#ubuntu-server 2006-08-07
<verbose_> how safe is it to use ntfsresize on a ntfs partition that has somewhat important data on it
<thefish> any ldap bods here? I need to search by username, and return the names of the groups they are a member of... any ideas?
<thefish> ldapsearch -x '(&(objectClass=groupOfNames)(cn=*)(member=cn=joeuser,dc=foobar,dc=com))' seems to work
<fryfrog> so, i've just started poking around in ubuntu-server and i had some questions that google didn't turn up answers to
<fryfrog> or i was not searching well :)
<fryfrog> I am looking into building a vmware appliance lamp for gallery2, and i was looking for ways of slimming down the size as much as possible
<lionelp> hi fryfrog
<lionelp> the basic server installation is quite minimal
<fryfrog> 400-500mb :(
<lionelp> hum... I would have said less (about 300Mb)
<fryfrog> maybe 400mb once i clear the apt cache
<lionelp> fryfrog: you are talking about the LAMP server installation or the server installation ?
<fryfrog> ah, sorry LAMP
<lionelp> np :)
<lionelp> I think on LAMP installation, you have thinks you does not necessary need in your case
<lionelp> But it is not so enormous a 400Mb file to download nowaday
<fryfrog> no, not terrible
<fryfrog> every little bit helps though
<fryfrog> i need to figure out apt :)
<fryfrog> my big annoyance is that imagemagick pulls in X :(
<lionelp> yes, right...
<lionelp> does gallery2 (i do not know it very well) needs imagemagick ?
<fryfrog> well, sort of
<fryfrog> it can use imagemagick, gd and netpbm
<fryfrog> dcraw and ffmpeg as well
<fryfrog> it would be *nice* to include support for all of them, since its likely the vmware image will be used to test features and maybe do dev work
#ubuntu-server 2006-08-10
* Starting logfile irclogs/ubuntu-server.log
<nerophibia> hello
<frafra> ok 
#ubuntu-server 2006-08-11
<edgy> Hi, I added a ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/ to make my lists.domain.com/mailman works but I want lists.domain.com to be an alias instead what shall I do, please?
<edgy> or actually I think the reverse /usr/lib/cgi-bin/mailman
<ag[1] > hi
<Bicchi> i just got a new server up. what is the command to turn off the machine.
<Ries> shutdown -h now
<Ries> sudo shutdown -h now
#ubuntu-server 2006-08-12
<ag[1] > hi
<ag[1] > can i get help?
<ag[1] >  i'm trying to make hostname and hostname -f to be the same, so i edit /etc/hosts   (line 1) 127.0.0.1 localhost.localdomain localhost (line 2) 192.168.2.110 ahazg.pc                  but it doesnt work when i type hostname i get ahazg and for hostname -f i get ahazg.pc    i want both to be ahazg.pc
<infinity> You don't want that.
<infinity> hostname is MEANT to be only the first part of the FQDN.
<infinity> (base)adconrad@cthulhu:~$ hostname
<infinity> cthulhu
<infinity> (base)adconrad@cthulhu:~$ hostname -f
<infinity> cthulhu.0c3.net
<ag[1] > ok thanks
<ag[1] > infinity,  y wouldnt it be good
<infinity> ag[1] : Let me reverse the question -- Why do you want it to violate spec and the expectation of every piece of UNIX software ever written?
<ag[1] > sorry, i am kind of new to the world of unix
<infinity> Anyhow, if you're insistent on breaking it, you can set a FQDN in /etc/hostname, which will set your hostname on boot to be what you want.
<infinity> But I highly recommend looking at WHY you want it to do that, and figuring out how to avoid it. :)
<ag[1] > im basically following this guide 
<ag[1] > http://www.howtoforge.com/perfect_setup_ubuntu_6.06_p3
<ag[1] > Now run
<ag[1] > hostname
<ag[1] > hostname -f
<ag[1] > Both should show server1.example.com. 
<ag[1] > thats from the site
<infinity> Right, whoever wrote that shouldn't have. :)
<infinity> They shouldn't have written most of it, to be honest.
<infinity> Encouraging people to enable to root account isn't helpful either.
<infinity> Or encouraging them to install random software they don't need.
<infinity> This HOWTO's just filled with uselessness.
<ag[1] > then how would you be able to perform commands like apt-get without root
<infinity> It's more like this guy's notes on how HE likes to setup HIS machine, but it seems useless to post it publically for others to follow.
<infinity> "sudo apt-get install foo"
<infinity> Or if you want to become root for an extended period "sudo su -"
<ag[1] > i just use "su"
<ag[1] > is that the same thing
<infinity> Yes, I know.  I read the HOWTO. :P
<ag[1] > ok
<infinity> Using "su" means that you've set a root password.
<ag[1] > i shouldn't have done that?
<infinity> Which means you now get to deal with making sure daemons don't allow root authentication and other such, making it easier for people to brute-force root.
<infinity> It also means that you're far more likely to keep open a root shell and do silly things with it.
<infinity> While doing "sudo random-command" every time you want to run something is a subtle reminder that you might be breaking the world.
<ag[1] > any way to undo what i did
<infinity> But, *shrug*... It's up to you.  We don't stop you from enabling root.  I just wish 3rd party documentation wouldn't TELL people to enable it as if you absolutely must do it.  Certainly not without first discussing the pros/cons.
<ag[1] > i c ur point, its a security threat
<infinity> "sudo passwd -d root" would delete root's password again.
<infinity> Though that doesn't seem to return the shadow record to factory fresh.
<infinity> Seems to do the trick anyway.
<ag[1] > so r u implying that it would be better to do a reinstall of unbuntu server
<infinity> Nah.  Though, if you're just learning and breaking things anyway, you'll probably end up taking some notes, and reinstalling again in a day or two to make sure you understand what you've learned. :)
<infinity> I don't think there's a single OS I've ever installed "just once" the first time I did it.
<ag[1] > that was what i was going to do
<infinity> Also, word of advice.  If you don't want to drive people on technical IRC channels completely insane, try to avoid AOL/TXTisms like "i c ur point" and "r u implying"...
<infinity> It doesn't take much longer to type the whole word out, and we will be less likely to want to gouge our eyes out.
<ag[1] > ok
<ag[1] > ok now instead of using su i would use sudo [command]  right
<infinity> Right.
<infinity> https://help.ubuntu.com/community/RootSudo <-- Might be a good read.
<ag[1] > Sudo is no different than gksu, right?
<infinity> gksudo, even. :)
<infinity> (gksu and gksudo are in the same package, mind you, but one behaves like su -- asking for the root password -- the other behaves like sudo, asking for your password and obeying /etc/sudoers)
<ag[1] > I always use "gksu apt-get [command] " in Debain
<ag[1] > linux is very hard
#ubuntu-server 2007-08-06
<NETWizz> At least Group Policy is defined already
<NETWizz> I don't know if Seamless RDP will work
<NETWizz> I think fast user switching must be on
<mattwalston> I know it will prompt for credentials
<mattwalston> I am booting a vm to check
<mattwalston> NETWizz: it was not an issue for this client since he was just running qbes7 and all users have to have full control of company file to use it (horrible!) and the software handles its own login
<NETWizz> yuckey
<NETWizz> Well I am off to the gym
<NETWizz> Thanks for the help
<mattwalston> NETWizz: just tested, fast user switching is not needed, if you remove l/p info and execute, a full screen rdp to do interactive login starts, afterwards it works
<NETWizz> l/p?
<NETWizz> login password
<NETWizz> Okay thanks a lot
<NETWizz> I appreciate you helping me
<NETWizz> Talk to you later; I hope
<mralphabet> maccam912: is this a machine hosted at your house?
<maccam912> yeah
<mralphabet> maccam912: Your ISP most likely has port 80 blocked on their side
<maccam912> that is what I thought, but I have contacted them several times (them being Charter) and they have replied on all occasions that they are not blocking anything, and that any problems are my own fault
<mralphabet> maccam912: Charter blocks 80, their techs don't know their ass from a hole in the ground
<maccam912> I s'pose not.
<maccam912> how would I go about getting them to unblock it for me
<mralphabet> maccam912: they won't, you don't pay them enough for a residential account for you to host services at your house . .. pay them more money to go to a business / static ip account and they may unblock it
<maccam912> or would there be a better ISP that doesn't block it?
<maccam912> lol ok thanks
<mralphabet> maccam912: most ISP's block inbound connections to port 80, doesn't matter who you go through
<mralphabet> maccam912: you will need to do your own research in your area.
<maccam912> right now I'm using dyndns.org to give people so they don't have to remember an IP address, but is there somewhere that will automatically forward traffic to port 80 to port 2010 before sending it to me and then take that and send it back to port 80 for the user?
<maccam912> or is there no way of getting around the dyndns.org:2010
<ScottK> They only block it, as a rule, for account that running a web server violates their terms of service.
<maccam912> lol then I guess they really have no clue at charter, because I have also asked multiple times whether hosting my own personal website went against any rules and they all responded that I was in the clear
<maccam912> well thanks for your help
<maccam912> I'll probably talk to charter, see who is lying to me. Sounds like something fun to do on a sunday eh?
* maccam912 all work and no play makes maccam912 a dull boy
<jbrouhard> Hey all
<jbrouhard> Anyone ever have a problem installing debian or ubuntu on a Dell PowerEdge 6450 ?
<dthacker> what kind of problem?
<jbrouhard> Keeps saying unable to copy from CD-ROM
<jbrouhard> Both the CDROM and CD are known-working
<dthacker> yes......but.  I just went through this.  I'd try and replace the CD-ROM, if it's not too much trouble. 
<jbrouhard> Tried that already 
<dthacker> I had one that would read intermittently
<dthacker> Are you able to verify media from the opening menu?
<jbrouhard> actually haven't tried that
<dthacker> I'd give that a try.  I'd also try to re-burn the media at a lower speed or on a different burner.
<jbrouhard> still doesn't explain why WIndows 2003 Enterprise loads fine
<dthacker> hehe. hate when that happens.  
<jbrouhard> i have a $225, 200 pound paperweight as far as my business is concerned ;(
<jbrouhard> whioch bloody sucks
<jbrouhard> meh
<jbrouhard> screw this
<jbrouhard> gonna blow the drives away, re-set the SCSI BIOS
<jbrouhard> and.. uh..
<jbrouhard> take some of the memory out of it
<jbrouhard> Probably end up e-baying the machine
<dthacker> It's probably worth a few tries with different media that you've run verification on
<jbrouhard> i've done every CD i have here, dthacker
<jbrouhard> all are known good in other systems
<jbrouhard> just not the PowerEdge, and I've tried other CD-ROMS in there
<dthacker> very strange.  I'm afraid I don't have any good advice then. 
<jbrouhard> dthacker: if I had a converter for the CDROM drive i'd be all over it
<jbrouhard> but the bloody thing has a slimline CD-ROM drive
<dthacker> argh. 
<jbrouhard> *burns ubuntu-server ISO and will run verification on laptop
<jbrouhard> dthacker: what did you do to get your PowerEdge to work ?
<dthacker> jbrouhard: I had an older tower with a full height CDROM.  I swapped it out with a newer CDROM.
<jbrouhard> Ah
<jbrouhard> Trade ya?  LOL
<jbrouhard> Okay
<jbrouhard> ubuntu-server CDROM valid
<dthacker> I do sympathize, because I think those slimlines are very prone to trouble
<jbrouhard> lets see if it'll work
<jbrouhard> okay
<jbrouhard> dthacker: Ubuntu6.06 CD known good (just ran a check on it)
<jbrouhard> now trying it i nthe PowerEdge
<jbrouhard> will run a CD check too
<jbrouhard> it's possible this thing just hates me 
<PanzerMKZ> switch out the slimline with another
<jbrouhard> did that last night
<jbrouhard> same problem
<PanzerMKZ> please tell what kind of dell server this is?
<jbrouhard> Dell PowerEdge 6450
<jbrouhard> Quad Xeon 900Mhz, 2x 9GB SCSI drives
<jbrouhard> 2GB RAM 
<PanzerMKZ> well darn it I was afraid you where going to say something like that
<PanzerMKZ> let me guess ubuntu server starts loading but then gives error message that it can't find the cdrom
<PanzerMKZ> and when you tried other linux distro's then you got the same thing
<jbrouhard> yup
<jbrouhard> Windows works fine
<PanzerMKZ> I have two of those. both dual 700's.
<jbrouhard> ok
<jbrouhard> ever get them working ?
<PanzerMKZ> but like you I could not get ubuntu installed native.
<PanzerMKZ> the boss loaded up Xen (or Zen) and then installed ubuntu in virt server
<PanzerMKZ> sorry I could not help more
<jbrouhard> oh, well
<PanzerMKZ> I do have one offline that we could test with.
<PanzerMKZ> got to find a drive cage for it
<jbrouhard> hmm
<jbrouhard> what about...
<jbrouhard> net boot ?
<jbrouhard> off a floppy disk ?
<jbrouhard> that';s about the only thing i've not tried yet
<PanzerMKZ> might work. I was going to try something like that off serial port for one of the dell powervaults that I have
<PanzerMKZ> so if I might ask though what are you going to be doing with this quad?
<jbrouhard> PanzerMKZ: Seriously considering selling it
<jbrouhard> It's no use to my company right now, and I need a solution like last week <G>
<jbrouhard> This was supposed to be it, so I'm a week and half behind in getting things taken care of
<PanzerMKZ> yea. I did not put a second in the rack cause of this very reason. I got a couple of older compaq DL360's
<PanzerMKZ> but even that had an issue as I wanted to install ubuntu
<PanzerMKZ> and the stock server cd does not play well with the raid controller in the DL360
<jbrouhard> *nods*
<jbrouhard> I'm not sure what i'm gonna do here to be honest
<jbrouhard> if i ebay it, i stand to recoup my lost PLUS be able to get the parts i need for the correct server
<jbrouhard> otherwise, I'm gonna be hurting for months
<PanzerMKZ> hmm. what spec of server are you looking for? I have another dual 1gig DL360
<PanzerMKZ> and I have iso to make ubuntu server 7,04 work great on them
<jbrouhard> hmm
<jbrouhard> Dual processor, 1GB RAM or better
<PanzerMKZ> oh two gig then would be enough?
<PanzerMKZ> or just 1gig?
<PanzerMKZ> pm then?
<jbrouhard> something that can hopefully handle SATA drives
<jbrouhard> sure
<jbrouhard> PM me please
<PanzerMKZ> well nm then
<PanzerMKZ> what I got won't handle sata. scsi only
<jbrouhard> SATA is not mandatory ,but prefered.  if SCSI is available
<jbrouhard> hmm.. how many drives ?
<PanzerMKZ> 2
<jbrouhard> 2?  Size ?
<PanzerMKZ> well I have 18gigs
<jbrouhard> Lets go private
<cyclops> hi all
<cyclops> I have just configured my dns but I now realise I have to pay for domain name(s) registration.
<cyclops> Is there no way for me to setup my domain manually without having to pay a registrar or is there a free domain registrar out there
<poningru> yes there is
<poningru> dynamic domain registrations
<poningru> but you wont get something.tld
<poningru> it would be something like something.ath.cx
<jbrouhard> anyone here ever use plesk before ?
