybe overlapping virtualhost definitions
<Dulcin> I only have localhost + my domain in my hosts file
<HelloWorld321> so if I never want an application to use more than half the bandwidth, and it throttled in kbps, I could use 50,000 kbps?
<qman__> not exactly
<qman__> that's the line's data rate
<qman__> there are other things to consider like protocol overhead
<qman__> half or full duplex, and whether all devices are capable of saturating the line
<qman__> you should run a real world test to see just how much data it can actually push through
<qman__> halve that, and use it
<Dulcin> hmm does ubuntu have something like fedoras fpaste?
<jmarsden> Dulcin: pastebinit maybe?  What exactly does fpaste do?
<qman__> and you should also reserve a few percent of your bandwidth outside of any allotments, to avoid saturation lagging you out
<Dulcin> jmarsden: upload output to fpaste pastebin and returns an url
<jmarsden> Yes, pastebinit is the equivalent.
<Dulcin> cool thanks
<jmarsden> You're welcome.
<Dulcin> Here's my file, do you see any errors?: http://paste.ubuntu.com/691863/
<qman__> yes
<qman__> the first directory statement isn't in quotes
<qman__> I don't know for a fact that it needs to be, but being syntactically consistent is important to avoid weird problems
<Dulcin> hmmm, ok ill change it, but this was an exact copy of the default virtual host file
<jmarsden> qman__: The /etc/apache/sites-available/default has it without quotes... :)
<qman__> fair enough
<qman__> you also don't have a "<Directory />"
<qman__> again, I don't know that it's required, but all of mine have it
<Dulcin> they all have a </Directory> right?
<qman__> yes, I just meant there's no entry there for /
<Dulcin> oh right, i removed that,
<qman__> nevermind that, I just looked on a different server
<qman__> none there
<Dulcin> i will add that, but was confused with its meaning as i already pointed to the directory
<Dulcin> oh ok
<Dulcin> what I find strange is that it points to /var/www/[index] at the moment, instead of /var/www/html/[index]
<Dulcin> maybe its because of the 000-default file that's in the enabled directory?
<qman__> well, here's two sites on one of my servers, which both work:  http://pastebin.com/1zC6107S
<qman__> oh, you have both enabled?
<qman__> the sites must be overlapping
<qman__> disable the default and see if it works
<Dulcin> yeah it's working!
<Dulcin> that was kind of stupid of me
<Dulcin> thanks for looking at it with me qman__
<zastaph> one of the first questions when installing ubuntu server is the hostname.. now, if I clone this VM shouldn't I change the hostname for each clone to avoid any network conflicts?
<ersi> zastaph: Well, sure - if you're using DHCP. Otherwise the only thing I'd change is removing the dbus rule that holds the MAC address of your current virtual NIC
<zastaph> the MAC address is changed when cloning (by vbox)
<jmarsden> zastaph: Yes, but vbox is not smart enough to edit /etc/udev/rules.d/70-persistent-net.rules for you, as far as I know.
<zastaph> well i thought I would just edit /etc/hosts and another filed called hostname if I recall
<jmarsden> zastaph: That's hostname stuff, not MAC address stuff.  In Ubuntu, there are usually MAC addresses in /etc/udev/rules.d/70-persistent-net.rules -- so as far as I know, you will want to get rid of them before cloning.
<zastaph> oh, before
<ersi> This is valid for Red Hat and SuSE as well.
<ersi> I'm speaking by experiance. And I use vbox as well. Took me several hours/a day to figure that interface names out :P
<ersi> that's really all you need to think about when clonin', if it's a really basic vm :)
<zastaph> do you use LVM for your guest OS's ?
<zastaph> I installed the minimal virtual machine of ubuntu, and now under software selection with "DNS server, LAMP server, etc." there's also one called "Basic Ubuntu server" .. i dont think that option is with the normal install.. what would I miss if I didn't install that?
<ersi> no, I havn't yet used LVM with my guests
<zastaph> yeah i also thought it would be overkill as vbox allows you to dynamically resize and do snapshots
<jmarsden> zastaph: Use tasksel to see what tasks are available and what they install.  For your case,   tasksel --task-packages server
<zastaph> dont have access to shell yet
<ersi> zastaph: I was considering it, but it felt overkill. Havn't had the need yet :)
<jmarsden> Then install a boring default server, and add what you really need later :)
<jmarsden> zastaph: Usually one has a workstation before one installs a server...
<ersi> Mainly using it to have a system that is easily snapshotted and rolled back (for testing several of the companies software products and compliances)
<zastaph> jmarsden, so to install "Basic Ubuntu server" or not?
<zastaph> ersi yes but vbox already gives that functionality
<jmarsden> zastaph: Up to you.  You can always add it later using tasksel , as I said.  i do not know your use case, so what you choose to install is up to you...
<ersi> If you for some reason ever consider having SuSE 10.3 as a guest.. Stop right there and shoot yourself in the foot directly.. way more pleasant btw
<ersi> zastaph: yeah
 * ersi shakes fist in SuSE 10.3's general direction
<zastaph> jmarsden, im making a "Ubuntu server LTS master" that I can clone for different server purposes.. so I dont want to install more than I need.. but "Basic Ubuntu server" sounds like basic things to me
<zastaph> ersi, no im staying with Ubuntu, it runs very good in vbox
<jmarsden> zastaph: Either way works.  You have some learning to do :)  http://paste.ubuntu.com/691913/ has a list of packages from the 'server' task on my 10.04.3 LTS workstation, if that will help you to decide.
<jmarsden> Really, whether you install that task at install time, or later using tasksel, does not matter.
<zastaph> let me ask in another way then.. in the very beginning i pressed F4 and instead of "Normal" i chose Minimal virtual machine which seems to omit some drivers and apps not required for VM's .. now if I install "Basic Ubuntu server", won't I be back to normal then?
<jmarsden> I have no way to determine whether any of those packages would be useful to you, "different server purposes" is way too generic for me to be able to tell.
<jmarsden> I have no idea, but I don't think those are the same thing.  read the package list and decide whether or not you want them :)
<ersi> zastaph: Indeed it does.
<zastaph> whats the difference if I install OpenSSH server here (in "Software selection") or if I do it using apt-get once I log in?
<jmarsden> none
<zastaph> and what difference if I install openssh with apt-get or tasksel
<jmarsden> none.  tasksel is just a way of grouping sets of packages together for convenience.
<jmarsden> man tasksel
<ersi> Prepare the guest with as much of what you believe will be the common software among your guests
<zastaph> ok ill omit them all for now :)
<ersi> If I clone a system, I want an exact copy to keep building on
<ersi> and I always want to SSH into them
<zastaph> right
<jmarsden> ersi: But you need to regen your SSH host keys if you clone after install openssh-server, otherwise they all have the same host key, which is at least in theory a security weakness.
<ersi> Yeah, I just deleted the keys in my 'master copy' ;)
<ersi> It generates key on startup if no keys are found
<zastaph> I just install openSSH on master, and don't generate keys for it, then clone
<ersi> It'll try to be smart and generate keys for you, if I'm not mistaken
<zastaph> hmm.. then I should not have installed it on my master?
<jmarsden> zastaph: Just delete the keys before you clone it.
<ersi> Or just shut sshd down, remove the keys and then clone it
<zastaph> would be easier to just apt-get it on the clones
<zastaph> bedtime, thanks for your advice
#ubuntu-server 2011-09-18
<idlemind> anyone know the footprint of a stock 10.04 lts server?
<Tohuw> I'm getting a constant sendbytes: nak bailout when booting into my 11.04 server, kernel is 2.6.8-11-server
<Tohuw> This happens before any user login, right after booting the kernel out of GRUB
<idlemind> sorry tohuw don't know what that error is
<Tohuw> 2.6.28-11-server returns i2c i2c-2 sendbytes: NAK bailout on booting. It loops until system halt and prevents logging in even in single-user mode. What is this?
<Durg> I'm not sure if this is the right place to ask this, but I'll take a random stab at it; I've got a theoretical question for you guys - I've got a SaaS type service that moves data from one point to another; sometimes, that data is behind a VPN. I've got multiple clients on a single server, so plugging that entire box into the VPN isn't an ideal solution; do you guys think it'd be possible
<Durg> to connect an external "worker box" to the VPN and then connect through that box via a proxy connection? Would that work or am I pounding sand?
<e_t_> Durg: doesn't that just give you the same problem on the "worker box" ?
<scubes13> is anyone using davical on ubuntu with Active Directory authentication?
<Psi-Jack> Now, here's a curious topic. Anyone ever worked with puppet and/or chef for server automation?
<zastaph> Psi-Jack I looked into them but they seemed horribly complex to setup for a process I just wanted to simplify
<Psi-Jack> heh
<zastaph> I use etckeeper for /etc and mercurial for ~ .. and then virtualbox snapshots and clones do the rest
<uvirtbot> New bug: #853125 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/853125
<macer1> Hello.
<macer1> I wonder about the choice of OS on the server, between Gentoo and Ubuntu Server...
<ersi> Depends on what you want, and how you want to do things.
<ersi> Have you any experiance running any of your choices? Either pick the one your familar with and keep learning with that, or pick the other to get 'another view'
<macer1> Hmm. Main think I don't like about Ubuntu Server is old software versions.
<RoyK> macer1: ubuntu 11.04 has quite recent versions
<macer1> I am now running and learning Gentoo on server, but oneiric will have some new cool server features, so I am considering that  :)
<macer1> what is a version of nginx in 11.04?
<RoyK> macer1: but then, even though 10.04 has oldish versions, it's supported until april 2015, so no need to spend hours on upgrading every too often
<macer1> i natty there is 0.8.54
<RoyK> macer1: for most servers, an oldish base install is what you _want_, since it's proven and stable
<macer1> in oneiric 1.0.5...
<macer1> but most nginx updates are bugfixes
<RoyK> bugfixes are usually backported
<RoyK> for supported packages
<RoyK> but then, if you want to run package xyz from svn or git or something, just install it from source and not from apt
<RoyK> that's what I do for certain packages
<RoyK> either that, or make your own packages (usually the best if you have a bunch of servers needing that version of that package)
<macer1> maybe private ppa?
<RoyK> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa
<macer1> Yes i know what is a PPA
<RoyK> macer1: yeah, I have one for that purpose
<RoyK> macer1: I'd forgotten what the acronym was for
<macer1> ok ;)
<ersi> macer1: Ubuntu is really not That far behind on software versions.
<ersi> You have to understand that there's aspects of getting things working together, and providing a quality assurance filter
<RoyK> ersi: if using LTS it tends to lag behind, which is normal
<ersi> True. But it has it's own benefits
<RoyK> !bug 27520
<uvirtbot> Launchpad bug 27520 in cron "cron daemon caches user-non-existent lookup results, causing "ORPHAN" message and skipping jobs for all LDAP/NIS-defined users" [Undecided,Confirmed] https://launchpad.net/bugs/27520
<macer1> Gentoo has cool things to control package version. If Gentoo Team think that package is stable, it is in main. But there are always new software version witch you can unmask and have always new packages.
<RoyK> that bug is a real PITA
<macer1> for example there is rails 2.3 in main gentoo repo, but I can unmask 3.1 version and install it.
<macer1> i am going away for a moment
<ersi> macer1: I've ran Gentoo for more than two years on my personal desktop. I'd never run Gentoo in a production environment
<ersi> Man, that question was sorta like asking how long a string is. It depends :) Go with your gut feeling
<macer1> why not gentoo on production, ersi ?
<ersi> A lot of factors really. It's hard to keep up with a rolling pace. I'm not hired to constantly upgrade stuff, test it in staging environments all day so I know I won't break everything when I upgrade trivial things. Besides, since we're doing enterprise software - we're keeping to Ubuntu, Red Hat and SuSE.
<ersi> I'm not bashing on Gentoo. I'm just saying it doesn't suit our production envionment and our use requirements.
<ersi> If it suits yours, go with that. If it doesn't, don't :)
<macer1> I really like to have newest software :D becuase of that i am running oneiric on desktop now :D
<ersi> IMHO desktop and server systems have different requirements
<ersi> I like being up to date on my desktop systems as well
<macer1> does ubuntu server have cool gentoo hardened feautures like grsecurity ?
<ersi> That's really not a Gentoo feature.
<macer1> not a gentoo feauture, but integrated into gentoo ;)
<ersi> I don't know, I've never fiddled with that on Ubuntu. But searching a little seems to indicate that
<ersi> Seems to be a package/meta package called harden and harden-environment, more than that I don't know
<macer1> oh cool!
<ersi> Hm, maybe there's some hints in the server guide
<macer1> I will look for that
<macer1> I think it is a good idea to run Gentoo on server for a month with nothing important there, some simple sites, and see if it don't break :D
<ersi> Well, learning by doing is almost never wrong
<ersi> So I say go for it. If it seems to suit you and it feels right
<macer1> Thanks ;) I will keep Ubuntu for desktop, but I think Gentoo Hardened will be better server choice for me ;)
<PKHG> Hi, I am just busy to to install UBUNTU on a virtual box ... where will GRUB be installed? on the REAL C:  or in the virtural box disk ??
<macer1> If Gentoo will break I will look for Ubuntu Server :D
<macer1> PKHG, in VirtualBox
<PKHG> macerl, so I can safely say yes ...?? (terrified to loose my Vista)
<macer1> Yes PKHG, now worries.
<cloakable> PKHG: yes
<PKHG> Thanks will believe and try ;-)
<cloakable> Someone doesn't know how virtual machines work :P
<macer1> everything you will do in VB will stay in VB :)
<PKHG> ok ... necessary to know .. ;)
<Dulcin> If I have not set a port to 'deny' in UFW, how secure is it / how does it work?
<PKHG> macerl, Hi, now I get an VM error: I have to enable PAE mode, could you please tell me WHERE I can find that?
<PKHG> some one else knows (and tells me ;-) ) to activate PAEmode in the virtual box?
<macer1> PKHG, in VM settings
<PKHG> yes it says Use General/Advanced, but I cannot recognize something like PAEmode ???
<zastaph> ersi, about my ubuntu server master and openSSH .. before cloning I delete /etc/ssh/ssh_host_(dsa|rsa)(.pub) (4 files in total) ?
<zastaph> i thought they were supposed to be in ~/.ssh/authorized_keys
<ersi> zastaph: Yeah.
<ersi> zastaph: No, that's YOUR ssh-keys
<ersi> ssh_host keys are the "IDs" of the server
<zastaph> and once i clone those 4 files will be generated when SSH starts?
<ersi> Yupp!
<macer1> PKHG, it must be there
<PKHG> no checkbox for PAE ???
<zastaph> https://help.ubuntu.com/community/SSH/OpenSSH/Keys says that keys must be generated on the client.. Previously I did it on Putty, so that's also how I should do it?
<ersi> zastaph: You're confusing two different things
<zastaph> probably :)
<ersi> Usually when someone says SSH key, they mean the ssh authentication keys as in private/public key pair
<ersi> When talking about the host (daemon/service) keys, it's more like a certificate
<zastaph> so, can I use the same private/public key set for all my clones?
<ersi> And if you change the host keys, on a system you use to connect to - it'll warn you that the identifier has changed. "WARNING, it doesn't have the same id as before! someone might have tampered with the machine!"
<ersi> Yes, definately! :)
<zastaph> and that's why private/public key sets are generated on the client
<ersi> You could use the same SSH (client) keys on all machines in the world if you'd like. (Not recommended though, it's recommended to isolate privileges just in case)
<PKHG> macerl, it is at a different place, found in System ;-)
<PKHG> will see if Ubuntu will start now ...
<ersi> zastaph: Indeed. But those need only to be generated once ;)
<macer1> Yes, System/Processor ;)
<macer1> I wanted to do screenshot now, but you found it ;)
<PKHG> NOT General ... ha ha, THAT was mesleading ...
<PKHG> yes thanks a lot ... (found via searching)
<PKHG> oh now I got a kernel panic error ...
<PKHG> wrong choice of running? (first time revovery mode needed?)
<PKHG> cannot open sda1 ...
<PKHG> or unknown blok
<PKHG> will try later again ... bye (helpers!)
<Dulcin> Hmm could someone here help me 1on1 with some Bind9 questions?
<PKHG> Hallo once again me ;-) ,,, I succeeded to get a minimal Ubutu in a virtualbox , probably forgotton to get X11 like things, only a console with nearly no real program ..., is there a way to get  something really working?
<PKHG> ;-(
<zastaph> how would I copy the contents easily into ~/.ssh/authorized_keys that was generated on my windows host into my ubuntu server guest os? i didnt setup samba or anything
<zastaph> i read about ssh-copy-id but i think thats from a linux client
<zastaph> i can't copy paste into my vbox window for ubuntu server.. i think it needs gnome for that
<Dulcin> right mouse button doesn't work?
<Dulcin> for pasting?
<zastaph> no, and actually on ubuntu desktop where it works i use middle button
<zastaph> i tried changing bidirectional to host-to-guest only
<zastaph> but no-go
<zastaph> very hard to work with :)
<zastaph> i also tried with guest additions installed
<jmarsden> zastaph: You can use an ssh client on Windows to copy the file into the VM.  In Putty the command is pscp
<zastaph> even before I setup the public key on server?
<jmarsden> More generally, for a server VM, do not use the VirtualBox console, just ssh in using your favourite ssh program in the host, and cut and paste (in the host OS) to and from that.
<jmarsden> zastaph: Sure, use password authentication until you have the key up there.
<zastaph> hmm then I need to read up on that first :) but I think i disabled that in ssh config
<jmarsden> Don't disable password auth until you have the public key on the server, that's... like locking yourself out of your own house :)
<zastaph> nah coz I can vbox
<jmarsden> OK, so use vbox to re-enable password auth, and go from there.
<zastaph> http://superuser.com/questions/195436/ubuntu-server-vm-copy-paste
<zastaph> hmm starting ssh didn't re-generate the 4 RSA/DSA keys in /etc/ssh as I thought it would
<ikonia> the keys are not generated every restart
<zastaph> so i hope it will do it whenever it needs them
<zastaph> ssh isn't simple :)
<cloakable> zastaph: sudo dpkg-reconfigure openssh-server ?
<zastaph> well i backed them up.. just ersi said I should delete them before cloning my VM
<zastaph> dont want to reconfigure thatll probably overwrite my ssh config too
<cloakable> yea
<zastaph> so, should I keep them? is it important that they differ on each clone?
<uvirtbot> New bug: #852771 in nova "dhcp leases are not released on instance termination" [Medium,In progress] https://launchpad.net/bugs/852771
<CluelessPerson> hey all :D
<CluelessPerson> I've been thinking about a mail server for awhile.
<CluelessPerson> What would be the best mail server to use?  In your humble opinions?
<zastaph> CluelessPerson, I would use an exchange alternative like zimbra or zarafa
<RoyK> guys, girls, you should buy CDs and not download them. Piracy kills people! "Insurers Suggest Podium & Stage Collapse Tragedies Are The Inevitable Result Of File Sharing?" http://www.techdirt.com/articles/20110916/12183515986/
<zastaph> am installing http://www.mongodb.org/display/DOCS/Ubuntu+and+Debian+packages and it asks me if I'm on a Debianoid with SysV or Upstart .. I use 6.x (Squeeze)
<zastaph> duh, no I don't .. I use Ubuntu :)
<zastaph> but which do I choose?
<zastaph> ah ok it says recent Ubuntus use Upstart.. can you confirm this for 10.04 LTS ?
<jeeves_moss> is there a way to convert in place a raidz-2 to a standard raidz in ZFS?
<Daviey> smoser: seen http://pb.daviey.com/yuwe/ before?
<dominicdinada> how to reboot a server remotely into tty and maintain network connection :/
<qman__> you can't keep a connection through a reboot
<qman__> a reboot by definition restarts the whole system
<qman__> the only way to remain connected to the server through a reboot is to use an external device to administer it, like an IP KVM, or a modem to a serial connection
<DrNick__> http://www.frexx.de/
<ikonia> DrNick__: any reason to post that ?
<DrNick__> i just found it amusing
<ikonia> please don't post it then, this channels for ubuntu server discussion
<DrNick__> appologies.  a rare moment of stupidity.
<logo> hy
<logo> how are u
<ikonia> DrNick__: not a big deal at all.
<logo> hy whats up
<HelloWorld321> What is the lifecylce of a derby database?  I'm using derby in a java ee6 tutorial and when I run it, I see database creates, drops, alters, etc., but when I try to connect it always says "Database not found".  Is there a way to browse the active databases?
<uvirtbot> New bug: #831100 in mysql-cluster-7.0 (universe) "mysql-cluster-7.0 version 7.1.9a-0ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831100
<HelloWorld321> The tutorial is using jdbc:derby:memory, and that seems to basically decimate the lifecycle of my database
<tarvid> I created a VM with testdrive, How can I control it through kvm or qemu?
<tarvid> virsh - list comes up empty
<scubes13> I am stuckâ¦ trying to install calendarserver (DCS) on Ubuntu 10.04 - get the following errors: http://pastebin.com/zuMvMd7P
<scubes13> following the steps here: http://www.dreness.com/blog/?p=153
<scubes13> replacing: svn co http://svn.macosforge.org/repository/calendarserver/CalendarServer/trunk CalendarServer
<scubes13> with: svn co http://svn.macosforge.org/repository/calendarserver/CalendarServer/tags/release/CalendarServer-3.0 CalendarServer
<scubes13> anyone have any thoughts?
<scubes13> (had also tried with trunkâ¦ originally received the same error with trunk)
#ubuntu-server 2012-09-10
<linocisco> hi everyone
<linocisco> is there any site where we can dowload tar ball file for all ubuntu packages rather than packages.ubuntu.com which only give us .deb file.?
<patdk-lap> hmm, packages.ubuntu.com
<patdk-lap> personally, I perfer to just use, apt-get source
<lifeless> linocisco: yes, archive.ubuntu.com
<lifeless> linocisco: has everything.
<tonyyarusso> linocisco: Look over in the right sidebar - it has the original tarball, dsc, and diff.
<tonyyarusso> but apt-get source is certainly more convenient.
<linocisco> tonyyarusso, lifeless, patdk-lap , Dear all, thanks for your input. As I have internet at work only on windows machine as office standard, I would like to take all necessary ubuntu packages and copy to flash drive and install on my home ubuntu test server which has no internet
<tonyyarusso> linocisco: Have you seen the apt-on-cd project?
<linocisco> tonyyarusso, yes. to do so, I need on ubuntu machine at least.  But I have only windows machine at work. No other OS is allowed here.
<tonyyarusso> linocisco: Trying to manually download dependencies would be a giant pain.  I'd suggest firing up a virtual machine in VBox or something with Ubuntu to run that.
<tonyyarusso> Also, get a better job.
<linocisco> tonyyarusso, ok. another thing is that we use NOvell GRoupwise at worik. That is only compatiable with windows's Novell Remote Groupwise. I tried with ubuntu. but in vain
<tonyyarusso> How are the '90s, btw?  :P
<tonyyarusso> Evolution has a groupwise connector, supposedly
<linocisco> http://www.brighttalk.com/webcast/6793/54727 is cool?
<Kentos> hey guys, question quick, i've set up some raid arrays, and was wondering if i have one hardware raid and another configured through software raid, do I partition the boot array as an autconfig, flagged for boot, and then for the second array (which i intend to set up through software on ubuntu) configure it normally but select a sub-root mount directory?
<Kentos> sub-root might not be discribing it properly, but mounting it say, in the /usr directory would be a viable option if its not the boot partitions
<Assid> err whats a suggested virtualization environment on ubuntu-server?
<lifeless> kvm, or openstack.
<lifeless> depending on the scale you need
<Assid> 2-5 vm's
<Assid> i used to mostly use openvz .. but thats not really "officially supported"
<Assid> however, it used to be the best of the lot for me
<Assid> lifeless: can you help me get started on this?
<Assid> what kernel etc do i need to kvm
<lifeless> any Ubuntu kernel
<Assid> 3.2.0-30-generic  would do ?
<Assid> there really should be a ncurses based app to manage the vms
<lifeless> Assid: https://help.ubuntu.com/community/KVM
<Assid> yeah im reding this : https://help.ubuntu.com/community/KVM/Installation#Installation_of_KVM
<Assid> err
<Assid> lifeless: need some help in the networking section..i already have a bond setup.. now its asking me to bridge
<Assid> so do o i bridge my bond ?
<lifeless> depends on what you're doing, but if you need to connect the VM network to the outside world, a bridge is the usual answer.
<Assid> the server itself has a bond setup..
<Assid> so i created a new bridge. and i setup the bond to be part of the bridge
<Assid> okay that seems to work.. the server is reaacable
<Assid> whats virbr0 ?
<Assid> err can someone help me with this.. im getting  error: internal error cannot load AppArmor profile 'libvirt-c2c3f180-8795-e662-5a16-40db34c4bcd2' when i try and start a kvm instance
<koolhead17> hello all
<mp_> good morning
<koolhead17> all this while i though mp_ is a bot
<uvirtbot> New bug: #1047400 in python-urllib3 (main) "[MIR] python-urllib3" [Critical,Fix released] https://launchpad.net/bugs/1047400
<uvirtbot> New bug: #1040165 in juju/0.5 "'mysql' charm exposes mysql-root password" [Undecided,Fix committed] https://launchpad.net/bugs/1040165
<balboah> aah. Why isn't my content filter for postfix executing
<linocisco> hi
<linocisco> how to disable screen saver or sleep mode  on server ?
<jamespage> jdstrand, is there a specific reason why we only have iptables 1.4.12 in quantal?  The changelog entries look a bit screwy and I wanted to check whether I was missing something
<linocisco> how to install Keryx on ubuntu server?
<linocisco> I tried apt-get install keryx, not ok
<orogor> hi
<orogor> considering than system-config-lvm is broken , is there any gui left for managing lvm ?
<xnox> orogor: gnome disk utility
<xnox> orogor: palim (precise and older) something or gnome-disks (quantal)
<xnox> orogor: plus command line for lvm is easy: pvs, vgs, lvs for Physical Volume, Volume Group, Logical Volume Status
<xnox> and then you really need lvcreate & lvremove to add/remove logical volumes.
<orogor> running 12.4 here
<orogor> rnunning dist upgrade
<orogor> xnox, can t  create lvm with it it seems
<orogor> ohhh maybe i can
<vanmik> i'm trying to make sendmail work with this manual: http://jonsview.com/how-to-setup-email-services-on-ubuntu-using-postfix-tlssasl-and-dovecot .The problem is when i do 'telnet localhost 25' and then 'ehlo localhost' the only line i get is "250 ENHANCEDSTATUSCODES". Any ideas how to fix that?
<zul> good morning
<hallyn> pmatulis: hi, could you take a look at serverguide merge request https://code.launchpad.net/~serge-hallyn/serverguide/serverguide-dns-varlibbind
<hallyn> (about the start lxc updates)
<pmatulis> hallyn: alright
<hallyn> pmatulis: thanks
<ninjix> I'm working on a little kvm script for running precise cloud images on my laptop and am looking for a way to manage DNS registration with the dnsmasq daemon I have listening on the kvm virtual bridge
<raub> ninjix: So what is biting you?
<ninjix> raub: looking for some doc on how to tell dnsmasq to assign DHCP to the kvm and register the dns
<ninjix> googling isn't turning up good answers so far this morning, figured I ask in channel
<raub> To the KVM or to the vm you built in kvm?
<raub> If the latter, there is a way to dump the config for the vm using virsh
<ninjix> laptop <---> kvmnet br0 <---> i-kvm0, i-kvm1, i-kvm(n)
<ninjix> I want the kvm to be able to find each other by dns dynamically
<raub> How many kvm hosts (not vms) do you have then?
<ninjix> just my laptop
<raub> once you create the vm, you can get the mac addresses using virsh
<ninjix> I'm setting this up for clean environment testing and don't always have access to our private openstack
<raub> then feed that to dnsmasq, with the vm name
<raub> For each vm
<ninjix> ah... assign it all ahead of time
<raub> That said, if you do not care about the ip given for each vm, just have them configured to send their hostname to dnsmasq
<raub> I think that is the default for ubuntu
<raub> i.e. nothing to do
<jcastro> SpamapS, CFP for SCALE is open, I take it you'd like to redo?
<jcastro> SpamapS, I don't want to submit the same talk as last year, so I figure we can just chat about it whenever
<ninjix> raub: that was my first inclination but the cloud-image registers itself as "ubuntu" before cloud-init takes configures it
<raub> ninjix: in that case, I would get the macs and assign ips for each vm
<ninjix> raub: yeah, that way seems like the least complicated
<raub> Asa bonus you can number them in a sane way ;)
<ninjix> thanks for bouncing the idea around with me
<raub> ninjix: Me? I am just here to spread lies ;)
<ninjix> ;)
<raub> FYI, there are little scripts out there to generate macs for you vm
<raub> I like that since I can make them all have the same first half
<raub> so I can quickly figure out they are my, say, cloud vms
<ninjix> yup, I use those already
<Daviey> roaksoax: hey, do we still run maas-import-iso's on precise, weekly?
<roaksoax> Daviey: yes
<ninjix> everyone seems to go pre-assign networking (amazon, openstack, MAAS, orchestra...)
<Daviey> roaksoax: thanks
<ninjix> must be a good reason
<raub> Makes life easier
<raub> including when you have to do monitoring
<raub> Or crap like puppet
<raub> and, I would imagine, juju
<ninjix> me likes juju
<zul> hallyn: i think we might need this: http://libvirt.org/git/?p=libvirt.git;a=commit;h=a4fd740561aaf4c48b5fefd6b7a39d9963d1147a
<SpamapS> jcastro: yeah I was thinking we might get a little more creative with the submission this time
<zul> Daviey: websockify packaged and novnc do you want me to do a FFE and you can review them?
<Daviey> zul: ok
<hallyn> zul: i'm not sure.  will it even properly detect 'mount -t cgroup cgroup /cgroup'?  i think it might still require the cgroups to be separately mounted under it
<zul> hallyn: yeah after second thought i dont think we need it
<hallyn> zul: ok, so there's no specific open bug you thought it should address?
<zul> hallyn: nope ignore my ramblings in this case :)
<zul> hallyn: the rantings of a madman
 * koolhead17 pokes zul and hides
<hallyn> zul: everyone turns a little mad as release approaches :)
<zul> Daviey: for websockify https://bugs.launchpad.net/ubuntu/+bug/1048679 and novnc https://bugs.launchpad.net/ubuntu/+source/novnc/+bug/1048676 (websockify is sitting in binary new (just uploaded))
<uvirtbot> Launchpad bug 1048679 in ubuntu "[needs-packaging] FFE for websockify" [Undecided,New]
<zul> hallyn: um...does this look weird to you? http://pastebin.ubuntu.com/1196779/
<Daviey> zul: otp
<zul> Daviey:  ack
<hallyn> zul: looking (graphics all effed up, including fonts...)
<hallyn> zul: yeah that's messed up
<hallyn> zul: what are the perms on the parent dir?
<zul> hallyn: rwxr-xr-x
<hallyn> zul: hm, no, it's normal
<hallyn> zul: only root user can write, and you can't read that file
<hallyn> (you read devices.list)
<zul> hallyn: but if i do something like http://pastebin.ubuntu.com/1196803/
<hallyn> zul: that's the wrong way to do it
<zul> hallyn: whats the right way?
<hallyn> your doing sudo echo' and then piping that into the file (as you)
<hallyn> echo wahtever | sudo tee thefile
<hallyn> echo 'b *:* rwx' | sudo tee devices.allow
<zul> http://pastebin.ubuntu.com/1196809/
<hallyn> zul: jinkeys, could tee be parsing your input?
<hallyn> no, wrks here for me
<zul> son of a bitch
<hallyn> do you have tee aliased?
<hallyn> zul: oh, i see
<zul> no alias
<hallyn> the 'invalid argument' is returned by the file write :)
<hallyn> zul: 'b' is bad.  try 'a'
<zul> hallyn: whats the difference between b and a?
<hallyn> a is all.  b in my mind meant 'both', but it means nothing, hence -EINVAL :)
<titaniumNoob_> \msg
<zul> hallyn: so is https://github.com/openstack/nova/blob/master/nova/virt/disk/api.py#L160 still valid?
<hallyn> zul: hm.  maybe b is supposed to be valid...
<hallyn> zul: oh b is block
<zul> right thats what i thought
<hallyn> zul: does 'b *:* rwm' work for you?  x was wrong
<zul> hallyn: yeah
<hallyn> zul: sorry :)
<Lavvy> Hello guys am a newbei here i have some questions pls
<Lavvy> Please doesnt ubuntu cloud have a dashboard, non linux experts can use .
<Lavvy> Something like in rackspace
<Lavvy> I tested it on amazon today
<Lavvy> Please anyone to help?
<hggdh> smoser, roaksoax: I am testing the upstream fix for bug 967815 in the QA lab; I will -- being successful -- propose a merge for Precise, and I will also check Quantal for applicability
<uvirtbot> Launchpad bug 967815 in cobbler "/var/lib/tftpboot directory permissions destroyed" [Undecided,Confirmed] https://launchpad.net/bugs/967815
<smoser> hggdh, oh. good. thats nice.
<hggdh> smoser: if you are interested, the change is at https://code.launchpad.net/~hggdh2/ubuntu/precise/cobbler/lp-967815
<Lavvy> How can i see ubutu public cloud dashboard? Just like in rackspace
<smoser> the package is horizon, Lavvy
<Lavvy> Ok, do i install it sepratly
<smoser> i'm not sure i know what you mean. i dont think its really separable from openstack.
<smoser> it requires admin access, which you dont have if you're just a client.
<smoser> hm..
<smoser> at least i wouldhave thought it did
<smoser> but i have limited knowledge here.
<Lavvy> Ok thanks smoser
<Lavvy> Can ami image be used with the current ubuntu/openstack version
<Lavvy> In private cloud
<zul> hallyn: ping
<koolhead17> Lavvy, kindly check/refer the doc  before asking here
<hallyn> zul: .
<zul> hallyn: nm...figured it out :)
<hallyn> zul: ok
<hallyn> terrific :)
<wuhaa11> Hi everyone
<wuhaa11> anyone know how to combine bandwidth from multiple snmpd servers into one graph in mrtg?
<icebourg> anybody here an expert with lvm / raid settings in an ubuntu pre-seed file? Having issues allocating space the way I would like it
<hallyn> stgraber: i think the python-lxc api should uppecase states passed into c.wait()
<stgraber> hallyn: that sounds like a good idea indeed
<hallyn> stgraber: is there a trick to getting 'c.start()' to not crash due to console errors?
<hallyn> i though it daemonized by default?
<stgraber> it should
<zul> smoser/hallyn: lxc-attach isnt going to work
<hallyn> stgraber: I'm getting http://paste.ubuntu.com/1197133/ (implying, i think, it's trying to hook up /dev/console?)
<stgraber> hallyn: I'm not overriding start() in python, it's just calling start() from the API so in theory you should get the same result when running it from C...
<hallyn> stgraber: it works with 'lxc-start -n C2", but i haven't tried with the C api
<hallyn> hm.  very curious
<hallyn> i just didn't want ot lie in my little example in the server guide :)
<uvirtbot> New bug: #1048668 in quantum "OVS Agent Packaging Issue" [Undecided,New] https://launchpad.net/bugs/1048668
<xnox> icebourg: i am listening?!
<stgraber> hallyn: are you running an up to date quantal system or something weirder than that?
<stgraber> hallyn: I just tried starting a container here and it seems to be working fine
<stgraber> hallyn: https://github.com/lxc/lxc/pull/2
<stgraber> hallyn: try processing it with the command line to avoid the merge commit (git pull git://github.com/stgraber/lxc.git && git push)
<smoser> stgraber, does it seem reasonable to you that /etc/init/iscsi-network-interface.conf (http://paste.ubuntu.com/1197158/) needs to call /etc/network/if-up.d/000resolvconf ?
<stgraber> smoser: no, that seems a bit wrong
<stgraber> smoser: whatever configures the network interface, in this case, I'm assuming initramfs-tools, should be creating the matching entry in /run/resolvconf/interface/
<stgraber> smoser: you may want to look at how we're doing this in casper (with a similar networked root kind of case)
<smoser> stgraber, if i did create that in the initramfs, would resolvconf in the real root dtrt ?
<smoser> ie, would it handle already existing data there?
<stgraber> smoser: I believe it does, at least I can't remember having to do any extra hack when doing a similar thing in casper
<smoser> hm..
<smoser> this would be generic change in initramfs-tools
<stgraber> smoser: http://paste.ubuntu.com/1197168/ is the code we have in casper
<smoser> as openiscsi just uses 'configure_networking' from initramfs /usr/share/initramfs-tools/scripts/functions
<smoser> where did that come from ?
<smoser> your paste
<rtdos> one more question (2 parts): does ubuntu server come with sdl / opengl installed ? if not how do i install the sdl / opengl libraries ? namely the development libraries ?
<stgraber> smoser: casper, scripts/casper-bottom/23networking
<stgraber> smoser: I don't believe configure_networking actually configures /etc/resolv.conf
<smoser> right. it does not.
<stgraber> smoser: that's why we have the extra code in casper to deal with that
<smoser> well, i'd suggest that *that* code was wrong.
<smoser> you should have made initramfs configure_networking pre-populate /run/resolvconf/interface
<stgraber> well, there are cases where you may not want configure_networking to touch the disk
<smoser> (at least thats what your'e telling me)
<smoser>  /run not disk
<stgraber> right, s/disk/anything but the kernel interfaces/ :)
<stgraber> for example in LTSP we have ipconfig run but we don't want it to configure the DNS as we'll then spawn udhcp which will do it
<smoser> that seems liek not the right solutoin to me
<smoser> to expect every single user of 'configure_networking' to have to implement resolvconf support
<stgraber> adding an extra configure_resolving would work
<stgraber> and then have people call that one if they want
<smoser> still seems wrong
<smoser> what is the case where you do not want resolvconf to work?
<stgraber> I can't think of a case where you don't want resolvconf to work, but there are cases where you don't want ipconfig to configure resolvocnf
<stgraber> basically any case where you'll then spawn a real dhcp client
<stgraber> these clients could try and figure out what interface file ipconfig modified and remove it, but that's also a bit wrong
<smoser> true
<smoser> stbut actaully...
<smoser> i think you've convinced me that i need this code in the rootfs
<smoser> as i cannot / should not assume that /root/etc/resolv.conf is editable
<smoser> but obvioyusly need to write it if there is no resolvconf
<stgraber> I'm not sure I'm seeing why this would be better to have on the rootfs than in the initramfs as both have access to the ipconfig output and /run
<smoser> because in the initramfs i cannot write to /etc/resolv.conf
<smoser> post initramfs / becomes mounted RW so i can
<smoser> (note, that post initramfs, you do have access to the ipconfig output in /run)
<stgraber> hmm, right, I guess in the other cases we had the initramfs mount / read/write already so it wasn't a problem that / would be ro
<hallyn> stgraber: oh, actually feh, maybe i have a test lxc from a friday test.
<stgraber> smoser: not sure if you already did it, but might be worth checking that you don't have any remaining reference to /tmp/net-* as quantal's initramfs now moved it to /run/ (I already fixed a bunch of these)
<stgraber> hallyn: I really need to setup automated builds from the staging tree (without any debian/local overrides) so we can easily test that stuff :)
<smoser> stgraber, i stumbled on https://bugs.launchpad.net/ubuntu/+source/klibc/+bug/1047722
<uvirtbot> Launchpad bug 1047722 in klibc "configure_networking net-DEVICE.conf in /run, but ipconfig writes in /tmp" [Medium,Confirmed]
<smoser> in precise this is busted.
<hallyn> stgraber: (pushed github.com/stgraber/lxc master to lxc/lxc staging)
<hallyn> stgraber: hm, maybe we can combine UTAH with juju for that
<hallyn> i need to get lxc-test running under UTAH - hopefully this week.  so should all be easy as pie :)
<stgraber> hallyn: well, automated builds I can get LP to do with a build recipe. I already have them running for the SF tree. Just need to change them to point to github and cleanup the packaging
<stgraber> but yeah, tests should then be triggered with utah
<hallyn> stgraber: care to do a quick review of the updates from lp:serverguide .. https://code.launchpad.net/~serge-hallyn/serverguide/serverguide-q-lxc ?
<hallyn> stgraber: and provisioned with juju :)
<stgraber> hallyn: can you take a minute to look at the two last patches from Dwight Engen? they are for config_cb and some extra APPARMOR ifdef
<stgraber> so not things I'm confident in reviewing and commiting myself :)
<hallyn> stgraber: can you push them to a temp branch on github?  (i deleted the emails)
<stgraber> hallyn: sure
<LinuxAdmin> hi guys
<smoser> hm.. i had dealt with writable /etc/resolv.conf once before at https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/857524 and it seems that might have regressed.
<uvirtbot> Launchpad bug 857524 in isc-dhcp "dhclient-script will not work with read-only /etc" [Undecided,Fix released]
<LinuxAdmin> I've recently installed ubuntu server 12.04 and configured automatic security updates
<stgraber> hallyn: https://github.com/stgraber/lxc/tree/for-review
<stgraber> hallyn: if they look good, just pull them directly to staging
<LinuxAdmin> after updates were installed I could no more start the server, it starts in grub rescue console
<hallyn> stgraber: will do, thx
<LinuxAdmin> I'm trying to reinstall grub but I'm getting no luck
<LinuxAdmin> is this a bug?
<LinuxAdmin> is it normal that updates affect grub?
<smoser> mdeslaur, ping
<mdeslaur> smoser: yes?
<hallyn> first one certainly looks good
<smoser> i'm looking at http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/quantal/isc-dhcp/quantal/revision/56
<LinuxAdmin> I reinstalled the server and restarted it before I made any upgrades and I could restart
<smoser> and not understanding how you did not regress http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/quantal/isc-dhcp/quantal/revision/36
<LinuxAdmin> after the updates get installed, I cannot boot any more
<smoser> is there some reason now that we do not have to wait for /etc/resolv.conf to be writable ?
<LinuxAdmin> so, for sure the problem is created after kernel updates
<smoser> mdeslaur, ^
<mdeslaur> smoser: one sec, I'm trying to figure out why the auto-importer turned by 2-line package change into that gigantic merge
<smoser> yeah, that was annoying :)
<LinuxAdmin> I'm tempted to not configure automatic security updates but I think it's not the way to deal with that, because I will not update important security problems
<LinuxAdmin> have someone experienced this?
<mdeslaur> smoser: looks like stgraber 's merge to 4.2.4 regressed that: https://launchpad.net/ubuntu/quantal/+source/isc-dhcp/4.2.4-1ubuntu1
<mdeslaur> stgraber: was that an oversight, or was there a reason?
<hallyn> stgraber: after cleaning up my pkgs c.start() works fine :)  sorry.  i guess this was actually while we were playing iwth the reaper
<rtdos> ok lost sudo capability, am getting weird messages when i try to use sudo. how can i fix this without logging in as root?
<hallyn> commits should be pushed (with my ack) to lxc/lxc #staging
<hallyn> biab
<stgraber> mdeslaur: ? was there anything related to iscsi in there?
<smoser> mdeslaur, so why did you get blamed for it?
<mdeslaur> smoser: because UDD doesn't actually work :)
<mdeslaur> smoser: the auto-importer failed to import a bunch of uploads
<smoser> suck.
<mdeslaur> stgraber: isc-dhcp used to wait for /etc/resolv.conf to be writable, it was an ubuntu-specific delta, and that got dropped when you merged to 4.2.4...could you take a look?
<smoser> hm.. i'm missing something.
<stgraber> mdeslaur: ok, so completely unrelated to smoser's problem (dhclient doesn't run in his case)
<smoser> well, its not completely unrelated.
<mdeslaur> stgraber: I'm just responding to his ping about that missing delta, I didn't read scrollback
<smoser> stgraber, it would seem that you regressed the non-resolvconf case
<smoser> but i admit that i may be missing something here.
<smoser> /sbin/dhclient-script used to wait to make sure /etc/resolv.conf was writable before calling scripts in /etc/dhcp/dhclient-enter-hooks.d
<stgraber> smoser, mdeslaur: ok, putting on my list of stuff to look at
<smoser> i only got here because i was trying to think of how to update this in the iscsi root case.
<smoser> and clearly you need to wiait for rw root.
<smoser> hm..
<smoser> wow.
<smoser> this is really a mess.
<smoser> wait. no, its not so bad.
<smoser> but i do think its regressed now.
<stgraber> yeah, seems likely that it regressed when merging the ton of changes done on Debian's side. I'd have to look at it and figure out if just re-introducing it is enough.
<stgraber> keeping in mind that we shouldn't wait when using resolvconf as otherwise we may well end up waiting indefinitely
<stgraber> anyway, I have other isc-dhcp stuff to do this week, so I just added this one to the list
<rtdos> ok lost sudo capability, am getting weird messages when i try to use sudo. how can i fix this without logging in as root?
<uvirtbot> New bug: #1047398 in samba (main) "remote printing using samba cups fails for pdf files" [Undecided,New] https://launchpad.net/bugs/1047398
<rtdos> i get this error message when using sudo: http://pastebin.com/tqT1ysPF
<sazawal> Any help for configuring gmail account in thunderbird?
<patdk-wk> sazawal, login to google mail, click setup email for thunderbird?
<sazawal> patdk-lap, I have done whatever was given in google and mozilla pages. Still couldnt get it working :(
<sazawal> patdk-lap, it is showing Unable to connect to IMAP server. You may have exceeded the maximum number of connections to this server
<rtdos> i get this error message when using sudo: http://pastebin.com/tqT1ysPF
<guntbert> rtdos: does http://www.psychocats.net/ubuntu/fixsudo help?
<uvirtbot> New bug: #1048787 in openldap (main) "slapd gives assertions for valid configuration" [Undecided,New] https://launchpad.net/bugs/1048787
<leojrfs> do anyone here run ubuntu server in a flash drive?
<Lavvy> Hello we need a good ubuntu expert that can help us out (on a commercial basis), please you could you pm me.
#ubuntu-server 2012-09-11
<uvirtbot> New bug: #1048864 in juju "Latest python in quantal breaks juju test suite" [Critical,Triaged] https://launchpad.net/bugs/1048864
<rtdos> hey i added "0 0 * * * * /sbin/shutdown -h now" to my crontab, but do i need to update the sudoers file? ...to what?
<qman__> rtdos, no, but you have too many stars
<qman__> if it's on your personal crontab, your user must have permission to do that
<qman__> adding to sudoers will not allow that to work
<qman__> you'd need to change the command to use sudo
<rtdos> so it should be "0 0 * * * sudo /sbin/shutdown -h now" (this is for the system to reboot when not used, whether or not someone is not logged in.
<qman__> rtdos, that will work but only if you have passwordless sudo to run that command
<qman__> you're probably better off using 'poweroff' instead because I don't think you can specify arguments in a command in sudoers
<slyboots> Anyone any idea what CIFS VFS: No writable handles for inode might mean?
<slyboots> Im assuming its something to do with a Samba share (I was writing to the network and now all activity has dropped dead and attempting to look at/umount the share locks up the terminal)
<slyboots> The network seems fine on every other machine on the network, just my ubuntu-server box seems to be having problems
<grizcreative> I want to setup a box running ubuntu server with "Smoothwall" like capabilities but cannot figure out which packages to use. Please help
<tonyyarusso> grizcreative: What are you actually trying to accomplish and what do you need it to do?
<SteveThing> anyone have any experience with opennms and rancid on 12.04 x64?
<SteveThing> their channel is dead (has been for 5 days...)
<grizcreative> I want it to handle DCHP and firewall. Sit between my modem and a switch
<tonyyarusso> grizcreative: Firewall's already installed - iptables.  There are two or three good DHCP servers in the repos.
<SteveThing> grizcreative: may i whisper you?
<tonyyarusso> grizcreative: Looks like isc-dhcp-server is the recommended one
<tonyyarusso> https://help.ubuntu.com/12.04/serverguide/dhcp.html
<tonyyarusso> grizcreative: You can also use ufw for a simpler interface to iptables - https://help.ubuntu.com/12.04/serverguide/firewall.html
<grizcreative> tonyyarusso: thank you
<SteveThing> there are linux OSes out there specifically designed for firewall purposes and include DHCP, WiFI, DNS, and a bunch more
<grizcreative> SteveThing: but i want to do more with it, thus why not just using smoothwall
<SteveThing> oh, ok
<SteveThing> try not to put all your eggs in one basket tho... can get messy
<SteveThing> i think smoothwall uses iptables anyways :)
<grizcreative> If only the wife gave me unlimited budget
<SteveThing> hah! i know, right?  women and their "needs"... psh
<SteveThing> hmm, anyone know of a script to copy a file to file.original?  I know the commands, just not how to script it
<uvirtbot> New bug: #1010345 in qemu-kvm (main) "Qemu doesn't support pSeries partitions" [Medium,Expired] https://launchpad.net/bugs/1010345
<uvirtbot> New bug: #1022901 in qemu-kvm (main) "Ubuntu 12.04 64bit Guest (qemu/kvm) dies randomly (dup-of: 1025244)" [High,Incomplete] https://launchpad.net/bugs/1022901
<Kentos> hmmm, just had a drive fail, does this mean the drive is entirely bad or is there something i should check for it?
<Kentos> im 'rebuilding' the drive in the raid config bios, but im not sure if that will fix it
<koolhead17> https://bugs.launchpad.net/ubuntu/+source/quantum/+bug/1045064
<uvirtbot> Launchpad bug 1045064 in quantum "Impossible to run quantum-server from testing/archives packages" [High,Confirmed]
<koolhead17> adam_g: reopened it . cool
<uvirtbot> New bug: #916576 in samba (main) "smbd crashed with SIGABRT in push_ucs2_talloc()/lp_servicename returns NULL" [Medium,Incomplete] https://launchpad.net/bugs/916576
<jamespage> Ursinha, are we doing automatic duping of install failures now? bug 1012058 for example?
<uvirtbot> Launchpad bug 1012058 in mysql-5.5 "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Confirmed] https://launchpad.net/bugs/1012058
<BlackPanx> iostat -N should show device names, but it doesnt on one of my servers. do i need aditional package/module in kernel installed to make device-mapper show proper LV's of disk... ? using ubuntu distro.
<BlackPanx> LVS names*
<BlackPanx> iostat -N should show LV names, but it doesnt on one of my servers. do i need aditional package/module in kernel installed to make device-mapper show proper LV's of disk... ? using ubuntu distro.
<BlackPanx> https://bugs.launchpad.net/ubuntu/+source/sysstat/+bug/358382 --> is this a bug or not ?
<uvirtbot> Launchpad bug 358382 in sysstat "iostat -N doesn't report device mapper names" [Undecided,Won't fix]
<uvirtbot> New bug: #1049084 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/1049084
<uvirtbot> New bug: #1049087 in antlr3 (universe) "gunit missing in antlr3" [Undecided,New] https://launchpad.net/bugs/1049087
<zul> morning
<cfhowlett> zul: maybe where you are.  but greetings anyway
<koolhead17> morning zul
<jamespage> w00t - minimal virtual install looking much better for quantal - thanks cjwatson!
<fidel> hi ... trying to setup a local apt-mirror. My first attempt is using apt-mirror - the result works pretty good so far. Question: do you know other ways of setting up an apt-mirror besides using apt-mirror? Maybe one using less bandwidth in general (difficult unless it doenst download all updates in the first place i know)
<stooj> Hello all. Trying to hook postfix up to a postgresql backend. Is there a set of tables I need to create (and a schema somewhere so that I can recreate them), or does postfix create the needed tables automatically?
<hallyn> stgraber: where the heck do i find the cached resolvconf info that dhclient got for an interface?
<stgraber> hallyn: /run/resolvconf/interface/
<hallyn> ah /run :)  thx
<hallyn> hm  and that's correct.
<hallyn> but when i had resolvconf running, no wireless drivers, and eth0 brought up with dhclient, i couldn't resolv any hosts
<hallyn> rebooted several times, no help.  killed resolvconf and edited /etc/resolv.conf, and all is well.
<hallyn> <shrug.
<hallyn> it's *probably* something i did, this system si a bit of a frankenstein, but...
<makezan> hey guys if you were to set up a syslog server
<makezan> what service would you use?
<makezan> and why?
<tsimpson> makezan: rsyslog, because it's already installed ;)
<makezan> rsyslog comes default in ubuntu server?
<tsimpson> it's part of the minimal task, and the ubuntu-minimal metapackage
<makezan> wow okay thx tsimpson will look into it. I've been trying to set it up via centos without success.
<orogor> hi
<orogor> i tried to use palmiset to have a gui to lvm , however after much struggling i found how to add new pv, but i still can t see how to resize
<orogor> anyone has an idea of a gui that allows extending lvm partitions?
<xnox> orogor: what do you want to extend? Physical volume, Volume Group or Logical Volume? there is no common term 'lvm partition'
<orogor> logical volume
<xnox> does Volume Group have extra space?
<orogor> yup
<orogor> when i click it it says only create new LV
<xnox> orogor: $ sudo lvresize --size 50G my-volume-group/my-logical-volume
<xnox> this will make it 50G big.
<xnox> orogor: after that you need to extend the filesystem as well
<orogor> :/
<orogor> system config lvmm was sooooooo good :(
<xnox> orogor: $ resize2fs /dev/my-volume-group/my-logical-volume
<xnox> two intuitively named commands.....
<orogor> --size +100 GB extend 100GB right ? liek from 200 to 300 ?
<xnox> yes, that works as well.
<xnox> orogor: can you give a link to 'lvmm'? I cannot google for such thing.
<ogra_> xnox, http://dailypackage.fedorabook.com/index.php?/archives/92-GUI-Thursday-System-config-lvm-LVM-GUI-tool.html
<ogra_> (i think thats what he means)
<orogor> http://www.youtube.com/watch?v=IGScfs4cXOU
<orogor> opps in japanese
<xnox> orogor: $ sudo apt-get install system-config-lvm ?
<orogor> https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s1-system-config-lvm.html
<xnox> orogor: it's packaged in Ubuntu.... $ sudo apt-get install system-config-lvm
<orogor> it s  broken in last versions of ubuntu, signaled upstream ,tagged as won t fix
<xnox> because all of system-config is broken?
 * ogra_ bets systemd issue
<xnox> orogor: do you have a link where you reported it upstream?
<orogor> yes it  wont  start cause of gtk2 vs gtk3 issue or something
<orogor> it s not me , i googled the error before
<hallyn> stgraber: ~.
<xnox> orogor: generally bugs about ubuntu should be filed on launchpad with a link to upstream tracker.
<xnox> well... there are a few crash bugs about it....
<hallyn> let's try that again.
<hallyn> stgraber: rebooted, found /run/resolvconf/interface/lo.dhclient exists, with 127.0.0.1
<hallyn> stgraber: when i rm that and resart resolvconf, all is well.
<hallyn> not sure which dhclient caused that - the lxc, libvirt, or system-wide one
<orogor> ok , resizing the ext4
<xnox> ogra_: seems to work fine here on quantal.
<xnox> ogra_: there is a bug open about python2.6 string exceptions....
<orogor> i thought it could resize in background and that was instant , or thats  only at inode creation ?
<ogra_> well, wasnt me who complained :)
 * ogra_ has yet to see a filesystem resize thats instant 
<stgraber> hallyn: that's weird... why would you have dhclient running against .lo...
<xnox> orogor: I am not familiar with that application, but depending on the size of the volume it can take quite a bit of time.
<hallyn> stgraber: i dunno.
<hallyn> stgraber: when ireboot again i'll look into it, but i can't reboot the thing now
<smoser> jdstrand, we had discussed maas using isc-dhcp-server and needing to modify app armour.
<smoser> woudl you be opposed to me adding a "#include /etc/maas/apparmor/usr.sbin.isc-dhcp-server" (or equivalent 'correct' path)
<smoser> the reason i'd prefer this over explicitly writing a stanza in isc-dhcp-server's profile is that we can more easiliy then bring that back to precise.
<smoser> our plan is on precise to just add '#include that-file-path' to the /etc/apparmor.d/local/usr.sbin.dhcpd
<smoser> (realizing that we're not supposed to modify other packages config files, but trying to do so safely and considering it the least invasive path)
<smoser> in jdstrand's absense or non-immediate reply perhaps mdeslaur could comment if this would be remotely acceptable.
<smoser> (but i'm willing to just be patient too)
<mdeslaur> jdstrand: ^
<mdeslaur> smoser: if jdstrand doesn't answer you, sbeattie may be able to when he gets in in an hour or so
<smoser> k.
<smoser> thanks
<jdstrand> smoser: so, the intention is fine, but it won't work if that file doesn't exist. if you modify the isc-dhcp to create the /etc/apparmor.d/isc-dhcpd.d directory (or similarly named) then '#include <isc-dhcpd.d>', then you can just drop a file into /etc/apparmor.d/isc-dhcpd.d and it will all work the way you want
<jdstrand> smoser: this is because the isc-dhcp package creates the directory you are including, so it is guaranteed to be there
<jdstrand> smoser: and you can just drop a 'maas' file in there
<smoser> and you're ok with that?
<jdstrand> sure
<jdstrand> smoser: the default install won't have the maas file so the profile is not actually changed
<smoser> right.
<jdstrand> smoser: so in that way, it is even better than editing the profile directly
<smoser> so in precise, then, we will write '#include <isc-dhcpd.d>' into the local file
<smoser> and create the directory
<jdstrand> it would be nice to clean out the euca bits to use this then, but obviously that doesn't need to happen right now
<smoser> on installation of maas
<jdstrand> smoser: I would recommend in precise doing an sru for isc-dhcp
<smoser> jdstrand, ok. we can do that too.
<smoser> just more painful, but you are correct more "correct"
<jdstrand> smoser: it is effectively a no-op for the profile, and reduces the deltas
<smoser> thanks.
<jdstrand> np
<uvirtbot> New bug: #1049167 in antlr3 (universe) "package antlr3 3.2.is.3.2-7 failed to install/upgrade: trying to overwrite '/usr/share/java/antlr.jar', which is also in package libantlr-java 2.7.7+dfsg-4build1" [Undecided,New] https://launchpad.net/bugs/1049167
<akoumjian> Anyone here knows deb packages? I have a single executable file that I want placed in /usr/local/bin. What is my path to least resistance here?
<smoser> jdstrand, http://paste.ubuntu.com/1198843/ does htat look remotely correct?
<smoser> i used usr.sbin.dhcpd.d rather than 'isc-dhcp.d' just as that seemed like more consistent naming.
<smoser> (so i'm asking for input there)
<stgraber> smoser: for bug 1049177 can you just attach a patch or commit to ubuntu:isc-dhcp but without uploading? I'm still planning on doing some isc-dhcp work today/tomorrow so unless it's urgent, I'd prefer to limit the number of uploads
<uvirtbot> Launchpad bug 1049177 in isc-dhcp "isc-dhcp-server apparmor profile should have include ".d" " [Medium,In progress] https://launchpad.net/bugs/1049177
<smoser> stgraber, sure. is a mp ok?
<stgraber> smoser: sure
<orogor> xnox, just finished extending
<xnox> orogor: well done =)
<dax_roc> Anyone know the right way to set the dns timeout via /etc/network/interfaces ?
<stgraber> dax_roc: I'd suggest adding the options line to /etc/resolvconf/resolv.conf.d/head or /etc/resolvconf/resolv.conf.d/tail
<dax_roc> stgraber: just found it thanks. appreciated.
<dax_roc> stgraber: is that the same for 11.04 ?
<stgraber> no
<stgraber> resolvconf was only introduced in 12.04
<stgraber> before that, /etc/resolv.conf was a fairly standard file you could edit directly (unless you're using dhclient or some other tool that modifies it)
<dax_roc> No, I'll add it directly, Thought network interface scripts might overwrite it
<dax_roc> *upgrading soon anyway, time permiting.
<dax_roc> stgraber: ha, I had actually found your article, thanks agian StÃ©phane :D
<stgraber> np :)
<xnox> stgraber: but the resolvconf package was available pre-12.04. And for example I was using resolvconf package for a long time =)
<stgraber> xnox: yeah but we don't support nor recommend it before 12.04 as it was quite broken on Ubuntu
<xnox> stgraber: worked for me. I did take time to configure it though. But the days are gone when I was using highly weird university networks.
<hallyn> stgraber: oh no, i only just noticed that when you use the ecryptfs backed containers, 'ecryptfs_root' shows up as though it's a container.  i need to change the target mount dir.
<stgraber> xnox: yeah, and you probably had a system where /etc was read/write and /usr wasn't a separate partition
<xnox> =( it was a macbook as well
<moothecow> is there any way to force the auto update process to send an e-mail (basically I just want to test it's email functionality - set up heirloom (prev. nail))
<moothecow> went for heirloom as it's just 1 package opposed to bsd-mail+ssmtp for example. Seems simple enough - mailx sends stuff out nicely
<RoyK> apt-get install mailx ?
<RoyK> seems the same
<moothecow> mailx is a virtual package, but how does that force apt's auto update process to send a test mail?
<dax_roc> stgraber: I've added options rotate, options timeout:1 to the base file but it's not rotating ? any suggestions. Any way I can see the full resolv.conf ?
<stgraber> dax_roc: did these options get into your /run/resolvconf/resolv.conf?
<dax_roc> I don't have one
<dax_roc> stgraber: just interface, postponed-update in /run/resolvconf
<Daviey> roaksoax: you'll work with zul and adam_g for "[andreserl] Track GlanceAPI, Glance Registry, Keystone RA's, and ensure they hit the archive.: TODO" ?
<roaksoax> Daviey: yeah, well debian maintainers has made a debian packaging available on github but since I haven't been able to catch up with him I don't yet know if his plans are to upload that to debian or what
<roaksoax> Daviey: cause initial he said that those resource agents would be part of upstream (openstack)
<roaksoax> initially*
<uvirtbot> New bug: #917824 in qemu-kvm "qemu loops/hangs on extending qcow2-diskspace" [High,New] https://launchpad.net/bugs/917824
<rtdos>  hey i added "0 0 * *  * /sbin/shutdown -h now" to my crontab, but do i need to update the sudoers file? ...to what? or should that be "/sbin/poweroff" instead? help?
<Jeeves_> rtdos: Which user runs that command?
<e_t_> rtdos: sudoers won't enter into it. You can supply a password to a cronjob and it's not a good idea to let a user use shutdown without a password. If you're going to use that cron at all, it should be root's crontab. Root, of course, doesn't need permissions from sudo to power down the computer.
<e_t_> *can't supply a password to a cronjob.
<RoyK> e_t_: you can configure sudo to let a user use certain commands without a password
<RoyK> e_t_: or you can run the cronjob as root
<e_t_> RoyK: that's almost exactly what I said: "it's not a good idea to let a user use shutdown without a password" and "If you're going to use that cron at all, it should be root's crontab"
<RoyK> e_t_: if it's a reboot, with a controlled script, it's ok for a certain user if that user only runs cronjobs
<RoyK> e_t_: and if the command allowed is only the reboot thing
<RoyK> e_t_: allowing a user full sudo access, even if it's a cron user, isn't very wise
<slyboots> Does anyone here, have any good guides on setting up "permissions" espically nfsv4 permissions for Ubuntu
<slyboots> This is *baffling* me, how your supposed to implement access control in linux as is
<zul> Daviey: can you review websockify for me?
<uvirtbot> New bug: #1049240 in vsftpd (main) "nologin shells don't allow sftp access" [Undecided,New] https://launchpad.net/bugs/1049240
<Daviey> zul: NEW review?
<zul> Daviey: dah
<Hexch> hi, can some of you recommend a simple hosting panel, just to manage apache, ftp, mysql?
<grefter> I was just told I need to install ubuntu-server here at work. this OS worth it??
<Hexch> grefter: depends on what you need it 4?
<grefter> monitoring software
<grefter> thats it
<Hexch> zabbix ?
<grefter> opennms
<Hexch> or something else?
<Hexch> you can use ubuntu for that
<grefter> using it to monitor our datacenter servers and controllers
<grefter> alright, sounds good
<Hexch> you can use ubuntu for all your linux/unix based software
<grefter> lol
<Hexch> easy to administer
<grefter> in comes the sales pitch ;)
<Hexch> ohh no.. I am not a salesman
<grefter> heh
<grefter> like debian is I hear?
<Hexch> acctually Im technitian as you
<grefter> putting it on an r520 .. debian missed the beat
<grefter> centos purss like a gurkin, but they won't let me use it, cause opennms was build around .deb files...bloody developers :)
<Hexch> then just use ubuntu
<Hexch> I've just upgraded 10 of our webservers lastweekend to latest relase and some of the servers were running 8.04 without any problems
<Hexch> my point is good documentation
<cwesterfield> Anyone have mollify setup with sqlite? I am apparently doing it wrong
<grefter> well, guess we'll never know until we try it out :D
<rtdos> how do i use root's cron job?
<SpamapS> rtdos: do you mean, how do you make a cron job that runs as root?
<rtdos> yes. what i am trying to do is power off the system unconditionally.
<grefter> pull the cord ?
<patdk-wk> use ipmi :)
<hallyn> jamespage: stgraber: I'm torn.  right now the lxc testsuite is one big py-unittest.  To convert it to utah, should i be splitting it up with one test per dir?
<hallyn> it'll mean everyone will *have* to use utah to neatly run the tests...
<hallyn> whereas right now they can just branch my tree and run it all
<rtdos> ipmi ?
<stgraber> hallyn: what's the URL of your test branch again? want to check if there's no easy way to get something roughly at the middle where we can still easily run the tests without utah but can also have utah call the individual tests
<jamespage> hallyn, I'd just stick it in a one test
<hallyn> stgraber: lp:~serge-hallyn/+junk/lxc-test
<hallyn> I'm going to put it all in one test under lp:~serge-hallyn/+junk/utah-lxc for now
<hallyn> jamespage: ok, thanks.  will do
<jamespage> hallyn, I think we should ask that utah know how to deal with tests which are actually test suites/multiple tests
<hallyn> ah, actually it let me use lp:~serge-hallyn/utah/utah-lxc
<hallyn> jamespage: +1
<stgraber> hallyn: ok, I think you may eventually interested by refactoring the tests to look like what we're doing in ubiquity and a few other package. Basically a bunch of .py files each containing a unittest.TestCase class and using a "run" script that calls them all but also allows you to only run a subset
<stgraber> hallyn: lp:~ubuntu-qa-website/ubuntu-qa-website/python-qatracker is I believe a reasonable example of this (look at the tests directory)
<hallyn> stgraber: that's similar to what the utah structure woudl be
<hallyn> ok, thanks.  that would probably be nicer long term
<grefter> not a good start for ubuntu, get to the install screen, hit enter to install ubuntu-server, get a black screen..
<grefter> fuckin server takes off like a rocket and then nothing happens :D
<TheLordOfTime> !language
<ubottu> Please watch your language and topic to help keep this channel family-friendly, polite, and professional.
<grefter> i hear families swear all the time..
<grefter> unless they are mormons
<guntbert> grefter: just don't do it in here please
<grefter> heh
<grefter> regardless, ubuntu doesn't work on this server either it appears.
<grefter> dell r520, anyone got one?
<guntbert> grefter: can you switch virtual terminals?
<uvirtbot> New bug: #1049309 in keystone (main) "keystone package: logrotate should have compress option" [Undecided,New] https://launchpad.net/bugs/1049309
<grefter> guntbert: no, just a black screen, monitor appears to be in hibernation
<guntbert> grefter: sorry, I have to ask: do you know how to switch VTs?
<grefter> if I reboot the server, i get a display, only drops when I try to install
<grefter> guntbert: yes I know, that doesn't appear to be the issue
<guntbert> grefter: another idea: did you check if the iso was ok before burning it?
<grefter> no, actually I didn't. does that  commonly happen with ubuntu?
<patdk-wk> heh?
<guntbert> grefter: not at all, but a bad d/l makes a bad CD :-)
<patdk-wk> that has nothing to do with ubuntu, but your internet connection when you downloaded :)
<guntbert> !md5sum | grefter
<ubottu> grefter: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<grefter> appers to be the server, have a second one and it works fine.
<grefter> nothing like an 8k paper weight
<patdk-wk> dell?
<grefter> yer
<patdk-wk> my friend has the strangest issue with ubuntu cd's and dell cdrom's
<patdk-wk> try using the alt iso image
<patdk-wk> or you could attempt a mini-iso/net boot
<grefter> yea, good idea
<patdk-wk> for some reason, his dell cdroms refuse to boot ubuntu :(
<grefter> but it's weird, both server are the same..but the disk works in 1 not the other :D
<patdk-wk> I dunno if I have that issue with my dells, as I always netboot install
<grefter> i'll try a net on the 2nd box
<guntbert> patdk-wk: thats fine after you get them to wake-on-lan without windows
<patdk-wk> heh?
<patdk-wk> why would I bother with wake-on-lan with a server?
<patdk-wk> but I have a crapload of dells at home, they all wake-on-lan just fine
<patdk-wk> go in bios, turn on wake-on-lan, disable ultra-low-power-savings, done
<guntbert> patdk-wk: (we are off topic here, so..): I guess you are right with a dell*server*, the consumer machines behave somewhat different it seems
<patdk-wk> actually, I was talking about dell workstation machines that I do that with, sx270, sx280, gx620, optiplex 745, optiplex 755, optiplex 780 optiplex 790, optiplex 960
<patdk-wk> all of those wake-on-lan the same exact way, works perfect with ubuntu server
<patdk-wk> I have used most all of those as mythtv frontend machines using wake-on-lan
<guntbert> patdk-wk: glad to hear it - my experience was different - but lets drop that here :=)
<uvirtbot> New bug: #1049321 in irqbalance (main) "package irqbalance 1.0.3-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1049321
<stgraber> mdeslaur, smoser: does that look right to you? http://paste.ubuntu.com/1199407/
<stgraber> mdeslaur, smoser: the branch history is in a pretty bad state so I had to go through debdiffs and as the introduction of that code was pre-natty there was no good way of extracing a clean diff...
<mdeslaur> stgraber: you're missing the argument I believe
<smoser> mdeslaur is right. wait_for_root takes an argument.
<stgraber> oops
<stgraber> hmm, you sure? last version I see with wait_for_rw doesn't pass an argument
 * stgraber finds a 12.04 machine, will be much easier this way ;)
<stgraber> indeed it does and my code is wrong too, guess I used an older version
<stgraber> let me update that
<stgraber> mdeslaur, smoser: that should be better: http://paste.ubuntu.com/1199418/
<smoser> stgraber,  http://paste.ubuntu.com/1199428/ is the content pre merge
<smoser> key things there are 'readlink -f'
<smoser> to get the correct directory of the file if its a link
<mdeslaur> stgraber: looks like you're using new_resolv_conf before you assign it
<stgraber> mdeslaur: indeed... fixed
<stgraber> smoser: right, so that's something like this then: http://paste.ubuntu.com/1199437/
 * stgraber really wishes we'd just consider non-resolvconf setups as unsupported and stop having to workaround these cases...
<smoser> stgraber, i'm surprised... but i was actually coming to that conclusion the other day.
<smoser> or rather this morning
<smoser> as i was thinking with how to correctly update /etc/resolv.conf
<mdeslaur> stgraber: the rm -f $new_resolv_conf will fail if the partition isn't r/w yet
<smoser> and was inventing some scheme that would allow multiple parties to collaborate in its maintenance
<smoser> and then realized that we had such a thing, and it was already the default
<stgraber> :)
<stgraber> mdeslaur: indeed... moving the call one line up to fix that one ;)
<hallyn> jamespage: there is something i'm missing... when i do sudo utah -r ./runlists/print-server.run   i get a failure
<hallyn> i gather i can't use the .run file as a runfile?
<hallyn> oh it's probably prety late for jamespage
<mdeslaur> stgraber: you're also going to need to use ${resolv_conf} instead of "/etc/resolv.conf" everywhere lower down do you replace the symlink target instead of the symlink
<stgraber> mdeslaur: yep, noticed that when going through the script again...
<stgraber> mdeslaur: http://paste.ubuntu.com/1199462/ anything I missed?
<stgraber> I'll make sure this one gets forwarded to Debian because it's going to be a pain to merge
<mdeslaur> stgraber: looks good to me
<unsecur3d> nice
<unsecur3d> got it going :)
<unsecur3d> this will save me a few bucks
<unsecur3d> ahhh wrogn chan
<smoser> stgraber, if you have not committed yet, could you put a comment on the ': >>' line ?
<smoser> referencing bug 857524
<uvirtbot> Launchpad bug 857524 in isc-dhcp "dhclient-script will not work with read-only /etc" [Undecided,Fix released] https://launchpad.net/bugs/857524
<smoser> just because at one point that was 'test -w' but that was insufficient in reality
<stgraber> smoser: already commited and forwarded to Debian. I'll send a comment to the Debian bug though.
<smoser> wait.
<smoser> but htat bug is bad.
<guntbert> stgraber: is there a way to increase the time for dnsmasq to wait for an answer from the NS?
<smoser> just a minute
<stgraber> smoser: ok
<smoser> bug 856984 is right
<uvirtbot> Launchpad bug 856984 in isc-dhcp "dhclient-script attempts to write /etc/resolv.conf before it is writable" [Undecided,Fix released] https://launchpad.net/bugs/856984
<stgraber> smoser: thanks, commented in the Debian bug
<three18ti> what would cause the dns-nameservers directive not to be loaded when I perform a networking restart?  I've configured my IP statically and am attempting to assign DNS servers, but when I restart networking, my resolv.conf is over written with my nameservers as 127.0.0.1, however, my dns-search directive is being read correctly.
<three18ti> honestly, I could just remove the symlink, add my name servers, then make /etc/resolv.conf immutable, but that is just the wrong way to fix the problem.
<uvirtbot> New bug: #1048677 in horizon "UncompressableFileError: 'horizon/js/horizon.js' isn't accesible via COMPRESS_URL" [Undecided,New] https://launchpad.net/bugs/1048677
<three18ti> so... can I just purge resolvconf?  `apt-get purge resolvconf` so it doesn't overwrite my "custom" /etc/resolv.conf (since I removed the link then created an immutable file /etc/reslov.conf), and frankly the errors "resolvconf: Error: /etc/resolv.conf isn't a symlink, not doing anything." are simply annoying since my system seems to have it out for me today.
<three18ti> crap, when I try to remove resolvconf it wants to remove ubuntu-minimal...  ubuntu-minimal is a meta package right?
<adam_g> zul: when is cinder supposed to initialize its sqlite db? its doing it in both cinder-scheduler and cinder-common postinsts
<zul> cinder-common
<zul> adam_g: i could have sworn i put it in there
<adam_g> zul: it is there
<adam_g> zul: but its also in cinder-scheduler
<adam_g> ill remove it
<adam_g> (from scheduler)
<zul> yeah i didnt put it in cinder-scheduler
<adam_g> zul: either way, neither of them actually work
<zul> adam_g: bah
<black_13> what is initrd preseeding
#ubuntu-server 2012-09-12
<marshall> hey ubuntu-server
<marshall> i would like to ssh into my server without having to type my password, but I've added my id_rsa.pub to my account's authorized keys on the server and I still have to type my password. why would this happen?
<ironm> marshall, you shold modify the sshd config on your server (as far as I can remember)
<shantorn> evening, i am very new to server work and am trying to get my feet wet, i have been all over the web today trying to find a good recomended partitoning layout for a file server and have yet found anything i can sink my teeth into, could one of you point me to a tutorial or guide on recomended directory sizes for a standard server please
<linocisco> hi
<pmatulis> shantorn: use a simple layout like /, /home, and swap
<shantorn> thanks for th response but wouldnt it be better to do sep /usr /var as well?
<shantorn> i just dont know
<pmatulis> shantorn: no
<pmatulis> shantorn: sometimes /var if you have something special going on there that might fill up / otherwise.  like a database
<shantorn> i see
<shantorn> what do you think would be safe for / size? 15 gb?
<shantorn> size doesnt really matter but i want to get a hang of this
<pmatulis> shantorn: unless you want to save your diskspace for something special just use /, /home, and swap.  you should figure out what you need for /home and swap and give the rest to /
<shantorn> thank you for the advice
<pmatulis> shantorn: it's hard to give better if i don't know what you intend to do with the server
<shantorn> its going to be a basic file and media server for starters, and then grow from there, i also want to share files across my network for my lin laptop and sons nix laptop and print server
<pmatulis> shantorn: how much disk space do you have in total?
<shantorn> for the install? 160 gb
<shantorn> i also have a seperate drive for shared stuff
<shantorn> ntfs on one and ext 4 on the other so 3 drives total
<pmatulis> shantorn: so 160 for the system itself and the other drives contain the served files?
<shantorn> yes
<pmatulis> shantorn: will there be other users on this system?
<shantorn> yes 4-5
<pmatulis> shantorn: how much memory?
<shantorn> 4 gb witha tri core amd
<pmatulis> shantorn: i recommend forgetting about separate /home (5 users is not a lot) and go with: swap of 3 GB and the rest on /
<shantorn> interesting
<shantorn> ok
<pmatulis> shantorn: do you trust these users?
<shantorn> they are my wife and kids so its sketchy
<shantorn> lol
<shantorn> they cna follow directions and will do as i suggest
<pmatulis> shantorn: i was actually thinking of that answer before you said it
<pmatulis> shantorn: you should be good then
<shantorn> thank you for your time
<pmatulis> shantorn: you're welcome.  btw, a 160 GB drive sounds kinda old.  make sure you don't use too old a drive.  they tend to fail
<shantorn> its a test machine and its about 2 years old
<shantorn> the drives
<shantorn> maybe 3 now lol
<pmatulis> not too bad
<qman__> actually that's pretty ripe for failure
<qman__> in my experience, drives made in the last five years or so give up the ghost at about 2-3 years power on time
<qman__> just make sure you have backups
<qman__> of all the drives I've bought in that time, that's the mark for 50% failure rate
<shantorn> thats high i would think, but you have a valid point
<qman__> I know the sample is a bit small, but I've got at least three different brands, lots of models, and over 50 drives
<qman__> and no trends in the failure rates between brands
<ScottK> The only drives I've had fail in less than 5 years without some obvious external cause were all Western Digital.
<shantorn> wow
<qman__> then you haven't bought enough of them
<ScottK> I had a Seagate die recently that was 6 years old, but hadn't been used much, so I hadn't replaced it.
<ScottK> Not sure how to score that.
<qman__> I've lost...12? seagates
<qman__> and I've RMA'd three of my 13 samsungs, and two more are showing signs
<ScottK> They did have a bad run a few years ago, I didn't buy any then.
<qman__> I've lost 7200.10s, 7200.11s, and 7200.12s
<qman__> if it's a bad run, it's a three year bad run
<ScottK> I also don't count a laptop hard drive that died a week after I had a major car crash and it was in the car.
<ScottK> No, I don't think so.
<ScottK> I wonder how much difference power supplies make?
<ScottK> I could imagine better power helps reliability, but I've got no data to say.
<qman__> I always buy oversized power supplies and run UPS on almost everything
<qman__> so, in my case, no help there
<qman__> the point is, though, you can't trust a hard drive
<ScottK> Sure.
<qman__> so keep good backups
<qman__> unless it's a quantum fireball
<ScottK> No argument there.
<qman__> because if it's still working after the last 12 years, it'll probably keep going a lot longer
<qman__> mine's actually closer to 15
<ScottK> I have a Dual PIII 450 system I built in 1999 that's still running as a file server, but I've replaced the hard drives (premptively) and it's about time to do it again.
<qman__> this one survived windows 95, and went on to outlive no less than 11 other drives in the same server
<qman__> and it's still going
<qman__> it doesn't have SMART so I don't know exactly, but it's in the realm of 10 years power on time
<qman__> and I honestly wouldn't be surprised if it lasts ten more
<qman__> if I can even get an IDE controller in a server 10 years from now
<blackshirt> hello, is it possible to limit samba just allowed some type of files ?
<uvirtbot> New bug: #1022462 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1022462
<blackshirt> is it possible to limit samba just allowed some type of files ?
<ironhide> how to setup web server?
<hallyn> jamespage: (ignore my previous ping;  switching to stable ppa fixed it for me)
<koolhead17> hi all
<d3f4c3d> hello
<d3f4c3d> error while loading shared libraries: libcrypto.so.4
<d3f4c3d> what is this guys ?
<SpamapS> d3f4c3d: exactly as it sounds... problem with libraries.
<d3f4c3d> any clue to fix it somehow ?
<SpamapS> d3f4c3d: not without knowing the progrm that is failing, and where it came from
<d3f4c3d> its cisco IOS program basically
<d3f4c3d> when im trying to start routers i get ../wrapper-linux: error while loading shared libraries: libcrypto.so.4: cannot open shared object file: No such file or directory
<SpamapS> ugh
<SpamapS> closed source binaries are the worst
<d3f4c3d> i have no clue what you said sir but okay :D
<SpamapS> d3f4c3d: most likely it was built for an older version of the lib that is not on your system
 * SpamapS passes out
<Eagleman> Why is ubuntu hanging on every reboot, it will take about 3 minutes to boot succesfully:  Waiting for network configuration...   network file: http://pastebin.com/DdsLLHBz
<Eagleman> I have disabled the waiting by commentin sleep in failsafe.conf
<d3f4c3d> oddly i have /usr/lib/libcrypto.so.4
<d3f4c3d> /lib/libcrypto.so.4
<Daviey> jamespage: hey, can you clarify what unit https://jenkins.qa.ubuntu.com/view/Quantal/view/ISO%20Testing%20Dashboard/job/quantal-server-amd64_minimal-virtual/123/testReport/test/MinimalVirtualTest/testInstallSize/ is?
<jamespage> Daviey, 1k blocks
<jamespage> # 1k blocks that is - it looks at the output from df
<jamespage> threshold for amd64 is ~684MB
<Daviey> jamespage: so, what do you think about the current test?
<Daviey> is it a failure?  or should we bump the max?
<jamespage> bump it
<Eagleman> Why is ubuntu hanging on every reboot, it will take about 3 minutes to boot succesfully:  Waiting for network configuration...   network file: http://pastebin.com/DdsLLHBz
<Daviey> jamespage: so, that is currently ~710MB?
<jamespage> yeah
<jamespage> I would say target 725MB
<jamespage> as the max
<jamespage> odd that amd64 is more than 50MB bigger than the i386 max threshold
<Daviey> jamespage: i assume you saw, bug 725972 latest comment?
<uvirtbot> Launchpad bug 725972 in gnome-settings-daemon "gnome-settings-daemon crashed with SIGSEGV (dup-of: 554280)" [Medium,New] https://launchpad.net/bugs/725972
<uvirtbot> Launchpad bug 554280 in gnome-settings-daemon "gnome-settings-daemon crashed with SIGSEGV in g_str_hash()" [Low,Expired] https://launchpad.net/bugs/554280
<Daviey> jamespage: amd64 is probably bigger because of multi-arch?
<Daviey> err, bug 1017978 .. bad paste
<uvirtbot> Launchpad bug 1017978 in libfcgi "[MIR] libfcgi, ceph (radosgw)" [Medium,Fix released] https://launchpad.net/bugs/1017978
<jamespage> Daviey: flip - that was only 17 minutes ago
<jamespage> fixing now
<jamespage> \o/
<jamespage> although its OK to put radosgw into main; you can't actually use it ATM without a package from multiverse
<jamespage> Daviey, the test does add some extra for amd64 to accomodate multiarch - 30MB
<jamespage> so its 20MB bigger than that!
 * jamespage melts his laptop for a bit building ceph
<Daviey> jamespage: let the cloud be with you.
<jamespage> still quicker using 4 cores + SSD
<jamespage> I have to open the window tho :-)
<Daviey> jamespage: Think of the trees!
<balboah> I'm trying to get xen-tools on debian to debootstrap precise for me. Anyone happen to have an idea why the ubuntu guest freezes on boot like this? https://dl.dropbox.com/u/2468164/Screen%20shot%202012-09-12%20at%2010.41.11.png
<karihre> Hi, I'm trying to find out which process is listening to the nfs port without much success, netstat gives me that the port is open and something is "LISTENING" but lsof -i doesn't reveal what process this is, what am I missing here? (see http://pastebin.com/eRuzwLtT)  Thanks.
<balboah> I managed to get another image booting, but had problems with xen barrier killing the disk. So I upgraded the debian xen hypervisor to the latest stable to get that issue fixed. Not sure if that upgrade relates to now killing my xen-tools instead
<balboah> I'll just try dd the other working image and reconfigure it for now
<_ruben> karihre: use netstat -lp
<karihre> _ruben: yep, I was sort of already there: http://pastebin.com/CApkN10Y , what does the - mean?
<karihre> I'm using nfs4, just find it strange that in order for it to work, you only need port 2049 open (in firewall), yet I can't see what process is listening to this port..?
<Daviey> jamespage: hey.. did you try a build without dh_makeshlibs -n?
<jamespage> Daviey, yeah - just finishing now - there is a reason for the manual maintainer scripts but I think I have a neater way of doing it
<Daviey> i really wonder what part of the dh generated postinst it complains about
<Daviey> jamespage: using override?
<jamespage> Daviey, the ceph package has some .so's; I think I can use a -X to exclude those from being detected
<Daviey> ah cool
<jamespage> which means we can drop the maintainer scripts
<jamespage> testing that theory now
<jamespage> problem is that ceph takes ~30 mins to build
<karihre> Okay I am getting this a bit strange output from netstat: http://pastebin.com/CApkN10Y , what does the - mean, indicating that no process is listening, yet something is listening to the port, I'm confused here..?
<decci> Do we have any Ubuntu Hardware Certified Suite / tool ?
<Eagleman> Why is ubuntu hanging on every reboot, it will take about 3 minutes to boot succesfully:  Waiting for network configuration...   network file: http://pastebin.com/DdsLLHBz
<balboah> Eagleman: maybe the dhcp doesn't respond?
<Eagleman> balboah any idea where to see that?
<Eagleman> because i will get a respond in a few seconds with dhclient
<koolhead17> packages.ubuntu.com can anyone open it
<tsimpson> koolhead17: it's down for everyone, server issues on the Canonical side
<koolhead17> oohok
<dax_roc> stgraber: When I add the rotate option to tail or head it's not picked up, Do any services need to be reloaded ?
<dax_roc> *option rotate or timeout:1 aren't picked up as the failover to the second entry is very slow 5+seconds
<Eagleman> Why is ubuntu hanging on every reboot, it will take about 3 minutes to boot succesfully:  Waiting for network configuration...   network file: http://pastebin.com/DdsLLHBz
<fidel> Eagleman: in general ' bootchart' is a nice package to see your booting-process in detail as image
<fidel> in this particular case: if noone onhere reacts on the problem, - consider searching your favorite search for the error-string - its a well known issue and the message should end in tons of forum hits
<Eagleman> it will
<Eagleman> but i ended up using a workaround
<Eagleman> not fixing the issue
<jamespage> Eagleman, that would normally indicate that your network is not starting correctly during bootup; which version of Ubuntu do you see this on?
<Eagleman> 12.04 server
<Eagleman> everything works
<Eagleman> thats the problem
<Eagleman> even if i disable sleep in failsafe.conf ( the file which lets me wait )
<jamespage> Eagleman, if you check in /var/log/upstart you might see some additional log information related to the network interfaces starting up
<fidel> Eagleman: yep - my workaround wasnt a solution either - but a hack ....had the issue as well some month ago (but i dont remember the details)
<Eagleman> A lot of information in /var/log/upstart
<Eagleman> and why are they archived?
<tsimpson> logrotate
<tsimpson> and because you may need previous logs, for comparison, or so you can see what happened last time etc
<Eagleman> Still everything works as it should
<Eagleman> i doubt i will find anything
<decci> Hi, Do Ubuntu provides any hardware certification Test suite which can be performed locally and report logs to ubuntu?
<dax_roc> I've added option rotate to /etc/resolvconf/resolv.conf.d/base and rebooted, When I dig for a dns entry I always get the same nameserver. Should they not rotate round robin? Does anyone know if the resolution of the timeout option can be decimal?
<_ruben> karihre: ah, i think i know what's going on: you're most likely using the nfs server that resides in kernelland and not userland, so it doesn't show up as a (userland) process
<karihre> _ruben: ah, that seems reasonable
<dax_roc> stgraber: /etc/resolv.conf wasn't a symlink, quick dpkg-reconfigure and it's all working now.
<karihre> _ruben: thanks
<zul> adam_g/Daviey: ill upload quantum and horizon rc1 today
<zul> Daviey:  the MIR should be ready for quantum with the work we put into it
<Daviey> \o/
<grefter> I keep getting this msg
<grefter> CPU0: Package power limit notification (total events = 1)
<grefter> never seen it before until ubuntu, is this an issue?
<Troloulol> hello how do you scan a lan network on ubuntu ?
<karihre> Troloulol: nmap?
<Troloulol> thx do you know full comand ?
<smoser> best snippet ever:
<smoser>  [ "$(dpkg --print-architecture)" = "amd64" ] && farch="$(dpkg --print-foreign-architectures)" && [ "${farch#*i386}" != "${farch}" ] && sudo dpkg --remove-architecture i386 && echo "ridded you of that needless i386"
<uvirtbot> New bug: #1049582 in ceph (main) "radosgw crash on armhf architecture" [Undecided,New] https://launchpad.net/bugs/1049582
<uvirtbot> New bug: #1049620 in quota (main) "quota does not correctly report for quotas above 2 TB" [Undecided,New] https://launchpad.net/bugs/1049620
<uvirtbot> New bug: #1049674 in awstats (main) "awstats : incompatible-java-bytecode-format with OpenJDK 7 as default-jdk" [Undecided,New] https://launchpad.net/bugs/1049674
<zul> hallyn: ping
<hallyn> zul: here, but walking out - back in a few
<zul> hallyn: k
<hallyn> zul: 'sup?
<zul> hallyn: i totally forgot now :(
<hallyn> zul: yay it worked!
<zul> hallyn: ill remember it eventually
<hallyn> ok
<zul> hallyn: oh yes now i remember what happens if the block device is in both devices.allow and devices.deny
<grefter> i keep getting this debug msg
<grefter> 08:26 < grefter> CPU0: Package power limit notification (total events = 1)
<grefter> anyone happen to know if that's an issue?
<grefter> or just generic output?
<hallyn> zul: depends which you add it to last
<hallyn> zul: last one wins
<hallyn> it's a stupid, simple whitelist
<uvirtbot> New bug: #1049852 in multipath-tools (main) "package kpartx 0.4.9-3ubuntu5 failed to install/upgrade: dependency problems - leaving unconfigured (dup-of: 1049850)" [Undecided,New] https://launchpad.net/bugs/1049852
<uvirtbot> New bug: #1049853 in multipath-tools (main) "package kpartx 0.4.9-3ubuntu5 failed to install/upgrade: dependency problems - leaving unconfigured (dup-of: 1049850)" [Undecided,New] https://launchpad.net/bugs/1049853
<zul> so if i detach the detach the device i could put it in devices.allow and then remove the block from the container?
<zul> er...devices.deny
<zul> smoser: ^^^
<zul> hallyn:  im just trying to figure out a sane way to do the detach block device from a container
<hallyn> zul: yup, should work
<TheLordOfTime> anyone know where in the php5 package their documentation / release notes are?
<TheLordOfTime> (Quantal)
<smoser> and then what happens when you have to add it again? hallyn ?
<TheLordOfTime> sorry to ask in here, but, you know, you *are* the server package people :P
<zul> TheLordOfTime: /usr/share/doc/php5
<smoser> ie, say he needs to add that same major minor?
<smoser> you add it again to devices.allow?
<smoser> it seems like the interface works, but its strange.
<zul> smoser: assuming yes
<zul> since devices.allow and devices.deny is a simple blacklist thingy
<zul> (i love my technical terms
<smoser> hallyn, ?
<smoser> is that right?
<smoser> so: while(1) { add_to_devices_allow() ; add_to_devices_deny(); }
<hallyn> smoser: yes.  it's a simple whitelist
<hallyn> add to devices.allow, it's added
<hallyn> add to devices.deny, it's removed (if it's there)
<hallyn> note, upcoming kernels this will change just a tinge.  but for now, and since 2008, that's how it works
<zul> change as in how?
<zul> just curious
<hallyn> well, from a simple whitelist, to a 'default behavior' (allow or deny) plus exceptions (whitelist or blacklist)
<zul> ah ok
<zul> smoser/hallyn: so the thing i have in my mind is this
<zul> put the device in the devices.deny, rm the block device
<zul> smoser: sounds good?
<smoser> what happens if the device is in use ?
<smoser> (mounted or otherwise, a filehandle open)
<hallyn> smoser: you can keep using those
<hallyn> just as you can keep using mounted / even though it's on sda1 and that's not in your whitelist
<hallyn> only actions on the actual /dev node will fail
<smoser> zul, so you will have to take care to deal with that.
<smoser> i'm not sure how
<zul> smoser:  agreed
<smoser> i'm asusming the subsequent iscsi detach will fail?
<smoser> hallyn, ?
<smoser> ie, the host will be adding and removing the block device to the lxc container would un-attach the iscsi device that is backing it
<hallyn> smoser: im not sure what an iscsi detach entails
<smoser> but that will surely fail if it is still in use
<smoser> i'm not sure either
<zul> smoser: lemme play with it and ill get back to you
<smoser> stgraber, around?
<stgraber> smoser: yep
<smoser> i havent verified this in testing
<smoser> but it seems to me that your merge of open-iscsi broke iscsi-network-interface.conf
<stgraber> it's not completely impossible that it did :)
<smoser> as i dont think the initramfs is writing /dev/.initramfs/open-iscsi.interface anymore, but iscsi-network-interface.conf is still trying to consume it
<stgraber> it was more of a sync + re-apply relevant delta than a merge
<smoser> (well, /run/initramfs/open-iscsi.interface)
<stgraber> hmm, ok, weird that it didn't break my system during testing... but should at least be pretty easy to fix
<stgraber> actually, shouldn't it be looking for /run/net-* instead of checking yet-another-custom-file?
<zul> hallyn:  is there a way to determine if something is mounted in the container from the host?
<hallyn> zul: does cat /proc/pid/root/proc/1/mounts and ../mountinfo work?
<hallyn> should
<zul> hallyn: ill check
<zul> hallyn: just thinking ahead
<hallyn> zul: ok.  pretty sure it's how i usually debug startups (i don't think about it much, just do it) so should work
<zul> thanks
<uvirtbot> New bug: #1049908 in lxc (universe) "Upstart control of lxc container instances" [Undecided,New] https://launchpad.net/bugs/1049908
<hallyn> rm -rf cd qemu-kvm-1.2.0+noroms    <- jinkeys that's not good
<uvirtbot> New bug: #1049914 in lxc (universe) "cannot use long form of '--name' to lxc-clone" [Undecided,New] https://launchpad.net/bugs/1049914
<uvirtbot> New bug: #1049915 in nova (main) "Logrotate.d files do not have the compress option enabled" [Undecided,New] https://launchpad.net/bugs/1049915
<unsecur3d> damn
<unsecur3d> mad bugs :x
<unsecur3d> can u join 12.04 with an ad ds on win2k8 ?
<uvirtbot> New bug: #1049926 in lxc (universe) "logging of init doesn't go to console" [Undecided,New] https://launchpad.net/bugs/1049926
<hallyn> zul: smoser: i won't resort to this unless it fixes a bunch of subtle bugs, but i'm testing qemu-kvm 1.2 package right now.  built locally and runs fine so far (starting heavy testing now), but about to push it to ppa:ubuntu-virt/virt-daily-upstream
<rynop> I'm looking for a way to ask the ppa maintainer for precise php5, if he/she would update the php5 version due to a  bug that impacts production ubuntu-servers (its fixed in newer ver of php 5.3).  Anyone know the right/formal way to do this?
<rynop> I cant find the maintainers on https://launchpad.net/php/main or the precise link from w/in there.
<patdk-wk> you file a bug report
<ikonia> rynop: look in the registry-drivers team, lots of names
<patdk-wk> https://bugs.launchpad.net/ubuntu/precise/+source/php5
<ikonia> 56 active members, I'm sure starting a conversation iwth one of them
<ikonia> would get things moving a bit
<rynop> ok thanks much
<rynop> ikonia: looks like the bug has already been reported :)
<rynop> https://bugs.launchpad.net/ubuntu/precise/+source/php5/+bug/1014044
<uvirtbot> Launchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web server (nginx)" [Medium,Fix committed]
<rynop> ikonia, is it typically pretty 'fast' from the time its in 'fix-committed' to 'fix-released' state? like weeks/months? i know its prob dependent on the time the maintainer has
<zul> hallyn: cool...would be good for quantal+1
<hallyn> zul: well, that's up for debate.  this version is strict upstream, not debian
<hallyn> zul: if we're going to go with debian pkgs (which would be nice), i need to change the package layout to completely match debian's - qemu, qemu-kvm, and all
<hallyn> (might require changes to qemu-linaro)
<zul> erp :)
<hallyn> and i'm getting a little worried about the debian qemu community (not qemu-kvm, but qemu-kvm is going away anyway)
<hallyn> so yeah, i need to think about it and we ned to talk about it
<hallyn> if we don't follow debian, then we need to try and work with upstream to have -stable trees we can collaborate on
<hallyn> eh, well, i'd rather follow debian.  i'm going to spend a day or two in october trying to hash that out
<black_13> if you modify the preseed file on the ubuntu iso will this modified file be used during the install process?
<hallyn> jamespage: do yo uknow of a way/place to get full stdout/stderr log output from utah?
<adam_g> smoser: Daviey ping
<hallyn> jdstrand: when doing 'uvt new -r -v -t desktop oneiric amd64 test', when it fails with 'ssh command failed' (but the vm is up), what is usually the proper fix?
<hallyn> i've got 'nameserver 192.168.122.1' in resolv.conf...
<hallyn> oh feh, is it bc it's not running under ssh-agent?
<hallyn> ah yeah that worked
<marshall> im having a problem where my server doesnt seem to be recognizing my authorized keys. I've added id_rsa.pub and i'm still being asked for a password.
<melmoth> marshall, most probably too laxist permission on the private key
<pmatulis> marshall: are you confusing 'password' with 'ssh private key passphrase'?
<uvirtbot> New bug: #1049986 in horizon (main) "Openstack dashboard's Ubuntu theme needs to be re-enabled and refreshed." [Undecided,In progress] https://launchpad.net/bugs/1049986
<uvirtbot> New bug: #1049987 in lxc (universe) "lxc-cloned container breaks if source is later destroyed" [Undecided,New] https://launchpad.net/bugs/1049987
<zul> adam_g: quantum is building with the testsuite im going to upload it
<adam_g> zul: where is it building?
<zul> adam_g:  locally in the chroot
<adam_g> zul: can you push the changes that enable it to the -proposed branch and build it via jenkins first?
<zul> adam_g: sure
<uvirtbot> New bug: #1050001 in lxc (universe) "API shutdown(timeout=X) call always tries to call stop(), spewing error messages to the console when the container is already stopped" [Low,Triaged] https://launchpad.net/bugs/1050001
<zul> adam_g: builds fine
<adam_g> zul: woot
<zul> adam_g: uploading
<adam_g> zul: beware there will be binary-new with that upload.
<zul> adam_g: ack
<uvirtbot> New bug: #1047404 in quantum (universe) "quantum-server upstart script fails to start" [High,Fix released] https://launchpad.net/bugs/1047404
<uvirtbot> New bug: #1047560 in quantum (universe) "quantum-server (and others) cannot be removed." [High,Fix released] https://launchpad.net/bugs/1047560
<smoser> adam_g, here now
<adam_g> smoser: openstack components started to specify cliff>=1.2. we currently have python-cliff 1.1.2 in archive. thoughts on a FFE to bring python-cliff up to date (its only one release off)?
<smoser> fun.
<uvirtbot> New bug: #1049177 in isc-dhcp (main) "isc-dhcp-server apparmor profile should have include ".d" " [Medium,In progress] https://launchpad.net/bugs/1049177
<zul> jdstrand: hey quantum should be fine now
<smoser> sbeattie, if i install a file into apparmour dir (#include <dhcpd.>) should my postinst run sudo apparmor_parser -r ?
<smoser> er... drop sudo. but you get the idea
<smoser> do i need to do that or does some other magic handle that
<roaksoax> hallyn: howdy!! I was wondering if virsh needs to be shipped with libvirt-bin, or can it be shipped outsite it?
<hallyn> roaksoax: uh.  i suppose it could be shipped in a separate package depending on libvirt-bin.  but why?
<hallyn> roaksoax: oh well i guess i can guess.
<hallyn> (suppose it should be able to just depend on libvirt0)
<roaksoax> hallyn: cause for example, maas uses virsh for power contorl... but it make sno sense to install libvirt-bin and related dependencies just to be able to use it
<hallyn> roaksoax: should be doable i think
<roaksoax> hallyn: cool thanks!
<uvirtbot> New bug: #1050021 in autofs (main) "autofs failed to mount .hidden" [Undecided,New] https://launchpad.net/bugs/1050021
<hallyn> roaksoax: note it brings is out of step with debian (no biggie, we're nto following them) and would require ffe for q
<hallyn> zul: ^ you'd be interested
<zul> hallyn/roaksoax: yeah sure
<uvirtbot> New bug: #1050027 in maas (main) "apt-get remove --yes doesn't automatically deconfigure and purge the database " [Undecided,New] https://launchpad.net/bugs/1050027
<roaksoax> matsubara: ping
<matsubara> roaksoax, hi Andres
<roaksoax> matsubara: howdy.. if you have the chance... do you think you can check any other package that uses dbconfig-common to see if you pass --yes does not prompt any questions?
<roaksoax> matsubara: i have been trying to not get that showed.. but couldn't figure out a way to do it
<smoser> sbeattie, around?
<smoser> i need some apparmor help
<matsubara> roaksoax, ok. I'll take a look, don't know much about dbconfig-common
 * slyboots face melts into a pile of goo "Anyone familure with setting up NFS shares?"
<slyboots> I can see/mount them, but permissions and UID/GID's are all screwed up
<chris|> slyboots, do you have statd running?
<slyboots> I dont know whath that is, so .. odds are "no"
<slyboots> My Ubuntu-server is actually only the client however
<chris|> try changing statd=yes in /etc/default/nfs-common and the run `service statd start`
<slyboots> For the client..?
<chris|> yes
<slyboots> Okay..
<slyboots> Im not sure what that was supposed to do :P
<zul> adam_g: ill get swift out tonight as well
<adam_g> zul: cool
<ruben23>  hi guys i installed phpmyadmin on my ubuntu-server but the problme it wont open or load after installed any idea..?
<ruben23> anyone can help
<ruben23> pelase
<zul> Daviey: ping there is some new binaries for quantum in the last upload, can you use your magic powers please?
<smoser> jdstrand, sbeattie mdeslaur anyone able to help me with some apparmor trouble?
<Daviey> zul: Are they kosher ?
<zul> Daviey:  yah
<zul> Daviey:  its just some new plugins
<jdstrand> smoser: I am in a meeting atm. sbeattie could probably help more, but I'll ask-- what's up?
<Daviey> zul: no Breaks/Replaces required?
<smoser> http://paste.ubuntu.com/1201554/
<zul> Daviey: nope
<nov503> Hi, I 've bought some old machines installed windows. Now I want to install ubuntu maas on them. I did the following things: 1. get a 12.04 iso, burn it into usb. 2. use this usb on machine A to install a maas server. 3. use this usb on machine B to "install from a maas server" 4. Machine be shutdown immediately, but I can see the node enlisted on http://machineA/MAAS. 5. I clicked accept & commission for that node. But it
<sbeattie> smoser: jjohansen should be able to help (i have to vanish again shortly; stupid fairy godmother)
<zul> Daviey:  adam_g ^^^
<smoser> jdstrand. i run that, (creating a apparmor.d/dhcpd/maas file) and then trying to use the relaxed permissions
<smoser> but i'm getting
<ruben23> this is my error log
<ruben23> http://pastebin.com/grAX8CXg
<smoser> [466072.226852] type=1400 audit(1347493086.507:31): apparmor="DENIED" operation="capable" parent=20318 profile="/usr/sbin/dhcpd" pid=20339 comm="dhcpd" pid=20339 comm="dhcpd" capability=1  capname="dac_override"
<ruben23> hi guys i installed phpmyadmin on my ubuntu-server but the problme it wont open or load after installed any idea..?
<jjohansen> sbeattie: oh sure your fair god mother bails you out again
<ruben23>  this is my error log---------------> http://pastebin.com/grAX8CXg
<jdstrand> smoser: start it as root
<smoser> http://paste.ubuntu.com/1201556/
<smoser> (i run 'sudo ./go')
<smoser> the profile loads correctly, and if i put something bogus in the 'maas' file, it complains
<smoser> so i know its getting loaded
<smoser> but my content must just be wrong
<sbeattie> cap_dac_override indicates that the dac permissions on something are wrong, and that the root process is overriding the DAC permissions
<Daviey> zul: upstream Licence "websockify is licensed under the LGPL version 3" .. but d/copyright says GPL-3?
<smoser> sbeattie, too many big words. can you dumb it down?
<zul> Daviey: damn it ill have a look at it tomorrow morning need to deal with cranky child
<Daviey> zul: yeah, i'm too tired to full go over it anyway.
<jjohansen> smoser: dac permissions == regular file xugo perms
<jdstrand> no-- dhcpd drops privs differently than in the past, so you have to start it the same way that upstart is starting it
<jdstrand> smoser: ^
<smoser> that is how upstart starts it
<jdstrand> smoser: oh, no
<jdstrand> smoser: I remember, your /run/maas/dhcp /var/lib/maas/dhcpd don't have the right perms
<jdstrand> smoser: look at the standard dhcp perms and mimic those in your script
<zul> Daviey: vishy has some changes that he did for it as well which i want to incorperate
<zul> Daviey: anyways im out of here
<smoser> hm..
<smoser> maybe because /run/maas is root:root, but /run/maas/dhcpd is dhcpd:dhcpd ?
<smoser> ah. i see. i think
<jdstrand> smoser: I forget off hand-- look at the upstart job for what it needs to be
<ruben23> GUYS..?
<ruben23> HELP
<jdstrand> http://changelogs.ubuntu.com/changelogs/pool/main/i/isc-dhcp/isc-dhcp_4.2.4-1ubuntu7/changelog
<jdstrand> smoser: ^ look at 4.2.4-1ubuntu4
<jdstrand> smoser: sorry for only half-attending to you...
<smoser> jdstrand, thank you
<smoser> http://paste.ubuntu.com/1201566/
<smoser> yeah, leases file needs to be root:root but i was making it dhcpd:dhcpd
<jdstrand> smoser: cool, yeah, that was the problem with the upstart job before. gald it worked out :)
<jdstrand> glad even
<patdk-lap> ruben23, like always, start with the first issue, and move on
<patdk-lap> PHP Warning:  require(): open_basedir restriction in effect. File() is not within the allowed path(s)
<patdk-lap> fix that
<ruben23> patdk-lap: yes what you can suggest on that..?
<patdk-lap> google?
<patdk-lap> I really can't mind-read your server
#ubuntu-server 2012-09-13
<nov503> Hi, anyone can help me a little bit? I'm quite confused at what "commission" means and doesâ¦
<nov503> in MAAS, when I click "accept&commissioning", the nodes machine are in shutdown status..how can they commision with the server?
<grizcreative> need some help with torrentflux on ubuntu server, any takers?
<bigjools> nov503: it will power up the declared node (assuming you set power params properly) and have it send a message to the maas server before it shuts down
<nov503> bigjools: could you give me some keywords on this to search for?  should i use something like pxe?
<bigjools> nov503: you need to set the power parameters in the "edit node" page and then make sure the node is set to PXE boot
<bigjools> nov503: this page takes you through the process: https://wiki.ubuntu.com/ServerTeam/MAAS#Installation_and_initial_set-up
<nov503> bigjools: thanks for that! I'm looking at it
<bigjools> np
<slyboots> Hey, Anyone able to think of a reason why a ubuntu-server client would fail to have its hostname resolved by DNS?
<lifeless> if DNS isn't configured?
<slyboots> IT pulls a ip address from the DHCP server, I've got several other clients (windows, linux, freebsd)
<slyboots> And all work OK, they get the IP, and can ping other machines via their hostname
<slyboots> But this *one* box wont
<slyboots> I can ping other machines OUT from the box via their hostnames OK.  But no other machine on the network will accept its hostname
<slyboots> Hm, okay, it looks like its actually an issue with the DNS server
<mp__> is there a way to estimate the needed specs for cpu and hdd/ssd speed of a kvm server?
<patdk-lap> sure
<patdk-lap> estimate what everything on the kvm server will need
<patdk-lap> add up all the cpu requirements, add a percentage extra for kvm overhead
<mp__> i probably shouldn't have said "estimate"
<patdk-lap> estimate, know exactly, heh
<patdk-lap> when your talking about kvm/xen/lxc/..., it doesn't matter
<patdk-lap> whatever is installed in those kvm/xen/lxc/... is what will dictate what you need
<patdk-lap> kvm server will run happy on an core2duo with 256megs ram, on a usb stick
<patdk-lap> but your kvm guests probably won't be so happy
<mp__> tell me more about happy kvm guests
<nov503> hi, anyone can use avahi boot successfully ? https://wiki.ubuntu.com/ServerTeam/MAAS/AvahiBoot
<nov503> i tried this, but the client machine just run into a console
<bigjools> did you not get the option to "install with MAAS" ?
<uvirtbot> New bug: #1050185 in maas (main) "dhcpd.conf is not updated after dpkg-reconfigure maas" [Undecided,New] https://launchpad.net/bugs/1050185
<nov503> bigjools: noâ¦i don'tâ¦there is just some output of normal linux boot info
<bigjools> nov503: ok it's possible that it can't see your maas service then, is it running and on the same subnet?
<nov503> i think so, they can ping each other
<nov503> bigjools: looks like this guy has the same problem
<nov503> https://lists.launchpad.net/maas-devel/msg00312.html
<bigjools> that doesn't necessarily mean they are on the same subnet
<bigjools> or that maas is running
<bigjools> nov503: no it's a different problem
<nov503> they have the same ip prefix, i don't know how to make sure maas is running though
<nov503> i used the cd install, install from mass server, they can find that server and enlist itself
<bigjools> ok
<bigjools> I am not sure then, sorry.  I've not personally done anything with Avahi so you might want to post a question on the mailing list yourself
<nov503> bigjools:  thanks for help. Sure, i can do that. Or maybe I can try the dhcp way
<bigjools> yeah that will work for sure
<bigjools> just pxe boot it
<nov503> bigjools: what i'm thinking is set the next_server to the maas master in the existing dhcp server.
<bigjools> correct
<nov503> bigjools: but i've already installed maas-dhcp in the maas server, do i need to remove it?
<bigjools> no, just reconfigure
<bigjools> assuming no other dhcp server is running on your network
<nov503> hmmâ¦there is one running, i want to use that one
<nov503> and set that one's next_server to the maas server
<nov503> instead of making maas server take over the dhcp
<bigjools> ok then uninstall maas-dhcp
<nov503> thanks, do i need to remove dhcpmasq then?
<bigjools> no
<nov503> ok, hope that can work! I will try it tomorrow
<nov503> many thanks for the help!
<bigjools> np
<tazmania> some help with php on my ubuntu server 10.04LTS.  Apache2, html/s, and cgi are working fine except for php.  I keep getting prompt to download the php file instead of showing on the page.
<tazmania> I have visited many faqs on setting up php on ubuntu server
<Daviey> Ugh, python-quantumclient depwait on clifftab .. adam_g / zul
<Daviey> (in Precise PPA)
<sisteczko> Welcome. After upgrade 10.04 -> 12.04 I suffer problems with my Linux Software Raid array. Does anyone here could try to troubleshoot the problem?
<sisteczko> Most relevant information should be on http://askubuntu.com/questions/186666/mdadm-fails-after-10-04-12-04-upgrade
<uvirtbot> New bug: #1050211 in bind9 (main) "(CVE-2012-4244) bind9: specially crafted resource record causes named to exit" [High,Confirmed] https://launchpad.net/bugs/1050211
<ae01> I'm need some help.
<ae01> Could you pls.
<ae01> http://ubuntuforums.org/showthread.php?t=2057140
<ae01> Hello
<sisteczko> ea01: Not an answer to you question, but the line "sudo chmod +x openerp_6.1-latest-1_all.deb" is not needed.
<sisteczko> ae01: Please explain what to you mean by "This code before I'm copying from my preseed"? It is not English enough ;-)
<linocisco> As I have no internet at home. I run ubuntu guest on vbox at work where I could use internet .Some times I tried to copy /var/caches/apt/archives to USB flash drives and take it home and on my home ubuntu server, I tried dpkg -i *.* but got error always. that is not helpful for me. It is not easy to use aptonCD everytime to waste CD daily
<Daviey> ugh. http://tools.ietf.org/html/rfc6648
<linocisco> what is quantal-server?
<linocisco> is it different server?
<Jeeves_> Newer (beta) versino
<linocisco> next beta version of ubuntu server 12.04 x.x.x ?
<dax_roc> Should dnsmasq be installed on 12.04 upgrade, or is it present on Desktop only ?
<linocisco> i installed ubuntu desktop 12.04 on vbox and install required packages and copy from its /var/cache/apt/archives to USB flash drives and take it home to install on my ubuntu server 12.04 with no internet access. I installed by using dpkg -i *.* and got many errors. no packages were installed
<dax_roc> rip resolvconf out and install dnscache I think.
<mp__> will i face performance issues connecting sata-6 hdds to sas 2.0 interfaces?
<Daviey> roaksoax: hey, in Quantal -  o maas-provision: maas-provision maas-provision-common python-maas-provision isn't seeded.. We probably need to make them transitional and seeded
<linocisco> what is the meaning of seeded?
<Daviey> linocisco: each ubuntu flavour has a seed, which is an index of packages it cares about, and supports.  This lists is evaluated to also include it's dependencies, using a tool called germinate.
<riz0n> Hello. I have Ubuntu Server 12.04 with Postfix,Dovecot,Spamassassin,Clamav,and Amavis. Can someone tell me where I can edit the rules? The filter sets SPF_FAIL to 0.919 and I would like to set it to something like.... 10 ;)
<riz0n> I have my filter cut-off at a level 3, but some still pass through and I see that they all have the same SPF_FAIL similarity. SPF records has been an adopted standard for many years now. If the host doesn't have a valid SPF record, then I want to score the message high enough for the Spamassassin/Amavis to flag it as spam.
<linocisco> Daviey, Seed, germination. those sound like I am learning Botany. Who gave those kind of names?
<IamTrying> Hello
<IamTrying> I have two virtual host for ubuntu and its apache package.
<IamTrying> Very odd in my Red hat enterprise linux / CentOS / Fedora it works like cake.
<IamTrying> But in Ubuntu 12.04 its a nightmare
<IamTrying> Here is some dump: https://gist.github.com/3713062
<IamTrying> Now when i browse http://site1 it goes to /var/www/html
<IamTrying> Where it should be going to /var/www/html/site1/public
<IamTrying> Its not doing that
<IamTrying> Beside that i made sure also: $ a2enmod rewrite ; /etc/init.d/apache2 restart # still same problem exist. but no error throwing now.
<IamTrying> How can i resolve this plz?
<uvirtbot> New bug: #1050351 in lxc (universe) "lxc-start-ephemeral suppresses command exit status" [Low,In progress] https://launchpad.net/bugs/1050351
<IamTrying> uvirtbot, is this the bug related to my query?
<uvirtbot> IamTrying: Error: "is" is not a valid command.
<IamTrying> OK - you are Mr. Bot. Is there anyone alive here. Is this a dead channel or what? Hello Launch time, i hope you dont mind to throw some alphabets on my ubuntu apache journey.
<IamTrying> Never mind, dead room.
<xnox> IamTrying: you should not use *:80 in all stanzas
<xnox> IamTrying: that will fail
<xnox> IamTrying: use site1:80, site2:80 and it will work
<xnox> IamTrying: do not have a default *:80 "catch-all" cause it will catch _all_
<IamTrying> OK - xnox. IC now. great help.
<IamTrying> OK - it was catching all yes
<xnox> IamTrying: read apache docs ;-) $ sudo /etc/init.d/apache2 restart
<xnox> is "debian/ubuntu" way of restarting apache, it will check the syntax and bail to restart if syntax is wrong
<IamTrying> OK - problem is resolved thanks to your site1:80 vs *:80 theory.
<IamTrying> Thanks a lot xnox
<patdk-lap> xnox, that restart was true only before upstart
<xnox> patdk-lap: apache2 will not be converted to an upstart job anytime soon, because of all the things it can do apart from simply starting/stopping apache daemon
<xnox> patdk-lap: apache2 is still an init script ;-)
<patdk-lap> well, as long as it's not an upstart script
<patdk-lap> but service works for both :)
<roaksoax> Daviey ok i thought the plan was tondrop them from the archive but will do
<Daviey> roaksoax: hmm, ok.. depending if we do the feature SRU, we might still need it?  changing the contents?  if not, we should probably Replaces: ?
<Daviey> roaksoax: if you raise a removal bug, i'll happily process that.. but just make sure you have worked out both the upgrade plan and potential SRU handling
<roaksoax> Daviey it replaces/conflicts with maas-provision and that unintalss maas-provision only
<roaksoax> Daviey  that doesnt uninstall -common or python-maas-provision but if they are dropprd from the atchive we will be good
<roaksoax> or should at leaeast
<roaksoax> both cjwatson and slangasek recomended that if it was to be removed
<roaksoax>  but i will check again with them
<Daviey> roaksoax: hmm, just dropping them from the archive won't help it get removed from peoples machines
<roaksoax> Daviey on upgrade they would if they are gone from the archive wouldnt they? how could we test that in reality?
<sazawal> My filesystem is showing I have 9.6 GB free and 5 GB available on / partition. As well as 21.3 GB free and 2.8 GB available on another partition. Doesn't it looks like Ubuntu is reserving too much space for root?
<fidel> hi - i just realize imapsync is gone in 12.04. anything else you can recommend if i want to copy several accounts from 1 server to another
<fidel> imapcopy might be an option right?
<sazawal> My filesystem is showing I have 9.6 GB free and 5 GB available on / partition. As well as 21.3 GB free and 2.8 GB available on another partition. Doesn't it looks like Ubuntu is reserving too much space for root?
<xnox> sazawal: by default we install single partition.... did you manually partition?
<sazawal> xnox, yes I did
<xnox> sazawal: ..... ext4 defaults is 5% reserve
<sazawal> xnox, Is it okay, if I move all the reserved space to available space in other partition
<ogra_> you dont want to install any apps or so ?
<xnox> do you want /var/log/* to kill your server ?!
<sazawal> xnox, yes but it is already doing that in root partition
<ogra_> you definitely want the space in /usr to install additional apps, space in /var for package caches and logs and space in /boot to carry the incrementing kernel upgrades
<ogra_> fi you can make sure all these are on the other partition you can indeed shrink your / partition
<demoo201> can anybody in the house help out on vpn route config on zentyal server
<demoo201> can anybody in the house help out on vpn route config on zentyal server
<demoo201> can anybody in the house help out on vpn route config on zentyal server
<demoo201> can anybody in the house help me out on vpn route config on zentyal server
<Daviey> demoo201: no. bencer might.. but please stop asking.
<demoo201> sorry when i didnt get any response from anybody
<bencer> demoo201: you might ask on #zentyal
<demoo201> alright thanks
<bencer> demoo201: usually if nobody replies means that they don't know or they are busy
<bencer> make you question and wait patiently :)
<demoo201> am sorry i will be right back pls
<zul> good morning
<hallyn> stgraber: all right, 3 fixes queued in ubuntu:lxc.  looking back over the list for other lightweights
<hallyn> stgraber: do you agree we need FFE for the upstartify change, or can we call that a bugfix (since it fixes a delay on 'stop lxc')?
<hallyn> stgraber: oh!  pls try the ubuntu:lxc, and tell me if the init msgs going to console is going to upset ppl.
<stgraber> hallyn: I think we'd need a FFe for the upstartify change
<hallyn> stgraber: ok.  let's just hold off on it then.  there's enough to worry about
<hallyn> huh.  my screen just went black for 3 secs, then came back
<stgraber> hallyn: just went through the diff in ubuntu:lxc. For kmsg, I'll had to test to see how annoying it's but I'm more worried by things outside upstart logging to kmsg
<hallyn> stgraber: well right now they end up just printing to /dev/kmsg as a file
<hallyn> so i think this is an improvement
<hallyn> (/dev/kmsg device node doesn't get created by debootstrap apparently)
<stgraber> hallyn: agreed
<hallyn> hm, no, in an older quantal container it was created as a chardev.  but in others not.  how in?
<stgraber> hallyn: I'm pushing a small apparmor change to ubuntu:lxc
<stgraber> hallyn: I'll then go look at the staging git for other bugfixes we should include
<hallyn> ok
<stgraber> hallyn: did you have a chance to fix that shutdown() bug yet?
<hallyn> stgraber: no.  lemme do that right now.
<hallyn> did you want to grab the mp in https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1050351 ?
<uvirtbot> Launchpad bug 1050351 in lxc "lxc-start-ephemeral suppresses command exit status" [Low,In progress]
<stgraber> hallyn: probably. I'll look at it and fix in both shell and python version
<stgraber> hallyn: merged wgrant_'s branch
<hallyn> stgraber: ok.  (hence my failed push :)
<hallyn> that's for lxc-start-ephemeral?
<stgraber> hallyn: yep
<wgrant> stgraber, hallyn: Thanks.
<hallyn> stgraber: i'm going to re-fetch, apply debdiff, and push.  are you not modifying it for the next 5 mins?
<stgraber> hallyn: when you have a sec, I have a few commits in https://github.com/stgraber/lxc/commits/master that I'd like to see pushed to the staging branch (would be good to have your changes in git too)
<stgraber> hallyn: I'm not touching bzr for the next 5 mins
<donspaulding> I need to transfer over 100,000 files from a server with a full disk over the network to a server with a larger disk.  I can't seem to get the netcat incantation right.
<donspaulding> On the receiving end, I run this:   nc -l 3452 | bunzip2 -vvv | tar -x
<hallyn> stgraber: yes, i have several changes to push too.  will lookat yours right now.  (just pushed bzr)
<donspaulding> On the sending end, I run this:  tar -c new/|bzip2 -vv9|nc bigbox1 3452
<hallyn> stgraber: do you think i should add ecryptfs mounts to lxc-start next to your overlayfs ones?
<stgraber> hallyn: that sounds like a good idea, yes.
<donspaulding> However, both terminals just sit there with a "stdin: " prompt.
<donspaulding> If I type into the receiving ends stdin: it echoes to the sending end.
<donspaulding> Anyone know what's going on?
<hallyn> stgraber: looks good, pushing
<stgraber> hallyn: cherry-picked all the python-lxc fixes from upstream.
<hallyn> stgraber: and put them where?
<stgraber> hallyn: do you think we should replace test.py by the new examples/api_test.py
<stgraber> hallyn: ubuntu:lxc
<hallyn> i'm goign to now take my pending ubutnu:lxc patches and push them to my github tree for you to review
<hallyn> uh, sur
<hallyn> sure
<hallyn> well, what's the advantage?
<hallyn> tbh i'ts a bit terse to be an example
<stgraber> well, test.py just contained a bunch of commands, api_test.py at least uses everything that's in the API
<hallyn> perhaps an ultra-simple 'create-and-run-container' python script would serve as a godo example
<hallyn> true
<hallyn> ok, then, sure why not :)
<hallyn> but i'm thinking "take this command and run it in a freshly created precise container".  without any cloning.  ultra-simple but prehaps useful to someone, and helpful
<stgraber> hallyn: pushed one more commit to my branch for when you have a sec (cleanup of api_test, will be included in ubuntu:lxc)
<hallyn> stgraber: hm, i'm not happy with how my cherrypicks are leaving history.  'git log staging..stgraber' is showing commits which exist in staging.
<hallyn> anyway, pushed
<stgraber> hallyn: yeah, I noticed that before, I usually just pull a clean copy of the upstream branch once everything's been merged to clean that up
<hallyn> stgraber: oh, *that* is why i thought lxc.mount parsing had been fixed.  it's fixed upstream, but we haven't merged that bck in yet
<hallyn> my kingdom for a release :)
<hallyn> stgraber: can you review github.com/hallyn/lxc #staging and push to lxc/lxc if it looks ok?
<hallyn> i think everything else we have patched in ubuntu:lxc is reflected in github
<stgraber> hallyn: ok, doing that now
<stgraber> hallyn: we have the double-fork code in ubuntu:lxc right?
<hallyn> stgraber: ypu, commit 098d04a4b45daabf7cb5a98e7d02531aa96fbd6d
<hallyn> stgraber: are we content with putting things into github and not separately sending email?  or should we, once we're hapy, do a git-send-email for the last week's patches of so?
<stgraber> hallyn: I'm fine with just doing stuff on github, if we see that believe want more notifications we can always have the staging branch send e-mails to lxc-devel
<stgraber> hallyn: cherry-picked the 3 commits from your branch
<stgraber> hallyn: you added ecryptfs only to abstractions-lxc-start-container, not to abstractions-lxc-start-container.in. Fixed that for you, otherwise it'd have got lost at build time :)
<hallyn> stgraber: Gah.  thanks.  i didn't realize we had a .in file for that
<stgraber> yeah, multi-arch path
<stgraber> which is actually kind of wrong...
<stgraber> if you have a setup with an amd64 host, i386 container and i386 nested containers, apparmor will fail
<stgraber> as it's going to be the profile on the host that'll have to cover everything and the second level of containers will use /usr/lib/i386... and not /usr/lib/x86_64...
<stgraber> hallyn: do you see any problem in just changing that to -> /usr/lib/*/lxc/ ?
<hallyn> stgraber: i don't.  but is there a better place to put that?
<hallyn> that's just for the mount targer reight?
<hallyn> ^ 'mount target, right?'
<uvirtbot> hallyn: Error: "'mount" is not a valid command.
<stgraber> mount target and pivot target yeah
<hallyn> ideally we could have a different path, with sub-paths, so i can mount ecryptfs path to /whatever/lxc/ecryptfs and then mount that to /whatever/lxc/root
<stgraber> indeed. I'm also tempted to say that this really should be /var/lib/lxc/<name>/mount/ or something similar so it's per-container and not likely to race when starting a lot of them
<stgraber> possibly with a matching config key to support using an alternate path if the admin doesn't want to use /var for that
<hallyn> stgraber: the only thing that could race is the pre-start hook (which shouldn't do mounting)
<hallyn> stgraber: bc we use the the mounts are done in a separate ns
<hallyn> stgraber: maybe this is worth discussing at uds
<hallyn> and leaving as is for now
<stgraber> hallyn: well, it'd get racy if you start creating directories outside of the rootfs
<stgraber> hallyn: but yeah, probably worth discussing at UDS
<stgraber> hallyn: for now I just pushed the change to allow /usr/lib/*/lxc/
<hallyn> stgraber: cool
<hallyn> yes - creating directories would be racy :)
<hallyn> stgraber: but my main prblem right now is that lxc-ls shows 'ecrptfs-root' and 'ecryptfs-root.hold' as containers :)
<hallyn> hm.
<stgraber> well, lxc-ls is pretty stupid... I'll fix that :)
<stgraber> it really should only list /var/lib/lxc/*/config
<hallyn> well no - actually that proves that what i'm doing is wrong
<stgraber> oh, yeah, and you should have these directories under the container directory in /var/lib
<hallyn> the ecryptfs root does have to be in /var/lib/lxc/container/ bc the .hold file will cause a problem with >1 ecryptfs containers
<stgraber> not directly in /var/lib/lxc
<hallyn> yeah, i didn't do it for apparmor reasons
<hallyn> we need a way to say "you can only mount under /var/lib/lxc/@container@/**
<hallyn> errand - bbl
<stgraber> hallyn: well, that's in the start-container profile right? if so, I'd go with just allowing mounts in /var/lib/lxc/*/
<stgraber> hallyn: what we really care about is what you can do from within the container, I don't think we should spend too much effort trying to restrict lxc-start as it's running outside the container and as root anyway
<hallyn> stgraber: ok let me fix that then.  were you planning to push new pkg soon?
<hallyn> stgraber: i'll open a new bug for it
<stgraber> hallyn: I think we have enough things in there now that we probably should upload today once all the remaining fixes are in there (still scanning the upstream branch, but it's looking good so far)
<hallyn> stgraber: ok if you're happy with your fixes, i can push once i get the ecryptfs fix in
<stgraber> hallyn: test build finished here, so at least I didn't break anything with the few files I've been moving/removing in there. I just finished going through the git branch and I think we're good, didn't see anything relevant to cherry-pick
<stgraber> hallyn: so go ahead with the upload once you're done fixing ecryptfs
<hallyn> stgraber: ok  (i'll do a lxc-test run first)  will wait until after lunch
<hallyn> stgraber: actually i'd appreciate your review of the ecryptfs fix (still working on it)
<uvirtbot> New bug: #1050469 in lxc (universe) "cannot use more than one ecryptfs container" [High,In progress] https://launchpad.net/bugs/1050469
<stgraber> ok
<hallyn> what?  how cna the tree have diverged?  ijust pulled it :)
<stgraber> hallyn: last revision I pushed was 156
<stgraber> seems like that's still what's in the tree
<hallyn> stgraber: oh no, you broke build :)  sed: can't read debian/apparmor/*.in: No such file or directory
<hallyn> stgraber: should we keep that loop (and fix when it's empty) or remove it?
<hallyn> (pushed the ecryptfs fix for nwo)
<hallyn> well i'll just remove the loop for now
<stgraber> hallyn: doh, not sure why I didn't get that one :)
<stgraber> hallyn: thanks for fixing it
<hallyn> stgraber: pushed, will test and push after lunch.  ttyl
<uvirtbot> New bug: #1050459 in requests (main) "Dependency typo (python-urrlib3 instead of python-urllib3)" [Undecided,Fix released] https://launchpad.net/bugs/1050459
<marcfp> hello
<marcfp> i had installed ubuntu 12 and apache with mysql and phpmyadmin too
<marcfp> when i try to see my  homepage wichone is maked using php, i only see a blank page, can somebody help me, please ?
<marcfp> but if i want see info.php, wichone contain <? phpinfo(); ?> it shows the php page ...
<marcfp> can somebody help me, please ?
<RoyK> marcfp: you probably need to install libapache2-modphp
<marcfp> RoyK: libapache2-modphp ?
<marcfp> i think that i had installed it
<RoyK> libapache2-mod-php5
<RoyK> that is
<marcfp> RoyK: libapache2-modphp ?ii  libapache2-mod-php5   ?
<RoyK> and perhaps reload or restart apache
<marcfp> it is installed
<marcfp> RoyK: i had make service apache2 reload and /etc/init.d/apache2 reload
<marcfp> sorry, reload no, restart :S
<RoyK> restart should be quite sufficient
<RoyK> marcfp: which distro version is this?
<marcfp> RoyK: ubuntu 12
<RoyK> 12.04, then, I guess
<jacobw> hi, i'm having a problem with using koan with cobbler
<RoyK> marcfp: check /etc/apache2/mods-enabled
<RoyK> ls that dir
<RoyK> is php5 there?
<marcfp> /etc/apache2/mods-enabled/php5.conf  /etc/apache2/mods-enabled/php5.load
<RoyK> should work, then
<marcfp> there are these
<marcfp> but it doesn't work :(
<jacobw> http://paste.ubuntu.com/1203012/
<RoyK> marcfp: try changing that to <?php ...
<jacobw> my problem seems similar to this bug, which is marked fix released as of 2012-01-18
<marcfp> RoyK: if i make a new page named "prova.php" and i gonna access to http://localhost/prova.php, i gonna see the page of php information :S (excuse my english mistakes)
<RoyK> marcfp: did you try <?php ?
<marcfp> i'm goona try it
<jacobw> bug #918286
<uvirtbot> Launchpad bug 918286 in cobbler "koan: [precise] Wrong install location?" [High,Fix released] https://launchpad.net/bugs/918286
<marcfp> RoyK: it makes the same
<marcfp> :(
<RoyK> marcfp: I just tested on this 12.04.1 install where I didn't have php5 installed - installed libapache2-mod-php5, reloaded apache, created a test page http://smilla.karlsbakk.net/phptest/
<marcfp> RoyK: i'm using Ubuntu/Linaro 4.6.3-1ubuntu5
<RoyK> marcfp: on arm?
<marcfp> RoyK: i'm using virtualbox :S
<marcfp> RoyK: no, on amd ahtolon II x4 640 processor
<marcfp> intel
<marcfp> ie85
<marcfp> i386, sorry :s
<RoyK> marcfp: I guess #linaro may be better then
<marcfp> linaro ?
<RoyK> 18:56 < marcfp> RoyK: i'm using Ubuntu/Linaro 4.6.3-1ubuntu5
<marcfp> what is it ? (sorry for my dummy question, but i don't know what is it :S)
<marcfp> ups
<marcfp> :S
<marcfp> RoyK: thank's to you :)
<RoyK> np :)
<marcfp> i had joined into this channel ans asked for my problem :) thanks
<hallyn> stgraber: tests passed, pushing to q
<RoyK> Some redhat guys at work tells me "redhat solves most bugs, and canonical/ubuntu hardly solves any, but relies on other people's work" Is there anything true about this? If not, where can I find references?
<hallyn> RoyK: i'm sure there's a channel more appropriate for that discussion.  #ubuntu maybe.  not sure.
<hallyn> oh, hm, didn't run examples/api_test.py.  belatedly doing so now
<ogra_> RoyK, yeah, indeed, w're all slackers, we only import the debian packages, twiddle thumpbs for 6 months and make a release ;)
<ogra_> the redhat guys have a really deep insight into canonical ... they definitely know how we work ;)
<RoyK> ogra_: really, I wasn't trying to blame anything or anyone
<ogra_> RoyK, i wasnt referring to you but to the RH guy ;)
<ogra_> *guys
<RoyK> ogra_: I've been using debian/ubuntu for rather a few years (debian since 1998 or so, later ubuntu), I just wanted to know if anyone had any docs about htis
<rmk> RoyK: Let this person check out all the Ubuntu launchpad bugs and responses.
<rmk> RoyK: There are thousands of issues where various people have responded with patches, created PPAs with the fixes, etc.
<ogra_> RoyK, docs about RH people spreading FUD ? i doubt there are any
<RoyK> dunno - perhaps this wheenie is just spreading FUD because he likes things the old way :P
<ogra_> the old way?
<RoyK> the redhat way, meaning the old way, how things have been at this facility for some time
<ogra_> you think dropping /usr, replacing init etc is the "old way" ?
<ogra_> (or defaulting to a tmpfs for /tmp to include the last insanity)
<RoyK> dunno
<RoyK> I'm not trying to start an argument here
<ogra_> i know, me neither ...
<ogra_> but the above is clearly FUD
<ogra_> ask them for docs and numbers first ;)
<RoyK> will do. this guy probably has asberger's or worse
<RoyK> so it's a bit hard to discuss things with him
<marcfp> see you
 * patdk-wk hasn't seen rhel fix bugs, normally I have to look elsewhere
<ogra_> there are plenty of such guys in the RH world ... *cough*lennartOS*cough*
<marcfp> i'm download ubuntu-server distro now
<patdk-wk> I have seen both fedora and ubuntu upstream bug fixs
<ogra_> right
<patdk-wk> bug fixs relevent to me :)
<marcfp> and i will install it
<RoyK> marcfp: probably safer ;)
<ogra_> so claiming such a thing without providing any numbers or docs proving it is pure FUD
<RoyK> marcfp: stick to the LTS releases for servers
<patdk-wk> I'm also sure ubuntu patchs get covered up, between the upstream to debian then up to the kernel/lib/...
<marcfp> stick ?
<marcfp> mmmm
<marcfp> one moment :S
<marcfp> i don't know what stick means
<RoyK> marcfp: what I mean, is use LTS releases (12.04 is the latest, 14.04 will be the next) for your server(s)
<RoyK> marcfp: the versions between won't be supported very long, but LTS releases are supported five years
<RoyK> !lts
<ubottu> LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server; with the exception of 12.04 (Precise Pangolin), which will be supported for 5 years on the desktop. The current LTS version of Ubuntu is !Precise (Precise Pangolin 12.04)
<patdk-wk> unbetween releases are only supported for 18 months
<RoyK> non-LTS-releases, like the upcoming quantal 12.10 release, are supported only 18 months
<RoyK> yeah, as patdk-wk said
<patdk-wk> inbetween :)
<patdk-wk> no wonder that looked odd to me
 * patdk-wk open eyes, where is the caffeine
<RoyK> unbetween \o/
<RoyK> reminds me of a brilliant book by Neal Gaiman, Neverwhere
<hallyn> jamespage: are you around?
<RoyK> (and if you're interested in that book, don't do the major mistake of downloading and watching the tv series, they suck rather badly)
<hallyn> jamespage: wondering if we can try one last time to chat about the blueprint item:
<hallyn> Provide a test to check the status of the VM after upgrade (nested VM's)
 * patdk-wk would love a movie trilogy of otherland
<slyboots> Uh..
<slyboots> Anyone know why Ubuntu-server would keep running Dhcpd requests when I've set the entry in /etc/network/interfaces to static?
<slyboots> Its really screwing things up..
<slyboots> (12.01)
<stgraber> hallyn: cool, thanks for the upload.
<RoyK> slyboots: probably 12.04?
<slyboots> Yes, sorry, 12.04
<stgraber> hallyn: do you already call src/python-lxc/examples/api_test.py in lxc-test? if not, that should be a good addition
<RoyK> slyboots: pastebin /etc/network/interfaces, please
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<patdk-wk> slyboots, did you reboot, or use ifdown/ifup?
<RoyK> or /etc/init.d/networking restart ?
<slyboots> networking restart, then when it kept happinging I used ifdown/ifup
<RoyK> maybe dhcpcd is still alive?
<uvirtbot> New bug: #1050523 in maas "maas kernel cmdline must include iscsi_initiator" [Undecided,New] https://launchpad.net/bugs/1050523
<marcfp> see you
<hallyn> stgraber: no, i don't.  good idea
<stgraber> hallyn: in theory, if something goes wrong it'll trigger one of the asserts in it causing the script to return non-zero
<slyboots> Okay, set a kill signal to dhcpd, with luck that'll sort it
<hallyn> stgraber: done, works like a charm :)
<theguywithanaxe> Hey
<theguywithanaxe> got a quetion for you guys, i have a dual nic on a server and was wondering how i could or if i could use the servers second nic to connect a PC through it to the internet
<theguywithanaxe> i've seen somepages on proxy forwarding but im not sure if im headed in the right direction
<JanC> theguywithanaxe: somebody else asked the same question on AskUbuntu... http://askubuntu.com/questions/177985/natting-in-ubuntu-server
<theguywithanaxe> ty
<Korsakof> Hi! Anyone knows if LVM on a whole disk is considered aligned from a SAN point of view?
<theguywithanaxe> how do you save with the VI editor?
<theguywithanaxe> im used to nano write outs lol
<slyboots> :w
<Korsakof> escape, :w
<RoyK> theguywithanaxe: run vimtutor ;)
<RoyK> Korsakof: depends on the SAN system
<RoyK> Korsakof: most high-end SANs have thin provosioning and spread out the blocks on whatever spindles they have
<Korsakof> RoyK: netapp (ontap) with vSphere 5
<RoyK> Korsakof: then just don't think about it - it might be good to change the i/o scheduler, though, but my tests show no significant difference between them
<RoyK> some say "use noop", some say "use deadline", cfq is the default, but I'm not sure if that's optimal for such storage
<RoyK> cfq does more than a few tricks to sort things according to disk layout
<RoyK> that's not what you want when storage is outside of linux' reach
<RoyK> deadline is pretty basic, and should work well
<RoyK> noop is the most basic of them, just bash out all i/o to the device and let it do its thing, maybe better for some setups
<Korsakof> RoyK: Thanks! The guy that is in charge of our SAN keeps telling us that we need to align the partition in our vmdks.
<nov503> hi, when I run maas-import-isos, it says : httpd does not appear to be running and proxying cobbler. Anyone has any ideas please?
<RoyK> Korsakof: there probably isn't a reason to do so
<Korsakof> The tool mbrscan is able to view normal partition table and tell if its aligned or not but it does not detect lvm on a whole disk...
<Korsakof> :)
<Korsakof> I'm not really surprised to hear that :)
<RoyK> thing is, virtualized storage is another cup of tea than working with physical drives
<nov503> when i run sudo cobbler check, it says httpd does not appear to be running and proxying cobbler. as well
<RoyK> nov503: check the apache logs
<uvirtbot> New bug: #1050559 in cyrus-sasl2 (main) "Sync cyrus-sasl2 2.1.25.dfsg1-5 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1050559
<theguywithanaxe> yeah that link is  nott helping lol
<theguywithanaxe> it sights baad argumments and all the commands are not listed correctly
<koolhead17> Daviey, ping ping :)
<koolhead17> adam_g, zul hellos
<Daviey> koolhead17: hey
<koolhead17> Daviey, need you permission sir
<Daviey> permission to ask a question?
<Daviey> granted
<theguywithanaxe> dnsmasq setting to hand out IPs in a range for a network? not sure what im supposed to uncomment
<aarcane> I've just installed ubuntu server, and for some reason, the command chattr +i somefile is not working for any value of somefile.  lsattr is failing similarly with Operation not supported While reading flags on
<aarcane> it's an ext4 system, so I know it SHOULD work.  it just doesn't.
<theguywithanaxe> huh
<nov503> Hi, I've seen this problem and solutionâ¦does anyone know how to sync the clock for the node?
<nov503> https://bugs.launchpad.net/ubuntu/+source/maas/+bug/992075/comments/2
<uvirtbot> Launchpad bug 992075 in maas "Commissioning status persists with cloud-init 0.6.3-0ubuntu1" [Undecided,Confirmed]
<nov503> I've solved that, thanks
<nov503> Hi, when I run pxe booting, my slave machine falls into a shell when commission, and the commission status persists. The apache log says nothing, any one know where the problem may be in?
<nov503> Hi, anyone saw this problem before? from syslog in.tftpd[5655]: tftp: client does not accept options
<ogra_> whats the problem with it ?
<nov503> when i pxe boot the maas slave(commission), it just fall into login promt
<ogra_> well, that message is perfectly normal
<nov503> and another message is tgtd: conn_close(101) connection closed, 0x2440ec8 1
<nov503> and it never finishes commssion
<ogra_> well, i have not much knowledge about maas, but if you actually only have these two messages i would go with the second one :)
<nov503> thanks for that ! let me search more for itâ¦
<ogra_> the first one is just tftpd informing you about the clients features
<ogra_> (or non-features)
<nov503> make sense, thanks!
<Kentos> Hey everyone
<Kentos> running into some troubles with connecting through my server to the internet through its second NIC
<uvirtbot> New bug: #1050663 in openssh (main) "Weird key bindings in vi in an ssh session from 64bit to 32bit" [Undecided,New] https://launchpad.net/bugs/1050663
<nov503> Hi, I can't finish the node commission, and the log of /var/log/cloud-init is : searching for data source in ['datasourceNoCloud', []]'datasourceconfigdrive', 'datasourceOVF'] and didin't find them
<nov503> does anyone have any ideas?
<Kentos> anyone able to help with connecting my pc through my server's second NIC to the internet (which should be on 1st NIC)
#ubuntu-server 2012-09-14
<Kentos> anyone knoww how this might be done?
<ChmEarl> Kentos, did you configure the 2nd NIC in */interfaces?
<Kentos> Earl- yes i did, but im not sure what the proper settings are
<Kentos> ive tried many things, even gone through some dhcp set ups to autconfigure the ip for the machine im trying to connect to it. however i dont seem to be making progress
<Kentos> the machine has a remote access controller, maybe i need to configure this?
<savid> Hi, I've adjusted /etc/network/interfaces to add a sub-interface to eth0.  When I run "sudo restart networking", I get "restart: unknown instance:".  When I run "sudo start networking", I get "networking stop/waiting".  Any ideas how I can find out what's going on?
<ae01> Hi,
<ae01> I'm need some help about ubuntu server.
<ae01> Could you help me please.
<patdk-lap> I would, but I have no idea what you need cause you forgot to include that info
 * patdk-lap hands ae01 a lolipop
<ae01> thank
<ae01> http://ubuntuforums.org/showthread.php?t=2057140
<ae01> that my problems
<ae01> I'm need to modify ubuntu server for OpenERP
<patdk-lap> dunno anything about erp or python
<ae01> I'm need to modiyf like a shell script.
<ae01> I'm will modify preseed again.
<ae01> I'm ready for install a pre-package.
<ae01> Could someone help me pls?
<ae01> I will leave.
<nov503> Hi, is there any way to automatically sync time with a ntp server when node commission?
<ruben23> hi guys how to check the version of my kernel headers on my ubuntu server.?
<ruben23> how to display it..?
<Kobayashi> http://www.ubuntuka.com/how-to-find-out-ubuntu-version/
<Kobayashi> uname -a
<uvirtbot> New bug: #1050719 in lxc (universe) "lxc.hook.* not working" [High,Triaged] https://launchpad.net/bugs/1050719
<Kentos> anyone able to help me with some networking issues?
<linocisco> hi all
<linocisco> good morning
<mvp> morning
<linocisco> mvp,MVP= microsoft most valuable professional ?
<mvp> not exactly. im working as barista ;)
<linocisco> mvp, so what do you do with ubuntu server at your coffee bar?
<Kentos> is there a way to set my second NIC to act aas a gaeway to the internet connection on my firsst nic?
<ChmEarl> Kentos, is the box in datacenter?
<ChmEarl> ko
<linocisco> i think most of here are from USA. It is sleep time
<uvirtbot> New bug: #1050762 in bind9 (main) "obsolete config files of bind9 left after the oneiric 2 precise upgrade" [Undecided,New] https://launchpad.net/bugs/1050762
<uvirtbot> New bug: #1050765 in libcanberra (main) "obsolete config files of libcanberra-gtk-module left after the oneiric 2 precise upgrade" [Undecided,New] https://launchpad.net/bugs/1050765
<uvirtbot> New bug: #1050767 in libcanberra (main) "obsolete config files of libcanberra-gtk3-module left after the oneiric 2 precise upgrade" [Undecided,New] https://launchpad.net/bugs/1050767
<spidernik84> Hello, I need some suggestions regarding the virt-install script when installing a vm partitioned with LVM on top of a kvm host as well partitioned with lvm. There seems to be some conflict going on, because the ubuntu installer fails complaining that the lvm is already in use, which is not true. Anyone with the same scenario?
<balboah> Anyone happens to know how you can set rabbitmq-server not to only listen on ipv6?
<sebrock> what should I expect when doing a network upgrade from 10.04 LTS to 12.04 LTS? A world of hurt?
<sebrock> and why the .04 all the time? :)
<utnubu> weet iemand hoe je je internet settings op de server weer reset zoals bij een verse installatie?
<lordievader> utnubu: It is English here though.
<utnubu> does anyone knows howto reset the network settings on ubuntu server? im can't connect to the internet anymore, after adding a second network card
<lordievader> sebrock: Because it was released the 4th month.
<sebrock> ah :)
<ae01> I have some question about ubuntu server
<ae01> Could you plsà¹
<Kentos> gogo ahaed and ask,  nno sure if i can help bu someone might be able o
<ae01> http://ubuntuforums.org/showthread.php?t=2057140
<ae01> that my problems
<ae01> I will customize ubuntu CD
<Kentos> no familiar with script writting, doing what your trying to do i beyond me at leat, someone else might be able to help, its late though
<lordievader> Kentos: That depends on where you are, for me it is still morning.
<tsimpson> ae01: 1) don't chmod +x a .deb, it's not required. 2) #ubuntu-installer is better for the d-i stuff
<ae01> I'm living in Thailand.
<ae01> help me for develope my country.
<ae01> In Thailand is 4:00 pm.
<lordievader> ae01: I'd say follow tsimpson's advice.
<ae01> d-i preseed/late_command string ubuntu-installer openerp; in-target chsh -s /bin/zsh
<ae01> right or not?
<ae01> How to making automatics installation?
<ae01> next time will ask a question.
<ae01> bye.
<spidernik84> sebrock: I'm trying that upgrade procedure
<sebrock> spidernik84: tell me how it went
<spidernik84> it worked quite well but in 2 cases out of 3 the machine could not boot autonomously
<sebrock> I remember doing this way bay, and it was a headache
<spidernik84> I had to press shift and instruct grub to pick the kernel
<sebrock> elaborate please
<spidernik84> after you reboot, the machine randomly halt before booting, apparently when running grub
<spidernik84> if, instead, I intercept the boot by pressing shift
<spidernik84> I can see the grub menu
<spidernik84> pressing then enter
<spidernik84> the machine boots
<spidernik84> yet, sometimes it fails even by doing this. Could be a race condition or some hardware incompatibility
<sebrock> mmm
<spidernik84> this behavior happened two times after an upgrade
<spidernik84> one of the upgrades did not show this issue
<spidernik84> same machine
<sebrock> but grub instantiates before any kernel loads... so this has to do with your boot stuff alone
<spidernik84> exactly
<sebrock> yeah, I will probably hold of to the next LTS and do a complete reinstall
<spidernik84> yeah well, a clean install is always safer but not always feasible
<spidernik84> I'm about to upgrade 6 kvm hosts
<spidernik84> with around 20 vms on each
<spidernik84> not very happy at the idea of having a non booting machine
<spidernik84> 6x20... an easy calculation
<spidernik84> :P
<sebrock> hmmm
<pramodns> Hello All, I am trying to package apache 2.4 .. but i need to get it to use the same directory structure as the apache 2.2 ubuntu installation does
<pramodns> is there any place with a apache 2.4 package already? or is there a simple way to get it packaged that way?
<xnox> pramodns: debian experimental has apache 2.4 use that, as that is the future
<xnox> pramodns: and they changed the structure slightly. beware php is not compatible with apache 2.4
<pramodns> yes, i read about it..
<pramodns> I was hoping a recompile would fix it..
<pramodns> ill check the debian experimental , thanks xnox
<xnox> pramodns: no, 'recompile' will not fix it. mod_php needs porting & writing code. if you need php forget about apache2.4
<xnox> or use something like external fcgi
<xnox> but then you are better of with uwsgi and/or nagios
<xnox> nginx
 * xnox giggles at nagios
<pramodns> ok..
<pramodns> :) thanks
<RoyK> xnox: heh - nagios hasn't evolved much since the last seven years or so
<RoyK> !icinga
<xnox> RoyK: well icinga, kensai, shensai or whatever that japanese "multi-stuff" thing.....
<xnox> !nagios
<xnox> meh
<RoyK> xnox: I know, I've been using nagios/icinga/etc for 10+ years ;)
<feisar> hi, using kvm and vmbuilder on precise for the first time, is there any reason not to use amd64?
<feisar> (when building a new vm)
<Kentos> amd64 as the virtual proceor?
<feisar> yeah
<feisar> the vm is going to be a webserver
<Kentos> depend on your needs and what physical hardware you have
<feisar> I can't see it needing more than 3gb or ram any time soon
<feisar> just wondered if there is any reason _not_ to use amd64
<Kentos> i can't think of a great reaon not to, unless your hardware on the host is a 32bit proc, im not sure 64bit vcpu will be any more or less demanding on your proc though, I have heard webservers arent entirely demanding on proc but i'd ay if you want 64bit go for it
<feisar> thanks
<Kentos> just make sure to DL the 32bit libraries if you run 32 bit proceses
<feisar> right ok
<Kentos> i've run into some problems with that on a desktop version before, server might come with the library though
<alexlist> just installing my first maas instance. awesome job, server team! I've done manual cobbler instances for RH/Fedora in the past, and this service just rocks ...
<alexlist> however, I'm running my maas on a public IP, you might want to secure maas before q is released ...
<alexlist> https://bugs.launchpad.net/maas/+bug/975462
<uvirtbot> Launchpad bug 975462 in maas "add ability to use over https" [High,Triaged]
<Kentos> what is maa used for?
<Kentos> maas*?
<alexlist> maas is machine as a service
<alexlist> it runs an os provisioning service, you can pxe boot physical machines or VMs from it and they get the os installed that you configure in maas ;)
<Kentos> ahh, yeah ive heard it referenced but wasnt sure what hte application was
<alexlist> internally, it's using cobbler (I'm using 12.04 atm)
<Kentos> ahhh awesome
<alexlist> basically dhcp, dns, pxe, plus a very nice management interface
<Kentos> i was thinking about setting up some VMs, but i don't have a use for more 'servers' yet as far as webserving goes
<alexlist> You might want to consider LXC for that, but I haven't tried yet how well that works with Ubuntu Cloud (i.e. maas and juju)
<Kentos> but maas might be a nice thing to consider when i have multiple VMs i need to set up
<alexlist> the problem is that when you have multiple VMs, you have to manage them all. configurations, software updates (security is paramount on publicly exposed servers), ....
<Kentos> yeah, not really understanding of the whole 'cloud' thing, im just getting started in working with a server here, but I dont know what i would need a cloud for
<alexlist> In particular if you run dynamic stuff inside Apache modules ...
<alexlist> well... it's just  a nice marketing term for doing things right :P
<Kentos> lol
<alexlist> imagine you want to have failover in case your hardware dies
<alexlist> or reshuffle the load between physical servers
<Kentos> what sort of security should i look into for some webserver?
<alexlist> with a proper virtualization environment, you can migrate VM instances from one physical host to another with almost no downtime
<alexlist> but honestly, unless you're really big or have an established customer base, I doubt you have the economies of scale to compete with commercial cloud providers like Amazon EC2, Rackspace, ...
<Kentos> basically a multiple machine load balancing and failover to keep it running
<alexlist> it's more than that
<alexlist> from the user perspective, all data is stored somewhere on the net
<Kentos> ahh well i will look into the clouds more when the sun rises
<alexlist> I see it more from an admin perspective... the ideal sysadmin is like an insurance policy: it's best if you don't need him, and it's best if you don't notice his work ...
<alexlist> sun was bought by oracle ;)
<Kentos> lol
<alexlist> re webserver security - I guess there are many many articles on that, way better than what I can tell you ;)
<alexlist> The most important thing is to isolate different environments and keep software up to date I think ...
<Kentos> right on, ill take a look around, im justt trying to get some basic stuff going currently and figure my way around the linux server platform
<alexlist> What have you been using so far?
<Kentos> just basic stuff, im using ubuntu 12.04, on a dell poweredge 2800, set up a bit of a test on the server for websites, and ttried messing around to get my main pc's internet to go through the dual NIC on the server and into the router(didnt figure it out )
<Kentos> I'm thinking about trying some other thimg but right now the cpu cant handle all too much
<Kentos> might upgrade the proc and add a second one
<alexlist> @Kentos you should definitely look into application sandboxing using LXC. I don't know if your PE2800 has proper virtualization support to run real VMs efficiently. What's the CPU model in that box?
<feisar> hi, following this walk though: https://help.ubuntu.com/12.04/serverguide/jeos-and-vmbuilder.html (jeos and vmbuilder) I'm wondering if it's possible to build a vm and instruct it to use LVs instead of creating disk files?)
<SpamapS> feisar: probably. Honestly though, you're probably better off just booting the cloud image than trying to build your own jeos vm
<SpamapS> feisar: https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_Local_Hypervisor_Natty_onward
<thierry_> hi everyone
<thierry_> i'm trying to make wifi works on my ubuntu-server on my pandaboard, and i'm following instructions on http://ubuntuforums.org/showthread.php?t=318539
<thierry_> when i restarted networking service, i got some error with resolv.conf file
<thierry_> and wlan0 is not up, rebooting pc does not change anything eithert
<SpamapS> feisar: if you follow those steps, you can just create an LV, and dd if=blah.raw of=path/to/lv
<feisar> SpamapS: thanks but this terminology is fairly new to me, I don't quite follow you. I have a metal box with 12.04 installed and I want to run a few 12.04 VMs - I was using 'vmbuilder' to do this
<SpamapS> feisar: vmbuilder doesn't really run vms. It just builds the disk images.
<SpamapS> feisar: kvm or xen or vmware actually run the vm
<thierry_> it says resolv.conf is not a symlink n, not doing anythign
<feisar> sure, I'm using KVM and using vmbuilder to put my vm together - does that make sense?
<thierry_> ifup wlan0 returns, ioctl[SIOCSWENCODEEXT] : Invalid argument$
<feisar> ah ok this 'dd if=blah.raw of=path/to/lv' implies that switching to LVs is easy - even if the VM has been up and running, is that correct?
<SpamapS> thierry_: perhaps this is a simpler way: http://www.finnie.org/2012/04/19/wifi-on-an-ubuntu-server/
<SpamapS> feisar: yes. The cloud images are pre-made by the ubuntu project, so you don't need to build your own...
<feisar> ah I see
<SpamapS> feisar: but if you already went through the trouble of building one, you can just put the disk image on an LV with dd
<feisar> thanks, I haven't built it yet but written a script with all the options in
<feisar> SpamapS: is it possible for me to get a lot wrong in building my own image?
<feisar> i mean, it seems fairly straight forward so far
<thierry_> SpamapS:  i'm trying it now , thanks
<SpamapS> feisar: wrong is not the right term. The cloud images are uniform, and building vms is busy work... so building your own is, IMO, quite a waste of your time.
<thierry_> SpamapS:  thanks , Great :!)
<hallyn> jdstrand: will you have a chance to test bug 1040033 with the qemu 1.2.0 version in ppa?
<uvirtbot> Launchpad bug 1040033 in qemu-kvm "Fresh VM installs via preseeded oneiric isos sometimes fail with filesystem issues" [Critical,Triaged] https://launchpad.net/bugs/1040033
<jdstrand> hallyn: hey-- I will, and I'm sorry I haven't yet, I've been sprinting this week
<hallyn> jdstrand: ok, just trying to make sure I don't forget about it.  thanks.  (well, and if we're going to ask for FFE to get 1.2 into quantal it should be soon :)
<jdstrand> hallyn: I can kick off the tests when I get back home
<hallyn> jdstrand: thanks
<jdstrand> hallyn: understood. I won't forget-- it is on my high priority todo, which unlike my ever-expanding todo, actually means something
<hallyn> jdstrand: thanks :)
<jdstrand> :)
<med_> what's supposed to start openstack-dashboard (horizon)? manage.py runserver doesn't seem to be in an upstart
<feisar> SpamapS: thanks
<hallyn> zul: can you check whether https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html applies to q?
<zul> hallyn:  looks like it
<hallyn> zul: ok, did you have any other changes to push?
<zul> hallyn:  nope
<hallyn> zul: have you had any openstack bugs seemingly caused by libvirt in q?  You'r ehappy with it overall?
<zul> hallyn:  yeah im ok with
<hallyn> zul: groovy
<hallyn> tyhicks: https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html  libvirt cve for q.  is it ok if we just push the fix, or is the security team already handling it?
<aandy> is there any apt/aptitude way of getting clang 3+ on ubuntu 10.10? (apt-get install clang gives 2.8, even after apt-get update of sources)
<uvirtbot> New bug: #1050934 in qemu-kvm (main) "VM stops receiving packets on heavy load from virtio network interface briged to a bonded interface on kvm hypervisor" [Undecided,New] https://launchpad.net/bugs/1050934
<feisar> Hi, I'm using vm-builder and it seems to have stopped on 'Calling hook: bootstrap' can anyone give me an idea of the time it takes to build? I mean hours or minutes?
<Firefishy> Newbie here, how best to get this resolved? https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1036618 Request to backport amd64-microcode to precise
<uvirtbot> Launchpad bug 1036618 in amd64-microcode "Please backport amd64-microcode to Precise" [Undecided,Confirmed]
<Firefishy> Without the updated microcode some recent AMD's run overly hot + likely other issues
<micahg> Firefishy: this is a new source, right?
<SpamapS> Firefishy: new hardware support in precise is handled by backporting the current stable release's kernel usually.
<SpamapS> Firefishy: if this is something else, it can be done as an SRU https://wiki.ubuntu.com/StableReleaseUpdates
<Firefishy> SpamapS: It is a package, just like intel-microcode, support is already in kernel.
<Firefishy> micahg: Yes new package, Quantal package builds fine on precise.
<micahg> Firefishy: in the future, you might want to consider using the requestbackport tool from ubuntu-dev-tools as it will fill in the information about required testing and sucj
<micahg> *such
<Firefishy> micahg: noted.
<SpamapS> micahg: I don't know that this is a requestbackport thing. Hardware enablement is SRU worthy
<micahg> SpamapS: sure, but it's a new source package
<micahg> as in we had nothing like this in precise before
<micahg> and backports are enabled by default, so anyone who needs it should see it
<Firefishy> The package is in debian squeeze-backports.
<micahg> Firefishy: I've updated the bug with the testing needed (you already said it builds, did you install/run the package as well)?
 * micahg also wonders why this is related to server
<Firefishy> micahg: Opterons ;-)
<micahg> Firefishy: can you please comment in the bug as to the testing you've done with the package built on precise?
<Firefishy> Yip will do
<tyhicks> hallyn: Feel free to push that into q
<phunyguy> Hello, I have tried Ubuntu server 12.10 beta1 in a virtualbox VM, and after running updates, the network card no longer shows up.  I tried on a physical box thinking maybe it was just kernel issues with virtualbox virtualized hardware, and sure enough, after updates, I can't get in.  I am assuming it is the same issue.  Is this a known issue?
<phunyguy> My wife on the other end says that a login screen is there, so no kernel panic or anything preventing boot, it's just not responding on the network
<yeats> phunyguy: you've tried bringing up the card manually? (e.g., 'ifup eth0')?
<phunyguy> i'm trying to duplicate the issue again in virtualbox.  I have since reinstalled and not ran updates yet.
<phunyguy> OK I have duplicated the issue.  There doesn't seem to be any network devices listed in /dev
<phunyguy> yeats, ^^^
<ogra_> in /dev ?
<phunyguy> although one shows up in lspci
<phunyguy> yes ogra_
<ogra_> you mean /proc/net/dev ?
<ogra_> there have never been network devices in /dev
<ogra_> ;)
<phunyguy> hmm yeah there is the issue I think.  I changed p2p1 in /etc/network/interfaces to eth0 and it came up
<phunyguy> must be a bug?
<phunyguy> and thanks ogra_  I didn't know that.
<phunyguy> or maybe it was a fixed bug? Sounds more like it.
<phunyguy> but it really should change the entries in /etc/network/interfaces when the update happens....
<uvirtbot> New bug: #1047054 in python-urllib3 (main) "urllib3 does not do certificate verification by default" [Undecided,Fix released] https://launchpad.net/bugs/1047054
<phunyguy> yep, it was the same issue on the physical box, wrong device name in /etc/network/interfaces
<phunyguy> just lost half a day waiting for my wife to wake up so I could walk her through changing it, lol!  =D
<smoser> security/apparmor person...
<smoser> after maas lays down a file into /etc/apparmor.d/dhcpd.d/maas does it's packaging have to explicitly call 'apparmor update' ?
<smoser> or is there some magic triggers
<sbeattie> smoser: no, something will need to reload policy, preferably just for dhcp.
<sbeattie> smoser: that said, I haven't looked at what dh_apparmor provides, whether there's magic in there to do the right thing.
<smoser> sbeattie, thanks.
<sbeattie> jdstrand: you know more about dh_apparmor, any tips for smoser?
<phunyguy> Oh man I love upstart.  Where has it been all my life?
<smoser> sbeattie, so you think i should just always call on install ?
<sbeattie> smoser: yes, I guess so. I was looking to see if there was an existing apparmor hook in the dhcpd upstrart job
<smoser> right
<smoser> and i shoudl call on remove also i think
<smoser> right?
<smoser> http://paste.ubuntu.com/1205157/
<smoser> sbeattie, does that look reasonable ?
<AaronMickDee> Any reason why NFS server speeds would drop?
<sbeattie> smoser: yeah, that looks good
<sbeattie> (based on visual inspection, nothing more :) )
<smoser> AaronMickDee, i'm sure there are lots of reasons.
<smoser> :)
<AaronMickDee> I meant, any specific reasons or bugs that are eye glaringingly noticeable. :)
<hallyn> stgraber: for bug 942862, it seems like it shouldn't be too hard to trap failure in the attempt to update the container, and, if that fails, flush and re-download.
<uvirtbot> Launchpad bug 942862 in lxc "lxc-create failure creating a lucid container in a precise host with old cache" [Low,Confirmed] https://launchpad.net/bugs/942862
<hallyn> hm, actually, we install python-software-properties before we apt-get update.
<hallyn> i'm gonna try and address that one
<stgraber> hallyn: resolvconf on lucid was unsupported, I fixed that in quantal and precise with a change to lxc-ubuntu
<hallyn> stgraber: ?  is that related to the out-of-date-lucid-cache bug in lxc-create?
<stgraber> hallyn: yeah, I noticed you mentioned the part about debootstrap re-trying the install of resolvconf multiple times
<hallyn> no i wasn't really worried about that
<hallyn> but sometimes lxc-create fails, when lxc-create -- -F succeeds
<hallyn> I'm just going to, if that happens, output a msg suggesting trying -F
<hallyn> I was going to automatically do that, but that gets too hairy i think and is more likely to break something else :)
<stgraber> yeah, wiping the cache automatically might surprise some users ;) printing a msg seems better
<savid> Hi, I've adjusted /etc/network/interfaces to add a sub-interface to eth0.  When I run "sudo restart networking", I get "restart: unknown instance:".  When I run "sudo start networking", I get "networking stop/waiting".  Any ideas how I can find out what's going on?
<savid> When I run "ifup eth0:2" I get the error "RTNETLINK answers: File exists".  Any ideas?
<nov503> hi, does when I install a node in MAAS, i have to sync the time with root firstâ¦does anyone know how to automatically do that?
<hallyn> stgraber: do you mind checking ubuntu:lxc (last two revisions)?  Kind of tough to device a good test for the upgrade failures (i'm only trying to protect against dist-upgrade failing;  if they've corrupted their own cache that's a different problem)
<stgraber> hallyn: will look in a sec
<nov503> solved, thanks!
<stgraber> hallyn: change in ubuntu:lxc looks reasonable
<hallyn> stgraber: thanks,  will run one more test and push
<hallyn> yay!  my utah lxc testcase works.  the mysterious failures?  timeouts!
<stgraber> hmm, so lxc was somehow slower under utah? :)
<hallyn> no, it gives like a 5 minute timeout by default for the whole suite
<hallyn> so utah timed it out and said the tests failed
<stgraber> ah
<hallyn> jamespage: lp:~serge-hallyn/utah/utah-lxc is a branch on top of your server-tests branch which adds lxc tests.  I"ll do a mp in a bit to get yoru review
<stgraber> yeah, all the tests including the various lxc-creates can take way longer than 5 minutes ;)
<hallyn> yup :)
<stgraber> hallyn: can you also push your ubuntu:lxc changes to your git branch? I'll then push them to the staging branch (I'm mostly interested in the clear fix for the hooks)
<hallyn> stgraber: yup
<hallyn> stgraber: what the heck?  how come, once in awhile, bzr seems to drop my dep-5 comments at top of a patch??
<stgraber> hallyn: hmm, never seen that yet (though I tend to put only very minimal comments, so maybe I never noticed ;))
<hallyn> the first time if igured i must have forgotten.  but now i'm sure i had put the comments in
<Lavvy> Hello, i am runing into problems here, i am testing the ubuntu cloud live, it is quite simple and automatic. I used the username/password (ubuntu/ubuntu123) from the get started guide, but i could not get into openstack. Please is there any  username/password for openstack? Or what am i missing?
<hallyn> stgraber: pushed to github.com/hallyn/lxc #staging
<stgraber> thanks
<hallyn> pushing 0.8.0~rc1-4ubuntu35 in a few mins (barring test failures)  have a good weekend
<Lavvy> Hallyn you have an idea?
<hallyn> Lavvy: 'ubuntu/ubuntu' maybe?
<hallyn> Lavvy: smoser probably knows
<stgraber> hallyn: thanks, you too. (I cherry-picked your two commits and pushed to staging)
<smoser> what know do i?
<Lavvy> Smoser the openstack username password in ubuntu cloud live
<hallyn> smoser: ^ Lavvy is trying 'ubuntu cloud live'
<Lavvy> Smoser help am stuck
<smoser> Lavvy, ubuntu:ubuntu maybe ?
<smoser> med_, ?
<smoser> Lavvy, you're saying on an instance?
<hallyn> Lavvy: what is this getting started guide you're talking about?
<smoser> inside it?
<med_> smoser, ?
<med_> maybe ubuntu:ubuntu
<Lavvy> Ge started said ubuntu; ubuntu123
<Lavvy> But not working
<med_> Lavvy, you mean for the openstack dashboard?
<TheLordOfTime> Lavvy:  what "getting started" guide?
 * med_ hasn't run cloud-live since November
<Lavvy> Yes med , openstack
<med_> Lavvy, the dashboard?
<med_> I think it's admin...
<med_> maybe admin:admin
<Lavvy> Thelordoftime, it comes with the ixo
<Lavvy> Not working though
<hallyn> jamespage: actually, that seemed to want to push to lp:utah, so i pushed straight to your tree.  hope you don't mind!
<med_> Lavvy, I'm taking a look. Sorry for the delay.
<Lavvy> Ok med
<Lavvy> Hi med
<med_> Lavvy, confirmed it is ubuntu/ubuntu123
<Lavvy> But i have used it med, am i missing anytin
<med_> Lavvy, it will take me a bit longer to actually run this version. I've just examined the code so far (and mostly had to shake off a lot of cobwebs.)
<med_> I'll boot it and get back to you in 10-15 minutes.
<Lavvy> Ok, med
<med_> Lavvy, hmmm, seems to work fine. I launched the included browser and it automatically brings up 3 tabs.
<med_> The 3rd one goes to the localhost dashboard instance and ubuntu/ubuntu123 works fine.
<med_> please restate your problem as I'm not having issues and we must have confused something.
<Lavvy> Wow, may i got something wrong in my case
<Lavvy> Ok
<Lavvy> Hello, i am runing into problems here, i am testing the ubuntu cloud live, it is quite simple and automatic. I used the username/password (ubuntu/ubuntu123) from the get started guide, but i could not get into openstack. Please is there any  username/password for openstack? Or what am i missing?
<med_> that is the username for openstack.
<med_> when you say "for openstack" tell me PRECISELY what you are trying to do.
<med_> ie, is that a login, a web page, etc that you're trying to access.
<Lavvy> I want to login into openstack dashboard
<med_> Lavvy, ^
<med_> and what URL are you using?
<med_> and did you run the start-openstack.sh?
<Lavvy> Yea the third tab
<med_> well, ubuntu/ubuntu123 does work there.
<med_> four steps:
<med_> 1) boot the image
<Lavvy> Localhost
<med_> 2) run the nova-setup.sh
<med_> 3) run the start-openstack.sh
<med_> 4) go to the 3rd tab and login as ubuntu/ubuntu123
<Lavvy> Ok let me reboot now again
<med_> Good plan.
<med_> the only issues I'm aware of is if there is some networking issues.
<med_> be aware, it may not work (COMPLETELY) if you only have a wlan
<Lavvy> Like?
<med_> (but I think all those steps will work)
<med_> I think wlan fails when you are inside an instance and try and do networking
<Lavvy> Ok am rebooting
<med_> due to some intentional limitations on network spoofing ie promiscuousity on wlan interfaces.
<jamespage> hallyn, thats fine
<Lavvy> Med, when i ran nova-setup.sh. It said cant create database 'nova' : database exists
<med_> Lavvy, I think you've done a persistent boot then
<med_> Lavvy, are you booting from a USB thumb drive? a CD or a hard disk?
<Lavvy> Please how do i resolve that?
<med_> and are you booting cloud-live on bare metal or inside a virtual machine?
<Lavvy> From harddisk
<med_> that's not really the main idea with cloud-live.  I suspect you've made some persistent changes then.
<Lavvy> With underlying window7
<med_> Lavvy, I'm going to private message with you for a bit if that's okay
<Lavvy> Ok thanks
<hallyn> zul: tyhicks: note i think precise's libvirt also needs that CVE fix that i pushed to q.
<hallyn> if someone wants to SRU that...  i probablywon't get to it tonight
<tyhicks> hallyn: It will need to go through -security
<hallyn> tyhicks: then i leave it in your capable hands :)
<tyhicks> hallyn: We have it marked as a "low"
<tyhicks> hallyn: Does it require an authenticated remote attacker or can anyone DoS libvirtd remotely?
<hallyn> tyhicks: makes sense.  thanks!
<hallyn> tyhicks: hm, well i thin kanyone can.  more to the point, at the moment i don't think there are any gaps in the list.
<hallyn> so IIUC (which i may not) it should not yet apply to us.  it's more of a 'if someone backprots and does it wrongly' thing
<hallyn> but, i could be wrong about that
<hallyn> tyhicks: see first paragraph in https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html.  so technically i don't believe it's exploitable right now.
<tyhicks> hallyn: Ok, thanks. libvirt will be getting updated by us since CVE-2012-3445 is a medium. We'll apply the fix for CVE-2012-4423 at that time.
<uvirtbot> tyhicks: The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3445)
<uvirtbot> tyhicks: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4423)
<hallyn> tyhicks: great
<tyhicks> I read it the same as you
<hallyn> cool.  then - have a good weekend
<tyhicks> you too!
<pythonirc101> does anyone know of benchmarks between opteron 6272 vs barcelona 8378 for fpu computations percore?
<pythonirc101> anyone running good multi-core servers here?
<patdk-wk> what is a good multicore server?
 * patdk-wk can't EVER remember running a single core server
<pythonirc101> patdk-wk: Â I was hoping to get some help on deciding on CPUs -- 6272 vs 6274 vs Intel -- and how they compare with my older CPUs -- 8378
<patdk-wk> no idea, I only run intel servers
<pythonirc101> patdk-wk: I've a budget of 10k, what would you recommend for me as the intel cpu I should look for? If I want 32-cores -- probably I can't afford intel?
<patdk-wk> I dunno why you would want 32cores
<patdk-wk> if you wanted fpu power
<patdk-wk> atleast I don't think fpu power is increases as cores increase
<patdk-wk> you would need to know what your looking for, and find benchmarks that relate to it
<pythonirc101> patdk-wk: Each core has an FPU -- at least for my current 8378
<patdk-wk> ya, I don't know much about fpu's, I try never to use them :)
<patdk-wk> but I thought at some point, they where shared between cores
<patdk-wk> maybe not these days
<pythonirc101> the new opterons do that
<patdk-wk> I know cpu speed doesn't match for amd vs intel
<patdk-wk> but I normally look at it if you need ram cache or not
<patdk-wk> as amd has a very small cache
<chronos> Good night.
<patdk-wk> and intel has large caches
<patdk-wk> and that is mainly what makes the intel cpu much more expensive
<chronos> Some dev here have a idea of why this serious bug isn't worked: https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/992842
<uvirtbot> Launchpad bug 992842 in python2.7 "update-manager dpkg: error processing python2.7-minimal (--configure) : Illegal instruction" [Undecided,Confirmed]
<patdk-wk> so if cache is useless, likely stick with amd
<chronos> this break a server being updated
<pythonirc101> can one put a E5-2690 in a 4 cpu config?
<patdk-wk> unless you can benchmark it and fine intel is better
<patdk-wk> pythonirc101, nope
<patdk-wk> e5 is dual cpu only
<pythonirc101> so E7-4807
<patdk-wk> yes
<patdk-wk> it must be a e7-4xxx not sure if any of those are limited to 2 cpu, but normally if not all do 4 cpu
<pythonirc101> so $1k per processor
<pythonirc101> how much is the MB?
<patdk-wk> a lot
<pythonirc101> so can't build it under 10k?
<patdk-wk> not too bad
<patdk-wk> 3k for case+mb
<patdk-wk> could, but would be tight
<patdk-wk> atleast 1k in ram likely
<pythonirc101> patdk-wk: seems like intel is not selling it to general system builders -- that cpu!
<patdk-wk> everyone is reselling them via ibm
<patdk-wk> http://www.provantage.com/ibm-88y6070~7IBM9X4T.htm
<patdk-wk> or serversupply if you want alittle cheaper
<uvirtbot> New bug: #1051091 in resource-agents (main) "resource nfsserver default init script doesn't match ubuntu's" [Undecided,New] https://launchpad.net/bugs/1051091
<pythonirc101> patdk-wk: what's a good chasis + mb for E7-4807?
#ubuntu-server 2012-09-15
<Takyoji> Anyone done a successful LDAP/NFS network setup (whereas /home is an NFS share) on 12.04, without having an issue of a blank screen or no desktop after authenticating past LightDM?
<Takyoji> Can't find any errors in /var/log/auth.log; NFS share is mounted, and LDAP is accessible.
<SpamapS> Takyoji: what if you login via console?
<SpamapS> Takyoji: is the home dir writable?
<Takyoji> The home folder is writable, yes.
<SpamapS> Takyoji: you should have a .xsession-errors file then
<Takyoji> (compiz:1846): GConf-CRITICAL **: gconf_client_add_dir: assertion `gconf_valid_key (dirname, NULL)' failed
<Takyoji> is the only error
<SpamapS> Takyoji: thats compiz failing to work with gconf...
<SpamapS> Takyoji: perhaps it was just a timeout error caused by NFS
<SpamapS> Takyoji: you might try renaming .gconf to .gconf.old and seeing if that allows compiz/unity to start
<uvirtbot> New bug: #991484 in mcollective (universe) "package mcollective 1.2.1+dfsg-2ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/991484
<uvirtbot> New bug: #1051080 in lxc (universe) "lxc-start-ephemeral hangs if bind mounting nfs homedir" [Undecided,New] https://launchpad.net/bugs/1051080
<ejnahc> some php-fastcgi processes in my server are strange... it doesn't kill when I typed `php-fastcgi restart` or `kill SIGTERM <pid>`, ... but It killed with SIGKILL(kill -9 <pid>). what's the problem here and how can I fix it?
<delinquentme> hey all ! I'm looking for a more transparent way to transfer files between dirs than the cp command
<delinquentme> preferably something that has feedback as to the progress
<patdk-lap> rsync?
<patdk-lap> rsync -v
<patdk-lap> rsync -vP
<patdk-lap> rsync -avP (my fav)
<delinquentme> patdk-lap, I've run rsync only once ... whats the -avP flag do?
<patdk-lap> everything almost
<delinquentme> NICEEE and its preinstalled
<delinquentme> lol
<patdk-lap> -a means do most things
<delinquentme> breakfast
<patdk-lap> copy time,recursive,links,permissions,owner,group,...
<delinquentme> does it handle that?  no jk jk but how about something like a progress bar?
<patdk-lap> v means list files (verbose)
<patdk-lap> P  is progress + partial
<delinquentme> Oh lovely!!!
<delinquentme> happy days.
<patdk-lap> rsync -avP --del :)
<delinquentme> @_@
<delinquentme> i dont think i like that one as much
<patdk-lap> also sync missing files (delete on dest)
<patdk-lap> it's more to make an exact mirror
<delinquentme> patdk-lap, I'm missing what that does?
<delinquentme> if there are missing files .. well wouldn't they just not be copied?
<patdk-lap> if there are missing files on the source side?
<patdk-lap> --del would cause it to delete them on the destination side
<delinquentme> patdk-lap, I dont understand :D
<delinquentme> like if they're missing ... wouldn't they *not* be copied?
<delinquentme> or is this for like sym linked files which arent currently connected to their actual files?
<delinquentme> ( a little lost )
<phunyguy> OK I have a simpleton problem... I am trying to remove all files in a directory that start with a string, and the ending doesn't matter.  The command is in a script, and the filenames have spaces so they have quotes.  With that being said, a command like 'rm -rf "name of file*"' doesn't work, whereas 'rm -rf name\ of\ file* works.  What makes the quotes different that it won't work with the wildcards?
<qman__> you're sending a literal *
<qman__> like name\ of\ file\*
<phunyguy> qman_ thanks, how would I get around that?
<phunyguy> (kinda new to that stuff)
<qman__> like you just did
<qman__> escape instead of quote
<phunyguy> right but in the script the escapes are removed initially, so quotes are required
<qman__> I don't know if "name of file"* will give the expected result, you'll have to try
<phunyguy> already on it, lol
<qman__> if not, use sed to escape it beforehand
<qman__> escaped=`echo "$variable" | sed s/\ /\\\ /g`
<phunyguy> moving the quote before the * works
<phunyguy> and qman__ that would only half work, there are also other unsupported characters that need to be escaped
<qman__> more seds
<qman__> but yeah
<phunyguy> or I can just move the quote  ;)
<qman__> I wasn't sure if that quoting would work right
<phunyguy> works a champ
<qman__> but if it does, go for it
<phunyguy> thanks for the tip.
<phunyguy> didn't think of the literal *
<lordievader> Good morning
<xkill> what's the least amount of disk space i could get away with having to set up a 700 MB HTML/CSS/jquery-mobile website using apache, php, mysql, curl, & python for Opencart?
<lifeless> xkill: 700MB ?
<jaredrhine> (probably means directory size of the web site docroot is 700MB of files all told)
<xkill> yeah, flash, pics, lots of stuff
<xkill> yeah
<jaredrhine> anything of note in mysql then? and you're asking how big a filesystem would thus be needed for just the OS plus apps above?
<jaredrhine> it's a dangerous game going as small as possible. what you give up is log files, etc. i haven't done a recent lean install, i'd guess it's around or under 2gb including all the apps you mention.
<xkill> yeah, minus that 700 MB website that is on a CD at the moment, how much disk space will i need?
<xkill> the mysql db is for opercart products and customers and purchases and all its stuff. never run an opencart b4 so i dont know exactly how quickly it will grow. but for the moment just needs to be big enough to hold a few users and the product database
<jaredrhine> 2gb minimum, and you'll run out of disk space unless you prune logs and don't add anything to mysql. so 2.7gb, call it 3.
<jaredrhine> if you know exactly what you're doing and can prune apps, documentation, man pages maybe, 2gb total.
<xkill> perfect. all is not lost then
<Troy^> I'm getting some weird buffering streaming media over my samba server to xbmc.. Server is wired and the HTPC and 802.11n but i was even testing with 720p media.. Most of the time with 1080p DTS stuff it is flawless then it goes into these spurts of buffering while even watching 720p content. Is there any setting to put in the smb.conf that would help performance for this?
<patdk-lap> sounds like your wireless it having interference
<Troy^> ?? that doesn't make sense
<Troy^> i just saw a power saving option for the wireless radio on my router settings so i turned that off
<patdk-lap> doesn't make sense?
<patdk-lap> interference means packet loss, and therefor means it will buffer more
<Troy^> how does it sound like interference i though it would be more with samba and its shottiness
<patdk-lap> but something going to sleep will cause the same effects also :)
<Troy^> could it be disk drive? i have my xbmc buffer set to 1gb then again i dont know if that actually works.. apparently WMM power saving shouldn't cause problems for streaming so i dont know
<patdk-lap> xbmc sounds like a gui thing
<fidel> wc
<iqualfragile> i follewed the ubuntu-serverguide about installing a openldap-server, first i have installed a fresh 12.04 into a virtual box, then i have copy-pasted every instruction from the page https://help.ubuntu.com/12.04/serverguide/openldap-server.html
<iqualfragile> so first i changed my /etc/hosts to
<iqualfragile> 127.0.0.1       localhost
<iqualfragile> 127.0.1.1       vm-fai-ubuntuserver
<iqualfragile> 127.0.1.1       barium.herzog.loc barium
<iqualfragile> # The following lines are desirable for IPv6 capable hosts
<iqualfragile> (i hope im allowed to paset 4 lines without pastebin)
<iqualfragile> then i did
<iqualfragile> sudo apt-get install slapd ldap-utils
<iqualfragile> my /etc/ldap/slapd.d/ looks right
<iqualfragile> then i ran sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn
<iqualfragile> it returned the predicted output
<iqualfragile> but now i tried to run $ ldapsearch -x -LLL -H ldap:/// -b dc=example,dc=com dn
<iqualfragile> (i have changed it to ldapsearch -x -LLL -H ldap:/// -b dc=herzog,dc=loc dn
<iqualfragile> and it says: No such object (32)
<iqualfragile> where did i go wrong?
<qman__> that hosts file is not correct, but I don't know if it's the cause of your problem or not
<iqualfragile> i have allso tried
<iqualfragile> 127.0.0.1       localhost
<iqualfragile> 127.0.1.1       barium.herzog.loc barium
<iqualfragile> but that did not work the step before, sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn returned an error
<qman__> you can only have each IP once, so if you want them all to be 127.0.1.1, it would be
<qman__> 127.0.1.1       vm-fai-ubuntuserver barium.herzog.loc barium
<qman__> but it probably should use your actual IP
<iqualfragile> but the guide says thats what i should do
<qman__> ah, ok
<qman__> then it should be this
<qman__> 127.0.1.1       barium.herzog.loc barium vm-fai-ubuntuserver
<qman__> (assuming you want vm-fai-ubuntuserver to still work)
<iqualfragile> i dont rly care, it did not work without it
<iqualfragile> but i have found some suspicious lines
<iqualfragile> olcSuffix: dc=nodomain
<iqualfragile> olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=admin,dc=nodomain" write by * none
<iqualfragile> olcAccess: {2}to * by self write by dn="cn=admin,dc=nodomain" write by * read
<iqualfragile> olcRootDN: cn=admin,dc=nodomain
<iqualfragile> in /etc/ldap/slapd.d/cn=config/olcDatabase={1}hdb.ldif
<iqualfragile> so if i would just change that, would it work?
<iqualfragile> lets try
<iqualfragile> no, it does not
<iqualfragile> qman__: thankyou, that seemd to be the problem
<uvirtbot> New bug: #1051163 in openssh (main) "package openssh-server 1:5.3p1-3ubuntu7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/1051163
<uvirtbot> New bug: #1051182 in bind9 (main) "package libisccc80 1:9.8.1.dfsg.P1-4ubuntu0.2 failed to install/upgrade: package libisccc80 is already installed and configured" [Undecided,New] https://launchpad.net/bugs/1051182
<uvirtbot> New bug: #1051258 in samba (main) "After ugrade from 11.10 to 12.04 computer is not booting" [Undecided,New] https://launchpad.net/bugs/1051258
<Error404NotFound> Wonder if its right place or not, but i am doing this on ubuntu so i am gonna ask it here anyway :P, http://paste2.org/p/2226885 These contain 2 samples of / entries in fstab. I am trying to write sed combined awk to append noatime,nodiratime to mount options. any hints?
<SpamapS> Error404NotFound: why are you trying to sed/awk that?
<Error404NotFound> SpamapS: there are 2 possible questions i see in your question. 1- why am i even try it? Writing a bootstrap script and thought it would be nice to throw my commonly used config. 2- why using sed and awk? awk to tokenize and sed to replace
<SpamapS> Error404NotFound: so if you're automating this, there are better ways. augeas is really good for parsing and editting fstab for instance.
<Error404NotFound> SpamapS: hmmm, never heard of that, !google time
<SpamapS> Error404NotFound: if the content of fstab is more static.. why not just replace the lines rather than try to be clever about sed/awk?
<SpamapS> as somebody who has sed/awk'd a lot of fstabs.. I can say its a lot of time in, and not much win out. ;)
<ogra_> erm
<ogra_> if you bootstrap from scratch fstab is empty anyway
<Error404NotFound> SpamapS: i was also thinking about that. But, the pretend-to-be-smart-kid in me wanted to make it "generic"
<ogra_> just cp one in place us use a here-doc
<Error404NotFound> ogra_: nah, i do the second part of bootstrap, the vm part of managed by a 3rd party vendor, i can call my script using a hook that runs after a vm has been up an running
<Error404NotFound> the vm part is managed*
<gabrtv> i'm seeing `git-core` disappearing intermittently from ubuntu ec2 mirrors
<gabrtv> http://stackoverflow.com/questions/12438946/intermittent-package-git-core-has-no-installation-candidate
<gabrtv> any ideas?  i've confirmed it's intermittent..
<gabrtv> started seeing it last night
<ogra_> git-core is dead since at least two releases
<ogra_> apt-cache show git-core
<ogra_> ..." This is a transitional dummy package.  The 'git-core' package has been
<ogra_>  renamed to 'git', which has been installed automatically.  This
<ogra_>  git-core package is now obsolete, and can safely be removed from the
<ogra_>  system if no other package depends on it."...
<gabrtv> seems half dead, because after a few updates it's available
<gabrtv> i'll try switching though, thx
<gabrtv> ogra_: E: Unable to locate package git
<uvirtbot> New bug: #1051406 in apache2 (main) "package apache2.2-common 2.2.22-1ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/1051406
<Troy^> alright my ubuntu server is on a dynamic ip address and i'm possibly looking at buying a domain is there a good place to buy a full domain with auto ip updating
<Error404NotFound> Troy^: http://lmgtfy.com/?q=register+domain+dynamic+dns ?
<Troy^> Error404NotFound: you actually took the time, why thank you
<Troy^> i was just looking for suggestions in what people used/prefered with dynamic ip updating
<blast_hardcheese> I followed https://help.ubuntu.com/12.04/serverguide/ubuntucloud.html almost to the letter, but when I run "euca-run-instances $ami -k user1 -t m1.tiny" I get "EC2APIError: Image must be available". Is this a known issue?
<blast_hardcheese> The only stuff I left out was creating a private network, since I don't have two NICs on this machine
<blast_hardcheese> but all the services are running and happy
<Awaken> Troy^, I  use joker.com for most of my domains. Tehy include a dynamic service u can use with any domain, to update it you poll a web address
<Awaken> tomato or dd-wrt router can update it , others might not
<Awaken> u can always run something on your lan ofc
<Awaken> https://joker.com/faq/content/11/427/en/what-is-dynamic-dns-dyndns.html
#ubuntu-server 2012-09-16
<uvirtbot> New bug: #1051451 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1051451
<Kentos> Hey everyone
<Kentos> im having ome troubles with a website, using a file manager the preview shows a background image however when i load the site via my browser no background image is visable
<Kentos> i coded it in using plain text, but the editor has a default editor and a switch to plain text option, the images in the directory that are used as image files are not showing
<Kentos> anyone familiar with website file management?
<mysteriousdarren> Kentos: yets
<mysteriousdarren> Kentos: yes
<Kentos> hey mysterious
<nooo> One of my servers is getting a dependency error whenever I try to install or update a package, results of apt-get -f install: http://paste.ubuntu.com/1208279/
<Kentos> anyone able to help me out here a bit?
<Myrtti> Kentos: difficult to know without knowing your problem
<Kentos> true no need to ask if no ones paying attention though =P
<Kentos> im wondering how i would associate a domain name with my WAN address, ive tried forwarding, but thats still shows an actual IP as the root of the file systemn
<Kentos> i did a masked forward however that still showed the IP on the bottom link reference, where the browser stays at the .com address bar, but the links all point to the IP
<marw> hello. anyone got nginx+php working?
<marw> what permissions should the www folder have?
<Kentos> i've gotten php working before, you have to set certain user/group priviledges, read and write for them
<lordievader> Good morning
<Kentos> morning
<Kentos> lord, have you any webserver experience?
<lordievader> Hey Kentos, how are you? Some, not very much. What is your problem?
<Kentos> trying to see how i can get the domainname.com i bought to be referenced as the server IP. I did forwarding with masking however that only applies the address bar, it still shows references for links as my wanIP
<marw> i see that ginx and php are running as the same user (www-data).  i'll try changing some aliases now.
<lordievader> Kentos: Have you hard coded your wanIP into the links?
<marw> ah, finally oO after tow days of setting it up...
<Kentos> no, i jut used basic html image/html link
<Kentos> when i hover over the link, it shows on the bottom of browser the link address as being my IP
<Kentos> and then the www directory
<Awaken> kentos, u need to set an a-record on the domain to point to the IP of the server
<lordievader> Kentos: Can you show the source code of the page?