<poningru> or something like that
<poningru> cyclops: 
<poningru> cyclops: search around for dyndns
<cyclops> poningru: I have a static IP, do I have to use dynamic dns
<poningru> I know
<poningru> well if you dont want to pay 10USD per year
<cyclops> ok
<poningru> unless you are a business it doesnt matter really
<cyclops> I am not though I just want to be able to host my own web services and mail server
<cyclops> But I found out that after configuring bind, I cant still get answer when I query for the domain
<poningru> yeah you have to register
<cyclops> this dydns stuff, do I have to pay as well
<cyclops> I cant get their site to open
<poningru> hmm?
<poningru> why are you running bind?
<poningru> which dyndns?
<AnRkey> hi all
<AnRkey> can anyone suggest a sata raid card that is detected automatically by ubuntu?
<pschulz01> Anyone here using egroupware?
<juliux> pschulz01, i tried egroupware
<pschulz01> juliux: How about cacti?
<juliux> i didn't test it a longtime because it was not working with evolution
<pschulz01> I'm seeing some 'interferance' between these two packages...
<pschulz01> egroupware stomps on something that cacti uses.
<pschulz01> It's wierd.
<juliux> did you allready asked in the egroupware forum and mailinglist?
<pschulz01> juliux: No.. not yet.. I had to remove egroupware, then 'dpkg-reconfigure cacti' (keeping the database.. then cacti worked again.
<juliux> ok
<pschulz01> juliux: I was just trying to evaluate egroupware.
<Lunex> Hi, could anybody help me with the installation ? Install stops at Software 85% (i update-magager-core is the aktual package ) thx ;-)
<Burgundavia> Lunex: have you checked your disk for errors
<Burgundavia> ?
<Lunex> y
<Lunex> seems to be ok
<Lunex> did the "check cd for defects" option in the boot menu
<Burgundavia> right
<Burgundavia> md5summed the iso?
<Lunex> ot yet
<Lunex> not yet
<Lunex> hardware is a little bit older 800mhz pentium 256 mb ram, but should do ?
<Burgundavia> depending on usage, yes
<Burgundavia> my apache server runs on less than that, but it serves up nothing too intense
<Lunex> just a nagios server -> http://wikipedia.org/wiki/Nagios
<Lunex> any option to do a "save" install or anything like this ?
<Lunex> the install just stops at 85% nothing to do there
<Burgundavia> better to reinstall completely if you have an issue with the iso or disk
<Lunex> just downloaded and made a cd of it, allowed the installer to use whole disk
<Lunex> i dont think its an cd oder drive issue , whats your opinion
<Burgundavia> it might be a cd drive issue, given the age of the hardware
<Lunex> or do you know any ressources handling ubuntu-server install problems ?
<Burgundavia> but much more likely it is a bad burn
<Lunex> hmm ok i'll try another drive
<Lunex> but if cd check says its ok ?
<Lunex> hmm i will try another drive first, thx
<Lunex> i think i will make partitions manual, any recommendations ?
<Lunex> 20gb available
<Burn> hello, does somebody know when php5.2 comes in the dapper-server repo?
<infinity> Burn: It's in feisty and gutsy.  We don't update software versions in stable releases, so it'll never be on daper, if that's what you're asking.
<infinity> s/daper/dapper/
<infinity> Burn: We only do security updates on stable releases.  Bumping versions (especially of things like PHP) breaks too many people's existing code/setups/whatever.
<infinity> (That's sort of the point of a stable release... Something you know you don't have to keep changing your code to work with)
<ScottK> There are backports.
<ScottK> But there would have to be testing done to show it didn't breaks stuff
<spike> hi
<ScottK> And backports is a community effort, so there'd have to be a community interest.
<ScottK> Hi
<spike> is anybody using partman with expert recipe and managed to get it setting up multiple disks with a mix of regular and LVM partitions?
<spike> using preseeding
<spike> neither the example-preseed, nor the debian-installed docs mention a second disk
<spike> and the expert_recipe itself is all about partitions only, so I wouldnt even know where to start to tell it to create a PV spanning sda and sdb
<ScottK> Dunno about anybody, but not me.
<Lunex> Hi, could anybody help me with the installation ? Install stops at Software 85% (i update-magager-core is the aktual package ) thx ;-)
<Burn> infinity: hm, yes, so what should I do when some customers need it?
<Lunex> system seems to freeze, just displaying "installed update-manager-core" and 85% overall
<infinity> Burn: I've never met anyone who needs a newer version of PHP, only one who wants it.  But if that's a service you're providing, I don't imagine it's my responsibility to provide it for you (sorry to sound so hard, but that's the reality of it)
<infinity> Burn: I focus on putting out solid, stable releases.  If you need ever-changing software, run newer versions of Ubuntu, or backport packages to dapper, I guess.
<Burn> infinity: no, of course it isn't your responsability
<Burn> I'm just want to find a good solution with Ubuntu dapper
<Burn> php is the only thing that needs the upgrade
<mattwalston> Anyone have suggestions for troubleshooting slow to establish ssh connection issue?  I tried the config change on the client, disabled mDNS but still not working.
<nealmcb> mattwalston: pastebin the -v output of ssh, and note where it is slow
<mattwalston> nealmcb: pastebin for ssh http://paste.ubuntu-nl.org/32766/
<mattwalston> nealmcb: thanks for the help, but found the problem... dns issue
<nealmcb> mattwalston: it is doing a lot of work with your various keys (both rsa and dsa?) but you don't seem to be using them - doing passwd instead?
<mattwalston> nealmcb: for now, i have not setup keys
<nealmcb> ahh - good.  Tell us more, and lets make those bug descriptions better
<mattwalston> the default install creats a hostfile containing loopback to hostname only, i just set the ip to the fqdn for each machine and then it was fixed, also did the client config file change and disabled mdns, i will reenable both to see what was needed
<mattwalston> config file change was not needed
<mattwalston> neither was killing mdns
<nealmcb> mattwalston: thanks.  so what was the exact /etc/hosts change?
<nealmcb> and on which machine?
<mattwalston> http://paste.ubuntu-nl.org/32769/
<mattwalston> nealmcb: all of them, i assume, i could have just added a records to dns but...
<nealmcb> so that is a hosts file you use on all three machines?
<mattwalston> nealmcb: correct
<mattwalston> nealmcb: fyi, it is a test for our new systems, to headless machines running vmware server and an application server with ltsp clients hooked in
<nealmcb> mattwalston: if you can add that fix to one or the other bug for ssh slowness, it would be great
<mattwalston> nealmcb: sure
<nealmcb> https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/84899
<ubotu> Launchpad bug 84899 in openssh "SSH with GSSAPIAuthentication option on SSH servers are very slow" [Medium,Incomplete]  
<mattwalston> nealmcb: i updated the bug
<mattwalston> nealmcb: is launchpad'
<mattwalston> nealmcb: is launchpad's backend gnu gpl?
<nealmcb> mattwalston: not yet.  they're working on open-sourcing it, but they also don't want to see yet more proliferation of different launchpad-like things, which I quite understand
<nealmcb> but I think it would be more useful if others could contribute to the code base
<ScottK> More people would be willing to use it for their projects too.
<mattwalston> nealmcb: i can understand... i am trying to find a good trouble ticketing system to modify into a helpdesk type system
<nealmcb> ScottK: yeah
<ScottK> mattwalston: Did you look at RT?
<mattwalston> ScottK: don't think so, i googled looked at 4 or 5 and a lot were junk so i gave up
<ScottK> I've used RT before and it works reasonably well and is GPL.
<ScottK> It's a large Perl package, so performance is very, umm, Perl-like, but with a decent machine it does fine.
<mattwalston> ScottK: thanks, i am looking at it now, seems pretty good
<ScottK> It's also in the Ubuntu repositories.  Be careful though, there are multiple versioned packages, so make sure you get the one you want.
<nealmcb> mattwalston: have you looked at trac?
<nealmcb> http://trac.edgewall.org/
<maswan> mattwalston: RT is what we use here at work, and it works pretty well
<mattwalston> maswan: thanks
<malnilion> Is anybody in here good with apache?
<leonel> and the problem is ?
<mralphabet> apache n me are good, we just had lunch last week
<malnilion> I've got a web form that uses a .pl file but instead of apache running it, it tries to send it to me as a download.
<mralphabet> malnilion: have you tried the #apache channel?
<malnilion> Yeah, I'm trying there
<malnilion> I'm currently getting some help, I'll be back if I don't get it working
<nealmcb> malnilion: It is easiest for us to help if you check out the Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<malnilion> Right, I'm sorry.
<malnilion> I've got my issue solved.
<nealmcb> malnilion: excellent!
<malnilion> Mostly solved anyway :)
<leonel> malnilion: and what was  the solution ?
<malnilion> leonel: hard to say, but it seemed to be a combination of changing file permissions and changing my extension from .pl to .perl (though that shouldn't be a fix); if all is well, I should be able to change .perl back to .pl.  At any rate, I got a hello world perl script to run.
<zim> hi all having problems getting sound to work on a 7.04 server install any help would be great
<zim> is anyone alive in here
<mattwalston> i'm alive and well, zim
<mralphabet> zim: it's been less then 45 seconds since you asked your question, some may still be trying to figure out why a server needs sound ;)
<zim> some of my backup scripts report fails over espeak great from crontab 
<zim> it yells at me when things go wrong
<mralphabet> zim: hah, that's an interesting use
* mattwalston remembers when he put mp3's on the company mail server and hooked it into the pa system
<zim> anyway espeak foobar is very quiet :(
<mralphabet> zim: you may have better luck in #ubuntu
<zim> there answer was apt-get install ubuntu-desktop
<zim> I think not
<sommer> zim: what program are you using to play the files?
<zim> dont know
<zim> am trying to get espeak to work
<sommer> is the module for your sound card loaded?
<sommer> also you might try playing a regular sound file first.
<zim> dont know how what do i do
<sommer> at leat that make sure you have volume
<zim> have done
<zim> used aumix
<sommer> if you have alsa-utils installed try:
<sommer> aplay somefile.wav, somefile.mp3, or whatever file type.
<sommer> you should here the file being played and stuff.
<zim> ok
<sommer> I mean hear...heh
<zim> no sound ---> Playing WAVE 'a_barf.wav' : Unsigned 8 bit, Rate 8000 Hz, Mono
<sommer> what sound card do you have?
<zim> how do i tell
<zim> on board
<sommer> lspci then look for audio controller.
<zim> 00:1f.5 Multimedia audio controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller (rev 02)
<sommer> then you'll need the ac97 modules.  Do a lsmod | grep -i ac97 and see if you get anything back.
<zim> http://paste.ubuntu-nl.org/32808/
<sommer> cool looks like you've got the drivers loaded. 
<zim> so why no sound ?
<sommer> not 100% sure.  You might try alsamixer and make sure nothing is muted.
<sommer> try upping the volume on any pcm levels.
<zim> have done no joy
<sommer> you're speakers are good right?
<sommer> another thing to check is: lsmod | grep snd
<zim> go all well
<zim> ty for you help
<sommer> it's working?
<zim> yup
<nealmcb> what made it work?
<zim> i just restarted
<zim> somthing must have worked
<sommer> heh...maybe the sound levels in alsamixer.
<sommer> that usually works for me...don't usually have to reboot though.
<zim> ty again
<sommer> no problem.  you're welcome.
<zim> hi all again is there a way to stop the screen turning off after x time on the server install (power manager)?
<zim> and where can i set the screen size as i installed it on a 1280 x 1024 but have a 1024 x 768 pluged in and i cant see about 5 lines down
<daq4th> moin
<daq4th> sorry ;-)
<zim> hi all
<zim> why has vim lost its syntax colours ?
<sommer> are you using vim or vim-tiny?
<malnilion> Open question, if any of you were going to create a website with a contact form page which would simply email to a certain user, would you write the script yourself or use a pre-existing script?
<infinity> I'd write it myself, because most of the pre-existing things are scary and convoluted, while doing it yourself is about 3 lines of input validation and one line of mailing.
<infinity> But, y'know.  That's me, after having accidentally worked in the web industry for several years.
<malnilion> infinity, if it were you, what would you use to send the message.  The sendmail program seems to be a popular choice from what I've seen.
<infinity> Err, there's something other than sendmail? :P
<malnilion> Okey dokey, that's the answer I wanted to hear :)
<infinity> (By that, I mean /usr/sbin/sendmail, as provided by MTAs like Exim, Postfix, and Sendmail, not the actual "sendmail" MTA)
<infinity> But, your language of choice probably provides an abstraction to sendmail, which you should use.
<infinity> In perl, there's a few good modules, in PHP, it's the mail() function, etc.
<infinity> If you're writing shell CGIs, then you can use sendmail directly, I guess, or use "mail".
<infinity> (Does anyone other than me write shell CGIs?)
<lamont> infinity: exec("/usr/sbin/sendmail -bs") :-)
<PhantomSoulz> http://imgs.xkcd.com/comics/rtfm.png
<fednube> are there any tutoral on how to jail users to upload, download and delete ..... how easy is it to setup chroot via ssh ?
<infinity> fednube: This still isn't #ubuntu.
<infinity> fednube: You can't chroot ssh, only limit commands.  For chrooting FTP, which is probably what you want, vsftpd and proftpd are both quite good at it, and have extensive documentation.
<fednube> hehhe i was pointed here by #ubuntu and i was pointed to #ubuntu by #ubuntu-dev
<fednube> i read that ftp server are not secure 
<fednube> thats why i was looking for something secure 
<fednube> i want to run a server where my client (some untrusted ) can upload and download their files someone told me to use sftp and to chroot each user to their own home directory
<infinity> fednube: FTP isn't inherently secure or insecure.  Standard FTP uses plain text password but, then again, so do standard POP and IMAP mail access, which doesn't bug most people...
<infinity> fednube: vsftpd and proftpd can both do ftp-ssl, though, which ends up being just as secure as you (and your users) want it to be, really.
<fednube> infinity -- so providing ssh login to the public would not be your first choice then?......
<infinity> fednube: Generally not.
<fednube> im just looking for guidance in the best dirction and the cheapest way for me to provide this service 
<fednube> ok
<fednube> im confused though because everyone in tutorial seems to bash FTP in favour for SFTP and ssh
<fednube> maybe im missing a point here
<infinity> You can do sftponly in sshd_config, but you can't easily chroot it.
<infinity> sftp/ssh is a great solution if you want people to have shell access to your machine.
<infinity> (or, if you want them to be able to walk the filesystem remotely)
<infinity> If you want "stupid web users" to be able to upload to their own webspace, and nowhere else, you almost certainly want a flexible FTP daemon.
<infinity> And if you're concerned about passwords on the wire, you want ftp-ssl.
<fednube> ok i see see you point and it make sense... it was me who was getting things wrong
<infinity> I don't tend to care much about password compromises on web hosts, since it's their problem, not mine, if their website gets defaced, but that's just my take.
<fednube> infinity --- thanks for helping me out im a newbie with one goal in mind so now ill start again this time looking for ftp and ssl
<fednube> thanks
<coNP> maccam912: still here?