<Awaken> for both domain.com and www.domain.com
<lordievader> !paste | Kentos
<ubottu> Kentos: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Kentos> the a-record?
<Awaken> forwarding doesnt direct traffic it just means whoever u bought your domain off of runs an html frames page on their servers with your destination inside the frame
<Awaken> setting an a-record to the IP of your server actually points the domain to your server properly
<Kentos> ty guys
<Kentos> it was was a point of confusion for me there
<cassavuota> hi all!
<cassavuota> i'm trying to recover a lost lvm vg but when i use the uuid from the vg archive file i get "too long to be uuid"
<cassavuota> where else do i find an uuid?
<cassavuota> what might cause that error?
<jacobw> morning
<cassavuota> alright, no double quotes around the uuid ^^
<cassavuota> now it says the file system is mounted. but umount doesn't help
<cassavuota> how do i edit a filein busybox? no editor appears to be available?
<uvirtbot> New bug: #1051569 in samba (main) "Unable to create share" [Undecided,New] https://launchpad.net/bugs/1051569
<AlphaWolf> What can I do when I am in the following situation: If I press escape or any F# keys it shows a purple screen with "Ubuntu 12.04" and otherwise a log of messages from a server (in this case sickbeard) and I can't type anything?
<AlphaWolf>     2
<TheLordOfTime> would you recommend zentyal as a good remote-management platform that doesn't need SSH?
<TheLordOfTime> since i can't ssh from everywhere, some nets restrict that
<AlphaWolf> What can I do when I am in the following situation: If I press escape or any F# keys it shows a purple screen with "Ubuntu 12.04" and otherwise a log of messages from a server (in this case sickbeard) and I can't type anything?
<AlphaWolf> As an alternate question, how can I get the MAC Address if when I type nothing is input?
<three18ti> AlphaWolf, is this from a clean boot?  do you get the login prompt then messages logged to STDOUT?
<AlphaWolf> three18ti: From a clean boot it loads up a few services (the last being sickbeard). I don't have a login message (that I can see), and the input line is empty (no "user@ ~/" part)
<three18ti> AlphaWolf, so it sounds like sickbeard is hijacking the boot process.  how are you starting sickbeard?  command in rc.local?
<three18ti> (I'm assuming you're running a headless server machine, that's why you're in #ubuntu-server)
<AlphaWolf> three18ti: I'm not 100% sure how I'm starting it. I'll have a look to see if I can find the tutorial I used. I am using Ubuntu Server (headless is no GUI, right?)
<three18ti> AlphaWolf, yes, by "headless" I mean no gui. I had the same problem starting ps3media server because I added an entry in /etc/rc.local (something along the lines of `ps3mediaserver start --whatever --options`) and it would boot fine, but I wouldn't get a login prompt because ps3ms had started in "interactive" mode where it would log everything to STDOUT.  adding an & to the command forked it into the background.  I'm not saying
<three18ti>  that's what's going on here but it sure sounds similar.
<three18ti> AlphaWolf, I would A) figure out how it is being started, then B) start in single user mode, disable the service, then reboot.  can you boot into single user mode?
<AlphaWolf> three18ti: I cannot access the server because I just moved and they need the MAC Address. How could I start it in single user mode?
<three18ti> (As an aside and a point of clarification, a "headless" box canonically is one that does not have a monitor attached to and and you connect via SSH, VNC, RDP, etc; being this is a linuxbox I often use "headlesss" analogously to mean no GUI.)
<three18ti> AlphaWolf, maybe I don't understand the problem fully.  Who is "they" and why do they need the MAC?
<TheLordOfTime> maybe they have a whitelist on the network(s)
<AlphaWolf> three19ti: Sorry, I just moved to University accommodation. They need the MAC Address so I can connect (and get an IP to SSH in), but I can't actually DO anything when I plug in a monitor/keyboard :(
<three18ti> AlphaWolf, you do have physical access to the server though right?  Not like it's in the uni data center and you're trying to access it from your dorm?
<AlphaWolf> three18ti: I do have physical access, yes. Could it work if I plug the ethernet from the server directly into another computer?
<AlphaWolf> three18ti: I _think_ I used "sudo update-rc.d sickbeard defaults" to add it to the defaults
<qman__> AlphaWolf, if you did that, that's not the problem, because that uses a standard init script
<AlphaWolf> qman__: I _might_ have done that. I'll check if I did. If not, I'll make it do it what way! :)
<AlphaWolf> Is there any way to not loads these things up and get run an ifconfig?
<XATRIX> hi guys, i'm trying to install VBox Guest Add... it requires linux kernel headers (dev)
<XATRIX> any idea how can i install em?
<XATRIX> if i got it right, i'm using kernel 3.2.0-30-generic-pae
<qman__> XATRIX, apt-get install linux-headers-generic-pae
<XATRIX> ok. let's try
<tim-ct> hi all I am trying to get my firewall working. Being battling all day. I can see out ie browse the net. My rules are at http://pastebin.ca/2204732. No idea where line 62 and 77 come from...
<tim-ct> oops   i cant browse
<lordievader> tim-ct: Why not use ufw?
<lordievader> tim-ct: You have not forgotten to open port 53 (DNS)?
<DiNgL3> Hi guys I hope someone may be able to help me with some issues I'm having securing my shared memory
<tim-ct> lordievader: -A POSTROUTING -s 172.168.2.0/24 -p udp -m udp -m multiport --dports 53,123 -j SNAT --to-source 192.168.0.15
<DiNgL3> Any one willing to offer some support please I'm really struggling
<guntbert_> !details | DiNgL3
<ubottu> DiNgL3: Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<DiNgL3> im trying to secure some of my websites so have been doing some reading and came across this guide http:/â/âwww.thefanclub.co.za/ânode/â50 I have created a test lamp server updated to 12.04.1 and started following the guide didn't want to do it on my live sites.  I have got to securing the shared memory and im stuck.  I add tmpfs     /dev/shm     tmpfs     defaults,noexec,nosuid     0     0 to the end of /etc/fstab. Once I hav
<DiNgL3> done that I reboot and receive errors upon reboot  - mount: unknown filesystem type tmpfs mountall: mount /dev/shm [312] terminated with status 32 mountall: Filesystem could not be mounted /dev/shm fsck from until-linux 2.20.1
<DiNgL3> I've been getting ddos and god know what else on two of my site the last few days and really want t get them secured up as best I can
<DiNgL3> I'm confident with windows and os x but am really not so good on Linux I'm learning
<DiNgL3> I'll be back in a moment or two my daughter is crying
<DiNgL3> So has anyone got any ideas I've been in a few channels now and I post what's the problem and I get no response back from anyone
<DiNgL3> guntbert_: Do you have any ideas on this one ?
<guntbert_> DiNgL3: sorry, no - I never worried about shared memory before - but anyone able to help will need those details anyway
<DiNgL3> guntbert_: Ok cheers anyway do you think I don't need to worry so much about the shared memory
<guntbert_> DiNgL3: well, as I said I didn't think about that (I don't manage a server with many users), so I cannot say if you should worry - but generally ubuntu isn't regarded too vulnerable, that should apply to web servers too
<guntbert_> DiNgL3: can you !pastebin your /etc/fstab?
<DiNgL3> Ok give me a moment I'll send it to you
<guntbert_> DiNgL3: please put it in a pastebin and tell us the url
<DiNgL3> guntbert_: http://pastebin.com/iTebQcpB
<DiNgL3> guntbert_: Cheers for your time it's appreciated
<guntbert_> DiNgL3: 1) it looks exactly like the line on the web site 2) see https://help.ubuntu.com/community/StricterDefaults for an explanation of the security problems,  I will research a little
<DiNgL3> Yeah I've stumbled across that previously too
<DiNgL3> Thank you I can't find much online about this
<guntbert_> DiNgL3: please pastebin the output of       mount   too
<DiNgL3> Is that the errors I get upon reboot
<guntbert_> DiNgL3: yes, the error states that not all entries coud be mounted
<DiNgL3> Ok well I can't paste bin that one in because it doesn't load correctly so no ssh I have to get to the box through vsphere so I'll have to take a screen shot
<guntbert_> DiNgL3: I have to leave - look at the output of  mount  yourself - you will probably see a line like none on /run/shm type tmpfs (rw,nosuid,nodev) - that looks quite sane anyway - and maybe it tells you how to write those lines in /etc/fstab
<guntbert_> Good luck!
<cody-somerville> Hey. Is there no simple apache2 juju charm?
#ubuntu-server 2013-09-09
<adbosa> Hello everyone, somebody can tell me how i could know if I must to load some module of iptables or if not?
<mattwj2002> hi all
<mattwj2002> anyone want to talk ?
<mattwj2002> I have a plan I would appreciate some input
<mattwj2002> :)
<mattwj2002> I am thinking about purchasing an old server for $100 that supports 4 drives
<mattwj2002> four sata drives.....and run software raid between them
<mattwj2002> I would install ubuntu-server
<mattwj2002> and install the necessarily packages for a 4 X 2TB mythtv backend
<mattwj2002> :D
<mattwj2002> minus the loss space due to raid 5 or 6
<mattwj2002> any thoughts?
<qman__> mattwj2002, you'll get much better performance with raid 10
<qman__> Question: What package provides the facility to cache unlocked SSH keys? As in, I SSH, it prompts me for password, and then I can use it for a certain timeout without retyping the password?
<mattwj2002> qman__:
<mattwj2002> what is the drive lose with raid 10?
<mattwj2002> 1 drive?
<mattwj2002> I mean how many can you lose and still recover?
<mattwj2002> :)
<qman__> you can lose any one, or a particular two
<mattwj2002> qman__: it might be faster
<mattwj2002> but....
<mattwj2002> you lose too much data with raid 10
<mattwj2002> this isn't overally critical
<mattwj2002> this is a hobby box :)
<mattwj2002> I'll probably wipe it from time to time
<qman__> you're no less protected than with raid 5 (in fact you're better protected with raid 10)
<mattwj2002> right
<mattwj2002> but 4 X 2T in raid 5 gives you 6 GB
<mattwj2002> in 4 X 2T in raid 10 gives you 4G
<mattwj2002> that is quite the loss
<mattwj2002> 2 drives basically
<mattwj2002> actually I might go a collection of drives
<mattwj2002> and say screw raid all together :)
<mattwj2002> but I am thinking raid 5!
<qman__> if you don't care about your data, go right ahead
<mattwj2002> qman__: did you see what I wrote before?
<qman__> my data is important to me, so I do what I can to protect it
<mattwj2002> I hear you
<mattwj2002> if it was more important....I would protect it more
<mattwj2002> :)
<mattwj2002> basically I record tv shows using mythtv......and I want more storage space
<qman__> raid 0 will give you the most performance and will give you the full capacity
<qman__> but provides no redundancy at all
<mattwj2002> yeah
<mattwj2002> I think I'll go raid 5
<mattwj2002> :)
<mattwj2002> some redundancy
<qman__> raid 5 will be slow and will not offer much protection with consumer grade drives
<qman__> for a good explanation of why, http://www.zdnet.com/blog/storage/why-raid-5-stops-working-in-2009/162
<jpds> mattwj2002: You do realize that if a drive fails and you replace it, moving around that much data between drives in RAID 5 is going to take a while?
<jpds> mattwj2002: To the point where another drive might fail in the rebuild process?
<mattwj2002> of course
<qman__> basically, unless you buy server class drives, you're looking at coinflip odds on a successful rebuild
<mattwj2002> O.o
<mattwj2002> to be a 100%
<mattwj2002> this is a home thing.....and I all ready have a couple of 2TB drives I have had for a while
<mattwj2002> 100% honest I mean
<qman__> yeah, you really shouldn't do raid 5 with that
<mattwj2002> so raid 6 versus raid 10
<qman__> do raid 10 if you want redundancy, or do raid 0 if you don't
<mattwj2002> what do you recommed?
<mattwj2002> you recommend 10 over 6?
<qman__> raid 6 is even slower and suffers (to a lesser extent) the same problem as raid 5
<jpds> mattwj2002: Recommendations are useless, it depends on what you yourself need.
<mattwj2002> good point
<qman__> I have a raid 6 that I'm in the process of decommissioning
<qman__> mostly because it's too slow
<mattwj2002> I like to mess around with this stuff
<mattwj2002> :)
<qman__> I peak around 35MB/s write, with hardware that individually is capable of 120MB/s or more
<qman__> I actually just purchased a bunch of new 3TB drives to create a raid 10 to move my data to
<bradm> with 4 disks why would you do raid6?  raid10 gives you the same space with better protection
<mattwj2002> good point
<mattwj2002> I guess I am not sure what is more important....
<mattwj2002> it is obviously a personal choice
<mattwj2002> more storage with less protection?
<mattwj2002> more less storage with less protection
<mattwj2002> it isn't like I am saving medical records or something
<mattwj2002> this is just a server in my house to recording a crap ton of tv shows from my basic cable :)
<mattwj2002> 8 TB would get me up to about a couple months of straight video recording
<mattwj2002> I have a single 2 TB drive now
<qman__> if the drives last that long
<mattwj2002> and mythtv has the functionality to put one program on one drive and another program on a different drive
<mattwj2002> qman__: you are saying raid 10 then
<mattwj2002> for my application
<qman__> yes, it's what I would use
<mattwj2002> okay cool
<mattwj2002> hi guys
<mattwj2002> I have a crazy idea
<mattwj2002> anyone want to listen?
<mattwj2002> they sell a 15 bay SATA storage nas
<mattwj2002> I was thinking if you could put 15 3 TB drives in a raid 60 setup
<mattwj2002> that is like 33 TB
<mattwj2002> :)
<mojtaba> Hi, Could you please let me know how can I check what graphic card can I use with a known motherboard?
<mattwj2002> does this help mojtaba lspci -v | less
<mojtaba> mattwj2002: Actually I want to buy a second hand computer and I want to replace its graphic card, but I do not know how can I check what kind of graphic card could be used with that motherboard.
<mattwj2002> oh okay
<mattwj2002> I am not sure
<mojtaba> hello
<mojtaba> Hi, Could you please let me know how can I check what graphic card can I use with a known motherboard?
<mojtaba> sorry
<mojtaba> mattwj2002: thanks
<mattwj2002> worries
<mattwj2002> :)
<mattwj2002> mojtaba: have you been in this room for a while?
<mojtaba> mattwj2002: You mean today?
<mattwj2002> yeah
<mojtaba> no, just from 10 min ago
<mojtaba> why?
<mattwj2002> I want to build a nas
<mattwj2002> a custom built nas
<mattwj2002> :)
<mojtaba> I know that there are some linux distro specially made for NAS
<mattwj2002> the software I think I'll have undercontrol
<mattwj2002> because it is going to be a mythtv system (might do that separate not sure)
<Fire> anyone have experience with bind9 / webmin
<mattwj2002> hi guys
<mattwj2002> anyone here?
<mattwj2002> I just looking into a custom build nas
<mattwj2002> $30
<mattwj2002> oops
<mattwj2002> $300 including a ups
<ws2k3> hello i have placed this command in my rc.local Xvfb :99 -ac -screen 0 1024x768x8 > /tmp/xvfb.log 2>&1 & but it is not runned on boot what am i doing wrong?
<greppy> ws2k3: did you put the full path to the Xvfb command in there?
<zul> roaksoax:  (part 1) http://pastebin.ubuntu.com/6083298/
<RoyK> which package is it that includes the 'file' util?
<zul> roaksoax:  (part 1) http://pastebin.ubuntu.com/6083298/
<pmatulis> RoyK: file
<Pici> dpkg -S `which file`
<zul> roaksoax: https://code.launchpad.net/~zulcss/nova/2013.2.b3/+merge/184579
<zul> roaksoax:  https://code.launchpad.net/~zulcss/neutron/2013.2.b3/+merge/184583
<gigantor> so, if upon upgrading a server instance, it is hung on selecting a PAM profile and has deleted everything , like apt, what can I do?
<gigantor> have I done the unthinkable?
<raininja> so, if upon upgrading a server instance, it is hung on selecting a PAM profile and has deleted everything , like apt, what can I do?
<zul> smb:  ping
<smb> zul, yo
<zul> smb: the FFE for xen went through can you get me a list of stuff that you need me to do and ill do it this afternoon
<Pici> 36
<smb> zul, can, do. Well, step one is check/sponsor the xen-4.3 src pkg on chinstrap:~smb/4review
<raijin> so I am going to have to rebuild this install by hand basically
<raijin> using wget and dpkg
<raijin> ffs
<zul> smb:  and rebuild libvirt right?
<smb> zul, yeah, libvirt just as a no-change rebuild. I have to give you an update for xen-api to adapt the lib paths there
<zul> smb:  okies cool
<smb> zul, Ok, mail sent and xen-api src pkg in same directory
<zul> smb: i saw thanks
<raijin> so, if upon upgrading a server instance, it is hung on selecting a PAM profile and has deleted everything , like apt, what can I do?
<tom[]> on 12.04, how does cron send mail? does it have a list of places to look for sendmail?
<raijin> so, if upon upgrading a server instance, it is hung on selecting a PAM profile and has deleted everything , like apt, what can I do?
<zul> hallyn_:  im gonig to do a no-change rebuild libvirt for libxl do we need anything
<Richter> hi, i have issues whit my ubuntu-server, i can't connect to other gentoo server using a cross-over...
<sarnold> Richter: did you manually assign an IP address and netmask to both interfaces? did you restart whatever services you want to use after manually assigning IPs?
<Richter> yes
<Richter> i use the same config of the last server
<Richter> sarnold, auto eth1
<Richter>         iface eth1 inet static
<Richter>         address 10.100.100.2
<Richter>         netmask 255.255.255.252
<Richter>         network 10.100.100.0
<Richter>         broadcast 10.100.100.3
<Richter> sarnold, this show in my syslog: Sep  9 13:57:17 huguinho kernel: [ 2118.053008] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
<Richter> sarnold, but i am not using ipv6
<sarnold> Richter: what's the configuration for the gentoo machine?
<Richter> sarnold, config_eth3="10.100.100.1 netmask 255.255.255.252 brd 10.100.100.3"
<Richter> mtu_eth3="9000"
<Richter> this in my nfs storage
<sarnold> Richter: check arp -n output on both machines?
<Richter> sarnold, this in my old server: config_eth5=( "10.100.100.2 netmask 255.255.255.252 brd 10.100.100.3" )
<Richter> mtu_eth5="9000"
<Richter> nops
<Richter> 200.143.116.1            ether   00:1b:21:bc:5c:72   C                     eth0
<Richter> 200.143.116.*           ether   00:d0:b7:85:f7:72   C                     eth0
<RoyK> if you're using jumboframes, make sure you use it on all endpoints
<Richter> RoyK, the server is in other datacenter
<RoyK> ok
<sarnold> RoyK: will the cards auto-negotiate the lowest MTU between them? or will mismatched MTUs cause reliability problems?
<Richter> RoyK, i was thinking... maybe the 'dudes' dont are using a crossover cable
<Richter> sarnold, probably is default config
<sarnold> Richter: if even one card is gigabit, it ought to auto-negotiate, right?
<Richter> sarnold, i really don't know
<Richter> sarnold, but this 2 server uses gigabits cards
<Richter> they are not old servers
<maswan> sarnold: MTU must be the same on the whole broadcast domain. Beyond that, path mtu discovery should work when you have router hops. Unless you have a misconfigured firewall anywhere.
<RoyK> sarnold: I don't think MTU is autonegotiatable
<sarnold> Richter: I wouldn't expect crossover vs not-crossover to make a difference, unless ethtool or similar has been used to force a specific configuration
<sarnold> maswan,RoyK, thanks.
<sarnold> Richter: so, check mtu on both interfaces again?
<RoyK> Richter: no need for crossover with gigabit
<maswan> crossover vs not-crossover should be autoneg on gigE or above
<Richter> maswan, is a crossover connection... don't have firewall
<maswan> Richter: Ok, so the same broadcast domain then. Then MTU needs to match on both sides.
<Richter> sarnold, how i check this?
<RoyK> maswan: even most 100Mbps cards autonegotiate crossover
<maswan> RoyK: Yeah, but it isn't guaranteed.
<sarnold> Richter: ifconfig or ip both report mtu
<Richter> sarnold, lol, sorry
<maswan> but "link is not ready" shouldn't be it for MTU mismatch, that should rather end up as large packets just being lost.
<Richter> gentoo is MTU:9000
<sarnold> maswan: I think that's just ipv6 whinging, business as usual there :)
<Richter> ubuntu server is MTU:1500
<Richter> lol
<maswan> sarnold: Ah, ok.
<maswan> Richter: Yeah, start by fixing that. :)
<sarnold> RoyK: do you get tired of always being right? :)
<RoyK> Richter: heh - then set MTU on the ubuntu box ;)
<Richter> sarnold, i can force this in interfaces file?
<RoyK> sarnold: hehe - no ;)
<Richter> sarnold, : (
<sarnold> Richter: 'mtu 9000' ..
<Richter> sarnold, where i change this?
<sarnold> Richter: in the 'iface eth1' section
<Richter> sarnold, /etc/network/interface
<Richter> sarnold, ?
<sarnold> Richter: /etc/network/interfaces -- note the 's'
<Richter> sarnold, ops
<Richter> the MTU is correct now, but still don't work :O
<RoyK> Richter: what doesn't work?
<Richter> RoyK, PING 10.100.100.1 (10.100.100.1) 56(84) bytes of data.
<Richter> From 10.100.100.2 icmp_seq=1 Destination Host Unreachable
<RoyK> ping should work even with an MTU mismatch
<Richter> RoyK, hummm
<RoyK> since the packages sent by ping are so small anyway
<RoyK> Richter: are these machines on the same network?
<Richter> RoyK, yes
<Richter> RoyK, its a crossover cable
<RoyK> Richter: pastebin output of 'ethtool eth0'
<Richter> but eth0 is the wan link
<RoyK> eth1, then ;)
<Richter> RoyK, use a eth1?
<Richter> RoyK, kkk
<Richter> RoyK, root@huguinho:~# ethtool eth1
<Richter> Settings for eth1:
<Richter> 	Supported ports: [ TP ]
<Richter> 	Supported link modes:   10baseT/Half 10baseT/Full
<Richter> 	                        100baseT/Half 100baseT/Full
<Richter> 	                        1000baseT/Full
<Richter> 	Supported pause frame use: No
<Richter> 	Supports auto-negotiation: Yes
<Richter> 	Advertised link modes:  10baseT/Half 10baseT/Full
<RoyK> !pastebin | Richter
<ubottu> Richter: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Richter> 	                        100baseT/Half 100baseT/Full
<Richter> 	                        1000baseT/Full
<Richter> 	Advertised pause frame use: No
<Pici> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<RoyK> Pici: probably sufficient now :)
<Pici> 13:35:08 <?Richter> RoyK, how i use pastebin?
<Pici> 13:35:19 <?Richter> RoyK, its a irc command or pastebin the online service?
<RoyK> Pici: I just did a !pastebin to him a minute ago ;)
<Pici> I saw
<Richter> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
 * RoyK thinks a -q would be right now 
<sarnold> RoyK: he's -q ..
<RoyK> ok
<RoyK> right - I misunderstood that
<Richter> RoyK, you see the output?
<RoyK> or misread
<RoyK> Richter: can you pastebin that, please?
<RoyK> Richter: not all came in since you were quieted before the paste was finished
<Richter> RoyK, can i post line by line?
<Richter> RoyK, still lrning how to use irc xD
<RoyK> !pastebinit | Richter
<ubottu> Richter: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<Richter> http://pastebin.com/kpHWpGNL
<keithzg> Hmm, can you grow a single-drive btrfs setup into a multi-drive one? Or do you have to have created it with a chosen raid style in the first place?
<Richter> RoyK, http://pastebin.com/kpHWpGNL
<RoyK> Richter: you don't have a working link
<RoyK> try with a straight cable
<Richter> RoyK, this link work here... but i will call the datacenter
<Richter> RoyK, txh
<RoyK> Richter: well, it doesn't work between the two machines
<Richter> RoyK, ?
<RoyK> you don't have link, meaning MTU has nothing to do with it
<Richter> RoyK, i look the gentoo server
<Richter> RoyK, Link detected: no
<RoyK> bingo ;)
<RoyK> try another cable before doing anything else
<Richter> RoyK, yeah
<Richter> RoyK, thank you
<RoyK> np ;)
<hallyn_> zul: i don't think so - sounds good
<hallyn_> well, i suppose it might be worth looking through the git tree
<RoyK> Richter: any luck with a new cable?
<Richter> RoyK, i call the datacenter
<RoyK> k
<Richter> RoyK, nothing new
<Richter> RoyK, they say that use new cables, but the problem continues
<RoyK> they'll have spare cables around
<Richter> RoyK, maybe is the offboard dell card
<Richter> RoyK, : /
<Richter> RoyK, yes, they use a new one
<Richter> RoyK, from the plastic bag
<RoyK> Richter: are both machines using gigE cards?
<Richter> RoyK, yes
<RoyK> can you ask them to connect the machines to a switch?
<RoyK> it'll be easier to debug that way
<Richter> RoyK, i will ask to connect right to other computes
<Richter> computer*
<RoyK> they can just setup a separate VLAN for the two as to separate them from the rest of the network
<Richter> RoyK, they are lazy,
<Richter> RoyK, haushaushaush
<Richter> RoyK, i am going to the datacenter see the problem
<Richter> RoyK, thank you, and sorry for my bad english
<delinquentme> is there a way to check the "host" or "device" status of a given USB?
<xarph> I'm trying to do a hands off install of ubuntu 12.04 with preseeding. the preseed works fine except that it hangs for about 10 minutes on `anna net-retriever default`. I tcpdumped and during that whole time the thing is just sitting there trying to RARP itself. Any suggestions?
<jkitchen> xarph: out of curiosity, is that prior to the net console even starting?
<jkitchen> because I'm having a similar delay but only of about 2-5 minutes
<jkitchen> but haven't been able to debug because it's prior to net console
<xarph> I'm not using a network console. I also had a short delay earlier because it was trying to hit security.ubuntu.com and our pxe vlan doesn't have internet access. I fixed that and just got a larger delay :(
<xarph> this is how I got rid of that one:
<xarph> d-i apt-setup/services-select multiselect security
<xarph> d-i apt-setup/security_host string repo-01.mydomain.com
<xarph> d-i apt-setup/security_path string /ubuntu/12.04-x86_64
<jkitchen> oh, I don't use network console either, only when I need to inspect the running install
<xarph> I just bump over to a vtty
<xarph> though that was its own adventure if you're going to esxi via an rdp session as I fount out on friday --;
<smoser> rbasak, around ?
<apes> I have some configs in /etc/network/interfaces.d/vips.conf that don't seem to be loaded on reboot. I'm running 12.04 LTS. Any advice?
<izanagisan> hi all
<izanagisan> booted a LiveCD of Ubuntu Desktop onn an IBM X5630 server with a Debian installation that just failed
<izanagisan> I want to backup its data
<izanagisan> so I guess I have to mount the discs
<izanagisan> yay! it worked
<RoyK> izanagisan: how did it fail?
<halvors> Hi! I'm trying to setup my isc-dhcp-server to serve these following subnets: 10.0.10.0/24, 10.0.20.0/24, 10.0.30.0/24 and 10.0.40.0/24. But for security reasons we want to run it on the ip address 192.168.0.2 which is another subnet, no problem! We use intervlan routing and DHCP Relay so no worry. But i ran into the error that it couldn't listen onn any interface that it doesn't have a subnet declaration for... Why? Anyway to
<Fire> Anyone got 2 mins to help me with a small bind issue
<xarph> halvors: add an empty definition for 192.168.0.2
<halvors> That actually works?
<adam_g> zul, hows it going with keystone + neutron?
<halvors> <xarph> Does it work to just declare a dummy subnet?
<zul> adam_g:  keystone is nearly done neutron as well
<adam_g> cool
<zul> adam_g:  just nagging people about oauth2
<adam_g> zul, whats up with oauth2?
<zul> adam_g:  its blocked on a security review
<zul> and the MIR guys want us to use oauthlib as well
<adam_g> zul, oh, is a keystone dependency now or something?
<zul> adam_g:  yep
<xarph> halvors: yes
#ubuntu-server 2013-09-10
<bluebie> I'm having a really difficult time getting amavis (mail filtering thing) to add spam status headers to incoming mail - though it does add virus checking headers. I've been googling tons and trying everything I can find but nothing seems to change it. Any tips on debugging amavis problems?
<bluebie> I can get it to discard or bounce spam, but I just can't get it to tag it.
<warzauwynn> bluebie: did you ask in #amavis ?
<bluebie> ah I should!
<zul> adam_g: just doing a test build of neutron here before doing a merge request
<zul> adam_g: i added neutron-vpn-plugin-agent and neutron-metering-plugin-agent
<adam_g> k
<izanagisan> what deleted files recovery software would you recommend me to use?
<izanagisan> on a LiveCD boot I'm on trying to recover files from a mounted disk
<sarnold> izanagisan: I've successfully used autopsy / the sleuth kit to recover deleted files.
<izanagisan> sarnold: thanks!
<sarnold> izanagisan: for ext2-specifically, there are also e2undel recover packages, and for ext3, ext4, extundelete.  magicrescue doesn't mention specific filesystems, it might work for contiguous files regardless of filesystem type, but if the files are broken apart a bit, it might not do as well. depends...
<izanagisan> I tried installing foremost but Ubuntu 13.04 doesn't seem to have the package
<izanagisan> I'm on a LiveCD so...
<sarnold> oh, cool, thanks :)
<sarnold> izanagisan: I'd hope you could install any package, to the extent of available memory to hold the data...
<izanagisan> sarnold: I'm checking autopsy but it says it's a windows installer
<sarnold> izanagisan: http://www.sleuthkit.org/autopsy/v2/
<izanagisan> it's HTML based??
<sarnold> yeah
<izanagisan> wow
<sarnold> feel free to just use the sleuth kit if you don't care for the frontend :)
<sarnold> .. or don't have the memory for the whole thing
<izanagisan> well I'm on a Ubuntu-Desktop live CD actually
<izanagisan> and it's a server with 4GB RAM
<izanagisan> but I'm still not sure I understand how to use the thing
<izanagisan> sorry to be this obtuse: I have a headache the size of Japan
<izanagisan> been all day standing in the server room trying to fix a Debian machine from which some /etc/ files were deleted
<izanagisan> sarnold: could you give me some general idea of what must I unzip/install on Ubuntu to use it?
<sarnold> izanagisan: hrm, the /usr/share/doc/autopsy/README.txt.gz gives me the impression it might only work if you can import a 'dd' image. the workflow may not be great if you can't import a dd...
<sarnold> izanagisan: normally, just apt-get install autopsy, it should take care of all dependencies
<izanagisan> sarnold: unable to find package
<izanagisan> UbuntuDesktop 13.04
<sarnold> izanagisan: does /etc/apt/sources.list include universe? have you run 'apt-get update' in this boot?
<izanagisan> nope
<izanagisan> will run and tell you
<izanagisan> updated
<izanagisan> the /etc/apt/sources.list is a rather slim file
<izanagisan> says it's from CD.ROM and restricted
<sarnold> ah!
<izanagisan> how do I add the correct repo?
<izanagisan> I do have Ubuntu desktop and server installed on several PCs and servers
<izanagisan> but the machine with the HDD where I want to restore files is this one
<sarnold> izanagisan: here's my binary raring sources: http://paste.ubuntu.com/6086140/
<izanagisan> thanks!
<sarnold> izanagisan: good luck, time for me to bail, hope you can sort it out quickly enough
<izanagisan> sarnold; awesome
<izanagisan> was able to isntall extundelete which got me 90% of my files
<izanagisan> going to use Autopsy
<izanagisan> do I HAVE to make a disk image to use Autopsy
<izanagisan> or can I use it to recover files directly over something like /dev/sda1 ?
<drAvanti> hello all,
<drAvanti> Im trying to install Diaspora on my server. can anyone help me out
<greppy> drAvanti: I thought diaspora was dead since the lead dev commited suicide...
<drAvanti> greppy, well
<drAvanti> im following this tutorial(https://wiki.diasporafoundation.org/Installation/Ubuntu/Precise?db=postgres&mode=production#Reverse_proxy)
<drAvanti> im at the reverse proxy section and it links to (https://gist.github.com/MrZYX/719014). My question is, do I replace my apache2.conf with this file?
<greppy> drAvanti: that is just a virtualhost definition, you don't have to replace your existing config, but if you aren't doing anything else with apache, you can.
<yolanda> adam_g, zul: https://code.launchpad.net/~yolanda.robla/neutron/autopkgtests/+merge/183451
<hXm> hi
<hXm> i installed cups and I want to install a printer, how to? thanks to the firewalls I can't access to the port 631
<wsk233> does anyone know why my make is failing http://pastebin.com/jESpUztK
<bananapie> can anyone tell me if I can use iptables to filter IP traffic crossing an ethernet bridge?
<bananapie> the ethernet bridge has no IP address and the bridge doesn't do routing.
<wsk233> does anyone know why my make is failing http://pastebin.com/jESpUztK
<bananapie> did you run apt-get build-dep php5 ?
<bananapie> wsk233 : did you run apt-get build-dep php5 ?
<wsk233> no i did not
<wsk233> but i installed php by compiling it myself
<bananapie> ok
<wsk233> i didnt used the ubuntu repository
<wsk233> so i dont know if i still need to do that
<bananapie> if you run that command, it'll install all the dependencies you need to compile php, even if you are not using the sources from the repository
<wsk233> well i already compiled php and php is working just fine
<bananapie> wsk233, what is the output of dpkg -l | grep memcache ?
<wsk233> its memcached where it goes wrong
<wsk233> http://pastebin.com/vbmRirre
<bananapie> wsk233, what is the output of dpkg -l | grep memcache ?
<wsk233> i posted the output in the pastebin
<geser> check if your memcache include files mention the missing type (looks like you installed memcache yourself too)
<bananapie> thanks
<bananapie> apt-get install libmemcache-dev
<wsk233> i runned that command
<wsk233> but still pecl shows me the same error
<bananapie> rerun your configure, make clean and make
<wsk233> okay so fure make clean then configure and then make?
<bananapie> yea
<bananapie> make clean && ./configure && make
<wsk233> of my libmemcache or ?
<bananapie> wait
<bananapie> did you compile libmemcache yourself?
<wsk233> yes i did
<bananapie> ok
<bananapie> nevermind, I can't help you
<bananapie> I've never compiled libmemcache myself, maybe someone else here could help
<wsk233> well i also did an apt-get install libmemcache
<bananapie> yes, but you need the dev package which is libmemcache-dev if you want to compile against it.
<bananapie> but if you have both a package and a compiled version of the same package, you will have lots of problems...
<wsk233> i can do make uninstall libmemcache
<bananapie> ok
<bananapie> afterwards, install libmemcache-dev
<wsk233> okay thats done
<bananapie> wsk233 : why are you compiling php ? Why not use the package ?
<wsk233> i did make uninstall apt-get remove --purge libmemcache-dev afterwards apt-ger install -f libmemcache-dev just to be sure thats its all clean
<wsk233> because we use php 5.4.19
<bananapie> ok
<bananapie> so now return ./configure
<wsk233> what do i need to configure?
<bananapie> so now rerun ./configure in your php sources folder *
<wsk233> php?
<bananapie> cd /usr/lib/yourphpsource; ./configure
<wsk233> ah okay but why i need to recompile php?
<wsk233> memcached is a compleety seperate module right?
<bananapie> hang on a minute I think I might have misread your pastebin
<wsk233> sure thanks you
<bananapie> :$ my bad
<bananapie> I misread the configure :(
<bananapie> I feel stupid.
<bananapie> ignore everythng I said let's start over
<wsk233> no problem :)
<wsk233> okay
<bananapie> I have a cold, it makes it harder to concentrate
<wsk233> ah okay
<bananapie> Is this the same issue you are having ? https://bugs.php.net/bug.php?id=65134
<wsk233> hmm not entire sure
<wsk233> but it looks like it
<bananapie> k
<wsk233> only this gives alot more errors then i have
<wsk233> so thats why i sad not entirely sure
<bananapie> wsk233 Sorry, I am not sure what to do.
<wsk233> now it shows me this http://pastebin.com/8vmbuwn2
<bananapie> Did you reinstall libmemcache-dev or redo make install on your libmemcache sources ?
<wsk233> reinstall libmemcache-dev
<bananapie> ok
<wsk233> but it loosk liek its unable to find them
<bananapie> wsk233, what is the output of dpkg -l | grep memcache ?
<soahccc> Hey can anyone recommend amon (https://amon.cx/) for monitoring or have any opinion about it? It seems to good to be that "unknown".
<bananapie> can you rerun this command and post it ?
<wsk233> the pecl command?
<wsk233> or the apt-get command?
<bananapie> dpkg -l | grep memcache
<wsk233> http://pastebin.com/Dng5VyfA
<bananapie> ok
<greppy> soahccc: never heard of it, but there are enough free options out there that I can't see spending $40 to monitor my gear.
<soahccc> greppy: can you recommend something similar (similar means appealing interface, easy to use, no php dependency and easy to configure (gui))? I only found payed and or hosted solutions
<wsk233> bananapie so what should i do next
<bananapie> I don't know, sorry. :(
<greppy> soahccc: I don't do much with a gui, but xymon ( used to be hobbit, used to be bigbrother ) is pretty easy to setup.
<greppy> soahccc: but if you really need to have a gui and want it to be really easy, then yes, you will probably have to pay someone.
<soahccc> I don't have a problem with paying someone but the solutions are mostly not that what I want them to be :D amon looks pretty good so far but it lacks some simple checks like "does page xy contains the string X and respond within time y"
<soahccc> or "can I login into FTP xy" because we have FTPs which are refusing connections while appearing correctly operating
<wsk233> bananapie i think its the bug
<zul> ScottK:  https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1223342
<uvirtbot> Launchpad bug 1223342 in neutron "[FFE] neutron-vpn-agent and neutron-metering-agent" [Undecided,New]
<bkfitz> Anyone here have experience setting up an sftp batch script from windows to linux using passwordless auth (keys)?
<greppy> bkfitz: you can do it using the tools from putty. pscp psftp pagent, puttygen
<bkfitz> greppy, yeah i have psftp and it works fine when typing the password, but you can't put the pw into the bat file... so i think i'm forced to use key based auth... just not sure how to do that
<greppy> yes, you are.
<bkfitz> greppy, is it basically 1. create key using puttygen, 2. copy key to linux server (but where?), 3. tell psftp to use key to auth
<greppy> create a key using puttygen, either with a password and use pagent, or passwordless.
<bkfitz> greppy, so you can have a passwordless key or a key generated with a password? huh... so after i generate the key w/ pw using puttygen, then i copy it to linux?
<greppy> when you create the key, there is a text box with the openssh text that you need to put into your ~/.ssh/authorized_keys file on the linux host.
<greppy> make sure when you paste it into that file that it is all on one line, it's going to be long, so may wrap depending on your editor/terminal settings.
<bkfitz> greppy, ~/.ssh doesn't seem to exist
<bkfitz> greppy, yes I'm ls -la under ~ or /root/
<bkfitz> greppy, apparently there is a utility called ssh-copy-id???
<greppy> bkfitz: so mkdir ~/.ssh
<greppy> and then create ~/.ssh/authorized_keys
<bkfitz> greppy, ok... just wanted to make sure it wasn't somewhere else in the ubuntu distro
<bkfitz> greppy, thx for the direction... i'll keep diggin... have a 10am meeting i have to attend.
<rbasak> smoser: sorry, I wasn't.
<smoser> rbasak, :). no worries. i dont know if i typed or not . but my question was about 'filter' into the basicmirror.
<smoser> you didn't move it up there. so i also didn't.
<smoser> i just put 'filter' support into bin/sstream-mirror
<rbasak> smoser: I didn't really follow your thinking for the inheritence hierarchy, so I left it alone.
<zul> adam_g: http://people.canonical.com/~chucks/ca/
<smoser> rbasak, fair enough.
<zul> smb: i just uploaded xen and xen-api ill wait for them to build and then upload a new libvirt
<smb> zul, Sounds good. Except maybe... unfortunately this is rdepends hell... xen-api depends on libxen-ocal-dev which is produced by xen-api-libs which depends on libxen-dev...
<zul> gah
<smb> Not sure whether this means xen-api-libs also needs a no-change rebuild and then again xen-api... :(
<zul> you owe me tuns of beer for this :)
<smb> zul, Can I deduct that from the many ones you owe me for making me do work on this the first place? :)
<zul> i didnt make you do anything ;)
<smb> :-P
<smb> zul, Oh, actually it might be less of an issue... got confused of lib-xcp-ocaml-dev and libxen-ocaml-dev... But that probably means xen-api should have waited to build until xen has
<zul> smb: bah ill fix it up
<smb> zul, Thanks, must admit this is a bit of a nightmare to cope with. Maybe you are good as I changed the xen-utils build dependency in xen-api to xen-utils-4.3
<zul> ill keep an eye on it
<smb> zul, cool. thanks
<koolhead17> hallyn_:  around
<resno> So, I am mounting a directory is there a way to umount and not have that directory cleared out?
<sarnold> resno: what do you mean?
<adam_g> zul, what depends on python-lesscpy?
<zul> adam_g:  horizon, looked at the requirements.txt last night , i need to do a MIR as well
<hallyn_> zul: when you get a chance, would you mind pushing http://people.canonical.com/~serge/spice-overlap.debdiff to saucy?
<adam_g> i know horizon uses it now in place of node-less, but i haven't had a need to install it
<zul> adam_g:  openstack-infra people were asking for it as well
<adam_g> zul, you may be able to avoid it as a depends for horizon for now, in the same way we avoid node-less. lesscpy is a drop in replacement for that, but we ship the stuff with offline compression
<zul> ok ill have a look, ill bug mterry about python-troveclient as well
<adam_g> zul, those CA packages look okay. hold off on horizon tho until b3 goes to saucy. gonna upload it today with the python-troveclient depends/mismatch
<zul> adam_g:  ack
<zul> neutron is still in proposed because it failed an autopkgtest
<adam_g> zul, wheres the failure?
<zul> adam_g: https://jenkins.qa.ubuntu.com/view/Saucy/view/AutoPkgTest/job/saucy-adt-neutron/
<bkfitz> greppy, you still there
<sinclair> hi everyone
<oh_no__> in a routing / subnet bind. I cannot resolve anything by hostname on a different subnet, but can by IP. Would anyone mind helping me out? I'm traversing a FortiGate firewall, but my problem seems to be in DNS/routing.
<jibel> zul, neutron tests fails because python-neutron depends on  python-jsonrpclib  which is not in the archive
<zul> jibel:  wtf
<zul> jibel:  stupid arista plugin
<Lartza> How do I set a system-wide locale?
<Lartza> that persists a reboot of course
<sarnold> Lartza: see /etc/default/locale
<Lartza> sarnold, Finally got it, thanks
<stephenh> hello
<stephenh> where could i find hardy to install if it's no longer listed http://gb.archive.ubuntu.com/ubuntu/dists/ ?
<sarnold> stephenh: happy archaelogy :) http://old-releases.ubuntu.com/releases/
<stephenh> :P thanks !
<zul> adam_g: neutron tests have been fixed properly (needed a newer python-fixtures)
<adam_g> zul, cool
<adam_g> zul, you tracking the build failures in havana-staging?
<zul> yep
<jibel> zul, in neutron-2013.2~b3/debian/tests/neutron-daemons there is a typo: apt-get intall [...] instead of apt-get install
<RoyK>  
<rostam> Hi in what time frame 12.04 LTS updates are released? currently we are at update 3, when would update 4 will be released?  I am asking this because I need kernel version 3.9 which supports Intel Haswell chipset. Thx
<bekks> A new kernel major version will not be released during the lifetime of 12.04 without a very urgent cause.
<RoyK> rostam: 3.8 is in the repos
<RoyK> rostam: 3.9 probably won't be in 12.04
<qman__> if you need kernel 3.9 you will have to backport it; a PPA or other maintained source might exist, but it won't be in the main updates
<rostam> thanks
<qman__> that is an issue separate from the point releases, which last I checked were not on a hard schedule, and occur as needed
<rostam> qman__, what it takes to occur ?
<RoyK> rostam: google ubuntu 12.04.4
<qman__> the main purpose of the point releases is to fix show stopping bugs and add hardware support to the CD image
<RoyK> it's scheduled, but won't include a new major release of the kernel
<sarnold> won't there be a saucy-based 12.04 HWE stack at some point?
<adam_g> smoser, https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1223576  the plot thickens
<uvirtbot> Launchpad bug 1223576 in lvm2 "lvremove always fails on first attempt when removing snapshot" [Undecided,New]
#ubuntu-server 2013-09-11
<smoser>  adam_g nice.
<adam_g> smoser, hoping that is the source of my problems. the cinder issues i was hitting do not seem to happen if that bug is not affecting (precise)
<smoser> hm..
<zul> ScottK:  ping
<ScottK> zul: pong
<zul> ScottK:  https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1223342
<uvirtbot> Launchpad bug 1223342 in neutron "[FFE] neutron-vpn-agent and neutron-metering-agent" [Undecided,New]
<ScottK> zul: I'm unlikely to have time for New before the weekend.
<crass> are the mount points in fstab mounted in parallel?
<crass> if so, is there a way to specify dependencies?
<rostam> Hi what is alternate Ubuntu CD? is this a different than for example Ubuntu server? thx
<smb> jamespage, Morning, when you are around, can you help me to figure out whether recent jenkins fails in nova-compute are related to xen and if yes, why?
<gartral> hello all, i'm in a conundrum, I have a fairly nice server for what it is, and it's been spending a good deal of time at about 8-13 load.. I can't figure out why, the CPUs aren't bogged... the Ram is hardly swapping meaning the disk isn't thrashing, and even the dual-gigabit net link isn't saturated.. can someone give me some pointers here?
<njuergens> gartral, you could use 'ps ax' and look for processes that are permanently in R or D state
<rbasak> hallyn_, jdstrand: can you help me with libvirt apparmor and backing store support in Precise? If I create an instance that uses a backing store, then apparmor denies me. I think I@ve tracked it down to this commit, which isn't in Precise (Saucy works fine). What do you think about an SRU? http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=2aca94bfd3691c492ce4b6e7f1dd73342774fefd
<rbasak> Or is there something else I can do instead?
<jdstrand> rbasak: I'll let hallyn_ comment on the SRU. that patch should be fine but might have to be adjusted for precise's libvirt
<jdstrand> rbasak: that said, I'll mention that is more of a feature than a bug fix
<jdstrand> rbasak: at least imo
<rbasak> jdstrand: thanks. Yeah I agree that the bug/feature thing is a bit dubious.
<rbasak> From virt-aa-helper's view it's clearly a feature. From a holistic view I'm not sure, since libvirt has the functionality which the apparmor support "breaks"
<rbasak> The problem for me is that I want backing stores to work for the cloud tooling that we want functional on Precise.
<rbasak> smoser: ^^
<rbasak> A workaround is to disable apparmor for libvirt altogether, which isn't great.
<rbasak> Or perhaps a replacement virt-aa-helper under another name, and reconfigure libvirt to use that.
<smoser> rbasak, i'm kind of confused.
<smoser> whatdoes openstaack do on presee.
<rbasak> smoser: good question. No idea!
<smoser> and how is a patch sent upstream by an ubuntu developer in 2010 not in 12.04?
<rbasak> Not use backing stores, I guess?
<jdstrand> rbasak: disabling apparmor is not a viable workaround. it is critical to our security story for fully virtualized cloud guests
<smoser> openstack definitely does use qcow2 , or at least can be configured to do so. i think it is actually even default.
<smoser> rbasak, are you sure its not jut that you're calling it raw and it is actually a qcow ?
<rbasak> jdstrand: right, agreed. I meant on a per-user basis who wants to use this specific tooling on precise for development or something. I wouldn't want to recommend doing that in production.
<jdstrand> it is. I don't think it uses backing stores by default
<smoser> https://bugs.launchpad.net/nova/+bug/837102
<uvirtbot> Launchpad bug 837102 in nova "nova writes libvirt xml 'driver_type' based only on FLAGS.use_cow_images" [Low,Fix released]
<smoser> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/470636
<uvirtbot> Launchpad bug 470636 in libvirt "AppArmor security driver does not support backingstore" [Medium,Fix released]
<rbasak> smoser: there is no mention of "backing" in src/security/* in 0.9.8-2ubuntu17.10
<jdstrand> oh, actually, I can't say if precise uses qcow2
 * rbasak looks at the bug
<rbasak> smoser, jdstrand: it does look like the patch made it into Lucid, but I'm not clear on what happened after that. In Lucid, it looks like a lot of the code was reverted/replaced by 9900-CVE-2010-2237-2238-2239.patch.
<uvirtbot> rbasak: Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2237)
<smoser> rbasak, your libvirt xml
<smoser> are you specifying that the disk is qcow ?
<smoser> if you're not, AA will (correctly) not allow it.
 * rbasak checks
<smoser> if you do specify it as qcow, then it will.
<rbasak> smoser: I'm specifying qcow
<rbasak> smoser: volume: http://paste.ubuntu.com/6092363/; instance: http://paste.ubuntu.com/6092366/
<rbasak> smoser: note that I think this works in Saucy
<smoser> rbasak, hm.. i'm not really sure. i'm 98% certain that on precise with libvirt and app armor you can use a qcow disk.
<smoser> but i dont know what 'volume' is in that respect.
<rbasak> smoser: use a qcow disk specifically with a backing store?
<smoser> i dont know what "backing store" is.
<smoser> but yes, specifically this works:
<smoser> qemu-img create -f qcow2 -b original-disk.img my-delta.img
<rbasak> That's slightly different to what I'm doing.
<smoser> libvirt.... with 'my-delta.img' specified as a disk.
<smoser> right.
<smoser> you're (i thikn) asking libvirt to do that for you?
<rbasak> Right.
<smoser> maybe just dont do that and do it yourself.
<smoser> which is what openstack does.
<smoser> it creates the qemu disk backed by a another
<smoser> and then tells libvirt to use that created disk.
<rbasak> That would be pretty messy and involve a pretty big refactoring. libvirt provides a tidy API that works on Saucy :-(
<rbasak> The metadata about the connections between volumes can be held in the libvirt XML then, too. THat makes deleting volumes easier.
<rbasak> I don't like it although I accept that is one solution.
<smoser> rbasak, well, sru seems the only other option.
 * rbasak is investigating a third idea
<smoser> which would seem to me to be low regression likelyhood, as its just (securely) allowing somethign that awasn't allowed before.
<rbasak> jdstrand: echo '/var/lib/ubuntu-cloud/libvirt/images/* r,' >> /etc/apparmor.d/abstractions fixes the issue for me, and will work for all my use cases. Would you consider this secure, and is there a way my package could drop this in in a pluggable way?
<rbasak> (my package manages that directory)
<smoser> rbasak, are you able to add stuff into /etc/apparmor.d/libvirt ?
<smoser> ah. or local/usr.sbin.libvirtd
<rbasak> smoser: those are generated though. Only TEMPLATE is not.
<rbasak> Putting something in local/ might violate policy I think
<rbasak> Hence the question
<rbasak> I'll also need to ensure that the directory only contains official images, and put the rw instance disk images elsewhere.
<rbasak> I'm bundling both in the same place right now, and then instances could read each others' disks (with some kind of qemu exploit), which would be bad.
<smoser>  rbasak /etc/apparmor.d/abstractions is a file, no?
<smoser> err. is a directory
<rbasak> smoser: sorry. I meant /etc/apparmor.d/abstractions/libvirt-qemu.
<rbasak> TEMPLATE includes that file.
<smoser> i'd just violate policy on the 12.04 backport.
<smoser> if in fact that violates policy.
<rbasak> I'm not sure it'll work though
<smoser> oh. i thought you said it would.
<rbasak> usr.sbin.libvirtd is the wrong file.
<smoser> really?
<smoser> what file is it ?
<rbasak> The generated ones in /etc/apparmor.d/libvirt/
<rbasak> I think.
<rbasak> Those are per-instance (ie. per-qemu-process)
<hallyn_> rbasak: well /var/lib/ubuntu-cloud/libvirt/images/* r,' >> /etc/apparmor.d/abstractions/libvirt-qemu will mean that all instances,
<hallyn_> if escaped, will be able to read all other isntances' data,
<smoser> well, no.
<smoser> because he'd only put raw images there.
<smoser> so they'd be able to read their backing store or other stuff they could have just downloaded from http://cloud-images.ubuntu..com
<rbasak> hallyn_: right now, that's true. However, I can arrange for instances to have their main disk images in a different directory, and for that directory to contain only official Ubuntu cloud images, which are public.
<hallyn_> assuming you mean raw vs qcow, what diff does that maek?
<hallyn_> ah
<rbasak> (since in my case the backing stores only need to be read-only public cloud images)
<hallyn_> then that sounds good.
<hallyn_> but, does http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=2aca94bfd3691c492ce4b6e7f1dd73342774fefd also fix the issue for you?
<smoser> rbasak, you could put your files in a subdirectory of that if you wanted.
<smoser> if you dont wildcard '**' then subdirs are restricted.
<rbasak> I'm not sure if that patch fixes it. I've not tried yet - wanted to discuss first.
<rbasak> smoser: I'm not sure that libvirt's API supports volume pool subdirectores like that, but I'll check - thanks.
<rbasak> hallyn_: in particular I'm now concerned to understand why a security update seems to have reverted most of that patch in Lucid. And it doesn't appear present in Precise, but is in Saucy. So I'm quite confused about that patch now.
<smb> zul, If you are around. There seems to be something wrong with the nova-compute jenkins tests, not sure this is related to the xen upload. I am not bright enough to make any sense of the output
<zul> smb: yeah i saw that its on the list today
<smb> zul, Ok, let me know it it is related.
<jdstrand> rbasak: re /var/lib/ubuntu-cloud/libvirt/images/* r> no that is not secure because right now we have vm isolation. anything that was in /var/lib/ubuntu-cloud/libvirt/images/ would be available to all VMs, which would break that isolation
<rbasak> jdstrand: right, but I'm suggesting that I limit that directory to published Ubuntu cloud images only, which are the only things I need as backing stores.
<rbasak> I might rename the directory to make it clearer I guess. "public" perhaps.
<rbasak> Or images/public
<jdstrand> rbasak: I don't understand what isn't working. the security update didn't revert this-- the xml just has to has to to specify the type. eg <driver name='qemu' type='qcow2'/>
<jdstrand> rbasak: and I wrote a tool that would migrate people automatically
<jdstrand> as part of the security update
<rbasak> jdstrand: I'm doing that. See http://paste.ubuntu.com/6092366/ for my instance definition.
<rbasak> jdstrand: the volume definition is: http://paste.ubuntu.com/6092363/
<rbasak> jdstrand: it might be that I'm doing this a little differently from openstack and what direct qemu users might do. I'm doing everything through the libvirt API.
<jdstrand> rbasak: what is the apparmor denial?
<rbasak> jdstrand: type=1400 audit(1378904893.099:36): apparmor="DENIED" operation="open" parent=1 profile="libvirt-a9ffce69-5593-9a1a-4f8d-60995f9dad8d" name="/var/lib/ubuntu-cloud/libvirt/images/Y29tLnVidW50dS5jbG91ZDpzZXJ2ZXI6MTIuMDQ6YW1kNjQgMjAxMzA5MDk=" pid=18276 comm="kvm" requested_mask="r" denied_mask="r" fsuid=106 ouid=106
<rostam> HI is the toolchain version has changed from LTS 12.04 to LTS 12.03 update 3?thx
<rbasak> The code that creates the volume is: http://pastebin.ubuntu.com/6092576/
<jdstrand> rbasak: can you paste the output of: qemu-img info /var/lib/ubuntu-cloud/libvirt/images/foo ; qemu-img info /var/lib/ubuntu-cloud/libvirt/images/Y29tLnVidW50dS5jbG91ZDpzZXJ2ZXI6MTIuMDQ6YW1kNjQgMjAxMzA5MDk=
<jdstrand> rbasak: I have to go to a meeting
<rbasak> jdstrand: will do, and I'll leave you a message here. THanks.
<jdstrand> rbasak: actually, I'm back
<rbasak> jdstrand: http://pastebin.ubuntu.com/6092619/
<rbasak> That was a quick meeting :)
<rbasak> jdstrand: a thought. smoser pointed out that I'm not decompressing the downloaded backing image, and that I should because it hurts performance. That's in my backlog. But everything works transparently. That isn't going to influence the code that looks at the backing volume, is it?
<rbasak> (everything apart from this apparmor issue, that is!)
<jdstrand> I wouldn't think so, but all that is abstracted away from the apparmor driver
<rbasak> OK
<rbasak> This issue didn't affect me in more recent releases, btw.
<smoser> rbasak, no.
<jdstrand> rbasak: oh, which was the first release it worked on?
<rbasak> jdstrand: currently unknown :-(
<rbasak> There are many moving bits to the code I've written, so it's a bit awkward to test. If you need to know I can reduce everything to a much smaller test ase.
<jdstrand> I would like to know. I am trying a reduced test case now
<halvors> Hi! I'm trying to setup bind to override the domain "infected.no", I have to add a few local records. But i still need to be able to resolve the actual website. Can i do this in bind?
 * rbasak uses the tool we're trying to fix to quickly fire up some test instances
<rbasak> halvors: look up bind "views". You can maintain a separate local copy of some particular zone. A warning though: it can lead to considerable confusion to run things that way.
<jdstrand> rbasak: ok, precise works with a simple qcow2 with backing store: http://paste.ubuntu.com/6092737/
<jdstrand> rbasak: ie, just using qemu-img and not the volume xml
 * jdstrand now tries with volume xml
<mibofra> hi, I'm a vps running ubuntu. Initially it ran ubuntu 12.10; after I've upgraded it to the 13.04. Anyway the image of the vps by default mount a 2.6 version of linux. I've tried to update it to the latest on raring (3.8) but I get this error: http://paste.ubuntu.com/6092777/ . I think that I can't upgrade the kernel for the particular setup of grub on a vps... so are there any other way to upgrade the kernel?
<rbasak> jdstrand: I did http://pastebin.ubuntu.com/6092801/ by hand. I see: "2013-09-11 14:50:43.236+0000: 11812: warning : virDomainDiskDefForeachPath:13244 : Ignoring open failure on /var/lib/libvirt/images/foo: Permission denied"
<rbasak> jdstrand: virt-aa-helper with sudo works. So is the problem that libvirt-aa-helper can't read that file so doesn't find out about the backing volume?
<rbasak> mibofra: are you running an official Ubuntu image, or something that's modified by your VPS provider that isn't really Ubuntu? I see no reason why /usr/share/initramfs-tools/hooks/fixrtc should fail except perhaps if something like /sbin/hwclock has been removed on your system.
<mibofra> no the executable is under /sbin/ as usual
<rbasak> Is your disk full?
<mibofra> on line 1010 (of the script) there is this: system ("run-parts --verbose --exit-on-error --arg=$version " . No the disk isn't full
<mibofra> I've all the necessary space
<rbasak> Are you sure? HOw much space is that?
<mibofra> rbasak, Filesystem        1K-blocks    Used Available Use% Mounted on
<mibofra> /dev/ploop13128p1  10319140 2094284   7700672  22% /
<rbasak> OK I agree that sounds OK
<jdstrand> rbasak: aha!
<mibofra> Linux spf-virtualserver 2.6.32-042stab079.5 #1 SMP Fri Aug 2 17:16:15 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux the actual kernel
<jdstrand> rbasak: actually, no. that is a harmless error
<jdstrand> rbasak: the output from virt-aa-helper should be the same there
<rbasak> jdstrand: it's not. When I run without sudo, I don't see the backing file. When I run with sudo, I do.
<jdstrand> rbasak: oh, right, cause it can't inspect the qcow2
<rbasak> Right
<jdstrand> rbasak: but virt-aa-helper runs as root, so that shouldn't be the case
<jdstrand> rbasak: s/case/problem/
<rbasak> jdstrand: it has its own apparmor profile though, doesn't it?
<jdstrand> rbasak: it does, but sudo wouldn't make it suddenly work
<rbasak> THis time I used a standard location (/var/lib/libvirt/images/) for the volume image, too.
<rbasak> Perhaps it doesn't work in the non-standard location for that reason?
<jdstrand> rbasak: are there any apparmor denials?
<zul> adam_g: http://people.canonical.com/~chucks/ca/ (a newer webtest is needed for ceilometer)
<rbasak> jdstrand: yes. I think that's it. I apologise for not spotting this earlier - I was only pasting the most recent denial without checking timestamps, assuming that was the only one. It looks like there are denials for virt-aa-helper preceding them.
<jdstrand> rbasak: can you paste the apparmor denial?
<rbasak> jdstrand: eg: Sep 11 13:08:12 ubuntu-cloud2 kernel: [504847.014007] type=1400 audit(1378904892
<rbasak> .811:31): apparmor="DENIED" operation="open" parent=18180 profile="/usr/lib/libv
<rbasak> irt/virt-aa-helper" name="/var/lib/ubuntu-cloud/libvirt/images/foo" pid=18263 co
<rbasak> mm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
<rbasak> But I want to check that it's the correct case.
<jdstrand> rbasak: ok, add to /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper:
<jdstrand> /var/lib/ubuntu-cloud/libvirt/images/* r,
<jdstrand> then do: sudo apparmor_parser -r /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper
<jdstrand> and try again
<rbasak> Right, will do.
<jdstrand> rbasak: that change is totally appropriate
<rbasak> (I just want to catch up with my test instance first, since I think I need to destroy that)
<jdstrand> you can see we have accesses for libvirt, nova, eucalyptus, etc
 * rbasak removes his previous workarounds
<jdstrand> rbasak: interestingly, if you used /var/lib/ubuntu-cloud/libvirt/images/foo.qcow2, it also would have worked
<jdstrand>   /**.qcow{,2} r,
<mibofra> guys where is normally located dumpe2fs ?
<rbasak> jdstrand: success! Thank you!
<jdstrand> rbasak: so, you should be able to change the virt-aa-helper profile back to the original and generate your filenames to use .qcow2 and it should also work
<rbasak> jdstrand: sorry I didn't spot the previous apparmor denial. That would have saved much wasted time. There were some other messages about qemu network bridges starting up in the middle, and I had assumed that the earlier denials were from a previous attempt rather than reading them through more carefully.
<jdstrand> ok
<jdstrand> no worries
<mibofra> guys :D ?
<rbasak> jdstrand: yeah. I think I'll do that to save having to modify stuff in precise
<rbasak> jdstrand: many thanks for your help. I owe you much beer.
<mibofra> ok rbasak there is something mad
<mibofra> there isn't dumpe2fs on the system
<mibofra> fixrtc use both dumpe2fs and hwclock
<rbasak> mibofra: e2fsprogs provides dumpe2fs. Try installing that. It should be installed already because it's marked "essential".
<mibofra> thanks
<toabctl> hi
<toabctl> there's a getenv call in the postinst of python-cinder (see http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/cinder/saucy/view/head:/debian/cinder-common.postinst#L4)
<toabctl> where does this command come from?
<rbasak> toabctl: that looks like a bug to me. I think it should be "getent".
<rbasak> zul: ^^
<mibofra> ok rbasak now the kernel was upgraded successfully... I wonder why the tool wasn't installed in the image yet...
<rbasak> mibofra: sounds like a broken image. Where did it come from?
<zul> toabctl:  crap please open up a bug in launchpad please
<mibofra> rbasak, I think form the provider of the vps
<adam_g> zul, +1
<rbasak> mibofra: please could you take it up with them? I don't mean to just fob you off - I'm concerned that others will have the same problem.
<rbasak> mibofra: they should not be calling their own constructed image "Ubuntu" either.
<rbasak> mibofra: exactly because of quality problems like this.
<mibofra> omg
<mibofra> rbasak, I've rebooted the vps
<mibofra> but it rebooted with the same kernel version
<mibofra> Linux spf-virtualserver 2.6.32-042stab079.5 #1 SMP Fri Aug 2 17:16:15 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
<rbasak> mibofra: sounds like they're booting their own kernel from outside your VM.
<utlemming> mibofra: on vps that use their own kernel, we've see issues where apparmor is not compatabile
<rbasak> utlemming: also they're not shipping e2fsprogs, which is an essential package that should be installed on all Ubuntu systems, and thus breaks initramfs-tools, which causes kernel updates to fail.
<utlemming> yikes...what is the vps?
<rbasak> (regardless of whether the kenrel updates work or not)
<mibofra> so I've to re-make the image more or less xD
<mibofra> upgrading and adding software
<mibofra> really nice
<utlemming> rbasak: its an openvz setup
<crass> anyone know if dm devices can be used for a uswsusp resume device?
<zul> sarnold: ping
<cekimogloy> Hello. I have an ubuntu 10.04 server with a 300 mb boot partition and it is using 90% of space. how do I get rid of the old kernels in it without messing somethign up?
<cekimogloy> currently I have from 2.6.32-21 to 2.6.32-51 in there
<cekimogloy> I tried to use dpkg --list | grep kernel-image but it doesn't list anything
<sarnold> cekimogloy: | linux-  instead
<cekimogloy> thanks
<cekimogloy> clear
<genii> If you're using drivers which use dkms might want to remove the linux-headers for the old ones as well
<crass> cekimogloy: you could try (more) compression on your initrds also
<gholms> smoser: You around?
<smoser> hey.
<smoser> long time.
<gholms> Yeah!  Sorry for the long silence; I've been buried in euca2ools 3 work.  :-\
<gholms> I'm looking into using simplestreams as a new back end for eustore stuff, but I'm having trouble finding what actually generates the data it uses.
<gholms> What generates the data for stuff like cloud-images.u.c?
<utlemming> gholms: which data?
<gholms> http://cloud-images.ubuntu.com/releases/streams/v1/
<utlemming> gholms: look at lp:simplestreams
<gholms> Yes, I have been looking through that code.
<utlemming> gholms: the AWS and download code is public, the Azure has NDA bits
<gholms> Is that in the source tree and I'm just missing it or something?
<gholms> There's plenty of code that uses extant data, but precious little that actually writes it.
<gholms> tools/make-test-data does a little of that, but it looks like it's pretty much generating it all from the ground up.
<utlemming> gholms: for some, yes it is
<utlemming> gholms: give me a minute to look at the code...
<smoser> gholms, make exdata
<smoser> it scrapes / combines data from /query into simplestreams format.
<smoser> to create the aws and the download data.
<smoser> the other content_sources come from elsewhere.
<smoser> (liek azure and hp)
<gholms> Okay, so the process really does involve that.
<gholms> That's useful.
<smoser> gholms...
<smoser> thats one of those things that you think... well, this wont last long.
<smoser> but it lasted long
<gholms> Oh?
<smoser> oh. not simplestreams. the generation bit
<smoser> there that kind of scrapes other data.
<gholms> Ideally I just want to be able to have people dump a bunch of images and some metadata for each one into $dir using $layout and have things Just Work, so that seems similar in spirit.
<gartral> alright, I'm in a pickle, I have a headless server that was working fine earlier today, now when I try too SSH into it i get "ssh_exchange_identification: Connection closed by remote host
<gartral> "
<gartral> this is even happening when I try to bounce the connection off a machine from a friends house, not attached to my network x.x
<maxb> Time to power cycle it if you have no remote KVM or console capabilities
<gartral> maxb: I can't. the BMC isn't responding either and the power button lock is engaged, I'm locked out
<maxb> Time to phone someone up and get them to yank the power cable then
<gartral> maxb: short of tracing which of the 10 freaking power cables running through the cabinent I'm stuck
<gartral> nah, It's a server in my possesion and crontrol
<maxb> This is why it's important to use managed PDUs
<gartral> control*
 * gholms recommends labeling wires and managed PDUs
<gartral> gholms maxb I don't have a few hundred dollars for a managed PDU
<gholms> Do you have a few dollars for a roll of masking tape and a marker?  :)
<gartral> gholms: do, cat keeps chewing the tape off, not chewing the wire, just the tape
<gholms> Ouch.
<maxb> Servers and cats should not be mixed :-)
<gartral> I think she gets high off the adhesive
<gartral> oh she's a good kitty, I can have a comp open doing diagnostics, she looks at it, then walks away
<gholms> Sounds like what you need is a mini-rack with doors.
<sarnold> gartral: can you hook up a keyboard and blindly login, reboot?
<gartral> she made the mistake of sniffing a cpu fan once when she was a kitten, gave her a nice bloody nose, never wanted to put her face too close to a comp after that
<sarnold> aww poor kitty
<gartral> sarnold: tried that, just beeps when i hit keys
<gholms> Heh
<gartral> here's the screwed up part, my ZNC server is on this machine, which is connected to freenode, in turn whichi s how I'm talking to all of you, so I know it's not a kernel panic
<sarnold> gartral: oh, it beeps on keypresses? that feels like a seriously wedged machine, I'm used to seeing that when the keyboard buffer is stuffed full and nothing is handling keyboard presses..
<sarnold> gartral: Whaa?? wow.
<sarnold> gartral: does znc give you any command execute abilities?
<gartral> sarnold: only for ZNC, not the machine
<sarnold> gartral: normally that'd be a good thing.. hehe
<gartral> most of the websites and services are running, except for appearent SSH, ipmi, snmp, and webmin
<sarnold> ergh. webmin. I wonder if it is someone else's computer now.
<gartral> so yea, I'm stuck between a rock and a hard place here
<gartral> sarnold: there's no outside connection too webmin, it's completely in network on an out-of-band line
<sarnold> disabling sshd, impi, and snmp would probably draw undue attention pretty quickly, but someone might just do that to defend their new machine
<sarnold> gartral: ah, good, that's encouraging. :)
<gartral> and by out of band, I mean it's only accessably from a single network port, running from an un-bridged connection between my workstation and the server
<gartral> (I'm not dumb)
<gartral> i guess I'll pull power, see if that helps
<gartral> well I don't know what the hell happened, but I can log in now >.<
<sarnold> gartral: check the logs, it'll be worth finding out what happened..
<sarnold> my guess is OOM killer went nuts. but that's just a guess.
<gartral> sarnold: on a server with 8 gigs of ram? <.<
<gartral> err.. this is odd, now it's saying I have a read-only FS
<gholms> I've had that happen on servers with 32G of RAM when people weren't being careful.  ;)
<gartral> i gotta wonder if the HDD is dying
<gartral> sudo: unable to open /var/lib/sudo/name/6: Read-only file system; sudo: unable to execute /sbin/reboot: Input/output error
<gartral> brb again
<sarnold> gartral: yikes, good luck
<MoleMan2> I just ran a sudo apt-get upgrade and have just looked back, and have a screen full of various errors, all relating to read-only filesystems
<MoleMan2> I know this information is very vague and a bit useless, but any idea where to start troubleshooting aand fixing?
<gholms> Your stuff is all backed up, right?
<MoleMan2> Linux Ubuntu-Server 3.8.0-26-generic #38~precise2-Ubuntu
<MoleMan2> most of my important stuff yeah
<MoleMan2> its just a home server so most of it is more or less disposable anyway
<MoleMan2> (yes I am aware the first rule of everything is backups, but I currently can't even afford enough storage to keep my actual stuff, never mind full backups
<sarnold> MoleMan2: check dmesg, it might specify why the filesystem is read-only...
<MoleMan2> sarnold: http://pastebin.com/FeFKrvjb is the last chunk of info, I just had to guess at what is recent/useful though :/
<sarnold> MoleMan2: those numbers in square brackets are timestmps since boot, measured in seconds
<sarnold> MoleMan2: that paste covers less than a second of time, though it's hard to know exactly how far in the past it is.
<MoleMan2> yeah, comparing with syslog, that entire chunk was around Sep 12 00:26:45 which was presumably when everything froze
<sarnold> MoleMan2: "medium error" and "media error" look like bad news. it might be a dying drive, might just be a fussy controller / drive / driver that could be 'fixed' by a reboot.
<MoleMan2> as the last entry in syslog was Sep 12 00:26:46 Ubuntu-Server kernel: [975496.222453] type=1400 audit(1378942006.370:42): apparmor="STATUS" operation="profile_replace" name="/usr/sbin/tcpdump" pid=24281 comm="apparmor_parser", presumably due to read only
<MoleMan2> yeah, I just don't want to reboot if I don't have to as I won't be home for quite a while, so if it just fails to boot I'm stuck for a few weeks and won't be able to do anything :/
<MoleMan2> might I be able to just manually remount / change the mount to wr without a reboot, or is a reboot probably the best way to go?
<sarnold> MoleMan2: oh man. :/ it'd be best if it could run a fsck before coming back online. I wouldn't force to wr.
<MoleMan2> but yeah, I'd picked up on those bits as a read fail, possibly linked to a drive death,
<MoleMan2> hmm
<sarnold> MoleMan2: .. but with the data, i'd be worried about a fsck removing something you care about, too. not a great situation. :(
<gartral> arrgh! >.< I can't figure out why this server is barfing like this! 13.04  0:- 1:* 2:  3:  4:  5:                                                                                                    â¸904kB/s 53â¼ 1h53m 50C 8.18 2x2.4GHz 3.9G39% s1.9G0% 292G67% gareth@kitsunet 192.168.1.4 2013-09-11 19:56:13
<gartral> load shouldn't be this high, I have NOTHING running
#ubuntu-server 2013-09-12
<MoleMan2> errors=remount-ro sounds like a useful thing -_- will that run on any single disk read error?
<MoleMan2> gartral: I presume you've tried top / htop to check if you can see what is running causing the load?
<gartral> yes, htop show 20% CPU usage and less than 15% ram usage
<MoleMan2> sarnold: theres very little important data on it TBH, most of the stuff that matters are probably configs and scripts I could copy off
<sarnold> MoleMan2: ah, good. :)
<MoleMan2> the only other thing I'd need is a backup of my Quassel db for IRC, that could take a while though :p
<MoleMan2> everything else is 'media' on an external disk which I doubt will be affected, and is re-obtainable anyway :)
<gartral> sarnold: also, ignore that 50c, byobu isn't reporting the right temps
<MoleMan2> aargh, having VPN access would make this so much easier
 * MoleMan2 reboots his router, hoping that doesn't get any worse
<MoleMan2> oh wait, I can't. I can't access it without VPN to start with :(
<gholms> This sounds like a job for dial-up!
<gholms> Bah, wrong channel
<gholms> ...though I guess it's appropriate for this one as well.  >_>
<gholms> Sorry.
<MoleMan2> right, sarnold, I'll ask now for when I've finished copying whatever I can think of, would I be better trying to force and fsck now before I reboot, or just go for a reboot and pray it comes back up? :p
<MoleMan2> as the server is currently as good as useless anyway. so, I'll just grab some alcohol and forget about it if it all goes wrong
<sarnold> MoleMan2: I think reboot and pray
<MoleMan2> okay, thanks :)
<MoleMan2> I'm SO glad I'm the type of person that just goes for 'whatever's going to happen will happen, why bother worrying or stressing' :P
<sarnold> that helps :)
<MoleMan2> oh, thats good. I can't connect to PostGreSQL, backing that up could be fun then
<MoleMan2> screw it,
 * MoleMan2 reboots
 * MoleMan2 goes to get alcohol, and wait
<MoleMan2> con...conn... connection refused
<sarnold> refused? not timed out?
<MoleMan2> not timed out
<sarnold> well, okay, maybe it's still fscking.. no need to panic just yet..
<MoleMan2> getting a response to ping, but PuTTY is giving connection refused
<sarnold> wait, IP address, that means fsck should be done.
<MoleMan2> I'll just sit here and pretend its all fine
<MoleMan2> I don't seem to have rejoined IRC either
<MoleMan2> yeah, anything I try to connect with gives me connection refused. SSH, SFTP (yes, I know they're the same) FTP, HTTP generally can't connect...
<sarnold> damn :(
<MoleMan2> yeah
<MoleMan2> the annoying thing is, just about the only TimeSensitive thing I'd have been bothered about restoring is the db for IRC, as the longer thats down the more I miss from the backlog etc, but my backup is a few weeks old, and I couldn't connect to back it up earlier before I rebooted
<avoine> smoser: hey, I wanted to know if your lxc-clone-readme.sh patch are still working with the latest lxc version in the daily build ppa?
<uronu> how windows connect to ldap server without using samba? I tried pgina I can login with my ldap account but can't go through to the desktop(BSOD or Hang Up). Is there a correct configuration of pgina?
<avoine> because I've tried it and it looks like the extra arguments like --userdata are not pass to the ubuntu-cloud-prep hook
<avoine> smoser: nevermind I found my bug
<toabctl> zul: filled a bug report for the getenv/getent typo in debian/cinder-common.postinst (see lp:1224275)
<tibor> hello everyone. I just installed ubuntu 12.04 server on cloud service and wanted to make a JEOS installation. However the boot selection doesnt offer minimal install option as mentioned on ubuntu docs for JEOS. is that normal or do you suspect something wrong with the ISO?
<jpds> tibor: JEOS just been gone for a while.
<jpds> tibor: Usually an image on a cloud service will be as miniminal as it gets.
<tibor> ok great, thanks for the info
<tibor> does anyone have experience with debconf?
<tibor> im trying to do following             sudo debconf-set-selections <<< 'backup-manager	backup-manager upload-dir string /var/archives/uploads'
<tibor> it sets the settings
<tibor> but at apt-get install  it doesnt respect the value
<foo357> Hello, I have a ubuntu server which is having some troubles due to having a full boot sector. Doing updates with apt-get can't be done.
<tibor_> yes, would have to clean unused packages from boot sector
<tibor_> http://ubuntuforums.org/showthread.php?t=1435818
<tibor_> last line
<tibor_> or here the first answer http://askubuntu.com/questions/2793/how-do-i-to-remove-or-hide-old-kernel-versions-to-clean-up-the-boot-menu
<RockinRoel> I've been told on #ubuntu-bugs that this would be a good place to find a sponsor to merge the fix for this bug? https://bugs.launchpad.net/ubuntu/precise/+source/openldap/+bug/1216650
<uvirtbot> Launchpad bug 1216650 in openldap "slapd crashed with SIGSEGV in lutil_str2bin() when using mdb" [Medium,In progress]
<foo357> I've got these linux image headers installed: http://pastebin.com/kd445GZj
<foo357> How can I find out which ones are used?
<tibor> uname -r
<tibor> or you do it automatic
<tibor> dpkg --get-selections|grep 'linux-image*'|awk '{print $1}'|egrep -v "linux-image-$(uname -r)|linux-image-generic" |while read n;do apt-get -y remove $n;done
<foo357> tibor: ok, if I try to remove them through apt-get it complains about this: http://justpaste.it/ck4c should I just force it to continue?
<tibor> yes go with apt-get -f install
<tibor> ah but you probably cant run it because of lack of space
<foo357> tibor: yes it fails, and adding --force-yes has no effect
<foo357> tibor: can I somehow make it ignore those packages? "linux-server : Depends: linux-headers-server (= 3.2.0.43.51) but 3.2.0.53.63 is to be installed"
<foo357> tibor: looks like the only option is to do some dirty manual removal
<tibor> no you must remove it
<tibor> did you try other suggestions from the links i posted?
<foo357> tibor: maybe I can move the files of some old image header manually to free up enough space so that apt-get can do it's job sucessfully
<tibor> both is fine
<tibor> but manually removal doesnt change the grub settings and it will crash on reboot
<foo357> tibor: all suggestions I see are using apt-get to remove stuff, but apt-get can't do anthing.
<tibor> try apt-get autoremove (cleans up unused packages)
<tibor> or u use dpkg to uninstall unused images (recommended, manual delete doesnt have all required steps) sudo dpkg --purge linux-image-2.6.28-11-server
<tibor> or use aptitude: sudo aptitude purge linux-image-2.6.32-27-generic-pae
<foo357> tibor: ok I simply used dpkg instead
<foo357> tibor: ok /boot is freed up some now. But I'm still having an issue with that server package.
<foo357> tibor: http://pastebin.com/x18g7WF1
<tibor> try                               apt-get install --reinstall linux-server
<tibor> do you have PAE package (32bit with >4gb ram) or 64 bit server? or?
<foo357> tibor: no it fails, giving the same error
<foo357> tibor: PAE package?
<foo357> tibor: this is a 64 bit server so I don't think PAE is installed.
<tibor> good
<tibor> shouldnt be
<foo357> tibor: how can I fix the problem with 'linux-server' and 'linux-headers-server'?
<tibor> cant you reinstall both?
<tibor> hmm
<tibor> or use dpkg to reinstall it?
<foo357> tibor: reinstalling both with apt-get fails.
<foo357> tibor: how should I use dpkg?
<tibor> dpkg -i packagename
<siberiannerd> should i also write a bug report if expert install from ubuntu-12.04.3-server-amd64.iso was finished without warnings and after reboot i end up with grub's "error: file not found." ?
<siberiannerd> that's somewhat obvious after fast checks that grub is broken
<siberiannerd> same for alternate cd
<rbasak> smoser: a thought. It would be really useful to me if /etc/issue listed eth0's address as standard on cloud images. Achieving this would involve overriding /etc/issue provided by base-files though. Do you think this would be useful to others?
<smoser> rbasak, /etc/issue does not. but motd does, doesn't it?
<rbasak> smoser: I think so. The annoying thing is that I need to log in to see the motd, and I often only have ssh access with cloud images. So it's an extra iteration to backdoor the image.
<rbasak> smoser: btw, I have a new ubuntu-cloud-utils in my PPA awaiting build. I've taken care of all the packaging I think I can for now, so it's pretty much ready. Still plenty to do in the actual code, though.
<smoser> rbasak. cloud-init writes network info to console
<rbasak> smoser: remaining fixes to other packages needed: cloud-localds needs to be available in precise somehow, along with simplestreams of course. genisoimage needs to be depended on for cloud-localds (if that's not already done in upstream/saucy). simplestreams needs the gpg key packaged and working by default (not sure if you've done that already). THat's it I think.
<rbasak> smoser: I can't necessarily always see the console. In my case, I can get VNC to the screen though.
<smoser> you can tll cloud-init to write that to the screen. :)
<rbasak> The TTY login clears it from the screen.
<rbasak> So I end up with an instance that I would like to know the IP of, but have no way to find out.
<rbasak> Given that: 1) cloud instances are generally ssh'd to only, with no password set; 2) this requires the IP, I think it would be useful. I can imagine a scenario where bare metal machines in a datacentre might have the same issue - an admin looks at the screen but can't log in that way because of the ssh key only requirement.
<smoser> for 1. a cloud-instance writes its IP info to the console log.
<smoser> for 2, i dont know.
<smoser> i dont think it sounds like a terribly bad idea to have that information there.
<rbasak> Yeah but the console log isn't always available. I think it makes sense to display IP information in multiple places so the admin can get it from where he needs to get it.
<smoser> you'd hav to have some way to update /etc/issue.
<rbasak> Yeah. That's a bit tricky.
<rbasak> Perhaps from an if-up.d script, but it would need some coordination with base-files
<smoser> well you could do it from the getty upstart job i think.
<smoser> because i think thats just completely upstart managed.
<smoser> ie, getty dies when you log out, and upstart starts it again
<rbasak> Oh, that gives me an idea.
<rbasak> PAM module.
<smoser> rbasak, pam modules is how motd is updated.
<smoser> but that requires login.
<rbasak> I suppose another issue is that the IP could be out of date by the time it's ready. In theory.
<rbasak> it's read
<rbasak> Anyway, I intended that as an aside
<rbasak> We need to sort out this cloud-utils/ubuntu-cloud-utils packaging
<smoser> k.
<rbasak> Do I need to create a new LP project?
<rbasak> Or shall I leave it as a native package for now?
<smoser> rbasak, i would do a new "upstream" for sure.
<smoser> i know it seems like overhead.
<Darkstar1> How can I increase the hard and soft limit for a user that doesn't have a shell?
<Darkstar1> I tried editing the limits in limits.conf but that doesn't seem to work
<psivaa> hallyn_: the lxc smoke tets for saucy is failing with similar issues as in bug 1207675 for the last two days. would help if you could take a look.
<uvirtbot> Launchpad bug 1207675 in ubuntu-test-cases "test_lxc_api test fails during container creation " [Undecided,New] https://launchpad.net/bugs/1207675
<hallyn_> psivaa: trying to clear some final patches so we can merge 1.0-alpha1 into saucy.  let's wait and see if that merge resolves the issue
<hallyn_> stgraber: setting up a test of dwight's monitor patch, hoping to send an ack in 15 ins
<hallyn_> mins
<psivaa> hallyn_: ack, thanks
<stgraber> hallyn_: cool, thanks
<JMichaelX>  i have a home server running ubuntu 12.04.3. it has 2 audio adapters, one is NVIDIA (digital), and the other is a c-media USB audio adapter. i configured alsa-base.conf to give index 0 to the USB adapter. audio is working, but i cannot adjust volume... using mpd or mocp, etc. any suggestions?
<JMichaelX> would installing pulseaudio possibly fix this?
<yolanda> adam_g https://code.launchpad.net/~yolanda.robla/charms/precise/gerrit/trunk/+merge/185289
<smoser> hallyn_, trivial bug
<smoser> https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1224545
<uvirtbot> Launchpad bug 1224545 in lxc "replace lxc-templates cloud-utils recommends with cloud-image-utils" [Undecided,New]
<smoser> biggest change will be not installing 'gdisk' when you apt-get install lxc.
<hallyn_> smoser: that's only for saucy?
<smoser> yeah
<hallyn_> stgraber: ^ when you merge 1.0-a1, can you make that change?
<stgraber> hallyn_: sure
<hallyn_> thanks
<stgraber> smoser: I'll actually go with "cloud-image-utils | cloud-utils" if that's not a problem since I like having the package backportable without a change to all releases >= precise
<nuclearbob> stgraber: if you have a chance, can you point me to any documentation you might have on running nested lxc in raring?  I've seen the post you have for precise with the custom apparmor profile, and I'm having trouble figuring how to use the one that ships in raring
<stgraber> nuclearbob: essentially the same thing as that blog post except that you don't need to write the custom profile and can just set lxc.aa_profile = lxc-container-default-with-nesting in the config and be done
<smoser> stgraber, yeah, that makes fine sense.
<nuclearbob> stgraber: if I just use lxc-default-with-nesting, I get No such file or directory, and if I use the full path in /etc, I get Permission denied - failed to change apparmor profile
<stgraber> nuclearbob: look closely at what I wrote above :)
<nuclearbob> stgraber: thanks.  I'm bad at details sometimes :)
<toabctl> I have a problem with pinning on precise together with the ubuntu cloud archive.
<toabctl> see http://paste.debian.net/38979/ for my setup
<toabctl> the problem is that single package selection does not work
<rbasak> smoser: I'm struggling to get a cloud image to dhcp with a client-id of anything other than "ubuntu". Any tips? Do you know if I'm supposed to be able to change this by messing with userdata/metadata?
<smoser> you can't change it.
<smoser> this should be motivation to do it right :)
<rbasak> What's "right"?
<smoser> controlling a dhcp server.
<smoser> and giving mac:ip address mappings definitively.
<rbasak> I was hoping to be able to get the IP address out of dnsmasq.
<smoser> the reason you can't change 'ubuntu' is that 'ubuntu' is the hostname in /etc/hostname of the un-modified image.
<smoser> dhclient comes up in parallel with cloud-init finding the non-network datasource that you're providing it with.
<smoser> and 'hostname' has already been called from /etc/hostname, so dhclient reads hostname() and sends it.
<smoser> then cloud-init reads your data, changes /etc/hostname, calls hostname(new-hostname)
<smoser> but too late.
<smoser> the system you're designing is exactly how azure publishes its hostname :)
<smoser> in azure, cloud-init has to ifdown and ifup after it sets the hostname, so that a dhcp request with the hostname provided by the cloud platform can then cause dns entries to be updated.
<rbasak> Hmm.
<rbasak> I have two routes I'm considering then.
<smoser> ie, azure says to instance: "Your hostname should be YYY".  And then instance says to Azure (via dhcp) "My hostname is XXX".
<smoser> and *then* after that dhcp request, 'host XXX' will resolve
<rbasak> dnsmasq doesn't have dbus methods to query the mapping, it seems, but does have dbus signals on lease issue. So I could set up a listener and watch for that I guess.
<rbasak> (for the dnsmasq case)
<smoser> so if XXX != YYY, then YYY does not resolve.
<smoser> even though the cloud platform knew that in the first place!
<rbasak> Or I can watch console output, but that interferes with debugging/the developer a bit since I don't see a way to send console output to more than one place
<smoser> what info does the dbus request get?
<smoser> one other way is to use a callback / post home.
<smoser> but then you have to run a service
<rbasak> THe dbus signal will get a (ip, mac, hostname) triple.
<rbasak> (s/hostname/client-id/ I guess)
<smoser> that seems nice.
<rbasak> It would be nicer if I could query the internal lease database rather than watch for changes.
<smoser> yeah. agreed.
<smoser> doesn't it keep a leases file ?
<smoser> that you could just read?
<smoser> do you have to be priviledged to listen ?
<rbasak> Ah, yes. I didn't see it on first glance.
<rbasak> It's in /var/lib/libvirt/dnsmasq/default.leases.
<rbasak> For a first iteration, I could just hack a parse of that.
<rbasak> I'll leave space to add other mechanisms later
<smoser> rbasak, would you have to be privledged to lisen to the dbus signals ?
<rbasak> smoser: I'm not sure
<rbasak> smoser: I was just reading /usr/share/doc/dnsmasq-base/DBus-interface.gz which has no further infromation.
<smoser> yeah
<rbasak> smoser: every method I can think of to get the IP seems suboptimal in some way. So I'm just going to support multiple methods, with the caller specifying the method, and a default method that I might change in the future. So I'll just do a read from /var/lib/libvirt/dnsmasq/default.leases as an initial hacky method that will get us by for now.
<smoser> seems an easy enough format.
<rbasak> Since I can ask libvirt for the instance's eth0 MAC, it should only break if the user isn't using dnsmasq or if the dnsmasq leases format changes somehow.
<smoser> right.
<rbasak> EOD. Much progress today. Almost everything jju needs is implemented now I think. With this and managing volume deletions better implemented, I think it'll be generally usable.
<mgw> Are there any firewall rules I need to be aware of with lxc+macvlan?
<mgw> I have a rule like this at the top of the container's iptables: -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
<mgw> but it's not catching established connections
<mgw> instead it appears they're falling through to my last rule: -A INPUT -j REJECT --reject-with icmp-port-unreachable
<adam_g> smb, around?
<mgw> How can I load kernel modules inside an lxc container?
<patdk-wk> you don't
<mgw> I just discovered all the ipt_ modules are missing
<mgw> ok, rather
<mgw> how can I allow access?
<patdk-wk> I don't believe you can
<patdk-wk> load the modules on the host
<mgw> hmm, maybe that's not my problem
<mgw> i'm using macvlan networking
<mgw> my âstate RELATED,ESTABLISHED rule is not working
<mgw> it works on the host though
<mgw> but not in the container
<mgw> patdk-wk: any idea what the problem might be?
<mgw> I've tried both -m state and -m ctstate
<mgw>     0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
<mgw> any ideas why a rule like "iptables -m state âstate RELATED,ESTABLISHED" is getting ignored inside an lxc container?
<tom_ilsinszki_> I've installed the command line dropbox client and it works fine if I start it manually, however it is stuck on "Uploadingâ¦" if it is started on boot using the init.d script. I've followed this guide when installing: http://ubuntuservergui.com/ubuntu-server-guide/install-dropbox-ubuntu-server
<tom_ilsinszki_> How should I find out what's preventing Dropbox from starting up properly?
 * genii sips and ponders whether to trust a site named ubuntuservergui
<gartral> hey all, what would cause a working, stable server's fs t suddenly go read-only?
<gartral> http://paste.ubuntu.com/6099132/
<zotta> Is there any reason why someone would use a perl script to fetch the exact same static html file every 30 minutes using a perl script?
<sarnold> zotta: it'd give the html server an indication of when the client is alive and on the network..
<zotta> Ok yes
<zotta> but it's some stranger doing it
<sarnold> maybe he intends to help you maintain the server? :)
<sarnold> "hey zotta, it's me, looks like your server is down.."
<zotta> that'd be strange
<sarnold> hehe, yes :)
<adam_g> roaksoax, around?
<mgw1> ok, so i've been messing with macvlan stuff all day, I finally have something working properly, but not the way I want it. I want to host both lxc containers and kvm guests on the same host
<mgw1> I'm working, at the moment, with a vlan interface â bond0.400
<mgw1> I need a bridge associated with that vlan interface, for libvirt to useâ¦ but I also need to use bond0.400 as the link for my containers' macvlans
<mgw1> however, using bond0.400 when there's a bridge generates an error (device or resource busy)
<mgw1> and using the bridge itself as the link creates the problems with iptables I spent all day fighting with
#ubuntu-server 2013-09-13
<gartral> argh
<gartral> failing frives suck
<gartral> drives*
<smb> jamespage, zul, Any insight into saucy-adt-nova failures?
<zul> smb: not yet
<smb> zul, Hm ok. So still not 100% sure where that comes from, right?
<zul> i have an idea im going to try to fix it today
<yolanda> zul https://code.launchpad.net/~yolanda.robla/neutron/autopkgtests/+merge/185482
<zul> yolanda:  this is tested right?
<yolanda> zul yes
<yolanda> it's the same as old one but i resynced
<zul> yolanda:  cool i dont understand how the ryu plugin would pass since it has a python module not in the archive?
<zul> yolanda:  same with ml2
<yolanda> zul, i know, neutron is starting anyway, it's only checking that the files are present, i think
<zul> yolanda:  are you sure?
<yolanda> if some config file isn't in the path, it stops starting, but if config files are present it starts anyway
<zul> yolanda:  ok but if something breaks ill blame you :)
<yolanda> tests are just installing the plugin, updating config files and restarting neutron. That tests passed, but i guess if some in-depth operations are tried, they should be failing
<yolanda> zul, if you can do the merge also... because i don't have permissions for it
<zul> adam_g: http://people.canonical.com/~chucks/ca/
<zul> smb:  should be fixed sooner
<zul> smb:  i mean soonish
<smb> zul, Ah ok. Was it related to xen or just coincidence that it started to fail about when it was uploaded?
<zul> conscidence i think
 * smb is relieved :)
<smb> zul, Hm, "removed xen tests"... now that somewhat does not really sound like the failure was just coincidentally after the xen upload...
<zul> smb: i think we might have to look at compute packaging again after this release
<smb> zul, That way or the other. There should be shiny new xcp as well for next release
<zul> yah
<zul> adam_g: http:://people.canonical.com/~chucks/ca in case you missed it
<hallyn_> zul: hey, were you goign to be uploading the new lbivirt soon?
<zul> hallyn_:  i was blocked on xen but i think im unblocked now
<zul> hallyn_:  can you send me the debdiffs to me again and ill do it now
<hallyn_> zul: f.  trying to find it
<hallyn_> zul: ah, http://people.canonical.com/~serge/libvirt.debdiff :)  simple enough
<zul> hallyn_:  done
<hallyn_> zul: \o/  thx
<bkerensa> pmatulis: Can you review https://code.launchpad.net/~dsmythies/serverguide/makefile_changes/+merge/183363
<hallyn_> zul: i'm still planning on stickign to 1.0.5 in saucy.  shout if you wantme to be trying out 1.0.6
<hallyn_> (uh, for qemu that is)
<hallyn_> (and, 1.5 and 1.6, not 1.0.?)
<pmatulis> bkerensa: i wish i could review that but i simply don't know enough about that stuff
<bkerensa> pmatulis: how is it this server guide lacks a debian directory?
<bkerensa> :)
<pmatulis> bkerensa: why should it?
<bkerensa> pmatulis: because it is a Ubuntu Package?
<bkerensa> :)
<pmatulis> bkerensa: it is?  when did that happen?
<bkerensa> pmatulis: Its not a package?
<bkerensa> o.o
<bkerensa> ok fair enough it isn't
<pmatulis> bkerensa: alrighty then
<adam_g> zul, those keystone changes LGTM
<zul> cool thanks
<adam_g> zul, now that the H3 rush is out lets go back to proper merges for this stuff
<zul> adam_g:  totally
<zul> lxc-ls stop lying to me
<qman__work> I'm trying to write an upstart job that starts as late as possible in the boot process. Is there a keyword for that or something which always starts late that I can use?
<sarnold> qman__work: check the upstart-events manpage for details; my first thought it 'runlevel', but I might be way off.. :)
<qman__work> basically I'm trying to run this software which isn't very bright and needs the system to be completely sorted out before it runs
<qman__work> and networking and filesystems aren't good enough
<genii> Probably bootmisc
<smoser> qman__work, start on stopped rc RUNLEVEL=[2345]
<smoser> is post rc.local
<qman__work> nice, that will work great
<qman__work> thanks
<smoser> :w
<adam_g> roaksoax, ping
<roaksoax> adam_g: here!
<delinquentme> simple way to log the output from a script running on a remote machine to a local machine
<adam_g> roaksoax, heya. was about to seek sponsorship for a new lvm2 debian merge into saucy. figured i'd ping you first since you touched it last
<roaksoax> adam_g: sure i could though xnox is the one who maintains it.
<adam_g> roaksoax, ah
<roaksoax> adam_g: i would feel more comfortablr if he can do it
<roaksoax> otherwise i can take care ofnit
<adam_g> roaksoax, thats fine
<roaksoax> adam_g: just point me.to it
<jost> Hi! I've got a webserver, and a backup server that is only accessible from the webserver via ssh or ftp. Now I want to use the backup server to backup my local machine. In order to do that, I'd like to set up the webserver to act as SSH proxy to the backup server - how do I do that?
<adam_g> :q!
<ikonia> jost: a http proxy for ssh can be a risk, you may want to consider that
<jost> ikonia: I don't want to use a http proxy. What I want is this: Create a SSH instance, that listens at some port (other than 22), and that forwards all traffic to the backup server. So if I do "scp some-file.txt webserver:port/foo.bar", the file will end up on the backup server
<ikonia> jost: yes, but using apache will create a proxy (bad wording http proxy) from the web server,
<adam_g> roaksoax, xnox https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1225149
<uvirtbot> Launchpad bug 1225149 in lvm2 "Please merge lvm2 (main) 2.02.98-6 from Debian unstable (main)" [Undecided,New]
<ikonia> jost: that can have quite a risk due to it being part of your webserver as an exploit, maybe worth considering it
<jost> ikonia: ok, so I don't use apache (didn't want to do that anyway). I  thought there is a way to simply call SSH to forward everything it receives on a specific port to another machine
<ikonia> jost: a second ssh daemon ? an isolated squid process ? iptables ?
<jost> something like that - or simply using SSH forwarding? Shouldn't that work somehow
<jost> problem is that all info SSH forwarding or proxying only forwards a local port
<ikonia> jost: you can do remote hosts/ports, as can iptables as can squid
<qman__work> you could also simply mount the backup server on the web server via sshfs, then just send the files to the web server avoiding key conflicts and whatnot
<bkfitz> Can anyone tell me why i'm seeing this in my syslogs:          ntp peer 69.65.40.29 now valid
<jost> qman__: that is probably the easiest thing... I'll try if that is possible
<jost> qman__ Thats it, thanks!
<roaksoax> adam_g: it requires ffe
<adam_g> roaksoax, yup
<ikonia> qman__work: damn, such a simple solution, kudos
<anepanal1ptos> http://www.newegg.com/Product/Product.aspx?item=N82E16813182821
<anepanal1ptos> does this thing accept "normal people ram" ?
<anepanal1ptos> like
<anepanal1ptos> http://www.newegg.com/Product/Product.aspx?item=N82E16820231309
<jrwren> anyone know why there is post-12.04.3 amis released on 20130909 ?
<jrwren> is there a news feed or something for these ami releases?
<hallyn_> stgraber: any objections to http://paste.ubuntu.com/6103270/ ?
<hallyn_> (nm, sent to list)
<genii> anepanal1ptos: That RAM will fit on that board, yes.
<stgraber> hallyn_: so long as apparmor blocks it, I don't mind
<stgraber> (sent an Ack to the ML)
<anepanal1ptos> genii: will it work after that?
<anepanal1ptos> and by work, POST is a valid answer.
<hallyn_> stgraber: thx
<stgraber> hallyn_: I'll cherry pick and upload it now
<hallyn_> great
<stgraber> hallyn_: can you push it to github?
<hallyn_> man the saucy kernels are just coming in at breakneck speeds
<hallyn_> yup
<hallyn_> pushed
<stgraber> package uplaoded
<stgraber> *uploaded
<hallyn_> awesome, that'll also avoid monitor-fifo-too-long concerns
<stgraber> how so?
<genii> anepanal1ptos: Ideally you'd want 1600 instead of 1066, but the system will downclock accordingly
<hallyn_> i don't believe Dwight's patch was int he last pkg.  wasn't in ppa anyway
<stgraber> 9e60f51d0d1d295bdd77f2fa848f3046e04e6804 ?
<stgraber> ah no, the one after that
<stgraber> b45c701178cdc705d26c95f31035c39bab9edf20 ?
<hallyn_> yeah
<stgraber> we have it in the saucy package
<hallyn_> jolly good
<stgraber> it was required to make touch bootable, so my first upload to the archive had it
<stgraber> currently I'm only cherry-picking bugfixes that we really need from upstream as I don't really care all that much about 13.10, so having a huge set of patches to maintain post-release would be annoying
<hallyn_> sounds good
<hallyn_> i just thought i should try and set up a vm on my laptop that i can demo userns on at the miniconf if i felt like it
<stgraber> for 14.04, I expect we'll get relatively frequent upstream milestones (once it takes less than a week to tag something) an post-release we'll just be using 1.0.x in the distro
<stgraber> that or boot the userns kernel on your laptop ;)
<hallyn_> only downside to that is i'd be runnign saucy and have to upgrade every day whiel at a conf
<hallyn_> still considering it
<stgraber> ah yeah, because kernel+ppa wouldn't be enough since you also need a new shadow and some other bits
<anepanal1ptos> genii: the reson why i ask is because they're not "ecc" and "buffered"
<anepanal1ptos> its just regular desktop memory in a server
<genii> anepanal1ptos: The mb specs don't specify ECC
<anepanal1ptos> genii: i tried to make heads or tales, but im not a hardware server guy, (im not a desktop guy either) so thanks for that bit of info
<anepanal1ptos> genii: this line is what throws me off Supports up to 32 GB DDR3 ECC Un-Buffered memory (UDIMM)
<genii> anepanal1ptos: It CAN use error-correction ram, but it's not a prerequisite.
<anepanal1ptos> ok. thank you for your time! it was very appriciated!
<rostam> HI is the toolchain version has changed from LTS 12.04 to LTS 12.03 update 3?thx
#ubuntu-server 2013-09-14
<dre_> hey guys
<dre_> i would like run a script with a one key press
<dre_> any help
<dre_> hello
<juenn> hai yee! anybody who can help me on configuring my webserver?
<juenn> how can i edit the servername in ubuntu 12? httpd.conf is missing
<andol> juenn: First of all it probably wouldn't hurt if you told us what web server you are running.
<juenn> apache
<andol> juenn: Debian and Ubuntu sets Apache up with /etc/apache2/apache2.conf being the main config file. Do note the include part is in.
<andol> juenn: For example, the servername might be one of those things you'd prefer to set in what is being included from ./sites-availible/
<juenn> i did add servername hostname in the apache2.conf, then restart services but still when i will open my site www.mysite.com to the browser it will display the folder
<juenn> it get complicated... :) before i will just edit it in the httpd.conf change the word localhost into my domainname/////
<sarthor> Hi, there are file inside the directories, and that direcotries are inside other directories. How Can I copy all .ttf file to some other /home/fonts directory with a single command.
<sam_h> I am trying to create a kvm guest, using the command : sudo vmbuilder kvm ubuntu --suite precise --flavour virtual --arch amd64 -o --libvirt qemu:///system
<sam_h> I get an error, log here http://paste.ubuntu.com/6105964/
<sam_h> I also get that error when I run the command as root, rather than with sudo
<sam_h> the final complaint of the script is that the command 'chroot /tmp/tmpkxEsQm mount -t proc proc /proc' fails
<sam_h> when I run that, as root/sudo I get a permissions complaint
<sam_h> the chroot part succeeds, but once inside the chroot, the command fails because of lack of persmissions (and outside because proc is already mounted)
<sam_h> this is a clean install of precise (the latest LTS), with all updates applied
<sam_h> anyone who has successfully made a kvm guest care to tell me what I'm doing wrong?
<xnox> adam_g: roaksoax: looking.
<otello> aiutooooooooooooooo
<Azendale> I'm trying out MaaS and would like to get ceph working on it. I've been trying to use ceph's tool, ceph-deploy to set it up. I have a maas server that will get nodes to the 'ready' states. The ceph-deploy tool seems to want ssh access to nodes. I have no idea what username it should use for ssh, but I have put the key in the MaaS interface. The think I fundamentally don't understand is shouldn't there be a way I have to "reserv
<NoNMaDDeN> hi
<Elico> Hey I want to set the ulimit outside of the init.d script, can it be done?
<halvors> Hi! I have a primary and a secondary DNS server (BIND9). I've set'em up to sync from master to slave, but i'm getting this error on my reverse zones: http://pastebin.com/dX0rFusv
#ubuntu-server 2013-09-15
<Z4PP3r> Hello, I am trying to resize a partition in ubuntu server in virtualbox. first i made a larger virtual hdd and used clonezilla to copy the installation, then i used gparted live to resize the lvm partition, however, when i boot ubuntu server, and do 'df / it' acts like its the same size. rebooting into gparted live, i can see it did resize. can anyone help?
<Z4PP3r> *'df /' it
<Z4PP3r> basically, its still thinks its an 8gb partition.
<halvors> Hi! I have a primary and a secondary DNS server (BIND9). I've set'em up to sync from master to slave, but i'm getting this error on my reverse zones: http://pastebin.com/dX0rFusv Anyone know how?
<whalesalad> hey everyone. I have an older box I'd like to turn into a local ubuntu server for a few miscellaneous things. My current problem is: I do not have a single keyboard in my house. I'm trying to figure out how to do a headless install without one
<whalesalad> Issues: I don't have CD's, so I'm trying to get this thing to boot off of usb media and cannot go into the bios to do so
<whalesalad> it will only boot from hard drives. Any ideas on how I could use a hard drive to bootstrap the install? Just write the .iso to the drive and boot it?
<Azendale> In the MaaS console, I hit the start node action. It started the machine and allocated it to me. Is there a way to deallocate it? Do I have to send some EC2 type command to MaaS to do that?
<whalesalad> hey guys, i've successfully made a custom net install mini iso, and booted into it, having made sure to define the params that enable the ssh console
<whalesalad> unfortunately it never start ssh =(
<bigjools> Azendale: you can't do it from the UI you need to use maas-cli
<shubb> test
<RoyK> 123
<shubb> :-)
<HSaka> Hello, I'm rebuilding my raid 5 atm. The speed is around 2000K/sec... that's pretty low and I'm trying to increase the speed, but there are not changes. And I'm following this guide btw, http://www.cyberciti.biz/tips/linux-raid-increase-resync-rebuild-speed.html somebody here know about this?
<RoyK> HSaka: rebuild takes time, it's mostly limited to iops
<HSaka> RoyK, I know it takes time. But it shouldn't take 20000min
<HSaka> and I have 3x3TB WD Red Nas
<RoyK> hm
<RoyK> 20000min seems rather excessive
<RoyK> HSaka: can you run a check on those drives as in smartctl -x ?
<HSaka> yeah... normaly it should be like a day or 2 would be okey. But this is going to take 2 weeks
<RoyK> HSaka: or a lookup, that is, of the smart data
<HSaka> I haven't installed it
<RoyK> apt-get intstall smartmontools
<HSaka> sec, I will install it
<RoyK> pastebin the output of smartctl -x /dev/sd{something}
<HSaka> k
<HSaka> http://pastebin.com/4vSxf46r this?
<HSaka> I'm getting the same on all of my raid disc
<RoyK> hm
<RoyK> what sort of controller do you have?
<RoyK> as in sata/sas controller
<HSaka> sata
<RoyK> what make?
<HSaka> ah.. i have sw raid controller
<HSaka> if I've answered right
<RoyK> no such thing, but can you pastebin /proc/mdstat?
<HSaka> There you go, http://pastebin.com/YDWZszHm
<RoyK> what distro version?
<HSaka> Royk, this ? http://pastebin.com/VCujRQ0K
<RoyK> HSaka: try lsb_release -a
<HSaka> Royk, http://pastebin.com/MGndA7ky
<RoyK> don't understand why smartctl shouldn't work there
<HSaka> I have no clue , sorry.
<HSaka> Royk, I guess I have to wait 2 weeks =/
<jkitchen> is there a way to set APT::Install-Recommends only on a specific package?
<HSaka> Royk, does this help something? http://pastebin.com/UzXy7GJs
<jkitchen> for instance, I don't want nagios-nrpe-plugin dragging in nagios3. I'm using icinga. but I need the plugin.
<jkitchen> I can't even find any official documentation which mentions the APT::nstall-Recommends setting
<pmatulis> jkitchen: don't install the recommends for that package
<halvors> Hi! I'm running a slave dns server. But running into this error: http://pastebin.com/1CPLqjhX
<halvors> Any ideas howto fix this?
<sarthor> how to sync 2 local folders, /home/xxx/Dropbox and /home/Ubuntu One
<ikonia> sarthor: rsync /
<columb> What's the easiest way to setup VPN without reboot?  Tried pptpd with no luck.
<bekks> columb: Depending on your setup, you have to reboot.
<halvors2> Hi! I'm getting this error when trying to update a reverse zone from isc-dhcp-server: http://pastebin.com/1xR1TAqJ
<halvors2> My isc-dhcp-server configuration: http://pastebin.com/0JYAFAnS
<halvors2> My bind9 configuration: http://pastebin.com/6snZ5MBs
<halvors2> Running Ubuntu Server 13.04
<drfaustus> hi
#ubuntu-server 2014-09-08
<dustinspringman> what up fishes
<dustinspringman> I think I finally know how to ask my question properly! So here goes: what log should I examine for pppd interfaces that are disconnected when a user drops?
<fl8sh123> I am trying to host a webserver running on Ubuntu 14.04.1 and am having a hard time changing from local to public
<SP33D> oh holly ubuntu server community plz answer my question: does any one can imagin a way to move a directory inside a tar.gz file i mean i got bla.tar.gz that contains /bla/files* now i whant to remove bla to have the content of bla in tar root
<SP33D> fl8sh123 hahahha
<SP33D> ya thats normal
<zubairahmed> fl8sh123 what are u trying to do
<zubairahmed> Sp33d what are you trying to do
<SP33D> i need to manipulate a zip file for processing or a tar.gz file
<SP33D> all git hub downloads tar.gz are packed inside a tar container a folder with a project name
<SP33D> that needs to be eliminated
<zubairahmed> Can't you unpack and then repack
<zubairahmed> I mean untar and tar
<SP33D> not good
<SP33D> but will then probally need to do that
<SP33D> if there is no alternate
<faryshta> hi, how can i configure apache so that *.faryshta uses the /home/faryshta/*/public folder?
<Rar9> hi need a quick feedback for tomcat8 restarting.... used this to get it installed. http://www.liquidweb.com/kb/how-to-install-apache-tomcat-8-on-ubuntu-14-04/
<Rar9> service tomcat restart
<Rar9> Gives me  - tomcat: unrecognized service
<lordievader> Rar9: Autocomplete the tomcat part, and use sudo. For starting services you need root.
<Rar9> lordievader entering $CATALINA_HOME/bin/startup.sh gives me the shown output.
<Rar9> IÂ´ve already restared the server
<lordievader> Err, why would you start a service from a script in your home-dir?
<Rar9> lordievader IÂ´ve just followed the instruction...
<Rar9> where they wrong?
<lordievader> Rar9: Could you pastebin that script (I must say I do not know tomcat ;) )
<Rar9> lordievader IÂ´ve simply followed the step by step install instruction in the above link.
<lordievader> !info tomcat
<ubottu> Package tomcat does not exist in trusty
<lordievader> !info tomcat7
<ubottu> tomcat7 (source: tomcat7): Servlet and JSP engine. In component main, is optional. Version 7.0.52-1ubuntu0.1 (trusty), package size 34 kB, installed size 365 kB
<lordievader> Rar9: Does it specifically need to be tomcat8? Else I'd suggest you use the one from the repo.
<Rar9> IÂ´m sorry IÂ´m very new to all of this...
<lordievader> Rar9: In Ubuntu it is standard practice to install software from the repo. You rarely need to manually download and compile things.
<Rar9> ok.. but i belive this will then only install tomcat7
<lordievader> Rar9: Do you specifically need tomcat 8?
<Rar9> IÂ´ve I setup a new server I belive having the laster version of tomcat would help.
<ikonia> Rar9: why would it help ?
<ikonia> Rar9: what is your reasoning to think tomcat 8 would be better for you?
<lordievader> Rar9: It's better to use the one from the repo. This one will receive updates automatically, whereas if you install it manually you need to update it yourself.
 * svg looks for help regarding a problem I experience with open-iscsi on precise using the backported package 2.0.873-3ubuntu5~ubuntu12.04.1
 * ikonia looks for a description of the problem rather than useless meta comments
<svg> already being friendly early in the morning ikonia :)
<svg> I upgraded open-iscsi to that backported package on some precise servers, and since then, devices that hold a FS that should get mounted at boot, are breaking the boot sequence
<svg> it gets the usual 'press m for manual recovery' message
<svg> what happens is that mountall is trying to mount that device *before* iscsid gets started
<svg> if I skip thatmount and let the boot sequence continue, the first next thing that happens is iscsid getting started...
<reshadfar> Hi guys. I just upgraded my ubuntu to 14.04 and unfortunately my mailserver messed up Is there someone who can help me get it up and running again?
<patdk-wk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<jamescarr> hello
<jamescarr> I installed https://launchpad.net/ubuntu/precise/+package/libmemcached-tools
<jamescarr> none of the binaries the package provides seem to be present on my system
<jamescarr> check this out
<jamescarr> nevermind
<jamescarr> nothing to see here
<xperia> hi all. small question. what is best solution to have a real fast gigabit network storage server solution for my webserver where i am able to store gigabit of web data and access it over the network to proccess that data? What for a throughput can be expected from such a decentral network storage inside a gigabit lan network?
<xperia> would a ubuntu nfs server be enoght? is this the best and fastest solution or does it exist some other special software for such storage cluster ?
<smoser> hallyn, how dows python know this: http://paste.ubuntu.com/8291613/
<smoser> somehow it knows that i can't open /dev/loop0 as write.
<hallyn> smoser: it uses access(2)
<hallyn> (so the kernel tells it)
<teward> rbasak: FYI, for nginx, https://bugs.launchpad.net/nginx/+bug/1366651 is extremely relevant, and we should probably review the package before it's included in the future.  It's changes in Debian which break configs for most default-config users, which means it's extremely relevant to users of the package.  (When considering a merge/change for the next release or even a late change this one)
<uvirtbot> Launchpad bug 1366651 in nginx "1.6.1 upgrade breaks fastcgi / php5-fpm with changed config file" [Undecided,Won't fix]
<hallyn> unfotunately there is no equivalent for kill :(
<hallyn> tha ti know of
<rbasak> teward: thank you for the heads-up. It sounds like this is the sort of thing we want to change in-between releases and before feature freeze only.
<teward> rbasak, right.  1.6.1-2 which introduced the change only came out 2 days ago so I don't think it's a hugely important thing to be aware of
<teward> at least, not at this point in the cycle
<teward> rbasak, big FYI though: this is due to nginx Debian syncing configs up with nginx upstream, so..........
<teward> rbasak, it's Won't Fix in the PPAs because it's synced up with Debian/Upstream, but for Ubuntu it's going to need considerations in the future
<rbasak> teward: I think it makes sense to sync, but we'll want a release note for it.
<teward> rbasak, i suggest you check the changelog of 1.6.1-2, the lua module is against luajit now
<teward> so that may break main
<teward> s/main/main eligibility/
<rbasak> Lovely.
<teward> (i'm alive more, now, btw, now that i'm back at college instead of pulling 8 hour days of work :))
<rbasak> teward: that's great, thanks. I hope my last merge was OK?
<teward> rbasak, haven't peeked, been busy up until a few days ago (including but not limited to taking the gf out to dinner, proposing to her, her syaing yes, and preparing that whole thing...)
<teward> rbasak, i haven't seen any new bugs against it but i also don't have utopic server VM set up to test either
<teward> s/have utopic/have a utopic/
<cfhowlett> teward, too much work.  sudo /join --matrimony gf --verbose
<teward> cfhowlett, lol
<teward> cfhowlett, regardless now, she said yes, so........... :)
<teward> having said this, that's been a recent development keeping me from peeking at rbasak's last merge :)
<teward> rbasak, i'd suggest you keep an eye on the nginx bugs as well as nginx in Ubuntu bugs, because issues for Ubuntu will probably be seen ahead of Ubuntu inclusion in the nginx project, i'm pointing people who report PPA bug issues right to the nginx project on LP
<teward> this is one of those kinds of bugs
<hallyn> jdstrand: with libvirt 1.2.8, su -c "sudo -H -u serge2 virsh -c qemu:///session capabilities"  is failing with
<hallyn> error: failed to connect to the hypervisor
<hallyn> does that ring any bells for you?
<hallyn> error: Failed to connect socket to '/home/serge2/.cache/libvirt/libvirt-sock': No such file or directory
<jdstrand> hallyn: sorry, no
<hallyn> ok, thx, guess i'll have to bisect this bad boy
<hallyn> if the default session sock moved i'd have expected a git commit msg mentioning it
<jdstrand> hallyn: fyi, I am trying to land 1.2.6-0ubuntu6 today (https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages)
<hallyn> jdstrand: does that include only upstream fixes?
<hallyn> really 1.2.8 is only hung on my figuring out what the heck is going on with qrt failing
<jdstrand> hallyn: that contains only changes to apparmor policy on Ubuntu
<hallyn> ok, zul ^ we'll have to make sure to remember to fit those into 1.2.8 :)
<zul> erm
<hallyn> d'oh
<hallyn> jdstrand: nm, found it.  libvirt has stopped creating ~/.cache/libvirt/ before creating the unix sock under there when it needs to
<jdstrand> cool
<teward> rbasak, FWIW, your dep8 smoketests got included - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756391 - http://anonscm.debian.org/cgit/collab-maint/nginx.git/diff/?id=0aaa296
<uvirtbot> Debian bug 756391 in src:nginx "No dep8 tests" [Wishlist,Fixed]
<teward> rbasak, otherwise, merge looks good.  :)
<hallyn> zul: feh.  so i fi can find the fix for libvirt no longer creating ~/.cache/libvirt, the bigger problem is that it is not creating apparmor policies for kvm domains at all.
<zul> hallyn: quality stuf..
<hallyn> it must be fallout of the container policy stuff.  as i recall files were renamed, so we'll have to update
<NoReflex> hello! is there a way to enable boot logging in Ubuntu 14.04.1 LTS?
<NoReflex> I installed bootlogd and it intstalled successfully but I don't know if bootlogd is working yet because I've seen many reports for older versions that it does not work anymore
<NoReflex> anyone?
<pmatulis> NoReflex: wow first time i hear of it.  it doesn't seem to be getting much attention from developers
<NoReflex> pmatulis, it is a shame because many hosting providers provide a rescue mode for machines - where you boot a separate image and can inspect your actual drives
<NoReflex> so the logs are pretty much all you got in case the machine won't boot normally
<pmatulis> NoReflex: did you enable under /etc/default?
<NoReflex> pmatulis, in the file /var/log/boot there is only: (Nothing has been logged yet.)
<NoReflex> there is a folder /etc/default
<NoReflex> but no bootlogd file
<pmatulis> NoReflex: is the software running?  is it meant to run only at boot time?  dunno
<NoReflex> pmatulis, neither do I; I created the bootlogd file but after reboot same thing
<NoReflex> (Nothing has been logged yet.)
<NoReflex> I found an error message saying: rescue rsyslogd: imklog: cannot open kernel log(/proc/kmsg): No such file or directory.
<NoReflex> but I don't know if that is the culprit
<TJ-> NoReflex: I came in after you started describing your issue, but could it be that the log output from /dev/console is being captured by plymouth, in which case it gets dumped to /var/log/boot.log
<NoReflex> TJ-, could be but the boot.log file is old ...
<NoReflex> -rw-r----- 1 root              adm     31 Sep  8 21:03 boot
<NoReflex> -rw-r--r-- 1 root              root  6.9K Jul 13 11:17 boot.log
<NoReflex> and boot only contains - nothing logged
<TJ-> No_one_at_all: What's the base system the OS is booting on?
<TJ-> oops!
<TJ-> NoReflex: : What's the base system the OS is booting on?
<NoReflex> TJ-, Description:    Ubuntu 14.04.1 LTS
<TJ-> NoReflex: On bare metal, or virtualised. If a VM, which hypervisor?
<NoReflex> after an update (apport issued some errors) the machine boots apparently but cannot access it, does not respond to ping
<NoReflex> TJ-, bare metal hosted at a provide, I don't have physical access to it; I can only access a recovery shell where I can access my drives and chroot
<TJ-> NoReflex: OK; are you also able to alter the boot configuration such as kernel command-line manually, or do you have to alter grub.cfg via rescue shell each time, to do that?
<NoReflex> TJ-, I don't have any control over the boot process
<TJ-> NoReflex: So you'd have you use the rescue shell to edit grub.cfg to add kernel command-line options
<NoReflex> yes
<TJ-> NoReflex: From what you're saying you have no remote KVM over IP, or IPMI, or serial-over-LAN connection to the bare-metal ?
<NoReflex> TJ-, none; I only have that rescue shell
<TJ-> NoReflex: So the issue is that the boot process is hanging at some point?
<NoReflex> TJ-, most likely because I don't have any access to the machine when t boots normally; it does not even respond to ping
<NoReflex> that is why I thought bootlogd might help
<TJ-> NoReflex: OK, well use what you've got. You only know that networking, or more accurately, sshd, doesn't become available?
<NoReflex> yes
<TJ-> NoReflex: Are there any netfilters DROP rules st by iptables at boot-time? If so, it's worth temporarily adding an ACCEPT for you client's address to ensure it can get through despite other rules. Then, try pining the server once you know it should have started. If the indicates no networking, then go back to the rescue shell.
<TJ-> Before you leave the current rescue shell, add a command to "/etc/rc.local" to show whether it gets to that point: "echo "rc.local" > /var/log/rc.log"
<TJ-> Next time you use the rescue shell check for that file - if it existing you know the boot is getting that far. If not, you know it's an Upstart/init issue. You might also add "--verbose and "--debug" to the *end* of the default menuitem "linux ..." line in "/boot/grub/grub.cfg" to force Upstart/init mountall and other boot-time processes to do more logging
<NoReflex> TJ-, the iptables rules should be in /etc/iptables.rules right? or something similar
<NoReflex> and the loading should appear in /etc/network/interfaces
<NoReflex> there is nothing about iptables in /etc or network/interfaces
<TJ-> NoReflex: You might also add to the kernel command line the options to have the kernel set the public IP on the public ethernet interface so there's early networking available, with that you could even configure it to write to a netconsole (being your local PC with "netcat -l ..." listening)
<TJ-> NoReflex: It depends on what 'firewall' configuration tools are in use; if it is just iptables-{save,restore} then yes, 'interfaces' should have an entry for those
<TJ-> NoReflex: It'd be worth creating a dedicated menuitem in "grub.cfg" with all the remote debug options needed, and then configure grub to automatically use that entry if it detects a boot failure.
<TJ-> NoReflex: That's something else you need to consider - the system might be simply sitting at the GRUB menu waiting for a manual selection due to a previous boot failure
<NoReflex> TJ-, isn't there a timeout for the boot process? never heard of waiting indefinitely at boot
<TJ-> NoReflex: there are three. By default, if a boot fails the system waits indefinitely
<TJ-> NoReflex: However, there is GRUB_RECORDFAIL_TIMEOUT which simple changes "set timeout=-1" to "set timeout=<some number of seconds>". If you edit "/boot/grub/grub.cfg", look for the current "set timout=" line and make that a positive number that will ensure the system continues to boot if it is waiting at the boot menu
<NoReflex> TJ-, if [ "${recordfail}" = 1 ] ; then
<NoReflex>   set timeout=-1
<NoReflex> else
<NoReflex>   if [ x$feature_timeout_style = xy ] ; then
<NoReflex>     set timeout_style=menu
<NoReflex>     set timeout=2
<TJ-> This:
<TJ-> if [ "${recordfail}" = 1 ] ; then
<TJ->   set timeout=-1
<TJ-> else
<TJ-> "recordfail" is the boot flag set on each boot. The OS has to start and clear that flag otherwise GRUB finds it still set and then will wait
<NoReflex> I changed it to 23
<NoReflex> 3
<TJ-> NoReflex: Add "debug --verbose --debug" to the end of the default menuitem's "linux ..." entry too ... best to do belt-and-braces debugging here since you have to use that rescue shell
<NoReflex> added; do I have to regenerate the boot image now?
<TJ-> NoReflex: No; that file is read by GRUB's "normal" module at boot-time and the shell-script like commands executed
<NoReflex> TJ-, thank you, very much!. I'm sure to give it a try tomorrow morning as it is late here
<NoReflex> thanks again for your time!
<netameta_> anyone familiar with ec2/aws or knows of a channel that relate to that ?
<TJ-> netameta_: See the AWS FAQ, "Q: How do I access my systems?"
<netameta> TJ- nah thats not my question though, was wondering if i am intended to get 1 public DNS per account or 1 per instanse , currently i have 3 instanse and only 1 DNS
<TJ-> netameta: What is a "DNS" ?
<netameta> TJ-, domain name server ?
<netameta> or are you asking something else ?
<Monotoko2> in simple terms it's what translates a name into an IP address
<TJ-> netameta: So do you mean A or CNAME records in a zone file, that resolve names to IP addresses?
<TJ-> netameta: The AWS FAQ answer to the question I pointed you to says "The RunInstances call that initiates execution of your application stack will return a set of DNS names, one for each system that is being booted. This name can be used to access the system exactly as you would if it were in your own data center. You own that machine while your operating system stack is executing on it."
<netameta> Monotoko2, thanks. TJ- yea i am suppose to have a DNS for each server.
<netameta> TJ- and currently i am only getting one
<Monotoko2> netameta: where are you getting them from?
<netameta> I am talking about ec2 in amazon
<netameta> i have 3 instanses running, and only 1 has an public IP/ public DNS
<Monotoko2> netameta: Yeah... you want another IP
<Monotoko2> and a slave DNS box setup
<Monotoko2> or you could just use Route 53
<netameta> box setup ?
<sarnold> there's no need for all that if you just want to use the amazon-assigned IPs and DNS names
<Monotoko2> Route 53 does it all for you... or you can just use your registrars servers (just add an A-record for @ and www pointing to your public IP)
<netameta> well sarnold, and monotoko2, i am trying to set up a loadbalancer
<netameta> so i've create 3 instanses to test and that's where the problem came from
<zartoosh> Hi using ubuntu 14.04, what faiclity I need to use for detecting hotplug events please?
<sarnold> zartoosh: udevadm monitor is probably a good starting point
<zartoosh> sarnold, thanks
#ubuntu-server 2014-09-09
<jetole> Hey guys. I'm setting up ipset on ubuntu and wondering about persistence. For example, I set create ipset rules in /etc/rc.local to have them set as persistent however that's run after the iptables-persistence scripts if I'm not mistaken so I'm wondering where or how I should create ipset persistence
<jetole> well I wrote my own ipset persistence script based off of iptables-persistent so I guess that'll do for now
<Crackz0r> Hello
<sudormrf> hey guys.  question.  I want to setup backups on my server, I was thinking dd + cron, but I was wondering if there was a better way to accomplish this
<TJ-> sudormrf: never! dd is not a back-up tool for live systems. Use LVM and snapshots for block device backup
<sudormrf> TJ-, and suppose I didn't use LVM when setting up the server?
<TJ-> sudormrf: use some other form of back-up, such as rsync
<sudormrf> hmm, but wouldn't just rsync be a bit messy?
<Sachiru> Could someone recommend me a good and free sFlow collector and analyzer that can run on an Ubuntu server?
<Sachiru> Basically I need something to collect both sFlow data and logs from my router (Ubiquiti EdgeRouter Lite) for bandwidth monitoring
<Sachiru> If not sFlow, NetFlow
<lordievader> Good morning.
<lordievader> Sachiru: Do you know NFSen? http://nfsen.sourceforge.net/
<Sachiru> Thank you
<Sachiru> Very much
<Sachiru> Exactly what I was looking for
<lordievader> Sachiru: Little bit of advertisment: SSHCure is a nice NFSen plugin https://github.com/SSHCure/SSHCure
<xperia> hi all. i need to create a filesystem on a ssd disk that will be used for a huge amount of small files in the size of about 500 Bytes to max 1KB stored in a Directory Structure like ./category1/a/aa/aabbcc.file My question is what is best File System for such a case ? I guess Raiser right or does some other File System exist that is much better already for such a case?
<salih-emin> xperia, acording to this http://unix.stackexchange.com/questions/28756/what-is-the-most-high-performance-linux-filesystem-for-storing-a-lot-of-small-fi
<salih-emin> the best overall is Raiser
<salih-emin> but IMO the best filesystem is the one you can troubleshoot or at least you have experience with it if somthing goes wrong
<salih-emin> some day
<xperia> salih-emin: thank you a lot for your reply. will just checkout our link! yeah i am new to raiser but it looks really when it comes to small files raiser beats all other file systems. there are some negative reports however that people avoid it becouse it corrupt with the time the performance. pity that not that much people use it so more experience can be shared.
<salih-emin> yes that is why I prefer ext4 even if I deal with tiny files because the support out there is worth the small amount of performance sacrifice
<salih-emin> :)
<xperia> salih-emin: well i would stick also with ext4 but the problem with ext4 is the limted amount of inodes. there is a specific amount of inodes you are able to create related to blocksize. also with much more indoes the performance is getting slower i think but i could be wrong. dont think 1 billion inodes is gona work on a ext4 file system that good?
<salih-emin> xperia, yes there are some important issues with inodes with ext4. There are som good readings out there to help you determine what suits best your needs http://stackoverflow.com/questions/21397110/how-to-store-one-billion-files-on-ext4
<salih-emin> and http://www.redhat.com/summit/2011/presentations/summit/decoding_the_code/thursday/wheeler_t_0310_billion_files_2011.pdf
<salih-emin> I wish you best of luck and patience ;)
<xperia> salih-emin: thank you i will need it :-) sooner or later i will have to write/hack my own filesystem for the ubuntu server or at least adjust some existing one. wish you a good day and success. thanks.
<salih-emin> :)
<zetheroo1> I have Ubuntu installed on a server with 4 HDD bays, two of which have disks for data. I would like to remove them from server without rebooting or shutting down the server - is this possible?
<Abhijit> explain =  two of which have disks for data
<ikonia> explain "remove"
<ikonia> as in stop using the disks, or physically remove
<ikonia> how are the disks layed out, in lvm ? raid ? flat mount points ?
<zetheroo1> physically remove
<zetheroo1> the 2 data disks are a Raid1
<zetheroo1> I will have no more need of those 2 disks in there
<ikonia> in terms of stopping the OS using them, thats easy, break the mirror
<ikonia> in terms of physically removing them, that will depend on your server hardware if it's hot swap
<zetheroo1> ok
<pmatulis> morning
<Andy80> hi
<Andy80> I've just done a "apt-get upgrade" on my Ubuntu 14.04 server, and mong all the packages, nginx has been upgraded, but now is broken! This is what I get in the error.log http://pastebin.com/eWysMNxa
<Andy80> how can I fix it?
<pmatulis> Andy80: was working before i presume?
<Andy80> yes it was
<Andy80> it looks like something has been changed between the previous version of nginx and the current one installed
<Andy80> and my config or whatever is not valid anymore
<Andy80> but seriously... why relasing an upgrade that breaks stuff?
<Andy80> for a crucial package as nginx :/
<pmatulis> Andy80: sounds like your config got altered, which is strange.  can you open a bug?  https://bugs.launchpad.net/ubuntu/+source/nginx/+filebug
<pmatulis> Andy80: put in the previous version and the current version
<Andy80> no, my config has not been altered
<Andy80> -rw-r--r-- 1 root root 2120 Aug 30 14:46 andreagrandi
<Andy80> before opening a bug on bugzilla I need to fix this sorry
<pmatulis> Andy80: do you have backups of the config so you can compare?
<Andy80> my website is down
<pmatulis> Andy80: sounds like you just need to allow directory listing
<Andy80> I nigthly backup with duplicity... so yes, I've backups, but my config has not been touched
<pmatulis> Andy80: so you compared the two configs?
<Andy80> pmatulis, no I didn't, but if the date is Aug 30, how can be modified?
<Andy80> let me retrive the backup copy anyway...
<pmatulis> Andy80: maybe pastebin the current one as well.  was anything changed re the files/directories being served up?
<Andy80> one momen... I'm getting the backup copy...
<Andy80> root@andreagrandi:/home/andrea# diff /tmp/andreagrandi/andreagrandi /etc/nginx/sites-available/andreagrandi
<Andy80> no diffs
<Andy80> my current config is this http://pastebin.com/JD893aSD
<Andy80> where can I get an history/log of what apt-get did so I can look in the changelog of nginx and see if something changed between the two versions?
<Andy80> found the changelog http://nginx.org/en/CHANGES-1.6
<Andy80> but nothing helps...
<pmatulis> it looks like you do not have directory listing allowed.  shouldn't you have 'autoindex on;' under location for that?
<Andy80> I've multiple locations... under which one do I have to put it?
<pmatulis> Andy80: try under
<pmatulis>         # Matches everything.
<pmatulis>         location / {
<Andy80> tried.... didn't help
<pmatulis> Andy80: you might want to enter #nginx , i've never used the software
<pmatulis> Andy80: but if it was working before, that exact same client request, it should not have broken in an upgrade.  strange that i do not see a new version in -updates, i only see 1.4.6-1ubuntu3
<pmatulis> Andy80: look at your apt logs to be sure nginx was changed, it may be something else
<Andy80> it was
<Andy80> I saw it upgrading
<Andy80> and the ackage is also in the apt cache
<fixxxermet> I'm setting up automated installs with cobbler.  Should I be using kickstart or preseed files?
<pmatulis> fixxxermet: preseed is debian/ubuntu, kickstart is redhat.  the installer is kickstart-aware for only some basic options, call it kickseed.  best to go with preseed
<fixxxermet> pmatulis: exactly what I wanted to know.  That you
<fixxxermet> s/that/thank
<zul> coreycb,: ill take python-oslo.config i need to fix some stuff anyways
<coreycb> zul, ok
<zul> coreycb: the xstatic stuff got merged
<zul> er...synched
<coreycb> zul, ah, good
<Kunzem1987> good day people. I hope someone can at point me at least in the right direction. I have ubuntu server backup they are tar.bz2 20 files each of 1.8gB in a parity archive format. My problem is not repairing the parity files i verified them etc . how do i extract the data whithin. i would think it would start by unparitying (don't think that is word) them and then use tar command to extract. I've used multipar on
<Kunzem1987>  windoze . i'm at loss with this issue. can see my data there but just can't open :(
<dasjoe> Kunzem1987: do you know which tool produced those files? I don't know anything that produces *.tar.par2
<Kunzem1987> Unfortunatly I was not with when the backups were made. they have extension file.tar.bz2.aa next file.tar.bz2.ab to file.tar.bz2.at and there is a index file file.tar.bz2 which is small. i assume it was created using par2 package in command line. just don't know how to unpar them
<lordievader> Extracting the main file.tar.bz2 does not pull-in the child files?
<lordievader> I suppose the a[a-t] files are all the same size?
<Kunzem1987> @ lordievader yes the a[a-t] files are the same size except for the last one. i will try to excract from indexed tar.bz2 file
<Kunzem1987> the index file has .par2 at end and I tried tar xvjf bras.10.tar.bz2.par2 which obviously didn't work.
<lordievader> There is no file with just *.tar.bz2?
<arosales> thanks coreycb for charing the server meeting
<coreycb> arosales, np :)
 * patdk-wk wonders how much he charged for it
<Odd_Bloke> Medium-rare.
<CarlFK> hmm, ps shows:  Aug21   0:00 /usr/bin/dpkg --status-fd 59 --configure resolvconf:all libcgmanager0:amd64 libudev1:amd64 udev:amd64 .... full list http://paste.ubuntu.com/8301446/
<CarlFK> this is a very vanilla box.  it is pretty much just a file server.
<CarlFK> any suggestions before I sudo reboot and turn it on again?
<lordievader> CarlFK: Why not kill the process? Instead of rebooting.
<CarlFK> lordievader: the thought was there might be something else blocking it.. so before I spend time on all that kill them all
<lordievader> CarlFK: Unlikely. Apt might be waiting for it. But that is not a problem.
<CarlFK> killed.
<lordievader> CarlFK: Could you pastebin the output of "ps aux| grep dpkg\|apt'
<lordievader> CarlFK: Could you pastebin the output of "ps aux| grep 'dpkg\|apt'"*
<CarlFK> um.. even after I killed it?
<lordievader> CarlFK: Yes, I'd like to know if something remains.
<CarlFK> lordievader: nothing (well, the ps...grep like we always get)
<lordievader> Ok, great. Was that the full problem?
<CarlFK> I did a apt-get update and got "/var/lib/dpkg/lock in use"
<CarlFK> but still having some problem: sudo apt-get update ...  the expected bunch of Hit http://us.archive.ubuntu.com trusty-backports/universe Translation-en
<CarlFK> E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.
<CarlFK> guessing I should do that?  sudo dpkg --configure -a
<lordievader> CarlFK: Jup.
<CarlFK> update-initramfs: Generating /boot/initrd.img-3.13.0-34-generic
<CarlFK> shouldn't it say "reboot required" ?
<lordievader> CarlFK: Reboot is never required ;) Just recommended.
<CarlFK> hmm, not sure I see a new kernel.. Setting up grub-pc (2.02~beta2-9ubuntu1) ...
<lordievader> CarlFK: Something triggered an update of your initrd.
<CarlFK> Processing triggers for initramfs-tools (0.103ubuntu4.2) ...
<CarlFK> I 1/2 think it doesn't matter, but given my hickups here I should reboot now when I have time to fix it
<lordievader> CarlFK: I'd say there is no need to reboot, unless you want to load the new kernel/initrd.
<CarlFK> grumble.  why does root own my bash_history? -rw------- 1 root root 213 May 11 11:08 /home/juser/.bash_history
<CarlFK> and -rw-------  1 root  root  1176 May 11 11:11 .viminfo
<lordievader> CarlFK: sudo chown -R $USER:$USER /home/$USER
<CarlFK> yeah.. but how did that happen?  (only 1/2 care.. its just a local file server box in my house, i don't pretend to do proper deployment stuff to it)
<lordievader> CarlFK: Accidental command, improper sudo usage. Don't really know.
<ciroingiro> Kunzem1987 i don't know par2 package but tar can not create a compressed multi volume archive and bzip2 can not create a multi volume. I think the creator script have create a multi volume tar archive and compressed every single tar.part with bzip2. You have to try bunzip2 file.tar.bz2.aa for example?
<dasjoe> Kunzem1987: googling for ".tar.bz2.aa" gives various results about how "split" can be used to split a .tar.bz2 stream into multiple files. If you checked your files with par2 (which you said you did) you can simply extract the .tar.bz2.[...] files with something like: cat file.tar.bz2.* | tar xjvf -
<hallyn> zul: filed bug 1367422
<uvirtbot> Launchpad bug 1367422 in libvirt "[FFE] Upgrade to 1.2.8" [Undecided,New] https://launchpad.net/bugs/1367422
<hallyn> ok, with that i consider myself done with that and am moving on to qemu for real
<hallyn> (though i'd sort of like to get apparmor-confined containers working...)
<zul> ciik
<Valarkin> Hello. Noob seeking assistance enabling password protection on a web servable dir
<Valarkin> 10.04
<Valarkin> oops
<Valarkin> 14.04
<SP33D> oh holly ubuntu gods
<SP33D> plz tell me is that a current bug in trusty with apt-show-versions ?
<SP33D> https://www.irccloud.com/pastebin/4rrfBiaK
<SP33D> Valarkin password on web server is a web server related question
<SP33D> you should ask it the person from that you run the webserver if its apache you can go to #httpd
#ubuntu-server 2014-09-10
<Takyoji> Any specific way to test if DHCP on a network is functional?
<Takyoji> I've been trying to use dhcping, but get an answer of 'no answer', even on my home network, which has working DHCP
<Takyoji> otherwise is there any other useful commands?
<Takyoji> or does dhcping work for anyone else at all?
<sarnold> heh seems like dhcping requires a lot of command-line fiddling..
<sarnold> Takyoji: Got answer from: 192.168.1.1
<Takyoji> sarnold: Odd, not sure why it isn't working for me. And I assume there's no difference between Ubuntu Server and Desktop, networking-wise
<sarnold> Takyoji: well, desktop has NetworkManager and assorted things
<sarnold> (and I tested on my laptop because it's what's easy :)
<Takyoji> Because I'm testing from desktop versions
<sarnold> Takyoji: how did you execute dhcping?
<Takyoji> Alright, I guess PEBKAC, seems to be working fine now, oddly. I must have just been setting the wrong parameters
<sarnold> or it was a temporary problem, which might not help you much :) heh
<MrPPS> Hey guys, having some issues with SSL. I have a ubuntu 12.04.5 server that has been connecting fine to a server on an SSL secured port, however, recently, I've been having handshake failure issues. I run "openssl s_client -showcerts -connect server:port", and sometimes it returns the cert, other times it returns: "140010279691936:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
<MrPPS> failure:s23_lib.c:177"
<MrPPS> followed by "no peer certificate available"
<MrPPS> Yet any of my other servers (including 12.04.5) have no issue doing this
<MrPPS> Any clues?
<Takyoji> Perhaps the time is misconfigured, as a very random guess
<MrPPS> appreciate the guess, but time has been verified as being correct :)
<Takyoji> or otherwise the port isn't actually SSL, it may be plaintext
<MrPPS> very occasionally, that same command returns the SSL cert
<MrPPS> i.e., 1/7 times
<MrPPS> however, the same command run from other servers returns it every time
<MrPPS> and also, that same command to any other ssl-secured server works fine
<Takyoji> are the others newer?
<MrPPS> yeah, they were set up more recently
<MrPPS> but they're also part of a different network
<MrPPS> other servers, SSL secured in the same network, give the same issue
<MrPPS> but only seen from this one client :P
<Takyoji> what type of service is it? HTTP, POP/IMAP/SMTP, or?
<MrPPS> IRC
<MrPPS> connecting to my own IRC network is fine, but connecting to this one is not :(
<MrPPS> and prior to today, it'd been no issue, and they haven't changed the certs on their servers
<MrPPS> so just trying to determine what could be causing it :)
<Takyoji> able to provide a full paste of what the openssl client command returns (if there's any more content)?
<MrPPS> yeah, one sec
<MrPPS> Takyoji: an example of a failure: http://pastie.org/9540973
<Takyoji> Is it not just outright dropping the connection?
<Takyoji> given "has read 0 bytes and written 213 bytes"
<MrPPS> seems like it theoretically could be, but then I try again a second or two later, and it works fine
<MrPPS> oh, it is important to note
<MrPPS> existing connections to it are staying connected
<MrPPS> i.e., I have ZNC on there that connected a week ago, and that's still fine
<MrPPS> but trying to set up a new connection, or manually with openssl, is giving that error
<Takyoji> is there any sort of port forwarding or things going on?
<MrPPS> none at all
<MrPPS> these are all servers in DC's
<MrPPS> with public v4's
<Takyoji> Tried asking about your situation with a support channel of your IRCd?
<Takyoji> http://serverfault.com/questions/389197/ssl-routinesssl23-writessl-handshake-failure
<Takyoji> MrPPS, ^
<MrPPS> Takyoji: cheers, having a look at the serrver port article
<MrPPS> haha, -tls1 flag isn't accepted for my client :/
<Arth> i'm trying to make it so that whern you go to the domain, instead of trying to connect to www.domain.com:80, it goes to another service(port) by default
<Arth> lets say i had a service running at port 555, instead of going to the domain and it points to domain.com:80 i want it to go to domain.com:555 without me having to add :555 to the url
<Arth> is that possible? without using javascript/meta redirects, doesn't seem to work for me
<MrPPS> oh, never mind, it is picky about the flags order
<Takyoji> Arth, that idea really only applies to SRV records, and in the context of HTTP, browsers don't check for SRV records, they only do A/AAAA records
<MrPPS> If I was lazy, I'd just get socat to do port translation
<MrPPS> :P
<Arth> Takyoji: are you saying it's not possible
<Takyoji> Pretty much. In DNS, an A or AAAA record just tells your computer which IP there is for the domain.
<Takyoji> Whereas with SRV, it'll tell you which IP and port, for the service your requesting. And HTTP doesn't implement that idea.
<Arth> thanks, so MrPPS how exactly would socat help me
<Takyoji> I mean, not that it's HTTP itself, it's just browser vendors and such
<MrPPS> Arth: for example; sudo socat TCP-LISTEN:555,fork TCP:localhost:80
<Arth> and that wouldn't actually affect the funcionality of the webserver itself would it?
<MrPPS> actually, sorry, I did that the wrong way around
<MrPPS> but it would essentially take control of that port
<MrPPS> i.e. anything on port 80 would go to port 555
<MrPPS> I'm not entirely sure if that's what you're asking
<MrPPS> but if you wanted *all* port 80 traffic going to port 555 transparently
<MrPPS> that'd do it
<Arth> leme see if i can clarify my question before i look into socat
<MrPPS> no worries
<Arth> So normally when you go to www.domain.com in your browser, "technically" it goes to www.domain.com:80
<MrPPS> yep
<Arth> let's say i have service X running on port 555, how do i make it so that when i point my domain to www.domain.com, it goes to www.domain.com:555 without me appending :555 to the end
<MrPPS> is that the only service that would be used?
<Arth> don't really understand your question, kind of a long day, excuse me
<Takyoji> Port 80 is assumed by default, unless specified otherwise
<Arth> used where?
<Arth> and yeah I understand it's assumed by default, is there no index workaround or something I can use?
<MrPPS> Arth: I guess what I mean to say is, are you running a web server as well
<MrPPS> or is the only intended purpose of this server to provide that service on port 555?
<Arth> I know it seems like a trivial thing to type in :555 at the end but i'd just like to see if its possible
<Takyoji> In the way that things are implemented, it's not quite possible.
<Arth> well, from my knowlege, wouldn't you need a web server up to even be able to serve a page off a server when connecting from an external client?
<Arth> yes, the only intended purpose of the server is to provide service on port 555
<Takyoji> because your ISP blocks port 80, or?
<Arth> oh no not at all, this is hosted on a vps
<Arth> im not hosting it, not a port blocking issue
<Takyoji> So you're stuck to what port it's configured to?
<MrPPS> Arth: if the only intended purpose is to serve what's on port 555, and port 555 is a HTTP compatible service (which is sounds like it is), then the command: sudo socat TCP-LISTEN:80,fork TCP:localhost:555 would work fine
<Takyoji> since you don't have control to configure that?
<MrPPS> but you'd need *nothing* else listening on port 80
<MrPPS> oh, wait, you're not hosting this?
<Arth> not necessarily, i can configure it to whatever port I want, but wouldn't setting it to port 80 conflict with apache?
<Arth> MrPPS: i'd need the apache server listening on port 80 to even serve me up the page right? so i don't think that will work
<MrPPS> well, if the application itself (on port 555) is its own web server, you wouldn't need apache at all
<MrPPS> if it runs on port 555 through apache
<MrPPS> then you could just reconfigure apache to server that on port 80
<Arth> what's the command to turn apache off? sudo apache2ctl stop ?
<Arth> slipping me
<Arth> i'm gonna test if doing ip:555 with apache turned off will work
<Takyoji> Because the thing is, you can have Apache do a reverse-proxy to the service at port 555, I believe
<Takyoji> service apache2 stop
<Takyoji> or apache2ctl may work
<Arth> :o
<Arth> doing serverip:555 with apache turned off brings up the page
<Arth> so that means socat should work
<Arth> i don't need apache
<Arth> the sole purpose of the server is the service hosted at port 555
<Arth> MrPPS: gonna try socat and i'll let you know if it works
<MrPPS> awesome :)
<Arth> terminal hangs after sudo socat TCP-LISTEN:80,fork TCP:localhost:555
<Arth> *starts biting nails*
<Arth> well i changed the port to the actual port of the service that was it
<MrPPS> yeah, it just hangs, sitting there
<MrPPS> it doesn't display anything :)
<MrPPS> also, you may have to change TCP:localhost:555 to TCP:<public_IP>:555
<Arth> http://puu.sh/bt4dC/05ade2f72b.png
<Arth> yeah by hangs i mean i'd need to do ctrl^C to be able to type in another command
<Arth> well looks like ill need to do that and fix the public Ip thing
<MrPPS> yeah, it doesn't fork into the background
<MrPPS> you'd have to run it in screen/tmux
<MrPPS> Arth: if that makes sense?
<MrPPS> Takyoji: also, had a chat with devs
<Takyoji> Wouldn't iptables be capable of just changing the destination port?
<MrPPS> turns out
<MrPPS> inspircd is crappy half the time, when you exceed maximum connections for the network
<MrPPS> which is why I was getting the varied results
<Takyoji> alrighty
<MrPPS> so thanks anyway :)
<MrPPS> and yeah, iptables can probably do it, but I've never had to
<MrPPS> so I've just gotten used to socat for quick stuff
<Takyoji> because I just figure in the long term, rather than having to maintain to stay running
<MrPPS> yeah
<MrPPS> better approach
<Takyoji> maintain it to stay running*
<micw> hi
<micw> i have an ubuntu server that hangs during boot. on console 1 it shows that disks are mounted. on console 7 it shows that some services where starting/stopping
<micw> but i cannot get a shell, sshd is not yet started
<micw> i have no idea how to debug/recover
<Takyoji> Restart in single-user mode (selected at GRUB)?
<micw> "recovery mode"?
<Takyoji> yes
<micw> it boots to recovery menu
<micw> when i select "resume" it's the same issue
<Takyoji> and there should be an option to drop to a root shell, and not do a full boot
<Takyoji> and then pick through any log files in /var/log
<micw> it did not write logs yet
<micw> seems that it did not boot so far
<Takyoji> perhaps this may be of help for troubleshooting: https://wiki.ubuntu.com/DebuggingKernelBoot
<micw> there was an error with rpcbind (the only error during boot process) - so i remove it and try again (don't need nfs on the system)
<micw> the kernel boots fine
<micw> init starts as well
<micw> event network is set up (i can ping the machine)
<micw> event -> even
<micw> http://picpaste.com/Bildschirmfoto-VM_101_-_Mozilla_Firefox-lpm8e57r.png
<micw> thats what console 7 shows
<Takyoji> I suppose I don't have any specific ideas
<micw> same to me. normaly i get such boot issues quickly fixed
<lordievader> Good morning.
<HackeMate> hello
<HackeMate> if i send an email using smtp with TLS, and the destination server also uses TLS, is the email traveling unencripted?
<Guest22304> hi all
<Guest22304> i boot up  14.04 server livecd
<Guest22304> cannot get fdisk command to use, why?
<lordievader> Guest22304: Should be there, according to the manifest util-linux is installed.
<lordievader> Guest22304: Could you pastebin the output of "apt-cache policy util-linux"?
<lordievader> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Guest22304> I have just rebooted the livecd, but this time it is entering rescue mode !
<Guest22304> under its shell, it did has the fdisk command
<lordievader> Since when does the livecd has a rescue mode? Is it not the rescue mode of your physical install?
<Guest22304> that is true,!
<lordievader> Guest22304: Ok, so what seems to be the problem?
<Guest22304> I am boot the live cd in normal mode
<Guest22304> fdisk command is not exist
<lordievader> Guest22304: What is the problem you are facing and what steps have you taken to fix it?
 * lordievader is getting confused
<Guest22304> I boot the live cd  and is going to install it,
<Guest22304> I don't like the menu method to create partitions
<Guest22304> I like command line to do so
<lordievader> 10-12:08 < lordievader> Guest22304: Could you pastebin the output of "apt-cache policy util-linux"?
<Guest22304> so I need fdisk command to that work there
<Guest22304> the result is: /bin/sh: apt-cache: not found
<lordievader> Guest22304: Well ain't that lovely. Guess the easiest is to just use the menu, or make an live-usb/cd of the full desktop iso.
<Guest22304> ok, I got it
<Kunzem1987> Good day people. I posted yesterday about a backup that i have whith 20 files all *.tar.bz2.aa to *.tar.bz2.at and one small *.par2 file which i could not open with windoze using multipar or 7zip. I realised today that i could tar jxfv *.tar.bz2.aa but not the following *.tar.bz2.ab file. I did some searching and found that i needed to cat the files together to make one big tar.bz2 file to extract. I'm sure most
<Kunzem1987>  of you know this but i'm newbie with Ubuntu server. Just letting know how i got my problem fixed.
<ciroingiro> hello everyone. Ubuntu server 12.04 LTS turns off after a time imprecise operation. Sometimes it turns off after 1h. and the other after 4 days.
<ikonia> turns off as in shuts down ?
<cfhowlett> ciroingiro, cron jobs?
<ciroingiro> Excuse me for Enter Key, i have compare the log with normal shut down log and i have notate some partial log file.
<ciroingiro> i have check crontab directly in /var
<ikonia> can you just clarify it actually shutsdown/powers off ?
<ciroingiro> i have substitute the action shut down to power button pressed with a only log and now i have a partial log that say the power button is pressed and immediately the server turns off.
<ciroingiro> it turns off as a black out
<ikonia> so you're saying the screen goes black until you press the power button ?
<eutheria> aha
<eutheria> ok not the same problem
<ciroingiro> yes the screen is black, the server is poweroff
<ciroingiro> is off
<ikonia> are you sure the server is power off ?
<ikonia> as if it's powered off why do you then press the power button to turn it off ?
<ciroingiro> yes but i don't have idea of power off command
<ikonia> you're not powering it off - so why do you care about the power off command
<ikonia> the machine as I understand it is going to a black screen - you are then powering it off by pressing the power button
<ikonia> or am I wrong ?
<eutheria> wow grub failed while upgrading from 12.04 to 14.04
<ciroingiro> is a ibm server closed in a rack, a uman can not touch it bu i can operate from remote. When the connection is closed i see the server turned off, not in standby o screen standby.
<ikonia> ciroingiro: I'm really sorry, I don't understand what you are saying
<ikonia> ciroingiro: what is your native language ?
<ciroingiro> excuse me my language is italian and not speek english very well.
<ikonia> thats ok
<ikonia> ciroingiro: if you join me in #ubuntu-it I'm sure someone can help translate
<ciroingiro> ikonia ok i try #ubuntu-it. thank you very much .
<ikonia> no problem
<teward> rbasak: FYI: nginx-naxsi removed before jessie freeze - https://mail.google.com/mail/u/0/#inbox/145a57304822c977
<teward> oopsies
<teward> rbasak: relevant bug and discussion - see response from Christos - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746199
<uvirtbot> Debian bug 746199 in src:nginx "Outdated naxsi version, incorrect learning tools included in packages" [Important,Open]
<jamespage> zul, hallyn: afternoon chaps
<hallyn> \o
<jamespage> having a few issues with libvirt in utopic
<zul> jamespage: its hallyn's fault :)
<jamespage> hallyn, I've seen a crash - https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1367703
<jamespage> zul, ^^
<hallyn> impossible
<jamespage> and lockups as well - virsh can't get a response and nova is locked out as well
<jamespage> kinda limits instance management
<jamespage> ....
<zul> hallyn: looks like cgmanager :)
<hallyn> jamespage: is cgmanager running?
<jamespage> hallyn, yes
<jamespage> hallyn, I have one hanging now if that's helpful
<jamespage> rather than crashing
<hallyn> jamespage: i has a guess that apparmor is preventing libvirt from talking to cgmanager.  does 'cgm apiversion' work?
<jamespage> hallyn, yes
<jamespage> hallyn, nothing in the kern.log about DENIED
<hallyn> jamespage: does 'unix' show up in /etc/apparmor.d/usr.sbin.libvirtd ?
 * jdstrand notes we don't have an enforcing kernel for 'unix'
<hallyn> you're on the right version of libvirt,
<jdstrand> (that will land soon)
<jamespage> hallyn, it does
<hallyn> hm
<hallyn> jamespage: well the bug report says all your libvirt configs are updated.  please attach those.   ps -ef | grep libvirt, and cat /proc/pid/attr/current and /proc/pid/cgroups for libvirtd
<hallyn> jamespage: so this is happening on >1 hosts?
<jamespage> hallyn, so I've seen that crash once and the lockup a few times on multiple different hosts
<hallyn> all stock utopic?
<hallyn> now mind you we shouldn't be crashing when we can't connect to cgmanager
<hallyn> so i'm not handling a DBusError or something somewhere
<jamespage> hallyn, yes
<sturmflut-work> Anybody here who runs Ubuntu on ARM64/ARMv8-A hardware? Not just the emulator, a real machine.
<TurkerTunali1> Hi guys,  I've created a user when installing ubuntu server 14.04 (namely:ubuntu) . I want to ask you that does this user has root privileges? Because I have some strange behaviours. I have a script which installs Postgresql 9.3 along with our ERP and it works greate on AWS but my local machines can't connect Postgresql.
<rbasak> TurkerTunali1: cloud images allow the ubuntu user to sudo with no password.
<CarlFK> TurkerTunali1: the user created by the installer has sudo privs
<rbasak> The default user on Ubuntu desktop (or traditional server) can also sudo, but only with a password by default.
<rbasak> See /etc/sudoers.d/ in the different environments.
<TurkerTunali1> I am checking, I've edited (sudo visudo) to give my user sudo capabilities without password
<CarlFK> hmm, prolly better to figure out why you can't connect to Postgresql
<TurkerTunali1> sudoers.d folder is empty
<TurkerTunali1> on my local machine
<rbasak> Indeed.
<CarlFK> same here (well, it includes a README)
<TurkerTunali1> AWS has 90-cloud-init-users file
<TurkerTunali1> AWS specified ubuntu user as NOPASSWD:ALL
<TurkerTunali1> I've given this permission with sudo visudo
<TurkerTunali1> on my local machine, so there must be something else
<TurkerTunali1> does ubuntu server 14.04 repos and AWS Ubuntu server repos are the same?
<TurkerTunali1> maybe they are downloading from different postgresql repos
<CarlFK> TurkerTunali1: how is postgresql server being installed?  (I am guessing a script that installs the whole erp system?)
<RoyK> I have a wierd memory usage issue here on a vm that's running a java process. it's not ubuntu, but I don't think it's distro specific - ok to ask?
<patdk-wk> easy solution
<patdk-wk> uninstall java :)
<CarlFK> lol
<hallyn> jamespage: on a fresh utopic install, i follow https://wiki.ubuntu.com/SergeHallyn_libvirtnest  and cdboot starts fine, no cgmanager errors.
<RoyK> patdk-wk: not my choice - confluence runs on it :P
<RoyK> Anyone that knows what on earth is using memory here? http://pastebin.centos.org/12351/ (munin graph here http://karlsbakk.net/bilder/memuse.png)
<RoyK> it's really confusing
<patdk-wk> royk, likely your anonhugepages problem
<patdk-wk> sometimes java likes it, and sometimes not
<patdk-wk> it depends on the java app
<RoyK> what are they?
<patdk-wk> oracle had a nice writeup on that somewhere
<patdk-wk> transparent huge pages?
<patdk-wk> it's converting those 4k memory blocks to 2megs
<RoyK> I just don't get it - the java app just uses 1GB, as it's told to
<patdk-wk> likely how the app works, it keeps shuffling things around, and conflicts
<patdk-wk> ya, but if it is getting allocated 2meg pages, but not using all 2megs
<patdk-wk> cause it keeps randomly freeing parts of it
<RoyK> As you can see on the graph, some time back, the VM just had 2GB memory. I gave it another 2GB, and it just grabbed it all
<patdk-wk> cause of how it's memory allocation works
<patdk-wk> jemalloc has this problem
<RoyK> (without it showing up in the ps list etc)
<RoyK> ok
<patdk-wk> tricks to help malloc, cause other issues :)
<patdk-wk> can't cross optimize :)
<RoyK> do you know any resources about this?
<RoyK> should be possible to fix it without giving each java-running vm 64 gigs of RAM :P
<patdk-wk> https://blogs.oracle.com/linux/entry/performance_issues_with_transparent_huge
<patdk-wk> well that is talking about performance
<patdk-wk> man, ran across it like a month ago
<Alina-malina> when i connect with ftp, why i get owner groul as www-data www-data?
<RoyK> Alina-malina: the question is, why do you use ftp? ;)
<RoyK> !ftp
<ubottu> FTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd
<Alina-malina> RoyK, wel it was example
<RoyK> ubottu: also, FTP is an outdated protocol, don't use it! Use sftp instead.
<Alina-malina> RoyK, it is sftp
<Alina-malina> so what you think?
<Alina-malina> why it shows www-data www-data?
<RoyK> Alina-malina: it should be the user/group of the connecting user/group
<Alina-malina> yes is it ok?
<RoyK> is it www-data connecting and creating files?
<Alina-malina> yes
<Alina-malina> probably
<RoyK> then it's correct
<RoyK> and there should be no 'probably's to sysadmining ;)
<Alina-malina> because it is website, and from time to time it gives an error  failed to open stream: Permission denied
<Alina-malina> so what is wrong with that?
<FrEaKmAn_> hi all
<FrEaKmAn_> I have a VPS with root access to ubuntu 12.04. I have defined firewall rules with iptables
<FrEaKmAn_> for some reason, after few days there are no rules anymore
<FrEaKmAn_> my question is: when I define iptables rules, do I need to "flush" them to store?
<FrEaKmAn_> I don't think they reset after restart
<RoyK> !ufw | FrEaKmAn_
<ubottu> FrEaKmAn_: Ubuntu, like any other Linux distribution, has built-in firewall capabilities. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | GUI frontends such as gufw and ufw-kde also exist. | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo
<FrEaKmAn_> RoyK: thanks
#ubuntu-server 2014-09-11
<scyld> Hi ! I Just wonder. I have to 12.04 ubuntu servers. On first /usr/bin/w shows hostnames in FROM column. On second there is an IP address. Both servers have resolving working OK and I can resolve IP addresses with `host`. Is second server misses some packages or what? The difference is only one. First server uses bind named as dns server, the second is using dnsmasq. Please help :)
<scyld> s/I have to/I have two/
<scyld> hah, found the answer ;)
<zubairahmed> would you like to share scyld?
<scyld> Sure. Entries in FROM column shown by /usr/bin/w are not resolved â I checked that using tcpdump, they are taken from /var/log/wtmp. Resolving and putting them in wtmp is done by sshd where I have `UseDNS no` on second server :)
<DarkStar1> Morning all. I am trying to redirect all http traffic to https and have this setup http://fpaste.org/132677/04240311/
<DarkStar1> The http still does not redirect
<zubairahmed> nevermind scyld
<DarkStar1> I have enabled mod rewrite and can't think of what else I am missing
<scyld> https://wiki.apache.org/httpd/RewriteHTTPToHTTPS
<scyld> DarkStar1: ââ
<scyld> zubairahmed: ??
<zubairahmed> I am an idiot. scyld
<scyld> cool
<scyld> so bye
<DarkStar1> didn't work
<HackeMate> hello
<lordievader> Hey HackeMate
<brontosaurusrex> should there be minidlna in 14.04 ?
<lordievader> !info minidlna
<ubottu> Package minidlna does not exist in trusty
<lordievader> !info minidlna saucy
<ubottu> 'saucy' is not a valid distribution: extras, kubuntu-backports, kubuntu-experimental, kubuntu-updates, lucid, lucid-backports, lucid-proposed, partner, precise, precise-backports, precise-proposed, stable, testing, trusty, trusty-backports, trusty-proposed, unstable, utopic, utopic-backports, utopic-proposed
<lordievader> !info minidlna precise
<ubottu> minidlna (source: minidlna): lightweight DLNA/UPnP-AV server targeted at embedded systems. In component universe, is optional. Version 1.0.21+dfsg-1ubuntu1 (precise), package size 133 kB, installed size 343 kB
<brontosaurusrex> !info minidlna trusty
<ubottu> Package minidlna does not exist in trusty
<lordievader> brontosaurusrex: That's the first one ;)
<ogra_> sudo apt-get installl devscripts; rmadison minidlna
<lordievader> !info minidlna trusty-backports
<ogra_> that will give you all info at once
<ubottu> minidlna (source: minidlna): lightweight DLNA/UPnP-AV server targeted at embedded systems. In component universe, is optional. Version 1.1.2+dfsg-1~ubuntu14.04.1 (trusty-backports), package size 125 kB, installed size 468 kB
<ogra_> so you dont need to poke the bot 100 times ;)
<lordievader> brontosaurusrex: It's in trusty-backports.
<brontosaurusrex> ok
<lordievader> ogra_: Seems like a nice tool, thanks.
<ogra_> :)
 * lordievader goes and fidlle with rmadison.
<brontosaurusrex> do i want "deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse" in sources.list ?
<lordievader> brontosaurusrex: Looks about right.
<brontosaurusrex> thanks
<brontosaurusrex> exit
<Perkol> Why php have apache in deps?
<jrwren> Perkol: it doesn't, libapache2-php does.
<jrwren> Perkol: Depends: libapache2-mod-php5 (>= 5.5.9+dfsg-1ubuntu4) | libapache2-mod-php5filter (>= 5.5.9+dfsg-1ubuntu4) | php5-cgi (>= 5.5.9+dfsg-1ubuntu4) | php5-fpm (>= 5.5.9+dfsg-1ubuntu4)
<jrwren> that pipe means or, so to get php via the php5 package, you need one of those. apache, cgi or fpm
<jamespage> zul, I pushed a minor fix to the ceilometer branch btw - missing api_paste.ini for the api daemon
<zul> jamespage: ok cool
<zul> jamespage: i need to see whats needed for horizon
<jamespage> zul, ack
<jamespage> I saw lots of xstatics coming over
<zul> jamespage: yep
<shredding> Can someone give me a hint, why logrotate gives errors of the pattern: error opening /var/www/typo3conf/ext/core/Classes/ContentProvider/Logs/1398685036.txt.5.gz: No such file or directory
<shredding> logrotate is correct, the file is not there, but i thought the idea is that logrotate creates it.
<GeekDude> Getting this problem "sudo: add-apt-repository: command not found" when trying to add a ppa. Everyone says to install "python-software-properties" "software-properties-common", but neither is helping me
<jpds> GeekDude: it should be in the latter.
 * GeekDude tries again 
<GeekDude> jpds: huh. Seems to have worked this time
<hallyn> zul: could you in your copious spare time post a ping on https://bugzilla.samba.org/show_bug.cgi?id=10490  ?
<uvirtbot> bugzilla.samba.org bug 10490 in Winbind "pam_winbind fails with kerberos method = secrets and keytab" [Normal,New]
<zul> hallyn: not even copious anymore, but yeah
<hallyn> zul: thanks (i don't have an account on that bugzilla;  if you don't have time i can create an account to do th eping)
<bfisher-fleig> i'm looking to setup a home vpn
<bfisher-fleig> i provisioned an old laptop with ubuntu 14.04 desktop, but it seems to hibernate
<bfisher-fleig> will ubuntu server remainly available barring crashes?
<StolenToast> can't you just turn off hibernate?
<zubairahmed> w
<bfisher-fleig> StolenToast thanks! I'll try that
<qhartman> Just started using some Trusty HVM images on ec2, and my syslog is getting flooded by messages like this: http://pastebin.com/iMbJXQdS
<qhartman> Is there anything to be done about that?
<qhartman> My googling hasn't returned anything that seems relevant
<qhartman> aha, finally found this: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1304001
<uvirtbot> Launchpad bug 1304001 in linux "xen:balloon errors in 14.04 beta" [High,Confirmed]
<HackeMate> i am in my server using ssh and this message apears: PAM service(sshd) ignoring max retries; 5 > 3
<HackeMate> what is that?
<StolenToast> I'm logged in to my server at another computer and it is preventing me from editing some files
<StolenToast> I can't get to the computer though
<StolenToast> how can I kick "me" off?
<patdk-wk> hackemate, can be ignored
<StolenToast> kill their tty process?
<patdk-wk> or you can fix it by limiting login attempts in ssh to 3 instead of 5
<sarnold> StolenToast: eh? what error messages are you getting?
<StolenToast> trying to start byobu it tells me ERROR: [/root/.byobu] is not writable by the current user
<StolenToast> I am the corerct user though and check the dir permissions
<StolenToast> *checked
<StolenToast> also there is free space
<StolenToast> that's happened to me before
<sarnold> StolenToast: what's byobu? why does a user account need write access to something in the /root/ directory? that seems very strange
<StolenToast> '/root' is just the "root" (root in name only) user's home directory
<StolenToast> I thought that was how ubuntu worked
<StolenToast> and byobu is a wrapper for tmux
<StolenToast> adds a few features
<sarnold> StolenToast: well, sure /root is just root's HOME, but .. what user are you? or what permissions are on /, /root, and /root/.byobu?
<StolenToast> my user is root and the owner is root and it has rwxrw-rw- permissions or something similar
<StolenToast> ubuntu1204:~# ls -hal | grep .byobu
<StolenToast> drwxr-xr-x  2 root root 4.0K Sep 10 13:09 .byobu
<StolenToast> ubuntu1204:~# whoami
<StolenToast> root
<sarnold> StolenToast: so, if byobu is a tmux wrapper, can you then use 'byobu attach' to re-attach it?
<StolenToast> running 'byobu' is equivalent to attach
<StolenToast> yeah if I run it I get the same error
<sarnold> hmm. well, if another process has it open and thus keeping you from using byobu (seems odd...) then you -could- kill that other task but probably that' dalso kill whatever is running inside of it
<teward> does `apt` actually read the content of debian/ NEWS files and then notify users about the change(s) in the NEWS file when the source is a PPA?
<teward> s/apt/apt-get/
<sarnold> teward: iirc apt-changelog thing reads contents from changelogs.ubuntu.com -- no idea if that server hosts PPA changelogs but it seems unlikely to me
<teward> sarnold: okay, that explains it...
<StolenToast> sarnold, I can't think of anything I'd be doing to that directory
<StolenToast> which is why this is kind of odd
<teward> sarnold: nginx in Debian synced the confs with upstream (there had been a delta) and it breaks fastcgi backends, and apt-get doesn't throw a notice
<teward> maybe because it's not checking the NEWS file for each package individually and only looking at changelogs.ubuntu.com?
<teward> (cc: rbasak)
<sarnold> StolenToast: try fuser /root/.byobu, that might show what's going on
<StolenToast> '/root/.byobu:        31572c'
<sarnold> teward: I wouldn't expect it to, apt just orchestrates package upgrades
<StolenToast> not sure what that means
<sarnold> StolenToast: hmm, that just means process 31572 has that directory as its current working directory. shouldn't affect anything.
<StolenToast> I can see the user who is also running byobu when I do 'w'
<StolenToast> byobu is designed for multiple concurrent users, though
<StolenToast> and it's never been a problem before
<kirkland> StolenToast: are you running byobu as root?
<kirkland> StolenToast: how did you become the root user?
<StolenToast> if by root you mean elevated no
<StolenToast> root is just the name of the default user
<sarnold> StolenToast: well, you could break out strace to find out -why- you're getting the error message you are, sometimes applications try to provide "friendly" messages that are less informative than the OS error codes..
<StolenToast> never used strace
<sarnold> strace is a beast. awesome tool but a tool of last resort :)
<patdk-wk> last? :)
<StolenToast> do I just strace a command?
<sarnold> strace -o /tmp/output  byobu --whatever-args    -- then look in /tmp/output for what went wrong, normally start near the end of the file
<kirkland> StolenToast: did you use sudo become root?
<kirkland> StolenToast: if so, you need to use sudo -H
<sarnold> patdk-wk: yeah, I'd rather read decent logs first :) hehe
<StolenToast> kirkland, I am not a "root" user, just a regular user
<StolenToast> which happens to be called root
<teward> sarnold: sounds counterintuitive due to https://bugs.launchpad.net/nginx/+bug/1366651 which is caused because Debian updated their configs and removed the delta (the NEWS entry never pops up and there's no notice about that to users upgrading).
<uvirtbot> Launchpad bug 1366651 in nginx "1.6.1/1.7.4 and newer breaks FastCGI" [Undecided,Won't fix]
<teward> sarnold: while it's not really 100% of a huge issue because PPA, it seems a little counterintuitive to not check NEWS entries and such for PPA packages...
<StolenToast> I gotta go, thanks for the input sarnold and kirkland
<kirkland> StolenToast: good luck
<sarnold> good luck StolenToast
<sarnold> teward: apt doesn't care :) apt just installs packages. it never does anything about NEWS entries or anything else..
<teward> sarnold: what does the actual NEWS entry checks and config conflict checks (if any) in Ubuntu then?
<sarnold> teward: nothing
<sarnold> teward: the conffile handling is different but NEWS is for humans
<patdk-wk> teward you sure? those NEWS entries are always displayed for me
<teward> sarnold: humans don't know data in the NEWS field unless the system poses it.  Seems a little counterintuitive that it doesn't actually show that.
<teward> patdk-wk: haven't seen it yet for my updates/upgrades in any Ubuntu release with standard updates since Jaunty
<teward> patdk-wk: and it doesn't appear to do it at all with PPAs
<sarnold> patdk-wk: what the heck am I missing? I have no idea what you and teward are talking about :)
<patdk-wk> been for me since I used ubuntu in 7.04 :)
<patdk-wk> sarnold, changelog notes
<teward> patdk-wk: i think we're on two separate things, I'm on the NEWS entry in human-readable format for major change notices to the sysadmins...
<sarnold> patdk-wk: and how do you see them? running apt-get changelog by hand or as part of a normal apt-get -u dist-upgrade ?
<teward> (would be nice if changelogs're shown as part of upgrade/dist-upgrade though)
<patdk-wk> install apt-listchanges
<patdk-wk> every apt-get upgrade/dist-upgrade will show them
<patdk-wk> I do that on one system, and always update that system first
<patdk-wk> then push to the others
<sarnold> patdk-wk: wow never seen that before :) thanks
<patdk-wk> :)
 * patdk-wk teachs ubuntu dev about ubuntu :)
<patdk-wk> it's highly annoying on kernel updates though :)
<teward> lol
<teward> patdk-wk: useful on non-kernel updates, esp. where things might majorly break
<patdk-wk> yep
<patdk-wk> caught that php-fpm change with it
<sarnold> hehe
<teward> would be nice if that were included default, but... *shrugs*
<patdk-wk> would be nice to be a built in apt-get option :)
<teward> mhm
<patdk-wk> ok hmm
<patdk-wk> am I on ip4 or ip6?
<patdk-wk> looks like 4, so my ip6 is acting up again :(
<jrwren> comcast reset my ipv6 leases yesterday for the first time in months.
<teward> i wish Comcast would actually GIVE ME a v6 address, i've reset my modem TWICE and still haven't gotten v6 :/
<genii> teward: Have you done the check at http://test-ipv6.comcast.net/  ?
<teward> genii: it's not a question about the cehck, it's that they aren't giving a v6 address
<teward> genii: has comcast rolled out v6 everywhere yet?
<genii> Not sure.
<teward> i'll ask their support tomorrow
<genii> Maybe you have a crappy ipv4-only modem
<teward> genii: meh, maybe, but meh
<jrwren> do you see them announcing ipv6 if you sniff ipv6 on your connection? are you running dhclient -6 ?
<xperia> hi all. i would like to format a new drive with the raiser4 filesystem. how can this be done in ubuntu?
<genii> xperia: You need the package reiser4progs  and then use mkfs.reiser4 on it
<xperia> genii: thanks a lot. will check it out !
<genii> Don't forget to partition it first.
<blkperl> can someone on the server team take a look at bug 1124250 NFS w/14.04 is unusable as long as this bug exists
<uvirtbot> Launchpad bug 1124250 in nfs-utils "Partially incorrect uid mapping with nfs4/idmapd/ldap-auth" [Undecided,Confirmed] https://launchpad.net/bugs/1124250
<Phibs> anyone know how to tell what gpg I need for an unathenticated package
<StolenToast> what would make my server's fs a readonly system?
<StolenToast> it happens sometimes
<Phibs> StolenToast: underlying storage errors
<StolenToast> =
<StolenToast> =(
<Phibs> StolenToast: is it nfs?
<StolenToast> im not actually sure
<Phibs> ;)
<StolenToast> it's happened before I think just a reboot fixed it
<Phibs> well you have to find if its NFS
<Phibs> or local
<StolenToast> oh its local
<StolenToast> i guess it is preventing me from rebooting too...
<Phibs> hah
<Phibs> haha
<Phibs> dat hard dizk
<Phibs> hmm
<Phibs> anyone using ubuntu-cloud stuff?
<Phibs> ubuntu makes me cry
<Phibs> a lot
 * sarnold hubs Phibs 
 * sarnold hugs Phibs, too
<sarnold> there there buddy, it'll be alright
<StolenToast> yeah it was some inode errors
<StolenToast> rebooting the server and letting the checker run fixed the issue
<Phibs> uhm
<Phibs> that's never good
<Phibs> sarnold: so I'm using the cloud archive
<Phibs> if I install the cloud keyring, packages from it won't install
<sarnold> hey StolenToast -- check your dmesg for sata / scsi errors, they are usually pretty loud and obnoxious and you'll see them right away when there's an issue
<Phibs> if I remove the keyring, it works....
<Phibs> the fuck does that work?
<StolenToast> alright
<Phibs> StolenToast: you also want to check smartctl
<Phibs> your disk is probably dying.
<sarnold> Daviey: ^^^ any idea what Phibs is seeing?
<Phibs> would be interesting to figure it out
<Phibs> makes no sense to remove the cloud keyring :)
<Phibs> that repo syntax hurts my head too
<Phibs> deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
<Phibs> I wish ubuntu didn't do the pool/dist crap
<Phibs> mangina!
<Phibs> Daviey: pnig
<Phibs> Daviey: ping*
<sarnold> Phibs: if Daviey isn't around, utlemming or smoser may also be able to help..
<Phibs> utlemming: ping
<Phibs> ;0
<torrentul> L.
<torrentul> :/ *
<torrentul> can anybody figure out why my shell script wont work :/ https://torrentula.se/irc.sh
<sarnold> torrentul: that's an ELF file, not a shell script
<torrentul> oh :/
<FFForever> Hey hey. Is there an official way to install PHP 5.4 in 14.04?
<sarnold> FFForever: nope, I think you're on your own if you want to use php 5.4
<FFForever> sarnold, I don't /want/ to. Unfortunately my legacy app doesn't work for 5.5.
<sarnold> FFForever: oww :(
<FFForever> I know this is a long shot, but is it possible with an app like EXIM to allow open relay, and proxy the messages to a remote host vist TLS/auth credentials?
<FFForever> (of course the server will be limited to intranet/vpn connections only)
<sarnold> FFForever: heh, that one is probably doable, exim is pretty flexible
<FFForever> Let's hope. Yet another legacy app that in this case refuses to let me a) supply a password, b) use any port besides 25.
<sarnold> ugh
<sarnold> that kind of cruft will bury us all
<sarnold> my condolences :)
#ubuntu-server 2014-09-12
<axisys> sudo apt-get update gives this on lucid
<axisys> *** glibc detected *** /usr/lib/apt/methods/http: munmap_chunk(): invalid pointer: 0x00007fb1bd37b460 ***
<axisys> any suggestion?
<axisys> just rebooted and still same error
<sarnold> anything in dmesg?
<axisys> no.. I thought glibc bug was fixed that was introduced on Aug 4th
<xperia> hi all. i need to install and load the reiser4 kernel module on a ubuntu-server. can somebody tell me how can this be done? i have already formated a partition by installing the needed tools like progsreiser4 and using mkfs.reiser4 but i am not able to mount it. it say always unknow filesystem. i guess this is because i need to load the kernel module for this filesystem also.
<sarnold> xperia: try "modprobe reiserfs"
<axisys> https://bugs.launchpad.net/ubuntu/lucid/+source/eglibc/+bug/1352504 worked
<uvirtbot> Launchpad bug 1352504 in eglibc "Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname" [Critical,Fix released]
<xperia> sarnold: thanks a lot will try it out and report back!
<sarnold> axisys: oh I'm sorry, I forgot all about that one :(
<xperia> sarnold: modprobe reiserfs loads the old module instead the new one reiser4. becoause of this i am still getting the error message "unknow filesystem Â»reiser4Â«"
<xperia> when i try to mount the reiser4 partition.
<sarnold> xperia: oh, I'm sorry. I didn't realize reiser4 hadn't been merged: "Reiser4 has a questionable future and no immediate plans for merging into the Linux kernel." http://en.wikipedia.org/wiki/Reiser4
<xperia> sarnold: okay thanks for the info. looks like i need to compile it to get it load on 14.04
<sarnold> xperia: yeah. oh well, thatshouldn't be too horrible. check out the kernel-package package -- it can help building kernel debs for easy dpkg -i  :)
<xperia> sarnold: cool will just do it. i really want this reiser4 kernel module
<Sling> I have postfix using mysql as a backend for some information, but postfix is jailed to /var/spool/postfix so it can't access the mysql socket. I've fixed this by creating a mount point "/var/run/mysqld /var/spool/postfix/var/run/mysqld bind defaults,bind 0 0" in fstab and this mounts fine and works like a charm
<Sling> but, when rebooting, it complains that /var/run/mysqld doesn't exist and halts booting
<Sling> when I skip it, and manually say 'mount /var/spool/postfix/var/run/mysqld', it works fine again
<ikonia> /var/run/mysqld is created after the file system mounts
<ikonia>  /var is also "ram" as I recall, rather than an actual disk
<Sling> hmm, that would explain it, any decent way of fixing this without hacking around?
<Sling> well /var isn't in ram, there is persistent log storage there
<Sling> maybe /var/run
<ikonia>  /var /run is I think
<Sling> tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
<Sling> so the '/run' outside of var is, yea
<ikonia> if you look though /run is a symlink to /var/run
<Sling> looks like a normal folder to me
<ikonia> I've not got an ubuntu box at hand to verify, I'm working from memory
<ikonia> I could be wrong on that
<Sling> drwxr-xr-x  16 root root  600 Sep 12 08:29 run
<Sling> in .
<Sling> er, in /
<Sling> but anyway, a way to 'late' mount this?
<Sling> or should I then make an upstart script that depends on mysql
<Sling> weird thing is that this works fine on another ubuntu 12.04 box, which is the same version as this box but might be a few packages behind
<Sling> oh wait, I added 'nobootwait' there
<ikonia> I'm not sure of the best way I'd handle this
<ikonia> nobootwait - I don't think that will work, try it though
<thejoecarroll> can anyone say whether there is an official recommendation regarding using ubuntu's own apt repositories for 14.04 to install puppet-common (http://packages.ubuntu.com/trusty/admin/puppet-common) as opposed to using puppet labs' release repository (as described here: https://docs.puppetlabs.com/guides/install_puppet/install_debian_ubuntu.html)? any pros/cons for either option?
<lordievader> Good morning.
<lordievader> thejoecarroll: Standard Ubuntu policy would be to pull everything from their repo, as they might apply Ubuntu specific patches. However the puppet version from the puppet repo works fine on Ubu Trusty.
<thejoecarroll> thanks lordievader
<xperia> hi all. how can i upgrade the kernel easy to 3.15 on a ubuntu 14.04 kernel ? i really need to run 3.15 Kernel instead 3.13
<lordievader> !info linux-image-generic
<ubottu> linux-image-generic (source: linux-meta): Generic Linux kernel image. In component main, is optional. Version 3.13.0.35.42 (trusty), package size 2 kB, installed size 28 kB
<lordievader> xperia: For Trusty that is not possible. Besides 3.15 is EOL.
<xperia> lordivader: hmm is not 3.15 the new kernel that will be used in the comming ubuntu version 14.10 ? what do you mean with EOL End Of Life?
<lordievader> xperia: Yes, EOL = End Of Life. 14.10 uses 3.16. See https://www.kernel.org/
<lordievader> !info linux-image-generic utopic
<ubottu> linux-image-generic (source: linux-meta): Generic Linux kernel image. In component main, is optional. Version 3.16.0.14.15 (utopic), package size 2 kB, installed size 28 kB
<lordievader> Perhaps if 3.17 is released before the kernel freeze of oct 9 that one will be included.
<Sachiru> In terms of stability would it be wise to upgrade to 14.10 if you are currently running 14.04?
<brontosaurusrex> on 14.04, is there any firewall on by default?
<lordievader> No. It is never adviced to upgrade an development release.
<brontosaurusrex> i'am getting "upnphttp.c:1043: warn: HTTP Connection closed unexpectedly" when running minidlna
<lordievader> brontosaurusrex: Yes. UFW is installed per default, UFW is a frontend to IPTables.
<lordievader> brontosaurusrex: I don't think that is a firewall problem.
<brontosaurusrex> lordievader: ok, any guesses?
<brontosaurusrex> "ufw status verbose" says inactive
<lordievader> brontosaurusrex: The server/client program. Something closes the connection. A firewall will prevent the connection from ever being setup (if instructed to do so...)
<xperia> lordievader: okay thanks.
<brontosaurusrex> well, the gupnp-tools are showing my server
<brontosaurusrex> among many others on this network
<brontosaurusrex> also xbmc is finding/playing my stuff, so i guess its working somehow
<xperia> lordievader: i really need to get the ubuntu kernel sources for 3.15. how can i obtain them on a 14.04 system ? i looked for ppa but could not find anything.
<lordievader> xperia: You know that compiling your own kernel is unsupported here?
<xperia> this is new to me as i am on a ubuntu 14.04 ubuntu server and thinked here i am right to ask that simple question. where should i go then ?
<xperia> okay will try #ubuntu-devel then! lets see
<lordievader> xperia: The sources of the 3.15 kernel can be found here: https://launchpad.net/ubuntu/utopic/amd64/linux-image-generic/3.15.0.6.7
<lordievader> xperia: What I ment was that compiling your own kernel is not supported by Ubuntu.
<Odd_Bloke> xperia: #ubuntu-devel is for the development of Ubuntu itself, I don't think you'll get much help there.
<Odd_Bloke> xperia: Why do you need 3.15 specifically?
<xperia> ahh okay thanks a lot will just try it out.
<lordievader> xperia: #ubuntu-kernel would be your best bet.
<lordievader> But I suppose they will tell you the same.
<xperia> Odd:Bloke: for reiser4 support
<xperia> Odd_Bloke:
<Odd_Bloke> reiser4 is still a thing?
<xperia> Odd_Bloke: for One Billion small Files and more there is no better File System Choise or do you think else ?
<Odd_Bloke> Sorry, that wasn't a very constructive thing to say.
<Odd_Bloke> xperia: Have you tried http://ubuntuhandbook.org/index.php/2014/06/install-upgrade-linux-kernel-3-15/ ?
<xperia> Odd_Bloke: reiser4 just got new features especially for ssd drives only a few days ago and this patches work only with kernel 3.15 versions. thanks for the link will just check it out.
<xperia> Odd_Bloke: ahh i need to build the 3.15 Ubuntu Kernel from sources to enable resier4 support. the link lordievader posted looks very good. will help me a lot.
<lordievader> xperia: If you are going to build a kernel, build 3.16. Like I said 3.15 is EOL.
<lordievader> xperia: And when things break and you are asking for support mention that you are running a custom kernel.
<xperia> lordivader okay then i will try to build the 3.15 Kernel Version. I hope it will work with the reiser4 3.15 patches.
<xperia> ehh sorry 3.16
<xperia> lordievader: sorry to ask this stupid question but what ppa do i need to add on a 14.04 system to be able to fetch the ubuntu kernel sources ?
<lordievader> xperia: Since you don't have the utopic sources simply download them from launchpad.
<xperia> thanks. you just gave me the idea to add the utopic sources to the /etc/apt file :-)
<lordievader> xperia: No don't do that.
<lordievader> xperia: That's a really bad idea.
<lordievader> xperia: Please read what I type.
<e-DIO-t> anyidea about a 3Tb RAID1 read as 800Gb RAID1 via 12.04.3 LTS / Uefi install ?
<a_ok> Is there a non X boot configuration manager that can handle ubuntu's divided boot configuration?
<ubuntunoob> hi guys. i want to upgrade my running production servers to the supported version of ubuntu. i only have ssh access to my servers and was wondering what is the best way to go about it
<ubuntunoob> 13.10 at the moment and wish to upgrade to 14+
<ubuntunoob> i understand 14.4.1 is prefferable in terms of suport period
<ubuntunoob> anyone here?
<cfhowlett> icu
<lordievader> ubuntunoob: That surely is possible.
<cfhowlett> !install
<ubottu> Ubuntu can be installed in lots of ways. Please see https://help.ubuntu.com/community/Installation for documentation. Problems during install? See https://wiki.ubuntu.com/CommonProblemsInstall - Don't want to use a CD? See http://tinyurl.com/3exghs - See also !automate
<pmatulis> morning
<a_ok> For some reason ubuntu is the only distro that is a pain in the boot. I really hope that migration to systemd is going to be fast. Else we still have upstart junk together with legacy sysvrc and systemd unit files to manage...
<ubuntunoob> what about, sudo do-release-upgrade?
<ubuntunoob> is it safe to do it over ssh?
<cfhowlett> !eolupgrade | ubuntunoob, you'd have to do an eolupgrade.
<ubottu> ubuntunoob, you'd have to do an eolupgrade.: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<a_ok> yes it is however it is recommended to at least have means of "physical" access
<cfhowlett> ubuntunoob, how remote is your "remote"
<ubuntunoob> another country
<a_ok> ubuntunoob, also use screen
<ubuntunoob> i have email support from the vps company and they are fairly responsive
<cfhowlett> ubuntunoob, sounds like a solution is possible.   can your server be taken off-line for the upgrade?
<ubuntunoob> yes
<cfhowlett> ubuntunoob, peaches & cream!  read the install alternatives link. Never done one myself, but I'm pretty sure you can enable an EOLupgrade via ssh.
<a_ok> ubuntunoob, do make sure you use screen or another type of multiplexer that has reconnect functionality
<maxb> cfhowlett, ubuntunoob: Saucy is still present on the main archive, so I don't think the special provisions for an upgrade from a release which has been demoted to old-releases need apply
<cfhowlett> maxb, you almost certainly know more than I - help?
<a_ok> cfhowlett, yep i have done it nothing special about it
<lordievader> I'd say "sudo do-release-upgrade" will still work at this time.
<ubuntunoob> ok, i will go read the eol guide now. thank you
<maxb> Don't worry about the EOL guide, 13.10 is not that old. You are simply in the position of doing a normal upgrade
<maxb> (though remote)
<maxb> I believe you just need a standard run of 'do-release-upgrade', paying attention to the things it tells you about running the upgrade in a screen session, and having some sort of emergency plan in place for if the worst happens and boot fails
<lordievader> do_release_upgrade opens a screen itself.
<cfhowlett> maxb, what's the command flag to dry run???
<maxb> dry run?
<cfhowlett> maxb, "don't execute" but show output
<lordievader> cfhowlett: It has a sandbox mode, but I don't know if that is what you mean.
<cfhowlett> ubuntunoob, actually, do-release-upgrade will show the upgrade plan and await one more authorization initialize so do that.
<maxb> Does do-release-upgrade have one of those? I can't see that it would be particularly helpful, as a release upgrade is sufficiently complex that a dry run won't be very representative
<ubuntunoob> ok so i am doing it on a test server first and running do release upgrade without screen (because you said it opens up its own screen)
<lordievader> ubuntunoob: Err, do open your own. It will probably detect it. But better be safe than sorry.