<maccam912> yeah I don't konw what happened there
<coNP> do you have a router?
<infinity> fednube: I recommend proftpd, because I use it, and because the config syntax is nice (sort of apache-like), but others really like vsftpd.. (and we support both in Ubuntu)
<maccam912> coNP: yeah, a netgear one, nothing special
<infinity> Oh, wait.  I lie.
<infinity> fednube: We don't support proftpd.  I lied. :)
<coNP> maccam912: is port forwarding turned on?
<infinity> fednube: So, even though I use it, I wouldn't recommend it for a self-confessed "noob", cause you might not get security updates. :)
<infinity> fednube: vsftpd would be the way to go.  Should have lots of docs.
<maccam912> coNP: yes, everything should be set up. I can get to it on port 80, from anywhere on my side of the network, but nobody outside of my network can get to it
<maccam912> coNP: actually I also have it set up to work on port 2010, and remote people can get to it fine on that port
<coNP> maccam912: then it seems that your router is not configured properly
<fednube> infinity --- i using using proftp until a stupid person in fedora forum told me it was unscure for public users and that i should change for sftp, chroot and ssh . after reading all the ftp bashing i thought he was right
<fednube> i was
<fednube> so i guess i learnt my lesson, not beleive the hype
<fednube> this is why im here because now i will be using ubuntu
<infinity> maccam912: Your router might be blocking port 80 because it's the management port by default or, alternately, your ISP might filter port 80 (many do).
<maccam912> I did contact charter (my ISP) and the man I talked to assured me multiple times that they DEFINATELY do not block traffic on any port.
<maccam912> I explained it a few times to him, and the said, "yes, I know what you are saying. I can assure you, I am positive that, we do not block or filter any traffic for our users"
<coNP> maccam912: but is *your* router setup to do port forwarding?
<maccam912> coNP: yes, I think so
<coNP> you should be at least sure :D
<maccam912> I am forwarding traffic on port 80 to my box,
<maccam912> the one with the server set up
<coNP> oh I see
<maccam912> its identical to port 2010, which does work for remote users
<coNP> maybe try to use another port on your router
<coNP> to test if your provider is not filtering thing indeed
<coNP> e.g. remote port 2101 to local 80
<maccam912> well, http://maccam912.dyndns.org:2010/ works for most people
<infinity> Err, that's what he's done.
<coNP> 2011 but should be the same
<coNP> okay I tend to assume that *I* did the mistake
<coNP> and tend to give advices in this manner as well :)
<coNP> Oh sure. I misunderstood you.
<maccam912> I'm sorry, I don't see what I did wrong then...
<coNP> Sorry.
<infinity> If the ISP is filtering, they'll only filter 25, 80, and a few others.
<coNP> No, I am sorry.
<infinity> And it's entirely possible the guy on the phone either lied, or assumed you were talking about outbound traffic.
<coNP> I'll traceroute your
<coNP> IP
<maccam912> so you are fairly sure that they were lying when they said they weren't filtering
<infinity> It's also possible your router sucks.
<maccam912> 71.90.70.137
<infinity> coNP: You can't ping him, his ICMP is filtered.
<coNP> I can resolve IPs from DNS... but thanks anyway :)
<infinity> coNP: And I'm not sure what good you think tracing will do. :)
<coNP> Oh, you are right.
<infinity> maccam912: 80 isn't explicitely filtered, it's just not open.  So, it's your router sucking.
<maccam912> not sure how you know that but thank you
<coNP> I guess nmap
<coNP> but infinity can tell :)
<maccam912> I've got a spare NETGEAR router, or can I get my netgear router up and running? (I know this isn't a router support channel, but any help is appreciated)
<coNP> You should try that IMHO.
<maccam912> netgear over linksys?
<coNP> Only one of them
<maccam912> any suggestions? or will either one do?
<coNP> But I don't know what is your network topology, of course.
<maccam912> well, I got cable coming to my modem, which goes to an ethernet cable to my router, which then connects to the rest of my computers
<maccam912> I've got my linksys settings open right now. would the fact that I connect to my linksys settings thru a web browser have anything to do with disrupting traffic to my server?
<infinity> Err, yes.
<infinity> If you do it on port 80, it won't listen on port 80 to forward it.
<infinity> Change your management port to something else (say, 8080), then set up the forwarding rules for 80.
<maccam912> my only choices are http and https, so you're saying https should work?
<infinity> You're kidding.  It doesn't let you specify an arbitrary management port?
<infinity> What a hunk of...
<maccam912> nope, I don't think so
<infinity> But, yes.  Switch it to https, then.
<mralphabet> maccam912: charter is lieing, port 80 inbound does not work
<maccam912> I'll check again, but I don't think I had any more options
<maccam912> I think thats what you told me yesterday
<mralphabet> it is what I told you yesterday
<maccam912> and you're sticking to your guns :)
<mralphabet> Charter used to filter anything < 1024 inbound then they started to move to selective ports
<infinity> mralphabet: They're not dropping packets to port 80.
<maccam912> they did explicitly tell me that they are not blocking anything
<mralphabet> infinity: I don't know what you are looking at, but 80 doesn't work
<mralphabet> 88 works, 8080 works . . . any of the other non-standard "standard" http ports work, 80 does not
<infinity> mralphabet: I'm looking at the fact that I get an RST on 80.  If it was filtered, I'd get no response.
<mralphabet> infinity: we may need to agree to disagree here, I stand by my statement
<infinity> If his router is running the management interface on 80, it won't also forward 80, it'll just block it on the external interface.
<infinity> So, what the ISP is or isn't doing is moot at that point.
<mralphabet> correct
<mralphabet> What I am saying is that charter (regardless of whatever you are seeing) breaks inbound port 80 (again, regardless of management interface or not)
<maccam912> I set it up so local management is HTTPS (not HTTP) and remote management is 8080, so there shouldn't be port 80 when managing
<maccam912> it should all go to my server if charter isn't blocking it
<maccam912> (unless HTTPS is using port 80?)
<mralphabet> https uses 443
<infinity> https should be 443.
* Nafallo knows way to many numbers by heart now
* mralphabet knows the feeling
<maccam912> so it is charter?
<jetole> hey folks
<mralphabet> maccam912: yes
<maccam912> alright. I give up trying to get them to unblock it then.
<maccam912> guess I'm stuck with nonstandard ports
<mralphabet> maccam912: it is blocked at a higher level then you as a home user can get to
<maccam912> oh well, thanks everybody
<mralphabet> anybody that you can reach on a phone will tell you it isn't blocked
<jetole> Hey guys, I am trying to setup something for spamassassin on my mail server which relies on archive mail, archive mail is broken on feisty (https://bugs.launchpad.net/ubuntu/+source/archivemail/+bug/112543) due to using python 2.5 instead of python 2.4, is there a way I can downgrade python appropriatly through apt/dpkg?
<ubotu> Launchpad bug 112543 in archivemail "archivemail in fiesty does not work with python 2.5 but does work with python 2.4 (dup-of: 84039)" [Undecided,New]  
<ubotu> Launchpad bug 84039 in archivemail "[apport]  archivemail crashed with AttributeError in add_status_headers()" [Medium,New]  
<jetole> huh, cool bot
<jetole> hmmm, the duplicate bug listing by the bot seems to have partially fixed my problem
<jetole> It was listed on the page but I didn't see it
<jetole> wow, a bot solved a problem for me
<jetole> hmmm, f#!* that, the patch does not to seem to have solved the problem and one of the hunks failed where I couldn't find anything even close looking in the code
<jetole> ah hell I am installing archivemail from official source
#ubuntu-server 2007-08-07
<nealmcb> infinity: Well, I'm sure bugged by plain-text passwords in unsecured POP and IMAP and FTP....  But clueless users using clueless software for publishing is indeed a tough problem to solve.  I'm hoping sftp will catch on.   Or webdav - Is anyone out there having any luck offering webdav over https for their users to publish on the web?
<mattwalston> nealmcb: negative but sftp is very well adopted
<mattwalston> nealmcb: anyone that should be touching there own site should be able to use it
<mattwalston> nealmcb: also, somewhere their is a windows client that mounts an sftp site as a folder on the local machine
<Innatech> having some trouble getting Bind9 up and running on a simple Ubuntu 7.04 server box. Geting SERVFAIL when I try to run dig.  Config files and command output is here: http://www.pastebin.ca/648128   . I'd much appreciate advice from anyone willing to take a look. 
<nealmcb> Innatech: I'm pretty rusty on bind stuff, but perhaps if you lead me thru that step by step we'll run across what's wrong.  to start with, I see no servfail error in what you pasted
<boxrock> anyone know where Screen Resolution values come from (on a thin-client GUI)? widescreen are missing for me. thanks.
<stiv2k> ok got a really weird problem here
<stiv2k> i assigned my server a static IP (naturally)
<stiv2k> and it works fine
<stiv2k> except it seems about once every 24 hours
<stiv2k> i check the ifconfig eth0
<stiv2k> and it has an ip of 192.168.1.100 (an address in the DHCP range!!!!)
<stiv2k> consequently all the services go down because its not 192.168.1.10
<stiv2k> i have to manually ifdown/ifup eth0
<stiv2k> to get it back to normal
<stiv2k> its so frustrating, what could be causing this
<ScottK> stiv2k: Two things must be true then... 
<ScottK> 1.  Your server must be running a dhcp client.
<ScottK> 2.  Something in your local link is offering dhcp.
<stiv2k> ScottK: my router is probably offering dhcp
<stiv2k> but, my /etc/network/interfaces spefically says
<ScottK> Do you need it?
<stiv2k> iface eth0 inet static
<stiv2k> kinda... the other machines on my network, well, some of them use dhcp
<ScottK> OK.
<stiv2k> i never had ths problem before i reformatted (before the hard drive failed)
<ScottK> Hmmm
<ScottK> What version of Ubuntu are you running on the server?
<stiv2k> feisty
<ScottK> DHCP requests get logged to /var/log/daemon.log.
<stiv2k> ok
<ScottK> First thing to do I'd say is look there and see what's going on when it happens.
<stiv2k> alright
<stiv2k> most of the log is "last message repeated x times"
<stiv2k> but i see a bunch of dhclient here
<ScottK> That's the one.
<stiv2k> OK to paste 6 lines here?
<stiv2k> Aug  6 03:48:56 galatea dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3
<stiv2k> Aug  6 03:48:57 galatea dhclient: DHCPOFFER from 192.168.1.1
<stiv2k> Aug  6 03:48:57 galatea dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
<stiv2k> Aug  6 03:48:57 galatea dhclient: DHCPACK from 192.168.1.1
<stiv2k> Aug  6 03:48:57 galatea dhclient: can't create /var/lib/dhcp3/dhclient.eth0.leases: Permission denied
<stiv2k> Aug  6 03:48:57 galatea dhclient: bound to 192.168.1.100 -- renewal in 32860 seconds.
<jbrouhard> oO
<jbrouhard> did you run dhclient eth0 as sudo ?
<stiv2k> i have never once issued the command dhclient
<ScottK> He doesn't want it to run at all.
<stiv2k> i just edited /etc/network/interfaces accordingly, then ifdown/ifup eth0
<stiv2k> ScottK: is dhclient an init service? can i get away with just apt-get remove
<ScottK> dhclient is probably part of another package that you don't wont to remove
<stiv2k> okay
<stiv2k> so how do i stop it from running
<ScottK> What comes right before the dhclient in the log?
<stiv2k> like at least a hundred lines of
<stiv2k> "last message repeated x times"
<ScottK> OK.
<stiv2k> more than a hundred... several hundred
<stiv2k> the very first line, before all of those is this
<stiv2k> Aug  5 13:26:08 galatea dhclient: DHCPREQUEST on eth0 to 192.168.1.1 port 67
<ScottK> What does ps -AF|grep dhcp produce?
<stiv2k> steve     1598  1545  1   720   748   0 21:16 pts/2    00:00:00 grep dhcp
<stiv2k> dhcp      3477     1  0   612   856   0 Aug03 ?        00:00:00 dhclient3 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclient.eth0.leases eth0
<ScottK> That's the guy that's doing it.
<ScottK> So next step is to figure out what's starting it.
<stiv2k> sounds about riht
<stiv2k> right
<ScottK> I've only got a laptop with dhcp running, so it may be different...
<ScottK> Try grep dhcp /etc/init.d/*
<stiv2k> no result
<ScottK> or grep dhclient
<ScottK> sorry
<stiv2k> same, no results
<ScottK> Odd
<ScottK> You don't have X running on this server do you?
<stiv2k> nope
<stiv2k> i know this may seem stupid but
<stiv2k> the machine hasn't been rebooted once since it's very first bootup about a week ago
<ScottK> That shouldn't matter.
<stiv2k> perhaps the service running dhclient never acknowledged /etc/network/interfaces when i set it to a static IP
<ScottK> I'm googling about readahead boot right now.
<ScottK> That may well explain your problem.
<stiv2k> do tell
<ajmitch> given that the dhclient process was started a few days ago, when did you set it to use a static ip address?
<ScottK> As nearly as I can tell, readahead loads everthing in /etc/readahead/boot.
<stiv2k> ajmitch: as soon as i booted up the machine for the first time
<ScottK> At last, someone who knows what they are doing shows up.
<stiv2k> one of the first things i did was set it to a static ip
<ajmitch> stiv2k: which was when?
<stiv2k> umm
<ajmitch> aug 3rd or later?
<stiv2k> i cant remember exactly... 5 days or so
<ajmitch> ScottK: oh, where are they?
<stiv2k> oh 1 sec
<stiv2k> uptime will tell me
<ScottK> That would be you.
<stiv2k>  21:25:35 up 3 days, 17:36,  3 users,  load average: 1.00, 1.01, 1.00
<ajmitch> ScottK: lies
<ajmitch> stiv2k: so it was using dhcp when you booted up for the first time
<stiv2k> yes 
* ScottK tiptoes out of the room while ajmitch helps.
<stiv2k> as every default ubuntu install does ?
<ajmitch> and you changed /etc/network/interfaces to static
<stiv2k> yes
<ajmitch> and then did ifdown eth0
<ajmitch> so it didn't know to kill dhclient
<stiv2k> i guess
<ajmitch> so you can just kill dhclient & it'll be happy
<ajmitch> and it won't start again
<stiv2k> ok... you're sure
<ajmitch> fairly sure :)
<stiv2k> k
<stiv2k> why didnt it do it the first time?
<ScottK> When did you tell it to?
<ajmitch> why didn't it do what?
<stiv2k> why didnt it kill dhclient when i first set it to a static IP
<stiv2k> it sounds like that would have been the right course of action
<ajmitch> if you reconfigure it to having a static ip address before bringing the interface down, then it won't know to kill it
<stiv2k> ohhh
* ScottK learns something.  Makes total sense.
<stiv2k> yea
<ScottK> I've always just set up servers static in the installer, so this never came for me before.
<stiv2k> i dont remember the installer asking me if i could set it static
* ajmitch hasn't done an ubuntu server install for awhile now
<stiv2k> i would have done it if it asked me
<ScottK> The alternate installer gives you that option.
<stiv2k> oh
<ScottK> Dunno about the regular one.