<a_ok> ubuntunoob: Also when you want to stay on LTS releases edit /etc/update-manager/release-upgrades (and set prompt to lts)
<ubuntunoob> than you, i am doing it now
<ubuntunoob> after editing to lts, closing all important running processes, backing up important stuff, opening a screen and running d--release-upgrade it says - Checking for a new Ubuntu release No new release found
<cfhowlett> ubuntunoob, eol upgrade option then
<ubuntunoob> tried running - apt-get-upgrade, still no go
<ubuntunoob> cfhowlett, what do you mean by that?
<cfhowlett> !eolupgrade
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<ubuntunoob> ok, gonna do some more reading now and try it out. thanks
<ubuntunoob> in the requirements section it says i should have some sources, such as this one: ## EOL upgrade sources.list # Required
<ubuntunoob> deb http://old-releases.ubuntu.com/ubuntu/ CODENAME main restricted universe multiverse
<cfhowlett> ubuntunoob, CODENAME = trusty         for 14.04
<ubuntunoob> and that i should replace CODENAME to my release, so is that the new or the old release?
<ubuntunoob> so the new, ok
<cfhowlett> ubuntunoob, errrr false. oldrelease = name of your old distro
<cfhowlett> !13.10
<ubottu> Ubuntu 13.10 (Saucy Salamander) was the 19th release of Ubuntu. Support ended on July 17th, 2014. See !eol, !upgrade and http://ubottu.com/y/saucy
<cfhowlett> ubuntunoob, "saucy" in your case.
<ubuntunoob> thank you, i am looking it up now
<ubuntunoob> i looked for them here: /etc/apt/sources.list and the necessary sources are not present. should i edit the sources.list file and write those sources myself?
<cfhowlett> ubuntunoob, paste your sources.list
<cfhowlett> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<ubuntunoob> http://paste.ubuntu.com/8326629/
<cfhowlett> ubuntunoob, OK, as I stated : never done an EOL upgrade but as I read it, you have point all those debs to the old release repos.
<ubuntunoob> so this i what i intend to add
<ubuntunoob> http://paste.ubuntu.com/8326642/
<cfhowlett> ubuntunoob, looks like nope
<cfhowlett> ubuntunoob, those do NOT point to the OLD RELEASE repos
<cfhowlett> ubuntunoob, look at the EOL wiki.  the /etc/apt/sources.list   ##EOL upgrade sources.list    must be edited so CODENAME = saucy
<ubuntunoob> i think i get it, something like this - deb http://old-releases.ubuntu.com/ubuntu/ saucy main restricted universe multiverse -----should work then
<cfhowlett> ubuntunoob, make this easy.  rename your current sources.list to SAVEDsources.list   then save the EOL upgrade sources.list as the new /etc/apt/sources.list
<ubuntunoob> i added the sources to the new sources.list file and when i ran "aptitude update && sudo aptitude safe-upgrade" it had many errors. had 404 page not found errors and W: Failed to fetch
<ubuntunoob> i found this "https://help.ubuntu.com/community/TrustyUpgrades" and i think it is going to work. gonna try now
<ubuntunoob> same as before "No new release found"
<Mip> Hi Folks - nfs-kernel-server stops working shortly after clients make a connection. I saw this in dmesg http://pastebin.com/tECnbRWj - any ideas? Thanks
<cfhowlett> ubuntunoob, do not ADD the new sources - replace the sources.
<ubuntunoob> yeah, i did that
<ubuntunoob> i am now following http://askubuntu.com/questions/453883/upgrade-from-13-10-to-14-04-no-new-release-found
<ubuntunoob> i am also trying it as root so now i am trying as a non root
<smoser> Phibs, did you get sorted ?
<ubuntunoob> i followed a guide and performed the following steps: http://paste.ubuntu.com/8326879/
<ubuntunoob> as a non root user with sudo privelages
<ubuntunoob> and yoooooooohooooooooooooo it works!
<ubuntunoob> No LSB modules are available. Distributor ID: Ubuntu Description:    Ubuntu 14.04.1 LTS Release:        14.04 Codename:       trusty
<ubuntunoob> i am still a bit concerned about how this was done because i do not understand what happened, which is fine for my test server but can you please reassure me so i can reproduce these steps in my production server?
<cfhowlett> ubuntunoob, line 13 - correct command = sudo do-release-upgrade
<ubuntunoob> that is what i thought, so i can safely do this on my production server? there is nothing that is not kosher here?
<cfhowlett> ubuntunoob, no other errors on your test box, right?
<ubuntunoob> seems fine
<ubuntunoob> i am gonna check the main functions like lamp etc before i continue
<cfhowlett> ubuntunoob, then put  a brew in the freezer, launch your udpate, retrieve said brew and watch the magic
<ubuntunoob> yeah the magic happened!!!
<ubuntunoob> and the brew was delecious
<cfhowlett> :)  congrats on a job well done.
<ubuntunoob> thank you
<cfhowlett> ubuntunoob, happy2help
<ubuntunoob> i have another question though
<cfhowlett> ask
<ubuntunoob> i do not want to be locked out of my production serrver that is protected by key file
<ubuntunoob> should i accept password authentication and maybe some other stuff i dont know of before upgrading?
<cfhowlett> ubuntunoob that stuff is completely over my head. ask in main #ubuntu channel.
<ubuntunoob> ok thank you for all of your help
<ubuntunoob> btw you can fix the answer given in ubuntu forums to include do- instead of do if you like http://askubuntu.com/questions/453883/upgrade-from-13-10-to-14-04-no-new-release-found
<xperia> lordievader: wanted just tell that i was able to recompile finally the Linux Kernel with Reiser4 Support. Created just a wiki about this on the ubuntu help page => https://help.ubuntu.com/community/reiser4#preview Thanks a lot for the Help!
<lordievader> xperia: No problem. Have fun ;)
<ikonia> xperia: any reason you are using reiser4 ?
<xperia> ikonia: storing over one billion data files with a size of 500 to 800 Bytes leave no other choise than using reiser4 on linux as file system. everything else sucks!
<ikonia> xperia: despite it not being part of the kernel, you still think that it's an option for you ?
<xperia> ikonia: it is activly developed. it just gor a few days back support for ssd trim and i will join the developer team and donate money to reiser4. So yes it is the only option for me if i want have a fast and unlimited file system.
<ikonia> no critique, just wondered how you felt about basically using a "dead" file system as far as the kernel's native suppport is concerned
<dasjoe> xperia: out of interest, have you tried ZFS for that?
 * cfhowlett is too polite to mention that the namesake murdered his wife 
<xperia> dasjoe: i thinked to use XFS but from what i have read when it comes to handling of very small files reiser4 beat every other filesystem.
<korylprince> Hello all. I've got a 3 drive RAID 5 with mdadm. One of these drives is starting to give SMART errors, so I've added another drive to the RAID. It is adding as a spare; Can I force it to sync because I know this other drive is going to die soon...
<ikonia> korylprince: mark the other one as failed
<ikonia> korylprince: and the spare will take over
<korylprince> Thanks!
<Odd_Bloke> xperia: Would be interested to know if the amount of time spent actually processing will outweight the amount of time spent working out how to get reiser4. ;)
<xperia> Odd_Bloke: indeed let see. this billion file storage and access file system on linux is something that is a work on progress since years. See red hat research about this here => http://www.redhat.com/summit/2011/presentations/summit/decoding_the_code/thursday/wheeler_t_0310_billion_files_2011.pdf
<Odd_Bloke> xperia: A lot has changed since 2011; btrfs is (pretty much) production-ready.
<xperia> Odd_Bloke: ohhh i had very bad experience with btrfs on ubuntu! i can not recommend btrfs even i used the latest version on the newest ubuntu kernel version like recommended. the troughput was compared to ext4 very very bad. i talked with the btrfs people and they could not understand it. i used a simple loop to store hundreds of millions data on a ssd disk and btrfs was absolute non usable...
<xperia> ...for such a task.
<jrwren> btrfs also uses LOTS of memory compared to other file systems.
<jrwren> xperia: are you going to profile reiser4 v. xfs?
<jrwren> xperia: also since I did not see it mentioned, reiserfsprogs pkg is for reiserfs3, reiser4progs is pkg for reiserfs4
<jrwren> xperia: and the kernel module is there by default.
<xperia> jrwren: do you mean with profile doing a benchmark. is not my plan as i would need to erase the reiser4 ssd partition and replace it with xfs to make such a profile. phronix maked a benchmark testing the latest reiser4 filesystem and it was pretty well. they said however to avoid XFS for small Files and istead use reiser4 see => http://www.phoronix.com/scan.php?page=article&item=reiser4_linux35&nu
<xperia> m=1
<xperia> yeah reiserfs is supported but not the newer reiser4 version. everytime i try to mount a reiser4 partition on ubuntu it gives me the error message FileSystem not supported.
<jrwren> xperia: i highly recommend comparing the two yourself. Those benchmarks are rarely if ever accurate.
<jrwren> xperia: ah, i see now you are correct. Sorry about that.
<xperia> yes lot of people said it to me to use xfs. i will do for sure at one time. ext4 and so on can not be used because of the inode limitation. So only Reiser4 and XFS is the option. and from what is know XFS has big disatvantages when it comes to deal with lot of Sub Directory's
<jrwren> That has not been my experience.
<jrwren> When you say "lot of" do you mean on order of millions, or billions?
<Mip> Gotta leave for a bit now, but look forward to discussing nfsd with you folks when I return. Thanks!
<xperia> jrwren: millions. your experience with XFS makes me really eager to try out really XFS also. looks like you are very happy with XFS! did you als tryed reiser4 before to compare the experience with this two file systems?
<jrwren> xperia: sadly no. after losing all my data to reiser3 many many years ago, I never touched reiserfs again.
<xperia> jrwren: ahh understandable. losing all data is never good.
<StolenToast> huh
<StolenToast> finch seems to have disappeared from my system
<StolenToast> wow it really is gone
<StolenToast> not just the package but all configs too
<Phibs> smoser: no 0;
<smoser> Phibs, can you explain more ?
<smoser> you're on precise ?
<Phibs> yeah
<Phibs> so we're installing packages from the ubuntu cloud archive
<Phibs> and if I have the cloud keyring installed... they fail saying untrusted
<Phibs> if I remove the cloud keyring pkg, they install...
<TJ-> Phibs: Do you have an example package that causes it?
<minus1999> Yesterday I was able to successully set up a ubuntu file server, i then tried to set it as a webserver, following the official ubuntu guide, i was able to get as far as installing and configuring squid. then today, for some reason none of my home computers(mac and windows) see the shared samba folder. what could be the reason? the server is visable but attempting to browse it gives a error saying "windows cannot access the s
<Phibs> TJ-: python-mock
<Phibs> 1.x with 'cloud' in the name
<TJ-> Phibs: And which repository/ies  are added to sources.list?
<Phibs> 1s
<smoser> Phibs, i can't reproduce that here.
<smoser> http://paste.ubuntu.com/8328347/
<Phibs> hmm
<Phibs> yeah I tried it in a separate box and it worked fine
<Phibs> I really have no idea why it was being dumb :(
<Phibs> how do I figure out what key is needed for a specific .deb?
<Phibs> repo was this
<Phibs> deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main
<TJ-> Phibs: "pastebinit < <(sudo apt-get install <pkg>)"
<Phibs> also, I am hitting this repo, via another box where I used apt-mirror
<Phibs> woudl that cause any issues ?
<Phibs> TJ-: getting another box spun up to paste error
<minus1999> Yesterday I was able to successully set up a ubuntu file server, i then tried to set it as a webserver, following the official ubuntu guide.
<minus1999>  i was able to get as far as installing and configuring squid.
<Phibs> what does squid have to do with a web server
<minus1999>  then today, for some reason none of my home computers(mac and windows) see the shared samba folder. what could be the reason?
<minus1999> it was in the guide
<minus1999> this if my first time, i was just following the guide
<minus1999> Today the server is visable but attempting to browse it gives a error saying "windows cannot access the server" "check the spelling of the name." any ideas what may be the issue? or a search term i should use? Im probably searching wrong because im not finding anything. thanks.
<lordievader> !patience | minus1999
<ubottu> minus1999: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<Phibs> TJ-: still getting box set up to break ;0
<RoyK> I would think this bug affects a few more people than just me :P https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1364091
<uvirtbot> Launchpad bug 1364091 in mdadm "Possible RAID-6 corruption" [Undecided,New]
<Free95> hey all, trying to use vmbuilder to build a saucy (14.04) VM on precise (12.04) baseâ¦ process hangs on "Base system installed successfully", tried updating to latest python-vm-builder via precise-proposed still nothing
<Free95> anyone else have an issue like this?
<lordievader> Free95: The way I create/install VM's remotely is by starting them with virt-install and then connecting to their vnc server.
<Free95> lordievader, what if you're trying to make a minimal OS install? aka JeOS?
<lordievader> Same applies.
<lordievader>  If that minimal OS goes to a vm that is.
<Free95> Oops, confused girt-manager with girt-install haha
<Free95> *g-> v
<zul> hallyn: ping
<zul> hallyn: what does lxc-start --share-net do?
<hallyn> zul: never heard ot it
<hallyn> oh.
<zul> hallyn: its in the man page :)
<hallyn> so it'll grab the /proc/pid/ns/net of target pid and connect the container to that namespace
<hallyn> so two containers can share a netns
<zul> hallyn: so if i create an netns using the ip command before starting the container and specify that pid it will use that netns?
<hallyn> yeah, well so lon gas you have a pid sitting in that netns, yes
<zul> hmm. interesting
<Free95> lordievader, the thing that stinks is that I can't specify what packages I want to install right on the command line
<lordievader> Free95: I suppose you are trying to install Ubuntu. Take the mini iso or do a debootstrap install.
<zul> hallyn: so if i presetup somethign like 50 netns namespaces, i should just able to start an lxc-container from one of the random 50 netns containers i started
<hallyn> yeah
<hallyn> if that's what you wanted :)
<zul> hallyn: do you need to configure anything in the lxc config file?
<Free95> lordievader, vmbuilder is basically a frontend to debootstrap.. I guess the real question is, how can I easily provision VMs without building the ubuntu cloud infrastructure first?
<hallyn> zul: not sure
<hallyn> checking whether all the network setup is ignored in thta case
<lordievader> Free95: I have no experience with cloud things. I don't think I can help you with that.
<Free95> me neither haha
<Free95> well I guess I'll just have to setup a basic ubuntu image and just clone it any time I want to make a new VM quickly :-/
<hallyn> zul: i think you'll want to set lxc.network.type = none in the config file
<zzxc> Hey Guys, Does anyone know how to limit the number of tunnels through sshd?
<zul> ok cool thanks
<zzxc> We have a chrooted sftp connection. We're getting ddos by the user when he can't access a file, it crashes his service without terminating the sftp connection then launches another sftp connection.
<Phibs> TJ-: yeh can't repro anymore...
<Phibs> TJ-: question is, why would the ubuntu cloud stuff install if the key isn't installed, is that stuff signed w/ the normal ubuntu key?
<zzxc> Since its ftp though a ssh tunnel, limiting the number of session doesn't work. We had over 1000 open sftp connctions earlier today.
<RoyK> zzxc: http://nixcraft.com/showthread.php/13764-SSH-limit-number-of-simultaneous-logins-attempts-for-each-user something like that?
<zzxc> RoyK: Hmmm thats actually an interesting idea. I don't know if it will work since they don't actually have an session assoicated with them.
 * RoyK tries
<RoyK> zzxc: works for me
<zzxc> RoyK: Really? Awesome!
<RoyK> erm
<RoyK> no
<RoyK> it doesn't
<RoyK> I tried to ssh in twice (limit 2), and then sftp failed
<RoyK> but several sftp sessions don't count
<zzxc> Hahaha, yeah thats what I was worried about. Thank you for you're help though. I'm going to see if there is a configation on the sftp side to limit the number of concurrent connections. Otherwie I'm going to have to use something like tcpserver to create a firewallish like thing.
<zzxc> But Seriously, thank you for the effort.
<RoyK> :)
<RoyK> zzxc: it might be easier to do it in iptables
<RoyK> zzxc: but that'll mean maximum connections from an address, not a user
<RoyK> zzxc: MaxSessions should stop this, though, but seems it doesn't
<zzxc> RoyK: Yeah, the ip address is used by multple users.
<RoyK> bingo
<TJ-> zzxc: Could you use pam_limits with maxlogins ?
<zzxc> RoyK: The issue with using maxSession is that sftp doesn't use a session.
<RoyK> zzxc: ah
<RoyK> zzxc: could it be possible to configure it to use one?
<zzxc> TJ-: You mean the /security/limits.conf bit?
<TJ-> zzxc: Yes
<TJ-> zzxc: e.g/ "username hard maxlogins 2"
<zzxc> TJ-: Yeah, actually thats what Royk suggested as well. You can still use as many sftp connections as you want.
<Aison> can I use /etc/network/interfaces.d for multiple network configuration files?
<TJ-> zzxc: really? they share a log-in?
<zzxc> RoyK: Huh I didn't think of that. Thats worth looking into
<RoyK> zzxc: please share if you find a solution :)
<zzxc> TJ-: On my system yes. RoyK was actually the one who tested it though (and thank you again for that). I've been digging though some things.
<zzxc> RoyK: Yep, gladly.
<RoyK> TJ-: tested it - see above - set limit to 2, logged in twice with ssh, after that sftp failed, but with 10ish sftp sessions, no problems if the number of ssh logins weren't too high
<Mip> Iâve been struggling to keep nfsd up and running, and when it fails, clients who have nfs shares mounted from this server eventually hang. The problem *seems* to go away if I require both server and client to use vers3. Have any of you had this issue?
<Mip> Using 14.04.1 on both server and client.
<bekks> Mip: Those issues are common when you use either nointr and/or hard as mount options.
<sarnold> soft is your friend
<Mip> bekks: thanks - I have been using soft as an option, and still had the problem. Same options now, only Iâve added vers=3 to server and client, and it seems more stable. Any other thoughts?
<bekks> Mip: Enforce "intr" too.
<Mip> bekks: how/where would I do this?
<bekks> Mip: Just use intr in addition to soft.
<Mip> bekks: ok, in fstab on client. Am I losing much by requiring my nfs mounts to be made using vers=3?
<bekks> Mip: Since you are asking the answer is no ;)
<Mip> bekks: - thanks! Iâm going to continue to test, but I could reliably get tainted kernels using nfs4, but could not for the life of me find a solution. Iâm surprised the problem isnât more widespread.
<bekks> Mip: Tainted kernels? Can you please pastebin that?
<Mip> bekks: sure - I pasted this one this morning, but Iâll do it again here: http://pastebin.com/tECnbRWj
<Mip> bekks: last line shows the kernel tained (after 2nd crash)
<bekks> Are you using ACL over NFS?
<Mip> Not intentionally
<sarnold> note line 8 says 'Not tainted' -- it could be that the first null-pointer exception taints the kernel for future BUGs..
<sarnold> .. to save people from wasting time trying to troubleshoot the second or third problem, when the first one is probably the source of the issues
<RoyK> zzxc: rssh might be the answer
<RoyK> zzxc: that is, if you don't need to allow logins for the users
<zzxc> zzxc: I'm actually using rssh. Is there a limt feature in that?
<zzxc> RoyK: ^^ For some reason I typed my own name...
<RoyK> hehe
<RoyK> zzxc: sec
<zzxc> RoyK: Huh, I found a guy using a very simalar set up with a very simalar situtation.
<zzxc> A chrooted sftp jail using rssh with 1000+ concurrent sftp connections which caused our system to crash.
<RoyK> this one? http://sourceforge.net/p/rssh/mailman/message/22190380/
<zzxc> Haha yep
<Mip> sarnold: to what do you attribute the cause in line 8?
<Mip> Itâs definitely nfsd, right?
<sarnold> Mip: alomst certainly, yes. please do file a bug on that if you haven't yet :)
<Mip> sarnold: though Iâve been using linux for several years, Iâm not sure I *know* how to file a bug. Where would be the appropriate place?
<Free95> lordievader, so I got virt-install workingâ¦. but I'm doing the install manually. How do I pressed and stuff? For instance, I'd like to setup the disk partitions automatically
<lordievader> Free95: I have no experience with preseed or kickstart. But I'm sure someone else here can assist you with that ;)
<Free95> aw man, you got me this far and that's it? :P haha
<sarnold> Mip: the easy thing to do is trigger the bug again and then run "ubuntu-bug linux"
<RoyK> zzxc: seems like most of the world wants to find a solution to this :P
<pmatulis> Free95: what's your question?
<Mip> sarnold: Iâll look into that. Any way I could use a copy of dmesg that I created after I saw the bug? I catâd it to a file.
<zzxc> RoyK: Yeah, I've noticed that too. I mean it seems like a pretty simple thing.
<Free95> hey pmatulis, I'm used to using vmbuilder to make my VMs, including with essential packages etcâ¦ but there's a serious debootstrap bug somewhere that has recently appeared and I cannot create trusty VMs
<sarnold> Mip: if you don't want to go -that- far, you could just file a bug at launchpad against linux and paste in the dmesg .. the bots iwll nag you for more details and if you're still running that kernel, you can probably placate them well enough
<Free95> so I'm trying to find functionality that's similar in nature to debootstrapâ¦ basically automate as much of the install as possible
<sarnold> Mip: https://bugs.launchpad.net/ubuntu/+source/linux/+filebug
<RoyK> zzxc: there's #openssh which may have some smart heads
<Mip> sarnold: okay - excellent! THanks so much, and if I canât get far enough, I can get it to happen again. Iâve seen it happen on this server, as well on a dell pc that was using as a test box to rule out hardware on this server.
<sarnold> Mip: very nice )
<Mip> sarnold: Man, I am *so* happy Iâve been able to make this stop happening. So, âintrâ as an option in addition to âsoftâ will help to keep my clients from hanging if my nfsd stops running?
<Free95> so pmatulis do you have any experience with something like automating installs?
<sarnold> Mip: at least you'll be able to ^C or kill the things. it might not be awesome but I always missed it when I forgot to include it on my mount lines.. :) hehe
<Mip> sarnold: Cool. Well, Iâll test that too, so I can see what Iâm up against. I had been mounting the nfs share, and then using that share as my rsnapshot root. Iâd like to be able to trust that againâ¦.
<RoyK> zzxc: I can see you're in there - did you ask there?
<pmatulis> Free95: you can combine preseed with either virt-install or pxe.  it's a fairly big topic so you'll need to study these main pieces yourself and then come back with questions with whatever doesn't work
<pmatulis> Free95: it works well, except preseed is exacting and requires a lot of tests/troubleshooting to get right
<zzxc> RoyK: Sorry I missed that
<Free95> pmatulis, this seems like a pretty good tutorial: http://agilesysadmin.wordpress.com/2013/09/09/simple-unattended-ubuntu-install-in-a-vm/
<zzxc> RoyK: Yeah I already asked. their solution was to use tcpserver, and that it couldn't be solved simply using just sftp.
<SturmFlut> I already asked a couple of days ago but maybe the crowd is different at this time of day: Does anyboady here run Ubuntu for ARM64 on an actual ARM64 machine?
<zzxc> RoyK: But Honestly with everything else I have on my plate I don't want to have to work through adding an additional piece to the stack.
<Mip> sarnold: Not sure if youâre still around, but I just submitted the bug. Thanks again for your help!
<zzxc> SturmFlut: Are theere already market ready arm-64 servers out there?
<SturmFlut> zzxc: Yes, by different manufacturers. I am currently doing a bit of market research for my employer and would like to talk to other people running ARM64
<sarnold> Mip: great, thanks :)
<SturmFlut> zzxc: Sadly it looks like the first round of ARM64 machines will be about twice as expensive as comparable machines by Intel or AMD
<RoyK> zzxc: tcpserver is rubbish - use iptables instead
<Free95> issue: finished installing a vm via virt-install, but now aptitude is complaining that everything is broken!
<Free95> that is, no resolution to dependencies
<zzxc> SturmFlut: Yeah the price should fall pretty quickly. But honestly the idae of using Arm for a server seems a little bit weird.
<zzxc> RoyK: Yeah, I know but either way, what we need is a user based firewall. This same vendor has multiple user's on our site.
<SturmFlut> zzxc: Why? ARMv8-A is a pretty decent architecture, the CPUs should be quite fast and you can use most PCI Express devices. Even NVIDIA GPUs and stuff like that.
<Free95> oh weird.. ran aptitude for the first time and it had preselected a bunch of crap I didn't want. Once I told it to deselect everything, the "unmet dependentcies" issue vanished
<zzxc> SturmFlut: Honestly its because its just becuase its a different architecture. I've played around with a few distros on an arm chip, and while most packages are pretty good every so often you run into something that just doesn't have some dependency and you can't build it.
<RoyK> zzxc: the solution is to fix it in sshd :P
<zzxc> RoyK: Hahaha. My experience is that my fixes in a big opensource project like that usually break something else.
<RoyK> zzxc: obviously
<RoyK> you can't make an omelette without breaking eggs
<SturmFlut> zzxc: That's no suprise. Linux distributions had over 20 years to get everything right on x86/amd64, most ARM stuff is pretty recent. ARMv8 was released just over two years ago.
<jsmith-argotec> Hello all
<jsmith-argotec> I have a bind question if there's anyone who's good with it?
<zzxc> jsmith-argotec: What type of bind?
<jsmith-argotec> Bind 9.8.1
<jsmith-argotec> named not bindings
<RoyK> !ask | jsmith-argotec
<ubottu> jsmith-argotec: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<jsmith-argotec> OK got it
<jsmith-argotec> Bind 9.8.1 on Ubuntu 12.04.  Trying to add KMS server entry and getting checkname error for having an underscore in entry.  I've found articles that say to fully qualify the entry to get around the issue without success.  Entry: _vlmcs._tcp.domain.com.        SRV     10      0       1688    p53sw01.domain.com.   Error: named.db:16: _vlmcs._tcp.domain.com: bad owner name (check-names)
<zzxc> SturmFlut: Yeah, I know. It will get better, but its currently some what of a chicken and egg issue. Arm will needs to mature more, which would happen quickly if there is enough people using it but a lot of people won't use it until more mature.
<RoyK> funny thing is, my pi works well on Raspbian
<SturmFlut> zzxc: You are probably talking about ARM on the desktop, in servers or in notebooks. The rest of the world is already dominated by ARM and it works extremely well.
<zzxc> SturmFlut: Good point.
<SturmFlut> zzxc: And there are ARM notebooks, ChromeBooks by Google. Seem to work well enough for millions of people.
<zzxc> SturmFlut: Actually thats what I have as a reference point. Third party distros on a chromebook. Some packages just haven't been ported over yet.
<RoyK> apropos ARM https://www.youtube.com/watch?v=Jq5nrHz9I94
<SturmFlut> RoyK: 64 Raspberry Pis do not actually qualify as a Supercomputer ;)
<RoyK> SturmFlut: well, the design of a supercomputer is the thing
<RoyK> SturmFlut: you don't need good processors to learn about the design
<jsmith-argotec> nevermind I got it work by allowing the KMS server to update DNS itself
<netameta_> Guys is there a way to rollback a server a day or 2 ?
<netameta_> incase i've deleted files by mistake
<keithzg> Okay, I'm kindof stumped. I added a column to a table in MySQL, and while local on the server I see the column, but any remote connection shows no such column. I've run FLUSH TABLES, I've restarted the service . . . no change.
<keithzg> Oh riiiiight, that server was being crashy and so I moved MySQL to a different server. Durrr.
#ubuntu-server 2014-09-13
<evan2645> hi people. quick and easy question. how is dhclient invoked during boot on 14.04?? can't find init script or upstart configuration for neither dhclient or network-manager
<evan2645> netsplit :(. re: dhclient. network-manager is not present. i'm on trusty server with ubuntu-minimal. something else must be invoking dhclient
<snuggyfoo> I just installed Ubuntu Server 14.04 and when the install finished it rebooted to a "GRUB" prompt. Pressing return enters the boot menu, but I'd like it to just go straight to the menu automatically (running headless)
<snuggyfoo> Any suggestions to make that happen? I've never dealt with this happening
<cfhowlett> !details | snuggyfoo,       bring this to #ubuntu
<ubottu> snuggyfoo,       bring this to #ubuntu: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information, errors, steps, and possibly configuration files (use the !pastebin to avoid flooding the channel)
<Sierra> After modifying /etc/network/interfaces, is there a way to reload the network connections/configuration without having to reboot the server?
<lordievader> Good morning.
<Robchew> hi
<Robchew> anyone know if installing ubuntu server on a macbook pro would be straight forward? I just want to use ubuntu with i3 on top, as a dual boot with os x
<zubairahmed> what are you tring to do Robchew
<Robchew> zubairahmed: I tried installing archlinux, but I cant manage to boot. I get this error: https://www.dropbox.com/s/s7phn0uiib7nu3s/2014-09-13%2009.23.38.jpg?dl=0
<Robchew> zubairahmed: I therefore thought I'd give another distro a try. first thought about ubuntu full as I heard it's very easy to get working in dual boot on mac
<zubairahmed> https://help.ubuntu.com/community/MacBookPro Robchew
<Robchew> thanks
<Robchew> I have 8,2 which there is no guide for :(
<zubairahmed> https://help.ubuntu.com/community/MacBookPro8-2 Robchew
<Robchew> wow thanks
<coxaLT> Good day
<coxaLT> Would there be anyone who could help
<ikonia> no-one knows util you explain what you need help with
<coxaLT> I ordered dedicated server with ubuntu-server 14.04 installation possibility
<coxaLT> So i am running ubuntu server, and my project requires to create snapshots of websites
<coxaLT> Like API
<coxaLT> My question would be, what would be suggesions, or prequisites (installations) to make this work
<ikonia> you want to write an api to backup websites ? or you want to back up websites
<coxaLT> As for now, i understand that i would need to install mozilla browser inside ubuntu server
<coxaLT> I would like to create .PNG images of websites
<coxaLT> for my project
<ikonia> not sure why you need an ubuntu server for that
<ikonia> an ubuntu desktop install, open the browser, and use the take screen shot app, or "scrot"
<coxaLT> I was looking on google, and i found that i need to install something like x11 or xvfb
<ikonia> again, don't know why you want to do this on a dedicated server
<coxaLT> For creating snapshots for more than 100k websites
<ikonia> a desktop running ubuntu desktop will do this
<ikonia> 100k websites
<ikonia> then you're not going to want to do this in a browser
<coxaLT> Exactly, that's why i am trying to setup it with dedicated server i "have" and php api
<ikonia> I have no idea how you'd do that without putting some thought behind it
<ikonia> oh, you have an api for it
<coxaLT> Well, idea i think would be that i need to run GUI and mozilla inside ubuntu-server and create snapshots with script or function
<coxaLT> ?
<ikonia> I don't think so
<ikonia> but I don't know the api
<coxaLT> I found one, http://www.boutell.com/webthumb/
<ikonia> you can call the php api from the phpcli interface
<coxaLT> I tryed to install it lately, but i faled because of xorg.conf that i cannot find and whole setup of server, cuz i don't really know how to configure everything :/
<ikonia> tried to install what ?
<coxaLT> http://www.boutell.com/webthumb/
<ikonia> I don't know tht application
<lordievader> Why not write a script that calls your browser takes a screencap and moves on to the next webpage.
<lordievader> ?
<ikonia> the interface to the browser, how would you do that ?
<coxaLT> they say (on the webthumb webpage) that  i need to install xvfb
<coxaLT> so that would be virtual interface as i understand
<coxaLT> ?
<ikonia> i'd have to put thought behind it, I don't think it's a 2 minute job
<coxaLT> maybe 8 :p
<coxaLT> how differs "sudo apt-get" from "sudo aptitude"
<coxaLT> because, i try "sudo aptitude" but it says command is not found
<xroads> can some one give me a hand by posting the contents of their /etc/apache2/mods_enabled/php5.conf ? i bwokeded mine.
<abhishek> "Starting jboss-as: standard in must be a tty" how can I fix this ?
<lordievader> xroads: http://paste.ubuntu.com/8333888/
<abhishek> I tried Defaults:username !requiretty
<xroads> lordievader, thank you
<xroads> well i totally broke php. all i get is blank pages when attempting to load a php page. html pages work fine
<lordievader> xroads: Check your error logs.
<abhishek> "Starting jboss-as: standard in must be a tty" how can I fix this ?
<xroads> http://paste.ubuntu.com/8333944/
<lordievader> xroads: Error seems clear enough ;)
<coxaLT> what would be: _XSERVTransSocketOpenCOTSServer: Unable to open socket for inet6 ?
<xroads> not to me.  im pretty sure i've undone everything i've touched tonight but the system seems totally borked.
<lordievader> xroads: Are you running custom code? You might have a memory leak. What happens is that php tries to allocate too much memory and gets killed.
<xroads> well i have tons of free memory according to system monitor. not sure where this memory limit is comming from. php.ini shouold be set to 333MB for max memory
<xroads> should i just up that?
<lordievader> xroads: You should check the code you are running.
<xroads> everything was fine untill i tried to install an open source real estate script. told me to enable mod_rewrite, i borked the system trying to do that. i think i undid everything i touched (including deleted the real estate site's folder)
<xroads> but obviously not
<xroads> lordievader,  thank you for your help. i had a typo in my php.ini
<coxaLT> anyone could help with xorg? i get no response in #xorg
<coxaLT> :/
<xroads> sorry, i know nothing about xorg
<coxaLT> hmm
<lordievader> coxaLT: This is #ubuntu-server.. Servers usually do not do gui things...
<cfhowlett> this ^^^
<coxaLT> ok
<coxaLT> are there any related #xorg channels, where i could get help?
<lordievader> coxaLT: Well any of the desktop flavour channels have more experience with X than here.
<coxaLT> ok
<coxaLT> what would be command to get information about dedicated server hardware? CPU name, etc... ?
<lordievader> coxaLT: lspci, lshw, dmidecode
<coxaLT> none of these commands are availble, probably public companies they don't share this kind of information?
<coxaLT> would they?
<lordievader> coxaLT: I have no idea what you are running. These commands should be available on a Ubuntu server.
<cfhowlett> those commands are default is pretty much every mainstream linux distro.
<lordievader> cfhowlett: Not in Gentoo ;)
<lordievader> Doesn't take away that they are pretty common, indeed.
<coxaLT> Maybe in 3thrd countries they disable such commands
<coxaLT> :D
<coxaLT> or 2ond
<see1> Hello, can anyone me help with cron? seems to me cron fails and overclocks my cpuÂ´s after 7 minutes my server goes down. i try status cron - msg is cron stop/waiting how i can fix it?
<see1> service cron stop says the same but dont stop it
<see1> i run Ubuntu 12.04 LTS 64-Bit
<epinky>  I have the ldif and a fresh install, I don't know how to restore the database, I tried "ldapadd -Y EXTERNAL -H ldapi:/// -f ldap_2014.ldif" but I get " additional info: no global superior knowledge" , could anyone help?
<see1> i need a tool like htop but i get E: Unable to locate package htop
<see1> any other tools available for ubuntu 12.04 precise
<lordievader> !info htop precise
<ubottu> htop (source: htop): interactive processes viewer. In component universe, is optional. Version 1.0.1-1 (precise), package size 64 kB, installed size 180 kB
<lordievader> see1: Is the universe repo enabled?
<see1> how i can check?
<cfhowlett> see1, open a terminal:  more /etc/apt/sources.list | grep universe
<see1> yup just a sec
<see1> deb http://de.archive.ubuntu.com/ubuntu precise main universe multiverse
<cfhowlett> !paste | see1, let's see
<ubottu> see1, let's see: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<see1> cfhowlett what should i paste?
<cfhowlett> see1, your sources.list
<see1> why complete?
<a1fa> anybody familiar with brctl
<pmatulis> probably
#ubuntu-server 2014-09-14
<kaisr> quit
<AlbinoGeek> Any idea why I might be getting https://db.tt/7lnOv5mu on an Ubuntu Server 14.04.1 amd64 installation under KVM virtualization with VirtIO attached devices?
<AlbinoGeek> Given https://db.tt/44ChesAI partitioning (standard.)
<cryptodan> I have a quick quiestion, why was snort-mysql removed from the ubuntu packages in 14.04?
<AlbinoGeek> For clarifications sake, the installation was carried out over VNC on KVM, where the host machine is a RedHat 6 KVM hypervisor using kvm-intel.ko on an E5-2620 v2 with vt-x and vt-d enabled.  CentOS 6, CentOS 7, Debian 7.6, ArchLinux, FreeBSD, they all installed perfectly fine.  Only Ubuntu is having this issue.
<cryptodan> AlbinoGeek: does your CPU support virtualization
<AlbinoGeek> cryptodan: As I just specified, yes.  Both VT-d and VT-x are enabled on the host machine.  The VM wouldn't even boot to get into the installer if it didn't.
<cryptodan> does your VM Software support it?
<cryptodan> I have installed Ubuntu on Virtualbox and VM Workstation
<AlbinoGeek> cryptodan: "VM Software"?   The host machine is a RedHat 6 machine using KVM virtualization as a kernel module, and qemu-kvm as the software package.
<cryptodan> and they work flawlessly
<AlbinoGeek> It does support any Linux variation (x86 and x86_64), as well as other architectures as supported by the host.
<AlbinoGeek> As well as many Unix, and Windows.
<AlbinoGeek> Ubuntu however, 14.04.1 amd64, is failing to install grub.
<cryptodan> check the hard drive format look at /dev/vda as the error message
<AlbinoGeek> The specific media used is http://mirrors.us.kernel.org/ubuntu-releases/trusty/ubuntu-14.04.1-server-amd64.iso
<AlbinoGeek> cryptodan: /dev/vda is a QEMU Virtual SCSI Device, of size 5.120 GB ; standard.
<AlbinoGeek> Device prefix: vd , Target: vda , Cache: none
<cryptodan> Can you change it
<AlbinoGeek> To ?
<AlbinoGeek> What, a 1990's IDE device?  Sure, if Ubuntu really requires it.
<AlbinoGeek> At the expense of 90% of the system performance.
<cryptodan> from /dev/vda to /dev/sda or something like it
<cryptodan> or use another hard drive format like VMHD or VDI
<AlbinoGeek> cryptodan: The underlying disk format is currently RAW
<AlbinoGeek> I have also tried a qcow2 format image, with the same issue.
<AlbinoGeek> All signs point to http://mirrors.us.kernel.org/ubuntu-releases/trusty/ubuntu-14.04.1-server-amd64.iso being a broken release, from what I can find.
<cryptodan> ill try installing it in VMWare Workstation
<AlbinoGeek> It works on an IDE device, but that is hardly a solution (/dev/hda ) , as that loses about 90% throughput performance.
<cryptodan> try changing it from /dev/vda to /dev/sda
<AlbinoGeek> cryptodan: The Ubuntu installer doesn't even detect the disk when attached as a Paravirtualized SCSI bus.
<AlbinoGeek> (it doesn't have the VirtIO drivers, gg canonical.)
<cryptodan> sounds like a limition of your virtualization environment and not Ubuntu
<AlbinoGeek> cryptodan: Not sure, Debian 7.6.0 was able to install just fine following the propmpts, as was CentOS 6/7 and ArchLinux Dual
<AlbinoGeek> 12.04.(03) doesn't work either, 12.04.04 works though.
<cryptodan> so you are unable to select the device in Ubuntu 14.04 so how are you supposed to customize the installation and perform custom disk partitions?
<AlbinoGeek> cryptodan: Only if the device is mounted as a Paravirtualized SCSI device does it fail to select device.
<AlbinoGeek> However, if I mount it using standard VirtIO, the device shows fine.
<AlbinoGeek> With the vda device, I'm here: https://db.tt/dCgtriQ4
<AlbinoGeek> If I go to the GRUB step, it shows the same failure message above.
<cryptodan> go up to detect disks
<AlbinoGeek> Moment, installer got in a loop of "this prerequisite step wasn't completed blah blah" , apparently the installer doesn't like you backtracking.
<AlbinoGeek> Doing a fresh one again on a fresh VM\
<AlbinoGeek> Go to this point just fine using /dev/vda : https://db.tt/EvG3Ed2j
<cryptodan> what does detect disk show
<cryptodan> I want to see that
<AlbinoGeek> It doesn't, goes to partitioning immediately.
<AlbinoGeek> https://db.tt/voG9DWLp created this pretty standard partitions.
<cryptodan> can you not select LVM?
<AlbinoGeek> The installer literally shows me (in this order) prompts:
<AlbinoGeek> Distro is useless to me without LVM, as you can't online expand an ext4 partition without it, sadly.  And Ubuntu doesn't support installing / onto an XFS partition (?)
<cryptodan> it would aid in troubleshooting
<AlbinoGeek> True, I'll give a try for the sake of this.
<AlbinoGeek> Installer then asks me for package proxy (which I don't have one, so I just enter it.)  It's doing "Configuring Apt..." now.
<AlbinoGeek> I select "No Automatic Updates", then only add the "OpenSSH Server" in package selection (leaving all else unchecked.)
<cryptodan> also what kernel versions are the others running
<Gregor3000> Hello, one question - how feasible is it to run server off a USB stick? what folders would need to be moved to hard disk?
<AlbinoGeek> I select "Yes" here: https://db.tt/TtUajQzz
<AlbinoGeek> Then: https://db.tt/vZr6hGWY
<AlbinoGeek> As I said, it appears to be something wrong with the installation media ,but my checksums match those from the mirror I got it off of.
<cryptodan> what kind of ddevice support is there for drives in QEMU?
<AlbinoGeek> Which was us.mirrors.kernel.org
<AlbinoGeek> cryptodan: Every kernel since 2.6.x supports VirtIO, except Ubuntu's versions; where they seem to frequently remove support for no reason.
<AlbinoGeek> Where their upstream (Debian) retains support just fine.
<cryptodan> not answering my question
<AlbinoGeek> What is your question then?
<cryptodan> there are various versions of Virtual Hard Drive TYpes
<AlbinoGeek> 10.10 installs fine, 12.04.03 fails, 12.04.04 installs fine, 14.04.1 fails
<AlbinoGeek> It's really patchy support.
<cryptodan> then dont use ubuntu and stick with Debian, CentOS, and Arch for the different packages
<AlbinoGeek> Clients need Ubuntu for their software apparently.
<AlbinoGeek> and can't use Debian 7.6.0
<cryptodan> they should find out why
<AlbinoGeek> If I backtrack to "Detect Disks" again, it goes to https://db.tt/HZIT9ogY
<AlbinoGeek> Then immediately goes back to the GRUB2 step, which immediately fails again
<AlbinoGeek> This is the error this time: https://db.tt/t3B35AO9 completely different error
<AlbinoGeek> If I hit continue: https://db.tt/cfiMEx5u
<cryptodan> http://askubuntu.com/questions/455440/guest-on-kvm-wont-detect-disk-even-after-seleting-virtio-drivers try redoing the CD
<AlbinoGeek> And then, unsurprisingly, the system fails to boot: https://db.tt/XztYzDsC
<AlbinoGeek> Reading the link...
<AlbinoGeek> That's pretty unrelated.  My host machine is CentOS 6.5 x86_64 using qemu-kvm and kvm-intel.ko latest versions for the 2.6.x CentOS backports kernel (stock stable.)
<AlbinoGeek> The guest machine is the Standard Ubuntu Server 14.04.1 amd64 iso obtained from the mirror URL : http://mirrors.us.kernel.org/ubuntu-releases/trusty/ubuntu-14.04.1-server-amd64.iso which matches the checksums also contained in the same folder.
<AlbinoGeek> The VM itself is created using the following KVM stanard command line: http://pastie.org/private/y1e2cqtaykwz8nsxlgdg
<AlbinoGeek> That command line is created by `virsh create` on the following XML file: http://pastie.org/private/olt5f6i5rszatfsg3eojew
<AlbinoGeek> . /var/lib/one/datastores/106/1194/disk.0 being a link to the ISO downloaded from the mirror, disk.1 being a qcow2 format file of size 5120M
<a1fa> is kvm recommended virtualization configuration?
<lordievader> I'd recommended it. But use whatever you are comfortable with.
<a1fa> is there a good web frontend for it?
<lordievader> a1fa: No idea. The cli and gui are pretty good though.
<a1fa> i'm trying to run this box headless
<a1fa> virtual box may cut it
<a1fa> i've used phpvirtualbox in the past
<[1]Tigger> Anyone here?
<[1]Tigger> Someone?
<lordievader> !ask | [1]Tigger
<ubottu> [1]Tigger: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<[1]Tigger> Can someone help me with my dedi im willing to reward if thats the cost of having some help.  im having issues installing... well any os on my dedi iv had kernel install fails  iv had read only errors ect ect
<teward> anyone know whether a 4 year old netbook (not very decent processor, 2 GB of RAM) converted to Ubuntu Server system would be able to act as a repository mirror and how long it'd take for it to sync, approximately, for Precise, Trusty, and Utopic?
<teward> keeping in mind whatever resources it'd need to update, of course, being that it IS a pretty low-power system
#ubuntu-server 2015-09-07
 * Mega help
<gpdev> Hi guys, can someone please confirm that irc nicks can be registered for this channel?
<fnurl> lol @ RoyK
<fnurl> no worries, for a second I got excited and thought somebody had answered my issue
<fnurl> thin client printing on Pinet/LTSP/Chroot/CUPS
<fnurl> lol @ RoyK, np, igot a bit excited thinking someone had answered my issue is all :p
<lkthomas> folks, I am trying to reload udev rules without reboot,
<lkthomas> udevadm control --reload-rules
<lkthomas>  udevadm trigger --attr-match=subsystem=net
<lkthomas> after execute, interface name still not changed
<lordievader> Good morning.
<adun153> Hi! I'm having problems getting a slightly older server to boot an Ubuntu 14.04.3 installer from a flash drive. This is a BIOS system. I am not encountering any problems when I try to boot it from my UEFI-based laptop. Is there an issue regarding the installer that I should know about?
<lordievader> How was the live-usb made?
<adun153> lordievader: Through Startup Disk creator on my laptop
<adun153> that would be usb-creator-gtk or usb-creator-helper
<lordievader> adun153: You could try and make a new one with unetbootin, rarely had success with the ubuntu startupdisk creator.
<adun153> I see
<adun153> yeah, just tried that right now.
<adun153> Was about to reboot when I saw your reply
<adun153> thanks
<gnuoy> jamespage, I've got a ceph packaging question. The radosgw restart bug looks to be http://tracker.ceph.com/issues/11140 . This was fixed in v9 by the looks of it, so I think I need to cherry pick the fix back to 0.80.10 and create a pull request for that. In the mean time fix it via a packaging patch and create an SRU. Does that sound right?
<jamespage> gnuoy, if that's only fixed in >= 9 you'll need to target fixes to 14.04, 15.04 and 15.10
<gnuoy> ok, thanks
<jamespage> gnuoy, this commit - https://github.com/ceph/ceph/commit/059674a686b4c6e5d19d5204dc41ab13d2954d0a ?
<gnuoy> jamespage, yes
<jamespage> gnuoy, ack - that's the right approach then
<gnuoy> ta
<rbasak> utlemmin`: I think open-vm-tools needs some attention. Judging from unconfirmed bug reports, it seems that it won't work against Linux 4.1 and a newer upstream is available?
<rbasak> utlemmin`: please could you take a look?
<jamespage> gnuoy, I'm about todo a point release for wily if you want me to include that patch?
<jamespage> gnuoy, doing that anyway - I'll do the same for the vivid sru, if you'd like to prepare the trusty SRU that would be great
<jamespage> gnuoy, hmm - which version of the init script do we get in Ubuntu?
<gnuoy> jamespage, sorry, was lunching. We get src/init-radosgw in Ubuntu which is the same in 0.80.10 =< release < 9, unles I've misunderstood your question ?
<teward> rbasak: i can say with relative certainty that's also a VMware problem as well, they still haven't fixed their tools for even the latest LTS kernel in Trusty, either.  (and I virtualize a lot of things0
<teward> rbasak: but yes open-vm-tools probably needs attention anyways
<teward> (it's vmhgfs stuff still doesn't work even under Trusty)
<gnuoy> jamespage, ok, I think I've done all I can do for Trusty. I've greated a mp against  lp:ubuntu/trusty-proposed/ceph and the bug has the SRU info in it
<gnuoy> jamespage, I have a pull request upstream for firefly ( https://github.com/ceph/ceph/pull/5831 ) but given 0.94.1 and 0.94.2 are not names releases I'm guessing there is no point doing one for them too?
<jamespage> gnuoy, those are the hammer release
<gnuoy> jamespage, so is the plan to pull vivid and wily to 0.94.3 then?
<jamespage> gnuoy, yes
<gnuoy> ok, I'll cherry pick the fix to hammer, thanks
<jamespage> for wily I have the upload prepared but the commit you pointed to - I could not specifically see how that was going to help with the shutdown process?
<gnuoy> jamespage, you can see  how it helps for wily or you can't see why it helps at all?
<gnuoy> s/you can see/you can't see/
<jamespage> gnuoy, whats the default for rgw_exit_timeout_secs
<jamespage> ?
<gnuoy> jamespage, 120
<jamespage> gnuoy, ok - I see now
<jamespage> fine - uploading to wily
<gnuoy> kk
<gnuoy> jamespage, hammer pull request done. Should I be looking for an Ubuntu sponsor for the trusty SRU? Not sure where I stand since you're doing vivid and wily
<jamespage> gnuoy, I'll do it
<gnuoy> thanks
<jamespage> gnuoy, btw is perfectly acceptable to pull the patch directly from github
<gnuoy> jamespage, do you mean rather than creating a quilt patch?
<jamespage> gnuoy, yeah - I just dump the <commit>.patch content into a file in d/p and then add it to series
<jamespage> normally works OK and you get the upstream commit message as well
<jamespage> otherwise its tricky to trace the patch heritage without adding headers manually
<gnuoy> ah, ok, good to know
<RoyK> anyone that knows something like a 'locate' system (slocate/mlocate) that can use a central database?
<jamespage> gnuoy, actually can you do that for your proposed trusty update? save me feeding back 'no traceablility' on the MP
<gnuoy> ok, will do
<gnuoy> jamespage, done
<rbasak> smb: have you seen DPDK upstream's replies?
<rbasak> smb: looks like upstream have removed CONFIG_RTE_LIBNAME now and it's hardcoded to dpdk
<rbasak> smb: but I take it the question about the version is still missing?
<rbasak> smb: or is that also now taking the version number from upstream?
<jamespage> gnuoy, merged and uploaded you trusty fix - tweaked the changelog entry to match the same I did for vivid
<jamespage> (and removed your crufty older patch :-))
<jamespage> gnuoy, its stacked ontop of the zap disks fix right now - Ideally we want to push that through first, but your change includes that one so we should be ok
<gnuoy> jamespage, ok, thanks for that. I guess quilt delete does not actually remove the patch but just stops applying it
<jamespage> gnuoy, yes
<jamespage> gnuoy, a good first start at triage - and thanks for emailing the team - helps all involved to learn
<coetry> I have a fresh ubuntu server from digital ocean and am trying to install the lamp stack, but i'm running into a weird problem that i haven't before
<coetry> Here is some output from my terminal
<coetry> http://pastie.org/10403306#36-40
<maxb> coetry: Looks like they system has been put in a seriously bizarre state, I'd throw it away, and start from a clean OS install
<maxb> And second time around, be more careful about what you change in /etc/apt/, this looks like some unpleasane mixing of incompatible OS versions to me
<coetry> ok, thank you
<teward> postfix question.  If I have an SSL cert, say, for skyfall.domain.tld, does the 'myhostname' field for postfix have to match the FQDN on the cert?
<quantic> teward: i don't know if it HAS to, but it should or some systems may whine about it.
<quantic> teward: at least, I believe so. I'm not really a postfix guru.
<teward> my assumption is it should so i'mma do that anyways
<rbasak> Not knowing this side of Postfix, I imagine that if it works like anything else it'll use whatever certificate you give it to use, and what you really have is a TLS over SMTP question rather than a Postfix question as to whether other MTAs will accept it. It might be worth looking at the relevant RFCs.
<teward> i think i've figured it out with postfix's docs
<teward> but if I stop getting mail I know that I broke it xD
<JanC> you could also just test it  :)
<teward> JanC: True, but a notification is primed to go out in... oh, 7 minutes... anyways
<teward> so :p
<jelly> teward: I'd imagine myhostname was less relevant than PTR and A record of the submission or smtp service listener IP
<teward> mmm
<edgy> Hi, My web server (ubuntu 14.04 LTS) running as kvm machine frequently stopped working since some days ago. I cannot access the page. I try to ssh or ping but still but not response. However, I managed to login via console and can't see anything wrong
<tanuki> edgy: What happens when you run ifconfig?
<tanuki> If it works via the console but ssh and ping fail, that screams network failure
<edgy> tanuki: I see my interfaces
<tanuki> Are the ones that are supposed to be up up?
<tanuki> Can you connect out?
<edgy> tanuki: Umm! unfortunately, I didn't notice it and rebooted, but next time I would check whether it's UP
<edgy> tanuki: good question i will try to ping out next time
<edgy> anything else you need me to check?
<edgy> tanuki: ^
<edgy> and what can be the cause of such things?
<tanuki> Not sure. Just running through standard troubleshooting steps.
<edgy> tanuki: thanks a lot for your valuable hints, I will check this next time
<AEL-H> I am trying to get some sound to play through the speakers attached to the computer running ubuntu server but I am having no luck, can someone please give me some guidance? (I am a linux newbie)
<SCHAAP137> AEL-H, install alsa and alsa-tools, add your user account to the audio group, then reboot
<SCHAAP137> afterwards use alsamixer to control volume levels
<AEL-H> I rebooted my computer, now nothing is coming up on screen and my computer makes a beeping sound on startup
<RoyK> AEL-H: what sort of beeping?
<RoyK> AEL-H: usually the BIOS has a beep thing if hardware is failing - the sequence is somewhat like morse code - short or long beeps
<AEL-H> RoyK: a long beep and then two short beeps -- which I think means there is a problem with the video adapter , but I don't understand how this would arise suddenly
<RoyK> it's not linux' fault - it's hardware
<AEL-H> Guess I'll open it up tomorrow:) thank you
<RoyK> http://www.tomshardware.co.uk/forum/289971-30-ex58-ud3r-long-short-bios-beep-code
<RoyK> unplug the video adapter and replug it
<RoyK> that might work
<AEL-H> I am just not sure why the problem would arise so suddenly? It worked fine until reboot then had a problem
<RoyK> well, linux certainly has nothing to do with that
<AEL-H> true:)
<RoyK> BIOS happens long before Linux loads
<RoyK> not sure why BIOS will morse you a D for that, though ;)
<AEL-H> haha
<RoyK> perhaps a bit easier than morsing --. .-. .- .--. .... .. -.-. ... / -.-. .- .-. -.. / -.. . ..-. . -.-. - .. ...- .
<JanC> RoyK: D for Display?  ;)
<RoyK> probably ;)
<JanC> or maybe "graphics card" starts with a "D" in Chinese
<JanC> it's different for many BIOS providers too
<RoyK> not likely, even though chieftek has very good Engrish in their products
<JanC> Chinese might have its own "morse code"-equivalent too
<JanC> or maybe the signals are just chosen randomly
<RoyK> .... --
<JanC> or whatever the developer who programs a particular part of the BIOS likes
<RoyK> that would be a good BIOS message
<RoyK> .-- - ..-. ..--..
#ubuntu-server 2015-09-08
<lordievader> Good morning.
<Number5> Hello guys, I have an Ubuntu server running with a replaced network card. Now I have the problem it doesn't detect the network card, although the hardware is detected by the OS. I've commented out all adapters in /etc/udev/rules.d/70-.... file. Now the adapter appears after 'ifconfig' but it doesn't have an ip. I also set eth0 to dhcp for automatic ip assignment.
<Number5> Isn't there a standard procedure to configure a replaced network card?
<Number5> Now I don't have an ip address just because I replaced my ethernet adapter :(
<lordievader> Number5: What is the output of 'ip l'?
<Number5> ok, I have to go to the other room, be right back
<Number5> well, I get a bunch of line, from lo to eth 3 or 4 Where lo and eth 0 seems to be active and others are in a DOWN state. Could it be that it goes wrong with dhcp? I can try to assign eth0 a static ip. See if that works.
<lordievader> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Number5> Wait, I'll check whether the utp cable is plugged in, if that's the case arrggghhhh
<Number5> lordievader, I didn't have connection, so that's why I couldn't post the output.
<lordievader> Right... That does make things harder. Anyhow is the nic you want up?
<Number5> Anyway, I solved the problem, because on the backside I found 2 ethernet connections, and one of them was not connected. After I connected the other one the problem is fixed. It's my fault, next time I don't have to rely on my colleague >:(
<Number5> He needed the server for his own testing (running windose) after that I don't know what he did.
<Number5> lordievader, thnx for trying to help me :)
<rbasak> smb: around?
<rozie> hi. I just hit http://askubuntu.com/questions/670106/igb-detected-tx-unit-hang but. I use 14.04 LTS and have spare machine to test
<rozie> on production "solved" by downgrading to 3.16.0-46-generic, but it's short term workaround. I wonder how to handle this situation
<rozie> will it be fixed in next kernel release?
<mnms_> Hi guys. Can I do software RAID 10 on Ubuntu ?
<mnms_> there are some limitation for RAID types ?
<andol> mnms_: "Currently, Linux supports LINEAR md devices, RAID0 (striping), RAID1 (mirroring), RAID4, RAID5, RAID6, RAID10 ...", according to mdadm(8)
<RoyK> mnms_: generally, don't use raid10 - it's a raid level that's somewhat been forgotten about and it lacks the flexibility other levels have
<RoyK> mnms_: I'd recommend setting up mirrors and using LVM to stripe over those
<andol> RoyK: That is not an unversially agreed upon opinion.
<RoyK> andol: by whom?
<RoyK> andol: you can't grow a raid10... which sucks
<andol> RoyK: Which may or may not matter depending on the situation. On the other hand it gives you much better perforamnce than raid5 or raid6.
<RoyK> andol: you'll get similar performance with lvm striping over mirrors
<RoyK> andol: but then again, just my opinions here. I really hate RAID sets that can't be changed
<rozie> RoyK: raid10 has many advantages. it is advised even for 2 drives
<rozie> at least by some people http://blog.a2o.si/2014/09/07/linux-software-raid-why-you-should-always-use-raid-10-instead-of-raid-1/
<rozie> IMHO "cannot grow" isn't really an issue - you also "cannot" grow raid1 or raid5
<RoyK> rozie: you can grow *and* shrink raid[56]
<RoyK> actually, you can grow any raid level except raid10
<RoyK> see mdadm(8)
<mnms_> I would like to create NAS for my backups
<rozie> raid[56] is very slow, so out of interest
<mnms_> and I thought raid 10 will be best option for me
<RoyK> mnms_: for backup, I'd use raid5 or raid6 - raid[56] is fast enough and raid6 is actually safer than raid10
<RoyK> fast enough for backup
<RoyK> slower on iops
<maswan> rozie: depends on the application, it is good for reading
<RoyK> but fast on squencial i/o
<RoyK> maswan: it's not bad on writing either - CPUs are fast enough to deal with parity generations these days
<maswan> RoyK: As long as it is sequential, random writes or too many streams that it ends up like random is not very fun
<maswan> but for reading it is like an n-1 or n-2 stripe in speed
<RoyK> maswan: well, we have > 200TiB on disk for VM storage, mostly on RAID-6 - it works, and it works well. So please tell me *why* it works ;)
<maswan> RoyK: do you have a write-back cache for that raid?
<maswan> also, random VMs seldom have high IO demands
<rozie> well, had very bad experience with raid5 on hardware controlers. raid10 works like a charm
<rozie> mnms_: for NAS - depends how you predict growth. I'd probably just go N times raid1
<rozie> even without lvm, but if you want continous space, use lvm
<mnms_> rozie: so just simple mirror ntohing more ?
<mnms_> rozie: I mean without stripe ?
<rozie> depends what you NAS will do. but IMO NAS rarely needs performance
<rozie> especially write performance
<rozie> and raid10 gives you mostly write performance
<mnms_> rozie: good then, cause mostly I will make a backups and do write operations
<mnms_> rather then read, occasionaly
<RoyK> maswan: about 200 VMs currently ;)
<rozie> RoyK: 200TB for 200 VPS? it's 1TB/VPS, so probably number of drives does the thing
<RoyK> rozie: *lots* of different VMs, from tiny to huge. Just trying to illustrate that raid6 works well. You don't need r10 for everything - *most* stuff runs well with raid[56]
<rozie> well, have opposite experience. but shared hosting and hardware raid, not VMs and softraid
<RoyK> rozie: it all depends on your application
<rozie> agreed. and raid5 requires checksumming to be done
<rozie> but if you have fast CPU and can sacrifice it - may work
<RoyK> raid5 doesn't require checksumming - it's just parity - and that doesn't consume much cpu, in fact, very little cpu. please don't misinform people
<rozie> yep, parity
<rozie> I wonder why it was so slow on hardware controllers, then
<rozie> (different types)
<RoyK> because most hardware controllers have a crappy processor and slow/narrow memory buses
<RoyK> enterprise raid systems always use more or less regular PC systems for their "controllers"
<rozie> but returning to my problem: I was hit by kernel bug http://askubuntu.com/questions/670106/igb-detected-tx-unit-hang can I expect it to be fixed in next kernel release?
<maswan> RoyK: hardware controllers have gotten better the last 5 years or so, 10 years it was common to get a controller for 12 drives where the maximum throughput of the raid processor in single stream read or write was less than the raw throughput of a single drive.
<RoyK> maswan: memory bandwidth in PC systems has gotten a wee bit better the last 10 years too ;)
<RoyK> maswan: so has buses
<maswan> RoyK: Yup. I still see limits in the HW raid controllers, but at least it is at aroudn 15-20 disks not 0.5-1 disks in MB/s. Software raid has roughly been faster than spinning disks since pentium III, in my experience.
<jpds> RoyK: I hear NVMe SSDs with bcache are all the rage these days
 * patdk-lap wonders how something can be faster than what it's build on
<patdk-lap> mirrors you loose half your speed, and other types you loose parity speed
<RoyK> jpds: just got these https://oc.karlsbakk.net/index.php/s/r7pz44kgJSJmyPG for testing vmware vsan ;)
<RoyK> patdk-lap: you get better iops with striped mirrors than with parity-based stuff
<patdk-lap> you still lost half your iops
<patdk-lap> over the raw disk speeds
<maswan> patdk-lap: A raid10 of 6 drives should have roughly 3x one drive for write speed and 6x for read speed
<patdk-lap> still attempting to understand how softare raid can be faster than the disks it's built on
<maswan> patdk-lap: Faster than one individual disk
<RoyK> maswan: that 6x is highly theoretical ;)
<maswan> RoyK: Yeah, I should have said 3-6x.
<patdk-lap> maswan, raid should always be faster than a single disk, or you seriously screwed it up
<patdk-lap> even back in 386 days
<maswan> patdk-lap: Yup. For a long, long time HW raid controllers did.
<patdk-lap> even software
<patdk-lap> the problem back then, was not the software, but not using a good hba
<maswan> patdk-lap: pci-x era raid controllers where a single drive do 100MB/s and the raid controller tops out at 80MB/s...
<patdk-lap> the built in ide ports on motherboards are just horrible
<patdk-lap> maswan, dunno about your pcix card
<patdk-lap> mine got a nice 300MB/sec
<patdk-lap> normally maxing out pci-x
<maswan> patdk-lap: Then you got lucky. Some of them did go pretty fast, but far from all of them.
<patdk-lap> normally used pcix adaptec scsi hba's on my p3's back then
<maswan> patdk-lap: plain scsi hbas, or hw raid controllers doing parity?
<jpds> RoyK: Not on the openstack bandwagon yet?
<patdk-lap> both, normally used hw raid
<RoyK> jpds: not yet
<maswan> Even today, the P822 we got the other day for our VM hosting tops out at roughly 15 of our 25 spinning disks
<jamespage> coreycb`, hey - I think we'll need to add a dependency on pymysql for all openstack python-XXX's otherwise upgrades will break for existing deployments.
<bananapie> can someone remind me of the magical command that builds a .deb package automatically from any sources without the debian directory?
<bananapie> checkinstall
<bananapie> thanks :D
<jpds> rozie: Can you /join #ubuntu-kernel about the igbe bug?
<rozie> oh my, third channel... joining right now
<coreycb`> jamespage, ok.  I added a pymysql dependency to most of the core openstack packages as well, for sqlalchemy.
<jamespage> coreycb`, some get it for free via taskflow but better to be explicit I think
<jamespage> coreycb`, I've jammed most of the dependency bumps that zigo did in experimental into wily-proposed
<jamespage> coreycb`, that's going to create some instability until we get the b3 milestones uploaded
<coreycb`> jamespage, ok
<jamespage> coreycb`, oh and I uploaded 2.4.0 of swift yesterday - finally got ontop of the erasurecode dep chain issues
<coreycb`> jamespage, yay!
<jamespage> coreycb, indeed
<jamespage> coreycb, its an un-optimize erasure coding dep chain, but it is functional
<med_> jamespage, smoser , zul etc: occasionally in an openstack cloud rebooting a Trusty cloud image just hangs at the GRUB prompt.
<med_> no console attached so it is not errant keys
<med_> does this ring any bells?
<med_> (Kilo OpenStack cloud, kvm/libvirt env, Trusty cloud image.)
<Pici> 6/70
<smoser> med_, probably the system didn't fully boot previously and grub is waiting for interaction.
<smoser> rbasak, do you recall that bug for grub timeout after failed boot ?
<med_> smoser, thanks.
<rbasak> smoser:
<rbasak> https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1443735
<ubottu> Launchpad bug 1443735 in grub2 (Ubuntu Vivid) "recordfail false positive causes headless servers to hang on boot by default" [High,Fix released]
<med_> looking
<smoser> it does seem if you're using up to date images you shoudlnt see that
<med_> not sure how up to date ours is but this looks like a strong work around at worst. Thanks Robie and Scott.
<lorek123> Hi, i needed to test my servers for ssl2 vulns so i installed openssl packets as in http://www.techstacks.com/howto/enable-sslv2-and-tlsv12-in-openssl-101c-on-ubuntu-1304.html. Now i have problem with skype installation because of no i386 packets. Are there any possibilites to fix this without reinstalling whole system? I'm now on ubuntu 15.04
<marcv> Hello, I'd like to get an ubuntu vagrant box corresponding to the ubuntu server 14.04 installed on my production server (not installed by vagrant). Anyone knows how I could know if I have to get the "-juju" box or the one without "-juju" on this page https://cloud-images.ubuntu.com/vagrant/trusty/current/ ?
<marcv> Does anyone know the difference between an install of trusty-server-cloudimg-i386-juju-vagrant-disk1.box and the same *without* -juju in the name?
<bekks> lorek123: Are you running 13.04?
<lorek123> no, 15.04
<bekks> ah.
<RoyK> lorek123: without answering, I'd strongly suggest using LTS for servers
<bekks> marcv: I guess you're faster setting up a server from the "normal" iso :)
<marcv> bekks: why do you think so?
<bekks> marcv: Because I just deployed a new vm, from the normal ISO, within less than 5 minutes.
<marcv> Well, my goal is to get the exact same install (same packages, same versions) as my production server.
<marcv> I don't want just any ubuntu
<marcv> I only know that my server runs a Ubuntu server 14.04, so my idea is to start the process by installing this exact version
<bekks> Install an stock Ubuntu of the same release as your production server, uninstall unnecessary packages, install additional packages matching the software selection of your production server.
<bekks> No need for using the very exact same installation medium.
<bekks> So just use the stock 14.04 image.
<marcv> I think it would be faster to just istall the serve version :-)
<marcv> I just had a doubt with this juju issue
<bekks> So use the stocl server iso. No need to mess around with juju or vagrant.
<marcv> vagrant is a prerequisite
<marcv> I want a vagrant box
<marcv> but I think I will forget about juju as you say
<bekks> You can setup a vagrant box with the stock server iso as well.
<bekks> I doubt your production server is a vagrant box, is it? :)
<marcv> nope, of course, but there may be no point in generating a vagrant box from the iso if I can get the vmbox directly...
<marcv> but I see your point
<Tangurin> Hi! I can connect to mysql via sequel pro (ssh) but when I do it via my application on the server it doesn't work.. what is a possible solution?
<Tangurin> I got : Access denied for user....
<bekks> Tangurin: Depends on the error message and the configuration of your application.
<bekks> So your credentials are incorrect.
<Tangurin> bekks: I use laravel, should I use 127.0.0.1 or localhost?
<bekks> Tangurin: laravel means nothing to me. Is the mysql db installed on the same server as your application?
<SCHAAP137> Tangurin, localhost and 127.0.0.1 should be the same thing
<Tangurin> bekks:  yes it is
<Tangurin> SCHAAP137: ok
<Tangurin> I also tried with root and when I write mysql -uroot -p I can write sql queries
<bekks> Tangurin: Then you should be able to use 127.0.0.1 or localhost, since both are identical.
<sarnold> SCHAAP137: there's a slight difference, 'localhost' also resolves to ::1
<SCHAAP137> very true, the ipv6 loopback adapter
<SCHAAP137> forgot about that detail for a moment
<Tangurin> the password is correct I just loged in via sequel pro with the same username and password
<sarnold> and since ipv6 and ipv4 have unique port ranges, you might have an application that binds to 127.0.0.1:foo but not ::1:foo.
<Tangurin> I can also see the database has the correct name in sequel pro
<Tangurin> somebody?
<sarnold> Tangurin: does mysql require username / password / source-address tuples in its authentication?
<Tangurin> sarnold: I'm sorry, I don't understand what you mean? I created a user with all possible permissions and with a password.
<Tangurin> Maybe I did wrong in that step?
<bekks> Tangurin: But you did not specify a hostname, did you?
<Tangurin> no
<sarnold> Tangurin: I've never deployed mysql, but postgresql requires setting where that specific usr is allowed to connect from -- I'm curious if mysql does the same, and if it's configured correctly for your application
<bekks> Take a look at the users in your db, and you will notice that e.g. root@localhost may login, but root@* may not.
<Tangurin> SELECT User FROM mysql.user; I get one user listed twice?
<bekks> Tangurin: See above.
<bekks> Tangurin: https://dev.mysql.com/doc/refman/5.1/en/user-account-management.html
<Tangurin> http://laravel.io/bin/yGoK3
<sarnold> probably those user names have other fields elsewhere inthe table
<bekks> sarnold: Correct.
<sarnold> .. that mean they are unique when looked at over the entire table
<bekks> Tangurin: Nope.
<bekks> Tangurin: You are not looking at all relevant fields in the user table.
<Tangurin> Okey I just figured out how bad I know these things, can we go down one level so I understand haha, I don't know how to get the relevant fields
<sarnold> select * from ...
<bekks> Tangurin: I just gave you a link :)
<sarnold> but I haven't got a clue how mysql stores passwords so don't pastebin the results :)
<Tangurin> bekks: yeah I saw the link thanks, but what am I suppose to look for?
<bekks> Tangurin: Well, you have to understand the user concept.
<Tangurin> bekks: I see and I agree but for now because of the deadline I have tomorrow, can you help me without my own knowledge?
<bekks> Tangurin: Unfortunately I cant, since I dont know how you setup your users.
<Tangurin> bekks: Can I remove the user and create a new one with correct setup?
<bekks> Tangurin: You can, but thats not necessary.
<bekks> Read the link, which takes about 15 minutes, and provide all necessary fields for your login.
<sarnold> Tangurin: I think this might be one of the cases where taking the half-hour or hour to read it through slowly and carefully would actually be the fast route
<Tangurin> bekks: ok. I get a user with the host: "%" what is that? is that giving permission to connect from other than localhost?
<Tangurin> sarnold: haha but I am stupid, need more time than that ;)
<sarnold> Tangurin: hehe :)
<bekks> Tangurin: the % is explained here: https://dev.mysql.com/doc/refman/5.0/en/adding-users.html
<sarnold> Tangurin: we'l, you're here, which is a good start :) if you were _actually_ stupid, you'd be on a web forum instead :)
<Tangurin> sarnold:  bekks the annoying thing is that I have done this so many times without a problem but this time I guess I wrote something wrong when I added the user and that might be why it doesn't work
<bekks> Tangurin: So read both links carefully, will will take about 20 minutes :)
<Tangurin> sarnold: haha well that was good to hear, now I just have to learn all too! I will, thanks =)
<sarnold> Tangurin: anyway, there are some times cases where trying to talk with others about the problem is going to be slower than understanding the thing yourself -- and I think this is one of them. there are times when just pasting the error message and getting a quick fix is the easy answer, but database users and application authentication is going to be one of those cases where describing to us what the application needs will take
<Tangurin> sarnold: I understand, and I see by my self that I need more knowledge about this anyway. "give a man a fish and he...." yeah you know that one, I have to hunt my fish so I can have food for a lifetime haha ;)
<sarnold> Tangurin: there's that, too; plus, once you understand these things, the next time you need it'll come back a lot quicker..
<Tangurin> sarnold: bekks Sorry I am already back... I just thought about one thing. I use the user "root" now and I can connect via my client application on MAC. And I can see the root as a user when I select all users in ubuntu mysql, how can I possible not login then? I mean I got prove that the username and password is correct and root works for localhost? Isn't it impossible the problem is at the mysql in ubuntu, should
<Tangurin> n't it be in the application which is trying to connect or what? sorry for writing this soon but I just don't understand how it cannot work when it works on my client, and I want to declare this again so you really understand what I am trying to do?
<bekks> Tangurin: root has three different hosts, as the user table reveals.
<Tangurin> bekks:  yes, correct
<bekks> Tangurin: The problem is your login into the mysql db :)
<sarnold> Tangurin: don't forget that the 'root' of mysql is completely unrelated to the 'root' of ubuntu -- except that connections over the unix socket may require specific unix usernames too...
<Tangurin> sarnold: Yes I understand the difference. bekks so I can login to mysql but not the database. Haha, sorry for beeing this annoying now and for not finish the reading but I get so stresses about this because this deadline is so important and I have never seen this problem before, it has always worked
<dasjoe> So, my NUC (DN2820FYKH) disconnects my USB keyboard somewhere between syslinux and the installer. I'm using trusty's boot.img.gz, any suggestions? :)
<RoyK> dasjoe: not sure, but have you tried to enable legacy usb in BIOS?
<dasjoe> RoyK: I've reset the BIOS to its default settings, "USB Legacy" is enabled
<RoyK> dasjoe: not sure, then, sorry
<Xeth> evening
<RoyK> Xeth: good localtime();
<Xeth> nice 1 :)
<dasjoe> RoyK: thanks anyways, made me re-check whether it's on or off. :)
<Xeth> i need a bit of help with a VM of ubuntu server, cant seemsto get it right
<RoyK> !ask | Xeth
<ubottu> Xeth: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Xeth> Ok, i have a ubuntu server 15.04 running in a VirtualBox on windows 10, i am using a USB wifi stick for internet and i am not able to get connected to the net on the VM. I did have it working for a brief moment then restarted the server now nothing, have looked at many forums and nothing seems to work. Any ideas?
<bekks> Xeth: Are you passing through the USB device to the vm?
<Xeth> yes
<bekks> Is the device recognized in the vm?
<ianorlin> Xeth, any reason you can't use nat on the windows host?
<Xeth_> strange this is, if i do a ifconfig i only see lo and not eth0 or anything else
<bekks> Xeth_: Are you using ifconfig or ifconfig -a?
<Tangurin> HELP: How can my ubuntu server krash becuase of an php application without giving me any logs?
<bekks> Tangurin: "PHP" :)
<bekks> Tangurin: What exactly happened when doing what exactly?
<Tangurin> bekks: I don't want to be lazy but I wrote the problem here so the best is to read it: http://stackoverflow.com/questions/32342654/laravel-kills-ubuntu
<bekks> Tangurin: Which other logs besides the apache error log did you investigate?
<Tangurin> bekks: I have tried to fix this for 1-2 weeks now, I really have no idea what the problem can be! If you can help me solve this I will ... I can't say kiss you but I really really need this. This is why I creating a new server every day for trying to see if it works the other day
<bekks> Tangurin: TL;DR - which other logs besides the apache error log did you investigate?
<Tangurin> I looked through all los in var/log and also laravel's logs (just a log with php errors)
<bekks> Tangurin: And what are the last entries in the messages logfile before the server get killed and the reboot is logged?
<Tangurin> bekks:  I have heard about this messages logfile so many times but I have never seen it, what is that?
<bekks> Tangurin: /var/log/messages
<Tangurin> bekks: I have none
<bekks> So pastebin "ls -lha /var/log" please, as well as "uname -a" and "lsb_release -a"
<Tangurin> bekks: haha you are confusing me... I got som dquote interface when I write that, what shall I do. You are pro!
<Xeth_> bekks: now i see eth0 but still no connection what can i try
<bekks> Xeth_: So configure it?
<Xeth_> ok im still new at this, learning how do i do tha
<bekks> Tangurin: No. I will not login via ssh and fix your issues.
<Xeth_> that
<Tangurin> bekks: I didn't ask for that, I asked for logging in see the logs because I have watched them so many times
<bekks> Tangurin: Use a pastebin then.
<Tangurin> bekks: how do I use the commands you wrote?
<bekks> Tangurin: You type in the commands, and copy and paste the output to a pastebin site, then provide the URL to us.
<Tangurin> bekks: http://laravel.io/bin/W4D3Y
<bekks> Tangurin: Can you pastebin the dmesg.1.gz file?
<Tangurin> bekks: it is not readable? just question marks and strange characters
<ianorlin> gz is compressed
<Tangurin> how do I copy the content+
<ianorlin> !info gist-paste
<ubottu> Package gist-paste does not exist in vivid
<ianorlin> oops
<ianorlin> !info gist
<ubottu> gist (source: gist): Upload gists to gist.github.com. In component universe, is optional. Version 4.3.0-1 (vivid), package size 13 kB, installed size 87 kB
<ianorlin> !info pastebinit
<ubottu> pastebinit (source: pastebinit): command-line pastebin client. In component main, is optional. Version 1.4-4 (vivid), package size 14 kB, installed size 164 kB
<ianorlin> two packages that provide that functionality
<bekks> zcat dmesg.1.gz | pastebinit
<Tangurin> thanks, I guess I did it correct?
<Tangurin> bekks: http://paste.ubuntu.com/12316438/
<bekks> Tangurin: Try to pastebin the kern.log please
<Tangurin> bekks: how do I write if it is not a compressed file?
<Tangurin> bekks: http://paste.ubuntu.com/12316455/
<arcsky> Hi guys, how do you guys recommend to remote your ubuntu server from a windows machine?
<bekks> arcsky: USe Putty, and ssh in :)
<Tangurin> bekks: This problem only occured at this hosts server but not when I use digitalocean server and I install ubuntu and its packages the same, so I don't understand how it only works at digitalocean and not at the host I use here
<arcsky> bekks: i mean GUI
<bekks> arcsky: You mean GUI in which context?
<genii> bekks: I'm imaginind zentyal or similar
<arcsky> bekks: like RDP in windows
<bekks> arcsky: Use freenx then.
<arcsky> ist better then vnc?
<bekks> Everything is better than VNC.
<JanC> also depends on what VNC
<JanC> it's extendable, so in theory somebody could fix it?  :)
<JanC> and there is SPICE, of course
<bekks> JanC: VNC is insecure and slow by design.
<JanC> it's not insecure over a secure connection
<jelly> most wrappers offer ssh tunneling for vnc
<bekks> VNC is insecure - you just tunnel it through a secure tunnel.
<jelly> bekks: yes.  http is also insecure, you just tunnel it thru ssl
<bekks> correct.
<JanC> and AFAIK there already are several extensions that make it somewhat better, but I don't know _how_ good it can get if somebody puts enough time in it
<JanC> also most VNC issues are related to 3D desktops & SFX, right?
#ubuntu-server 2015-09-09
<robert45> thanks
<robert45> hi guys, my software RAID6 failed and Im unable to start it, can someone help me how to fix this? http://pastie.org/10406429
<sarnold> what "possibly out of date" mean? that sounds ominous
<robert45> sarnold thanks. well I dont have a clue what does that mean
<sarnold> robert45: have you seen this yet? https://raid.wiki.kernel.org/index.php/RAID_Recovery
<robert45> sarnold In fact, yes. I tried the Event fix but didnt work, Im scary to try the recreate process since it may destroy the data
<arooni> do you folks typically run a repository for .dotfile configurations like .vimrc .tmux.conf that you'd like to keep up to date on all the machines you use them on?
<lordievader> Good morning
<jamespage> zul, guh - I keep hitting this - https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1493797
<ubottu> Launchpad bug 1493797 in lxd (Ubuntu) "lxd unix socket not accessible reliably" [Undecided,New]
<shoaib> hi
<Beliq> My hosting provider recently changed their VPS service, double the performance and significantly cheaper. However,  they still charge me for their old service. Didn't automatically scale me up nor offered transition. I am right to be disappointed ?
<shoaib> what is the use of having server computers at home?
<zul> jamespage: i think you are hitting this https://github.com/lxc/lxd/commit/593b4c0e50e87189fbf8e658855d9fdad870eb50
<jamespage> zul, yeah - I saw that and I think you are correct - I've tried a deploy from git one and it appears OK
<jamespage> maybe
<zul> ack
<jelly> shoaib: servers provide services.  Sometimes you want to have some services available at all times, even in a home environment.  For example, a file server to access media from various devices.
<Teduardo> has anybody been able to get sendmail to work after the logjam fix?
<jpds> Teduardo: https://twitter.com/sadserver/status/630745530100899840
<Teduardo> so the answer to my question i guess you are saying is no?
<Aethenelle> anyone install a CAS server on ubuntu successfully?
<Aethenelle> more precisely, when I run tomcat under systrace as root or tomcat8, the jaas config is read fine. when by systemd, it fails. I can't seem to get java.security.debug to work either.
<Aethenelle> any ideas?
<notafads> looking for help getting a raid 10 install up and running
<notafads> can tip im also willing to pay if completed dont know if that changes anything
<Pici> notafads: I'd start by looking at https://help.ubuntu.com/lts/serverguide/advanced-installation.html
<notafads> well i got hardware raid available via  http://www.newegg.com/Product/Product.aspx?Item=N82E16813182959 and no concept how to access the intel storage manager
<pmatulis> notafads: what's the storage manager? anyway, use hardware raid or software raid, not onboard (fakeraid)
<patdk-wk> heh? onboard fakeraid == software raid
<notafads> ?
<notafads> pmatulis, honestly i do not know i am having trouble locating it hence the issues
<pmatulis> patdk-wk: you say that b/c mdadm now can interface with onboard raid?
<patdk-wk> heh?
<patdk-wk> there is no onboard raid
<patdk-wk> dmraid is the software implementation that uses mdraid parts to do the work
<patdk-wk> the only part that is onboard raid, is a simple helper to let the bios boot
<pmatulis> onboard raid, i meant onboard raid controller
<patdk-wk> I origionally used it, back on 10.04
<patdk-wk> that lasted a few months, dmraid just annoyed me to no end, due to it's write buffering
<patdk-wk> and changed to mdraid
<pmatulis> patdk-wk: why did you say "onboard fakeraid == software raid" ?
<patdk-wk> cause there is no raid support with fakeraid
<patdk-wk> it DEPENDS on and uses software raid
<patdk-wk> fakeriad is raid boot support only, not raid at all
<patdk-wk> just a boot helper
<pmatulis> ok, by 'software raid' i meant 'mdraid (mdadm)'
<notafads> the motherboard i linked
<patdk-wk> mdraid is software raid, but your left to having the bios boot a usable disk yourself
<notafads> does do hardware raid?
<pmatulis> patdk-wk: right, so we agree ;)
<patdk-wk> nothing is worse than a disk the motherboard thinks it can boot, and doesn't work :)
<pmatulis> notafads: so i reiterate, use mdraid (madam) or a real hardware raid controller
<notafads> pmatulis, with ubuntu install it wont do raid 1+0
<notafads> natively
<pmatulis> notafads: your fakeraid/motherboard won't give you the raid you want?
<notafads> pmatulis, i cant seem to even figure it out on the mobo i cant find smart storage in the bios only have the option to turn raid feature on for esatas and satas
<notafads> sorry i am quiet new to this kinda everything fell into my lap
<pmatulis> notafads: just another reason to disable it then
<notafads> generally i am use to seeing a ctrl+S for storage options
<notafads> on boot
<pmatulis> notafads: probably for hardware raid
<notafads> but that option is not there
<pmatulis> notafads: that's b/c you don't have h/w raid!
<notafads> http://www.newegg.com/Product/Product.aspx?Item=N82E16813182959   b-but it says sata raid 0/1/5/10
<notafads> ;_; ugh
<sarnold> most of those "sata raid" things are thin shims toget a boot loader running
<sarnold> it's best to not trust them much
<sarnold> oh, heh, Isee pmatulis and patdk-wk have you well covered :)
<quantic> notafads: there's a difference between software/BIOS RAID (aka FakeRAID) and an actual hardware RAID controller.
<notafads> quantic, i am aware of that much but thank you
<quantic> notafads: then you're aware of the problems inherent in FakeRAID. Cool, I won't say anything more.
<patdk-wk> you do not want to use motherboard supported raid, unless there is a VERY VERY specific reason why, unless it's a real onboard raid card, like an lsi
<patdk-wk> and even then, those normally don't have options for a battery, or write cache, so are painfully slow in raid mode also
<notafads> quantic, no i know there is a difference not that i fully understand the issues
<quantic> notafads: ahh, gotcha. Misunderstood.
<notafads> quantic, sorry if my tone came off frustrated it is because i am just not at you guys just the issue in general.
<quantic> notafads: FakeRAID solutions generally just offload the RAID calculations to the CPU, and don't have any "real" RAID features, like write-caching, battery backup, etc.
<notafads> im trying to take advantage of an opportunity dropped in my lap and all i have done is continually hit walls.
<quantic> notafads: They're also somewhat proprietary. You won't be able to start the RAID set in any motherboard other than the exact model you're working with, for the most part.
<quantic> notafads: What are you trying to do?
<notafads> oh ok
<notafads> build a raid 10 in ubuntu install
<quantic> notafads: Oh, so exactly what I do.
<notafads> lol
<quantic> notafads: Don't use the motherboard RAID. Disable it. Use mdadm, works great.
<notafads> thats software?
<quantic> notafads: How many drives and how big?
<notafads> 4x 3tb
<notafads> hot swappable
<notafads> so i can quickly replace as needed and have a led indicator when i have issues
<quantic> notafads: Big, fat drives. Okay, you'll have a few gotchas. 1. You MUST use GPT. Disks are too big for MBR partitioning.
<quantic> notafads: Create the following partitions in the installer: a. 1MB - reserved BIOS boot partition. 2. 1G - RAID partition. 3. The rest of the disk, RAID partition.
<quantic> notafads: On each disk.
<patdk-wk> if you want the led's to work, you will want hardware raid
<notafads> leds are essential so its dummy proof for the most part on my behalf
<patdk-wk> you can make led's work with software raid, but it is a lot of work, and different on every system
<notafads> quantic, your saying software raid?
<quantic> notafads: Yup.
<notafads> patdk-wk, i will have to go with a hardware raid controller i need those leds
<quantic> notafads: If you want hardware raid, buy a raid controller. If you want to use what you have and make a functional system, use mdadm.
<notafads> quantic, ^
<quantic> notafads: With basic configuration, no, you don't. Mine emails me if a drive fails.
<quantic> but hey, its your system.
<notafads> quantic, thats actually pretty cool
<patdk-wk> depends on the usage
<patdk-wk> emailing is needed either way :)
<patdk-wk> but not having someone pull the wrong disk when actually at the rack, is helpful
<notafads> patdk-wk, thats what i am afraid of
<notafads> im kinda being forced into being a system admin on this server and i got someone to help me set it up and everything however i do need to get around this hurdle first
<pmatulis> notafads: get a real raid controller then
<patdk-wk> now for the next question :)
<patdk-wk> what kind of performance do you need?
<pmatulis> heh heh
<patdk-wk> will you need a real raid card, with bbwc, or just a hba that *kindof* does raid
<patdk-wk> bbwc makes writes very fast :)
<patdk-wk> but your talking like $250 vs $750
<notafads> thats way to much
<patdk-wk> both?
<patdk-wk> really though, software raid is going be better than the lower cost option
<patdk-wk> but led's will have to be done manually, if it is even possible
<patdk-wk> possible depends on the hardware
<patdk-wk> normally the best idea for that, is just to pound the disks, and remove the one that isn't blinking :)
<sarnold> haha :)
<patdk-wk> it works on kids too, remove the one that doesn't yell
<sarnold> hahahaha
<pmatulis> patdk-wk: i would prolly try to take a pulse but you're business ;)
<pmatulis> *your
<blizzow> I have a server with 256GB RAM, I'd like to set aside 32GB of RAM as a ramdisk mounted at /myramdisk on every boot. How would I do that in trusty server or vivid server?
<tarpman> blizzow: a line in /etc/fstab of type tmpfs with a size option
<jrwren> blizzow: you CAN do that, but likely you don't need to. linux bufcache is REALLY good.
<jrwren> blizzow: anyway, we call it tmpfs. files in it may get swapped out.
<blizzow> Here's the kicker, I have no swapfile.
<jrwren> blizzow: should be fine still.
<RoyK> blizzow: really, use swap, it'll help you use physical memory better
<RoyK> blizzow: not sure how much with a quarter of a terabyte of RAM, but it all depends on the load
<blizzow> RoyK: The server hosts a bunch of VMs. The out of memory killer kills a VM once in a while, and I believe it's because there is no swap.  The problem is, I have to be absolutely sure the VM processes do NOT hit our swapfile.
<RoyK> blizzow: the linux memory manager is very good at spotting pages not in use and swapping those out - better allocate a truckload of swap and you'll se it's using a small amount of it and leaving the left RAM usable for something useful
<RoyK> blizzow: linux swapped out whole processes sometime in the mid ninetees - it doesn't do that anymore
<RoyK> blizzow: why don't you want pages of the VMs swapped out, btw?
<blizzow> Because it's super hard to tell if a VM is having performance issues because the hypervisor has swapped out part of the VM process, or there is a problem in the underlying VM.
<jrwren> blizzow: you can get dynamic swap instead of using swap partition by installing swapspace package.
<RoyK> blizzow: let linux do the job, please. you can adjust vm.swappiness (how rapidly swap is used) with sysctl
<RoyK> blizzow: default is 60 (out of 100). set it to 1 if you're very nervous. probably the default is good. it's always better for a VM to be slow than to be dead
<jrwren> there are good tools which will tell you swapped out pages for a process, if you need.
<RoyK> jrwren: you rarely need those
<RoyK> people are too afraid of swapping - it's not like win95 swaps :P
<jrwren> RoyK: maybe when you want to tell if a VM is having performance issues because its swapped out.
<RoyK> jrwren: then you'll see that on the i/o numbers on the host - it's that simple
<RoyK> jrwren: and a VM is *never* swapped out - just the pages it didn't use much
<RoyK> jrwren: if you have too little memory - get more - don't stop swap - it's a lifesaver
<jrwren> RoyK: how can I tell that a VM is having performance issues because pages of it are swapped?
<ciscam> Using virtualbox 4.3 two of my ubuntu servers are behaving differently. one is a default installation via .iso and the other is an openvpn-as prepared .vhd. Now when I suspend both of them, on resume the default ubuntu server (15.04) has the correct time in a few seconds and the openvpn-as prepped server (14.04.1 LTS) continues at the time when it was suspended, until I 'ntpdate time.nist.gov' it
<RoyK> jrwren: you'll see it by the swap usage on the host
<blizzow> if one VM is busy hitting I/O and another VM has chunks that are swapped. It's camouflaged.
<jrwren> RoyK: so you are syaing don't swap?
<jrwren> RoyK: so why have a pagefile?
<RoyK> jrwren: please - it's been 24 years of development on linux and everyone in the kernel developer gang says "use swap!"
<RoyK> jrwren: you may want to try without it, but you may as well trust the experts
<RoyK> jrwren: I'm saying swap is nice, because it sorts out the bits of allocated memory not in use are swapped out for the rest of the memory to be used efficiently
<RoyK> jrwren: just trust those nerds, please
<ciscam> What I found out is that ntp is not installed on the default ubuntu server and the command hwclock returns that it's not accessible via known means. Does somebody know how it synchronizes the time anyways? The openvpn-as servers ntp is configured with 'tinker panic 0' and hwclock returns the time when it was suspended, identical to date. the time only syncs with a manual ntpdate.
<RoyK> ciscam: why virtualbox?
<jrwren> RoyK: i'm only asking questions. I can either keep asking becuase I don't understand you, or I can stop. What do you suggest?
<ciscam> it's available as a preconfigured jail for freenas
<ciscam> neither of those servers has the guestadditions installed
<jrwren> blizzow: I'm curious what solution you use. Let me know, please?
<RoyK> jrwren: just use swap, ok?
<jrwren> RoyK: *sigh*
<jrwren> RoyK: it depends. ;]
<RoyK> no, really, it doesn't
<RoyK> setup swap and set swappiness = 1, and it'll only use swap when it's critical
<jrwren> RoyK: i'm ok with no swap on some small VMs and certain other applications.
<jrwren> RoyK: i'm ok with no swap on rpi
<RoyK> well, justr trying to help, I've been using Linux for >20 years, you're on your own
<jrwren> RoyK: i'm almost always leary of absolute prescriptions.
<jrwren> RoyK: >20? wow!
<jrwren> RoyK: Any advice on monitoring an applications pages being swapped out?
<blizzow> jrwren: I tried to mount -t tmpfs -o size=2048M tmpfs  /swapspace  Then I made a swapfile in there and when I tried to swapon -a /swapspace/swapfile, I get "swapon: /swapspace/swapfile: swapon failed: Invalid argument"
<jrwren> blizzow: a swap file on tmpfs? WTF are you doing? don't do that.
<blizzow> I wanted to use a ramdisk for swap. :(
<jrwren> blizzow: it literally makes zero sense. :)
<tarpman> o_O
<tarpman> blizzow: what's the difference between a swap file backed by RAM, and no swap at all?
<tarpman> blizzow: suggestion: apt-get install zram-config
<RoyK> blizzow: that's nice, if you're low on RAM, send the data through several layers of complexity to RAM :D
<blizzow> I'm trying to avoid VM processes from EVER touching disk based swap. This is so I NEVER have to worry about a swap as a variable for VM performance. A problem arises in the hypervisor activates an OOM killer and kills VMs when there is no swap given to the hypervisor.
<sarnold> blizzow: sounds like what you really want is to make sure the sum of all memory on all VMs on the system is ~two gigabytes less than the amount of RAM installed in the machine
<blizzow> I'm trying to eliminate hypervisor swap access as a variable for VM performance. That's all.
<blizzow> sarnold: That's part of the problem.  Having no swap seems to activate an out of memory killer even when the sum of all VMs on the system uses 50GB less RAM than is available to the system.
<blizzow> I'd be fine without the ability to overcommit RAM to virtual machines, but only being able to commit <60% of RAM to VMs seems wrong.
<jrwren> blizzow: you can set swapiness per cgroup. start each VM in a cgroup with swapiness 1
<sarnold> blizzow: that's gotta be wrong somewhere. please file a bug.
<sarnold> blizzow: with that kind of memory I wonder about numa memory placement but .. even that shouldn't invoke the OOM killer.
<blizzow> sarnold: When the OOM killer gets invoked, in NUMA node 0, the largest page the kernel has available is 8kb.
<sarnold> blizzow: ouch. :/
<blizzow> cgroups/cgmanager documentation is worse than trying to read stereo instructions from Ikea. How do I ensure that any qemu-kvm processes have swappiness set to 0 or 1?
<Doyle> Do values set in /etc/default get loaded on service reload, or just service start/restart?
<Doyle> ./etc/default/whatever
<sarnold> Doyle: hopefully all three
<Doyle> I suspected. Thanks sarnold
<Aethenelle> anyone know how I can get java's securitymanager to actually output debugging info under ubuntu's install of tomcat?
<iurygregory> Hello jamespage, I'm making puppet modules for openstack and I have a pythonlib called pysaml2 (which is installed using pip) it is possible to have a repository to be used apt-get?
<Kallis> hi there, i was wondering if anyone could help me please, I am running this command to copy from a server to a local directory rsync -r -t -v --progress -s /run/user/1000/gvfs/smb-share:server=192.168.15.101,share=ac /tage-data/ac when the items copy they are dropped into a directory on the local system called cmb-share:server=192.168.15.101,share=ac but i want the files to overwrite or resume from the remote ac
<Kallis> folder to the local ac folder
<sarnold> Kallis: try adding a / to the end of both the source and destination
<Kallis> ok i will try that now
<sarnold> Kallis: /run/user/1000/gvfs/smb-share:server=192.168.15.101,share=ac/ /tage-data/ac/
<Kallis> that did it
<Kallis> derp
<Kallis> been playing for hours lol
<sarnold> rsync is brutal that way :)
<Kallis> thank you again :D
<sarnold> or maybe _subtle_ is better description...
<Kallis> heh
<sarnold> anyway, I know i'v elost hours to that one too. hehe.
<Kallis> i don't feel quite so derp now lol
<Kallis> how to make acls work and i can go to bed :D
#ubuntu-server 2015-09-10
<diytto> Hey is it possible to not have partitions set up for things like / and /home
<diytto> I keep running out of space in my / partition since I set it to 10GB, what would be a better size for it i guess
<quantic> diytto: I use separate partitions for /, /home, /boot, /var, and /tmp. What are you using the system for?
<diytto> I am assuming that's the default, i just have trouble managing my available disk space a lot of the time
<quantic> diytto: no, I'm just particular as hell. :P
<quantic> diytto: what exactly is filling you up and causing issues?
<diytto> ah okay
<diytto> well i started a minecraft server for me and a bunch of friends and it's using /tmp or something and filling it up
<quantic> diytto: Ahh, gotcha.
<diytto> and my web server is taking up space as well
<quantic> diytto: which is in /var
<diytto> yep
<diytto> basically all problems stem from minecraft lol
<quantic> diytto: Try this: du -d1 -h /
<diytto> actually i think plex is using some also
<quantic> diytto: That'll ACTUALLY tell you where all of your space has gone.
<diytto> looks like /var and /usr
<quantic> diytto: and how is your space allocated currently? partitions, or lvm?
<diytto> partitions i believe
<quantic> diytto: ouch.
<diytto> yeah
<diytto> it's a setup from my server host
<diytto> they have images i can use
<diytto> i can only set partition sizes at setup for the OS, and previously before i had the minecraft server 10GB for / was fine :p
<quantic> for something like that, I'd just do everything in a single partition./
<diytto> I would like to do that, but i'm not sure how
<diytto> it may not even be possible for my host
<diytto> this is from my host http://wiki.hetzner.de/index.php/PartitionsgrÃ¶Ãenlimit_bei_groÃen_Festplatten/en
<diytto> quantic: it looks like i could use LVM
<quantic> diytto: then do that. :P
<diytto> how would i configure it, what are the options for its usage
<diytto> there is a small setup for it from my host, but i don't quite understand all that it is doing
<diytto> something about a vg0?
<quantic> diytto: tl;dr version: one partition gets carved up for multiple filesystems that can be managed easily without mucking with partitions.
<diytto> ah gotcha
<diytto> from what i read about it lvm basically just manages everything
<diytto> like a bunch of 'virtual' partitions
<jamespage> iurygregory, should be installable already (python-pysaml2)
<guillaume_s> hi everyone
<guillaume_s> i come to you because i've been a regular user of Ubuntu for a more than a decade now and i would need to install ubuntu server on an IBM Power5 v5r4 . This is the first time i install it on a server without a screen and i would like to just have the overall process or at least where to start ?
<Lartza> guillaume_s, Serial console, network terminal if Ubuntu Server starts one(can't remember) or make an automated install
<guillaume_s> hmm
<Lartza> Then it's just like installing the minimal, with the options
<guillaume_s> This is the first time i approach a server so i don't even know where to start to get to the Serial Console or to the Network (you mean PXE ?)
<guillaume_s> i'm installing iSeries Access
<Lartza> I mean SSH
<Lartza> It doesn't seem to start on the install cd boot though
<Lartza> I have no idea what iSeries Access is?
<guillaume_s> it is a tool to access your IBM server i guess
<Lartza> But you need to install it to an installed OS right?
<guillaume_s> yes i guess so ?
<Lartza> Wait, Power5 v5r4?
<guillaume_s> yes
<Lartza> That is not a server?
<Lartza> It
<Lartza> It's an OS?
<guillaume_s> it is an IBM Power5 server with OS v5r4
<Lartza> But you want to replace v5r4 with ubuntu right?
<guillaume_s> We don't know exactly what we should do. We would prefer create a partition today and tomorrow maybe delete the partition OS V5r4
<Lartza> Well in either case
<Lartza> iSeries Access won't help you at all
<guillaume_s> but it's a dual boot yes
<Lartza> Or maybe...
<Lartza> To install ubuntu you should boot the installer from a CD or USB
<guillaume_s> i don't know if that's where i could have found an ssh access or something
<guillaume_s> yes
<Lartza> And you want to SSH into THAT
<guillaume_s> that's what i want
<Lartza> iSeries Access would be running on the v5r4
<Lartza> So no help
<Lartza> v5r4 is not running when you install ubuntu
<guillaume_s> but how can i get to the server without any screen, how do i get to the ssh before installing ubuntu ? (i must be dumb but i can't figure it out)
<Lartza> Like I said, you need to boot the install media
<Lartza> And then you need serial console or SSH access
<Lartza> For SSH you need to modify the install media to launch the server
<guillaume_s> so let's talk pratically ahh
<guillaume_s> ok
<Lartza> And serial console is, serial console? You know what that is?
<guillaume_s> so i prepare my usb key with a version that you're gonna tell me is the best
<guillaume_s> and how do i boot it from the server ?
<Lartza> Ahh...
<guillaume_s> i know what a serial console is and i used to use SSH but it's just like if i don't know what the doors of a server are, so i don't know where to put my inputs
<Lartza> If the server is not set up to boot from CD or USB
<Lartza> you need to change that, if that is not possible from v5r4 somehow then from BIOS, and you need serial console for that
<guillaume_s> ok i get this
<guillaume_s> then he tells me that he usually use telnet (he never installed linux that's why he needs me)
<Lartza> Okay?
<guillaume_s> but it is useless for what we want to do right ? so if i understood well, i prepare my boot device then i change the boot order on the server it boots on the device
<Lartza> Yes
<guillaume_s> launch an SSH server on which i connect
<Lartza> Umm
<Lartza> But if you don't have a screen then
<guillaume_s> i don't
<Lartza> You need a way to access it for install
<Lartza> No serial console access?
<guillaume_s> he tells me we have telnet
<Lartza> To what? v5r4?
<guillaume_s> exact
<guillaume_s> we have ethernet ?
<Lartza> Forget v5r4
<Lartza> Forget it is on the server
<Lartza> You don't have telnet to the bare server
<guillaume_s> yes i get that that's what i told it
<Lartza> If you don't have serial console then it could be possible to install Ubuntu from inside v5r4 too
<Lartza> It is Linux right?
<guillaume_s> propriety system i5
<guillaume_s> not linux
<guillaume_s> if only i had a screen !
<guillaume_s> but i should be able to use the pxe right ?
<Lartza> pxe?
<guillaume_s> the network install
<guillaume_s> via the ethernet
<Lartza> You still need a screen...
<guillaume_s> yes i have a computer
<Lartza> PXE only means the server boots via ethernet
<guillaume_s> which i connect to the server
<guillaume_s> in ethernet and launch the install from there
<Lartza> Sure, how are you going to see the installer?
<guillaume_s> i already install ubuntu like this on another computer when i didn't have any cd or usb key
<TJ-> guillaume_s: installing an a headless server requires either a remote KVM, or a modified PXE/TFTP/NFS boot that starts an ssh server early
<Lartza> TJ-, Or serial console
<Lartza> guillaume_s, v5r4 is linux...
<guillaume_s> don't confuse me !!! ;)
<guillaume_s> yes ok
<guillaume_s> he might not know very well
<TJ-> Lartza: Or serial console; but you've still got to modify the installer startup code to achieve it
<Lartza> TJ-, I thought you didn't
<Lartza> Oh nvm you do...
<guillaume_s> he tells me that we need to create a partition from the 5v4 first ? (he remember about a friend who installed linux) can you tell me if that's really necassay or everything can be done via the ubuntu install ?
<Lartza> Why is the Ubuntu Server iso so bad?
<Lartza> :D
<Lartza> guillaume_s, You should free up space for Ubuntu if you can from v5r4
<Lartza> But you'll format the space in the installer
<guillaume_s> i just want tobe sure (this seems logic to me but as i never used a real server i don't want to make a stupid move)
<guillaume_s> so how am i gonna do this ?
<guillaume_s> what is the best solution, i have my server and a usb key
<TJ-> v5r4 isn't Linux by the way, it's IBM i5/OS
<Lartza> Okay, it was not a clear indication of it was but Linux is referenced in many places for it...
<Lartza> *if it
<TJ-> i5/OS is the successor to the OS/400 from the As/400 days
<TJ-> guillaume_s: You'd best create a test plan and do some none-destructive Linux boot/run tests to begin with, ensure everything works as expected (hardware, services, CPU power/idle, etc.).
<Lartza> TJ-, He is going to keep v5r4 and dual boot
<guillaume_s> so what he tells me (but i'm not sure he exactly know what to do) in his word, we are going to create a partition from Virtual Partition Manager and then "boot on that partition" access it via a ttys and install ubuntu
<guillaume_s> does that sound logic to anyone ?
<TJ-> guillaume_s: And for that you'd be best making an *installintion* of Ubuntu/Linux Server edition to a USB mass storage device, or other removable, bootable, media. You can do that with a QEMU virtual machine to match the architecture. That way you can customised the installed PowerPc image on the removable media and boot-test it in the VM to ensure the SSH service is available early, and that you can
<TJ-> use it to trigger the debian-installer, rather than have d-i auto-start on the primary console.
<TJ-> guillaume_s: It sounds like the sysadmin is on about creating an LPAR for Linux
<TJ-> guillaume_s: in which case it's not replacing i/OS, it is using it as the hypervisor for a Linux partition
<guillaume_s> yes
<guillaume_s> he is not sure about removing the 5v4
<guillaume_s> 5r4
<guillaume_s> but he would like to be able to do it later
<TJ-> guillaume_s: this might be useful for you http://www.redbooks.ibm.com/abstracts/sg248000.html?Open
<guillaume_s> so that's either a sort of dual boot or a way to install it On the 5v4 but it sounds like chinese to me
<guillaume_s> TJ-: i was on this http://www.redbooks.ibm.com/redbooks/pdfs/sg246388.pdf
<guillaume_s> he doesn't have any HMC console
<guillaume_s> "[12:34] <TJ-> guillaume_s: It sounds like the sysadmin is on about creating an LPAR for Linux" what do you mean by IT ?
<TJ-> guillaume_s: so presumably v5r4 is an upgrade from v5r2?
<TJ-> guillaume_s: 'It' ... I was referring to your description of the system. If it has i5/OS and the sysadmin talks about partitioning, in IBM land that usually means they are referring to an LPAR, not to the partitioning of a disk that most people familiar with Intel systems think of.
<guillaume_s> so he tells me that when you do this then it asks you for the location of the image and starts the installation
<TJ-> guillaume_s: this gives a good overview. Note for systems without HMC there's the VPM instead. https://www-01.ibm.com/support/knowledgecenter/POWER5/iphat_p5/iphbli5oslpardifferences.htm?cp=POWER5%2F1-7-2-2-1
<guillaume_s> ok i think i understood something, apparently when you create such partition then you can launch it and you are connect via some kind of ttys access
<TJ-> guillaume_s: it's almost the same as using QEMU for virtual machines. i5/OS VPM acts as the hypervisor admin interface. You configure the location of the OS image, the resources the VM gets, etc.
<guillaume_s> does it sound logic to you ? so the best would be to boot on this partition and launch the install via the ttys ?
<guillaume_s> is it easy ?
<guillaume_s> what should i take care off ? is is like a regular installation (beside configuring apache i imagine)
<TJ-> guillaume_s: I'ts IBM, they don't make easy... they make complicated + gotchyas to encourage you to buy service and support contracts :)
<guillaume_s> but i'm supposed to be the service. I know a lot about computers but the whole server thing is missing in my mind i should be able to do this. I need work and he proposed me a good pay so i'll have to do this
<guillaume_s> so basically the VPM will ask me to point it to the ubuntu server image right ?
<TJ-> guillaume_s: In that PDF guide you gave me, Chapter 3.3 gives details of the VPM steps
<TJ-> guillaume_s: I suspect the sysadmin will do all that for you? Surely they're not expecting you to handle the VPM side too?
<guillaume_s> yes
<jamespage> niedbalski: hey I see you've been poking at bug 1474667
<ubottu> bug 1474667 in ceilometer (Ubuntu Vivid) "log dir permissions are incorrect for use with swift" [Low,In progress] https://launchpad.net/bugs/1474667
<guillaume_s> yes
<guillaume_s> he will do it
<guillaume_s> but i can do it too
<jamespage> any further thoughts on resolution for swift, bearing in mind the NACK from the security team on the proposed fix.
<TJ-> guillaume_s: if the LPAR is created via VPM because there is no HMC, then the sysadmin can configure a TCP/IP socket as the VMs console. So you'd connect to that and it'd be like a remote-KVM connection. You'd see and be able to interact with the system firmware just like being on a PC. No SSH link required.
<TJ-> guillaume_s: Will you be on-site whilst installing, or operating from a remote location?
<guillaume_s> i'm there
<guillaume_s> the server is near me
<guillaume_s> so we'll start in 2 hours we are doing a backup
<guillaume_s> first
<guillaume_s> which image should i use ?
<TJ-> guillaume_s: OK, now mention of telnet makes sense. I think lack of context is the problem here. When you hear 'telnet' for Linux you jump to the conclusion that the telnet session is initiated by the Linux OS itself. I think however, that the sysadmin means that he'll set up a telnet session for you to the LPARs console (which to you is like a remote-KVM link so you interact with the LPAR at the
<TJ-> firmware level)
<TJ-> guillaume_s: image? You mean Ubuntu Server? 14.04.3 LTS for the appropriate archictecture of the LPAR
<guillaume_s> yes
<guillaume_s> so in his "souvenir" (we are French) he creates the partition via VPM then he can connect to the it via its ip via a terminal
<guillaume_s> from there he remembers to be asked for the location of an image to start an install
<guillaume_s> but he might remember not that well
<TJ-> guillaume_s: Read the RedBook guide; it'll ensure you're pre-familiar with what to expect :)
<guillaume_s> we are checking. Can i know if you'll be here in 2 hours TJ- i thank you a lot for helping me
<guillaume_s> exactly
<guillaume_s> thanks Lartza
<TJ-> guillaume_s: No, I only popped in whilst drinking a coffee :)
<guillaume_s> it reminds me of when i was doing this 10 years ago while helping people install linux (on normal machines)
<TJ-> guillaume_s: I have 2 energetic Huskies and a Border Collie to run into exhaustion :)
<guillaume_s> long time i had not been on IRC.
<guillaume_s> Much more important my friend :)
<guillaume_s> i guess i'll find some help anyway
<guillaume_s> it's 1pm here but only 7 am in U.S i guess
<TJ-> guillaume_s: Good luck with it. Remember, if you're installing to an LPAR.. you can try again if it doesn't succeed first time.
<TJ-> guillaume_s: I'm in England; midday here
<TJ-> guillaume_s: I think your main check-list should be to ensure the correct resources at assigned to the LPAR in the VPM
<TJ-> s/at assigned/are assigned/
<guillaume_s> yes
<guillaume_s> so from the Red Book i have understand a few things
<guillaume_s> page 178 of the redbook
<guillaume_s> they explain how to set a tcp ip connection to connect with HVM
<guillaume_s> TJ-: are you still here ? can you check at that place ? 178 i don't know where to point the image
<guillaume_s> the ubuntu install image
<guillaume_s> IPL stream file right ?
<guillaume_s> page 121
<guillaume_s> http://www.redbooks.ibm.com/redbooks/pdfs/sg246388.pdf
<iurygregory> jamespage, do i need to set the repo in the source list? Thanks for the information =)
<Dulcin> Hi, what's the best way to upgrade an older Ubuntu version (10.04 LTS) to the latest version?
<maswan> switch the apt sources to old releases archive, do-release-upgrade in the supported steps (LTS to LTS)
<psih0man> hello! I'm having a problem setting up pam_winbind to work with ssh: wbinfo -u, id and getent passwd all work and show all domains users, and I set "compat winbind" in nsswitch.conf and disabled all firewalls. I'm running Ubuntu 12.04 and samba-2:3.6.3-2ubuntu2 and when logging in using ssh, in auth.log I get "account has expired", even though on Ubuntu 14.04 with samba4 the login works for the same user, who has "Account expiration: Never" set in AD. 
<psih0man> the problem seems to be in the account pam processing stage
<psih0man> I found this patch https://launchpad.net/ubuntu/+source/samba/2:3.6.3-2ubuntu2.5 but I don't know how to get a deb out of it
<psih0man> here are the relevant parts of auth.log: https://dpaste.de/23ec
<jamespage> bug 1477225
<ubottu> bug 1477225 in ceph (Ubuntu Vivid) "ceph-radosgw restart fails" [High,In progress] https://launchpad.net/bugs/1477225
<jamespage> arges: hey - any chance we can get the trusty SRU for ^^ accepted? its causing some testing pain right now
<jamespage> ditto on the vivid on as well
<arges> jamespage: there was already a ceph upload in -proposed awaiting verification, this is why I didn't accept that one yet
<arges> jamespage: bug #1475247 and bug #1477174
<ubottu> bug 1475247 in ceph (Ubuntu Trusty) "ceph-disk-prepare --zap-disk hang" [High,Fix committed] https://launchpad.net/bugs/1475247
<ubottu> bug 1477174 in ceph (Ubuntu Trusty) "[SRU] 0.80.10 stable release" [High,Fix released] https://launchpad.net/bugs/1477174
<guillaume_s> hey back
<jamespage> arges: ah right
<guillaume_s> so i explain my little story. I'm installing for the first time a Ubuntu on a IBM Power5 machine. Some people have helped me here about the process to follow. Creating a partition via the VPM for the linux and then connect to it via a TCP/IP connection and launch the install. But before this i have to create that partition but i would like to reduce the main i5 v5r4 os
<guillaume_s> partition
<guillaume_s> does this speaks to any of you ?
<guillaume_s> nobody ?
<dschatz_> hey all, I have a fresh install of trusty but my network cards come up as eth0, eth1, etc. How can I get it to use a predictable naming scheme?
<teward> dschatz_: in theory, write udev rules accordingly, but there's a ton of udev rules.  In 99% of all cases, that *is* a predictable naming scheme
<teward> (eth# indicates an ethernet interface, wlan# for wireless, tun# for tunnels, etc.)
<teward> unless you mean something else for 'predictable'
<dschatz_> teward, I need it to be stateless: https://lists.ubuntu.com/archives/ubuntu-devel/2015-May/038761.html
<dschatz_> teward, and by predictable I mean (for example) something based off the physical location of the NIC
<dschatz_> I built this FS using debootstrap, and everything I read says that trusty should be using this new predictable method but that doesn't seem to be the case
<teward> I'm not sure if that was implemented in Trusty, since Trusty is back from 2014.  The thread you have there is from May, and if I'm not mistaken that wasn't made available until a recent cycle, but I'm not as 100% familiar with the udev stuff.  Someone more familiar with that can comment
<teward> (I've not noticed 'predictable' names except in latest daily images, which aren't 14.04)
<teward> Perhaps a latest image has that, and I missed it though
<dschatz_> ok, thanks
 * teward redownloads 14.04 with the latest image
<teward> dschatz_: got supportable confirmation from other devels that that's a Wily change, and not a backportable change so it's not in Trusty.
<teward> in that it's intrusive and they won't apply it retroactively to older releases.
<teward> dschatz_: so whatever 'source' you've been reading saying Trusty has that system of naming, is wrong.
<teward> (it's only in Wily, which isn't even released yet, and is still in devel)
<dschatz_> teward, thanks a lot
<tarpman> dschatz_: biosdevname might be what you want
<genii> The constant naming scheme for adapters is enabled by default since around 14.04, but generally only works on Dell machines. It can be disabled with the biosdevname=0 option
<teward> genii: no wonder it works so well on my Dell systems xD
<genii> There ya go
<Tangurin> Hi! On my MAC iterm I have beautiful colors ZSH - oh my... I have got the same colors to work on ubuntu but I don't remember how I did, do you know how I can get the colors at my ubuntu server? I have zsh activated
<Tangurin> Hi! On my MAC iterm I have beautiful colors ZSH - oh my... I have got the same colors to work on ubuntu but I don't remember how I did, do you know how I can get the colors at my ubuntu server? I have zsh activated
<tasslehoff> Something odd has happened on my Ubuntu server. When I run OpenSSL I get this message: openssl: /usr/lib/plexmediaserver/libssl.so.1.0.0: no version information available (required by openssl)
<Kalimero> my has to restart @ a certain once a day. but sometings it doesnt come up again. in which log do i have to look in to find out whats going wwrong
<Kalimero> my *server
<Kalimero> something = sometimes
<teward|web> is it a known problem that freeradius complains on Trusty about openssl 1.0.1f being vulnerable to heartbleed, when we all know that the Ubuntu package for OpenSSL was patched?
<sarnold> Kalimero: why does it have to restart daily? that seems like something worth fixing.
<sarnold> Kalimero: why does it have to restart daily? that seems like something worth fixing.
<Kalimero> sarnold: there a few apps runing slowly eating up all ressoureces so its a reset if will so
<Kalimero> sarnold: but it doesnt matter how often it restarts, does it? even if a let it restart lets say once a week it would hang up just for a greater range of time between it
<sarnold> Kalimero: eww. could you just kill those individual programs instead?
<sarnold> Kalimero: indeed, you should expect it to come up without fail every time..
<Kalimero> sarnold: doesnt cause killing programs in dataloss?
<sarnold> Kalimero: most daemons will shut down gracefully when you send them a sighup or similar signal
<Kalimero> sarnold: i dont even know if  its stuck on the shutdown or the startup process. thats why i asked where i have to look and might get a hint what went wrong
<sarnold> Kalimero: that does make it harder to troubleshoot; do you have any console logs when it shuts down?
<Kalimero> i schould since ubuntu is logging almost everthing standardly
<Kalimero> or linux in gernal i should say
<sarnold> Kalimero: i've got to run.. check the logs for more, hopefully you can find something in there.. /var/log/syslog, /var/log/dmesg or /var/log/kern.log....
<sarnold> *nod*
<Kalimero> sarnold: device p1p1 left promiscuous mode   is what in almost every logs is showing and almost the last thing recorded before the manual hard reset
<Kalimero> sarnold: if it helps to figure it out i could pastbin the logs if u want
<Kalimero> or someone else want to take a look and help me figuring out why my server doesnt restart properly
<_dreamer> Hi, I have a fresh install of ubuntu server and need expertise on how to continue. I have a host provider and I have bought the domain example.com. What I want to do is for all traffic that goes to subdomain.example.com will land on my server
<_dreamer> How should I configure the dns on my server in that case?
<_dreamer> I have read countless guides but nowhere can I get an answer that I fully understand
<_dreamer> I have installed bind9 and dns utilities
<sarnold> _dreamer: I think you'll want to add ptr records for subdomain.example.com and reverse records for it to point to your IP
<sarnold> Kalimero: interesting that its NIC is going into and out of promiscuous mode -- do you expect that?
<_dreamer> why cant I get noip2 bash script to work?
<Kalimero> sarnold: i dont think so
<sarnold> Kalimero: very odd... I mean, there's many good utilities that require promiscuous mode to be useful but normally you'd know about it :)
<sarnold> _dreamer: what errors do you get when you run it?
<_dreamer> oh hold on
<_dreamer> think i found the problem
<Kalimero> sarnold: for what is it?
<sarnold> Kalimero: tcpdump, wireshark, network flow monitoring, etc
<Kalimero> sarnold: i also think it something with the ethernet port. is it possible that is happening because the the server pc has two different eth slots
<sarnold> Kalimero: no, it depends entirely on which applications you're using
<Kalimero> sarnold: its running a php and apache server, a media server , and a few separate programs
<dasjoe> A VM, too?
<Kalimero> no
<Kallis> Hi there, I was wondering if anyone might be able to help me please. I am trying to share a folder structure over the local domain, which I have successfully managed to do using centrify. I can see all domain users and groups now on my local nix machine. Would the best way to assign access to directories in a share be using ACL? For example if I have a fodler called DIR1 then subfolders of that DIR2, DIR3, DIR4 but I
<Kallis> only wanted USER1 to see DIR2 when they entered into the ac folder, would i just remove read,write,execute with ACL ?
#ubuntu-server 2015-09-11
<zosky> hey yall. i have an mdadm array and im trying to grow it paste the 16tb limit. everything im finding on google is ~4 yrs old... is there really (still) no way to convert my ext4 fs from 32bit to 64bit ? do i have any other options ? really trying to avoid figuring out where to put ~11tb, so i can reformat and put it back
<lordievader> Good morning
<adun153> Hi, I installed cobbler from the repos, "cobbler get-loaders" returns an error since the cobbler site has moved from cobblerd.org to cobbler.github.io, do you know how a workaround for this?
<guillaume_s> hello
<guillaume_s> I have a question for someone who knows a bit IBM Power5 machines please
<Sling> have a script that touches a file in /usr/tmp which for some reason is created as -rw-r----- while the umask of the user running the script is 0002
<Sling> no umask setting present in the script, or in any ~/.* files of the user
<Sling> if i manually run the touch command, the right permissions are set. what could cause the different permissions when the bash script runs (oh, and it runs by cron, if relevant)
<lordievader> Perhaps cron has a different umask setting?
<Sling> I would assume that the crontab of a user runs as that user?
<Sling> or my understanding of cron is wrong
<lordievader> True but that doesn't mean that it uses the settings/environment of that user.
<Sling> hmyeah, let's see what happens if i explicitly set the umask in the script
<teward> anyone here familiar with freeradius?
<quantic> teward: I've configured a few instances of it.
#ubuntu-server 2015-09-12
<allesnik> Having trouble fetching an older version of libfreetype6-dev. http://archive.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.5.2-1ubuntu2.4_amd64.deb is 404ing. Any thoughts?
<allesnik> Looks like 2.5 was released yesterday. Is it expected that I cannot download 2.4 now?
<tarpman> allesnik: yes; but if you really need the older one, you can get it from launchpad
<tarpman> allesnik: why do you want the version without the security fixes?
<patdk-lap> new isn't better!
<tarpman> patdk-lap: not always; but "with security fixes" is usually (not always!) better than "without security fixes", imo :)
<patdk-lap> heh, I can't comment, tmi
<allesnik> tarpman: I don't necessary want the older version but I cannot seem to get the latest version (2.5.2-1ubuntu2.5) either
<freezevee> Can someone please help me with an issue described here ? http://serverfault.com/questions/721890/how-to-setup-vagrant-with-nginx-passenger-mysql-rvm
<sb_9> does any one heard node-rendezvous?
<lordievader> Good morning
<Tangurin> Hi! On my website on the ubuntu server I got a problem. When I upload a image via SFTP, my php application can't read or use the image. And I changed the permission so it worked but now I can't overwrite the images in the uploads folder because I don't get correct permission via SFTP. What can I do to set the correct permission for both the server and the SFTP user
<lordievader> Tangurin: Set up a shared group I'd say.
<Tangurin> lordievader: ok thanks I have to read about what that is!
<Walex> Tangurin: more generally using a UNIX-like system it is a bit optimistic to expect for file ownership and permissions to "just work" without studying them in careful detail.
<Tangurin> Walex: I am optimistic! but... it have not helped me this far haha
<freezevee> Can someone please help me with an issue described here ? http://serverfault.com/questions/721890/how-to-setup-vagrant-with-nginx-passenger-mysql-rvm
<edgy> tanuki: hi
<Norbin> by default, is there a size limit to log files such as /var/log/auth.log ?
<edgy> somedays ago I repoted that my ubuntu working as a guest using virt-manager stops working frequently. Actually, it's the network that got down every now and then. I can log via console and ifconfig shows it's UP but cannot ping or access the network from in -> out or vice versa
<edgy> Norbin: AFAIK, no, you can check the limits on the logrotate.d scripts
<edgy> Norbin: /etc/logrotate.d/rsyslog doesn't show any limits in my system
<Norbin> thanks
<Egyptian[Home]> morning - i have a maas issue; my deployments are failing to a) resolve hostnames unless poked at a few times b) proxy fails to respond after that .. thing is it used to work 5 days ago and no changes have been made as far as i can tell
<Egyptian[Home]> and c) proxy settings are not being pushed to the maas/juju clients
<Egyptian[Home]> any maas guys around ?
<quantic> smelsdfsdfsdfsdfsdf
<quantic> doh
<quantic> holy ssh lag batman
<Guest4723> Hi! How do I disable bind9 to cache and respond with ipv6 addresses?
<Guest4723> As there is no Ipv6 address deployed in my network it slowng down the surfing .
<Egyptian[Home]> Guest4723: https://ubuntu-tutorials.com/2009/03/21/configure-bind-9-for-ipv4-or-ipv6-only/
<ahi2> anyone use freedns? do i need to add dns update script to apache?
<teward> ahi2: for dynamic dns?
<teward> oops nevermind
 * teward is late by 4 hours :/
 * teward hates slow bouncer data
#ubuntu-server 2015-09-13
<lordievader> Good morning
<jak2000> hi all
<quantic> sup
<jak2000> i have a clean installation of ubuntu server 14.04, how to do, create 1 user:JAK and do FULL root Privileges? (visudo and copy root ? 2) how to add user and add privileges but, i want, this user cant see the JAK home directory and root directory?
<quantic> jak2000: that's something easily found via google.
<jak2000> i try
<quantic> Try harder.
<jak2000> and found: type visudo then look the line: root    ALL=(ALL:ALL) ALL  and copy and modify...
<jak2000> but i think i gave all privileges ot user?
<quantic> jak2000: don't just copy things without understanding what they do.
<quantic> jak2000: do a little more research, you'll thank yourself in the long run
<jak2000> quentic, ok, google: "ubuntu adduser with limitations" ?
<quantic> jak2000: what, exactly, do you want to do? in clear terms, please.
<jak2000> i want add an admin user, but with not ALL root privileges, can update, can create directories, change permissions only the home directory of the user, change permisions to /var/www directory and ONLY
<quantic> jak2000: try reading the "sudoers" man page.
<jak2000> ok, thanks
<Kalimero> my server still fails to restart by cronjob. can someone tell me where in the logs i have to look and maybe help me to fix it?
<ikonia> you should see cron logs in the syslog, or you should write error trapping in to the script
<Kalimero> i looked in it. thats the last thing before i hard restart it.Sep 13 06:03:24 mom kernel: init: tty4 main process (980) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: tty5 main process (983) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: tty2 main process (990) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: tty3 main process (991) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: tty6 main process (994) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: cron main process (1076) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: irqbalance main process (1095) killed by TERM signal
<Kalimero> Sep 13 06:03:24 mom kernel: init: tty1 main process (1936) killed by TERM signal
<Kalimero> Sep 13 06:03:29 mom kernel: device p1p1 left promiscuous mode
<Kalimero> Sep 13 06:02:12 mom logger: cluster stop
<Kalimero> sry for the flooding
<Kalimero> it seems the server is unable to shut it down completely but i dont know how to solve this problem
<sarnold> Kalimero: does shutdown -r  work alright?
<Kalimero> sarnold: shutdown -r works fine like it should
<sarnold> Kalimero: crazy. I wonder hyw it fails in your cron :(
<Kalimero> the first thing was the playmouth-shutdown which failed to stop correctly so i added a sleep 2 after its exec command. that solved the problem for a while but now its back
<sarnold> I don't think plymouth is there foranything important; you might try removing it entirely.
<Kalimero> sarnold: its removed hope it solves the problem and hopefully didnt screwed a needed function ^^
<sarnold> :)
<Kalimero> sarnold:  if not i am here tomorrow and ask you again ;)
<sarnold> hehe :D
<Tangurin> Hi! I can't upload files via PHP. The upload folder have 777 rights, and it works on my localhost + it worked before?
<sarnold> Tangurin: do you have any errors in your logs?
<Tangurin> sarnold: no there was no error
<Tangurin> I am 99% sure this is no code error. Should I check what permission the file has which is executing the upload?
<sarnold> is it being executed from apache or nginx or php-fpm or something similar?
<sarnold> or are you running it as a stand-alone executable?
<Tangurin> I am using Laravel (PHP framework), so it is Apache PHP via the web browser
<Tangurin> sarnold: the controller file has this permission: -rwxrwxr-x
<sarnold> Tangurin: does it perhaps give you better error messages if you run the browser onthe same computer as the web server?
<sarnold> or perhaps you can run it in a development mode or something similar
<Tangurin> sarnold: The application is running in dev mode, and I just tried on the localhost without any problem which declares that the code works, right?
<sarnold> "worked once" isn't what I'd call "known to work", eheh
<sarnold> you'll have to put in some time to change variables until you find out what fixes it -- try it from mutliple hosts, try uploading multiple types or sizes of files, collect the error messages from browsers and servers and the application, figure out what works and what doesn't, and try to determine the variable upon which the whole thing pivots
<Tangurin> sarnold: Now I see that the image is uploaded but it is when the PHP is trying to create a thumbnail of the image
<Tangurin> sarnold: Okey,but now I got: WriteBlob Failed
<Tangurin> sarnold: Thank you for trying to help me, I appreciate your time! I found out that the upload worked but it was when PHP tried to create a thumbnail to another folder which did not have www-data as owner
<sarnold> Tangurin: aha! :)
<Tangurin> sarnold: Do you know how I can force the files to be www-data even if I upload via SFTP? Because when I use SFTP all my files gets wrong owner and all gets... broken haha
<sarnold> Tangurin: nothing easy; unix provides for ways to ensure e.g. a specific group is set on files created in a directory, but nothing for user.
<Tangurin> sarnold: Aha I understand. But how do I solve the problem with the files getting wrong permissions. Like this which happened now, the folder had wrong owner that's why I couldn't "upload" the file
<sarnold> Tangurin: mostly you just have to know which user ids are used by which programs, know which directories they need to use to do their job, and set the ownerships appropriately when you install and configure them.
<Tangurin> But if I am logged in via SFTP and create a folder, then I create a new "object" which has no configuration
<sarnold> allowing uploads via a web server is unfortunate, I really like to configure web servers so they only have write access to e.g. their logs and a database socket, if they need to use a database to get their work done. but that's not always possible.
<sarnold> it does have configuration, it is created with whatever owner and group you used to log in as ..
<sarnold> if it needs to be owned by someone else, you can ssh in and use chown to change the owner as approrpriate..
<Tangurin> sarnold: I understand why it is like this and that is a problem yes. But how do webhosting companies solve it? When user logs in and upload files, it still works.
<sarnold> Tangurin: there's a lot of range in webhosting companies... some more or less create entire new virtual machines for each user, and those users are given root to those machines, and are expected to manage it all themselves
#ubuntu-server 2016-09-12
<JanC> tikun: it's installed on both, I think, but boots from the ESP partition
<tikun> hmm
<tikun> kk, thx
<JanC> I assume the other one is in case you switch to legacy boot
<lucas_ai> I can't get my @reboot crontab job to run my program. There is no error message in syslog (it shows up as if the command was run but it's not running). Any ideas?
<Kamilion> lucas_ai: are you expecting PATH to be sane in a crontab, or expecting a specific PWD?
<lucas_ai> I'm doing this: @reboot /usr/local/bin/autorotate.py > /usr/local/bin/log.txt
<lucas_ai> I don't think I need the path to be sane. Do I?
<Kamilion> well, python certainly will be unhappy depending on what you try to import
<lucas_ai> but I don't see any error message either
<lucas_ai> How am I supposed to run a script whenever my ubuntu loads?
<Kamilion> make a systemd unit?
<lucas_ai> that means adding a lot of code. Why can't I just write my script command somewhere and that's it??
<lucas_ai> upstart was fine but systemd is stupid
<Kamilion> um
<Kamilion> ...
<Kamilion> I feel strongly opposite.
<Kamilion> I haaaaaaaaaaaaaaaaaaaaaaaate upstart with a passion.
<Kamilion> trying to write units in it and get them to behave properly and in order was nothing but trouble
<lucas_ai> making a unit requires lots of writing. upstart if I remember correctly is just almost a regular bash script
<Kamilion> no
<Kamilion> upstart's format is almost the same as systemd.
<lucas_ai> maybe I'm talking about an even older daemon system
<Kamilion> https://github.com/kamilion/kamikazi-core/tree/master/resources/xenial/mods/etc/systemd/system
<Kamilion> here are three service files.
<lucas_ai> I just want to add my script to be run on start. why is it so hard?
<Kamilion> it isn't anymore.
<lucas_ai> I don't wanna make a unit script for every bash/python script I ever want to run on startup. This is disappointing
<Kamilion> https://github.com/kamilion/kamikazi-core/blob/master/resources/xenial/mods/etc/systemd/system/disque.service
<Kamilion> look dude, it's ten lines.
<lucas_ai> the command in that script is only one line
<lucas_ai> I don't wanna memorize the whole unit syntax
<lucas_ai> where do I just write "/usr/local/autorun.py" and that leaves it running since it boots?
<Kamilion> [Unit]
<Kamilion> After=syslog.target
<Kamilion>  
<Kamilion> [Service]
<Kamilion> Type=oneshot
<Kamilion> ExecStart=/usr/local/bin/autorotate.py > /usr/local/bin/log.txt
<Kamilion> or drop the whole [Unit] section if you don't need it ordered at boot.
<Kamilion> generally a good idea to wait until at least syslog or network is running though
<lucas_ai> awesome. Do I need the Type line?
<Kamilion> yeah, unless you want it to default to 'restart'
<lucas_ai> what does that mean?
<Kamilion> systemd will try to restart it if it exits cleanly.
<Kamilion> if it throws an error more than 3 times, it'll be put in the 'failed' state and not restarted.
<Kamilion> oneshot just launches it once, like the old systemv init scripts did.
<lucas_ai> lol
<Kamilion> 'just run this, GTFOMW'
<Kamilion> which is pretty much what you're asking for.
<lunaphyte> that's all well and good, but cron @reboot should work, and there's nothing wrong with it.  it's perfectly fine
<Kamilion> oneshot is what you need for it to run and become a 'SUCCESS'
<Kamilion> eh, I've never gotten cron to work properly on @reboot jobs
<lucas_ai> should I put this unit in /etc/init.d/ ?
<Kamilion> the unit file?
<lucas_ai> yes
<Kamilion> /etc/systemd/system/mylogrotate.service
<Kamilion> systemctl daemon-reload
<Kamilion> systemctl start mylogrotate
<Kamilion> systemctl status mylogrotate
<Kamilion> check the log messages it prints
<lucas_ai> sudo service autorotate start Job for autorotate.service failed because the control process exited with error code. See "systemctl status autorotate.service" and "journalctl -xe" for details.
<lunaphyte> it's pretty easy to troubleshoot @reboot.  delete /run/crond.reboot, then restart cron and watch the logs
<lucas_ai> I need to run my script as root. How could I do that in my unit file, Kamilion
<Kamilion> you didn't ask for it to run as any other user, so it'll run as root.
<lucas_ai> then why am I getting an error in my script? Sep 11 17:47:41 lucas-Surface-Pro-3 autorotate.py[10820]: Can't open display
<Kamilion> that sounds like it's trying to access the xorg display somehow.
<lucas_ai> yes. When i run it manually, it works just fine
<Kamilion> if you're trying to start a GUI program on boot, you're better off using the xdg autostart then. http://askubuntu.com/questions/63407/where-are-startup-commands-stored
<lucas_ai> wtf. This is a command line script. But apparently it needs to get a screen
<Kamilion> eh, then cron would have never worked in the first place.
<Kamilion> After=graphical.target
<Kamilion> that will start the script after a display's available; but depends on further configuration such as lightdm autologin or something to actually have the desktop at a meaningful place to execute.
<lucas_ai> lol
<lucas_ai> I made a .desktop file in /etc/xdg/autostart
<lucas_ai> how can I test if it works?
<Kamilion> double click it?
<Kamilion> i assume you just right clicked to make the desktop file
<Kamilion> but I have no idea what kind of workflow you have or how much knowledge
<lucas_ai> no. on the terminal
<Kamilion> oh, I have no idea how to use .desktop files on the terminal
<lucas_ai> i'll try in nautilus then
<Kamilion> they're the equivolent to windows shortcut icons
<ducasse> i need to reinstall a 16.04 zfs file server, do i just export the pools on the old install and import on the new, or do i also copy zpool.cache over?
<sikun> I really need to learn zfs
<beardface> ducasse: exporting and importing should do it
<ducasse> beardface: ok, thank you :) i'm still learning zfs, and don't want to mess up my pools :)
<psjbeisler> anybody have experience with containers yet, specifically LXD not Docker
<psjbeisler> or KVM
<KlausedSource> does anyone know of a tool with that i can extract information (page dimensions, number of sheets/sides) from a pcl print file?
<jonah> hi can anyone help with a weird problem. I have 3 servers. A can ssh to B and C. B can ssh into A and C. But C can only ssh into B not A. I can't figure out why!?
<lordievader> jonah: Check the auth log.
<lordievader> That makes a good start.
<cpaelzer> also ssh can get much more verbose what is actually going on with -v -vv -vvv
<cpaelzer> in case you find nothing on the auth log and need to look at the clients side what might be wrong
<jamespage> Odd_Bloke, morning
<Odd_Bloke> jamespage: o/
<jamespage> Odd_Bloke, when will the next yakkety daily images be published?
<jamespage> I'm trying to get some yakkety/openstack testing back up and running - I'm working around the apt-mirror issue (by setting it)
<jamespage> but our current daily (from the 3rd) breaks on upgrade of grub
<Odd_Bloke> jamespage: We're having some issues testing on ppc64el which are breaking things, which I need to dig in to; I'll manually override the latest one though, as it's been a while since we had one.
<jamespage> | 4e84df6a-72fc-41f2-b839-41430dacd6e6 | ubuntu-daily/ubuntu-yakkety-daily-amd64-server-20160902-disk1.img             |
<jamespage> Odd_Bloke, pls
<Odd_Bloke> jamespage: That's in progress now, you should see it show up in the next few hours.
<jamespage> Odd_Bloke, \o/
<Odd_Bloke> And now I guess I should dig in to these ppc64el failures, as my "wait a week" strategy hasn't yielded the results I was hoping for. :p
<Ussat> o/
<cpaelzer> jamespage: fyi I'm providing an ppc64el dpdk enabled clone of openvswitch in a ppa
<cpaelzer> jamespage: along a ppc64el enabled dpdk of course
<cpaelzer> jamespage: once 17.04 opens up I might get to you to incooperate the changes - but that to some extend depends on the further work of IBMers related to that
<Ussat> cpaelzer, any IBM'er in particular I can prod, I used to work there
<neoark> http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
<Pici> neoark: #ubuntu-security would be a good place to share that
<mdeslaur> neoark: we'll be publishing updates for that soon
<mdeslaur> rbasak: we need to update mysql to 5.7.15 ^
<rbasak> ack
<jamespage> ddellav, if you want todo some xenial/newton testing with https://launchpad.net/~james-page/+archive/ubuntu/newton/+packages overlaid post deploy that would be helpful
<jamespage> cpaelzer, ok - I know the 6wind team did some work for IBM on power
<ddellav> jamespage i'd love to help. Do you mean deploying newton on xenial and using that ppa as a target in the next.yaml?
<jamespage> ddellav, no - you need to deploy either the xenial-newton or xenial-newton-branch targets from o-c-t
<jamespage> and then add and upgrade that ppa - I'd use juju run  for that
<jamespage> its basically a rev to the virt stack - want to de-risk it a bit
<jamespage> smb: hey do we need libvirt and libvirt-python to minor version match? we currently have 2.1.0 and 2.0.0 in archive
<smb> jamespage, I cannot say for 100% but Debian had the same minor version delta last time I looked
<jamespage> smb, hmm
<jamespage> we've had issues before with unpaired versions
<smb> jamespage, now its even 2.2/2.1 against 2.0
<jamespage> i.e. new features not being exposed
<mdeslaur> rbasak: fyi, for xenial 5.7.15, I'm going to use the new upstream tarball that contains the embedded boost
<rbasak> mdeslaur: I believe we're already doing that.
<rbasak> mdeslaur: (so that should be fine)
<mdeslaur> rbasak: oh! cool, I didn't notice that. thanks
<rbasak> mdeslaur: the watch file should still work. I hope :)
<mdeslaur> heh, I should have tried it :)
<hariom> I have opvn file from my old openvpn configuration. I want to setup vpn connection again. Where should I keep this file? I have compiled and installed open vpn 2.3.4
<EmilienM> jamespage, coreycb: hey oh
<EmilienM> I still see some failures when deploying neutron/linuxbridge https://review.openstack.org/#/c/368826/
<EmilienM> (scenario003 is using linuxbridge backend) - not sure you updated everything yet
<jamespage> EmilienM, all of b3 is there for core projects - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/newton_versions.html
<jamespage> including the bits for loading modules and stuff
<EmilienM> jamespage: mhh, ok
<jamespage> EmilienM, oddly enough I noted a few tempest failures pm today when doing some ovs testing
<jamespage> might be related
<jamespage> related to instances not being accessible
<EmilienM> with ovs we have 0 issue
<EmilienM> only with linuxbridge
<jamespage> EmilienM, that test (test_network_basic_ops.TestNetworkBasicOps) is the only one in the tempest test suite that actually verified floating-ip -> instance connectivity I think
<EmilienM> yep, that is the one that failed for us when using linuxbridge backend in neutron
<EmilienM> when using ovs, it pass fine
<jamespage> EmilienM, you can see that the instances does not get an IP address via dhpc
<jamespage>  Sending discover...
<jamespage> multiple times
<jamespage> ddellav, coreycb: https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1622715
<ubottu> Launchpad bug 1622715 in neutron (Ubuntu) "neutron-openvswitch-agent - error on startup" [Undecided,New]
<jamespage> I've tripped over that fairly reliably
<ddellav> jamespage I'm having an issue starting up denial-newton on serverstack due to neutron, i'm still debugging but it might be related to that bug as well
<ddellav> *xenial-newton
<jamespage> ddellav, symptomatically you can't access instances
<jamespage> ddellav, the status of the router port is DOWN
<jamespage> until the n-ovs-agent on the n-gateway unit is restarted
<ddellav> ok, i'll try that. So far I'm just seeing an error on config-changed during startup. I'm digging through logs but i don't see much. I'm redeploying now
<jamespage> EmilienM, are the puppet modules using the native ryu support for managing ovs, or the older ovs-vsctl driver?
<EmilienM> jamespage: we use the one in neutron upstream default
<jamespage> EmilienM, ok so ryu for newton
<EmilienM> yep
<jamespage> ddellav, doing a debug enabled run to see if I can figure out that n-ovs problem
<jamespage> ddellav, -o debug=True with deployer btw
<sarnold> cpaelzer: congratulations :)
<cpaelzer> thank you sarnold
<jamespage> ddellav, Ithink that neutron problem is caused by ryu
<jamespage> bumped to 4.5 which has some eventloop exception fixes
<Kevin> Is there a way I can autoconfigure my network without reinstalling the OS?
<jamespage> ddellav, coreycb: ok so after some testing
<jamespage> ovs 2.6 + libvirt 2.1.0 appears functional afaict
<jamespage> with newton xenial
<jamespage> libvirt 2.1.0 will require some charm updates for nova-compute for the libvirt-bin -> libvirtd daemon rename
<DzAirmaX> hi all
<DzAirmaX> can someone help me to set up kdump properly? I have installed it  and everything seems fine but during the last crash I couldn't find any logs in /var/crash
<compdoc> MySQL Hit By "Critical" Remote Code Execution 0-Day
<coreycb> jamespage, that's good
<DzAirmaX> hey
<DzAirmaX> someone has already experienced crash with no kdump log?
<RoyK> DzAirmaX: that happens, usually with something funny in the hardware. Start with a memory test
<keithzg> Any suggestions for fully-compatible PCIe SATA controllers? (Preferrably on the more affordable side, but any suggestions would be welcome.)
<keithzg> The one I've got in a new server seems . . . questionable, although it's hard to pin down quite what's going wrong.
<compdoc> I use LSI controllers, but with the bios changed to get rid of the raid features
<compdoc> not very expensive on ebay, and support sata and sas
<keithzg> compdoc: Thanks for the suggestion. By "with the bios changed" do you mean just flipping something in their firmware settings, or outright flashing modified firmware on them, or?
<DzAirmaX> RoyK: how long shoud I run memtest for being sure everything is OK?
#ubuntu-server 2016-09-13
<DzAirmaX> RoyK: is 24 hours enough?
<keithzg> DzAirmaX: Any time I've had bad memory, it's taken less than 24 hours to find out. But the main thing is the passes; once memtest has run all its tests more than once or twice you *probably* have the result (which, depending on the hardware in question, might take not much time at all)
<keithzg> At least with all the RAM issues I've ever had, it's been very reliable. That is to say, the moment even the first test gets to a bad sector the errors start piling up.
<RoyK> DzAirmaX: normally you just run it until it's done with all passes - older versions of memtest ran in a loop, I don't think the current ones do that anymore
<DzAirmaX> ok boyz
<DzAirmaX> its not the ram
<DzAirmaX> I have 2 passes
<DzAirmaX> done 2 passes like 2 cycles
<sarnold> it doesn't loop any more? aww
<RoyK> all the passes?
<RoyK> sarnold: last I checked, no
<sarnold> if you're in a hurry try manually selecting one of the 'random' passes, like #7 or something, I think that one has found most of my memory faults
<DzAirmaX> Royk: you boot on it and run the test, then it loops
<RoyK> DzAirmaX: it goes through something like 7 or 8 tests phases, but at least last I ran it, it didn't start over after the last test
<RoyK> you should at least let it run through the first four stages
<DzAirmaX> hmm
<DzAirmaX> I did
<DzAirmaX> its last  hours right?
<DzAirmaX> 6 hours
<RoyK> makes sense
<RoyK> well, probably not memory, then ;)
<RoyK> is this intel?
<RoyK> or amd
<DzAirmaX> yep
<DzAirmaX> intel
<RoyK> do you have mcelog installed?
<DzAirmaX> no I have rsyslog and kdump
<DzAirmaX> nothing shows
<RoyK> install mcelog
<RoyK> machine check exception log
<RoyK> indicating hardware failure
<DzAirmaX> RoyK: Family 6 Model 5e CPU: only decoding architectural errors
<DzAirmaX> Royk: we good?
<RoyK> it'll log and email you errors if they are discovered
<RoyK> (that is, email you if you have configured the mta correctly)
<RoyK> DzAirmaX: postfix or exim or sendmail or qmail or whatever obscurure thing you're using
<DzAirmaX> yeah
<DzAirmaX> all configured and working
 * RoyK prefers postfix
<DzAirmaX> I just checked the nano /etc/mcelog/mcelog.conf
<DzAirmaX> and its looking good ,)
<RoyK> ok, then it's just wait and see
<RoyK> sometimes it's hard to provoke an error
<RoyK> the old way, which I beleive should work well still, is to recompile a kernel, using all cores
<RoyK> it should stress pretty much everything on the system
<DzAirmaX> the system crash after 24 hours, I just have to be patient
<RoyK> try to compile a kernel
<sarnold> kernel compiles go too quickly these days
<RoyK> it'll take some time and if you use make -j <numberofcores>, it'll stress pretty much everything
<RoyK> sarnold: guess that depends on how many modules you're adding
<RoyK> sarnold: it's still a nice way to stress the system, at least for a wee wile
<RoyK> sarnold: it's still a nice way to stress the system, at least for a wee while
<DzAirmaX> RoyK: what is the command for achieving what you are asking for?
<sarnold> wget https://cdn.kernel.org/pub/linux/kernel/v4.x/testing/linux-4.8-rc6.tar.xz ; wget https://cdn.kernel.org/pub/linux/kernel/v4.x/testing/linux-4.8-rc6.tar.sign ; gpg linux-4.8-rc6.tar.sign && tar xf linux-4.8-rc6.tar.xv
<sarnold> cd linux-4.8* ; make defconfig ; make -j 60
<RoyK> or .xz
<sarnold> something like that
<RoyK> sarnold: make oldconfig, perhaps
<RoyK> sarnold: cp /boot/config-something .config
<RoyK> make oldconfig
<sarnold> or make localmodconfig?
<sarnold> yah
<DzAirmaX> is it going to impact the actual kernel?
<sarnold> no
<sarnold> you're just compiling it :) don't go to any effort to install it, or the modules
<DzAirmaX> Please enter name of data file:
<DzAirmaX> after the gpg linux-4.8-rc6.tar.sign && tar xf linux-4.8-rc6.tar.xv
<RoyK> xz, not xv
<RoyK> sarnold is probably drunk
<sarnold> good idea
<patdk-lap> tar xaf
<RoyK> tar xf
<DzAirmaX> same request
<RoyK> DzAirmaX: use tab completion
<RoyK> tar xz linux-5<tab>
<RoyK> (that is *press the tab key*)
<RoyK> sarnold: asking a newbie to compile a kernel can sometimes be bothersome :P
<sarnold> RoyK: it doesn't help that I'm a very lazy person and didn't try it first
<DzAirmaX> well
<DzAirmaX> I am maybe a newbie
<DzAirmaX> but there is definitively wrong in the command line
<RoyK> well, forget about the gpg sign part
<RoyK> just unpack the tarball and cd into the dir and cp /boot/config-whatever .config and run make oldconfig
<RoyK> the then run make -j $(lscpu |awk '/^CPU.s.:/ { print $2 }')
<RoyK> the then run make -j $(lscpu |awk '/^CPU.s.:/ { print $2+1 }')
<RoyK> perhaps
<RoyK> just to stress it a bit extra
<sarnold> oh, that's the trouble. silly kernel devs didn't sign the .tar.xz, but the plain .tar.
<RoyK> ah
<RoyK> sarnold: shouldn't matter much, though
<sarnold> RoyK: btw man 1 nproc
<RoyK> ah - didn't know that one :)
<sarnold> RoyK: it depends on how much you like sending untrusted data through decompression programs
<RoyK> the then run make -j $(( $( nproc ) + 1 ))
<RoyK> sarnold: satisfied? ;)
<sarnold> lol
<sarnold> <3
<DzAirmaX> thanks boyz
<DzAirmaX> noob question again
<RoyK> There is no such thing as a dumb question, only stupid people ;)
<DzAirmaX> well
<sarnold> lol
<sarnold> RoyK: what are you doing up this early/late anyway? :)
<RoyK> couldn't sleep
<sarnold> :( sorry to hear it
<RoyK> I have a week off and gf is snoring like a small volcano
<sarnold> week off is nice though :)
<DzAirmaX> make -j $(( $( nproc ) + 1 )) => I ahve to confirm every line
<DzAirmaX> which is not intended I guess
<RoyK> DzAirmaX: make oldconfig first
<RoyK> DzAirmaX: that is
<RoyK> first
<RoyK> cp /boot/config-4.4.0-31-generic (or whatever it's called at your place) to .config
<sarnold> DzAirmaX: when you're running 'make oldconfig' just hold down enter for a while
<RoyK> as in cp /boot/config-4.4.0-31-generic .config
<RoyK> then run make oldconfig
<DzAirmaX> ok done
<DzAirmaX> thanks for the compliment by the way, always appreciate the smart comment
<RoyK> DzAirmaX: the part 'stupid people' goes to both sides, both to whoever asks and who answers ;)
<DzAirmaX> RoyK: no worries br0
<RoyK> just my little pun
<DzAirmaX> scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
<DzAirmaX> I guess this is not my night
<DzAirmaX> the server is going to crash anyways xD
<DzAirmaX> stress or not stress
<sarnold> heh
<sarnold> apt-get install libssl-dev
<sarnold> then try again :/ whackamole to find them all..
<RoyK> apt-get install build-essential # too
<sarnold> heh yes get that one out of the way quickly :)
<DzAirmaX> you were right
<DzAirmaX> it's a good stress
<DzAirmaX> we will see how long it can handle it
<sarnold> {standard input}: Fatal error: can't close drivers/net/ethernet/intel/i40e/.tmp_i40e_main.o: No space left on device
<sarnold> hah
<RoyK> hehe
<RoyK> tune2fs -m0, perhaps ;)
<sarnold> nah, more like "don't build in a tmpfs"
<sarnold> also
<RoyK> hehe
<sarnold> running mosh / tmux / ssh / screen / and -then- running yes ""   inside is a good way to piss off a pandaboard
<sarnold> 100% cpu use, I had to kill mosh-server
<RoyK> poor panda
<RoyK> endangered species - be nice
<DzAirmaX> well
<DzAirmaX> How long shoud I stress it?
<sarnold> good question
<sarnold> normally a few cycles of this will find memory faults, if you have them, and if it uses all your RAM in the process..
<DzAirmaX> ok
<DzAirmaX> thanks for your help boyz
<DzAirmaX> going to let it work for the night
<DzAirmaX> ++
<sarnold> good plan :) just don't forget to -look- at that terminal in the morning before using it :)
<sarnold> goodnight :)
<jeffrey3234> Im running Ubuntu server 14.04, I had about 100days uptime, the server reset itself for some reason, now when I try to run 'zpool status' Im getting Kernel modules are not loaded: http://codepad.org/yoLGvTJU
<jeffrey3234> uname -r returns: 3.13.0-91-generic
<jeffrey3234> if I try to start a vagrant box, I also get "WARNING: The vboxdrv kernel module is not loaded"
<jeffrey3234> If I try to start these modules with modprobe I get: modprobe: FATAL: Module zfs not found.
<jeffrey3234> Could this kernel be the problem? Should I try somethign like "sudo apt-get purge linux-image-3.13.0-91-generic"
<lordievader> Good morning
<baptistemm> jeffrey3234: You have booted on a new kernel and certainly you don't have the zfs module and vboxdrv not compiled for this kernel version
<jeffrey3234> baptistemm What do you suggest?
<jeffrey3234> just reinstall these 2 modules?
<hxm> hi, is it possible to create a samba shared folder without editing smb.conf?
<hxm> ah, net usershare
<jamespage> ddellav, coreycb: the ryu update fixed the neutron-gateway n-ovs-agent hang for me
<jamespage> I've pushed that into newton-proposed in the uCA
<ddellav> jamespage i figured out my issue was dependency based: neutron-lbaas-agent : Depends: neutron-lbaas-common (= 2:9.0.0~b2-0ubuntu1~cloud0) but it is not going to be installed
<jamespage> ddellav, erm
<jamespage> ddellav, yeah - you need to update your neutron-gateway charm from the master branch
<jamespage> ddellav, we have a slight issue that orphaned binary packages are not removed from the uCA
<jamespage> so you can still try to install neutron-lbaas-agent
<jamespage> in the UCA
<jamespage> but it won't due to mismatching -common
<ddellav> I'm using the o-c-t latest next.yaml, so i need to pull neutron-gateway manually then
<jamespage> ddellav, no
<jamespage> but you must run juju-deployer with the right cli args
<jamespage> I'm not sure that by default it will automatically pull new charm versions from git repos
<ddellav> well my normal process is to delete the downloaded local charms before i run the command, then i do juju-deployer --bootstrap -c next.yaml -d xenial-newton
<ddellav> i'll double check and make sure i deleted the right folder
<jamespage> ddellav, yeah I do the same
<ddellav> jamespage ok i re-deleted the xenial directory and ran it again, got farther this time but now It's failing here: http://paste.ubuntu.com/23172840/
<jamespage> ddellav, bzr pull on o-c-t
<ddellav> k
<jamespage> ddellav, coreycb: I'm happy with ovs+dpdk - those tested ok for me, so I'll backport those to newton-staging for more exposure
<jamespage> libvirt/qemu looks OK, but undecided as to whether we really need them
<jamespage> they are always the pain point for security issues
<cpaelzer> jamespage: did you test the 16.07+2.6 combo updating your charm?
<jamespage> cpaelzer, not with dpdk, but vanilla is just fine
<jamespage> cpaelzer, I still don't have any real hardware to test on
<FManTropyx> as what user does Apache2 run?
<cpaelzer> jamespage: ok, I postpone running it ovs-dpdk on yakkety on a daily base for the last 8 workday or so :-/
<cpaelzer> jamespage: I hope I can feed back what on the config changed to you so you can adopt in your charm
<cpaelzer> whenever I get to it
<jamespage> sure - we can do that at any point
<jamespage> cpaelzer, tbh I suspect we don't have fast amounts of users of that feature yet anywya
<bipul> What is segments in lvdisplay
<cpaelzer> bipul: a segment is a contiguous allocation of space on a pv
<bipul> cpaelzer, So if i get segment = 2 that shows what?
<bipul> PV physical volume is nothing but collection of P.E which is equal to 4 MB default. P.E= Size of partition in MB/4
<bipul> 1 Physical extent = 4M, And Total P.E = Size of single Partition in MB/ 4*
<jamespage> cpaelzer, congrats btw
 * jamespage looks forward to no longer uploading cpaelzer work :-)
<cpaelzer> hehe, thanks - still I might ask for a review every now and then - so you might never get totally away :-)
<jamespage> cpaelzer, do we have s390x porters yet btw?
<jamespage> I wanted to try out the ovs test suite on powerpc and s390x (be's) to see if things have improved
<jamespage> testing powerpc now
<jamespage> coreycb, did the announce of b3 go out?
<jamespage> coreycb, ftr apparently I used to post to my blog as well which is syndicated to planet.openstack.org
<jamespage> you might want to setup something similar, or ask me todo that!
<jamespage> coreycb, posted on javacruft to get the syndication
<joelio> keen to know if I can help in anyway to get https://github.com/mitchellh/vagrant/issues/7155 working.. I'm unsure as to why there's so much broken practice there
<cpaelzer> jamespage: there were no s390x porterboxes that I'd new of - but there might still be some
<cpaelzer> jamespage: if I can test something for you or lend you my machine let me know
<jamespage> cpaelzer, just drop the s390x exclusion from d/rules, and try build the package!
<cpaelzer> hehe, openvswitch as in yakkety?
<jamespage> cpaelzer, yes
<jamespage> ddellav, coreycb: uploaded snapshot of ceilometer with fixes for autopkgtest failures...
<jamespage> I debated doing it on the released b3 version, but as we're coming up to rc I did not see that it would hurt.
<cpaelzer> it seems I'm locked out of the vlan :-/ going to is ...
<cpaelzer> ah no, I just tried to log on from the wrong system for 3 minutes :-/
<cpaelzer> jamespage: currently building, do I understand it right that you are interested int he test results that will now be executed?
<jamespage> cpaelzer, yeah
<jamespage> I had four failures on powerpc
<cpaelzer> ok, I'll check the console later and let you know then
<cpaelzer> it just started tests, but those usually take a while
<cpaelzer> 1108 still no error ...
<cpaelzer> which ones failed on powerpc ?
<cpaelzer> 2223 just failed when I checked the console, still ongoing
<cpaelzer> jamespage: 1159, 1165, 2223, 2237 failing - maybe the same four you had http://paste.ubuntu.com/23173348/
<jamespage> cpaelzer, yes identical list
<jamespage> cpaelzer, I renabled all tests last night - today getting some races and failures
 * jamespage sighs
<cpaelzer> :-/
<cpaelzer> jamespage: on x86 you mean the transient ones we already had before?
<cpaelzer> or races and failures on powerpc
<jamespage> cpaelzer, yeah - I have a clean run on i386 armhf amd64 and arm64, so uploaded with just a single tests disabled on ppc64el
<jamespage> todays backport for the UCA has the old failures again
<cpaelzer> and now they showed up again :-/
 * cpaelzer joins the sigh'ing
<jamespage> I can only think that they really are racey, and when there is more load on the builders, we see these problems
<cpaelzer> yes, but that "just" means you have to continue masking them
<cpaelzer> I'm rather happy with just 4 errors on the be architectures
<FManTropyx> I somehow like Ubuntu as server OS more than my CentOS
<cpaelzer> FManTropyx: you are in the right chan to find a lot of ack's :-)
<FManTropyx> hahah, I thought that comment would probably be less successful on #centos
<FManTropyx> I just need to learn more, to better manage the system
<cpaelzer> FManTropyx: like managing many systems as one as an admin including deployment and such, or just managing a linux system in general?
<FManTropyx> just my tiny little VPS
<elKosyniero> hey guys I'm trying to install seedbox on my server. Is there any script which can do it fast?
<cpaelzer> elKosyniero: https://www.reddit.com/r/seedboxes/comments/3ntadw/best_tutorial_for_manually_setting_up_a_seedbox/ ?
<elKosyniero> cpaelzer: thanks. I'm looking for multi-user tutorial but these ones are not ;>
<elKosyniero> ;<
<NOVAtechi> hello, all.  i'm having a problem with a remote host accepting ssh connections.  it seems like my computers ip got banned somehow and i can't figure out how to unban it
<NOVAtechi> i thought i whitelisted it but all connections from this one computer are refused
<joelio> NOVAtechi: check in iptables, are you using fail2ban or denyhosts?
<joelio> #sudo iptables -L -v -n
<joelio> if not then in hosts.deny or something. Are you getting anything back (actual rejected connection) or is it a steath drop?
<joelio> etc. etc. :)
<NOVAtechi> using fail2ban,  i'll double check iptables.  when trying to connect it says 'network error: remote host refuses connection'
<NOVAtechi> the only thing i can think of is there is a key conflict
<NOVAtechi> what if i used a proxy to reroute the traffic so the remote host thinks i'm coming from somewhere else?
<NOVAtechi> it's a dirty workaround but i think that will work for now
<NOVAtechi> proxy didn't work, this host is downstairs so i'll be a minute
<jak2000> not know why, always always need type: sudo ifdown eth0 && sudo ifup eth0 for start work with network card? any advice? thanks
<NOVAtechi> so apparently my fail2ban configs got all crazy
<NOVAtechi> reloaded from last weeks backups and that fixed the problem
<NOVAtechi> any idea how that could've happened?
<NOVAtechi> my fail2ban and ssh configs were both read/write to everyone
<NOVAtechi> when to check them and the whole thing was blown away, completely empty.
<elKosyniero> when I'm sending files from server to server then one file is sent with speed 20mb/s and next 500kb/s
<elKosyniero> how can I check what it is so slow??
<elKosyniero> CPU usage is low, memory as well
<smoser> anyone know anything about xenstore ?
<smoser> on a vm rackspace guest, i expected i'd be able to see some things in xenstore
<smoser> # xenstore-ls
<smoser> local:
<smoser> xenstore-ls: xs_directory (/local): Permission denied
<craptalk> what can i possibly do with ubuntu server that i am using in my own home LAN?
<nacc> craptalk: not sure I understand the question? or maybe it's too broad? you can do whatever you want with your ubuntu server
<craptalk> nacc, is it hard to use it? lets say for file server or something ?
<craptalk> nacc, what do you want to suggest for such local network usage?
<nacc> craptalk: it totally depends on your needs
<craptalk> nacc, since i am asking you, what do you think it is cool to do with it?
<nacc> if you don't have needs for a server, don't run a server? :)
<craptalk> i need learn how to manage it
<nacc> craptalk: why?
<craptalk> nacc, i am asked to handle server with ubuntu in it
<nacc> craptalk: by who? what will that server be doing?
<craptalk> nacc, lol, it is not important man, i just need your suggestion
<craptalk> nacc, i want to do it within the local network and play with what ubuntu server can do
<craptalk> file server, managing user control to access the files, maybe some network additional usage
<nacc> craptalk: ok, do those things?
<craptalk> nacc,
<craptalk> nacc, yes
<coreycb> jamespage, yes b3 announce went out last week. I'll be sure to blog it in the future as well.
<nacc> craptalk: to be clear, i meant those are all things you can do with ubuntu server, so do them.
<bipul> I would be very thankful if someone help me to understand the back end process of how temporary vg is creating and data is being migrated from /dev/sda1 PV to /dev/sda3 PV http://paste.ubuntu.net/23174271/
<rbasak> jgrimm: would you like to take bug 1611923?
<ubottu> bug 1611923 in python-django (Ubuntu) "http.request does not support ipv6-formatted ipv4 addresses" [Medium,Triaged] https://launchpad.net/bugs/1611923
<jgrimm> rbasak, ack
<nacc> rbasak: would you have time for a quick HO today?
<rbasak> nacc: briefly, give me ten minutes?
<nacc> rbasak: sure, that's fine with me
<rbasak> Sorry I know I didn't get back to you yesterday
<nacc> rbasak: totally fine!
<nacc> rbasak: we can also talk tmrw AM my time, if that'd work better for you
<rbasak> powersj: how about bug 1448500 and bug 1583503? For the latter, determining a Won't Fix may be fine if nobody is actually affected any more (due to the workaround in neutron).
<ubottu> bug 1448500 in tftp-hpa (Ubuntu) "tftp-hpa doesn't accept IPv4 connections by default" [High,Triaged] https://launchpad.net/bugs/1448500
<ubottu> bug 1583503 in keepalived (Ubuntu Xenial) "keepalived fails to start when PID file is empty" [Medium,Triaged] https://launchpad.net/bugs/1583503
<powersj> rbasak, ok! I'll add to sheet
<rbasak> Thank you!
<rbasak> nacc: rebooting now. I'll send you an invite in 2-3 minutes probably.
<nacc> rbasak: thanks
<cyphermox> jgrimm: hi! I have this MIR bug which seems to be about packages that would be maintained by your team, I think
<cyphermox> https://bugs.launchpad.net/ubuntu/+source/python-requests-kerberos/+bug/1620293
<ubottu> Launchpad bug 1620293 in python-requests-kerberos (Ubuntu) "[MIR] python-requests-kerberos and pykerberos (deps of python-keystoneauth1)" [Undecided,Incomplete]
<cyphermox> for the MIR bug I would need to know if keystoneauth1 must require kerberos and checking that there is sign-off on committing to maintain these packages
<jgrimm> cyphermox, looking
<jgrimm> cyphermox, tho i'm guessing openstack team unless its generally being used by other packages
<jgrimm> cyphermox, yeah, we've split out openstack only dependencies to "Ubuntu OpenStack" team.   Those 2 packages mentioned in the MIR would seem to apply.
<frickler> could someone take a look at https://bugs.launchpad.net/nova/+bug/1621257 ? this seems to affect mitaka as well as master, so it might well be caused by some package below nova
<ubottu> Launchpad bug 1621257 in OpenStack Compute (nova) "VNC console keeps reporting "setkeycodes 00" exception" [Undecided,Invalid]
<cyphermox> jgrimm: alright, thanks
<SupaYoshi> Hi guys, I'm currently busy following this tutorial on how to setup a secure LEMP server with specific users / groups for each individual website.
<SupaYoshi> https://www.digitalocean.com/community/tutorials/how-to-host-multiple-websites-securely-with-nginx-and-php-fpm-on-ubuntu-14-04
<SupaYoshi> However, I'm stuck since the tutorial was written for PHP5 FPM, I'm using PHP 7.
<nacc> SupaYoshi: are you on 14.04?
<SupaYoshi> Now in the instructions it tells, me to put this into my php 7 conf.
<SupaYoshi> listen = /var/run/php5-fpm-site1.sock
<SupaYoshi> Yes I am.
<nacc> SupaYoshi: so you're using a PPA? php7 isn't supported officially in 14.04
<SupaYoshi> Yeah I am using the PPA.
<SupaYoshi> I believe.
<nacc> SupaYoshi: as much help as I'm willing to give, you'd probably follow the guide at: https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-in-ubuntu-16-04
<nacc> SupaYoshi: which is updated for php7
<SupaYoshi> Ah I see.
<nacc> SupaYoshi: but regardless, not supported here, really :)
<SupaYoshi> yeah, when I installed 14.04 that was the latest LTS.
<SupaYoshi> :P Okay.
<SupaYoshi> Well. Thanks for the guide.
<SupaYoshi> Do you suggest me upgrading the system to 16.04?
<nacc> regardless of LTS, using a PPA takes you out of support in this case (php7.0 not present at all in official 14.04)
<SupaYoshi> I;ve never really done a release-upgrade before on a server. I've a homeserver with 12.04.
<nacc> SupaYoshi: that's totally up to you, i'd say
<SupaYoshi> I'm asking what you would do, and why yes or no.
<SupaYoshi> Trying to learn a bit from experienced people ;)
<nacc> I don't administer any servers, so I'm probably not the right person to ask :)
<SupaYoshi> hehe. Okay! No bother.
<SupaYoshi> Well.. the tuturoail you gave me isn't for securing users in their own jail. / website.
<SupaYoshi> So I'm going to go to #php and try there ;)
<SupaYoshi> Thanks though!
<nacc> SupaYoshi: i meant just compare the sections about php
<nacc> SupaYoshi: it will require *some* thought on your part :)
<SupaYoshi> Thanks ;)
<jgrimm> xnox, what's happening with qemu 2.6.1?
#ubuntu-server 2016-09-14
<twb> http://isup.me/old-releases.ubuntu.com says "It's not just you! http://old-releases.ubuntu.com looks down from here."
<twb> Where should I look for info about this?
<twb> (I want to install python3.1 on a couple of not-quite-dead lucid servers.)
<andrewII> Looks like it's up at this moment?
<twb> andrewII: heh, I see that too now
<andrewII> Networks are fickle
<twb> It was down five minutes ago
<andrewII> I don't doubt it in the least :)
<andrewII> For MAAS, where are the installation logs for deployments?
<andrewII> I'm really hoping it's not /var/log/maas/rsyslog/././messages as that's just a giant pile of ureadahead lines
<twb> andrewII: could you just do a find / -xdev -mmin -10 or something, to find the newest/oldest files
<andrewII> twb: thanks - that's the next thing I'll try (I just rediscovered `sed /asdf/d | less` which is helping: apparently the node can't see the internet?)
<twb> yeah that or grep -v
<twb> The chief advantage of sed //d (over grep -v) is that it won't return an error exit status if no lines are removed
<andrewII> Son of a... one of these days I need to just read grep's man page all the way
<andrewII> Yeah, that would have been perfect
<jdeeburke> Hey all, I'm having some trouble getting outgoing mail set up on my Ubuntu server. I haven't actually looked into postfix settings yet, because i can't successfully `telnet gmail-smtp-in.l.google.com 25`. Would love some help on this, I'm thinking my firewall settings are off. Here's my iptables-save: http://codepad.org/gMJAp8tH
 * sarnold hugs jdeeburke
<sarnold> finally someone testing the basics first
<twb> jdeeburke: do you want to be a "leaf" MSA that just sends everything to gmail?
<twb> jdeeburke: or do you want to be a first-class MTA that does all the MTA things
<sarnold> jdeeburke: chances are good your ISP blocks outgoing traffic to port 25
<jdeeburke> @sarnold not likely, this is running on DO
<twb> In the first case, I strongly recommend using msmtp, and for gmail using 587/tcp ("submission"), with TLS and auth.
<sarnold> jdeeburke: "maybe" https://www.digitalocean.com/community/questions/port-25-smtp-external-access
<jdeeburke> @twp I'm not really sure of the differences, it just needs to be really basic. Sending mail via postfix from a webapp
<twb> jdeeburke: msmtp would be fine for that, except if you're sending it via gmail, the From will be set (by gmail) to your gmail account
<jdeeburke> It's for a temporary basis so it really doesn't need to be perfect, it will be gone in a month or so
<sarnold> jdeeburke: that may fit msmtp -- it's a blocking program, not a queueing program, so it may not be a perfect fit, but it's worth a quick look
<twb> Being an MTA is a lot of work to get right; being an MSA is much much simpler
<twb> There are other "nullmailers", msmtp is just my personal preference
<jdeeburke> sarnold: I'll open a ticket to check on that, I had no idea they sometimes blocked access. Had no other problems on my account though
<jdeeburke> twb: correct me if i'm wrong, but even switching from postfix (which I don't plan to do), wouldn't solve my problem since I can't even telnet on port 25
<twb> jdeeburke: MSA talks on 587, not 25
<twb> 25 is only for MTA-to-MTA traffic
<jdeeburke> Oh ok. This is an area I have no knowledge in, in case that wasn't abundantly clear already :P
<sarnold> try telnet smtp.gmail.com 587  and see :)
<jdeeburke> No luck on 587 either
<twb> In what way does it fail?
<jdeeburke> times out
<twb> SMTP conversations are initiated by the client side
<twb> So if you don't say anything, the server will hang up
<twb> (This is the same as HTTP and different from SSH.)
<sarnold> gmail prints a banner immediately
<sarnold> 220 smtp.gmail.com ESMTP i7sm1770483paf.9 - gsmtp
<twb> Oh- oops
<jdeeburke> yeah you should receive a 220 if you connect, I tested that on my local machine
<twb> You're right, I was confused
<twb> I was thinking of the 250 in response to the EHLO
<twb> Also, I finally remembered how to drive supybot:
<twb>  /msg knoba whatis #postfix nullclient
<jdeeburke> Do my iptables look off to y'all?
<jdeeburke> http://codepad.org/gMJAp8tH
<sarnold> sorry, I never figured out iptables :(
<twb> -s 127.0.0.1 should be -i lo
<twb> The --sport cases would be silly in a stateful firewall, but you're not using conntrack
<twb> I would also disable mysql TCP support entirely -- use AF_UNIX sockets for local connections
<twb> Otherwise it looks OK to me
<jdeeburke> Damn
<twb> #netfilter is the best place to ask about linux firewalls, here is one I prepared earlier: http://www.cyber.com.au/~twb/doc/iptab
<jdeeburke> Yeah, I asked my question in there too, but no response so far
<jdeeburke> Hmm
<jdeeburke> Just tried telnet'ing port 22 on another server of mine, and getting the same timeout
<twb> That sounds like your firewall, ya
<twb> Either debug it or just make it stateful, so that return packets are always allowed
<twb> oh
<twb> you're not allowing any ICMP at all
<twb> That means PMTUD won't work
<twb> And reject messages also won't arrive
<jdeeburke> twp: i'm googling so many things talking to you
<twb> https://en.wikipedia.org/wiki/PMTUD
<twb> The short version is that if you don't allow *some* ICMP through, your system won't work properly
<jdeeburke> So do i need something along the lines of: -A PRELUDE -p icmp -j ACCEPT
<twb> That's what I do, but it's broader than really necessary
<twb> It's common to rate-limit incoming ICMP echo requests (i.e. pings).
<jdeeburke> I just added icmp -j accept to test, but still can't telnet
<twb> OK so either tcpdump (on both ends), or add -j LOG rules (or -j-less rules & watch packet count), or disable firewall entirely for a bit
<jdeeburke> Alright. I'll go back into my cave until I get totally stuck again. Thanks so much for the help twb, it's much appreciated
<twb> You are very welcome
<sarnold> jdeeburke: one option, is to use a front end like ufw
<jdeeburke> (and sarnold too)
<twb> it is a refreshing change for someone to start by posting iptables-save instead of yukky iptables -L ;-)
<sarnold> you're welcome, hope you sort this out :)
<sarnold> twb: -and- testing the underlying connections first :) hehe
<jdeeburke> twb: ;) I may not know much, but I know enough to not be a complete idiot
<jdeeburke> sarnold: I actually was just about to look into using ufw instead. 90% of my day-to-day server management is obfuscated and I'm not sure the time investment right now is worth it to chase this rabbit
<sarnold> jdeeburke: yeah, I understand completely; sometimes it's worth knoiwing something -all- the way through, and sometimes a nice front-end is perfect :)
<sarnold> it's sometimes hard to know which is which, but ufw is nice enough and easy to replace later if you wish
<twb> ufw is beneficial if you need the firewall to be modular enough that end users, or packages, can extend it
<jdeeburke> Soooo
<jdeeburke> deleted all rules disabled firewall completely, still no telnet.
<jdeeburke> Gonna open a ticket w/ DO
<twb> At that point you need to check "ip r", "ip a", and obscure things like window scaling
<twb> And DNS resolution, obviously, if you're referring to hosts by name
<twb> Also have assumed 100% IPv4 so far, but if there's IPv6 involved you need to care about all that
<jdeeburke> So IPv6 does seem to be involved, at least in my testing
<jdeeburke> gmail-smtp-in.l.google.com resolves to the ipv6 address in testing
<jdeeburke> with no firewall rules, it times out. If I resolve the ipv4 address and telnet that, it works like a gem
<jdeeburke> if I restore my rules and telnet the ipv4, it times out
<twb> Why are you using that gmail-... instead of smtp.gmail.com ?
<jdeeburke> i'm not sure. just something i found online that someone else used to test.
<jdeeburke> Same result though
<twb> http://askubuntu.com/questions/32298/prefer-a-ipv4-dns-lookups-before-aaaaipv6-lookups
<twb> (Not sure if that's a good idea, but it'll address the immediate symptom)
<jdeeburke> twb: Alright I think i've got it sorted, let me know what you think about this:
<jdeeburke> disabled firewall, I'm able to telnet to ipv4. postfix sends successfully
<jdeeburke> re-enabled my rules and it's broken again
<jdeeburke> added a rule for 587, no working still
<jdeeburke> removed all my 25 and 587 rules and replaced with this:
<jdeeburke> iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
<twb> Don't use -m state
<twb> -m conntrack --ctstate ESTABLISHED
<twb> (and RELATED if you use things like FTP or SIP)
<sarnold> *shudder* ftp
<twb> And yeah - don't use FTP :-)
<jdeeburke> Oh not to worry, no FTP on this or any other servers I run...
<twb> 14:54 <twb> [...] here is one I prepared earlier: http://www.cyber.com.au/~twb/doc/iptab
<twb> http://sprunge.us/LfQG?ini is an even simplierified one
 * jdeeburke hugs twb
<jdeeburke> Alright I think I'm all set
<sarnold> ha :) nice
<jdeeburke> just successfully sent mail with all firewall rules enabled
<jdeeburke> thanks to everyone involved; 10/10 would do again ;)
<jdeeburke> 10,000 schrute bucks to all
<sarnold> \o/
<jdeeburke> NOW to do the other thing I started doing 2 hours ago
<lordievader> Good morning
<danpawlik> Hello guys,  can you please tell me if there will be packages for Openstack Newton for Ubuntu Trusty release available in cloud archive?
<winterfell> hello, folks
<winterfell> I've been trying to get trust's cloud image to run with kvm
<winterfell> but none of the tutorials I found have worked for me
<winterfell> does anyone have pointers for this?
<winterfell> Ubuntu's wiki has a tutorial which uses a local cloud-init file. Tried that one, can't log in
<gargsms> I wanted to set some environment variables permanently for them to be consumed by a process. So I added the variables to /etc/profile, and added exit 0 at the end. Now I cannot SSH into the server. The connection closes as soon as it is established
<winterfell> try sftp-ing into your server. does that log out immediately too?
<winterfell> alternatively, assuming you're on a linux machine, you can use scp
<winterfell> probably not
<gargsms> I can use scp but I need to make changes to the server, which requires SSH
<gargsms> Can I replace /etc/profile.d/<script-name> using scp?
<gargsms> winterfell, ^
<winterfell> no, I thought you might be able to copy over /etc/profile, but you would not be able to write it back, so that won't work
<winterfell> depends on the permissions
<winterfell> did you create the script as su or as a regular user?
<xnox> jgrimm, it's still in a silo, and still in progress. it comes with regressions and needs a fixup (revert)
<gargsms> It is root owned. So I guess that is not going to work
<gargsms> Could it be something else altogether? I am guessing it is the exit 0 statement at the end
<winterfell> it is most likely that. As a new shell is being created, it is exited as soon as the scripts in /etc/profile.d are being applied
<winterfell> gargsms, ^
<gargsms> Yes, most likely. I can sftp. Let me try changing the file with SFTP
<gargsms> Not allowed to write there. Permission error. :(
<deltatree> hi, i'm setting up an openstack environmant on a local server - conjure-up openstack ... how can I skip the pre deployment tasks to repeat the final steps?
<Teme_> Hi
<Teme_> is there anybody around? I could use some help with conjure-up
<deltatree> Hi Teme :-) I need also help - already questioned but until now no answer - maybe we have to wait :-)
<deltatree> maybe I can help you?
<deltatree> hi, i'm setting up an openstack environmant on a local server - conjure-up openstack ... how can I skip the pre deployment tasks to repeat the final steps?
<Teme_> deltatree: If you could it would be great! I've been trying to conjure-up a nova-lxd environment, but finalizing the installation goes to error everytiime
<deltatree> in which state are your containers?
<Teme_> specifically step 3 keypair. It's giving me an error, "Could not read output from step "
<deltatree> juju status
<Teme_> all of the containers are up and running, I can access the openstack-dashboard with browser and juju-gui is responding as well
<deltatree> could you send me the output of "juju status"
<Teme_> sure
<winterfell> gargsms, do you have root credentials for this server?
<deltatree> someone here who can help me with conjure-up
<Teme_> deltatree: sorry, my collegue just walked in, heres my juju status http://paste.ubuntu.com/23177476/
<Teme_> deltatree: actually now that i'm thinking this, I think I have pretty much the same question as you do. How to selectively execute the final steps
<Teme_> is everybody at lunch still? Or is it normal that its this quiet?
<deltatree> @teme: they are sleeping ... :-)
<Teme_> :)
<deltatree> @teme: https://gist.github.com/anonymous/9eabdf74bf72fa26287aaed18e281140
<deltatree> with that you can reset juju and restart conjure-up with a clean env
<Teme_> deltatree: ok, thnx. I'll try again.
<Teme_> deltatree: so you think that my problem is more of a missed configuration issue? Or is this just fyi?
<Teme_> deltatree: I've been doing the same thing with just "juju models" - "juju controllers" - "juju remove-model XX" - "juju kill-controller xx". Havent actually never just removed that cache or config
<bipul> How to know offet value, starting value end value of P.E, And which particular P.E is being used in LVM anyone?
<Teme_> is there a way to manually launch openstack nova-lxd neutron networking creation scripts?
<cpaelzer> jamespage: I can't make the time on todays call in about 2 hours from now - I don't hae anything on dpdk to add, is there anything you want to know from me inadvance or is all fine?
<joelio> so, the latext Xenial images for vagrant have broken resolvconf too
<joelio> seriously, is there anything I can do to help here
<joelio> seems perpetually in one state of broken or abother and I can't see why it's being released if so
<joelio> a few BATS tests would show the level of brokenness before shipping
<joelio> i.e can't get dns servers from vagrant as /etc/resolv.conf is a file, not a symlink to resolvconf
<joelio> so resolvconf -u does nothing
<joelio> and therefore empty resolver list and no resoultion == broken provisioning
<joelio> having to add loads of extra cruft to just work around broken images and it just feels wrong
<joelio> could make my own in packer and be done with it, but conisdering there's been 22 millions downloads of trusty.. you'd think having them working for xenial would be something worthwhile
<joelio> (and not using chef's bento or puppetlabs bo etc etc etc)
<jamespage> cpaelzer, nah - thats fine I'll just use it as a catchip on 2.6 release
<jamespage> Odd_Bloke, ^^
<jamespage> re joelio's broken xenial vagrant image
<joelio> it's not mine, it's ubuntu's :)
<joelio> but yea, sure :)
<rbasak> joelio: also, do bugs exist for the issues you're hitting?
<joelio> anyway I can help, I'm happy too - makes more sense to fix upstream than run another set of packer json that only I see
<joelio> rbasak: I can raise some, it got updated a few days ago and resolv.conf broke there
<joelio> before that it was a bug in naming, so you couldn't run more than one instance etc
<rbasak> joelio: please do. I'm not directly involved but I'm sure the team that looks after it would welcome your help.
<joelio> before that it was vboxsf so /vagrant mount failed
<joelio> rbasak: will do, ta
<joelio> could mop these up before shipping with a better test harness afaict
<Odd_Bloke> joelio: There is a bug filed, and I believe the fix is in xenial-proposed.
<rbasak> joelio: thanks! https://bugs.launchpad.net/cloud-images may be the right starting place unless someone knows of somewhere better.
<rbasak> joelio: perhaps you could contribute tests?
<joelio> more than happy!
<joelio> will go over and check it out, I've got fixes for all this, but just irks that it's not in upstream :)
<joelio> appreciate this is best efforts stuff but I use it quite a lot and always catches me out after a new box update
<joelio> Odd_Bloke: do you have an id for the resolvconf bug ooi?
<Odd_Bloke> joelio: Not off-hand; will find it once I'm out of my current meeting. :)
<joelio> sure thing, understand
<joelio> just don;t want to raise a new if one exists
<ThiagoCMC> jamespage, hey man, I'm talking with Christian Ehrhardt by e-mail, about new DPDK and OVS, I think that we'll need to backport those two, from 16.10, to 16.04, via Newton Cloud Archive, can you do it?
<joelio> nice, just talking about ovs+dpkg at $work today
<joelio> ovs/dpdk rather
<joelio> that going into Mitaka?
<Odd_Bloke> joelio: https://bugs.launchpad.net/cloud-images/+bug/1621393
<ubottu> Launchpad bug 1621393 in cloud-images "xenial64 image (20160907.1.0) has a broken (empty) /etc/resolv.conf" [Undecided,New]
<joelio> cheers Odd_Bloke
<Odd_Bloke> joelio: So semiosis has been doing a lot of the work to get the xenial box back in to good shape.
<joelio> good to hear :)
<JonathanGe> I would like to install openstack on ubuntu using conjure-up https://insights.ubuntu.com/2016/06/09/conjure-up-an-introduction/Â - what is the recommended HW spec for this? how much RAM? disk ? CPU ? - thank you
<joelio> JonathanGe:  I think that depends on how many resouces you want to manage from your infra.. as a guide line a basic devstack instance with bare bones is about 6GB RAM, just to stand it up
<joelio> not sure what conjure-up is recommending though, sure guys and gals here could chip in
<JonathanGe> conjureup is openstack on lxd
<JonathanGe> http://conjure-up.io/docs/en/users/#getting-started seems to answer my Q
<ThiagoCMC> joelio, yes, OVS with DPDK is available on Xenial (not sure about Mitaka integration) but, it is super unstable.
<joelio> ThiagoCMC: oh, appreicaiate that. Literally been watching videos from the dpdk conference today and the "up to 8x better perf than vanilla ovs" seemed enticing. Look forward to testing it out :)
<joelio> JonathanGe: ah neat, uses ZFS too
<bipul> Hello I have tried to resize my logical volume. And it seems like i am failed to do so http://paste.ubuntu.net/23178304/
<patdk-wk> bipul, looks like you did
<patdk-wk> but cause you said Yes, destroy my filesystem by making it smaller, you did just that, and destroyed your filesystem
<bipul> sorry Shrinking the logical volume. patdk-wk
<bipul> To reduce the size of a logical volume, first unmount the file system. You can then use the lvreduce command to shrink the volume. After shrinking the volume, remount the file system.
<bipul> And that is what i did.
<nacc> *can*
<patdk-wk> how can you do that?
<patdk-wk> when you just cut off the end of the filesystem?
<rbasak> cpaelzer: do you remember the uvtool bug you reported that only affected Precise? I can't find it.
<rbasak> cpaelzer: ah, found it. Bug 1620633.
<ubottu> bug 1620633 in uvtool (Ubuntu) "qcow image created in precise is not usable" [Low,Won't fix] https://launchpad.net/bugs/1620633
<rbasak> cpaelzer: does that mean that uvt-kvm is completely broken on Precise, or just when using the libvirt from the cloud archive or something like that?
<ThiagoCMC> joelio, so far, here is the big problem that I found when trying OVS+DPDK: https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1577256
<ubottu> Launchpad bug 1577256 in dpdk (Ubuntu) "The OVS+DPDK dpdkvhostuser socket bridge, only works as expected, if the KVM Guest also have DPDK drivers loaded" [Medium,Expired]
<ThiagoCMC> From what I've read on DPDK / OVS mail lists, this will be always a problem, if yes, then, OVS+DPDK will be useless in a cloud enviromnent, or even on a KVM-Only env, simple because one VM interferes with the others in a very bad way.
<Ussat> Well, tomorrow I get to give a talk to our research dept on useing Linux in research, and will be useing the Ububtu servers I have built for them as examples :)
<Ussat> Gonna try to plug the maintainers of the packages we use, make a case for some support of some kind
<mbff> Hello! I am looking at getting a ODROID-C2 (ARMv8), can I install the normal Ubuntu server 16.04 arm64 iso? If so, why does Odroid the company provide their own ISO?
<joelio> ThiagoCMC: ok, I see.. is there anything else happening in the dn space (netmap or vpp etc) that looks more promising for VM-to-VM?
<joelio> obviosuly relying on users maintaing their own dpdk is never going to happen
<joelio> ThiagoCMC: thanks for the info, all useful
<rattking> Hello all, I am trying to use syslog-ng on Xenial and I am finding that kernel boot messages are not being logged. after fixing the syslog.socket symlink to point to syslog-ng instead of rsyslog I am getting systemds boot messages and later kernel messages.. any idea on what I am missing to get early kernel boot messages, like the ones in dmesg?
<ThiagoCMC> joelio, I'm still waiting to see if OVS+DPDK can be used on OpenStack Compute Nodes...
<joelio> ThiagoCMC: it'd be greay if it could
<joelio> s/greay/great/ - fingers not with it today
<ThiagoCMC> About netmap, well, I filled another bug report about it: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1475078
<ubottu> Launchpad bug 1475078 in linux (Ubuntu) "VirtIO (and probably other modules as well) is built-in, make it modular..." [Wishlist,Fix committed]
<joelio> ThiagoCMC: if you need testers, let me know
<ThiagoCMC> Ok!   :-)
<joelio> we're an openstack shop, so looking to increase inter-tenant/vm throughput where possible
<joelio> anything we can do to help... :)
<jamespage> ThiagoCMC, hey - sorry - stuck otp most of the afternoon
<jamespage> ThiagoCMC, actually working on that backport yesterday today
<jamespage> ppa:james-page/newton
<coreycb> jamespage, cinder 2:7.0.2-0ubuntu1~cloud1 is ready to promote to liberty-updates
<ThiagoCMC> jamespage, that's good news, thank you!
<MrBIOS> apw: ping, re bug 1581076. Tested and verified that Xorg does not segfault
<ubottu> bug 1581076 in xorg-server (Ubuntu Xenial) "Xorg segfaults on start-up on Big Endian PPC hardware" [Undecided,Fix committed] https://launchpad.net/bugs/1581076
<MrBIOS> with the build in proposed
<apw> MrBIOS, excellent, do put that in the bug
<MrBIOS> way ahead of you :)
<MrBIOS> are there nightly builds of the LTS ISOs? If not, whatâs the schedule for 16.04.2?
<powersj> http://cdimage.ubuntu.com/ubuntu-server/xenial/daily/current/
<powersj> maybe that's what you are looking for?
<MrBIOS> nope, I know Xenial works fine
<Seveas> MrBIOS: xenial == 16.04.x
<MrBIOS> ah apologies, yes, thatâs precisely what Iâm looking for :)
<Seveas> 16.04.2 is just xenial + xenial-updates at a certain point.
 * MrBIOS consumes more coffee
 * Seveas attaches the coffee IV
<cpaelzer> rbasak: bug 1620633 means that uvtool is broken when trying to access images created at any newer libvirt - not too high prio
<ubottu> bug 1620633 in uvtool (Ubuntu) "qcow image created in precise is not usable" [Low,Won't fix] https://launchpad.net/bugs/1620633
<andrew-ii> If I add a node1 to my MAAS cloud, I should be able to ping node1.maas from the cli, right?
<arooni> anyone here use fzf?  can i get a ppa for it?