<stiv2k> well i used 7.04 feisty server x86
<stiv2k> whats the point of alternate ?
<ScottK> Different installer.
<stiv2k> better/worse?
<ajmitch> different set of packages
<ScottK> Regular one uses the Ubuntu installer, Ubiquity or some such spelling and the alternate uses the Debian Installer.
<stiv2k> i see
<ScottK> I've never had much luck desktop or server with the Ubuntu installer.  I always seem to end up using D-I for one reason or another.
<ajmitch> 'alternate' cd gives you a normal desktop system
<ScottK> Alternate CD (last I looked) had a server/cli option too.
<stiv2k> alright well i have to go... thanks for helping me fix this (i hope it did the trick for good)... it was so annoying
<ScottK> Thanks for bailing me out ajmitch.
<stiv2k> lol
* ScottK goes back to trying to query PostgreSQL with his Python app.
* ajmitch has to return to php+mysql
<hiroshiX> hey, I was wondering how you actually connect to an iscsi with open-iscsi installed.
<ScottK> This is not a terribly active time of day here.
<ScottK> So don't feel slighted if no one answers....
<hiroshiX> ah
<hiroshiX> maybe I should ask tomorrow afternoon
<hiroshiX> thanks ^_^
<ScottK> If you can hit European afternoon, US morning, that's your best bet.
<hiroshiX> cool
<PanzerMKZ> wow
<PanzerMKZ> us morn
<kraut> moin
<juliux> good morning
<juliux> does somebody knows a simple ticket system? i only need it for tracking e-mails
<Burgundavia> juliux: rt?
<juliux> Burgundavia, it is simple?
<Burgundavia> fairly
<juliux> Burgundavia, i want one email address shirt@juliux.de and all e-mails to that address should go to the ticketsystem and there i can track the email contact with everybody who wants a shirt;)
<Burgundavia> ahh
<Burgundavia> rt can do that
<juliux> good
<juliux> i will take a look at it
<lcdd> roundup is another system
<CrummyGummy> Hi all, I noticed today that my server time was out. I have been running ntpd for ages so I thought everything was ok. There are no errors on startup of ntpd. What could I have missed?
<lcdd> CrummyGummy: you could run ntpq and use the command 'peers' to show whether ntpd is actually able to talk to any time servers
<CrummyGummy> It pulled up 3 servers. I wonder if it isn't using local because the delay is the lowest.
<lcdd> local is only supposed to be a fallback in case all other servers fail
<lcdd> somebody correct if i'm wrong, but it's essentially the same as system clock
<CrummyGummy> Thats the way the conf file reads. I'm just not sure at which point the server decides to use that "last resort"
<puxton> 11:16:53AM -!- ERROR Warning: Permission problem: Can't read/write from/to /var/lib/bitlbee/. <--- How do I fix this?
<cyrenity> hi all
<cyrenity>  i want only one user modify user home dirs to change ownerships and permissions but not as root
<cyrenity> any idea
<juliux> did somebody tries to setup rt with qmail?
<cyrenity> helo
<cyrenity> any idea
<Pumpernickel> cyrenity: Sounds like you're trying to reinvent root.
<cyrenity> well some how
<cyrenity> i want to delegate system admin tasks
<cyrenity> some times we need to move users home dirs with correct permissions which only root can do
<lcdd> use sudo perhaps
<cyrenity> well
<cyrenity> i have a user noman.yousuf
<cyrenity> i move that to noman.yousuf1
<cyrenity> then recreate that
<cyrenity> and move all noman.yousuf1 data to noman.yousuf
<lcdd> you need root
<cyrenity> how i do from sudo
<cyrenity> for that i need root
<cyrenity> right
<cyrenity> but i add admin to any system admin group admin will be able to do this
<cyrenity> if sudo can do this its ok
<cyrenity> what u say
<lcdd> sudo allows only certain people to become root
<lcdd> its benefit compared to 'su' is that you don't have to share the root password with anyone, which means it's possible to take away the root rights
<cyrenity> hum
<cyrenity> true
<cyrenity> how i do this
<cyrenity> any idea
<cyrenity> would ldap users be able to do that or only system users do
<lcdd> see the file /etc/sudoers. local and ldap users should make no difference
<cyrenity> well frankly
<cyrenity> ldap users wont work
<cyrenity> i did this admin  ALL = NOPASSWD:  /usr/bin/gnome-printer-view
<cyrenity> admin  ALL = NOPASSWD:  /usr/bin/gnome-cups-manager
<cyrenity> admin  ALL = NOPASSWD:  /usr/bin/gnome-cups-add
<cyrenity> admin  ALL = NOPASSWD: /opt/ltsp/i386/etc/lts.conf
<cyrenity> admin  ALL = NOPASSWD: /usr/bin/vi
<cyrenity> for ldap user it wont work
<cyrenity> for locaql user its working
<cyrenity> helo
<infinity> 20:55 < cyrenity> admin  ALL = NOPASSWD: /usr/bin/vi
<infinity> You're kidding, right?
<infinity> You may as well just give them full sudo, bcause that's what that does.
<cyrenity> why?
<cyrenity> sure
<cyrenity> but only for vi or particaular things
<cyrenity> how i do perimissions change and folder moves 
<cyrenity> through sudo
<ICU> omg
<ICU> cyrenity: what would prevent the user from editing /etc/sudoers with a "sudo vi"?
<ICU> or modifying the shadow
<ICU> passwd
<ICU> and so on
<infinity> Exactly.
<infinity> Glad someone else is awake.
<cyrenity> well user cant open vi /etc/suderos file
<cyrenity> i dont think soo
<ICU> they can
<infinity> Of course you can.
<infinity> "sudo vi /etc/sudoers"
<kraut> oO
<kraut> cyrenity: you didn't understood sudo!
<kraut> cyrenity: sudo is just a user-wrapper, you fork vi via sudo as user root!
<ICU> sudo will allow the users to run vi with root priviledges and so are able to open any file on your system (and write it)
<kraut> cyrenity: think about this!
<cyrenity> what u mean
<cyrenity> i try to open vi /etc/suders
<cyrenity> i ant open permission denied
<infinity> cyrenity: "sudo vi /etc/sudoers"
<kraut> cyrenity: the line "admin  ALL = NOPASSWD: /usr/bin/vi" allows the user vi to open vi as user ROOT. so with "sudo /usr/bin/vi /etc/shadow" you open vi as root and you're able to manipulate the shadow!
<infinity> cyrenity: Your sudo rule allowd anyont in the admin group to elevate to full root.
<kraut> isn't %group the marker for a group?!
<infinity> Oh, fair point, it's the admin user.
<kraut> only 'admin' should point to the user admin and not to the group
<kraut> ah, ok. got confused by that ;)
<infinity> But whatever.  He *meant* %admin, I'm sure. :)
<ICU> cyrenity: what was your intention with "admin ALL = NOPASSWD: /usr/bin/vi"?
<cyrenity> true
<cyrenity> well my intention was to open a file /opt/ltsp/i386/etc/lts.conf
<cyrenity> by admin user and edit it
<cyrenity> well i just want to delegate admin rights
<cyrenity> any idea for that
<cyrenity> if admin wants to modify /opt/ltsp/i386/etc/lts.conf
<cyrenity> then what should i do
<ICU> do a wrapper for example
<ICU> a shell script named "modify_lts.sh" which starts "vi /opt/ltsp/i386/etc/lts.conf" and allow that script to the user
<infinity> ICU: That's still no safer, once I've opened the editor, I can switch open files..
<cyrenity> true
<cyrenity> but what to do
<cyrenity> then
<lcdd> cyrenity: just adding group write permissions to that specific file might work
<cyrenity> hum
<cyrenity> and what abt permissions
<cyrenity> for folders i told above
<lcdd> i have no idea
<cyrenity> ok thanks 
<ICU> infinity: indeed
<gamble6x> I'm trying to setup a static interface on my 6.06LTS, IP, Gateway, and all seem fine, but resolv.conf keeps being overwritten.  According to the documentation: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/network-configuration.html I should be able to simply write in my DNS and lookups to resolv.conf, but it doesn't keep.  Is this something I need to do through debconf?  Is there documentation on this anywhere?
<nealmcb> CrummyGummy: still looking for ideas on your ntp problem?
<nealmcb> gamble6x: is a dhcp still running by any chance?  if you change your interfaces file before ifdown, the default dhcp will still be active
<gamble6x> ps -A | grep dhcp doesn't return anything.  there are only lo and eth0 in my interfaces file, "dhcp" isn't in the interfaces file, and the server isn't currently live so I'm rebooting to make sure all the server apps come up correctly.  But every time I reboot my resolv.conf is blank except two comment lines at the top:
<gamble6x> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<gamble6x> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<gamble6x> which the comments tell me what is happening, but not where I need to make the change.
<nealmcb> it is probably called "dhclient"
<nealmcb> gamble6x: you can change the dns addresses in the interfaces file
<nealmcb> s/change/set
<nealmcb> hmm - I'm not seeing it in the interfaces man page - still looking....
<nealmcb> ahh - I use /etc/resolvconf/
<infinity> gamble6x: apt-get --purge remove resolvconf
<nealmcb> :-)
<nealmcb> or read `man resolvconf` first to see if you want to use it
<infinity> No one with a static interface would want to use it.
<nealmcb> is it installed by default in dapper?
<infinity> And most people with a dynamic one don't.
<infinity> It might have been.  We don't install it by default anymore.
<infinity> In fact, we're so over it that we punted it to universe.
<infinity> We don't even support it anymore.
<gamble6x> AH!  resolvconf was installed by dhcp3-client (which I'm assuming is installed by default).
<gamble6x> hmm... ubuntu-minimal depends on dhcp3-client
<infinity> Not the end of the world.
<gamble6x> Ok.  dhcp wasn't starting at boot.  I left dhcp3-client installed but just removed resolvconf and rebooted.  Now the /etc/resolv.conf is staying.
<gamble6x> I am currently getting a security error: unable to lookup <hostname> via gethostbyname().  But I'm guessing that's a network issue.  Maybe the server isn't listed in DNS atm.  will keep plugging away.
<gamble6x> wow stupid.  *smacks forehead* I had my FQDN in my hosts file, but not the hostname.
<gamble6x> fixed that problem.
<osmosis> which one should I try?   awstats - powerful and featureful web server log analyzer
<osmosis> awffull - web server log analysis program
<osmosis> modlogan - A modular logfile analyzer
<osmosis> webalizer - web server log analysis program
<coNP> maybe look for sites, that use either of them and try their output
<coNP> or install all of them for a week and compare :)
* coNP uses webalizer, that is very common IMO
<nealmcb> osmosis: I've used awstats and liked it, and previously analog.  haven't tried the others
<osmosis> nealmcb: cool. i think they are all pretty basic. I mostly want something that is easy to setup and give me some basic info about daily hits ...that is easier then parsing the apache log manually.
<Nafallo> eep
<Nafallo> apache2: Could not determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
<Nafallo> how to get rid of that? :-)
<kraut> Nafallo: watch out the docu on apache.org
<kraut> you should find it there easilly
<Nafallo> but would that be the Ubuntu way? :-)
<kraut> i don't think that the ubuntu-way would take the part of the people to teach themself
<kraut> and anyhow, that's a standard-question wich should be figured out in the apache-faq
<kraut> also google would give you a faster answer then here in the channel
<gamble6x> Nafallo: if you're on a static IP then you can just put your hostname and FQDN next to your IP addy in your /etc/hosts file
<kraut> alltogether the most fastest way would be, to read the warning carefully
<Nafallo> gamble6x: FQDN * :-)
<ConfidentiaL> first time setting up a linux server, fairly new user to linux, although I got the basics. What do you recommend, feisty server or dapper server? for home use. Quite powerful PC.
<kraut> ConfidentiaL: for home usage -> feisty
<Nafallo> oh. that was easy :-)
<kraut> ConfidentiaL: but remeber, that feisty isn't mostly the stable release
<ConfidentiaL> ok, thanks:)
<kraut> ConfidentiaL: if you prefer mostly actual packages, take feisty, if you prefer a stable-system, use dapper.
<Yahooadam> hey guys, srsly need some help :(
<Yahooadam> ./dev/hda1 is unrecognised
<Yahooadam> and its my boot partition :o
<ScottK> Yahooadam: What release?
<Yahooadam> how would i find out (7.04 server i think)
<Yahooadam> im running the 7.04 live cd atm
<boxrock___> anyone, i'm having a problem w/7.04 hanging (console GUI, net, (shell commands work however)), any clues on how to diagnose?
<gamble6x> Yahooadam: do you know why it's not being recognized?  disk going bad?  did you accidentally write something you didn't mean to to /boot.  Is boot fine and your MBR is just flubbed up?
<ScottK> Yahooadam: It should be working by UUID then, not by device name.
<Yahooadam> i think the disc is fine. hda2 is fine
<Yahooadam> i havent touched it, but the computer may have been badly shut down while running
<ScottK> Yahooadam: Find the UUID /dev and try and boot by UUID.
<Yahooadam> when i try to boot i get grub error 24
<Yahooadam> i cant even get at the grub config therefore
<Innatech> So, I'm dealing with LDAP having not needed it in a while. Can anyone refresh my memory: Is there any compelling reason to use company.local or company.lan over company.com in setting up a new LDAP directory for a small network? 
<Yahooadam> isnt grub supposed to be in /boot/grub btw ?
<Yahooadam> cos if so, i cant see it
<gamble6x> you might want to start with some fscking
<gamble6x> if you didn't write anything to the disk.  It's possible an improper shutdown could muck it up.  But pretty unlikely.  If the files aren't on the partition it sounds more like bad sectors to me.
<mathiaz> Innatech: I think that .local is been used by zeroconf or something like that.
<Yahooadam> im getting mount: wrong fs type, bad option, bad superblock on /dev/hda1. mising codepage or other error. in some cases useful info is found in syslog
<mathiaz> Innatech: I wouldn't use domain.local
<Innatech> yeah, there's that kind of multicast stuff, I know. But I seem to recall there being reasons to use domain.local or domain.lan over domain.com . Using domain.com is easiest and most straightforward, so I'm just trying to make sure I'm not missing anything before plunging ahead. 
<Yahooadam> sudo fsck /dev/hda1
<Yahooadam> fsck 1.40-WIP (14-Nov-2006)
<Yahooadam> e2fsck 1.40-WIP (14-Nov-2006)
<Yahooadam> fsck.ext3: Filesystem revision too high while trying to open /dev/hda1
<Yahooadam> The filesystem revision is apparently too high for this version of e2fsck.
<Yahooadam> (Or the filesystem superblock is corrupt)
<Yahooadam> and thats about where im stuck at now .....
<Innatech> liveCD boot & fsck?
<Yahooadam> yes
<Innatech> hrrm. That seems odd. 
<Innatech> This might help: describes locating the backup superblocks on ext3: http://www.edseek.com/archives/2004/02/25/ext3-filesystem-bad-superblock-recovery/
<gamble6x> not a lot of happy info out there concerning corrupted superblocks:   http://lists.debian.org/debian-user/2001/04/msg03364.html
<Yahooadam> sigh, stuff like this really puts me off ubuntu
<Yahooadam> windows = chkdsk /r
<Yahooadam> linux = screwed
<Innatech> With windows, you're screwed before you boot. 
<gamble6x> chkdsk /r can do a lot in windows, but I've not heard of it fixing corrupted superblocks.
<gamble6x> fsck is the same for linux.
<Yahooadam> kk
<Yahooadam> well it looks like the first link may have worked
<Yahooadam> or not
<jbrouhard> howdy all
#ubuntu-server 2007-08-08
<Yahooadam> time to reboot
<Yahooadam> cross your fingers :(
<lamont> kraut: feisty is a stable and fully supported release.  The fact that dapper will have support on servers after gutsy+1 is gone is a different factor....
<yahooadam> grub error 14 that time :(
<yahooadam> or 15
<yahooadam> should have written it down
<yahooadam> 14 is filesystem compatibility error
<yahooadam> and 15 is file not found
<yahooadam> mounted hda1 and all thats there is "lost+found"
<yahooadam> yet gparted says 600mb is used
<yahooadam> sigh
<yahooadam> looks like an ubuntu reinstall
<ScottK> yahooadam: One thing to consider...
<ScottK> Generally on Feisty, disks (and other devices) are tracked by UUID and not by traditional names.
<yahooadam> yeah scot ?
<ScottK> I'm not sure how you ended up with out that.
<yahooadam> how do you work out the UUID ?
<ScottK> If you have multiple drives, using the UUID keeps it so the right drive is always booted.
<ScottK> The installer should do it for you.
<yahooadam> ah
<ScottK> If it doesn't, you can look in /dev/device-by-uuid, I think
<yahooadam> well i hadnt touched the ubuntu config
<yahooadam> so it may well have been using UUID
<yahooadam> but i always rememberd it as hda1 :p
<ScottK> It's in /dev/disk/by-uuid
<yahooadam> kk, but as the disk was corrupt couldnt exactly see that :p
<ScottK> If you are having problems getting the boot drive recognized, you can look there and check to make sure it's the same as in your /boot/grub/menu.lst.
<ScottK> Right.
<ScottK> Not the problem you were having this time, but 
<ScottK> ...
<yahooadam> kk
<ScottK> an oddity of what you were describing to be aware of for the future.
<yahooadam> kk :)
<yahooadam> is there any way to recover my data ?
* ScottK isn't the right guy to ask about that.
<yahooadam> (atleast that drive was only hosting ubuntu itself, i would have been pissed if i had lost a data drive)
<yahooadam> right well thx for the help anyway
<yahooadam> l8trs
<duaneb> hello?
<duaneb> I'm completely new to this server stuff
<duaneb> I followed the instructions given on https://help.ubuntu.com/community/RubyOnRails , but how can I get to it? :P
<duaneb> the scripts/server works excellently
<nealmcb> A server of mine is running into spam problems, e.g. being listed as dhcp incorrectly at dhcp.tqmcube.com  I want to mine our mail.log files (postfix) to look for more outgoing mail bounces and problems.  Is there a nice log parsing program to help me with this?  awstats gives some info, but not much about error messages
<nealmcb> duaneb: we need specifics.  see the Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<duaneb> nealmcb: I gave you specifics
<nealmcb> "get to it" - what do you mean?
<duaneb> I followed the EXACT guide on the link I provided
<duaneb> ahh
<duaneb> My root is showing as the default apache page
<nealmcb> what did you say and what did it say that was unexpected and why did you think so
<duaneb> nealmcb: thanks, but I got it working with an alias :)
<nealmcb> which options did you choose in that howto?
<duaneb> ahh
<nealmcb> duaneb: ahh - good!
<frederific> I have just upgraded my webserver (only running a few pages within my house) to feisty. I need to change the default gateway. I used to do this by editing /etc/interfaces, now that file no longer exists, how do I do it?
<nealmcb> frederific: /etc/network/interfaces
<frederific> nealmcb: ah, thanks a lot :)
<nealmcb> :-)
<frederific> it was always that, wasn't it? and I'm just too dense to have noticed...
<nealmcb> I think so....
<nealmcb> (not that you're dense :-)
<frederific> :P
<hiroshiX> yay, I got the iscsi to work in linux
<jbrouhard> Anyone here ever work with HP LPr Servers?
<jbrouhard> hey PanzerMKZ
<kraut> moin
<CrummyGummy> nealmcb, Sure, got an input?
<enseven> Hi! I have got an Ubuntu Server, that sees 1 Volume over two fibre channel paths, e.g. /dev/sdd and /dev/sde. With multipath-tools I can create a device in /dev/mapper that uses both paths. Generally there is the possibility to set priorities. At the moment priorities are the same, and the first path found is used. But it varies which is found first. I would like to set different priorities to configure which path should be prefered
<enseven> . Does anyone know how to do this? See http://paste.uni.cc/16917
<fabbione> hey Christian
<fabbione> enseven: no i don't recall how to do it off hands.. but there is a long example config file in /usr/share...
<fabbione> enseven: with all the explanation
<fabbione> anyway i am back to enjoy my last day of holidays
<enseven> fabbione: That's why I wonder to meet you in the chat. You should really enjoy your holidays!
<enseven> fabbione: I read the /usr/share/doc/multipath-tools/examples/multipath.conf.annotated.gz. There is a "prio_callout" option. It is to call a script to determine the priority. But there is no information about the script, how it works and no example.
<chandu_> Hi
<enseven> chandu_: Hi
<chandu_> enseven, While booting , I am getting this erro
<chandu_> enseven,  ata2: port is slow to respond 
<enseven> For those who joined during the last hour again my question: I have got an Ubuntu Server, that sees 1 Volume over two fibre channel paths, e.g. /dev/sdd and /dev/sde. With multipath-tools I can create a device in /dev/mapper that uses both paths. Generally there is the possibility to set priorities. At the moment priorities are the same, and the first path found is used. But it varies which is found first. I would like to set differ
<enseven> ent priorities to configure which path should be prefered. Does anyone know how to do this? See http://paste.uni.cc/16917 . In  /usr/share/doc/multipath-tools/examples/multipath.conf.annotated.gz there is an option "prio_callout" that is to be used for this. But there is no description or example how to do this.
<enseven> chandu_: So your are missing some disk drives?
<dthacker> enseven: two controllers on the SAN?
<chandu_> enseven, missing disk drives
<dthacker> bbl
<tck> question
<tck> im using kernel 2.6.20-16
<tck> and if i wanted to patch to the latest stable at kernel.org which is at 2.6.22.1
<tck> I have to apply patche 2.6.21 before i apply 2.6.21.1 right ?
<tck> s/patche/patch/
<tck>  apply 2.6.22.1 right ?
<gamble6x> I BELIEVE that to patch you have to go up through the versions yes.  Though I have never done it myself.  I've always simply just compiled/installed the latest kernel.
<tck> well here's my confusement
<tck> one surely doesn't have to start at 2.6.21.1 and then do 2.6.21.2
<tck> which patch version of the 2.6.21 do i patch with?
<tck> there's alot of patch released for 2.6.21.* http://kernel.org/pub/linux/kernel/v2.6/
<gamble6x> again, this is only from what I've read, but you can patch based on the main updates.  so 2.6.19 to 2.6.20 to 2.6.21.2
<gamble6x> but also remember that you're patching your source and then recompiling from that anyway.
<tck> sure 
<tck> there is no 2.6.21.0 so to speak only http://kernel.org/pub/linux/kernel/v2.6/patch-2.6.21.1.bz2
<tck> i presume the first 2.6.21.* patch is suitable?
<tck> excuse there is
<tck> sorry
<tck> http://kernel.org/pub/linux/kernel/v2.6/patch-2.6.21.bz2 ;)
<lamont`> generally speaking, I've found it works better to just take my patches to the new kernel, rather than bringing the new kernel in patch form to my patches
<dthacker> hello, in this package name: 1-38.11-7ubuntu6   Does 1.38.11 refer to the bacula version?
<ScottK> Yes
<ScottK> -7 is the Debian revision and ubuntu6 is the Ubuntu revisions to the Debian revision.
<dthacker> thanks.  I see that bacula 2.03 is in universe for gutsy.  I also know that the project is about to release 2.20 this weekend.  Does Ubuntu wait for new Debian packages, or package the new version?
<ScottK> It depends on if someone is motivated.
<dthacker> ok thanks.
<ivoks> mathiaz: ping
<mathiaz> ivoks: yop
<ivoks> i don't recall that i told you...
<ivoks> but it is possible to create guided RAID setup
<ivoks> there is .udeb in debian already
<mathiaz> ivoks: excellent.
<ivoks> i guess raid+lvm shouldn't be dificult then
<ivoks> the bad news is that i have only GPRS connection here (i'm on a vacation)
<mathiaz> ok. currently we don't even have RAID.
<mathiaz> what about adding RAID for now ?
<ivoks> i will test it, but it will take time
<ivoks> cause i'm very limited with connection :)
<mathiaz> ok. no problem.
<ivoks> when is future freeze?
<ivoks> opening web page would take ages :D
<mathiaz> feature freeze is next week
<mathiaz> on the 16th
<ivoks> urgh...
<mathiaz> So you said that for the raid setup, it's already in debian.
<ivoks> i'll try at least do guided raid till then
<ivoks> yes, for some time, but we didn't include it, and i don't know why
<mathiaz> that means it may be easier to integrate.
<mathiaz> ok. so let's try to get RAID before feature freeze.
<ivoks> of course...
<mathiaz> and get it tested for tribe-5.
<mathiaz> once RAID is integrated, we can start to have a look at RAID+LVM.
<ivoks> ok, you can count on me
<mathiaz> ivoks: excellent. Thanks for your help !
<foo> Can 500-1000 TIME_WAITs for mysql port cause a load between 2-3? RAM is fine (no swapping), CPU utilization is < 24%... I'm trying to narrow this down, only thing that looks strange is TIME_WAITs
<foo> ivoks: ping
* ivoks is on vacation :)
<foo> :) I'm at linuxworld myself, but there seems to be a problem. /me checks to see if we use persistent connections for mysql
* Starting logfile irclogs/ubuntu-server.log
<Innatech> Is ICH7 fakeraid supported on 7.04 server? The installer sees the physical disks instead of the mirror defined in the BIOS setup screen. 
<ajmitch> I suspect it'd only be supported by dmraid
<ajmitch> which is in universe
<mathiaz> ajmitch: is universe supposed to be enabled by default on fresh server installs ?
<ajmitch> no
<mathiaz> hum... ok thks. Seems that it's the case with the tribe-4 isos.
<ajmitch> at least I don't think it's a good idea, though I think universe was enabled by default for the desktop
<mathiaz> ok. so bug 105511 has been fixed
<ubotu> Launchpad bug 105511 in Ubuntu "Universe and Multiverse not enabled by default on the livecd" [Medium,Confirmed]  https://launchpad.net/bugs/105511
* ajmitch hasn't tested an .iso lately 
<ajmitch> given my bandwidth limitations :)
<Innatech> So, can I switch to TTY2 and apt-get install dmraid, and then re-scan the disks?
<ajmitch> you could try it at least :)
<Innatech> heh. yeah. I will. :) 
<lionel> mathiaz: universe and multiverse is enabled by default in feisty (on a fresh server install)
#ubuntu-server 2007-08-09
<Innatech> so, I can't make much headway w/just a busybox shell--or, at least, I don't see how.  Is there a better way for me to get dmraid going during a server install?
<leonel> didn't had noticed before  ..   Feisty server  has universe enabled by default 
<ScottK> Yes.
<ScottK> It was by design.
<ScottK> Only for new installs.
<mathiaz> ScottK: but also for server ?
<ScottK> mathiaz: I don't think it was specified, it was for everything.
<ScottK> Why would server be different?
<ajmitch> ScottK: I was thinking that I was only going to be turned on for the desktop cd
<leonel> I saw a bug report today  about the same for gutsy being  triaged
* ScottK marked it invalid and now mathiaz and I can argue.
<leonel> :)
* ScottK was waiting for it to come up.
<leonel> but checking   there's nothing  installed from universe  
<ScottK> Let me see if I can find the spec.
<mathiaz> I was just surprised when I tested the latest iso for tribe-4.
<ajmitch> ScottK: I think that a server should only have packages available from the supported repositories by default :)
<leonel> well I've  selected only DNS
<ScottK> ajmitch: Why is it different than a Desktop that also has support contract issues?
<mathiaz> the reason it suprised me at first was that universe is not supported
<mathiaz> and main is supported
<mathiaz> so when I install a server for a production environement I don't want to install any stuff from universe.
<leonel> this is the  greatest from ubuntu ..  we can  support  universe  ;)
<mathiaz> which could happened if universe is enabled by default.
<ajmitch> leonel: not in the sense of a support contract, unless it's by !canonical
<leonel> ajmitch:  I know
<mathiaz> on the other hand, I've read and heard a lot of time that if you need to enable universe any way to be able to install something.
<leonel> and that was the same thing that keep me from installing  ubuntu as server     
<leonel> and now  that  I can help to support universe   things have changed for me 
<mathiaz> /id//
<mathiaz> /if//
<ScottK> Here's the spec https://wiki.ubuntu.com/AlwaysEnableUniverseMultiverse.  Gotta run.
* ajmitch couldn't run a server without universe (on dapper) right now due to having to use PHP4
<ajmitch> we're trying to get away from php 4 as fast as possible :)
<mathiaz> I don't have strong opinion about it... Just suprised and asked around.
<ajmitch> all those use cases are for (home) desktop users, too
<ajmitch> for a server I'd always err on the side of caution & not enable it
<mathiaz> ajmitch: agreed. I've just had a quick look at it.
<mathiaz> and it's clearly targeted toward desktop users (in which case I agree).
<mathiaz> there is a small section about the command line changes.
<mathiaz> and it hasn't been implemented yet.
<leonel> is there any news about the  servers down  in ubuntu I mean   doc.ubuntu.com  and how got compromised ?
<jpowermacg4> Anyone know the EASIEST!!! way to install a Postfix and Courier - Email System, Where I can make user accounts and actually log in?
<leonel> jpowermacg4: http://www.howtoforge.com/perfect_setup_ubuntu_6.06
<jpowermacg4> i did the one for 7.04
<jpowermacg4> and it didn't work unfortunately
<jpowermacg4> ISPConfig wasn't able to be installed
<jpowermacg4> stupid php mod error
<mathiaz> jpowermacg4: did you have a look at https://help.ubuntu.com/community/MailServer ?
<jpowermacg4> nope... i looked at...
<jpowermacg4> https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
<mathiaz> jpowermacg4: there is also the ubuntu server guide with a mail section: https://help.ubuntu.com/7.04/server/C/email-services.html
<jpowermacg4> and 
<jpowermacg4> https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<jpowermacg4> ok i'll try that last one mathiaz
<jpowermacg4> lemme --purge all this stuff LOL
<jpowermacg4> ok i'll try this and see.. looks like a diff setup.. hope this time it works.
<mathiaz> jpowermacg4: give it a try. And you find some mistakes in the documents, don't hesitate to correct them.
<mathiaz> jpowermacg4: these are wiki pages.