#ubuntu-server 2016-09-15
<kklimonda> has anyone had a problem with 16.04 server preseed install getting stuck at NTP? It works fine the moment I switch to second vt (alt+f2) and press enter to login.
<NSABear> ubuntu server is the most minimalistic I can get
<NSABear> right
<RoyK> NSABear: nah - you can build small things yourself that are fare tinier, debian is also a bit smaller, but mostly the same
<NSABear> RoyK, well
<NSABear> minimalistic ubuntu
<NSABear> I'm installing on a laptop
<RoyK> server install on a laptop?
<NSABear> yes
<RoyK> what's the use for this?
<NSABear> laptop
<RoyK> ok, then better use lubuntu or something
<NSABear> heh
<RoyK> or perhaps install lxde on that laptop after the server parts are installed
<NSABear> I guess I'll use debian with lubuntu / openbox then
<RoyK> what sort of hardware?
<NSABear> i7 2620m
<NSABear> 4gb rma
<RoyK> should suffice well for a normal ubuntu install
<RoyK> or debian, or whatever
<NSABear> not a fan of the bloat of ubuntu
<NSABear> hate the arch eliteism
<RoyK> well, /j #debian
<NSABear>  :\
<NSABear> Ubuntu has ancient packages unfortunately
<NSABear> debian*
<RoyK> not really
<RoyK> debian 8 has rather new software
<NSABear> you ever use Debian?
<NSABear> lel
<NSABear> Debian 8 is still behind
<NSABear> I love debian but damn the packages are old.
<RoyK> debian will always be behind somehow, but *never* as far behind as redhat/centos
<RoyK> it's part of the game, not having new shiny shit, but just having the things that really work
<RoyK> well-proven software and not whatever's on the tree this day
<NSABear> yea
<RoyK> anyway - you got my advice - I'm not in the mood of a distro war tonight
<NSABear> not a distro war
<NSABear> It's the reality of ubuntu
<NSABear> debian*
<NSABear> blagh
<NSABear> I've used it since what, 6?
<NSABear> 5?
<RoyK> debian has always been conservative - the fact that deb8 switched systemd upset a lot of people, but it still works well
<RoyK> so up to you
<NSABear> I don't understand the systemd hate when it coems to "the unix way!111"
<NSABear> Linux = Linux Is Not UniX
<RoyK> same thing, more or less
<RoyK> I've worked with a lot of different uninces
<NSABear> im so sorry.
<NSABear> AIX?
<RoyK> BSD things, AIX, Solaris
<RoyK> and linux, and linux and linux
 * NSABear holds RoyK 
<NSABear> I'm, I'm so sorry.
<NSABear> No one should have to suffer like that.
<RoyK> I setup my first linux machine in 1994
<NSABear> 1.*
<NSABear> ?
<RoyK> I got badly addicted and stopped using windows shorty after - the addiction was severe until I met this girl with a mac and I could test OS X (which is also a (certified) unix OS), so that's my preference for the laptop OS
<RoyK> IIRC it was slackware 2.1 with kernel 1.1.59
<NSABear> I want to get a mac
<NSABear> I really do.
<RoyK> buggy as hell
<NSABear> but the software so so ass backwards
<RoyK> "brew install whateveropensourcesoftware"
<RoyK> tataa
<RoyK> works well
<NSABear> how about linux on a macbook
<NSABear> good...?
<RoyK> works like a dream
<NSABear> everything?
<RoyK> this one is a macbook pro retina - dualboot with ubuntu and os x
<RoyK> haven't seen any issues with neither
<NSABear> woo
<NSABear> battery life?
<RoyK> usually around 5-6+ hours depending on what you do
<RoyK> theoretically around 8h
<RoyK> but again - that's theory :P
<RoyK> pretty expensive thing, though - guess  you can find a more affordable laptop elsewhere
<NSABear> RoyK, How about with osx
<RoyK> it just works
<RoyK> x11 (or xQuartz) works well too
<NSABear> batteyr life
<RoyK> not integrated with the os x gui, though
<RoyK> you asked about that
<NSABear> how's the battery life on osx
<RoyK> tbh, I haven't used Linux enogh on this to measure the battery life - my numbers were from os x
<RoyK> guess it'll be about the same
<sonu_nk> Hi , I have a ubuntu server and facing FTP issue ...  I am connecting with my ftp user on one pc it is working fine means connecting but on second pc it is shwoing Network error: Connection timed out
<sarnold> sonu_nk: ftp is a terrible protocol
<sarnold> sonu_nk: if one endpoint is on the other side of a NAT firewall, it's difficult to use correctly
<sarnold> sonu_nk: if both endpoints are behind NAT firewalls, it's basically impossible to use
<sonu_nk> sarnold: ok . i dont have much knowledge for the server.. only have basic ubuntu server knowledge.. Also wht could be the issue and how to solve?
<sarnold> sonu_nk: do other protocols work between the computers?
<sonu_nk> sarnold: sorry not getting
<sarnold> sonu_nk: can you ssh from one to the other? or http?
<sarnold> ping?
<sonu_nk> i can open ssh using my ubuntu desktop
<sonu_nk> sarnold: is that was the correct ans of your question ?
<sarnold> sonu_nk: you can ssh from one computer to the other but not ftp?
<sonu_nk> sarnold: but i tried on another system i cant login with ssh as root user
<dax> ssh as root is disabled on Ubuntu by default, as is the root account in general
<sonu_nk> dax: with ssh root@myip i can login and can ls also
<sonu_nk> on ubuntu
<sonu_nk> but with putty it is not working .. i tested on windows
<sonu_nk> Hi there
<cpaelzer> Hi
<munsking> Hello, i'm having issues with isc-dhcp-server, i want it to give out 10.0.0.0-10.0.0.254 but whenever my client tries to connect to it, the server says it has no leases to give (fresh installs, they're the only 2 hosts in the virtual network)
<sonu_nk> Hi my SFTP not able to connect with another system if its connected on One pc using FileZilla
<sarnold> munsking: 'normally' the 10.0.0.0 address itself would be a 'network' address rather than a machine address; and convention would often place a gateway on 10.0.0.1... are you sure that you want to hand out 10.0.0.0-10.0.0.254?
<munsking> sarnold: yea sorry, explained that badly, i want 10.0.0.2-10.0.0.254 for the clients
<sarnold> munsking: aha, good, that sounds more likely to work :)
<sarnold> munsking: is it configured to listen on the correct interface?
<sarnold> anything else in the logs that stand out?
<munsking> sarnold: yes, eth0 (eth1 is the WAN connection)
<munsking> sarnold: only the "no free leases" part
<sarnold> munsking: ip a and ip r look fine?
<munsking> ip a? ip r?
<munsking> oh the commands, didn't know you could just use the first letter
<sarnold> handy for lazy people like me :)
<munsking> sarnold: http://i.imgur.com/YLz0KBB.png
<munsking> to me that mostly looks fine, but then again, i suck at networking
<sarnold> hah
<sarnold> and I'm the one who tried moving the mouse to see the text  'subnet 10.0.0.0'
<munsking> lol, sorry about that
<sarnold> munsking: the log messages say network 10.0.0.0/8
<sarnold> munsking: i'd expect 10.0.0.0/24 instead
<munsking> hmm, true
<sarnold> OH
<munsking> lemme check what does that
<sarnold> that first line
<sarnold> the one where I got distracted by the mouse pointer
<munsking> yea i see it
<munsking> 255.0.0.0 vs 255.255.255.0
<sarnold> set that netmask to match the other netmask
<sarnold> I have to honest it's unlikely to be it
<sarnold> but it bugs me :) and it was an easy discrepancy to spot
<sarnold> also check the FULL logs of the unit file -- maybe there's a warning somewhere shortly after startup
<munsking> what's the systemd log thingie again? something with -xn iirc
<sarnold> journalctl mumble
<munsking> ty
<munsking> after service startup or of the entire system?
<munsking> cause the service looks fine except for the no leases thing
<sarnold> hmm
<sarnold> how about dmesg?
<munsking> can't find anything in there either
<munsking> gotta go for lunch, back in a bit, thanks for the help so far!
<sarnold> good luck
<sarnold> it's well past my bed time :)
<DanawarUK_> Hi Ubuntu server i am trying to setup 2 NFS servers and the client that connects would connect to one if that one went down then it would instantly connect to the other one is there any way to achive this?
<jamespage> ThiagoCMC, ovs 2.6 snapshot and DPDK 16.07 are in newton-staging for the UCA _ about to promote to newton-proposed
<danpawlik> Hello guys,  can you please tell me if there will be packages for Openstack Newton for Ubuntu Trusty release available in cloud archive?
 * [gnubie] waves
<[gnubie]> iâm on xenial amd64. if i execute debootstrap directly from the cli, i can successfully finish the debootstrap.. however, if i execute it within my script, i always ended up only until Extracting zlib1gâ¦
<[gnubie]> has anyone experience the same issue?
<ThiagoCMC> jamespage, awesome! Thank you!
<jamespage> ThiagoCMC, yw
<jamespage> danpawlik, they already are
<jamespage> sudo add-apt-repository cloud-archive:newton
<jamespage> will get you b3
<danpawlik> jamespage: but I don't see for trusty release
<jamespage> danpawlik, yeah - I re-read you query - and then saw trusty
<jamespage> danpawlik, newton is xenial onwards
<jamespage> mitaka was the last trusty UCA release
<danpawlik> jamespage: ok, thanks for information
<jamespage> danpawlik, np
<coreycb> jamespage, beisner: when you get a chance, qemu is ready to promote to -updates across the board for UCA releases
<coreycb> jamespage, beisner: also  cinder 2:7.0.2-0ubuntu1~cloud1 is ready to promote to liberty-updates
<jamespage> coreycb, okies
<coreycb> jamespage, thanks. and one more!  heat 1:5.0.1-0ubuntu3.1~cloud1 -> liberty-updates
<coreycb> jamespage, the new package versions for bug 1614131 were just promoted to xenial-updates and are ready to promote to mitaka-updates
<ubottu> bug 1614131 in Ubuntu Cloud Archive mitaka "[SRU] OpenStack Mitaka point releases" [Undecided,New] https://launchpad.net/bugs/1614131
<coreycb> ddellav, I'm not seeing any debian core packages available to sync yet: http://paste.ubuntu.com/23182569/
<jamespage> coreycb, mitaka aodh cinder keystone nova qemu done
<coreycb> jamespage, thanks!
<jamespage> need todo liberty shortly
<jamespage> coreycb, did you do regression tests for kilo and liberty? if so they covered the ceph update as well
<coreycb> jamespage, yep
<coreycb> jamespage, results are in the cards
<jamespage> okies
<jamespage> ddellav, coreycb: https://bugs.launchpad.net/ubuntu/+source/neutron-fwaas/+bug/1619452 is still pending verification - its been in liberty-proposed for a while now
<ubottu> Launchpad bug 1619452 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [Undecided,Fix committed]
<jamespage> did it get covered by the cinder/heat testing above?
<jamespage> 6 days ago for reference
<coreycb> jamespage, yes neutron and neutron-fwaas were included in regression testing
<jamespage> good
<jamespage> ddellav, can we get the tagging on that bug right then please :)
<[gnubie]> anyone here can help me on my debootstrap issue? kindly take a look at http://paste.ubuntu.com/23182607/
<ddellav> jamespage i'll take care of it
<[gnubie]> i am wondering why i am always failing right after extracting zlib1g package.. the next step should be the installing of core packages..
<jamespage> ddellav, ok
<[gnubie]> anyone?
<Pjusur> Any dpdk people here? Having some problems binding the nic
<jamespage> coreycb, when did the kilo verification go through - just tieing up verification with the ceph stuff as well
<coreycb> jamespage, 9/7
<jamespage> coreycb, ok so ceph was in then as well
<coreycb> jamespage, ok
<jamespage> promoting with qemu
<coreycb> ddellav, for bug 1619318, can you let me know which packages are done?
<ubottu> bug 1619318 in sahara (Ubuntu Xenial) "[SRU] mitaka neutron 8.2.0 point release" [Undecided,Confirmed] https://launchpad.net/bugs/1619318
<cpaelzer> Pjusur: dpdk people not having problems here - can I help?
<coreycb> ddellav, first one I looked at was heat and I didn't find that you had a repo for it
<cpaelzer> Pjusur: http://askubuntu.com/questions/786510/using-openvswitch-with-dpdk-in-ubuntu-16-04 and https://help.ubuntu.com/16.04/serverguide/DPDK.html are my answer in like 80% of the time people ask - so I post them right away
<cpaelzer> Pjusur: but please outline what isn't working for you
<Pjusur> cpaelzer: yeah actually get the same error as him "could not open network device dpdk0 (No such device)" tho using the i211 card
 * [gnubie] is waiting and crossing fingersâ¦
<cpaelzer> Pjusur: then it really is up to checking the logs
<cpaelzer> Pjusur: I think I put most in these links already like good logs to compare and such
<semiosis> [gnubie]: can you pastebin debootstrap output?
<cpaelzer> Pjusur: once you find where your case differes put it into pastebinit and send it for review
<[gnubie]> semiosis: http://paste.ubuntu.com/23182607/
<cpaelzer> Pjusur: usual steps 1. check if assignment is corect with dpdk nic bind 2. check logs what was going on when initializing
<semiosis> [gnubie]: i mean without strace
<ThiagoCMC> jamespage, is it in your plans to also upload QEmu 2.6 and Libvirt 2.1 to Newton's Xenial UCA?
<[gnubie]> semiosis: please hold on. let me exeute again..
<jamespage> ThiagoCMC, hmm - thinking about that this week
<ThiagoCMC> Ok
<cpaelzer> ThiagoCMC: jamespage: which just became qemu 2.6.1
<jamespage> ThiagoCMC, they are expensive backports from a support/SRU perspective so I have to have a really good reason to
<ThiagoCMC> Right... I'm not sure if you're familiar with the following bug report that I filled:  https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1577256
<ubottu> Launchpad bug 1577256 in dpdk (Ubuntu) "The OVS+DPDK dpdkvhostuser socket bridge, only works as expected, if the KVM Guest also have DPDK drivers loaded" [Medium,Expired]
<cpaelzer> ThiagoCMC: I am :-)
<ThiagoCMC> So, I'll test with current QEmu, and then, with new QEMu from your PPA and I'll let you know the results...
<ThiagoCMC> I'm feeling that new qemu might be better for when with dpdk+virtio (just guess now, I'll try to bring the results ASAP)...   =)
<cpaelzer> ThiagoCMC: yeah it was kind of unclear if upstream did anything explicitly to fix it, but there were so much changes that we can't know without testing
<ThiagoCMC> sure, I understand... I'll do my best to test it ASAP, my test bed is still configured with IXIA, 2 10G NICs and etc...
<cpaelzer> jgrimm: the in release migration test just worked on ppc64el
<cpaelzer> jgrimm: cross release and s390x need some extra tomorrow - just in case you want to use stage 1 and 2 of the tests as well
<cpaelzer> ThiagoCMC: I think with you data we can at least go back to dpdk/ovs upstream
<jgrimm> cpaelzer, bah, i lost your hangout comments, can you pm me them back
<cpaelzer> ThiagoCMC: although given the current time and state you might wait a bit and use what is in yakkety once released
<cpaelzer> ThiagoCMC: but if it isn't too much throw your test at it and let me know if it crumbles
<cpaelzer> jgrimm: will do so
<jgrimm> thanks
<Pjusur> cpaelzer: Tnx mate got it to work ;D just needed to modprobe the uio_pci_generic
<ThiagoCMC> cpaelzer, sure... I'll try to test first, on LTS with Newton's Staging PPA, then with James' PPA, then on yakkety... But I can't deploy non-LTS in prod.
<cpaelzer> Pjusur: yeah
<[gnubie]> semiosis: kindly take a loot at http://paste.ubuntu.com/23182825/
<semiosis> [gnubie]: hmm not sure about that, sorry
<[gnubie]> semiosis: no worries..
<jamespage> coreycb,
<jamespage> Launchpad encountered an error during the following operation: copying a package.  cinder 2:8.1.0-0ubuntu1~cloud0 in trusty (source has no binaries to be copied)
<jamespage> hmm
 * jamespage looks
<jamespage> coreycb, yeah it failed to build from source - we'll need to re-verify that before we can push that out
<jamespage> sorry
<jamespage> this is hard to see due to the private nature of the proposed and updates PPA's
<powersj> The daily Yakkety server ISO is not currently installable. Seems to have older version of libpython3.5 packages resulting in broken package.
<Daviey> jamespage: But it should be verifiable from the public mirror, no?
<jamespage> Daviey, it will be once it actually builds
<jamespage> nearly done
<jamespage> Daviey, the gap is that the versions report looks at source package versions - which are correct here; its the binaries that are missing
<powersj> http://paste.ubuntu.com/23182890/ shows the failure (search for broken) archive itself looks to have the right version.
 * jamespage makes a note to fix that and provide better feedback 
<Daviey> jamespage: I did write an addon for the reprepro to also publish the build logs... But i don't think i ever landed it
<jamespage> Daviey, oh congrats on kolla core status btw
<jamespage> Daviey, no it did not...
<Daviey> oh fanks
<coreycb> jamespage, ddellav: python-ceilometerclient 2.6.1 and heat/keystone/trove rc1 uploaded.
<law> has anyone done much work with graphite-web and Ubuntu 16.04?  I am having an absolute nightmare of a time getting it to start in gunicorn
<cclarke> Is this the correct channel for ubuntu OpenStack issues or is there a better one I should use?
<guntbert> cclarke: I don't know of a better one - can not help you though
<cclarke> guntbert: thanks anyway.
<cclarke> If anyone has used openstack, I am trying to deploy on Ubuntu 14 using MAAS/Juju. I have maas working and 5 physical servers in my test environment. Issues is that I can deploy everything except neutron-gateway which is blocked and error is: (config-changed) Missing relations: messaging
<cclarke> Anyone have any ideas on what is causing that issue or has run into it before?
<DexterF> hi
<DexterF> installed server, now want xfce4 on it. installed ok. installed "nodm" as I want autologin anyway. cannot startx. EE. ~/.local belongs to root:root
<DexterF> that correct liek that?
<sarnold> DexterF: if that's the actual error, then "sudo chown dexterf:dexterf ~/.local" may be a good start
<DexterF> sarnold: thoguht crossed me, but why would that dir not belong the user in the first place, fresh install
<sarnold> DexterF: that can often happen if whatever command created the file/directory was accidently run with 'sudo' to address some other issue
<DexterF> sarnold: the only significant subdirectory is mc. I installed with sudo aptitude of course, and then as root edited a file. first thing I did with it. from sudo bash.
<DexterF> that could be it, couldn't it, sudo bash, mcedit, instead of in /root created everything in the user dir
<sarnold> DexterF: that seems very plausible
<lutostag> smoser: so for the lxc xenial cloud-init... its in proposed. Once it reaches updates will it be fixed or do we still need an updated lxc image?
<DexterF> and there is xfce.
<DexterF> any known issues with intel video drives?
<DexterF> when I frag around items the display freezes up occasionally
#ubuntu-server 2016-09-16
<smoser> lutostag, this is the installing packages ?
<smoser> we will need new daily and released images to get that all the way though
<smoser> generally speaking the current images should mostly work, just can't install packages with cloud-init.
<Dragon_Buidler> Can i use this to ask questions regarding building a virtual machine?
<nacc> Dragon_Buidler: sure (although it's late in teh .us and i'm off ;)
<Dragon_Buidler> I can check back in when time is better. Thanks.
<[gnubie]> anyone can help me check http://paste.ubuntu.com/23185024/ and identify what causes debootstrap to fail? line 27 is the debootstrap command and it ended right after line 42
<PryMar56> [gnubie] show the permissions on /data/build/xenial
<PryMar56> ls -al /data/build/xenial
<[gnubie]> the /data/build/xenial directory is being created by debootstrap..
<cpaelzer> [gnubie]: line 13 ?
<cpaelzer> isn't that pre creating the dir
<[gnubie]> cpaelzer: itâs 755
<[gnubie]> i will add chmod 1777 to /data/build/xenial for testing in my script..
<cpaelzer> [gnubie]: I just ran the debootstrap with the dir not existing before and it worked fine
<cpaelzer> [gnubie]: you could try that first if it works for you and only then try to resolve any difference in the setup
<[gnubie]> directly from cli or via inside a shell script?
<cpaelzer> cli
<cpaelzer> I just copied your command and it made my /data/build/xenial look good
<[gnubie]> yes, thatâs what i was having a problem.. if i execute the debootstrap command directly from the cli, it works.. but not if itâs inside my bash script..
<cpaelzer> [gnubie]: and that could be your pre-creation of that dir
<cpaelzer> [gnubie]: does it fail also if you just run the deboostrap from your script?
<[gnubie]> yes, it only fails when executed via script
<[gnubie]> i am running my script again but this time, i already added a line with chmod 1777 /data/build/xenial
<[gnubie]> same thing..
<[gnubie]> it failed on the same line after the âI: Extracting zlib1g...â
<cpaelzer> [gnubie]: in script working
<cpaelzer> [gnubie]: sudo rm -rf /data/build/xenial; echo '#!/bin/bash' > /tmp/test.sh; echo "debootstrap --verbose --arch amd64 --variant=minbase xenial /data/build/xenial http://archive.ubuntu.com/ubuntu/" >> /tmp/test.sh; chmod +x /tmp/test.sh; sudo /tmp/test.sh
<cpaelzer> [gnubie]: drop the mkdir and anything else that pre-creates the dir - debootstrap will do that for you
<[gnubie]> hhhmmmm.. ok, for testing..
<[gnubie]> please hold on.. i will remove a lot of lines in my script..
<[gnubie]> re-running my script again without those lines that pre-creates the directories
<rbasak> cpaelzer: good job documenting https://wiki.ubuntu.com/QemuKVMMigration, thank you!
<rbasak> cpaelzer: note that I wouldn't call non-LTS releases "development releases". That's confusing because we already use the term for the development release (eg. Yakkety right now)
<rbasak> cpaelzer: I'd say stable release, or interim release in an LTS context, or non-LTS release, etc.
<rbasak> cpaelzer: does the new scheme mean that an action needs to be taken in qemu every release to add the new machine type?
<cpaelzer> rbasak: thanks I'll fix up the names - interim release is better since I need a short abbreviation
<cpaelzer> rbasak: and yes it means that every release an action has to be taken (and always was since trusty)
<cpaelzer> rbasak: just not as documented as now
<cpaelzer> rbasak: which IMHO was why it decayed
<rbasak> cpaelzer: I wonder if we can do something to make sure we notice and do it, or do it automatically or something (use lsb_release in a pre-build script to patch in the correct name).
<rbasak> It would presumably mean that during the development cycle the machine definition will change, so that might break live migration. But that might be reasonable.
<cpaelzer> rbasak: one of the tests I developed can maybe become a autopkgtest to prevent uploads without making a new type
<cpaelzer> rbasak: and yes the "in-type" defnition while a devel release cycle is ongoing might change, but that is ok
<cpaelzer> yet it would catch completely forgetting to update
<cpaelzer> rbasak: I also added quite some doc and a dep3 header to the patch, so that anybody touching it sees it
<frickler> what kernel do I need to install on trusty in order to be able to mount an xfs created on xenial? will 3.19 be new enough?
<frickler> ah, nevermind, there is linux-image-virtual-lts-xenial now, that should be fine I guess
<cpaelzer> rbasak: I now also fixed the "dev" naming in the drawing that was linked - thanks
<frickler> so can someone look at https://bugs.launchpad.net/nova/+bug/1621257 and try to decide whether qemu, libvirt or novnc might be the culprit?
<ubottu> Launchpad bug 1621257 in OpenStack Compute (nova) "VNC console keeps reporting "setkeycodes 00" exception" [Undecided,Invalid]
<frickler> I can reproduce this with a simple devstack instance
<coreycb> jamespage, ddellav: rc1's are uploaded for aodh, cinder, glance, horizon, manila, and nova
<jamespage> coreycb, awesome
<jamespage> coreycb, hows horizon looking?
<jamespage> do we need design team time for a refersh?
<coreycb> jamespage, I'll take a look
<coreycb> jamespage, it was looking ok recently
<jgrimm> smb, would you be able to sponsor 1541902?
<smb> jgrimm, maybe but I know cpaelzer and/or xnox have been working on qemu updates
<jgrimm> smb,  indeed xnox's has landed, cpaelzer is basing his off of mine
<MelRay> Hi everyone...I haver never used the network installer and plan on installing iredmail which requires many things not to be installed like maria-db/mysql postfix etc. Does the network installer allow a more customized install so I can avoid some of these packages and let the iredmail script pull them all in for the repos? Or is there a better way to do it with the ubuntu-server .iso?
<smb> jgrimm, and he is currently building an ubuntu3 version even
<jgrimm> smb, bah.. i hadn't noticed that yet
<jgrimm> smb, ok, let me sort out what's going on there first
<smb> jgrimm, right... what I also see is that ubuntu1 has not yet cleared proposed. Ok, not preventing another upload but needs special changes handling. Still when there is further stuff in the pipe already its probably worth just to wait and then upload once
<xnox> smb, jgrimm, note my qemu is stuck in proposed at the moment...
<smb> xnox, I did note :)
<jgrimm> indeed. thanks guys. i'll go into holding pattern
<dusty225> administering apparmor or selinux? which one will cause you to slam your monitor into the wall first?
<patdk-wk> selinux
<patdk-wk> apparmor is simple
<patdk-wk> if you like acl's, use selinux
<patdk-wk> if you want config files, use apparmor
<dusty225> thank you
<dusty225> would you consider apparmor a required security measure for a server and that your an idiot if you dont use it?
<patdk-wk> depends on many things
<patdk-wk> it is an extra layer
<joelio> profiles for selinux on ubuntu are sketchy
<joelio> apparmor is a "1st class citizen"
<joelio> then there's grsec too with it's rbac ;)
 * joelio installs a fresh 4.7.4 grsec kernel
<Smurphy> Anyone can explain me, or provide me a link on how to limit the number of ttys to 2 ? Seems that it is handled dynamically upon request.
<Smurphy> And it also seem to prevent rsyslog to write data to tty4.
<patdk-wk> just disable them in systemd
<Smurphy> Hmmm. I thought I already tried. Didn't work.
<Smurphy> You have a link to it? I am rather one of the old school guys using sysVinit ...
<Smurphy> I think I got it.
<rbasak> lamont: I spent some time on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744304. It's legit, and the suggested "RemainAfterExit=yes" line fixes the problem completely. Can we get that pushed to git and uploaded, and I can sync to Yakkety?
<ubottu> Debian bug 744304 in bind9 "bind9-resolvconf.service immediately stopped after starting" [Important,Open]
<rbasak> lamont: looks like I can upload, but I can't push to git. Do you want me to send you git-format-patch output or something?
<lamont> rbasak: git-format-patch would be awesome, I should be able to do the whacky-thump in pauses in my day today
<rbasak> ack, thanks
<rbasak> cpaelzer: is bug 1577596 one of the ntpdate ones you were tracking?
<ubottu> bug 1577596 in ntp (Ubuntu) "ntpd not started when using ntpdate" [High,Confirmed] https://launchpad.net/bugs/1577596
<rbasak> lamont: you have mail. Also, did you forget to push your tags for P4-9 and P4-10? And there's a P4-10.1 NMU that needs acknowledging, importing to git and pushing.
<lamont> rbasak: sigh.  I'll get things cleaned up there
<lamont> thanks for the reminders
<rbasak> No problem. Let me know if I can do anything more to help.
<lamont> it'll be later today though, possibly tomorrow worst case.
<lamont> will highlight you when done
<rbasak> ack, thanks
<cpaelzer> rbasak: no 1577596 was not on my list yet
<cpaelzer> rbasak: it is another case of dump ntpdate and use timesync as intended :-/
<cpaelzer> IMHO
<SpudDogg> hello all, i am trying to set up a deb mirror.  however, this page does not show what key(s) i would need for xenial https://help.ubuntu.com/community/Debmirror
<SpudDogg> any ideas?
<powersj> SpudDogg, is your question coming from the where it tells you to import the keyrings?
<SpudDogg> powersj: yes, but i think im just going to use apt-mirror instead
<powersj> ok :)
<powersj> What I believe you were looking for is that the keys are kept in ubuntu-archive-keyring.gpg
<SpudDogg> ya that was what i needed
<SpudDogg> thanks powersj
<rbasak> cpaelzer: agreed, we should link to the ML thread, etc.
<jgrimm> hallyn, would you have time for a qemu upload sponsorship?
<jgrimm> hallyn, 1541902 if so, else I'll poke others next week
<hallyn> jgrimm: i'll find time before next week - thanks
<jgrimm> hallyn, you rock. thank you sir!
<hallyn> urg, someone uploaded 1:2.6.1+dfsg-0ubuntu1 without updating the debian tree :)
<hallyn> will sort that out later
<hallyn> jgrimm: this has been tested right?  is it the same one i tested before?
<jgrimm> exactly the same patches, but rebased on 2.6.1 (which happens to be the version that IBM originally tested the patches on)
<jgrimm> and yes
<hallyn> kthx - \o
<jgrimm> thank you!
<nacc> hallyn: ack on the debian git tree, i have it on my backburner action item to document that process
#ubuntu-server 2016-09-17
<sarthor> device_add usb-host,id=p2015,vendorid=0x03f0,productid=0x3817 , So here my ID will be p2015, but how to find this ID later
<gopalindians> Â°Â¯R
<samba35> how to configure two nic with ubuntu server with two gateways
<lordievader> Good morning
<MelRay> Hey there I'm in the process of setting up LAMP on Ubuntu Server 16.04. I edited mods-enabled/dir.conf and moved index.php to the front with index.html second. Prior to this my domain resolved to the test page for apache. However it would not resolve and bring up info.php with index.php as first in priority. I had restarted Apache after changing dir.conf.
<MelRay> What I did then since it wasn't pulling up info.php I renamed index.html then I got the directory listing of the files and clicked info.php and it worked. Any idea why it didn't just resolve like index.html?
#ubuntu-server 2016-09-18
<codepython777> is there a way to configure a ubuntu box to boot within a second?
<JanC> depends on what hardware & what you want to have running on it, I guess...
<codepython777> JanC: Seems like some people in #ubuntu are helping me out, perhaps we can talk about this there?
<JanC> I'm going to sleep now  :)
<codepython777> JanC: G'nite
<RoyK> codepython777: why bother about those seconds?
<lordievader> Good morning
<ducasse> if any ops are present, could they please remove the last sentence from the topic?
<bipul> What are block devices And how it works?
<samba35> in 16.04.1 ,if i dont configure any thing in /etc/network/interface  still i should get ip from dhcp server ?
<k2gremlin> samba35, Yes, my understanding is that by default, any eno adapters are auto up
<k2gremlin> and defaulted to dhcp
<samba35> ic
<k2gremlin> ip addr, do you see the interface?
<k2gremlin> either an EthX or enoxxxxx
<samba35> enp ?
<k2gremlin> the naming of the nics
<k2gremlin> changed to default eno for some reasons..
<samba35> yes i can see with ip addr and ifconfig -a
<k2gremlin> http://askubuntu.com/questions/689070/network-interface-name-changes-after-update-to-15-10-udev-changes
<k2gremlin> So it worked?
<k2gremlin> enoxxxxx has an IP?
<samba35> if i am using bridge with openvswitch  where i should see ip address in bridge (br0 ) of enpxx interface ?
<k2gremlin> I haven't used openvswitch.. but does it change the configuration on the eno interface to attach it to the bridge?
<k2gremlin> If so, should see br0 with an IP
<k2gremlin> if not, than you need to configure it in your /etc/network/interface
<k2gremlin> I have some bridges and taps built using the interface file. Works pretty well lol
<samba35> thanks
<k2gremlin> If your just trying to build a bridge, no additional software needed.
<samba35> can you please please tell me what is difference in bridge and tap interface ?
<k2gremlin> https://help.ubuntu.com/community/NetworkConnectionBridge
<samba35> yes i use linux bridge but i just want to understand openvswitch as people say it give more features over linux bridge
<k2gremlin> https://help.ubuntu.com/community/NetworkConnectionBridge
<k2gremlin> errr
<k2gremlin> http://www.innervoice.in/blogs/2013/12/08/tap-interfaces-linux-bridge/
<k2gremlin> Gives you a pretty good breakdown
<samba35> k ,thanks
<samba35> ok
<k2gremlin> Like I said never used openvswitch. I assume its like any other virtual switch. I use the vSwitches in VMWare and love them. So easy to use lol
<samba35> yes true but my hardware it doesnt support vmware esxi ?
<k2gremlin> :/
<samba35> vmware is costly also :)
<samba35> kvm is free :)
<samba35> right sir
<samba35> k2gremlin: have you tryed ubuntu maas or juju or lxd ?
<k2gremlin> nope
<samba35> ok
<samba35> how do i install a local package with depedancy fix ? aptitue ?or dpkg ?
<tsimonq2> samba35: could you please be more specific?
<samba35> i have package with teamviewer but i am not able to install it ,i have downloaded package from web site and its 386 and i am on 64 bit
<tsimonq2> samba35: could you please join #ubuntu ? they will be able to help you a lot more than I can. :)
<samba35> ok
<compdoc> teamviewer is pretty horrible, and there are versions that are cracked and spu on you
<compdoc> *spy
<samba35> 'sudo apt install ./package.deb' this way it was fix :)
<samba35> if i am downloading some iso from internet but i am now aware where it is going to save ,in that case how do i check where the file is getting download
<samba35> i am trying to download image from/for maas
<PryMar56> samba35, ~/Downloads <-- guess
<PryMar56> or ~/Desktop/Downloads
<samba35> no ,sorry ,its not there
<samba35> i am trying... yes trying to understand maas
<coetry> I have enabled php5-fpm on apache 2.4 and have set the forwarding rules for my vhost accordingly, yet it doesn't render the .php, it just displays it as plain text
<coetry> does anyone know what could be the problem?
<coetry> http://thekaeway.com
<tomreyn> coetry: show your configuration, using
<tomreyn> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<tomreyn> (you can edit / redact sensitive info)
<daniela_perez> How to hide/mask url extensions
<daniela_perez> How to hide/mask extensions for sub-folders/path so that www.example.com will always display in the address bar
<tomreyn> you could use an iframe for this. but that's technically ugly, and easily worked around.
<tomreyn> what'S the use case?
<daniela_perez> I would pretty sure using iframes
<daniela_perez> I want it the Apache way
<daniela_perez> mod_rewrite, but which way ?
<daniela_perez> I ...*avoid* ... iframes
<tomreyn> why do you want to do this in the first place? it's not really a good idea.
<tomreyn> is it about 'protecting content'?
<tomreyn> is it about 'clean urls'?
<daniela_perez> tomreyn: Security reasons
<daniela_perez> Blackboxish
<tomreyn> daniela_perez: this is not a security mechanism
<tomreyn> if you want to harden your web application then use firewalling and access restrictions (htbasic / htdigest password authentication, source ip access restrictions, ...), use secure passwords securely, use multi-factor authentication, read the OWASP secure web application development guide (if you're developing it yourself).
<tomreyn> if you're not developing it yourself, use web applications which are known to have undergone extensive security review and testing only, and make sure you follow their installation and configuration guides (documentation) closely.
#ubuntu-server 2017-09-11
<fishcooker> how to show changelog on every ubuntu package update; ie: http://vpaste.net/YnNXo ?
<cpaelzer> good morning
<sobukus> https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1587142 â¦ I wonder if suddenly something happens on that one.
<ubottu> Launchpad bug 1587142 in systemd (Ubuntu) "Shutdown hangs in md kworker after "Reached target Shutdown."" [Critical,Confirmed]
<sobukus> If I should count on this being fixed in 16.04 some time or if I should make a local hack.
<sobukus> Servers not being able to reboot is not nice.
<Pjusur> Good Morning ppl, is there a way to make journald not pick syslog messages from a specific services? just syslog to rsyslog
<necrophcodr> If I do `SetEnv SOMETHING "else"` and `PassEnv SOMETHING` in a virtual host, then that variable still isn't accessible in, say, a .htaccess file with RewriteCond %{ENV:SOMETHING}
<necrophcodr> How can I make that happen?
<necrophcodr> It seems that SetEnv and PassEnv work great for CGI or FCGId based stuff, but has no affect on .htaccess files.
<trippeh> hm. unbound needs some work in artful. it is set up as type notify in systemd, but the apparmor profile doesnt allow it. if you allow it, reloads are still broken, probably a sd_notify missing somewhere.
<sobukus> OK, I'm down to 'only' a RAID resync on each boot, from endless hang on any reboot/shutdown attempt.
<sobukus> Please, Ubuntu folks, implement the proper strategy of RAID array build-up/tear-down as indicated in the linked fedora issues for https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1587142 .
<ubottu> Launchpad bug 1587142 in systemd (Ubuntu) "Shutdown hangs in md kworker after "Reached target Shutdown."" [Critical,Confirmed]
<sobukus> Or bug mdadm folks to push mdmon into the kernel to avoid the trigger for this whole mess.
<RoyK> necrophcodr: it's no difference between running apache on a vm compared to running it on metal - I guess something is messed up in the apache config
<necrophcodr> RoyK, i'm not refering to virtualization
<necrophcodr> I'm refering to <VirtualHost>
<necrophcodr> I guess I should've specified it was regarding Apache2 setup :)
<RoyK> ah - I see
<RoyK> well, that was pretty obvious, but I read it as you had a problem on a "virtual machine"
<RoyK> necrophcodr: not sure if there are much apache gurus here, though
<necrophcodr> I'm not sure where else to ask about apache stuff though
<RoyK> you may want to try #httpd
<hhee> good time. mod in apache2 in ubuntu (16.04) shown in packages list as libapache2? or libapache2-mod? i need to find out numbers ands names of installed apache2 modules
<ahasenack> hhee: libapache2-mod-* seems to be the norm
<hhee> ahasenack, got it
<sobukus> Ahw, maaaaan. The latest kernel update broke Infiniband RDMA here. Works with 4.4.0-83-generic, broken with 4.4.0-93-generic. What changed?!
<sobukus> I thought that is why we use LTS!
<sobukus> apt-get changelog is not helpful.
<sdeziel> sobukus: take a look at /usr/share/doc/linux-image-4.4.0-93-generic/changelog.Debian.gz
<sobukus> Ah, thanks. I realise that there is a massive amount of changes between these two. I guess I have to test some versions inbetween.
<sobukus> I don't see an overt reference to infiniband.
<sobukus> Hm, I need to hunt down 4.4.0-84
<sdeziel> sobukus: the Xenial -proposed kernel (-94) has some fixes related to RDMA so you might want to take a look there as well
<sobukus> That might be a better direction.
<sobukus> sdeziel: Ah, magic! With -94, rdma works again.
<sdeziel> glad to hear that
<sobukus> Now I need to figure out if I can reboot the servers without upsetting clients â¦
<madLyfe> so does 17 become the LTS? or is it a different #? after 16.
<ahasenack> madLyfe: 18.04 will be the next LTS
<madLyfe> which is just everything from 17, just in stable form?
<sobukus> madLyfe: That's the idea;-)
<sobukus> LTS every two years â¦ in between the big rockin' changes.
<genii> madLyfe: LTS releases are the first release in even numbered years. So 14.04 16.04 18.04
<madLyfe> that makes it easy
<madLyfe> so in the 16 installer you can select HWE installer. is this default in 17?
<M3mphiZ> After enabling PAM authentication using private-key and google-authenticator using this tutorial (https://www.digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-16-04), my gitlab instance doesn't accept any pull/push anymore. how can i tell it to not use pam with the git user?
<sdeziel> madLyfe: HWE kernels are only available to LTS versions
<madLyfe> oh
<madLyfe> HWE for server is the future though, correct?
<sdeziel> not only servers, no. https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<madLyfe> its the future stack for all releases is what i mean
<sdeziel> it's a backport of a more recent kernel (and/or X stack) for a LTS release
<sdeziel> in otherwords, you get the kernel of a non-LTS readily installable on your LTS
<madLyfe> but im saying, in like the next LTS(18) will HWE be the default in installer and not how GA kernel is right now?
<sdeziel> "Server installations will default to the GA kernel and provide the enablement kernel as optional." from the link above
<madLyfe> ya but thats for 16. what about 18?
<madLyfe> im asking if the plan is to move everything to HWE?
<sdeziel> HWE used to be the default for ${LTS}.2
<sdeziel> now it's the default only for desktop installs
<sdeziel> for servers, the default is the GA kernel
<madLyfe> are they planning on changing the default for server to HWE?
<nacc> madLyfe: 18.04 hasn't started yet (17.10 isn't out yet). I don't believe there are plans to change the above
<madLyfe> so they will just keep offering HWE during install?
<nacc> madLyfe: i assume so
<madLyfe> thats confusing
<nacc> madLyfe: why?
<madLyfe> i mean.. is there a reason not to run HWE over GA?
<nacc> madLyfe: yes
<nacc> madLyfe: if you don't need it
<nacc> it's more change to audit
<nacc> kernels have bugs too
<nacc> powersj: are artifacts of jenkins jobs saved at all (e.g., the snap)
<powersj> nacc: they can be, but only a certain number
<nacc> powersj: ok, np
<nacc> powersj: just wondering
<madLyfe> do you have to install grub?
<madLyfe> i cant figure out why this happens after i install server to a microSD card and then reboot after install to boot for the first time: https://usercontent.irccloud-cdn.com/file/QakJoRAR/irccloudcapture683196535.jpg everything works fine when i install to a USB stick.
<nacc> madLyfe: is it actually booting from the microsd card?
<madLyfe> i dont know. when i restart from the install, i pull the installer usb stick and its just the mSD card and thats the msg i get right when it would show the ubuntu boot process or grub
<madLyfe> if i pull the SD card it just says cant find boot drive or whatever. thats normal though because there is nothing there to boot to.
<nacc> madLyfe: does `ls` from the grub rescue prompt work? does it display anything?
<madLyfe> nacc: https://usercontent.irccloud-cdn.com/file/EUlEjkxt/irccloudcapture365147137.jpg
<nacc> madLyfe: try `ls (hd0,msdos1)/`
<nacc> madLyfe: tab complete *should* work, as well
<nacc> madLyfe: my guess is it was unable to read or find a config file
<madLyfe> not sure what you mean by tab complete https://usercontent.irccloud-cdn.com/file/mHopvUFC/irccloudcapture1198195483.jpg
<nacc> madLyfe: you can hit <tab>
<nacc> madLyfe: so that's your root fs
<nacc> madLyfe: can you do something like `root (hd0,msdos1)`
<nacc> madLyfe: and then `configfile /boot/grub/grub.cfg`
<madLyfe> sorry had a phone call
<madLyfe> 'root' unknown command
<nacc> madLyfe: ok, just hit tab and see what commands are available
<madLyfe> tab does nothing
<nacc> madLyfe: and then google around for the commands
<nacc> madLyfe: ok
<madLyfe> hmmm help is an unknown command but says use that to get a complete command list
<madLyfe> https://help.ubuntu.com/community/Grub2/Troubleshooting
<nacc> madLyfe: probably because it's in the recovery mode
<nacc> madLyfe: rescue mode, i mean
<nacc> madLyfe: it seems like it read past the end of the disk while trying to laod itself
<madLyfe> ive read where some ppl have this issue with partitions on large disks but this is only a 16gb sd card
<nacc> madLyfe: sd cards may not be well supported as boot media on this machien?
<nacc> madLyfe: not sure
<nacc> powersj: do you have a log handy of the failed `quilt` ?
<nacc> *quilt push
<madLyfe> actually i talked to HPE and they said the only thing that will boot on this blade is the SD card and not USB. so far its the opposite.
<nacc> powersj: at what version it happened at, i mean
<nacc> madLyfe: fun :)
<madLyfe> but the sd card would ride the usb chip?
<madLyfe> just thinking if i turned off something
<madLyfe> cuz i def turned off the network stuffs and probably the sata controller
<madLyfe> scsi stuff
<nacc> madLyfe: did you need to turn them off?
<madLyfe> well for a mining server, saving power is key.
<madLyfe> turn off everything that isnt needed.
<powersj> nacc: whatever master was last Friday
<powersj> https://jenkins.ubuntu.com/server/job/git-ubuntu-ci/55/console
<nacc> powersj: ok, that's fixed then
<nacc> i'll let the job finish and merge it
<nacc> madLyfe: functionality seems more key first
<nacc> madLyfe: :)
<madLyfe> i wasnt ever planning to use sd card though so not using it isnt a huge deal but would save a few bucks per server if i could get it to work.
<madLyfe> i wouldnt need a usb hub then.
<madLyfe> $10 per server. adds up.
<madLyfe> but at the top is says 'attempting boot from usb drivekey' and then shows the dirs so it must be using the usb chip
<madLyfe> The proper paths must be set via the set prefix command.
<madLyfe> Many GRUB 2 commands will not work until the correct path is set.
<madLyfe> If the path to the grub folder (normally /boot/grub) is not correct, an unknown command or file not found message is likely.
<madLyfe> i have to jet for a bit
<madLyfe> thanks
<elico> *: Maybe anyone knows why the bug fix is not being backported? https://bugs.launchpad.net/ubuntu/+source/iptstate/+bug/1562333
<ubottu> Launchpad bug 1562333 in iptstate (Ubuntu) "iptstate assert failure: *** Error in `iptstate': munmap_chunk(): invalid pointer: 0x000000000193c990 ***" [Medium,Confirmed]
<sarnold> elico: because you haven't prepared and tested a debdiff to fix it yet :)
<sarnold> elico: packages in universe are community-maintained
<elico> sarnold: I took the package from zetsy and installed on xenial and it works..
<elico> sarnold: is there a guide about doing a debdiff??
<sarnold> elico: nothing easy.. here's a starting point for the process to add a patch to a package https://wiki.ubuntu.com/StableReleaseUpdates
<elico> sarnold: but if the zetsy package works fine, why not use it??
<nacc> elico: becuase that's not how things work.
<nacc> elico: and mixing and matching release is a bad idea (tm)
<elico> nacc: OK but nobody does anything..
<sarnold> elico: depending upon how much changed that might even be a solution, but it takes a -lot- of convincing to make that happen. applying a patch to a package is usually the far faster route
<sarnold> elico: aye. tragedy of the commons lived out in software :/
<nacc> elico: well, that's rather rude of you to think. people do *plenty* of stuff
<nacc> elico: maybe not in this particular bug
<elico> nacc: nobody responded in the bug(talking about this one..)
<sarnold> well, that's not exactly a good analogy.. loads of people do loads of stuff, and it's not a fixed pool of resources under competition. but still, it's soooo easy to Let Someone Else Handle That..
<elico> I created a package for OpenSUSE but I am not so good with debian packages..
<sarnold> heh rpms sure feel easy in comparison to debs
<elico> for me... maybe someone that worked a lot with deb's feels better with it..
<elico> sarnold: where do I see the packages which are in community compared to others and if others then in which it belongs?
<sarnold> elico: if you run apt-cache show iptstate one of the lines output is Filename: pool/universe/i/iptstate/iptstate_2.2.5-1build1_amd64.deb
<sarnold> elico: the 'universe' there means that package is community supported
<elico> sarnold: OK thanks!
<elico> sarnold: are you from the server team?
<sarnold> elico: no, security team
<elico> If I will show you how I am building my DEB's you will find it "un-orthodox"
<sarnold> probably, no two people build their debs the same way :)
<elico> sarnold: You haven't seen mine... it's one of the most amazing ways to create a deb.
<elico> http://gogs.ngtech.co.il/elicro/squid-debian-deb-build
<elico> ..The Makefile..
<sarnold> elico: hahah :) I can confirm I've never seen a Makefile to build debs quite like this one before :)
<elico> sarnold: I had a talk with Amos the squid-cache project manager and he created a deb file for debian and ubunutu.
<elico> He has a really nice one. Now I wanted to provide a package but after reading the DEB guide and book more then three times I got tired and tried this recipe and it appears that my server got hit hard because of it so I had to start QOS the traffic.
<nacc> ahasenack: was your backtrace with g-u review of cpaelzer's MP: ValueError: Not sure how to decompose 0ubuntu13.1.22: series 1 not in expected format
<nacc> ?
<nacc> ahasenack: if so, can you file a bug for it? it means our version deduction alogrithm needs to be made more flexible
<keithzg> Are there any prefab LAN search engines out there? I basically just want a local network version of Google/DuckDuckGo to help users with our sprawling set of different web services at the office (wiki, bugtracker, client database, doxygen, etc etc). I would have thought someone would have written something, but my google-fu appears to be failing...
<sarnold> keithzg: tada https://enterprise.google.com/search/products/gsa.html
<keithzg> sarnold: I guess to be picky I should stipulate that I was hoping for something FOSS-licensed, but uhh also apparently it's being discontinued?
<sarnold> ah
<keithzg> http://fortune.com/2016/02/04/google-ends-search-appliance/
<keithzg> So I couldn't even get one purchased for the office if I wanted to!
<keithzg> So far the "best" option seems to be hacking together something myself with Apache Nutch + Solr or ElasticSearch
#ubuntu-server 2017-09-12
<keithzg> Hmm, looks like YaCy might do the trick.They even have an apt repo, although their signing key is SHA1.
<brianw> I am having some trouble with openvpn and systemd. I can't seem to get systemd to start it. I am running in an lxd container.
<brianw> I can run the exact same command that systemd tries to run as root and it works, starting in deamon mode.
<brianw> Any suggestions?
<eagles0513875> hey guys it seems im having some issues with some repos being down and this is particular ot the UK mirror
<eagles0513875> https://dpaste.de/3v2e
<eagles0513875> can anyone advise please?
<brianw> eagles0513875: links work for me. Must be somethig up with your networking...
<eagles0513875> brianw: i installed postgres and nginx just fine
<eagles0513875> thats what i cannot under stand
<eagles0513875> i have a static ip address set should i also set a dns server ip as well?
<eagles0513875> brianw: in the interfaces file i have it set to static with the address netmask and gateway
<brianw> eagles0513875: cat /etc/resolv.conf
<brianw> eagles0513875: can you `ping google.com` ?
<eagles0513875> brianw: think that answers my question since when when you have a static ip do you need to specify the dns ip's in the interface file?
<eagles0513875> as it says not to edit the resolv.copnf by hand as the changes will be overwritten
<brianw> I can run the exact same command that systemd tries to run as root and it works, starting in deamon mode.
<brianw> Any suggestions?
<lordievader> Good morning
<cpaelzer> hi lordievader, how are you today?
<lordievader> Hey cpaelzer, doing good here :) How are you?
<cpaelzer> fine as well
<necrophcodr> Is it possible to change the SyslogFacility for SSHD so that I can log all SSH stuff to a custom file via rsyslog?
<necrophcodr> I tried setting SyslogFacility to something like "sshd" and then filtering "sshd.* /var/log/sshd.log", but then sshd no longer starts properly.
<necrophcodr> (and returns: unsupported log facility, but i'm not sure what the supported ones may be)
<ducasse> necrophcodr: see syslog(3) for valid facilities and levels
<necrophcodr> ducasse, thanks, i'll use that then
<oskaress> Hey tomreyn I got the vsftpd to work and the MFP connect to it through FTPS. When I scan a paper I get "SSL error: error:00000000:lib(0):func(0):reason(0), errno: 0" in the log and some lines down it says "DATA connection terminated without SSL shutdown. Buggy client! Integrity of upload cannot be asserted." Any idea what's wrong?
<RoyK> oskaress obviously didn't bother to stay online :P
<beisner> hi coreycb jamespage - niedbalski needs sponsor on artful for this, can one of you help?  https://bugs.launchpad.net/bugs/1657256
<ubottu> Launchpad bug 1657256 in percona-xtradb-cluster-5.6 (Ubuntu) "Percona crashes when doing a a 'larger' update" [Medium,In progress]
<tomreyn> a pity, i just got in
<smoser> cpaelzer, still around ?
<smoser> https://code.launchpad.net/~smoser/ubuntu/+source/open-iscsi/+git/open-iscsi/+merge/330315
<smoser> i am not sure on what i'm supposed to do to tag and upload. i can upload, but not sure on tagging and doing the right thing.
<smoser> nacc can probably tell me too
<smoser> and is likely around
<nacc> smoser: something like: `git ubuntu tag; git push pkg upload/<tab appropriately>; <Mark MP as merged>; git ubuntu build-source --sign; cd ..; dput ubuntu <changes file>`
#ubuntu-server 2017-09-13
<fishcooker> anyone here facing the same problem like this http://vpaste.net/t8RvT how to overcome ?
<sarnold> fishcooker: 'reset' or 'stty sane'
<fishcooker> thanks, sarnold. It works... could you explain what happened actually?
<sarnold> fishcooker: terminals are complicated things with decades of history. There's some sequence of output chars that asks terminals to do things like set the title, select text, paste text, or switch to different sets of glyphs
<sarnold> fishcooker: so if you just do something like 'cat /dev/urandom' you never know quite what your terminal will do. some terminals might even execute more or less arbitrary things ..
<sarnold> fishcooker: so if you don't trust the source of data completely you should always run it through less or another program that knows how to sanitize output in a way that the terminals won't go crazy
<fishcooker> so it will be dangerous thing let's say  we just do $ cat a file, sarnold
<sarnold> fishcooker: exactly
<fishcooker> how to nice or renice the program and the sub process executed ... let's say the program have been executed with main process with pid 242945 with all child process like http://vpaste.net/vybhd
<cpaelzer> good morning
<hateball> and to you
<lordievader> Godo morning
<fishcooker> morning sunshine cpaelzer hateball lordievader
<lordievader> Hey fishcooker
<cpaelzer> hiho
<im0nde> Hello, I want to setup a XMPP server on my ubuntu-server instance. Any recommendations on software? I thought about OpenFire but there are no packets in the official repos
<oskaress> Anyone with any experience creating bash scripts? I'm just trying to do a simple bash script that creates a user and sets the password for it. Both the username and password are taken as arguments. Currently the script looks something like this:
<oskaress> USER=$1 PASS=$ adduser $USER echo "$USER:$PASS" | chpasswd
<oskaress> The password does not get set correct, anyone have any ideas why?
<oskaress> I tried :adduser $USER --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password
<oskaress> and it didn't work either
<hateball> im0nde: I personally use OpenFire. While not in repo, they provide deb files that work fine
<hateball> im0nde: Think I followed this guide when I set it up http://www.meestuff.com/install-openfire-ubuntu-16-04-lts-server/
<im0nde> hateball: Thanks, that guide looks good! I'll look into it. Are there any specific reasons why you dismissed the (easier to install) alternatives from the repos?
<hateball> im0nde: They... sucked
<hateball> :D
<im0nde> :D
<hateball> I've tried ejabberd, and jitsi
<hateball> OpenFire "just works" and it has various plugins etc, simple to configure LDAP and so on
<im0nde> hateball: ok, i see
<lordievader> oskaress: I'm starting to think editing the shadow file through the script is easier...
<lordievader> oskaress: Why do you echo the variables into the chpasswd program? And not 'chpasswd "$USER" "$PASS"'?
<im0nde> hateball: I just installed openfire according to that guide, but I dont have a domain. Did you have one or just use the ip adress?
<oskaress> That's what I've read you should do
<hateball> im0nde: I have a domain yes (at work)
<lordievader> oskaress: According to the man page your original method should work.
<lordievader> oskaress: I suppose the PASS=$ is a typo for PASS=$2?
<oskaress> Sorry yes, it should be PASS=$2, but I managed to get it work now somehow, thanks anyway.
<fishcooker> anyone have this same issue to be worried like this http://vpaste.net/vYjxN when do-release-upgrade ?
<TJ-> On 16.04 trying to bring up a bond/trunk/LA consisting of 4 1Gbps ports using ifenslave's ifupdown run-parts scripts, it always fails. Doing it directly using ip link up ${SLAVES}; ifenslave bond0 ${SLAVES} works. Can't find any Debian/Ubuntu bug reports on this; anyone have experience of this?
<fishcooker> is there any option on cli to use default options on every confirmation during do-release-upgrade ?
<dpb1> https://askubuntu.com/questions/250733/can-i-do-a-silent-or-unattended-release-upgrade
<dpb1> tl;dr: yes
<dpb1> (even though fishcooker is no longer with us)
<nacc> stgraber: what's the (if there is a "the") recommended way to interact with lxd in python3? pylxd?
<stgraber> nacc: pylxd most likely, though I don't know what's the state of exec/websocket in there these days. Otherwise, you can always just subprocess to "lxc", that's what autopkgtest does for example.
<nacc> stgraber: yeah, I was planning on doing the latter as it's "easier", but figured I'd check on the former (reading its docs now)
<nacc> stgraber: thanks!
<smoser> nacc, you have a minute ?
<smoser> git-ubuntu process...
<teward> blurgh i keep discovering things that're busted in universe because of old versions >.<
<smoser> oh. never mind, nacc. cpaelzer handled it for me
<smoser> hm..
<nacc> smoser: yeah, i gave a few linens of instructions yesterday
<smoser> cpaelzer,
<nacc> smoser: but i thinkn cpaelzer did it
<smoser> cpaelzer, said "i tagged, pushed"
<smoser> but :
<smoser> git fetch
<smoser> git log pkg/ubuntu/devel
<smoser> still shows 2.0.874-4ubuntu1
<smoser> what am i missing ?
<nacc> smoser: let me check the logs
<nacc> smoser: i'm kicking hte import job, let me see if it sees the upload (it'll take a bit to catch up). You can also import open-iscsi manually (it'll just catch up) if you're impatient
<smoser> nacc, ok. i was thinking that by pushing he pushed that history . but he just pushed a tag
<smoser> which will be identified and verified
<nacc> smoser: right, when the importer sees it
<nacc> now, i do't know why it wasn't seen (it looks like it was published ~9 hours ago)
<nacc> smoser: so i've told the importer to walk back over the last 24 hours
<lucidguy> Hey any openstack folks in the house ....
<lucidguy> nobody is responding in #openstack
<lucidguy> and google
<dpb1> lucidguy: you need to update to xenial
<smoser> nacc, and then...
<smoser>  http://autopkgtest.ubuntu.com/packages/o/open-iscsi
<smoser> that just hasnt run because autopkgtest backup ?
<nacc> smoser: http://autopkgtest.ubuntu.com/running
<nacc> smoser: yeah it's queued
<lucidguy> dpb1: you didnt even hear my problem?
<nacc> lucidguy: i think it was a joke about your nick (lucid being an EOL ubuntu release)
<lucidguy> We are running Mitaka, also no longer supported I belive
<nacc> lucidguy: oh so you actually are on lucid?
<lucidguy> No, 16.04 is Xenial which runs Mitaka
<dpb1> lucidguy: yes, a joke.  you never told your problem so I didn't hear it, no. :)
<lucidguy> OK, our dashboard/horizon is so unpredictable when it comes to performance, sometimes freezes and fails all together.
<dpb1> lucidguy: and yes, Mitaka would be supported by Canonical.
<dpb1> lucidguy: what kind of triage debugging have you done?
<lucidguy> I'm watching loads and all logs I can think of, nothing screams fix me.
<dpb1> s/triage/troubleshooting/
<dpb1> I *think* horizon logs are in /var/log/apache.... ?
<dpb1> tbh, I don't remember that well
<lordcirth_work> lucidguy, glancing at the docs, it seems Horizon uses memcached?  Did you check its logs?
<dpb1> lucidguy: and, kind of a first-starter question.  how did you deploy openstack.
<lucidguy> I actually never deployed it.
<dpb1> conjure-up?  following a doc?
<dpb1> juju?
<lucidguy> I have high level understanding of where things are etc.  No another admin installed it from scratch to my knowledge
<lucidguy> Following docs
<dpb1> which docs
<dpb1> (even if you didn't do it)
<lucidguy> Unfortunately I won't have the answer to most of these questions.
<dpb1> is it a single machine install?
<lucidguy> I guess just common performance related recommendations is good .. looking into memcached
<nwilson5> I know it's ubuntu-server, appropriate to ask here about "sort" arguments here?
<lordcirth_work> nwilson5, seems reasonable to me
<nwilson5> trying to figure out this field-separator for numeric types
<dpb1> nwilson5: as long as it's not a quick vs merge sort debate
<lucidguy> dpbl, no 30+ compute nodes, 2 main nodes running everything minus neutron
<dpb1> lucidguy: ok
<dpb1> lucidguy: and you don't interact with 'juju' command to get to each box or anything
<lucidguy> i do not
<lordcirth_work> nwilson5, so you want sort -t, what sort of separator do you want?
<nwilson5> sorting a csv separated by comma, first column, numerically: "sort --field-separator=',' -n -k1 <file>" does not sort it numerically / correctly.
<nwilson5> "sort --field-separator=',' -n -k1,1 <file>"
<nwilson5> just trying to understand difference between numerical sort for -k1 vs -k1,1
<dpb1> lucidguy: memcached might be involved, depends on how it's deployed.  Also, the working pieces you should look into are mysql (or percona, or whatever the db is), rabbitmq (message queue), disks on each of the controller nodes, and the logs in /var/log/syslog, /var/log/nova*, dmesg, `top` on the controller nodes, etc.
<lucidguy> dpbl1, Ok I'm going to look this all over again, appreciate the assitance, I hope to have a more specific question soon.
 * dpb1 nods
<lucidguy> For troubleshooting purposes can I simply shutdown memcached.service, will that break stuff?
<dpb1> restarting services seems reasonable steps to me, yes
<lucidguy> How about shutdown?
<lordcirth_work> lucidguy, it would probably stop working, but on start it *should* resume properly
<dpb1> right
<lucidguy> what would stop working?
<lordcirth_work> Horizon
<lucidguy> Gotchat
<lordcirth_work> If horizon uses memcached, memcached going away will break it
<lordcirth_work> You might need to restart horizon after bringing memcached back for it to notice
<lucidguy> you mean apache?
<smoser> nwilson5, it seems to generally work http://paste.ubuntu.com/25528925/
<smoser> if you do '-k2,1', i'm not sure what its doing. it does show wierdnesst here
<nwilson5> smoser, it isn't working in a case I'm testing unless I do the -k1,1
<lucidguy> It could be a fluke, but all of a sudden its responding again .. hmm.
<lordcirth_work> nwilson5, If I understand the docs, it's a range, in which case 1,1 seems redundant?
<smoser> oh. i see. you must have to tell it where to stop or it sorts everything by numeric maybe
<nwilson5> if we did LC_ALL=C it then does work
<smoser> lordcirth_work, well end defaults to the last field
<lordcirth_work> nwilson5, oh I see
<smoser> so if yo dont want it to consider the other you do have to put end
<lordcirth_work> Yeah -k1 means from field 1 to end, 1,1 would be only field 1
<nwilson5> oh..
<smoser> nwilson5, fuzzy parts of my brain indicate that i've fought this before
<lordcirth_work> Which you'd think would be default, but ok
<dpb1> smoser: hahah
<nwilson5> so my other columns may be effecting it. when I didn't have any other columns it sorted fine
<lordcirth_work> and 2,1 seems like it'd be backwards, I suspect that's not supported?
<dpb1> and, nacc, thanks for getting my joke.  I was worried for a while.
<lucidguy> dpb1: Using openstack in production?
<dpb1> lucidguy: no, I managed development of the openstack autopilot at canonical.
<lucidguy> dpb1: you should probably say no, once I find out your very knowledgeable with openstack I may start flooing you with questions... hah
 * dpb1 hears alarm bells going off
<lucidguy> Can one purchase support for OpenStack?
<dpb1> lucidguy: ya, we have a better offering now (the autopilot is no longer something we sell).   2 things, let me get you a link
<dpb1> lucidguy: https://www.ubuntu.com/cloud/openstack
<dpb1> lucidguy: that second section, the 'fully managed on prem" option is very well done and popular
<dpb1> lucidguy: honestly, openstack is a PITA to manage. I know from lots of late nights debugging things like you are running into. :/
<lucidguy> dpb1 thanks for the info, does this mean no more questions :)
<dpb1> lucidguy: hah
<lordcirth_work> dpb1, is there a project simpler than openstack that you would recommend for smaller deployments?
<dpb1> lordcirth_work: honestly, lxd is what I go to if I can.
<lordcirth_work> dpb1, yeah, we've got lots of lxd containers, with both host and container managed by SaltStack
<dpb1> but, nothing yet that gives that feeling of a centrally managed set of VMs that would replace openstack.
<lordcirth_work> I'd like seamless migration between hosts so we can bring down a server room without problems
<dpb1> lordcirth_work: kubernetes being an obvious thing to mention as well -- but again, not vms, and a different deployment strategy entirely
<dpb1> lordcirth_work: ya, openstack can get you there, not without expert knowledge though.
<lordcirth_work> Meanwhile I'm going the alternate route of making things HA so we can just shut down a room instead of migrate.
<lordcirth_work> Even better, when the service lends itself to HA
<cpaelzer> smoser: it will get what you look on import
<cpaelzer> smoser: but there is pkg/upload/2.0.874-4ubuntu2 already
<cpaelzer> smoser: which is what the importer will find then
<cpaelzer> smoser: 11 hours ago https://git.launchpad.net/~usd-import-team/ubuntu/+source/open-iscsi
<smoser> cpaelzer, right. thanks.
<smoser> that wasnt there 30 minutes ago
<nacc> smoser: the upload tag is unrnelated to the import tag (yet)
<nacc> smoser: so i think it was there before (not 100%, i didnt' look)
<rh10> guys, im truing to create repo mirror (ubuntu 16) apt-mirror said me "169.4 GiB will be downloaded into archive." is it real size of ubuntu mirror? x64.
<rh10> can i slightly reduce size of repo?
<rh10> *trying, sorry for typo
<RoyK> rh10: I seriously doubt you can reduce the mirror size without losing anything
<lordcirth_work> rh10, that seems pretty normal.
<rh10> RoyK, lordcirth_work got it, thanks
<lordcirth_work> Maybe you could drop older versions of packages?
<nacc> rh10: why are you creating a repo mirror? could you just setup a local cache instead?
<nacc> rh10: e.g, with squid or something?
<lordcirth_work> And yeah, a caching proxy sounds better
<nacc> if size is a concern, i mean
<lordcirth_work> squid-deb-proxy is a very nice tool
<dpb1> +1 for squid.
<rh10> nacc, local cache will be caching only packages i installed using apt?
<lordcirth_work> rh10, no, a network caching proxy
<rh10> lordcirth_work, i've never heard of it. thanks.
<lordcirth_work> rh10, so you set all of your machines to download through it, and it acts as a shared cache
<dpb1> rh10: btw, this is prior art you should use if you really want or need a full mirror: https://insights.ubuntu.com/2017/08/31/running-an-ubuntu-mirror-with-juju/ -- will save you a bunch of time
<rh10> dpb1, tnanks a lot
<nacc> rh10: it depends on your configuration, obviously, but basically, you have all apt traffic run through your proxy and then the proxy will just cache all acceses (following config rules)
<dpb1> but, for most networks, a caching proxy is a superior use of your time and resources.
<lordcirth_work> rh10, https://www.garron.me/en/blog/ubuntu-deb-proxy-cache.html
<nacc> rh10: the goal being that actually used packages get cached
<nacc> rh10: and a mirror is costly to maintainn (IMO)
<dpb1> rh10: the guy that wrote that actually got intrested in it after spending a year in africa, where it was essential for his ISP to mirror things. :)
<rh10> dpb1, article said "Itâs very big. The whole Ubuntu archive (for amd64 and i386) sits at around 2.5Tb" - is it size with sources? apt-mirror show me only 169 GB for x64. just interesting
<nacc> smoser: fyi, open-iscsi should be udpated now
<lordcirth_work> rh10, that's x64 and i386, binary and source, and probably older packages too
<rh10> lordcirth_work, got it, thanks
<lordcirth_work> We have a 15TB mirror here, but we are a large institution and one of the public mirrors
<rh10> lordcirth_work, interesting. why so large? different versions of distro and x64, i386 and sources?
<sarnold> rh10: that 2.5 Tb probably includes ports
<lordcirth_work> rh10, sorry it's not just Ubuntu: http://mirror.csclub.uwaterloo.ca/  Ubuntu is 1.2TB apparently
<sarnold> here's my own local mirror setup http://paste.ubuntu.com/25529365/
<sarnold> (the unpacked trees are _stale_ by a looong way but shouldn't be wrong by more than 50%..)
<teward> lordcirth_work: in total, or just a specific release?
<lordcirth_work> teward, precise -> zesty apparently
<rh10> sarnold, got it
<teward> lordcirth_work: you able to get me the size for just Xenial, maybe?  (if possible)
<lordcirth_work> But again we do that mostly to be a public mirror, not just for ourselves
<sarnold> folks who do rsync mirrors aren't in a great position to report on sizes for just specific releases
<teward> lordcirth_work: oh definitely, sorry to ask for additional data such as public mirror, etc. but i'm trying to find things :P
<sarnold> it's really difficult to tell which packages belong to which releases
 * teward wants to stand up a mirror just for Xenial locally xD
<sarnold> teward: rh10 reported ~170 gigs when he or she joined. if you've got a 500 gig drive that'd probably be enough.
<lordcirth_work> But really, if you have an internet connection, use a caching proxy
<teward> sarnold: how's a 750gig vhd on a 10TB datastore for a VM :P
<sarnold> teward: ought to sufficefor xenial amd64 + i386 :)
<lordcirth_work> Running your own mirror will take more bandwidth than caching, and maybe even more than just downloading, if you don't have a huge number of systems.
<sarnold> caching proxy is definitely wa easier to configure than picking-and-choosingw what parts of the archive you want to mirror
<teward> lordcirth_work: 26 systems and counting :P
<teward> i could probably set up a caching proxy though
 * teward shrugs
<teward> sorry to derail :)
<teward> now where's ScottK, he needs to update his universe package to actually work with Python3...
<teward> s/his universe/this universe/
<lordcirth_work> teward, unless they are vastly different than each other, you'll use the same ~20GB of packages and be syncing the other 150GB forever and never use them
<teward> 45GB but same difference :P
 * teward has a few crazy servers :P
<rh10> lordcirth_work, just interesting, which data storages are use to keep 15 TB data?
<lordcirth_work> rh10, we've just moved to Ceph
<lordcirth_work> >200TB free XD
<rh10> lordcirth_work, tnanks.
<lordcirth_work> But if you wanted to store that much, I'd say ZFS.  Our Ceph is actually on top of ZFS.
<rh10> lordcirth_work, ubuntu distros on servers?
<lordcirth_work> rh10, yup, 16.04
<rh10> lordcirth_work, tnanks for answers.
<lordcirth_work> Although we had to add a more recent ZFS for Ceph to work with it
<sarnold> lordcirth_work: ooh, why did you need to update your zfs?
<lordcirth_work> sarnold, Ceph requires support for some fancy attributes to store metadata.  Otherwise it runs slow.  Also you have change some Ceph config so that it knows to use those attributes; it only autodetects xfs and btrfs.
<sarnold> lordcirth_work: i've wondered before if using zfs as underlying storage would make ceph way happier or way angrier.. letting zfs handle local disk failure and bitrot sounds way nicer than stressing the whole ceph cluster .. but ceph folks said they very much prefer xfs for simple high-throughput no-features storage..
<sarnold> lordcirth_work: posix-sa attrs or similar? or something else?
<lordcirth_work> sarnold, "ceph folks" haven't gotten around to implementing end-to-end checksumming, so they can deal with it :P
<sarnold> lordcirth_work: yeah. I'd rather every read be checksummed.. heh.
<lordcirth_work> sarnold, https://gist.github.com/lordcirth/884c37b93810340e507a42d420fddbe7
<sarnold> lordcirth_work: aha! :D thanks
<lordcirth_work> But you *must* have ZFS > 0.7 or presumably bad things happen!
<sarnold> previously xattrs all incurred additional seeks+reads -- the posix sa-attr stuff in 0.6 'inlined' very short xattrs
<sarnold> so if ceph used xattrs often, that'd be a huge number of additional seeks and reads
<lordcirth_work> sarnold, that sounds right.  I wasn't actually closely involved with that part of the project.
<sarnold> as it is I'm just using raw zfs on my one machine; it'd benefit greatly from ABD and compressed arc, so I'd love to see .7 backported to 16.04 LTS .. but that'd be difficult to do well, and I'm not sure I'm up for doing the upgrade myself, I'm just so very lazy.
<lordcirth_work> sarnold, https://launchpad.net/~jonathonf/+archive/ubuntu/zfs
<sarnold> also very paranoid :) hehe
<rh10> guys, how do you think, is it real to test Ceph in local virtual env? for learning purposes.
<sarnold> rh10: testing it in a few VMs sounds like a great way toget some experience with it, but I understand it -really- prefers to live directly on unvirtualized hardware in production
<rh10> sarnold, ok got it.
<lordcirth_work> rh10, you can test configuring it and breaking it fine, but of course performance numbers will be useless
<rh10> lordcirth_work, i understand about perf. it's just for learn
<RoyK> does ceph support anything like raid[56]?
<sarnold> RoyK: yeah; it's far more flexible than that, more flexible even than raidz1/raidz2/raidz3 -- take a look at the erasure coded pool sectiohn of http://docs.ceph.com/docs/master/rados/operations/crush-map/
<sarnold> RoyK: you can specify which 'level's of the network are how redundant, so you can keep 'resilvering' kinds of things to individual racks or rows or AZs or datacenters
<RoyK> last time I looked at it, it was raid1 only (or raid 1+0)
<RoyK> sarnold: damn - ceph supports tiered storage too?
<sarnold> RoyK: yeah
<RoyK> I'll have to read up on ceph - fancy :D
<RoyK> sarnold: erm - is this really tiering or is it just caching?
<sarnold> RoyK: hrm. It smelled like tiering to me ..
<RoyK> didn't look that way in the docs
<lordcirth_work> Anyone using an SIEM / have an opinion on what to use?
#ubuntu-server 2017-09-14
<cpaelzer> good morning
<RageLtMan> is autopilot/landscape getting deprecated? conjure-up seems to have dropped support for it
<stokachu> RageLtMan: Autopilot is transitioning to conjure-up. This is due to the greater flexibility provided by conjure-up and the integration of additional products such as Kubernetes alongside OpenStack.
<rh10> guys, is there packages with full official docs and wiki? help.ubuntu.com and wiki. for offline usage
<nilay> Any Ubuntu server dev here? I need small help in finding packages that come with the Ubuntu server edition. I found a link for 16.04 package list https://packages.ubuntu.com/xenial/allpackages but not sure if all of them are part of server edition.
<andol> nilay: Are you asking about packages being availible or packages being installed as the default install?
<nacc> nilay: ubuntu is ubuntu (server and desktop are just differnt default pakcages)
<lordcirth_work> Well, desktop install contains some unpackaged files, I think?
<nacc> lordcirth_work: i don't believe that's true, or i don't understand what you mean
<lordcirth_work> nacc, I could be wrong.  I do know that just installing ubuntu-desktop package on server will not get you everything in an Ubuntu Desktop install.
<nilay> packages that get installed by default in server edition
<nilay> sorry for unclear query @andol
<powersj> You should read about the seed's, which are the list of pkgs that determine what go into desktop versus server
<powersj> https://wiki.ubuntu.com/SeedManagement
<nacc> lordcirth_work: ah yes, there are bits and pieces of glue (but also that might imply bugs in the ubuntu-desktop metapackage)
<nacc> lordcirth_work: those bits and pieces of glue are in packages still
<sarnold> nilay: the ubuntu-dev-tools package has the seeded-in-ubuntu tool which can answer those kinds of questions
<rh10> guys, which more truly way to create share disk among linux (ubuntu) systems? samsa as i know mostly for windows os compatible
<nacc> rh10: "more truly"?
<rh10> nacc, more native or so on?
<rh10> samba* sorry for typo
<nacc> rh10: nfs
<nacc> but good luck setting it up :)
<rh10> nacc, why?:) mostly i need shared files for 3-4 machines
<nacc> rh10: why what?
<rh10> nacc, why goo luck? :) is it difficult or buggy?
<rh10> good*
<nacc> rh10: it can be difficult to get right
<rh10> new keyboard
<rh10> nacc, what are the alternatives? :)
<nacc> rh10: run a SAN, buy a NAS, setup NFS, setup Samba
<rh10> nacc, got it:)
<rh10> i thought maybe something like webdav or so on exists
<nacc> why would you ever setup webdav to share files between 3 or 4 machines
<sarnold> you'll probably hate nfs the least but it does require getting userids exactly the same on all machines
<nacc> rh10: alternatively, use sshfs?
<rh10> nacc, dont know, just finding possible options
<rh10> sarnold, got it, tnanks for info
<rh10> nacc, probably yes. i've forgot about it :)
<sarnold> sshfs is tolerable enough for small stuff
<lordcirth_work> sshfs is pretty good these days
<lordcirth_work> Not sure how well it handles multiple clients, but for 1 it's fast.
<rh10> tnanks for answers guys!
 * dpb1 uses samba, it's kindof... lowest common denominator
<compdoc> samba is awesome goodness
<nacc> sarnold: yeah, i figured with only 3 clients (total of 4 computers)
<RoyK> rh10: well, the manuals are there - the wiki I don't know
<hehehe_off> https://github.com/alibaba/tengine
<hehehe_off> sarnold u seen it?
<lordcirth_work> hehehe_off, I wonder why they forked, instead of contributing to nginx?
<hehehe_off> no idea - just saw it
<tomreyn> i tried to clean up https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1667113 a little, but would appreciate someone with a better bug triage understanding to fix it up more.
<ubottu> Launchpad bug 1667113 in accountsservice (Ubuntu) "System users appears in Ligthdm and user switcher (Accountsservice has no filter for shell types)" [High,Confirmed]
<sarnold> hehehe_off: no, I haven't seen this before
<sarnold> lordcirth_work: I'm going to guess it's a bit of nationalism; we've seen before a desire for chinese companies to have less reliance upon 'outside' forces, whatever they may be..
<sarnold> pity they don't say what specifically they added vs nginx
<Arroyo1010> Hello! I'm looking to see if the process used in the mysterious "Cloud Image Build System" is publicly available anywhere. It was hinted to me that this channel is the right place to ask.
<Arroyo1010> Use case: add to Chef's "bento" project so the resulting Ubuntu images are more up-to-spec to upstream "cloud" variants
<sarnold> Arroyo1010: indeed, but it's a bit late for europeans and pushing it for north americans..
#ubuntu-server 2017-09-15
<Arroyo1010> hehe, I'm europe based, too :)
<Arroyo1010> But I'm an owl
<sarnold> indeed :)
<Arroyo1010> I'm actually making some progress. Turns out that the qemu "builder" in packer supports .img format. Now I need to figure out how to ingest the public key, etc
<Arroyo1010> And, of course, I'm using the official Ubuntu cloud .img for that
<lordievader> Good morning
<ubernets> I have a Ubuntu 16.04 server, df -Th / shows 1.6 GB available space, there is only one partition in /etc/fstab . However I keep running into disk full errors from various programs. apt-get upgrade, apt-get autoremove, apt-get install, apt-get -f install show disk full and sometimes resulting dependency error. git pull also shows a disk full error message. Any idea what could be causing these errors even though the disk h
<ubernets> as 1.6 GB free space. I have rebooted the server twice already, still the same issues. Here is an output of df -h http://paste.ubuntu.com/25538619/ . And here is a failed apt-get upgrade showing the error message http://paste.ubuntu.com/25538626/ .
<lordievader> ubernets: I'd do a watch on the df command while running the upgrade. Perhaps apt is downloading so much as to fill the disk.
<ubernets> lordievader, I will look into that, but it happened with the git pull too. So I am skeptical that that's the cause
<lordievader> True. It makes for a strange issue.
<lordievader> Can you make files yourself still? Or does that too throw an error?
<ubernets> Checking
<ubernets> lordievader, Yea I created a very small text file. It didn't throw an error
<lordievader> Hmm, strange problem.
<ubernets> lordievader, it gets stranger. I typed a rm command for the file and while using tab completion for the file name I got this error message: rm test-bash: cannot create temp file for here-document: No space left on device
<ubernets> lordievader, the file was named test.txt. So there seems to be a problem with the /tmp folder ?
<lordievader> ubernets: I saw multiple folders in the apt output complaining.
<ubernets> I typed tab completion after typing test
<lordievader> What kind of filesystem is on xvda1?
<ubernets> rm test<tab>, then it completed to "rm test-bash: cannot create temp file for here-document: No space left on device"
<ubernets> I think ext4 , double checking
<ubernets> Yes ext4
<lordievader> Are you able to reboot the server?
<ubernets> Yes I rebooted it twice
<lordievader> ubernets: What does 'du -hs /' report?
<lordievader> Around 7.8G of usage?
<ubernets> one sec
<ubernets> lordievader, running the command now, it takes some time to complete
<lordievader> I'm sure it will.
<ubernets> lordievader, here is the output http://paste.ubuntu.com/25538754/
<lordievader> Hmm, unless that /var/lib/lxcfs folder is ~1.5G this seems fine.
<ubernets> Why is access denied to root?
<lordievader> Good question. I wouldn't be suprised if AppArmor has something to do with it.
<ubernets> lordievader, I want to show you something. THe files from the last paste have question marks for instead of permission flags
<ubernets> lordievader, http://paste.ubuntu.com/25538796/
<lordievader> That means you are not allowed to read the metadata from it.
<lordievader> Now that I think about it, might also be a userspace mount. Sshfs mounts can result in this.
<lordievader> Anyhow, I'd start cleaning up or extending the disk.
<ubernets> more /etc/fstab : LABEL=cloudimg-rootfs	/	 ext4	defaults,discard	0 0
<ubernets> How should I clean it up?
<ubernets> You mean just keep deleting more files?
<lordievader> In a sane way, yes.
<lordievader> Remove packages you don't need, etc.
<ubernets> lordievader, I think someone is bruteforcing the server and it fills up the auth and bmtp logs
<lordievader> Why do you think that?
<ubernets> tail -f auth.log keeps showing up these kinds of messages : Failed password for root from 121.18.238.106 port 59927 ssh2
<ubernets> IP address from China
<ubernets> btmp.log tripled in size in last few minutes
<lordievader> Public ip?
<lordievader> If so, configure fail2ban or something similar.
<ubernets> lordievader, it's an ec2 instance and there are only 3 inbound ports allowed in the security group, but I see a lot of ssh2 attempts on all kinds of ports logged into auth.log .
<lordievader> Ofcourse, if port 22 is publically accessible you get login attempts.
<ubernets> THe attempts are made on ports like 59927 . See above
<ubernets> Oh my bad
<ubernets> it's the from port
<cpaelzer> jamespage: does UCA publish debug symbols as well?
<cpaelzer> I tried to fetch them as I'd do on a "normal" ppa, but that didn't work yet
<fishcooker> i've download http://releases.ubuntu.com/16.04/ubuntu-16.04.3-server-i386.iso then create the usblive with startup disk creator.. and the result is always failed
<fishcooker> isolinux.bin missing or corrupt
<lordievader> fishcooker: Uefi or bios?
<fishcooker> bios
<fishcooker> will dd the image directly will solve the problem lordievader
<lordievader> Bios is usually trouble free. You might try unetbootin. I'd leave the dd option as a last resort.
<fishcooker> thanks for unetbootin lordievader, noted for the dd
<fishcooker> i have dell server with 6 slots hard disk; with 2 sas disk 70GB then 2 disks 1TB, 2 slot will used as raid-1 for 2 sas disks what should i do with the rests resource ... let's say on the future i want to add 2 disk for the rest slot available should i go with lvm?
<Adillian> Morning all. I just installed ubuntu-server and I can't connect to my lan let alone wifi. ifconfig has 'lo' with Local Loopback, and
<Adillian> ..and virbr0 with link encap:ethernet
<Adillian> any ideas what I can try or where I can find relevant documentation?
<Adillian> never mind, fixed it
<lordievader> fishcooker: Concerning your question about lvm. It does sounds like you could benefit from using lvm.
<lordievader> Adding/removing disks is quite simple in lvm.
<ilmaisin> hello
<ilmaisin> can apparmor do following: let's say we have a port in the unprivileged range and we want only one user to be able to bind it
<sdeziel> ilmaisin: no
<disposable2> is there anything like bcache but in RAM? i don't care about data loss during power failure, this is for Ceph, data is replicated on other nodes. ideally i'd like something tiered (ram -> nvme ssd -> slow spinning disks).
<JanC> disposable2: you can have memory-backed block devices; not sure how is currently the best for what you want to do though
<rh10> guys, go language suitable for system automation tasks? one employer require it
<rh10> is it real write such king of things with go lang instead bash or python?
<rh10> kind*
<JanC> although I guess something bcache-like could be more optimized than having the extra layer
<ScottyAtHome> what FS are people using for a RAID1 type system 16.04 server. tried BTRFS but it is a bit too faffy and difficult to get working when testing raid1 issues, has anyone else had those issues?
<nacc> rh10: you certainly can
<rh10> nacc, thanks
<sdeziel> ScottyAtHome: ZFS works pretty well on 16.04
<dpb1> ScottyAtHome: you are running software raid?  mdraid?
<JanC> I know people who write system automation "scripts" in C  ;)
<nacc> JanC: indeed :)
<JanC> ScottyAtHome: you can also use ZFS, or layered software raid + whatever filesystem you want
<ScottyAtHome> sdeziel: might try it, how you finding it?
<ScottyAtHome> dpb1: i am running the BTRFS raid, bit of a pain to get working when the root is on it and you are booting initramfs to get it back up on degraded
<sdeziel> ScottyAtHome: I use it on all my physical machines
<dpb1> ScottyAtHome: personally, I prefer zfs, or traditional raid + ext4.
<ScottyAtHome> JanC: have you used ZFS? if so how have you found it?
<JanC> I have ZFS in one system, but not using mirroring
<sdeziel> I have not tried a root on ZFS though, for that I stick to mdraid + ext4
<ScottyAtHome> sdeziel: I use BTRFS on my desktop & laptop, but this is the first time of having it on a server in raid1 and it is a pain. How you find the raid1 or which ever raid you use when testing fro failures?
<sdeziel> ScottyAtHome: mirroring on ZFS works really well, done many rebuilds, lost many drives but 0 data :)
<ScottyAtHome> sdeziel: thattttt sounds like a sensible idea
<JanC> ZFS might have the same issue: you're not used to it (yet)  :)
<ScottyAtHome> JanC: true. it was BTRFS when I had to start updating Grub stuff to just get it to accept degraded I thought this is no good for ssh ing into to sort
<ScottyAtHome> Does anyone know where LXD containers are kept? as I want to keep the containers on an easily adjustable FS
<sdeziel> ScottyAtHome: when you'd install LXD, it will ask you if you want to create a zpool for it's storage
<rh10> nacc, quiestion, how handy is it? write in go. probably there is a lot of useful libs in that case
<ScottyAtHome> sdeziel: that sounds better.  Whe you have had a degraded raid with ZFS will the system still boot? is the unbroken drive/s still usable?
<nacc> rh10: probably better asked in a go channel
<nacc> rh10: not sure what you mean, anyways
<rh10> nacc, you're right
<sdeziel> ScottyAtHome: my bootup doesn't depend on ZFS as my root FS is on md+ext4. That said, ZFS mounted what remained of the pool and was still usable
<dpb1> ScottyAtHome: yes, filesystems can be mounted degraded.
<sdeziel> ScottyAtHome: then when I replaced the faulty drive, rebuilding (resilver) was fast as it only rebuilds the data, not the full disk like md does
<ScottyAtHome> dpb1: automatically or manually? I want one that    is automatic so I can ssh in to sort the problem out.
<ScottyAtHome> sdeziel: thanks for the info, that is useful.  Glad I have come on here to ask as it is quicker than it has been testing the system out.
<sdeziel> np
<disposable2> ScottyAtHome: I always use ZFS for everything but /. No support for zfs in grub-efi and no installer support force me to use btrfs for /. Only once did i have an unbootable system after a powercut, so i had to boot up from usb disk and run "btrfs check" or something similar against my /. After that, grub would boot it up again.
<disposable2> ScottyAtHome: one day, we'll have solaris-style boot environments (whether it's with btrfs or zfs, i don't care) and we'll all live happily ever after.
<ScottyAtHome> disposable2: when I have been testing BTRFS it gets stuck at boot and goes into intitramfs, were you able get around this? I need the server to be remotely accessed to sort out the issues.
<ScottyAtHome> disposable2: lol, what were solaris style boot environments?
<disposable2> ScottyAtHome: unless you've taken a picture of the screen while it was stuck in initramfs, i don't have an answer for you. i've only ever had that 1 problem with btrfs and resolved it within 5 minutes.
<disposable2> ScottyAtHome: Boot Environments are FS snapshots you can boot into if your system gets broken after an update. this has saved my neck countless times. on solaris, BEs were presented in grub as options you could boot into.
<disposable2> ScottyAtHome: when it's properly integrated, a new boot environment is automatically created after something like 'apt upgrade'.
<disposable2> ScottyAtHome: of before
<disposable2> OR before
<JanC> disposable2: do you mean snapshot-based?
<disposable2> JanC: yes, but with good integration with grub and package manager.
<JanC> ('apt-btrfs-snapshot' already exists)
<ScottyAtHome> disposable2: is your / on raid?
<disposable2> JanC: does it automatically create a new entry in grub that you have to confirm as valid (after a boot) or it will automatically rollback to last confirmed-as-working?
<disposable2> JanC: it's the overall system integration that makes BEs useful.
<JanC> I assume there are distros which implement this, but I doubt it's well-tested enough to be used by default in a major distro
<JanC> (IMO btrfs isn't ready to be used by default either)
<ScottyAtHome> JanC: i don't know what else is though with all the features BTRFS brings. I understand ZFS might be closer but the licensing is a bit dodgey
<disposable2> JanC: i had to stop using btrfs for anything other than / when i discovered it's quickly degrading performance with many snapshots/clones.
<disposable2> s/it's/its
<JanC> that's one issue, but I was thinking about getting all edge case data loss bugs fixed  :)
<JanC> bcachefs might also become useful at some point
<JanC> and who knows, maybe HammerFS one day...
<JanC> but OpenZFS is probably the only core filesystem code base that is really mature right now...
<ScottyAtHome> JanC: Thanks for the information.
<JanC> (outside the legacy ones like XFS & ext4, of course)
<JanC> ScottyAtHome: all just my opinion, of course  :)
<ScottyAtHome> JanC: but sounds like experienced opinion.
<JanC> not really that experienced, but based on experiences from others I read
<ScottyAtHome> JanC: would you use ZFS for root?
<JanC> I have no experience with that
<JanC> also, would depend for what (probably not for an important server)
<ScottyAtHome> what would you use for an important server?
<JanC> it would really depend, and you probably want to ask someone who's actually running lots of important servers  :)
<nacc> on some level, the fs is a little less relevant for an 'important server', the hardware and backup story is probably the higher priority
<nacc> now, some fs give you the backup story
<nacc> but, honestly, i'd expect most 'important servers' to run the "legacy" (funny word that) fs that JanC mentioned
<nacc> as they have been around and are "known stable"
<nacc> ZFS is too new to really be on those long-running machines, IMO
<JanC> nacc: by "legacy" I meant "traditional" filesystems, without integrated snapshots, raid, etc.
<nacc> JanC: i know :)
<nacc> JanC: just not heard of ext4 called that
<JanC> and ZFS isn't really new
<JanC> it's just new on linux  :)
<nacc> right, sorry, i meant in the context of this channel
<JanC> but the core code base is the same (it's mostly not a re-implementation)
<nacc> JanC: yeah, that's my understanding too
<JanC> so most of the code base is well-tested and has seen quite a bit of real-world use
<hehehe_off> :)
<hehehe_off> why such quiet channel
<hehehe_off> :D
<cliluw> What does disabling a user account do? Does it just prevent logins to that account?
<lordcirth_work> cliluw, it prevents password logins - ssh keys can still get it
<lordcirth_work> in*.  All --lock does is prepend '!!' to the password hash so it can't be matched.
<cliluw> lordcirth_work: I think you're talking about disabled password. I'm thinking about disabled /account/.
<lordcirth_work> cliluw, well then you'll need to be more specific about what you mean by disabling an account.  What command are you running?
<cliluw> lordcirth_work: usermod --expiredate 1
<lordcirth_work> cliluw, that ought to keep them out, but I haven't needed to use it myself.  You can always delete the account, though you'd need to be careful of uid's.
#ubuntu-server 2017-09-16
<ironhalik> Hello
<ironhalik> got a small issue with xenial server, and dont really know where to start debugging it
<ironhalik> most of my log files in /var/log are empty and not logged to, except the ones rotated by logrotate
<ironhalik> ie. haproxy.log is empty, while haproxy.log.1 is actively written to
<ironhalik> rsyslog is configured to log to haproxy.log, and logrotate uses default config
<k_sze_> Does unattended-upgrade refrain from automatically rebooting if it can't send mail notification?
<ikonia> I don't believe so
<ikonia> I believe mail notifications is just a "bonus" feature, nothing has a hard depend on it
<ikonia> I could be wrong,
<ikonia> I certainly have used it without an MTA being defined and never had a problem
<k_sze_> I somehow don't get automatic reboots. :(
<ikonia> isn't it an option you have to enable ?
<ikonia> (I don't know if it's on by default)
<ikonia> I'm working from memory and I think there was an option to enable auto reboot
<k_sze_> There is, and I have enabled it in the config.
<ikonia> is the upgrade not acutally completing perhaps ?
<ikonia>  do the logs show a sucessful upgrade ?
<k_sze_> Which log should I look at? If I ssh into the server, I see the message "*** System restart required ***"
<ikonia> interesting so that suggests it knows it needs the resetart but doesn't execute it
<k_sze_> But the /var/run/reboot-required file is quite old.
<ikonia> there should be an upgrade log
<ikonia> is the /var/run/reboot-required file actually overwritable ?
<ikonia> try removing it and re-running the upgrade
<k_sze_> It is overwritable
<ikonia> then why isn't it being overwriteable
<ikonia> I wonder...does it need a reboot before it can start ?
<ikonia> has the upgrade actually happened, or is it the prep thats failing
<ikonia> (if you say the reboot-required file is old)
<k_sze_> Well, the reboot-required is dated Sept 3
<k_sze_> this month
<ikonia> when did you run the upgrade ?
<k_sze_> You mean the last time I ran updates manually?
<k_sze_> what the....
<k_sze_> if I run `unattended-upgrade -v -d` manually in the terminal as root, it *does* reboot.
<k_sze_> But I still don't get an e-mail notification. :(
<k_sze_> Even though I know that root's .mailrc works. I *have* tried to send a test message using s-nail.
<tomreyn> does it run as root, though?
<k_sze_> tomreyn: erm... why would it not run as root?
<k_sze_> Actually, how does unattended-upgrade get run on Xenial server?
<k_sze_> Using a systemd timer?
<tomreyn> according to /etc/cron.daily/apt-compat that's how
<tomreyn> systemctl list-timers lists apt-daily.timer and apt-daily-upgrade.timer. i thinkt he former is what triggers u-u
<hallyn> cpaelzer: rbasak: ok this is funky.  With zesty and artful vms, using uvtool...  I usually pass in a --run-script-once which does som eupdating and then a reboot (then writes over nc to a socket to tell me script it's ready).
<hallyn> but with zesty and beyond, the vm hangs on reboot until i do a virsh console.  as soon as i do that, it proceeds.  wtf?
#ubuntu-server 2017-09-17
<pankaj> What is the use of Netbios service running on linux?
<ikonia> to interact with other netbios name based systems
<gunix> how come maxscale is not within the debian/ubuntu repositories? it seems to be the best load balancing solution for Galera Cluster
<tomreyn> maybe due to its license https://github.com/mariadb-corporation/MaxScale/blob/2.1/COPYRIGHT
<rbasak> hallyn: sounds like a systemd or cloud image problem perhaps?
<rbasak> hallyn: if reproducible, please file a bug.
<hallyn> rbasak: ok.  100% reproducible
#ubuntu-server 2018-09-10
<RoyK> the graph at the bottom of https://cilium.io/blog/2018/04/17/why-is-the-kernel-community-replacing-iptables/ tells me bpfilter is a wee bit faster ;)
<trippeh_> until there is anything actually working, I woulnt place much trust in that graph.