<jpowermacg4> ok... i been trying.. i been looking at 6 articles so far.. only seen 1 i had to correct.. and then even then i didn't know nothing about the mysql i setup.. because the ubuntu wiki was lacking some info the other was.. so maybe this one for 7.04 work
<jpowermacg4> Glad I'm setting this up on a deb system though... nothing like apt-get --purge remove postfix* courier* and whatever* and cleaning up /etc/ if anything left behind and starting fresh.. LOL
<jpowermacg4> gosh.. already missing the /etc/postfix/sasl/smtpd.conf ... hmmm..
<jpowermacg4> ok new file it is i guess
<jbrouhard> howdy all
<jpowermacg4> gosh the wiki sucked... LOL
<jpowermacg4> Anyone know the EASIEST!!! way to install a Postfix and Courier - Email System, Where I can make user accounts and actually log in?
<dthacker> jpowermacg4: There's a very easy howto on howtoforge.com.  If you wait a minute I'll grab you a link.
<jpowermacg4> i've done that howto on that site
<jpowermacg4> ISPConfig fails to install though
<dthacker> http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_ubuntu_edgy
* dthacker doesn't use ISPConfig
<Janet32766> anyone have any clues for me? ifconfig eth0 mtu 9000 #gives: SIOCSIFMTU: Invalid argument
<jpowermacg4> i assume u running a postfix and courier?
<dthacker> yep
<dthacker> 6 virtual domains
<jpowermacg4> ok maybe this one will work better than the one for ubuntu-server 7.04 with ISPConfig
<jpowermacg4> dt.. i had did this whole thing.. http://www.howtoforge.com/perfect_setup_ubuntu704
<jpowermacg4> but it failed on ISPConfig.. lol
<jpowermacg4> so i purged it all
<dthacker> what was ISP Config's problem?
<jpowermacg4> mod php
<dthacker> Janet32766: I'm googling....
<jpowermacg4> said mod php not compatible with the system or something.. lol
<dthacker> that's just a package and an apache edit.  Minor hacking
<jpowermacg4> yeah.. but postfix didn't work at all when i did it.. lol
<jpowermacg4> or anything at all
<jpowermacg4> SMTP wasn't capable of sending a e-mail from telnet.. when i run the commands like MAIL FROM: x@x.com.. it never responded 250. LOL
<jpowermacg4> i dunno what was up, with that.. but that so far is running now.... but obviously no users
<dthacker> Janet32766: the mtu number could be out of range.   My eth0 is set to 1500 now and when I run that command with 1500 it returns without error. 
<jpowermacg4> janet .. you can't tell eth0 to give you a mtu of more than 1500
<jpowermacg4> at least.. i havn't figured it out myself.
<Janet32766> dthacker, maybe ubuntu didn't pick the best driver for my gigabit ethernet card.... thanks :)
<jpowermacg4> janet are you getting mtu errors with 1500?
<dthacker> Janet32766: could be.   Try a search for your card/driver combo in the forums.
<Janet32766> 1500 works
<Janet32766> http://ubuntuforums.org/showthread.php?t=101117
* dthacker is reading....
<dthacker> Janet32766: yes, I've experienced that slowdown in production with a mismatched switch ;)
<dthacker> are you using the same card as the forum author?
<Janet32766> no, it is an integrated device in my dell server (broadcom)
<dthacker> Janet32766: I'm afraid you're in for trial and error unless your research finds someone using your NIC successfully with a different driver.
<dthacker> hmm, what would SLES do.  I've got a dell with that installed at work.
<jpowermacg4> dthacker you here often?
<jpowermacg4> i'm a little too busy to start the setup right now.. lol
<dthacker> I stop by most evenings
<jpowermacg4> cool.. hope to see you hear if it doesn't work.. lol
<jpowermacg4> i think yours might work though.. it's 7 pages of e-mail setup.. lol.. or 6.. lol
<dthacker> I'd post to the forums on howtoforge. they answered my questions within a day. 
<jpowermacg4> so did the setup pretty much fully set it up without any issues?
<jpowermacg4> does it tell you how to setup the users and all that at least?
<jpowermacg4> that info seems to be lacking from everything i've done.. lol
<nealmcb> Janet32766: Thanks for a link to an interesting forum thread.  Exactly what device are you using (lspci -vv)?  you might want to post your experiences on the forum thread.  
<dthacker> jpowermacg4: Yes, it goes right into data entry through phpMyAdmin.   
<jpowermacg4> ok i've had one that did input to mysql.. but it was sloppy.. lol.. and didn't work at all with the info.. LOL.
<jpowermacg4> i even installed squirrelmail to do a "localhost" type connection cause i thought it was blocking externels.. but was no help.. but it was a ubuntu wiki that's not accurate i did it from.
<jpowermacg4> i do like this guys how to's though... so maybe his will work for this better.
<Janet32766> nealmcb, it's a Broadcom 5754 NetXtreme, do you know how can i verify the tg3 driver is associated with this card?
<nealmcb> Janet32766: the output of lspci -vvn may also be helpful
<nealmcb> and do lsmod to see which modules are in use
<nealmcb> dmesg may also be of use
<Janet32766> lsmod shows tg3...
<nealmcb> Janet32766: the howto was done with skge drivers - I don't suppose those work with your card??  But I'm afraid I don't have any of the above equipment and that's about all I can suggest - post to the forum and see if readers can help.
<jpowermacg4> nice... Ex-Chat.. lol
<ScottK> jpowermacg4: For Postfix setups, when I was first learning and still when I try something new, I find "The Book of Postfix" invaluable.
<jpowermacg4> ScottK where is that located? and i'm just about to start this thing dthacker said
<ScottK> jpowermacg4: The book's web site is here: http://www.postfix-book.com/ but it's an actual dead tree book.  It's also the best Postfix reference I've found yet.
<etam> Does anyone have experience with DL360 G1 with DLT
<etam> Does anyone have experience with DL360 G1 with DLT
<ScottK> etam: This is the quietest period of the day for this channel.
<ScottK> Trying again US AM/European PM is you best bet.
<etam> Tks ScottK
<jpowermacg4> dthacker you there?
<kraut> moin
<stiv2k> hey
<stiv2k> what command can i use from within a PHP script to get the version numbers and status (up/down) of services like apache and such...?
<coNP> Easiest way to dump everything is to invoke phpinfo()
<stiv2k> nah but i mean
<stiv2k> i want to make a page showing the version of apache, whether its up or down, then other services
<stiv2k> like mysql, ircd, sshd
<stiv2k> all the crap on my server
<stiv2k> iirc, phpinfo() doesnt give all taht
<coNP> stiv2k: if apache is down you won't get the page :)
<stiv2k> yeah 
<stiv2k> but i just want to try and do it anyways
<coNP> You might work with external calls. Some initscripts can give a "status" that shows if they are up. You can also use some ad-hoc diagnosis (e.g., telnet to the specific port) or base your results on an existing monitoring tool (e.g. munin is simple and straightforward). I would use the latter.
<infinity> apache2ctl status, mysqladmin version, sshd has no status reporting, so just a ps | grep might be all you've got there (and a test if port 22 is open), same with ircd.
<infinity> mysqladmin version can dump stuff like:
<infinity> Server version          4.0.20-log
<infinity> Protocol version        10
<infinity> Connection              Localhost via UNIX socket
<infinity> UNIX socket             /var/run/mysqld/mysqld.sock
<infinity> Uptime:                 799 days 9 min 31 sec
<infinity> Threads: 1  Questions: 30101170  Slow queries: 2023  Opens: 195335  Flush tables: 1  Open tables: 64  Queries per second avg: 0.436
<juliux> morning
* jpowermacg4 is away: thanks dthacker
* jpowermacg4 is away: thanks dthacker it worked
<ivoks> man, aren't we blind, or what... :)
<ivoks> we have partman-auto-raid already in ubuntu
<ivoks> just, it's in universe :/
<fabbione> ivoks: it's only raid preseeding afaik
<ivoks> recipe for partman
<ivoks> this is what was requested at last meeting
<coNP> Hey! I did some security patches for lighttpd.
<coNP> Anyone running dapper / edgy / feisty and lighttpd please help test them.
<coNP> Debdiffs for these targets are available (bug 127718) 
<ubotu> Launchpad bug 127718 in lighttpd "lighttpd security fixes" [High,In progress]  https://launchpad.net/bugs/127718
<Elazar> I'm trying to configure MySQL such that the lower_case_table_names setting is 2. I've tried creating a custom file in /etc/mysql/conf.d, I've tried editing the my.cnf file directly, and I've restarted mysql after each attempt, but it just doesn't seem to see the setting change. Any suggestions?
<ekimus> hello, i'm on 6.06 LTS normally using debian. now i need a mailer that can send to my smarthost. nullmailer is what I use normall but that is broken any hints?
<ekimus> s/normall/normally
<ScottK> Postfix can be configured to send through a smarthost, but may be overkill in your case.
<ekimus> that is why i normally use nullmailer. our 3 postfixes are configured properly and i just would like some simple mta that i don't have to care about...
<ScottK> IIRC sending through a smarthost is one of the Debian config options and so trivially easy to configure (unlike more complex Postfix setups).
<ekimus> hmm msmtp doesn't provie mail-transport-agent. that would brake a hell lot of dependencies....
<ekimus> ha! ssmtp seems to work... now i gotta wait until all the cronjobs run to see how it behaves with a lot of messages.
<ekimus> thanks anyway...
<Elazar> I'm trying to configure MySQL such that the lower_case_table_names setting is 2. I've tried creating a custom file in /etc/mysql/conf.d, I've tried editing the my.cnf file directly, and I've restarted mysql after each attempt, but it just doesn't seem to see the setting change. Any suggestions?
<stiv2k> what commands can i use to fetch the version of certain packages (like, have it return ONLY the version number in the result) and a way to check the status of certain services running on the machine?
#ubuntu-server 2007-08-10
* Starting logfile irclogs/ubuntu-server.log
<jbrouhard> ew
<kraut> moin
<kraut> does anybody know, how i could send a magic-sysrq through a remote terminal-console over  cyclades tsc?
<sommer> hey all, anyone know if there's an issue in changing www-data user's home directory?
<dendrobates> sommer, yeah, if you delete the user, you lose your website.
<sommer> heh...I'm trying to run a command over ssh using PHP, but the command runs as www-data.
<sommer> just wondering if there's any problems in changing the home from /var/www to /home/something.
<sommer> that way I can setup ssh keys outside the web space.
<dendrobates> that is not because of the directory, that is because of the user apache runs as.
<coNP> sommer: thanks for the lighttpd testing
<dendrobates> oh your not using apache.
<sommer> coNP: no problem.  anytime you need some testing ping me and I'll see if I can help.
<coNP> thanks sommer 
<coNP> will do :D
<sommer> dendrobates: yeah I'm using apache for this project.
<sommer> more of a hack really.
<sommer> I'm thinking as long as the www-data user exists and it has rights to /var/www it shouldn't be an issue if it's the Home directory or not.
<sommer> just wondering if anyone has experience in changing that.
<dendrobates> sommer: you can change it, as long as the permissions are all still correct.
<sommer> cool, thanks for the input.  
<sommer> sweet, home directory changed home directory and no issues so far.
<ewook> Any opinions on running a 'packaged' firewall or iptables? server sits behind a ipcop dist, but I wish to be on the safer side, and log traffic.
<tsurc_> on feisty ubuntu-xen-server is built with 2.6.19.4 but the headers for that kernel are not available in the repos. I would like to be able to get xen and drbd on the same host os
<ewook> Package xen-headers-2.6.19-4-server
<ewook>     * feisty (devel): Common header files for Linux 2.6.19 [universe] 
<ewook>       2.6.19-2ubuntu7: i386
<ewook> http://packages.ubuntu.com | was that the package you were looking for?
<tsurc_> now why didn't i find that when I searched. Thanks should do nicley.... I hope
<ewook> dunno how you searched :)
<ewook> hope it helps.
<ScottK> I was a little slower, but went to https://launchpad.net/ubuntu and searched on xen-server and found the same.
<tsurc_> bugger....  /usr/src/modules/drbd/drbd/drbd_fs.c:31:26: error: linux/config.h: No such file or directory
<ewook> *_*
<tsurc_> installed feisty server ok, followed docs on getting ubuntu-xen-server installed ok, now I'm trying to get drbd to work but to do that (now I have the kernel headers for the running kernel)  I need to compile the drbd module. when I try using "sudo m-a a-i drbd0.7-module-source" it fails with that error
<ewook> you're way out of my leage now *_*
<ewook> sorry
<tsurc_> my idea is that I work in a grammar school and we have just got two identical dell servers. I want to have mega redundancy. so I install ubuntu-server, then ubuntu-xen-server so I can run a number of servers on the same machine then use drbd to replicate the running virtual servers to the other box. Then use heartbeat to monitor them, If one machine goes down the second should auto start the virtual servers again
<tsurc_> I have seen it done on CentOS but not ubuntu
<ewook> sounds like a good idea.
<ewook> should be doable.
<tsurc_> "should" thats a nice word
<ewook> never worked with xen tho.
<ewook> ya... it is.
<ewook> did you check all depend. ? http://packages.ubuntu.com/feisty/base/ubuntu-xen-server
<tsurc_> just trying that now I guess apt-get build-dep is my friend here
<sls_> Hi, I have files using swedish charactrers () stored on a samba server -- evntually I notice that the proper characters are replaces wirh odd ascii characters instead (like *~)... any Ideas why?
<sls_> the files are not corrupted...
<sls_> I have not noticed this when the files are stored on a windows server.
<jbrouhard> hi all
<jhutchins> Seems to be some corrupted packages at the british mirror - two users reprot bad MD5sum for http://gb.archive.ubuntu.com/ubuntu/dists/gutsy/main/source/Sources.bz2
<nealmcb> sls_ Tell us more about what application produced the file, on what operating system, and what is reading it, what character set you think is being used, etc.  Different applications interpret character sets very differently.  And #ubuntu may also have good insights.
<ScottK> jhutchins: There is new support for (IIRC) SHAH1 signatures in the new Apt.  Dunno if the repo is bad, or the Apt has a problem.
<jhutchins> ScottK: One of 'em switched to the "in." server and it worked fine.
<Nafallo> what's in?
<ScottK> India I think.
<Nafallo> it's Canonicals DC anyway.
<mathiaz> in. points to archive.ubuntu.com
<Nafallo> jhutchins: I get that for universe and multiverse btw.
<Nafallo> jhutchins: problems seems to have gone away on gb
<stiv2k> i have a really weird issue
<stiv2k> i already asked it in #cups but im waiting for a response
<stiv2k> for some reason, the printer i have in cups keeps disappearing every few hours
<stiv2k> and I have to constantly re-add it again
<stiv2k> it's so annoying, why?
<nealmcb> We (and #cups?) need more details - see the Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<stiv2k> right eight
<stiv2k> right right*
<stiv2k> let me think
<stiv2k> ok so im running feisty
<stiv2k> and cupsys 1.2.8
<stiv2k> um
<stiv2k> well someone in a different channel said it might have something to do with dbus
#ubuntu-server 2007-08-11
* Starting logfile irclogs/ubuntu-server.log
<Gruelius_> Can someone help me to reinstall apache2, some of my config files got blanked and now it wont install at all, apt-get remove/install doesnt recreate the files, dpkg-reconfigure doesnt do it either
<tsurc> tried aptitude purge apache2?
<JanetFLorida> does anyone have any ideas why this doesn't work as documented? firefox -install-global-extension adblock.xpi ???
<bLud_Yago_Potato> can some 1 kinda walk me thou how to set up a ftp server
<cyberjames> hi
#ubuntu-server 2007-08-12
<hansin> Can anyone recommend on of the various available Japper services/deamons?  I see that jabberd2 and ejabberd are there.  Is the jabber package jabberd14 or something else?  I was hoping to start with one that is easy to configure.  Thanks.
<hansin> s/one of the
<hansin> Ok, I answered my own question; the Jabber package is the jabberd14.  Not sure if I should go with jabberd2 though.  I know they are two distinct projects.
<nealmcb> hansin: I'm hearing pretty good things about ejabberd and wildfire
<Dessan> hansin, I personally love wildfire
* Starting logfile irclogs/ubuntu-server.log
<hansin> Yeah, I just noticed that you can download a openfire_XYX.tar.gz file, and it states this next to the download link: "No Java JRE, works on most Unix variants"
<hansin> So I bet it would be pretty easy to get it working on Ubuntu Server.
* Starting logfile irclogs/ubuntu-server.log
<PanzerMKZ> does anyone change some of the settings in hdparm for harddrives and cd rom's?
<juliux> hi
<juliux> did somebody tested scalix opensource edition with evolution as client?
<juliux> hi
<madh64> Hi, I have just installed ubuntu server 6.06.1 (LTS) on a via cv860a system. The install seemed to go fine, but when I boot the installed system it segfaults right after loading init.rd. Can anyone help?
<madh64> i think my segfault issue may have been due to incorrect kernel arch. is it possible for me to install an i586 kernel?
<stiv2k> why does it say this every time i try to upgrade?
<stiv2k> The following packages have been kept back: gnupg linux-image-server linux-server
<madh64> hi - is it possible for me to run ubuntu-server on a i586 based machine?
<Nafallo> not with the serverkernel AFAIK
<madh64> i read that i586 support was being dropped but i hoped there was a work around
<Nafallo> go with another kernel I would think?
<madh64> how do i put an i586 kernel on at install time?
<nealmcb> stiv2k: are you using aptitude?  I've seen that sort of thing especially with aptitude.  apt-get may work better, though it doesn't keep track of what you intended to install as well....
#ubuntu-server 2008-08-04
<juannicolas> Hi, I was wondering if someone can point me to the right dirrection in how to do internet failover with ubuntu.
<godfather516> hello I am a new ubuntu user
<godfather516> I just installed hardy
<godfather516> but this avahi thing is causing me headache
<godfather516> does anyone know how to disable certain processes from starting on boot
<godfather516> ?
<godfather516> thank you
<thenewguy> test
<kraut> moin
<exot> hello, how can I let my users change their vpn-passwords ( PPTP )
<davmor2> Guys I noticed somewhat of a flaw with U-S when selecting print-server not all the ppds or print modules are installed.  This means that a lot of printers aren't supported out of the box whereas the desktop counterpart does.  Are there any plans to improve this for intrepid?
<davmor2> bug 254581 I thought there was one already but I couldn't find it so I've thrown this one together :)
<uvirtbot`> Launchpad bug 254581 in ubuntu "Ubuntu Server Print-server doesn't pull in all the printer modules and ppds" [Undecided,New] https://launchpad.net/bugs/254581
<edmoore> Hi all - I've read a few ways of doing this but though I'd ask here to see if there is a concensus. I'll be running server mainly as a headless box, but occassionaly will want to switch into GUI for random development/web browse/watch a film/whatever. I'd like to default to not having gui boot up, then do start x; when I want to go into GUI. How do you then stop x once you've finished in the gui?
<crummygummy_> Hi all, is anyone here running Ubuntu server on HP Prologic servers?
<crummygummy_> erm Proliant
<davmor2> yes
<davmor2> crummygummy_:
<davmor2> crummygummy_: Yes on a proliant 115
<crummygummy_> davmor2: have you managed to get the HP monitoring software running?
<davmor2> crummygummy_: no I don't have any real need for them though :(
<crummygummy_> You never have problems? Ever?
<davmor2> crummygummy_: No it just sit's here running quite happily :)
 * delcoyote hi
<p4_xxx> hi, i installed ubuntu server in on if my pc to share and sore files between 3 pc with samba. uv=buntu server is already runing but sometimes the server does not apear in the bowser. is there another way to share and store files with ubuntu server?
<p4_xxx> think wrong channel  :-(
<lordpsyan> it has been many years since visiting any irc channels, or using irc. now I need to setup an irc server. I have installed ircd-hybrid but their website is down, and I need help.
<ComputerWolf> Ok, I am back again with more issues I am unable to fix, and no one seems to want to answer my questions on any forums. :-P
<ComputerWolf> can anyone here help me fix an ftp server problem?
<ComputerWolf> I have sftp working now, but there are other applications to where I need ftp to work as well
<ScottK> Personally I don't use ftp anymore, so I can't help, but supplying the specifics of your problem will likely improve your odds.
<thefish> ComputerWolf: what apps specifically need ftp to work?
<thefish> there may be some way around that
<ComputerWolf> scott, thanks again for pointing me in the direction of sftp the other day, it works better than I expected, I just need the ftp server to work for a few minor applications
<ComputerWolf> I have quite a few people who use specific coding apps to connect to my server to edit files, and they don't support sftp and they would like to retain using their current applications as opposed to finding ones that support it
<thefish> fair enough
<ComputerWolf> here is my problem, FTP was working fine for months, it is behind a router and has no firewall on it. The ports are forwarded perfectly fine on the router, passive and regular. Recently, I get a error when anyone tries to list a directory in passive mode, and active mode gets a connection refused error, as if there are port troubles
<ComputerWolf> I tried proftps, vsftpd, pure-ftpd, wu-ftpd... all the same result
<ComputerWolf> however all work internally, just external connections do not work
<ComputerWolf> sftp works, apache works, as well as others, it is only ftp
<ComputerWolf> i have tried moving the passive ports around, no luck
<ComputerWolf> i am wondering if there is some network setting that accidentally got modified that is rejecting all external connections when I try to connect to a directory
<ComputerWolf> if it was only the passive listing not working, I have read many posts that say that that is a networking issue, but that fact that I can login in active mode and then it gets refused when I try and list, is what is throwing me for a loop
<ComputerWolf> also, I am logging in with a username and password, no anonymous, and the users own the files and directories they are attempting to access
<eak> hi
<eak> how to prepare webalizer with virtualhosts
<ComputerWolf> as I was saying, it kills me that it worked before with the same settings it always has and now it doesn't. which leads me believe it is something that got modified on the server, unrelated to FTP, but is killing the connections
<thefish> ComputerWolf: your ftp connections are dying?
<thefish> ComputerWolf: you use iptables? could be you want the ftp connection tracking module
<ComputerWolf> well, no, in passive mode, they just hang when I attempt to list a directory, and in active mode the connection is refused when trying to list
<ComputerWolf> no iptables, no firewall at all on the server
<thefish> mm ok
<thefish> not sure then sorry
<thefish> see if you can make the server log verbose though
<thefish> thats always a good starting point :)
<ComputerWolf> i have, I have the exact errors if you need them, but they don't point to anything that i would know how to fix
<ComputerWolf> or point to anything at all
<thefish> spose you could pastebin the errors
<ComputerWolf> ok, here it is: the passive mode: http://pastebin.com/m9992ab5 all I get on the client is http://pastebin.com/m1591f158. Here is active mode: http://pastebin.com/m3df29135 and the client: http://pastebin.com/m2f61e95d
<foolano> mathiaz: so the cn=config backed is gonna be enabled by default for intrepid, or it depends on testing and feedback?
<mathiaz> foolano: it will be enabled by default
<mathiaz> foolano: of course testing and feedback is welcome :)
<lukehasnoname> is aptitude out of intrepid by default?
<foolano> mathiaz: ok thx, i'll test it asap
<ComputerWolf> if anyone is still here from earlier, i have found the solution to my problem. My Netgear router has a setting called "SPI Firewall" which once disable took care of the port issues.
<PMantis> ï»¿Hello, my do-release-upgrade from 6.06.2 --> 8.04.1 is crashing with: Hash Sum mismatch, W:Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/hardy-backports/multiverse/source/Sources.bz2  ...   etc.   Tried update & upgrade - all is current.  Ideas?
<thefish> PMantis: maybe an apt-cache clean
<thefish> PMantis: are you behind any kind of proxy? I was getting similar with apt-cacher-ng
<thefish> PMantis: apt-get clean i mean
<PMantis> No, the servers are currently allowed full unfiltered inet access.
 * PMantis tries to clean first.
<PMantis> Looks promising
 * PMantis reverts to a snapstop to try again without interrupting the upgrade so many times.
<thefish> :)
<thefish> PMantis: it shouldnt be a problem if it was just at teh downloading stage
<thefish> its only when you intterupt while its installing that stuff will break
<PMantis> thefish: Well, with VMWare it's easy, plus I tried it without the -p, and it was starting to work. That goes to 7.04...
<PMantis> I just want a clean slate. :)
<PMantis> almost done anyhow.
<thefish> ok, good luck, im off for some drugs booze and loose women
<PMantis> ROFL
<kirkland> jdstrand: can you take a look at the latest ecryptfs patch, making the PAM modules optional?
<kirkland> jdstrand: I tested it in every way I could think of, looks to work to me
<PMantis> kirkland: An end user will test it in ways you could never imagine. :)
 * PMantis couldn't resist...
<kirkland> PMantis: always....
<kirkland> i'm going to blog post testing instructions as soon as I get a new package sync'd with upstream
<kirkland> jdstrand: bug #253816
<uvirtbot`> Launchpad bug 253816 in ecryptfs-utils "pam_ecryptfs needs to be added to the common-password stack by auth-client-config" [Medium,Triaged] https://launchpad.net/bugs/253816
<jdstrand> kirkland: I shall
<kirkland> jdstrand: thx
<kirkland> jdstrand: actually, i need to do a merge of ecryptfs-utils today....
<kirkland> jdstrand: if you'd prefer, i'll roll this fix into that merge
<kirkland> jdstrand: so you'd only have to sponsor once
<kirkland> jdstrand: up to you though
<jdstrand> kirkland: I would prefer that-- just ping when ready
<kirkland> jdstrand: okey doke, gimme a bit to test my merge
<nandersson> How do I package a source .deb that is basically a Java-program? I.e I'm looking for a way to package "Hello World" in Java...
<stickystyle> Is anyone else seeing the ubuntuforums server subsection as being un-reachable?
<lukehasnoname> ya db error
<nandersson> Will Ubuntu use the same java-policy as Debian? I see that a dependency in Debian is the meta packages java-virtual-machine + java1-runtime / java2-runtime
<w8tah> in the rescue environment - what is the prefered editor?  my vim commands dont seem to be working?
<Deeps> vi
<w8tah> ok
<Deeps> i take that back
<Deeps> ubuntu doesn't appear to include vi
<jpds> nano too.
<Deeps> which is different
<w8tah> ok - i just have to remove a couple lines
<w8tah> so its all good
<w8tah> tells me error opening bterm
<w8tah> i can read the offending file in the rescue environment - -but i cant seem to edit it
<Deeps> bterm?
<Deeps> probalby not suitable for a rescue environment, heh
<w8tah> thats what it says
<Deeps> assuming it's bterm.org
<Deeps> export TERM=xterm or export TERM=vt100
<w8tah> i dont know - -im just trying to correct my /etc/pam.d/common-auth file that i screwed up it wont let me log in
<w8tah> id rather not have to rebuild the server if i can avoid it
<Deeps> you might need to be root
<Deeps> or use sudo
<w8tah> how do i do that in the rescue environment?
<w8tah> (ie what password?)
<Deeps> umm, heh, i've never tried ubuntu's rescue mode so i dont actually know
<w8tah> ok
<w8tah> i'll keep fiddling
<Deeps> first hit on google for 'ubuntu rescue mode'
<Deeps> http://www.linuxtopia.org/online_books/system_administration_books/ubuntu_starter_guide/ch08.html
<Deeps> supposedly rescue mode gets you straight to a root shell
<Deeps> (so it's just single user mode?)
<w8tah> it appears that it is single user
<w8tah> in a chroot
<w8tah> vim answers but its like really limited (arrow keys dont work for example)
<w8tah> i was able to use enter to move down lines and comment out the offending lines
<Deeps> use hjkl to navigate
<w8tah> OHHHHHH
<w8tah> the good news is it worked
<w8tah> and im back in
<Deeps> woo
<Deeps> well done
<w8tah> i had accidetly copied part of an incorrect config into /etc/pam.d/common-auth
<w8tah> while doing a samba setup
<w8tah> BLECH
<uvirtbot`> New bug: #254707 in bind9 (main) "Please sync bind9 1:9.5.0.dfsg.P2-1 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/254707
<Deeps> heh well done
<w8tah> thanks to you -- i appreciate it
<w8tah> :)
<w8tah> the server is blank (just deploying) but i REALLY didnt wanna hae to rebuild it
<frith> i am wondering what virtualisation technology to use,
<frith> i wonder how xen compares to vmware esxi
<nandersson> frith, Xen is todays "legacy" within open source but Ubuntu as well as Red Hat is going for KVM in the future. Have a look at the Red Hat project ovirt at www.ovirt.org
<TechPepsi> how do you delete directories that are not empty?
<nandersson> TechPepsi, rm -rf [dir]
<TechPepsi> its not working
<TechPepsi> ok it worked
<ekimus> anybody knows wether the ubuntu-xen-server works in hardy i found https://bugs.launchpad.net/ubuntu/+source/xen-3.2/+bug/204010 and https://bugs.launchpad.net/ubuntu/+source/linux/+bug/218126 which doesn't exactly sound like using it is possible (no network in dom0 according to those bugs)
<uvirtbot`> Launchpad bug 204010 in xen-3.2 "networking not working (dup-of: 218126)" [Undecided,Confirmed]
<uvirtbot`> Launchpad bug 218126 in linux "xen guest  kernel bug:  'kernel BUG at /build/buildd/linux-2.6.24/debian/build/custom-source-xen/drivers/xen/netfront/netfront.c:785'" [Medium,Fix released]
<ekimus> (sorry to ask around in channel, on the "normal" channels noone seems to use xen)
<uvirtbot`> New bug: #254721 in dovecot (main) "dovecot-imapd: trying to overwrite `/usr/lib/dovecot/modules/imap/lib11_imap_quota_plugin.so', which is also in package dovecot-common " [Undecided,New] https://launchpad.net/bugs/254721
<TechPepsi> nandersson, thanks
<TechPepsi> how do you make a file writable?
<ekimus> man chmod
<TechPepsi> ekimus, you put the file name after that
<TechPepsi> ekimus, how do get out of manual chmod thing?