<RoyK> nah
<RoyK> but it looks promising, though
<trippeh_> also features (eg feature-parity) ends up slowing things down ;)
<trippeh_> BPF also took quite a hit with Spectre
<RoyK> heh
<trippeh_> (of course that is hopefully temporary)
<RoyK> bugs come and go
<Hell-Razor> Hey fellas, quick question -- wastomcat removed from the server repos?
<Hell-Razor> tomca7
<RoyK> ,v wastomcat
 * RoyK thought he was at #debian 
<Hell-Razor> Sorry I dont know why I cant type tonight - was tomcat7 removed from the repos
<Hell-Razor> RoyK its for school,
<RoyK> !tomcat
<trippeh_> Hell-Razor: seems to be available on Ubuntu 16.04
<Hell-Razor> Ah maybe I am just running the wrong version
<RoyK> seems tomcat8 is in 18.04
<trippeh_> "wrong" as in newer Ubuntu versions only ship tomcat8
<Hell-Razor> apt search tomcat brings up nothing
<RoyK> Hell-Razor: have you enabled universe/multiverse?
<RoyK> iirc there's a bug with those repos not being enabled after installation, only main
<Hell-Razor> How would I do that?
<RoyK> Hell-Razor: check /etc/apt/sources.list
<Hell-Razor> Ill just reinstall. School wants tomcat7 installed. Were probably going to break whats patched in 8
<Hell-Razor> install 16.04*
<RoyK> no need to reinstall
<RoyK> just find a repo
<Hell-Razor> Will do
<trippeh_> RoyK: I'm hoping bpfilter will make my skill of hand optimizing iptables rulesets obsolete
<RoyK> trippeh_: hehe
<lordievader> Good morning
<zioproto> hello, I have a problem with git://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/neutron today, it is super slow
<zioproto> is there any known problem in the infrastructure ?
<zioproto> pinging coreycb and jamespage ;)
<zioproto> I am chasing a Neutron Ocata bug... trying to build Xenial packages today. If I fix it I will send a merge request on LP
<zioproto> The bug is already fixed back to Pike. I am talking about https://bugs.launchpad.net/neutron/+bug/1628455
<ubottu> Launchpad bug 1628455 in neutron "openvswitch native bridge implementation redefines delete_flows with a different signature" [Medium,Fix released]
<zioproto> it will take a while like this:
<zioproto> https://www.irccloud.com/pastebin/4kGmkJfy/
<zioproto> is it normal that commands like:
<zioproto> debcheckout --git-track='*' neutron
<zioproto> dont work anymore ? I even upgraded to Bionic my building server because I thought that was the problem
<zioproto> coreycb: are you around ? I am having an hard time with pristine-tar and neutron_10.0.7.orig.tar.gz
<jamespage> zioproto: hey - not sure let me look
<zioproto> so it looks like a generic problem with pristine-tar and xdelta3
<zioproto> I moved to bionic
<zioproto> I should correct versions for pristine-tar tar and xdelta3
<zioproto> I have tar 1.29b-2 pristine-tar 1.42
<zioproto> xdelta3 3.0.11-dfsg-1ubuntu1
<zioproto> https://www.irccloud.com/pastebin/1X9w6Sbk/
<zioproto> I am actually not able to checkout any tarball
<zioproto> I tried with master
<zioproto> I have the same problem. Now I am working in branch stable/ocata
<zioproto> I cloned the neutron repo from git://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/neutron
<zioproto> steps to reproduce:
<zioproto> pristine-tar -v checkout neutron_10.0.7.orig.tar.gz
<zioproto> jamespage: when you have time tell me if you can reproduce the bug
<jamespage> zioproto: ok - still in my pj's atm
<zioproto> I was able to download the file with 'pull-uca-source neutron ocata'
<jamespage> will take a look later
<zioproto> OK, I found a workaround, but this should be checked if it is a bug or not, Thanks
<jamespage> zioproto: not sure if its my hotel wifi connection or not but a git pull is slow
<zioproto> jamespage: yes, read the IRC history. Today is damn slow, I was complaining about it earlier
<jamespage> zioproto: I'm not able to reproduce your pristine-tar/checkout issue for 10.0.7
<jamespage> gbp buildpackage -S -d dtrt
<zioproto> are you on Bionic ?
<zioproto> may I ask you the versions of your pristine-tar tool ?
<jamespage> zioproto: cosmic - I can check on bionic as well
<jamespage> 1.44 of pristine-tar
<zioproto> I have 1.42
<zioproto> could be that, but Bionic ships 1.42
<jamespage> I doubt it
<jamespage> alot of other people would be shouting as well!
<zioproto> I will try to upgrade pristine-tar later
<zioproto> for now I fixed it with
<zioproto> gbp buildpackage -S -us -uc --git-tarball-dir=../sandbox/
<zioproto> and downloading the file with the command: pull-uca-source neutron ocata
<jamespage> zioproto: git slowness is a know issue - canonical-is investigating
<Ussat> question about an upgrade from 16.04LTS --> 18.04LTS   http://pastebin.centos.org/1787581/
<JanC> Ussat: yes, it disables third part repositories during upgrade (because otherwise it would be unpredictable)
<JanC> third party*
<JanC> you can re-enable it afterwards; possibly check if the same or another repository is needed for 16.04 & 18.04 (in this case it might be the same?)
<JanC> you can leave the .distUpgrade file, or you can remove it, doesn't really matter AFAIK...
<Ussat> Thanks
<zioproto> jamespage: I manage to fixed. It was the tar package that had a problem
<zioproto> Unpacking tar (1.30+dfsg-2) over (1.29b-2) ...
<zioproto> I installed the cosmic package manually over the bionic package
<zioproto> and now pristine-tar works
<zioproto> I also upgraded pristine-tar from cosmic, but that alone did not fix it
<zioproto> should I fill a bug somewhere ?
<zioproto> can anyone reproduce this ?
<Conqueror> Hello, I'm try to do basic PoC for stable and robust openstack environment. I can't decide the exact version of the openstack and ubuntu server. Which the best selection Quens + 18.04.1 or Pike + 16.04.05 and why? What is important to me is to build a solid, stable, robust Openstack structure. Thanks in advance.
<Conqueror> Or something else version recommendation
<zioproto> btw I found the problem I had with newtron
<zioproto> btw I found the problem I had with neutron
<zioproto> I dont need a new package
<zioproto> I need to upgrade python-ryu
<zioproto> so I will not send any MR
<ahasenack> hm, I have a case (https://bugzilla.samba.org/show_bug.cgi?id=13607) where winbind needs to be sent a HUP after network changes
<ubottu> bugzilla.samba.org bug 13607 in Winbind "Should winbind also wait for network-online?" [Normal,New]
<ahasenack> would this be a good candidate for a networkd-dispatcher hook/script?
<ahasenack> until the upstream fix comes in, that is
<ahasenack> it feels like so
 * ahasenack looks for examples
<ahasenack> cpaelzer: have you written a dispatcher hook?
<cpaelzer> ahasenack: yes
<cpaelzer> wait I'll send you a link ahasenack
<ahasenack> thanks
<cpaelzer> ahasenack: this should lead you https://git.tuxfamily.org/chrony/chrony.git/commit/examples/chrony.nm-dispatcher?id=8cbc68f28f96d48a7ee128fa91731ca02a598913
<cpaelzer> I reused the nm-dispatcher hook they already had and just made it ready to also work for networkd-dispatcher
<cpaelzer> on top of that  man page and https://github.com/craftyguy/networkd-dispatcher to check details
<ahasenack> ok
<ahasenack> I created a simple one to HUP winbind, placed it in routable.d, and it worked
<ahasenack> but I guess I can't rely on networkd-dispatcher being installed
<ahasenack> it's "important"
<ahasenack> and not worth adding dep to winbind since the bug will eventually be fixed upstream, and HUP won't be needed
<ahasenack> but I can suggest it as a workaround for this bug reporter
<jamespage> zioproto: ack - what was the issue with ryu? do we need todo a fix there more generally?
<zioproto> no it was my fault
<zioproto> I did an upgrade Newton to Ocata
<zioproto> and I upgraded with apt just the neutron packages
<zioproto> and my script did not include python-ryu
<zioproto> ok, I am not sure if the apt package for neutron-common could be actually improve to pull the updated version of python-ryu. I am not sure about this.
<jamespage> zioproto: ah right - yes we generally test with a dist-upgrade with the new UCA pocket enabled
<jamespage> zioproto: lets check the versions
<jamespage> zioproto: there is no minimum version spec on ryu
<jamespage> zioproto: so the versioning could be tightened up to force the upgrade
<zioproto> jamespage: https://github.com/openstack/neutron/blob/stable/ocata/requirements.txt#L22
<jamespage> yeah it needs 4.9 which is in the Ocata UCA
<zioproto> exactly
<zioproto> I mean
<zioproto> I usually do dist-upgrade
<jamespage> but not expressed in the pkging
<zioproto> I am not sure if this is too much optimization or not
<zioproto> but the neutron-common package will not work at all
<zioproto> without the right ryu library
<zioproto> when I figured it out I did dist-upgrade on everything
<zioproto> and it worked
<jamespage> yah it would
<jamespage> but it would not hurt to version the dependency in the package if it won't work with earlier versions.
<zioproto> OK. I am on a tight schedule. I am just 1 more week in this company and I have trying to push the Ocata upgrade as far as possible
<zioproto> so I will leave to you guys this small packaging issue ;)
<zioproto> I am trying to push :)
<zioproto> I think the other issue is more wide
<zioproto> the tar version that kills pristine-tar in Bionic
<zioproto> I mean, more wide in terms of impacted people
<jamespage> zioproto: I'm surprised that's not hit me before - I spent the whole of bionic development using those versions!
<zioproto> I dont know how to check if there is a `tar` package update sitting in the queue for Bionic. Were you able to reproduce it ?
<jamespage> zioproto: git lp performance should be better now
<jamespage> zioproto: I was
<zioproto> ah ok, so I writing the minimal steps to reproduce
<zioproto> jamespage: here you go
<zioproto> https://www.irccloud.com/pastebin/MDLMNX6g/
<zioproto> this is really the minimal steps to reproduce
<zioproto> jamespage: I dont see any bug listed here https://launchpad.net/tar
<jamespage> zioproto: please raise one if you have time
<zioproto> jamespage: where exactly ?
<zioproto> I mean I dont see ANY bug. 0 bugs open for tar
<jamespage> ubuntu-bug tar
<jamespage> or pristine-tar infact
<zioproto> well the bug is fixed updating the version of tar
<jamespage> yes but bionic is still broken and installing cosmic packages in bionic is not really a solution
<jamespage> i suspect its a version mismatch - pristine-tar is quite brittle
<zioproto> https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1791710
<ubottu> Launchpad bug 1791710 in tar (Ubuntu) "tar 1.29b-2 breaks pristine-tar" [Undecided,New]
<zioproto> I need to go offline soon. Thanks for your support ! ciao :)
<jamespage> zioproto: added a task for pristine-tar - https://bugs.launchpad.net/ubuntu/+source/pristine-tar/+bug/1791710
<ubottu> Launchpad bug 1791710 in tar (Ubuntu) "tar 1.29b-2 breaks pristine-tar" [Undecided,New]
<Epx998> Aside from packages and the kernel, is there any difference between minor releases on a version of ubuntu?
<RoyK> not really
<RoyK> with 18.04.1, the "live" server installer got some fixes, though, meaning it's still quite useless IMHO
<computa_mike> I'm just wondering : Has anyone tried setting up a PXE server on ubuntu 18.04?  I'm trying to follow some guides, but having issues with DNSMASQ.  Was wondering if I could configure systemd.resolved instead ?
<Ussat> well, dis a 16.04 --> 18.04 on a XWIKI box, tomcat/xwiki shit all overitself, reverted
<Ussat> \o/ snapshots
<Ussat> HATE java based apps
<computa_mike> i just found this page : https://www.hiroom2.com/2018/05/05/ubuntu-1804-tftpd-hpa-en/ so I'll try that
<computa_mike> nope - that's only the FTP aspect - there's still the DHCP resolution aspect that I'm missing
<RoyK> computa_mike: what're you trying to achive?
<computa_mike> Hi @RoyK - I'm experimenting with setting up a PXE server - at the moment I have a couple of machines set up in VirtualBox.  My goal is to server a windows installation image from the server allowing me to re-build a windows machine from a network boot.  But to start with i was just looking at getting a basic PXE Server working
<RoyK> computa_mike: then tftp is your friend, I guess
<RoyK> not FTP
<computa_mike> RoyK: sorry - the tftp part
<computa_mike> RoyK: yeah - as far as I understand PXE is a combination of a DHCP resolution and tftp server
<computa_mike> RoyK: I think that the newer 18.04 ubuntu has systemd resolver installed - which I think provides name resolution.  Whereas all the tutorials I've seen use dnsmasq - which has settings for tftproot etc
<computa_mike> RoyK: I think there is a technique to remove systemd's resolver but I had a go a that an promptly broke the server (got an error about host resolution when using sudo).
<RoyK> sorry - no idea
<computa_mike> RoyK: No worries -
<tomreyn> computa_mike: you could look into cobbler or foreman for a more manageable pxe setup.
<tomreyn> i haven't actually done it, yet, but would expect pxe on 18.04 to work very siumilar to earlier releases.
<tomreyn> after all, the pxe client is always the one your system(s) provide(s), and the components on the server side remain the same, too.
<computa_mike> tomreyn: I did see cobbler while scouting around...the problem with 18.04 is as you alluded to - the DNS resolution provided by systemd I think screw up dnsmasq and I think the only option is to remove systemd resolutiuon, and install dnsmasq instead. Perhaps an appliance is more like what I need rather than trying to configure a new server to operate like that
<tomreyn> so this resolver issue is on the pxe server, not the client?
<computa_mike> tomreyn: yes
<tomreyn> so it's "sudo systemctl disable systemd-resolved.service && sudo service systemd-resolved stop" + installing dnsmasq
<Ussat> https://news.slashdot.org/story/18/09/09/0318228/engineering-firm-plans-to-tow-icebergs-from-antarctica-to-parched-dubai
<Ussat> ooppsss wrong channel
<Epx998> ive set pxe up on ubuntu and stuffs - if youre still needing help
<sudormrf> would this be a good place to ask about an Apache SSL forced redirect (webserver running on ubuntu) that has caused the sub-pages to fail to load, or should I ask in #apache?
<sudormrf> not really an ubuntu-server specific question, so I think #apache is probably better suited
<sudormrf> but just asking
<mason> Hey, I just realized that Bionic Beaver finally honors ctrl:nocaps. Woot.
<sudormrf> well, since #apache is _dead_...I have a webserver setup that I am doing some testing on and I have enabled forced redirection to the SSL site. now when I do that I can get to the main page, but all subpages give me 404. this was not the case when the forced redirect was not in place. trying to understand what is happening. anyone in here able to offer any guidance? happy to post the enabled site config
<sudormrf> sorted
<sudormrf> buh bye
<blackflow> mason: the what now?
<mason> blackflow: /etc/defaults/keyboard, XKBOPTIONS="ctrl:nocaps"
<mason> It's from Debian. It evidently works now in Ubuntu, where it didn't previously.
<blackflow> oh.
<jelly> that looks like an argument for setxkbmap -option ... so you can do it manually (or some other way) in any X session
<mason> jelly: It works in consoles too.
<jelly> I have no idea how that bit's achieved
<mason> That's the magic. :)
<jonfen> Does anyone have any recent instructions for configuring ubuntu 18.04 to use an active directory server for authentication?  I have only found outdated instructions so far.
<keithzg[m]> Heh I get why apt would prompt for whether you want to overwrite /etc/postfix/makedefs.out or not, but it seems like it'd be very silly not to go with the distro-provided one when upgrading postfix, eh? ;)
<RoyK> keithzg[m]: I don't remember the flag, but apt has flags for disabling prompts
<RoyK> -f is one, but that's not really safe
<tomreyn> i agree that prompting about overwriting this file doesn't seem to make a lot of sense. in fact i guess it shouldn't be in /etc in the first place.
<keithzg[m]> RoyK: Yeah I'm more just saying that in this particular case, it doesn't really make any sense to do anything other than replace that file; it is, after all, the autogenerated details of how postfix was built, so the version of that file from the package being installed is basically by definition the one that you'd want!
<keithzg[m]> tomreyn: Yeah it's a bit odd of a place for it
<RoyK> keithzg[m]: I just don't remember that flagâ¦
<RoyK> keithzg[m]: there's one used for unattended upgrades to just ignore such prompts and *not* overwrite old files
<tomreyn> if it's really the ubuntu postfix package placing the file there, then i'd say that's worth filing a bug.
<tomreyn> hmm yes it does https://packages.ubuntu.com/bionic/amd64/postfix/filelist
<keithzg[m]> tomreyn: True enough, and yeah `dpkg -S /etc/postfix/makedefs.out` confirms it's definitely owned by the postfix package.
<tomreyn> https://launchpad.net/ubuntu/+source/postfix/+changelog#detail_postfix_3.1.4-1 : "* Install /etc/postfix/makedefs.out so users can see how the package was built"
<tomreyn> adding the file was a good choice, i just think it should have been stored elsewhere
<keithzg[m]> I suppose I should open the bug upstream with Debian, rather than on Launchpad
<tomreyn> that, or both. ;)
<keithzg[m]> Well, did https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1791853 at least
<ubottu> Launchpad bug 1791853 in postfix (Ubuntu) "Postfix upgrade queries about replacing /etc/postfix/makedefs.out, when it really should always do so" [Undecided,New]
#ubuntu-server 2018-09-11
<tomreyn> ty
<tomreyn> keithzg[m]: it'd be good to discuss which ubuntu version you're running /upgrading from/to there.
<keithzg[m]> In theory filed a Debian one too, but maybe I screwed up the pseudo-headers since I haven't gotten any automatic reply
<keithzg[m]> tomreyn: Fair enough, I guess I figured in this case it's so clearly a packaging-related issue that the Postfix version from upstream was the only really relevant part.
<tomreyn> true, but still, it'll need to be filed against *something*, and ideally that what the original reporter (you) is using.
<keithzg> Yeah, makes sense.
 * keithzg[m] is now tempted to open a wishlist bug for Launchpad itself for adding distro releases to the "affects" options ;)
<tomreyn> those exist, but unfortunately only those with bug triage + higher access levels seem to be able to set them.
<nacc> tomreyn: keithzg: anyone can request they be added, but only appropriate folks can approve them
<tomreyn> nacc: even wehn logged in, i am unable to set the affected distribution version (codename) on the 'affects' field.
<tomreyn> what i can do is 'also affects project' and 'Also affects distribution/package', but neither of these (as far as i can tell) allow me to set the codename of an affected ubuntu release.
<ftmh17> hello
<ftmh17> anybody here ?
<ftmh17> this is so confusing
<ftmh17> need some help
<ftmh17> anybody
<mason> ftmh17: State your question(s) and if someone can answer they will.
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<mason> Fine, one-up me.
<mason> !cn
<ubottu> å¦æ¬²ç²å¾ä¸­æçåå©ï¼è«è¼¸å¥ /join #ubuntu-cn æ /join #ubuntu-tw
 * mason searches scrollback for \![a-z]
<lordievader> Good m orning
<[twisti]> im trying to (temporarily) do the following: on ubuntu server L, i am running a VPN client that allows me to connect to an ftp server F on 192.168.... now, on windows client W, on the same network as L, i would like to connect to F. ideally, i would like to set up L so that W can ftp connect to L as if L was the ftp server, without ever needing to know about the forwarding (because in
<[twisti]> reality we got lots of Ws that we dont want to configure if we dont have to)
<TvL2386> we're talking about this in #ubuntu at the moment
<TJ-> Although apache2-bin (for 18.04) includes mod_http2, do we need to also add a specific "Protocols" directive to enable it?
<cpaelzer> TJ-: "a2enmod http2" I'd thnik
<cpaelzer> and
<cpaelzer> echo "Protocols h2c h2 http/1.1" >> /etc/apache2/apache2.conf
<cpaelzer> so yes
<TJ-> cpaelzer: right, I was surprised there's no documentation or a template .conf file for it
<TJ-> Unless you already know a specific Protocols is required, it might appear "a2enmod http2" is all that is required since there's not an accompanying .conf file
<cpaelzer> TJ-: do you think having this line in /etc/apache2/mods-available/http2.conf would make sense?
<cpaelzer> then a2enmod would enable/disable it along the module
<cpaelzer> it is sort of hard to "guess" right as the order defines the preferred protocol
<cpaelzer> maybe the same, but commented out with some text to explain
<ahasenack> good morning
<TJ-> cpaelzer: I think it should be documented in a comment in the .load file, which ought to point to an explanation in /usr/share/doc/apache2-bin/ or apache2/. Adding the Protocol line should be dependent on SSL being enabled /and/ available (probably best in the vhost TLS site definition guarded by a "<IfDefine SSL> -> <IfModule http2_module> ..." stanza )
<cpaelzer> TJ-: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880993
<ubottu> Debian bug 880993 in src:apache2 "enable http2 protocol when http2 module is enabled" [Wishlist,Open]
<cpaelzer> you might give that bug a bump essentially asking for the same
<TJ-> cpaelzer: that looks like someone stole my thoughts :D
<cpaelzer> wb rbasak
<ahasenack> cpaelzer: is the systemd task needed in https://bugs.launchpad.net/ubuntu/+source/open-vm-tools/+bug/1791220 ?
<ubottu> Launchpad bug 1791220 in open-vm-tools (Ubuntu) "increased crash rate since 10.3 upgrade is available" [Undecided,In progress]
<cpaelzer> ahasenack: no more
<ahasenack> ok
<cpaelzer> ahasenack: done
<ahasenack> rbasak: hi, wanna take on https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1791018 ?comment #3 has a link to a debian commit to make tests on supported platforms fail the build
<ubottu> Launchpad bug 1791018 in mysql-5.7 (Ubuntu) "self-test errors do not break the build" [Low,Triaged]
<cpaelzer> ahasenack: the udev timeout change is ready for review as well
<Skuggen> ahasenack: That commit was applied long ago :)
<Skuggen> ahasenack: The question is more if it should be expanded. I did a test to debug the related test issues he reported, to https://launchpad.net/~mysql-ubuntu/+archive/ubuntu/mysql-5.7/+packages, where I changed it so test failures always caused build failures
<ahasenack> Skuggen: but the bug says the errors do not break the build
<Skuggen> Looks pretty good, though arm64 is still waiting for a build
<ahasenack> or was that only for non i386/amd64?
<Skuggen> ahasenack: On unsupported platforms
<ahasenack> ah, ok
<Skuggen> Test failures currently break the build on i386 and amd64
<ahasenack> good then
<ahasenack> n/m
<cpaelzer> ahasenack: lol - I just see that my MP update is on workspace #8 on the small screen and not submitted. No wonder you asked if the udev changes were ready :-)
<ahasenack> cpaelzer: do tell
<ahasenack> I probably made the same mistakey yesteray in a bug I spent 1h troubleshooting
<ahasenack> never pressed submit, or maybe I did and lp timed out
<ahasenack> comment dropped :/
<cpaelzer> yeah happened to me as wel lin the past, thought I'm on another window and double-esc killed the update
<cpaelzer> LP needs something like https://xkcd.com/1915/ with warning sounds each 5 minutes :-)
<ahasenack> kstenerud: did you see my review comment in https://code.launchpad.net/~kstenerud/ubuntu/+source/postfix/+git/postfix/+merge/354654 ?
<ahasenack> kstenerud: also, since I grabbed the canonical-server slot there, could you please request another review from canonical-server, so it shows up again in our queue at https://code.launchpad.net/~canonical-server/+activereviews ?
<kstenerud> ok
<nacc> tomreyn: you don't see a "nominate for series" button?
<nacc> ahasenack: that's an interesting point too, is that in the doc?
<nacc> *docs
<ahasenack> nacc: which point?
<nacc> ahasenack: about re-adding the review slots?
<nacc> ahasenack: it seems like a common pattern in some cases
<ahasenack> no, that only happens when a "community review" is done
<ahasenack> so no, not in the docs
<ahasenack> actually, in this case it was as if I had taken the canonical-server slot
<ahasenack> because I'm a member
<ahasenack> n/m the community review comment
<ahasenack> bottom line, we are not supposed to take the "canonical-server" slot as that is what makes the review appear in the +activereviews queue for that group
<ahasenack> I wanted to add a comment to the MP, and LP saw I'm a member of canonical-server, and took up that slot for me, even though I just wanted to add a comment
<nacc> yeah, it's something for your team to note
<nacc> i guess is what i meant
<nacc> and will potentially apply in the future too, if we do it via some meta-who-can-upload-label
<nacc> we actually don't want it to drop off the 'to-review' queue until it's been approved or rejected, i think
<ahasenack> I filed a launchpad bug about the queue visibility thing
<nacc> cool, maybe add a task for usd-importer, so it also shows up there
<nacc> it's a workflow thing, and i'm not sure what's 'right'
<ahasenack> the bug is essentially that the mp shouldn't disappear from +activereviews
<ahasenack> even when there are no remaining slots
<ahasenack> it differs from ~youruser/+activereviews in that regard
<nacc> yeah, i think that's accurate
<nacc> team vs. user
<nacc> but i can see an argument for the current behavior
<nacc> the hard part is you start a review, and then you need to stop it; it's not always obvious what you should put 'back' as the reviewer
<ahasenack> I want a simple list of open merge proposals
<ahasenack> the fact that someone is doing a review isn't closing it
<ahasenack> sometimes I think LP is overthinking it
<ahasenack> "reviews I can do", "reviews I'm waiting on", etc
<ahasenack> the thing is that here, each package is a "project"
<ahasenack> essentially
<ahasenack> maybe that's confusing things
<nacc> yeah, i agree with you
<tomreyn> no, i don't  <nacc> tomreyn: you don't see a "nominate for series" button?
<nacc> tomreyn: hrm, ok; yeah that's weird
<nacc> tomreyn: should you? i can see it, for sure
<powersj> nacc, I believe the nominate for series is limited to certain users
<tomreyn> right, i'm just a standard boring user, probably just don't have permission to do so (i *think* i said so when we startzed discussing this).
<ahasenack> right, I can only nominate for some packages, for many I need to ask someone else. And it's not about upload rights, although the set might intersect that, as I know of other people who can't upload a thing but can accept nominations for anything
<ahasenack> rbasak: didn't you have a way to launch an openvpn within a network namespace, so that only other processes in that namespace would see the vpn network?
<ahasenack> or were you attempting that, and never finished?
<nacc> tomreyn: powersj: ah sorry, i misunderstood, i thought tomreyn said they did have permission but didn't see it.
<tomreyn> no, no, i'm just a lousy vagrant, clicking on whatever i can click on.
<tomreyn> so, it's fine as it is ;)
<nacc> heh
<ahasenack> stgraber: hey, I suppose you have tried to use openvpn inside lxd containers already, right? Found your blog post from 2014 for lxc, not lxd. I'm trying now in a bionic lxd, but I'm getting this error:
<ahasenack> openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
<ahasenack> I already removed LimitNPROC=10 from the systemd service file, but no dice
<ahasenack> any tips?
<ahasenack> dmesg on the host shows a denied mount attempt by openvpn, which is odd
<sdeziel> ahasenack: IIRC the LimitNPROC needs to be removed in the host context
<sdeziel> last I heard, rlimits were not namespace aware
<stgraber> ahasenack: all I have here is "LimitNPROC=infinity" in an override
<stgraber> ahasenack: but that's under 16.04, it may well be that the unit has since changed in more recent releases
<ahasenack> I did a grep for NPROC on the host
<stgraber> ahasenack: the mount error sounds like it may be using something like PrivateMount or some similar Private* options?
<ahasenack> got this for lxd itself, infinity
<ahasenack> stgraber: i see privatetmp
<stgraber> sdeziel: you can apply rlimits in containers, just not ones that are higher than your container's, setting LimitNPROC=infinity on the openvpn@ unit avoids systemd trying to set it to some other value
<stgraber> ahasenack: that may be it, can you try turning that off?
<ahasenack> didn't change the denied error
<ahasenack> [20900.386502] audit: type=1400 audit(1536688629.438:199): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-bionic-intel-vpn_</var/lib/lxd>" name="/bin/" pid=31710 comm="(openvpn)" flags="ro, remount, bind"
<ahasenack> (I did daemon-reload in the container)
<sdeziel> stgraber: ah, that's what I was referring to then, I remembered wrong :)
<ahasenack> not sure if that is fatal, though
<stgraber> ahasenack: odd, the comm="(openvpn)" suggests it actually was openvpn itself, that's pretty weird
<stgraber> ahasenack: what LXD version?
<stgraber> I thought we pushed a change to allow ro,remount,bind
<ahasenack> error I have is https://pastebin.ubuntu.com/p/2N3gDqYvC7/
<ahasenack> stgraber: 3.0.1-0ubuntu1~18.04.1
<ahasenack> bionic
<ahasenack> not the snap
<ahasenack> the container itself is bionic too
<ahasenack> this is an unprivileged container, nothing fancy, no extra devices allowed in the profile
<ahasenack> nor denied
<stgraber> ahasenack: ok, so 3.0.1 pre-dates that particular apparmor policy fix, so if that DENIED is the source of the issue, we have what should be a fix for it already
<ahasenack> stgraber: do you have a oneliner to add to apparmor?
<stgraber> ahasenack: https://paste.ubuntu.com/p/msqMCqPm79/
<stgraber> ahasenack: putting that in raw.apparmor should make it behave like LXD 3.0.2
<stgraber> ahasenack: alternatively you could set security.nesting to true which would then also allow those mounts
<ahasenack> let me try that setting, one liner, and see if that fixes it
<ahasenack> lxc config set <container> security.nesting true
<ahasenack> ?
<stgraber> yeah
<ahasenack> ok, no denied error
<ahasenack> but it still failed to fork
<ahasenack> nice, that was live, without restarts
<stgraber> ahasenack: can you show `systemctl cat openvpn@`?
<ahasenack> stgraber: https://pastebin.ubuntu.com/p/p7Hd3WJX8S/
<ahasenack> it has 2 changes already: privatetmp=false (was true), and LimitNPROC commented
<ahasenack> hm
<ahasenack> the actual @config service I'm using still has LimitNPROC=20
<ahasenack> stgraber: worked now
<ahasenack> stgraber: I changed the wrong openvpn*.service file wrt LimitNPROC
<ahasenack> there is openvpn.service, openvpn@.service, openvpn-client@.service, openvpn-server@.service
<ahasenack> openvpn-client@.service still had it
<stgraber> ahasenack: oh, that's way more units than I'm used to :)
<ahasenack> yeah, it changed in bionic, they (upstream) split client and server
<stgraber> ahasenack: the rlimit thing at least should be fixable in systemd by having it detect the error and move on, so effectively letting it set lower values but ignoring higher ones (logging something is fine though)
<boxrick> Hello, I want to get rid of the double quotes in the AWK in this statement. fdisk -l | grep '^/dev/[a-z]*[0-9]' | awk '$2 == "*"'
<boxrick> Any sensible suggestions ?
<boxrick> Or even better a sed like alternative
<tomreyn> maybe fdisk -l | grep -E '^/dev/[a-z]*[0-9][[:space:]]+\*[[:space:]]'
<tomreyn> boxrick: ^
<BrianBlaze> good day beautfuls, I know how to add a route using route add... but I am unsure exactly where to put the route to make it permanent after a reboot. on ubuntu 18
<boxrick> Thanks tom :)
<tomreyn> :)
<tomreyn> BrianBlaze: there's no "ubuntu 18", do you mean 18.04.1 LTS?
<sdeziel> BrianBlaze: there is an example on how to add routes in https://netplan.io/examples#multiple-addresses-with-multiple-gateways
<BrianBlaze> yes I do and tanks
<BrianBlaze> thanks*
<tomreyn> if you're asking about ubuntu 18.10 instead, this will be released in october (as the .10 indicates), ask about it in #ubuntu+1
<BrianBlaze> I mean 18.04.1 LTS :)
<tomreyn> cool. in case you are still going to set routes manually, use 'ip route', not just "route"
<BrianBlaze> oh? it worked with route... wierd
<sdeziel> route is the old deprecated way
<BrianBlaze> gotcha
<BrianBlaze> get used to ip route :)
<tomreyn> !releasenotes
<ubottu> Ubuntu 18.04 (Bionic Beaver) release notes can be found here: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes
<tomreyn> ^ would tell so, IIRC
<kstenerud> Regarding https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1010625
<ubottu> Launchpad bug 1010625 in logwatch (Ubuntu) "named logs are not being reported in logwatch" [Medium,Fix released]
<kstenerud> It looks from the comments that there's a quick fix that can be applied to logwatch to solve 90% of the problems in one go
<kstenerud> Two possibilities:
<kstenerud> 1: Remove 'LogFile = messages' from the conf files so that it searches for the locations itself
<kstenerud> 2: Just hardcode syslog instead of messages
<kstenerud> I'm not sure which is the better solution. Anyone want to chime in?
<ahasenack> kstenerud: iirc there is some sort of overriding that can happen in logwatch
<ahasenack> kstenerud: it has config directories, and there is one for distro overrides
<ahasenack> ubuntu has LogFile = <rightthing> in there iirc
<ahasenack>  /usr/share/logwatch default.conf/ and dist.conf/
<ahasenack> default.conf has all its content using "LogFile = messages"
<kstenerud> So if that points to the right file, we can remove 'LogFile = messages' from the individual conf files then?
<ahasenack> if this overriding works as intended, I wouldn't touch that setting in the default.conf/ files
<ahasenack> I would make whatever changes we have to make in the dist.conf/ tree
<kstenerud> I'm not up on the history of this. Was everything going to messages before? It looks like things are being sent to syslog in a bunch of (if not all) cases?
<ahasenack> maybe all that's needed is setting LogFile=syslog in dist.conf/logwatch.conf?
<ahasenack> I think messages was just an upstream choice, RH systems I think used to log there
<kstenerud> But now for example dhcpcd.conf has Logfile = messages
<kstenerud> So that would override the basic config I think?
<kstenerud> (even though the basic config also sets it to messages)
<kstenerud> But if I changed the top level config to syslog, these configs would still set to messages right?
<kstenerud> There are 72 config files that explicitly set the logfile
<ahasenack> dhcpd.conf only exists in the default.conf tree, ok
<ahasenack> it's my understanding settings in dist.conf override default.conf
<ahasenack> see /usr/share/doc/logwatch/HOWTO-Customize-LogWatch.gz
<ahasenack> in the dhcpd case, it's possible that the dhcpcd package (whatever it's called) ships a logwatch file
<ahasenack> but I haven't checked
<kstenerud> OK I'll take a look. Just need to be sure of how the override rules work (i.e. default/iptables.conf vs dist/ with no iptables.conf - does it take config from the specific conf under default, or does it take the override from dist/top-level-config?)
<ahasenack> kstenerud: I don't know
<ahasenack> some experimenting is needed, looks like
<TJ-> kstenerud: I wasn't able to reproduce the Strongswan issues despite doing some extensive messing about with it (my issue is a Cisco IOS device not playing nicely with the Linux strongswan, but I also set up a strongswan/charon IKEv1 config to mirror how IOS is supposed to work)
<kstenerud> TJ-: Thanks. I think since we can't get any confirmation on the bug one way or the other, we'll let it sit for now. Hopefully the bug reporter can get back to us on how to reproduce the issue reliably!
<TJ-> kstenerud: in other news, persuade everyone to swith to Wireguard. I had the pleasure to deploy it this week and it is a joy to config/use :) I've wasted a lot of my life on configuring IPsec and openvpn!
<jelly> but does it do p2p if possible?  Oh it seems it does >  the server itself changes its own endpoint, and sends data to the clients, the clients will discover the new server endpoint and update the configuration just the same. Both client and server send encrypted data to the most recent IP endpoint for which they authentically decrypted data. Thus, there is full IP roaming on both ends.
<TJ-> jelly: of course if both ends change IP address at the same time, whilst not talking, it will fail until poked using "wg set peer <pubkey> endpoint <address>"
<jelly> I'm currently usi^H^H^Htesting a semi-abandoned vpn that has a central point (of failure) for reregistering itself
<kneeki> Hey all, I'm trying to create a script that checks if apache2 is running and if not start it. https://pastebin.com/rPQ9Tq7Z --- Unfortunately I'm given the error:  line 14: service: command not found âservice apache2 statusâ was was not âactive (running)â. Executing: service apache2 start
<nacc> kneeki: what version of ubuntu?
<kneeki> 17.10
<nacc> kneeki: systemctl is-active apache2
<nacc> kneeki: you're also not checking errors, etc.
<kneeki> oh cool. You're right, I'm not checking for errors. =\
<nacc> kneeki: the reason your output is like that is you are only redirecting stdout
<nacc> kneeki: fwiw, checking the output of `service status` is also wrong, i think you should be looking at return codes only
<kneeki> Ah, that'd be a much better way.
<nacc> kneeki: also, what are you trying to fix? apache crashing?
<kneeki> I've checked /var/log/apache2/error.log and /var/log/syslog without any luck as to why apache2 seems to be stopping or crashing so I'm making this script to run as a cron job
<sdeziel> kneeki: I don't know if others mentioned it but 17.10 is EOL, just an FYI
<kneeki> Yeah, I intend to update to 18.04.1 - just haven't yet. -.-
<TJ-> kneeki: systemd units can be configured to restart if it exits
<kneeki> Oh that sounds perfect!
<TJ-> kneeki: see "man 5 systemd.service" and the "Restart=" option, plus it's associated timeouts, etc
<TJ-> s/it's/its/
<kneeki> Reading up on that now - thank you!
<kneeki> Looks like systemd is the perfect solution. Any idea's on how I'd crash apache2 to see if it's working?
<TJ-> kneeki: you could send the process a SIGTERM, as in "sudo pkill apache2"
<raidghost> hmm. didnt know that was a valid command. but thanks for the info TJ- ;)
<kneeki> ah delicious. Thanks TJ
<keithzg> I suppose the difference between pkill and just good ol' killall is that pkill doesn't by default have to match the process name exactly?
<nacc> keithzg: pkill is a lot more powerful than killall
<nacc> in the sense of control
#ubuntu-server 2018-09-12
<cpaelzer> good morning
<lordievader> Good morning
<zzarr> Hello!
<zzarr> Is it possible to cluster 2 or more nodes (computers) as a SSI (Single System Image)?
<tomreyn> zzarr: this lists multiple Linux based solutions https://en.wikipedia.org/wiki/Single_system_image#Examples but most of them seem to not have received updates in a while.
<zzarr> the only relevant info I find is http://www.popcornlinux.org/
<tomreyn> reading the wikipedia article which states "The interest in SSI clusters is based on the perception that they may be simpler to use and administer than more specialized clusters. Different SSI systems may provide a more or less complete illusion of a single system." makes me suspect that maybe there are now fewer people interested in creating this illusion than there used to be in the past.
<tomreyn> (at least in linux lands)
<tomreyn> have you considered other HA models?
<tomreyn> zzarr: ^
<zzarr> I just wanted to build a cluster as an experiment for own use
<zzarr> I was thinking about buying 2 https://www.pine64.org/?product=rockpro64-4gb-single-board-computer
<zzarr> and cluster them
<tomreyn> what would this cluster then do?
<zzarr> while the CPU's on the boards are strong but nothing special, they have something called a NPU (neural network processor) which would be nice to have 2 of so to speak
<zzarr> other whys it's just to learn and have fun :)
<tomreyn> my (surely subjective) perception is that in the end you always want to create / provide a highly available application / service. so, for example, you want a HA web or database server. to do this, you don't need classic server clustering, but just service / application level clustering, and this can actually make more sense.
<zzarr> nice idea
<tomreyn> regarding the NPU i'd assume something similar to distcc to exist, i.e. a small service layer running on all nodes which then allows you to address an abstraction of these as a single entity.
<zzarr> I think so
<tomreyn> i can't seem to find much on clustering NPUs, maybe the concept is not applicable to this kind of processor, or it has just not yet been done (or not in open source software)
<zzarr> do you know if it is possible to make 2 kernels communicate over PCIe?
<zzarr> well, I could write my own software once I know how to use the NPU
 * tomreyn does not know
<tomreyn> i assume you're loking for a fast link and DMA
<zzarr> what is DMA?
<tomreyn> direct memory access
<zzarr> sure, a fast link yes
<zzarr> that is correct
<tomreyn> an external process writing to memory normally controlled by the kernel
<tomreyn> you usually dont want DMA because it means abandoning security, but for low latency processes and clustering it can the the only option
<zzarr> I see
<tomreyn> there are several standard interfaces which can do DMA. i think pci and thunderbolt at least. bluetooth provides a mode which allows for it.
<tomreyn> maybe that's also a ##hardware and ##linux question
<zzarr> I was thinking of buying some FPGA as a switch between the two boards (and possibly expandable), but the frequency if PCIe is 8GHz
<zzarr> so it might not be possible
<zzarr> I'll ask in those channels
<zzarr> but it might be possible to just hook PCIe -> PCIe (Tx -> Rx)
<cpaelzer> rbasak: you should be the first to be around, would you have some time for https://code.launchpad.net/~paelzer/ubuntu/+source/qemu/+git/qemu/+merge/354695 as the automated tests will conclude in a few hours and I'd want to be ready then
<tomreyn> zzarr: https://serverfault.com/questions/336649/pci-e-connection-between-two-servers  - infiniband actually can do RDMA (remote direct memory access), too, IIRC
<zzarr> cool, I'll have a look
<zzarr> very interesting, thanks tomreyn
<tomreyn> you're welcome, but i'm really not knowledgable in this area, it'd be better to talk to someone who is.
<cpaelzer> rbasak: thanks for the check I have the edit for the SRU tempalte open already :-)
<cpaelzer> askring rharper is a good idea I'll do so privately
<cpaelzer> and on the dep3, I'll extend my template to differ between the two
<halvors1> Hi! I'm experiencing some network issues with my server, seems to appear when i clone the mac address. (It's only used by the server).
<halvors1> The problem is that connections drops once in a while ahen the mac address is cloned, my network contoller is 82566DM-2.
<halvors1> Running the e1000e driver.
<halvors1> I'm cloning the mac address in systemd-networkd, should this be done in udev? How to do that in 18.04?
<rbasak> smoser: could you add SRU information to bug 1781039 please?
<ubottu> bug 1781039 in cloud-init (Ubuntu Trusty) "GCE cloudinit and ubuntu keys from metadata to ubuntu authorized_keys" [Medium,Confirmed] https://launchpad.net/bugs/1781039
<rbasak> smoser: in particular Regression Potential. Looks like the entire cloudinit/sources/DataSourceGCE.py file has been rewritten or wholesale backported?
<blackflow> halvors1: "cloning"?  you mean spoofing? cloning would imply multiple NICs with teh same MAC, which would explain issues.
<Chainsaw> Hello. Attempting to install Ubuntu Server Lts 18.04.1 in a multipath FibreChannel environment using LPFC (Emulex) adapters. I am unable to enable any sort of multipath support, as the documentation seems outdated (for 16.04, which has a different kernel command line on the install media).
<Chainsaw> Trying an LVM2 installation without any multipath, thinking it could be enabled later, results in duplicate LVM2 PV ID reports and a failed boot. Any attempt to install to the same disk(s) also fails, as it cannot umount/disengage from the flawed LVM2 configuration that results.
<Chainsaw> Thoughts?
<Chainsaw> I mean besides using a rescue CD to dd /dev/zero to the disk to try again, which is what I'm doing.
<stukdev> Hi, i've setup a samba share, everytimes i create a new directory the default permission are drwxr-sr-x , how can i force to disable the 's' permission in samba conf?
<halvors1> blackflow: Yeah mean spoofing, the reason is that only a specifid mac is allowed by the upstream switch.
<rbasak> stukdev: see "inherit permissions", "force directory mode" and "directory mask".
<stukdev> rbasak: i just set the force directory mode 0775 but don't work
<rbasak> stukdev: do you have "inherit permissions" set?
<smoser> rbasak: i'll ask shaner to do that. sorry for not having asked that before uploading. this was me just sponsoring someone elses review.
<smoser> err... work.
<stukdev> rbasak: this is what i'm seraching, becouse in webmin i don't find it..
<jelly> Chainsaw: are you trying to put root fs and boot from mpth?
<jelly> mpath*
<stukdev> rbasak: ok, i setup inherit permission = yes, force directory mode = 0775, directory mask = 0755, but new fdirecoty always create 's' permission
<rbasak> stukdev: have you actually read the definition of "inherit permission"? I didn't suggest that you set it to "yes".
<stukdev> rbasak: yes, but using no, its the same, so i try using yes
<rbasak> I'm not sure then, sorry.
<Chainsaw> jelly: Correct.
<Chainsaw> jelly: These are boot-from-SAN systems with no local storage of any kind. (HP ProLiant BL460c Gen 8 on a 3PAR 8440)
<DammitJim> how do I google for a reason why a log.jcifs* get created in /var/log/samba ?
<sdeziel> DammitJim: samba creates logs in there with the client machine suffix
<DammitJim> thanks sdeziel
<DammitJim> weird! but these files are empty!
<sdeziel> DammitJim: yeah, some of mine are empty as well.
<DammitJim> searching for: samba log.jcifs* access denied doesn't turn up anything on google
<DammitJim> that's why I was trying to get some ideas on what to search for
<sdeziel> DammitJim: jcifs is probably the name of the client machine so I'd remove this part from the google search as it's really specific to your environment
<DammitJim> it says: log.jcifs255_105_ac
<DammitJim> I'm verifying 255.105 are the last 2 octects of the IP of the client machine
<ahasenack> let's say I removed a file that belongs to a package, how can I get it back? apt install --reinstall <pkg> doesn't work, it doesn't restore the file
<DammitJim> how did you remove the file?
<ahasenack> it wasn't me, someone made a mistake, I don't know the details
<ahasenack> bug report
<ahasenack> it's easier to just restore it instead of investigating how he managed to remove the file
<DammitJim> what's the name of the file?
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1791403
<ubottu> Launchpad bug 1791403 in postfix (Ubuntu) "postfix 3.3.0 unable to create missing queue directories" [Undecided,Incomplete]
<ahasenack>  /etc/postfix/postfix-files
<ahasenack> I told him to extract the file from the package manually
<ahasenack> maybe because it's in /etc --reinstall didn't work as expected
<ahasenack> i.e., a config file
<ahasenack> kstenerud: to which ppa did you say you pushed a new postfix upload?
<ahasenack> the mp description now only lists https://launchpad.net/~kstenerud/+archive/ubuntu/cosmic-postfix-mysql-config-1791139
<ahasenack> and that one isn't using the ~ppaN suffix
<ahasenack> I *think* you can delete the packages in there and upload new ones using -1ubuntu2~ppa1, but the ppa might reject it as being lower, even after the deletion
<ahasenack> I've had conflicting experiences with that. My mantra is "PPAs remember"
<Ussat> OK, this is totally off topoic, but to lighten things up a bit. Today
<Ussat> OK folks, today is a HISTORIC day, today in history:   https://www.youtube.com/watch?v=hcJAWKdawuM
<kstenerud> ahasenack: OK I'll push a ppa version
<kstenerud> ahasenack: How do I delete the bad upload to the PPA and replace it with a new one?
<ahasenack> kstenerud: view package details -> then you should see a delete option in the top right next to a copy packages one
<kstenerud> hmm it still won't let me upload
<kstenerud> Package has already been uploaded to ppa on ppa.launchpad.net
<kstenerud> Nothing more to do for ../postfix_3.3.0-1ubuntu2~ppa1_source.changes
<ahasenack> that's from dput
<ahasenack> not a server response, right?
<ahasenack> everytime dput uploads a package, it creates a *.upload(ed?) file, and that is what it looks for
<ahasenack> you can dput -f
<ahasenack> or remove that upload file
<kstenerud> ah ok
<ahasenack> you can tell by how quickly dput complained that it wasn't a server response :)
<ahasenack> afaik beside this particular condition, dput always succeeds
<ahasenack> it's async. If it actually worked or not, an email will tell you
<Chainsaw> jelly: You've successfully understood the question. Are you able to help please?
<mustmodify> My ubuntu instance on EC2 suddenly became unresponsive. I tried to restart it from the EC2 console. For 10 minutes, nothing happened. I then tried to stop it and EC2 offered to "force-kill" it. That took another 10 or so minutes. What logs can I check or other tests can I perform to see what caused it to go down and then to be so hard to restart?
<ahasenack> I would try to check it's console
<ahasenack> also, if its root is an ebs volume, maybe mount it from another working instance to inspect it
<mason> I'm curious - in RHEL/CentOS, "systemctl restart cryptsetup.target" will reparse /etc/crypttab and make additional volumes available. This appears not to be the case in Ubuntu 18.04. Is there a preferred way to reparse crypttab in Ubuntu, without a reboot or manual set-up?
<mason> Ah, EL didn't want systemctl daemon-reload first, but Ubuntu does, after which restarting cryptsetup.target works.
<blackflow> mason: you don't need daemon-reload for changes in crypptab as that's not systemd file. I guess you're seeing the generator being retriggered with daemon reload
<blackflow> (as cryptsetup is handled by a generator)
<blackflow> uhh... crypttab.
<mason> blackflow: That sounds right, yeah.
<mason> The odd difference is that evidently EL runs the generator without daemon-reload
<blackflow> afaik RH does some changes to their systemd that's not upstreamed, like that 0day issue, RH specifically allows usernames starting with a number. that's something I remembered.    yeah, that's my pet peeve with it.... so much for one, standardized interface across all distros.
<mason> My pet peeve is largely "here's an ever-growing project that stifles opportunities for people to invent novel standards-based components to drop into a modular system".
<blackflow> stifles how?
<kstenerud> is /var/log/daemon.log gone from ubuntu?
<blackflow> kstenerud: iirc that was defined through rsyslog, so yes. you can always define it yourself.
<mason> blackflow: rsyslog is still there by default
<mason> blackflow: My 'Net cut out due to maintenance, but in short, systemd disincentivizes new development in the spaces it occupies, since it's got fairly complex interdependencies on its components.
<mason> The previous model was far more modular, with standards-based modules being drop-in-compatible with each other.
<blackflow> the previous model was a shell script :)
<mason> No, think of rsyslog, MTAs, MDAs, all sorts of server software, DNS, etc.
<mason> In short, everything we do that defines the field.
<kstenerud> ahasenack: I think logwatch needs a bit of an overhaul. It's referring to a bunch of logfiles that haven't been present since precise
<nacc> kstenerud: upstream or in our package?
<nacc> note that if it's upstream, that's because it is meant to be installable everywhere, even on ancient systems probably. General OSS cruft :)
<kstenerud> I'd have to check upstream. Not sure of debian has things in dist.conf or not
<kstenerud> The basic idea is to leave default.conf alone, and for distributions to add config files to dist.conf, and users to modify /etc/logwatch.d
<kstenerud> but ubuntu dist.conf is pointing to old things that are no longer true
<nacc> kstenerud: ah i see
<nacc> kstenerud: yeah, it probably needs love :)
<kstenerud> which is the root cause of most of the logwatch bugs in lp
<kstenerud> In particular, we have no daemon.log or messages in /var/log
<nacc> kstenerud: to old things? i thought most of the bugs we were getting were missing new things :)
<kstenerud> Some are from getting new unexpected log entries, and others are from things that stopped working in 14.04
<kstenerud> I think it coincided with the move to rsyslogd
<nacc> ah could be
<kstenerud> rsyslogd has a very restricted set of logfiles (auth.log, kern.log, mail.log, and syslog)
<kstenerud> * in ubuntu config
<nacc> ah that makes sense
<nacc> yeah, by default
<kstenerud> logwatch, on the other hand, is still looking for daemon.log and messages, which aren't configured in rsyslogd
<nacc> right
<kstenerud> So I think I can fix this in dist.conf. The only thing is that once I point things to where they're supposed to go, logwatch is going to choke on a lot of the new messages it hasn't been updated to handle (I did some preliminary tests and got quite a few unexpected message warnings)
<nacc> kstenerud: yeah, it probably needs two sets of updates
<kstenerud> But at least it will be processing what it's supposed to be processing
<nacc> kstenerud: that ends up being the hard decision -- how much should we be fixing, vs. upstream should be fixing
<kstenerud> Well, unless dist.conf is being driven by debian, it's our problem. The unexpected messages will be something that should be fixed upstream ideally
<nacc> kstenerud: right, that's what i meant --  you're right to fix dist.conf for our distro configuration; but the unexpected messages should be fixed upstream, if they are new formats, etc.
<nacc> kstenerud: iirc, logwatch upstream was pretty responsive
<blackflow> mason: I think you're making the common mistake of assuming that systemd the project defines what a distro should or shouldn't include. one can still have _just_ the pid1 and process manager, and use all the other components from before.
<blackflow> mason: including crypttab generator which is strictly speaking not needed, but is a good thing to have so it benefits from dependency triggers if systemd knows about it
 * mason sips the Kool-Aid.
<blackflow> mason: patches welcome ;)
<mason> blackflow: I can think of places I'd rather spend time.
<mason> Patches would require excessive time and attention in this case.
<nacc> sarnold: lovepopsickle in #ubuntu points out no torbrowser-launcher AA profile exists, though it is listed here: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/AppArmorProfiles
<nacc> sarnold: could you reply/follow-up? (or i can redirect them to a better channel)
<arooni> anyone know how to address this issue of getting php-dev installed on ubuntu 16.04 server?  https://gist.github.com/arooni/f535d32c8fb8c0a74c73e6c4425c44da
<nacc> arooni: you are using ondrej's ppa
<nacc> arooni: if you want to use it, use it for everythign and seek support there, or just us ubuntu's packages
<arooni> i think i must have been ;  https://askubuntu.com/questions/813788/cant-install-libpcre3-dev  i followed that and i think hopefully downgraded to the official repos
<nacc> arooni: if you don't intend to use ondrej's ppa, you should ppa-purge it
<arooni> nacc: thats a good call;  so is there any advantage to using it at all?
<nacc> arooni: ondrej's ppa lets you use non-ubuntu version of php, e.g. 7.1/7.2 on 16.04
<arooni> and is that recommended? or not so much
<keithzg> I mean, it's recommended if necessary ;) That is to say, one might need PHP 7.1 or higher and also have to be running 16.04. But with 7.2 officially in the 18.04 repos, the use-case is currently not high. As the LTS goes on that will probably change. But if you don't expressly need a version of PHP other than the one in main, it's better to stick with the officially-packaged version.
<arooni> thanks for that explanation
<arooni> i remember seeing perf benefits to php 7.1 and 7.2 over 7
<arooni> but i also think i remember that 7 is a big step up from 5.x
<keithzg> Yeah and there were some missing features in 7.0 that were in 5.x, that were re-added finally with 7.1 (which is why I'm still using ondrej's PPA on the Phabricator server at work, which I haven't yet updated to 18.04).
<arooni> what are you missing in 7.0 that you have in 7.1?
<arooni> br
<keithzg> arooni: Not 100% sure, just stuff Phabricator needed, heh. Looking at https://secure.phabricator.com/T9640 I guess it was primarily "asynchronous signal handling".
<tobias-urdin> coreycb: I updated this bug with some details https://bugs.launchpad.net/cloud-archive/+bug/1758094
<ubottu> Launchpad bug 1758094 in Ubuntu Cloud Archive "ironic-conductor fails to start in Pike" [Undecided,New]
<tobias-urdin> we are still hitting this issue in CI https://review.openstack.org/#/c/602059/
<tobias-urdin> could you please look at it when you are back
<tobias-urdin> jamespage: fyi ^
<jamespage> tobias-urdin: looking
<arooni> i think my packages are broken;  cant seem to install pmp-memcahced
<arooni> https://gist.github.com/arooni/f1efd9f1db704732eea1043187846170
<nacc> arooni: i can help you once i'm off the phone
<arooni> no rush ; just a noob here trying his best lol ;)
<nacc> arooni: your php-common is i think from ondrej still
<nacc> arooni: `apt-cache policy php-memcached php-common` ?
<arooni> ahh ha; i did run ppa-purge as recommended earlier
<arooni> but i think it didnt remove all the old ppa packages
<nacc> ok
<nacc> it should have
<arooni> https://gist.github.com/74d4b80b76cf8df5690710bcf5e34749
<nacc> arooni: right, your php-common is still wrong :/
<nacc> arooni: you can satisfy it manually with (on the apt-get line php-common=...)
<arooni> so do i just need to uninstall it
<arooni> what about uninstalling php-common and reinstalling it
<arooni> shouldnt it pull from official repos?
<nacc> also would owrk
<arooni> Reinstallation of php-common is not possible, it cannot be downloaded.
<arooni> i really butchered this didnt i
<arooni> uninstalled all my php packages  and reinstalled them
<arooni> seems to have fixed it
<nacc> arooni: :)
<arooni> is apxs something that runs only on apache or on nginx too
<jamespage> tobias-urdin: update for oslo.utils now in pike-proposed
<jamespage> hopefully that will resolve your issue
#ubuntu-server 2018-09-13
<cpaelzer> good morning
<lordievader> Good morning
<cpaelzer> hi lordievader
<lordievader> Hey cpaelzer
<lordievader> How are you doing?
<cpaelzer> good as always :-)
<cpaelzer> I'm not dragging you down by complaining :-)
<cpaelzer> and you?
<lordievader> Busy, but good :)
<rbasak> cpaelzer: has the git ubuntu importer been dead since 4 Sep?
<rbasak> In the screen I saw just a prompt
<cpaelzer> I have had it recovering for some time, maybe it died again
<cpaelzer> yes, seems like it
<cpaelzer> rbasak: ^^
<cpaelzer> I had it recovering like 8 days when we found it dead
<cpaelzer> it was funny that was the day after I asked if I should keep the screen open
<cpaelzer> and you said, no need to do so
<cpaelzer> the day after it crashed and only when andreas was missing an import we relaized
<cpaelzer> so I started it with the right offset to recover all of it and that worked
<cpaelzer> so it seems to be the second time in 4 weeks not that the main process died
<cpaelzer> which is odd
<cpaelzer> but exactly the reason why andreas and I added a sprint topic for it to discuss how we continue
<cpaelzer> it is like "make usdi a real service" or so
<rbasak> cpaelzer: OK. Restarted, thanks.
<rbasak> +1 for sprint topic
<rbasak> Does anyone actually use backuppc?
<rbasak> Looking at bug 1723392, it looks like it's struggling for maintainership in Debian (kicked out of testing atm) though that might pick up depending on a new volunteer.
<ubottu> bug 1723392 in backuppc (Ubuntu) "Please update backuppc to 4.x release (now 4.2.1) - major improvements and lots of bugfixes" [Undecided,Confirmed] https://launchpad.net/bugs/1723392
<rbasak> Is there any value in keeping this package in main in Ubuntu?
<rbasak> cpaelzer: one for you I think, if you haven't seen it already: bug 1788334. server-next because there's a patch provided?
<ubottu> bug 1788334 in qemu (Ubuntu) "'Less than' (<), 'more than' (>), and 'pipe' (|) can't be typed via VNC" [Undecided,New] https://launchpad.net/bugs/1788334
<rbasak> The patch needs your review I think though. It is noted as a hack by upstream.
<cpaelzer> rbasak: yeah I know that one from other reports, I'll need to tag some Dup's it seems
<cpaelzer> rbasak: consider that bug handled by me
<rbasak> Thanks!
<cpaelzer> if only the tests on the qemu in cosmic would let it migrate this could go on :-)
 * cpaelzer is cursed by the autopkgtest-murphy on some flaky tests
<kstenerud> DEBUG:Executing: /usr/bin/lxc launch -e 5b4f8a0c86d1 loving-weevil
<kstenerud> That's gotta be the best name yet!
<kneeki> Hey all, in my attempts to create a systemd service that ensure apache2 is always running I seem to have broke the entire systemd shabang. When executing 'sudo systemctl list-unit-files' I'm given the error: Failed to list unit files: Not a directory --- Google hasn't been any help. Any ideas?
<ChmEarl> kneeki, your new service should be installed in /etc/systemd/system, not in the primary systemd tree
<kneeki> That's where I put it. I actually did this: sudo systemctl enable /var/www/website/services/apache2-stayalive.service
<kneeki> It ended up handedly breaking apache2 like a champion actually. So I need to fix that.
<ChmEarl> kneeki, I've never seen a full path to a service file in that command... its not required
<ChmEarl> systemd has a reserved path
<kneeki> Well it seemed to have work well enough. Is there a systemctl command that rebuilds the systemd services? Even after remove+purge+install of apache2 the services aren't working.
<ChmEarl> systemd likes you to run `daemon-reload` and errors from that command get logged
<ScottE> Since apache is already shipped with systemd unit files, why not just do a dropin? I.e. if the service that's run is /lib/systemd/system/apache2.service, then create /etc/systemd/system/apache2.service.d/override.conf with Restart=always in a [service] stanza
<sdeziel> that ^
<kneeki> Yeah tried that - same error when I try to list the loaded services. Here's a list of all the systemd entries in syslog from yesterday: https://paste.laravel.io/23315bf0-95f5-4b62-ba0d-590264e59ddb
<sdeziel> to create the drop-in, "sudo systemctl edit apache2" is handy too
<kneeki> ScottE, Okay, I'll look into that
<ScottE> And "systemctl cat apache2", too to see the fully resolved configuration
<kneeki> ScottE, Here's the result of 'systemctl cat apache2': https://paste.laravel.io/185d7c7a-0f1a-4633-9518-c7dbef75d15d
<kneeki> I created the override before issuing that command.
<sdeziel> kneeki: you don't need to repeat Type= and RemainAfterExit=
<kneeki> Okay, removing that
<kneeki> Apache is running again after deleting my custom service, adding the override, then daemon-reload. Let's try to reboot
<kneeki> So apache2 isn't starting automagically after rebooting.
<kneeki> 'systemctl enable apache2' gives me: Synchronizing state of apache2.service with SysV init with /lib/systemd/systemd-sysv-install...
<kneeki> Executing /lib/systemd/systemd-sysv-install enable apache2 --- let's see how that goes. =]
<kneeki> Neat. Seems that worked!
<blackflow> kneeki: you do know you're not required to use the distro default sysvinit shim?  you can define your own service for apache and benefit from all the systemd facilities for process management.
<blackflow> distro defaults are teribad.
<kneeki> I think that's probably beyond my ability/scope at the current time. I'm still trying to get everything the way it was before I broke it.
<Epx998> does debian-installer for ub have any sort of vnc similar to redhat/centos?
<tomreyn> thw alternate server installed (which is based on the debian installer) can be setup to start an openssh server so that you can carry out the installation remotely.
<tomreyn> Epx998: ^ does this help?
<arooni> is it bad practice to set /var/log/fpm-7.0-log ownership to www-data:www-data so nginx can write to it?
<arooni> because i dont seem to be getting error logging working correctly with 16.04 + php7-fpm
<arooni> is there something i'm missing in the error logging of the official ubuntu package?
<sarnold> maybe www-data:adm if you want adm users to be able to read it without sudo
<sarnold> are you sure fpm is set up correctly though? I thought it was supposed to run different scripts as different users or something similar
<sdeziel> arooni: I'd think the fpm log is not written to by nginx but more by php-fpm itself. Both runs as www-data by default but that might not be your case?
<Jimmy06> Im trying to install server 18.04 and keep getting this error "Unexpected error while running command blkid -o full /dev/"
<arooni> sarnold: thats a good idea to set group to adm.  i thought it was set up until now
<arooni> i dont see any output in the log file it has acess to
<kstenerud> I think I may be doing something wrong with my ppa update to logwatch...
<kstenerud> I've made these changes: https://pastebin.ubuntu.com/p/4GbWmJvwBX/
<kstenerud> git ubuntu build-source -v --lxd-image 5b4f8a0c86d1 --sign
<kstenerud> dput ppa:kstenerud/cosmic-logwatch-syslog-1199511 ../logwatch_7.4.3+git20161207-2ubuntu3~ppa1_source.changes
<kstenerud> Then inside my container, add-apt-repository -y ppa:kstenerud/cosmic-logwatch-syslog-1199511
<kstenerud> But when I install from the ppa, none of my changes show up
<kstenerud> Do I need to do something special for things in the debian directory?
<Jimmy06> I just want to install it lol
<dpb1> kstenerud: apt-cache policy <package>
<dpb1> what's it show
<Jimmy06> me ?
<kstenerud> shows only the 2ubuntu2 version, not 2ubuntu3~ppa1
<kstenerud> apt update is hitting my ppa
<kstenerud> Hit:3 http://ppa.launchpad.net/kstenerud/cosmic-logwatch-syslog-1199511/ubuntu cosmic InRelease
<kstenerud> H
<dpb1> kstenerud: go to your ppa on the web
<dpb1> kstenerud: click on 'package details'
<dpb1> you'll notice the change you uploaded is still building
<kstenerud> I see "2 successful"
<dpb1> look at the packages
<dpb1> see the little gear icon?
<dpb1> that means building
<kstenerud> ah ok
<dpb1> and the status is 'pending'
<dpb1> also, expand the expander thing on the left
<dpb1> you will need the status to be published, *and* a green check on the left for it to be really there
<kstenerud> ok, so it's currently built but not published?
<dpb1> yup
<Jimmy06> https://i.imgur.com/m7vn5HJ.png
<Jimmy06> That's my drive setup
<Jimmy06> https://i.imgur.com/gX67kLZ.png
<Jimmy06> This is the error I get after confirming it
<Jimmy06> https://i.imgur.com/UXoAcXg.png
<dpb1> Jimmy06: I'm looking
<Jimmy06> Thanks
<dpb1> rharper: you know what is going on there? ^
<dpb1> bug worthy?
<Jimmy06> its a 146GB 15k SAS drive if that means anything lol
<dpb1> Jimmy06: switch to another terminal
<dpb1> you know how to do that?
<dpb1> <ctrl><alt><f2>
<dpb1> get back with
<dpb1> <ctrl><alt><f1>
<Jimmy06> I will haeve to go to the server hang on
<Jimmy06> I will have to go to the server hang on
<dpb1> and run blkid -o full /dev/sda2
<dpb1> what happens
<dpb1> and just blkid
<dpb1> blkid -o full
<dpb1> etc
<Jimmy06> sec funning it now
<Jimmy06> lol funning, Running
<Jimmy06> https://i.imgur.com/EM2ZAMh.png
<Jimmy06> doesnt error
<dpb1> what about blkid -o full
<dpb1> what's the output
<Jimmy06> https://i.imgur.com/ZalLWmQ.png
<dpb1> what about lsblk
<Jimmy06> https://i.imgur.com/xgRci4d.png
<dpb1> hrm
<Jimmy06> its a HP Raid controller
<dpb1> idk, I'd need rharper or smoser to take a peek, but it's late for them.  They'll likely poke their head back in
<dpb1> Jimmy06: only advice I have is general.  look through dmesg, /var/log/syslog, see if there is any error jumping out to you
<dpb1> but let's see what they say when they look
 * dpb1 -> afk
<Jimmy06> https://i.imgur.com/5QKboHw.png
<Jimmy06> I will just add this here incase it helps
#ubuntu-server 2018-09-14
<smoser> Jimmy06: did you try running again ?
<smoser> there a good shot it will work after a reboot.
<ansibleesxi666> Hello all, i need to build a linux server for build purpose , i have some issue with Ubuntu 16 "server" ISO -  boot with UEFI on HP DL 360  Gen 10 box with RAID 0 ssd disks-   Ubuntu 16 "desktop"cd works well , so does it matter much if i use server or desktop?
<tomreyn> ansibleesxi666: you can install desktop and convert it to a server installation, but i wuld recommend installing the server installation instead (since converting isn't that easy). by the way, you are probably referring to ubuntu "16.04 LTS", there is no "ubuntu 16"
<tomreyn> ansibleesxi666: what is the error message you run into when you try to install using the server installer?
<leftyfb> tomreyn: all of this has been discussed in #ubuntu where they asked this same exact question
<tomreyn> oh, maybe ansibleesxi666 should refer to those answers then
<ansibleesxi666> yes 16.04.05 is what i am using , i see a strange issue, i have 3 SSD disk on box, each with 1 TB, we want to use raid 0 for perf, when i boot box with ISO of server  the OS install shows disk at 600 GB, when i try desktop iso it shows correct size of 3 TB
<ansibleesxi666> disk as 600 GB i mean
<ansibleesxi666> as i was in rush i used desktop ISO & build them for now
<ansibleesxi666> i did google as it says both desktop & server use the same Kernel so i went ahead with Desktop
<tomreyn> ansibleesxi666: so did you ask these same questions in #ubuntu before?
<ansibleesxi666> i did , i did not got answer so i am here
<tomreyn> leftyfb seems to suggest it was diuscussed there before, maybe you missed some reponses (left early)?
<tomreyn> !irclogs
<ubottu> Official channel logs can be found at https://irclogs.ubuntu.com/ . LoCo channels are now logged there too. Meetingology logs at https://ubottu.com/meetingology/logs/
<tomreyn> if you really got no replies (please point me to when it was previously dsicussed) i'll be happy to go over it with you again.
<ansibleesxi666> let me check
<ansibleesxi666> No i did not got respond what i was looking for
<ansibleesxi666> the last 2 conversation was :-
<ansibleesxi666> (7:41:48 PM) leftyfb: ansibleesxi666: when one of those drives goes bad, you will lose all your data
<ansibleesxi666> (7:42:33 PM) dxb left the room (quit: Ping timeout: 245 seconds).
<ansibleesxi666> (7:43:26 PM) ansibleesxi666: our build team wants less time & they do not care of the data on the build box as the actual build goes in central git repo.... these build nodes are purly for compuete ... but starnage issue is why server iso shows disk size as 600 GB & not 3 TB
<ansibleesxi666> brb
<ansibleesxi666> i did more google & i think i have work-around  ie in my case a desktop iso or server will not impact much  as the core kernel is same
<ansibleesxi666> thanks for your time
<cpaelzer> good morning
<lordievader> Good morning
<Jimmy06> smoser: I tried more then 10 times with the same config
<muhaha> Has anyone experience with on-prem landscape ?
<waveform> muhaha, what's up?
<muhaha> @waveform did you try to dockerize this big thing ?
<waveform> muhaha, there's juju charms for it but I don't think there's any (official) docker images
<blackflow> isn't containerizing it.... contrary to its purpose?
<muhaha> Why?
<waveform> not necessarily - containers don't *have* to be many to a machine
<waveform> for instance, the juju charms are pretty flexible - they typically set up one machine for haproxy, another for pg, etc. etc. - now those might be "real" machines, or they could just be containers
<muhaha> I will try to dockerize it, but I will have to understand to this landscape thingy..
<muhaha> I dont understand how to start this..  For example -quickstart package is useless for this. I will need to use landscape-server
<waveform> you're probably better off looking through what the quickstart script actually does - but trying it out on juju will give you a better idea of what a production setup really looks like
<waveform> (we don't recommend quickstart for scalable production deployments)
<blackflow> muhaha: in that it has to control the entire machine and dockerizing it is isolating it? or am I misunderstanding something here
<muhaha> I dont need to control host machine
<muhaha> I need to control other ones...
<muhaha> That is why I need some gateway... I does not matter if its running on bare-metal or in container
<blackflow> oh, I wasn't aware you could install the server on premises. I thought it was strictly SaaS.
<muhaha> unfortunatelly there is no alternative for ubuntu (opensource) to manage other servers :(  So I will have to use landscape. Foreman can not handle this afaik
<muhaha> *selfhosted
<blackflow> muhaha: there's always salt stack
<muhaha> of course there are also ansible and chef
<blackflow> ansible is extremely too slow crap. good for simple setups but as you scale up in complexity of config, it's way way way too slow.
<blackflow> but the point being, if you want analogous to landscape then saltstack and chef (and puppet) is more appropriate because of the client-server model and ability for clients to trigger events between them.
<rharper> Jimmy06: are you running the 18.04.1 release of the installer?
<tekgeek1205> So I have a 10G fiber connection that im trying to use for the physical connection to an OpenvSwitch. I need the host to have access to the same interface to serve as a NAS on that port. Im having problems with assigning a static ip address. DHCP works fine but isn't an option, the DHCP server will be a pfSense KVM. I've tried both ports in DHCP and they work fine. I tried both with
<tekgeek1205> static configs and I can't get a DNS. I can still ping 8.8.8.8 but not google.com. Im sure its just a simple mistake caused by my lack of knowledge. Here is my interfaces file: https://pastebin.com/5v9YvE1p
<nacc_> tekgeek1205: what version of ubuntu?
<tekgeek1205> 18.04
<tekgeek1205> server, i reverted from netplan back to ifupdown
<nacc_> tekgeek1205: you can talk to `systemd-resolve` to see how it's resolving hostnames?
<nacc_> tekgeek1205: what is in your /etc/resolv.conf?
<tekgeek1205> checking
<tekgeek1205> nameserver 127.0.0.53....... so its not getting a DNS?
<nacc_> tekgeek1205: that's systemd-resolve
<nacc_> *systemd-resolved
<nacc_> tekgeek1205: so you need to ask `systemd-resolve --status` what it is using
<mason> Ah, I was curious how to get systemd-resolved to spit that out.
<tekgeek1205> do you want that in past in?
<nacc_> tekgeek1205: yeah, that's probably useful
<tekgeek1205> the first was the resolve.conf
<nacc_> tekgeek1205: or you can just read it, to see what for that iface is listed as 'DNS Servers'
<mason> Not sure why they don't populate and maintain a text comment in /etc/resolv.conf since that's where people are going to look. Or even just a comment in that file telling people how to dig out the relevant status.
<nacc_> mason: i mostly agree with you :)
<mason> nacc_: I skipped the obvious first pick, "don't do that".
<tekgeek1205> https://pastebin.com/1QUQReM7
<teward> tekgeek1205: is that *all* you are getting?
<teward> there's usually other lines than just that
<tekgeek1205> yeah with a fresh boot and a static address....
<teward> > static address
<teward> did you set DNS record data in your netplan config?
<teward> and if so, what is it?
<tekgeek1205> no im using ifupdown, netplan and openvswitch are incompatible
<teward> then did you set dns-nameservers in ifupdown?
<tekgeek1205> yeah....https://pastebin.com/5v9YvE1p
<tekgeek1205> thats, my interfaces file
<mason> dns-nameservers in ifupdown don't negate systemd-resolved jumping in
<mason> My hope is that it uses the interfaces information, but I'm not sure
<teward> it might not be doing that properly, that's a systemd headache though.
<teward> you can force your system to use the other DNS resolvers, but you'd have to fuss around with some ResolveD config files to do it
<mason> For my part, I found that purging resolvconf helped.
<mason> I haven't tested all permutations.
<nacc_> i don't have a 16.04 in front of me, but systemd-resolve --status, should be reporting a per-link entry, i thought
<cyphermox> tekgeek1205: mason: teward: "dns-nameserver" only works if you have resolvconf installed
<cyphermox> we also don't install that by defualt, because resolvconf and systemd-resolved both want to be authoritative for nameserver info
<teward> cyphermox: so if you're using ifupdown with systemd-resolved how do you pass it the DNS servers to query via ifupdown configs?
<teward> or would that be a manual step called by `up` in the config?
<nacc_> cyphermox: thanks for that info!
<cyphermox> teward: nothing you write in ifupdown is pased to systemd-resolved.
<cyphermox> or anywhere in systemd for that matter
<cyphermox> if you use ifupdown, you need to write resolv.conf yourself, or add your DNS in /etc/systemd/resolved.conf (the DNS= line)
<teward> tekgeek1205: ^
<teward> cyphermox: is this documented anywhere?
<mason> cyphermox: Ah, I must be thinking of my "funny upgrade" I did last week then.
<tekgeek1205> waiting on a reboot then, i'll try changeing /etc/systemd/resolved.conf
<tekgeek1205> Thankyou guys!!! DNS is working! This is my first big projest with linux.I was about to give up and all back to linux brides' untill i could get a 2nd 10gb uplink card for my switches. Im still a bit green in the linux world.
<mason> tekgeek1205: \o/
<tekgeek1205> now I can go on my merry way setting up containers and vm's. 10gb from my workstation to my server has been a dream for years!!!! Time to put that ZFS array to work!
<compdoc> zfs?! oh no!
<odc> no?
<compdoc> jk :)
<odc> ah :)
<tekgeek1205> its also the root FS......that was fun
<DammitJim> do you guys have any recommendations of what is normally used as a "file server"
<DammitJim> like when one of your users logs on to a server via ssh
<DammitJim> the current directory where they land is actually a mount to a different server
<DammitJim> is that normally done with just a samba server? any other more popular options?
<jelly> from unix to unix I'd just use sftp
<jelly> and let them connect to the system hosting actual files, no network filesystem use
<DammitJim> oh, I meant like if I ssh into serverA which is an application server
<DammitJim> I am taken to a directory that is actually part of a mount to serverB
<jelly> oh, do you want users to have a $HOME on a shared file server
<DammitJim> +1
<DammitJim> I've seen that done in the past
<DammitJim> and I'm curious as to how that is normally done (especially if the backend file server is redundant)
<jelly> we don't do that at all.  NFS v4 supposedly has all sorts of nifty features for that, including clustered nfs, but i have no idea which features actually work well and are reliable
<DammitJim> thanks jelly
<DammitJim> so, related to this... are there any recommended file server clusters?
<DammitJim> in our company, many of the M2M processes just move files around
<DammitJim> I'm looking to find a way to store those files on some kind of redundant system in case that I have to do maintenance or upgrades to that resource
<Ussat> So....we DO do that with NFS v4
<Ussat> its not trivial to set up
<Ussat> so what you want is a clustered FS, which, is also not trivial
<Ussat> there are a few ways to do it
<Ussat> and none of them are simple
<tomreyn> there are also those proprietory storage clusters which can export r/w via nfs
<Ussat> ^^
<jelly> I bet netapp is simple!
<Ussat> yup...those are the simplest, although more expensive
<Ussat> ...
<jelly> glusterfs? ceph? do any of those work not horribly slow?
<Ussat> they are not made for speed
<Ussat> they are made (in theory) for resiliance
<tomreyn> i never used either, but would expect them to work out in this use case, since they are also used for storage backends in clouds
<tomreyn> (so there must be ways to configure them to not be super slow)
<jelly> don't sotrage backends in clouds just expose objects that are then used as blockdevs
<Ussat> They can both be used in this case, but neither are trivial
<DammitJim> I've heard of netapp
<DammitJim> Ussat, what would you say is the advantage of having a file system cluster?
<Ussat> yes...netapp is a thing
<DammitJim> yeah, I read about glusterfs and was going to try it out in a virtual lab
<Ussat> OK, first you need to differentiate between a cluster enabled FS and a clustered FS
<Ussat> what do you want to do
<Ussat> the reason I ask, is I work with systems that need to have a VERY high avaliability
<DammitJim> so, I'm looking at this from the perspective of: normally a server is the file server
<DammitJim> well, if I need to do maintenance on that server or it breaks, then all the applications will bork
<Ussat> so you need a cluster
<DammitJim> so, I thought... a cluster of servers would take care of that problem
<Ussat> correct, it can
<DammitJim> so, if serverA goes down, serverB will continue to service whatever the apps need
<Ussat> but that is different than a load spread FS
<Ussat> cluster
<DammitJim> what is the difference between enabled and the other option?
<Ussat> you want active <<----->> active
<Ussat> and they will share a FS, so when one dies, it releases the lock on the FS and the other picks it up
<DammitJim> oh ok, so this is not like serverA and serverB are constantly synchronizing data between them?
<Ussat> Well, you can have that, but its different
<DammitJim> who hosts the FS?
<DammitJim> 'cause then what happens if the FS server goes down?
<DammitJim> btw, I know some of my thinking sometimes will never happen
<Ussat> Generally the FS is hosted on both
<Ussat> and shared
<DammitJim> so, just yell at me if I'm thinking the wrong way
<Odd_Bloke> What's driving the need for the sharing to happen at the filesystem level?
<xrandr> DammitJim: make sure you rebalance the filesystem often
<DammitJim> file processing and hosting
<xrandr> the glusterfs
<DammitJim> rebalance? oh gosh
<Ussat> so there are a few ways....what WE do, is we have a HUGE isilon that is the FS, which is replicatedbetween datacenters
<xrandr> DammitJim: it does it for you, there's a command you can use. gluster volume rebalance <VOL> start
<xrandr> DammitJim: I am very fond of gluster :(
<xrandr> :) *
<Odd_Bloke> Your needs might be better met by using an object store for the files, where you have an API that you use to push and pull files.
<DammitJim> :) or :( ?
<Ussat> ^^^
<xrandr> DammitJim:  :)
<Odd_Bloke> Because then you just load-balance the service in the usual way you would load-balance an HTTP service.
<Ussat> yup
<DammitJim> xrandr, and you have gluster clients that mount those resources?
<Ussat> we have VERY different needs
<xrandr> DammitJim: yes.
<DammitJim> Ussat, I appreciate you sharing what YOU do
<Ussat> I work at a hospital where shit has to always be avaliable
<xrandr> DammitJim: I use it for my new business. I now have 8.1 TB between 3 servers
<Ussat> ours is a multi million dollar setup
<DammitJim> multi milllion in infrastructure?
<DammitJim> you sound like Orlando Health
<DammitJim> xrandr, how much storage do you have on each server?
<Ussat> No, not in Orlando. We are a major research hospital/University
<DammitJim> btw, isn't it weird how many layers we have to take into account for "reliability?"
<xrandr> DammitJim: If you're going to use gluster, you need to determine the setup you need. Do you want file replication (mirrored drives), or one huge drive?
<DammitJim> oh yeah, US SAT
<DammitJim> replication in my case
<xrandr> DammitJim: I have two servers with 1.4TB each, and another server with a 6T drive dedicated to gluster
<Ussat> ok, replication is pretty simple
<DammitJim> so, glusterfs is pretty good? I can deal with the "slowness"
<Ussat> it can be tuned
<xrandr> DammitJim: there's ways to speed that up. Network compression, etc.
<Ussat> yup
<xrandr> DammitJim: also, depending on your needs, I would recommend using the ssl option with it. If your data is sensitive, let it be encrypted
<Ussat> we also have to deal with encryption in flight and at rest
<DammitJim> yup, I'll need to do encryption
<xrandr> Ussat: doesn't the SSL option for the volume handle that? or is that just transmission between the servers?
<Ussat> xrandr, it might, but we use special encryption accelerator cards
<xrandr> DammitJim: I'm gonna go out on a limb here and say you know all your server's specs, right?
<DammitJim> xrandr, so, I should probably just test this in a lab, then
<DammitJim> no, I can't say I know the server specs
<xrandr> DammitJim: absolutely!
<Ussat> xrandr, we are talking almost a petabyte of data :)
<xrandr> Ussat: Which filesystem do you use at the server level? ext4 or xfs?
<DammitJim> and the cluster only needs to be something like 1TB
<DammitJim> and we'll probably only use about 1/3
<xrandr> DammitJim: I didn't have a lab to test it on, so I just went live with it and worked it as I went
<Ussat> The FS is on this:  https://www.ibm.com/us-en/marketplace/flash-storage-virtualization
<DammitJim> but we know we are growing and that should be able to keep us working for about 2 years
<Ussat> and its XFS
<DammitJim> that looks pretty
<DammitJim> that's nice that the 1st thing they say is "Save money"
<Ussat> we have one in each data center, maxxed out
<Ussat> its sales, of course they do :)
<DammitJim> 'cause you are saving money, but it's more like buying insurance
<xrandr> DammitJim: There's #gluster if ya need anything :)
<DammitJim> thanks xrandr
<xrandr> and if I'm aroumd I'd be happy to answer any questions
<DammitJim> again, xrandr you have to install gluster clients on the other servers that want to mount the file system, right?
<DammitJim> thanks
<Ussat> glusterfs will do what you want, the Uni proper uses that
<xrandr> DammitJim: no, you need to install gluster server on every server you want to add to the gluster volume
<xrandr> sorry i misread that
<xrandr> Gluster client on any machine that wants to mount the gluster volume.   Gluster server for any server that wants to contribute to the volume
<DammitJim> yup, got it
<DammitJim> do the gluster servers have to be the same for replication?
<Ussat> same, meaning ?
<DammitJim> how do you address the cluster? floating IP?
<xrandr> You'll have one master server, and a bunch of slaves
<DammitJim> same like... same storage, same RAM, same CPUs
<xrandr> the one server is the initial volume
<xrandr> then you add another to it from the first server, and so on
<Ussat> DammitJim, well, they should of course
<xrandr> DammitJim: They should, but it's not necessry
<DammitJim> oh yeah 'cause xrandr is not doing replication (6TB + 1T + 1T)
<xrandr> but you might hit some performance issues
<xrandr> DammitJim: my biggest suggestion is to make sure they are all of the same network speed
<xrandr> Don't have 100MB cards in some, and 1GB cards in others
<DammitJim> so, like 1GB and stuff
<xrandr> for some reason, gluster gets unhappy with that.
<DammitJim> got it
<xrandr> Or at least it did with me
<xrandr> DammitJim: what version of Ubuntu server are you running?
<xrandr> Ussat: how big is your Gluster volume?
 * xrandr is curious
<DammitJim> right now? please don't ask
<DammitJim> I have a ton of 14.04
<DammitJim> but I would probably set this up with 18.04
<xrandr> Good choice.  Do a little research... the packages that are bundled with ubuntu-server for gluser are apparently EOL. There's repos out ther with the 4.X which are still in production phase and are supported
<DammitJim> oh really?
<DammitJim> man, one can't win, huh? everything is EOL these days but that's probably because we haven't been able to keep up with our processes
<xrandr> DammitJim: yeah. I also have a bone to grind with the folks who wrote the gluster documentation.  When they stated it should be backwards compatible, they really needed to specify between which versions
<xrandr> i had a 3.5 and a 3.12 i think
<xrandr> They did not like each other
<DammitJim> oh yeah, one would think that one can upgrade 1 node and then the other
<DammitJim> I"m sure there are some limitations
<xrandr> Oh there are. You can only have a gap of about 3 or 4 versions
<xrandr> DammitJim: and you can upgrade one node then the other. Just make sure you keep up with it.
<xrandr> so that the versions don't fall too far apart where you can't do that
<DammitJim> I'm actually in a pickle with rabbitmq and erlang because I let it go too long
<xrandr> DammitJim: you also need to figure out which communication protocol you want to use between the servers (bricks).   There's TCP, UDP, and RDMA.  I use TCP
<xrandr> Really read through the gluster docs and figure out how you want to set things up
<xrandr> some things are changeable, some things are not
<DammitJim> do you have the servers directly connected or going through a switch?
<xrandr> DammitJim: 2 are in the same datacenter, 1 is in another
<xrandr> so 2 connected directly to each other via crossover cable, and another is on a 10GB connection
<DammitJim> I think in my case actually, they are going to be in the same Cisco UCS
<xrandr> UCS?
<DammitJim> Cisco Unified computing
<xrandr> Is that Cisco
<DammitJim> si
<xrandr> version of Amazons cloud computing?
<DammitJim> no
<xrandr> ( hit enter instead of '  )  lol
<DammitJim> these are blade servers basically
<jelly> UCS is cisco's "hyperconverged" hardware server platform
<xrandr> jelly: hmm. I've not heard of that before... gonna have to do some researching
<jelly> I think it's existed for like 10 years now, they're up to what, 3rd-4th generation?
<DammitJim> 4th
<DammitJim> maybe 5th (my system is 2 years old)
<DammitJim> SANs backend and VMware stuff
<xrandr> jelly: i am clearly out of the loop on that stuff :)   A guy I used to work with several years ago put a bad taste in my mouth as far as Cisco went
<DammitJim> Cisco is a royal pain in the bottom
<xrandr> DammitJim: your restraint is admirable
<DammitJim> a company that I can't say enough of... is Nimble Storage, even though now they are HP
<jelly> these seem to be just x86 brand name blades with some interesting features
<jelly> HPE bought Nimble?
<DammitJim> yeah... beginning of the year...
<Ussat> UCS's are fucking GREAT
<DammitJim> you think so Ussat ?
<Ussat> we have a few 4th gen
<Ussat> oh yea
<Ussat> all my VM;s are on them
<DammitJim> do you have the luxury of running  a vcenter with dozens of ESXi hosts?
<Ussat> Well.....actually. I just run the *nix side of things, but yes
<Ussat> DammitJim, again, what we do is a pretty sizeable enterprise
<DammitJim> cool
<DammitJim> man, what a pain this erlang stuff is
<Ussat> DammitJim, we have a little over a petabyte in storeage right now
<Ussat> and we need to keep stuff ...forever almost it seems
<DammitJim> forever is like a looong time
<Ussat> yes
<Ussat> medical records need to be kept a long time
<DammitJim> hey guys, how do I perform an upgrade of erlang from version 20.1-1 to just 20.3-1 even though the candidate is 21.0-1
<nacc_> DammitJim: is 20.3-1 available via `apt-cache policy` ?
<DammitJim> yes
<nacc_> and none of those numbers match ubuntu package versions
<nacc_> DammitJim: pastebin it? but you can do `sudo apt-get install erlang=<version>`
<DammitJim> that's it, nacc_ !!!t
<DammitJim> thanks!@
<DammitJim> oh gosh, I didn't realize there are a bunch of erlang packages like erlang-ic, erlang-gs that I don't want to automatically upgrade to 21, but want to keep it at 20.3
<DammitJim> or how do I tell ubuntu that when I do an: sudo apt-get dist-upgrade
<DammitJim> I don't want erlang packages to be upgraded to 21.0, but to 20.3
<DammitJim> something opened the floodgates to recommend that candidate which in my case is not compatible with rabbitmq
<DammitJim> ugh, gotta run
<DammitJim> see you guys
<nacc_> !pinning | DammitJim
<ubottu> DammitJim: pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<Epx998> 18.10 beta is out right?
<powersj> Epx998, beta is not out for Cosmic https://wiki.ubuntu.com/CosmicCuttlefish/ReleaseSchedule
<Epx998> http://cdimage.ubuntu.com/daily-live/current/ isnt a beta?
<tomreyn> as the url indicates, it's a daily build
<tomreyn> i.e. potentially broken, unstable, pre-release
<tomreyn> (the download web page also says "daily build")
<genii> Beta freeze isn't until Sept 27th anyhow for 18.10
<genii> ( according to https://wiki.ubuntu.com/CosmicCuttlefish/ReleaseSchedule )
<Epx998> yeah thats ok, some dev want to test some gpu stuff on it
<Epx998> thanks for the info
#ubuntu-server 2018-09-15
<dxc> hiya
<dxc> dumb ubuntu question: Considering an upgrade from 16.04 lts to 18.04 lts and have a networking question: The 16.04 system is obviously set up with the old style networking configuration, not netplan. If I upgrade to 18.04 will I be required to switch to netplan or will it still maintain the legacy configuration? I don't want to upgrade and suddenly find my networking borked
<dxc> ah well
<dxc> I'm out
<alterjsive> I can't select done with my ubuntu raid 5 setup
<alterjsive> i'm installing ubuntu-server
<alterjsive> I have a / partition and swap
<alterjsive> I can't select to add a boot partition
<tomreyn> alterjsive: please don't cross-post. if you prefer discussing this here, please state so in #ubuntu
<alterjsive> tomaw
<alterjsive> tomreyn, ok will so , sorry for that
<tomreyn> ok
<RoyK> alterjsive: you can't boot off a raid5, if that's what you're trying to do
<RoyK> alterjsive: explain your setup and how you want it, please
<tomreyn> alterjsive: you did not.
<alterjsive> RoyK, as I understand from #ubuntu, I need to mount my /boot on my hdd. I have a laptop with 3 ssd's, I tried several raid 5 tutorials and failed. now I was trying ubuntu server.
<RoyK> alterjsive: if you have a separate drive in addition to those ssds you want in a raid, just install ubuntu on that drive
<RoyK> alterjsive: if not, setup a separate root raid with raid-1 on partitions and boot from that
<RoyK> it doesn't need to be big - 20 gigs will do for most
#ubuntu-server 2018-09-16
<foo> If I have something in /etc/init - I forget, is that systemd ?
<jelly> foo: /etc/init is for upstart, but if files merely exists that's not proof they're used and upstart is actually running
<foo> jelly: how can I be sure? This is a system that has been online for 5+ years. I believe upstart is older and systemd is newer?
<jelly> foo: which ubuntu release is this
<jelly> lsb_release -a
<JanC> if it has been online for 5+ years, it's probably out of support...
<foo> jelly: Ubuntu 14.04.5 LTS
<foo> JanC: not yet, I've been keeping an eye on that
<jelly> foo: that one used upstart.
<foo> I mean, it's getting there, but... :)
<JanC> well, not 5+ years then
<foo> jelly: thank you
<foo> JanC: I've still been upgrading over those 5 years. :)
<jelly> dpkg -S /sbin/init
<JanC> or you upgraded it
<foo> JanC: give a foo some credit! ;)
<foo> jelly: aha, thank you: upstart: /sbin/init
<foo> so, if I was to do a fresh install of ubuntu lts today, that would not use upstart - right?
<jelly> 16.04 was the first LTS that switched over to systemd
<foo> got it. I believe systemd can support deps, can upstart do that as well? eg. I have a handful of processes I either want to associate with 1 parent, or I want to have one of the children depend on the other children
<JanC> upstart uses events to start/stop services based on what other services started/stopped
<JanC> in addition to the manpages, http://upstart.ubuntu.com/cookbook/ is probably the best source for upstart knowledge
<foo> JanC: perfect, I'll take a look there - thanks. I wrote some python code to manually do "service ___ start/stop" ... but recently was advised to do this all in my git-hook and take it out of python. Makes sense. Actually, if I do it in a git-hook, I guess I don't need to make the services depend on a parent to make it easy, I'll simply add a new service there
<foo> in the git-hook
 * foo scratches head
<JanC> "service" has the advantage of working with (almost) every init system, but you probably want to restart only one service, and have all dependent service restarted automatically too
<foo> JanC: yup, that would certainty be helpful at this point in time. I assume that's in the cookbook, checking now
<foo> 6.33.2   Start depends on another service
<foo> start on started other-service
<foo> Does that mean: A) the service won't start if the other one isn't running or B) the service will start and it'll automatically start the other-service ?
<JanC> it means the service will be started after the other-service has started
<JanC> so more or less A)
<foo> Aha, ok
<foo> I don't think there is a way, with upstart at least, to say "if this service starts, start this other service too if it's not running" - correct?
<foo> Can't seem to find that, anyway
<JanC> you'd define that in the configuration of other-service
<JanC> or you can start it in pre-start script
<foo> JanC: how would I define it in the other-service is what I don't seem to be able to find
<foo> ah, pre-start
<foo> JanC: specifically, I'm looking at python long-running processes
<JanC> in the configuration of other-service, you put "start on starting service" (where "service" is the first service)
<foo> ahh, so the child is told when to start, not a parent conf that says to start children
<foo> JanC: thank you! that distinction makes sense, I think I'm following now
<foo> JanC: now, I wonder if it makes sense to have A) dummy parent, that doesn't really do much, but several children start when parent starts or B) just pick a child and make other children start when it starts. Is there a best practice/preference here?
<foo> We basically have 1 piece of software that has 4 long running python processes associated with it (eg. services)
<JanC> you might want to look at the other services on the system to see how they depend on each other
<JanC> if the 4 processes have no clear dependency on each other it might work to have some sort of meta-service indeed
<foo> JanC: yeah, they don't have a clear dependency, which is why I'm leaning towards that... but I'm wondering, is there shorthand for making a meta-service?
<foo> eg. I can create a bash script that does nothing but sleep every second... but I'm wondering if there is something less hack-ish
<JanC> just don't have an exec statement in it
<foo> oh, heh, easy enough
<foo> I thought there was something, thank you Jan!
<JanC> you would have "start on starting meta-service" and "stop on stopping meta-service" in each of the "subservices", or something like that
<foo> JanC: yup, that would do the trick. When I upgrade to the latest ubuntu early next year, I suspect I'll have to change this for systemd