<ekimus> q
<ekimus> (hit "q")
<TechPepsi> OHHHh ok, whoops.. my linux skills is a lil rusty
<TechPepsi> ekimus, thanks
<ekimus> TechPepsi: you might wanna try #ubuntu there are more people there that can help you with basics
<TechPepsi> well I know that, but this on server.. not the OS
<nandersson> TechPepsi, check out http://www.ee.surrey.ac.uk/Teaching/Unix/
<TechPepsi> but yeah, I was there yesterday though
<nandersson> TechPepsi, and look at Tutorial Five
<TechPepsi> link?
<nandersson> TechPepsi, learning the access rights system is very, very important
<ekimus> TechPepsi: no pun intended but your questions arent really server specific - I'll answer but I wont hold your hand :)
<TechPepsi> please don't.. that is not necessary
<james_w> hey all, is bug 254434 on anybody's radar? I think it's in likewise-open, but it may be samba's fault.
<uvirtbot`> Launchpad bug 254434 in likewise-open "package libwbclient0 2:3.2.0-4ubuntu3 failed to install/upgrade: trying to overwrite `/usr/lib/libwbclient.so.0', which is also in package likewise-open" [Undecided,New] https://launchpad.net/bugs/254434
<TechPepsi> but thanks anyway
<ekimus> can't believe there's still people out there that are OK with just pointers to the right docs... you just got a few points on my personal karma list :)
<TechPepsi> If I had another computer for a linux machine, I am sure I would be fine
<ekimus> windows host? how about virtualbox or vmware server (both free, the latter only free as in free beer)
<TechPepsi> I am on mac, at the moment
<TechPepsi> I'd never touch windows unless I have to, I REALLY have to
<daskReech> Hello
<daskReech> is there any support for GFS in Hardy?
<ekimus> TechPepsi: then virtualbox or vmware fusion (latter is $$)
<TechPepsi> I might just get vmware later on down the line
<Nafallo> daskReech: *shrugs* since noone seems to be around... there is support in terms of important bugfixes and security fixes for all of main, and the Canonical payed support promise resolutions to all of main.
<daskReech> hmm
<Nafallo> community would be up to whoever else use it... nothing anyone can really promise, which I hope you can understand.
<daskReech> yes
<daskReech> THanks
<Nafallo> no worries
<Nafallo> just trying to help
<daskReech> :-)
<uvirtbot`> New bug: #254778 in samba (main) "package will not upgrade " [Undecided,New] https://launchpad.net/bugs/254778
#ubuntu-server 2008-08-05
<uvirtbot`> New bug: #252245 in samba (main) "unable to connect to windows network pc's" [Undecided,New] https://launchpad.net/bugs/252245
<gouki> Any mailing list admins using lurker?
<uvirtbot`> New bug: #253937 in libnss-ldap (universe) "Local login fails without LDAP server" [Undecided,New] https://launchpad.net/bugs/253937
<AgentHeX> so i recently installed a server box, and i'm looking to create a mysql table, but i don't know the login credentials to make the table.  help?
<AgentHeX> should i use the user "mysql"?  and if so, what password should i try?  i already used "sudo passwd mysql" to set a password, but "mysql -u mysql -p" rejects the password i set.
<sommer> AgentHeX: try username of "root"
<AgentHeX> what pw?
<AgentHeX> Access denied for user 'root'@'localhost' (using password: NO)
<AgentHeX> sudo mysql does the same thing
<sommer> AgentHeX: try the one you set during installation
<AgentHeX> didn't set one
<AgentHeX> been using sudo for any root-level permissions
<sommer> AgentHeX: it didn't ask you?
<AgentHeX> don't think so
<sommer> try dpkg-reconfigure mysql-server
<sommer> err, sudo dpkg-reconfigure mysql-server :)
<AgentHeX> yeah...  realized that.
<AgentHeX> what did that do exactly?
<sommer> thought it might prompt you for a password
<AgentHeX> nope
<sommer> AgentHeX: which release are you running?
<AgentHeX> 8.04
<AgentHeX> just ran aptitude and updated everything
<AgentHeX> it's basically a fresh install
<sommer> AgentHeX: one sec
<AgentHeX> i'm trying to put phpBB3 on it for a forum server.
<AgentHeX> i know i can sudo passwd to set the pw for root, but i don't really want to
<sommer> AgentHeX: the mysql 'root' user is different from the system root user
<AgentHeX> hmmm
<AgentHeX> then i wonder why it's not letting me do anything without a pw.
<sommer> AgentHeX: try sudo dpkg-reconfigure mysql-server-5.0
<sommer> AgentHeX: should prompt you to set a passwored
<AgentHeX> sweet.
<AgentHeX> props, sir...  your assistance is much appreciated.
<sommer> AgentHeX: heh, np
<AgentHeX> /skips along and installs phpBB3
<AgentHeX> so...  what username should i use with the new pw?
<AgentHeX> mysql?
<sommer> AgentHeX: root
<AgentHeX> hmmm
<AgentHeX> not working :(
<sommer> AgentHeX: what command are you using?
<AgentHeX> strange.
<AgentHeX> it works now that i set the pw to "test"
<AgentHeX> was using a more complex pw.  maybe i mis-typed it twice :-/
<sommer> AgentHeX: heh, that's possible :)
<AgentHeX> guess so.  got it now.  thanks
<sommer> AgentHeX: welcome
<sommer> ScottK: there's something of an issue with the init script in dkim-filter-2.6.0.dfsg-1ubuntu1
<sommer> ScottK: just fyi, :)
<ScottK> sommer: There is?
<sommer> ScottK: looks like some diff output was mistakenly placed in the file... in the start function
<ScottK> Urgh.  Is it there is 2.6.1?
<sommer> not sure I pulled 2.6.0 in an intrepid vm, is that not the latest?
<ScottK> Now I wonder if I uploaded 2.6.1
 * ScottK looks
<ScottK> Looks like I didn't upload it yet.
<ScottK> I'll look.
<sommer> ScottK: cool, just thought I'd give you a heads up
<ScottK> Sure enough.  Thanks.
<sommer> np
<ScottK> Right.  2.6.0 is all there is.  I"m getting my amavisd-new and dkim-milter versions confused.
<ScottK> sommer: I'll upload a fix in a few minutes.
<sommer> ScottK: cool, I've started working on the dkim stuff... still double checking what's currently there
<ScottK> Appreciate that.  Did you see I"ve got verification enabled in amavisd-new?
<sommer> nope, must have missed that
<sommer> which file?
<sommer> ScottK: oh right the defaults file... cool
<ScottK> We've got SPF pretty well covered too, so I think for email auth technologies we're in pretty good shape.
<ScottK> sommer: Fix uploaded.  Thanks again.
<sommer> ScottK: welcome
<sommer> ScottK: another small issue... the debian/etc/conf.d/40-policy_banks in amavisd-new has a bug in the header comments: http://paste.ubuntu.com/34275/
<nxvl> ScottK: did you saw the courier merges?
<nxvl> ScottK: at the end the latest version of courier-authlib was needed as build-depend for courier
<nxvl> ScottK: so i merged both of them
<ScottK> nxvl: I saw the bugs.  I haven't had a chance to look at them yet.  Thanks.
<nxvl> :D
<nxvl> ok
<sonly> hola
<uvirtbot`> New bug: #254813 in samba (main) "package winbind 2:3.2.0-4ubuntu2 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/254813
<kees> kirkland: odd, the ecryptfs-utils upload didn't go through -- maybe the orig was missing?  anyway, I fixed the changelog and re-uploaded.
<uvirtbot`> New bug: #254881 in samba (main) "[security = domain] 100% cpu after a reboot of the PDC" [Undecided,New] https://launchpad.net/bugs/254881
<exot> hello, I have installed pptp vpn server. but clients suffer from very slow service, my company has 2mb DSL connection
<arooni> if i want RAID... and i have two 330GB PATA drives on hardy... and a mobo (asus p5ne-sli) that supports RAID.  (1) is it better to let hardware/software handle raid? (2) what type of raid should i use?  (3) is raid easy/hard to setup?  (4) any guides are recommended?
<arooni> hardy (desktop edition)
<_ruben> ask in #ubuntu? since its not ubuntu server related?
<arooni> i was told in #bash to ask here
<arooni> but sounds good _ruben ;  ill go there
<exalted> Hi. I wonder if there are well known problems in Upgrade from 6.06 LTS to 8.04 LTS?
<piti> Hi. I'm setting up a mailserver (postfix + dovecot), postfix seems to be well configurated (as I manage to send mails with authentication from a mail client), but I have some trouble with dovecot, to retrieve mails.
<piti> I setted dovecot to use Maildir, but the maildir remains empty. I don't know what/where making investigations to find the trouble I'm experiencing.
<sommer> morning all
<pschulz01> sommer: 'morning'
<micheluntu> hi all, a question about bind9
<micheluntu> nobody knows if exists a tool that show me (graphically) my named configuration?
<Oliber> webmin?
<micheluntu> uhm.. maybe.. nothing more specific?
<micheluntu> I was looking for something like rapache for apache
<Deeps> hmm, where would locale variables (like LANG) be set by default?
<Deeps> nm, failure to google first before asking silly questions
<zul> ebox?
<siretart> micheluntu: I've been told that some people find the gbindadmin package useful. I never installed it though, so YMMB
<siretart> YMMV, even
<micheluntu> siretart: thanks, apt-getting..
<Brazen> If this gets any more exciting, their gonna have to tow me outta the booth!
<Brazen> join /ubuntu-meeting
<Brazen> oops
<fransman> I have build a Ubuntu kernel for a Cobalt Raq server box. It has only ttyS0 as output, so no tty's/no video but that's ok for testing. The kernel is booting in a second stage fired-up by a embedded kernel. This all goes nice. But it look's like this new kernel is less verbose at startup.
<fransman> it show only booting kernel... Ubuntu intrepid (development branch) deblnxsrv15 ttyS0 deblnxsrv15 login:
<fransman> what do I've got to do to get it more verbose?
<zul> remove quiet from the grub command line
<fransman> But this linux server it does not boot with grub!
<zul> try #ubuntu-kernel then
<fransman> thanks for your support
<Brazen> If you create and start a virtual machine with virtlib, can you view that virtual machines console remotely over vnc?
<mindspin> hi, I set up an ipsec tunnel between two vpn-gateways pinging into the networks seems to work, but I misconfigured some Nat rules.
<mindspin> whatever IP within the remote network i ping, I get the answers from the vpn gateway....
<mindspin> I can even ping non existing machines in this network ;-)
<micheluntu> mindspin: which is the vpn gateway replaying? the local or the remote?
<mindspin> the remote
<mindspin> the tunnel is up,
<mindspin> but I misconfigured my nat rules
<micheluntu> mindspin: the remote is natting all the packet. maybe you have to specify only the public interface in iptables rule
<mindspin> That could be right, but to be honest, I created my rules with fwbuilder, and have no idea to realize this in fwbuilder
<mindspin> I could add some handmade rules in the script... but hesitate for not wanting to mess the up the connection on the remote site (now), because the folks there are still working ;-)
<mindspin> all traffic from the internal networks are natted to the public ip address
<mindspin> now I have to setup a rule, that does not nat traffic from net a to net b
<micheluntu> mindspin: ok, or not nat on tunnel iface - for example tun0
<mindspin> there is no iface tun0 in openswan
<mindspin> it would be much easier if there were one ;-)
<micheluntu> mindspin: so don't you   have 3 interfaces : private,public and the tunnel one.?
<mindspin> maybe adding  routes could be a solution
<mindspin> I have two...
<mindspin> private and public
<mindspin> tunnel goes over public
<mindspin> connection is between the two public addresses (ppp0)
<mindspin> I have to leave now, will be back in an hour or two.....
<micheluntu> mindspin: there is example in openswan wiki docs
<micheluntu> mindspin: http://wiki.openswan.org/index.php/Openswan/Configure search "Do not MASQ or NAT packets to be tunneled"
<mindspin>  I will have a look... (although I believe I went through the whole docu...)
<micheluntu> it is really simple ;-)
<mindspin> I tried to do exactly this...
<mindspin> gottago... bye
<micheluntu> bye
<frith> i wish i knew which vm solution would do what i want
<EtienneG> hey sommer
<EtienneG> nijaba poked me about the new Kerberos section in the Server Guide
<EtienneG> I would actually have feedback about it!
<sommer> EtienneG: cool, fire away
<EtienneG> sommer, hold on, brb
<dusty__> Hey guys, I have just got a virtual system, running ubuntu 8.04 base install.  I first decided to setup iptables: http://rafb.net/p/O7sc4f15.html I installed the package, created a script, and issues iptables-restore < /etc/iptables.test.rules it then errors at line 42 but line 42 is the COMMIT line in the paste, I have no idea what is wrong, the script is fine, perhaps im missing some other application, i am lost ev
<dusty__> erything is explained in the paste, does anyone have any idea why it does not work ?
<EtienneG> dusty__, I cannot see off-hand, but I would try to comment section of the script to see if it work better (ie, comment the log section, etc)
<EtienneG> also, I would rather use policy instead of default ACCEPT rules (ie, -P OUTPUT ACCEPT)
<EtienneG> but that is just me
<EtienneG> sommer, there it is!
<EtienneG> sommer, first, I think you should mention the time syncronisation issue somewhere
<sommer> time sync issue?
<sommer> don't think I came accross that, but sure that's a good ide
<sommer> err idea
<EtienneG> sommer, like, when time drift more than five minutes between participating host
<sommer> EtienneG: ya, I think I remember reading something about that
<EtienneG> sommer, IME, it is a FAQ, and one almost everybody get to figure out at least once :)
<sommer> EtienneG: it causes trouble with the tgt?
<sommer> EtienneG: and does setting up ntp solve the issue?
<EtienneG> sommer, well, any authentication fail if time drift more a certain amount (five minute by default)
<EtienneG> sommer, using NTP is usually the best way avoid that
<EtienneG> indeed
<EtienneG> hold on, let me do a quick search for some doc on that
<sommer> EtienneG: cool, I'll mention it and link to the ntp section
<EtienneG> sommer, anyway, I cannot find it right, I will come back to it
<EtienneG> sommer, second, small mistake at "sudo sudo krb5_newrealm" (sudo twice)
<EtienneG> sommer, third, I think the bit about setting up an admin user could use just a tiny bit of clarification
<EtienneG> sommer, eg "Replace EXAMPLE.COM and steve/admin with your Realm and admin user."
<EtienneG> sommer, this should specify that "steve" specifically need to replace with the username to grant admin cred to
<sommer> EtienneG: that sounds reasonable
<EtienneG> it is just nitpicking, but it could be confusing to someone who is not very familiar with the princ/service@REALM convention
<sommer> sure, ya it's sometimes hard to know how much detail to go into :)
<EtienneG> and that is about it, the rest is perfectly fine!
<sommer> EtienneG: awesome, thanks for taking a look at it
<EtienneG> well, the section about syncronizing two KDC database make me want to gouge my eyes with a spoon, but that is not your fault!
<EtienneG> sommer, you are welcome
<sommer> EtienneG: I was also thinking of added a Kerberos and LDAP section, since the secondary kdc is so cumbersome
<EtienneG> sommer, thanks for taking the time to write the section int he first place, actually
<EtienneG> sommer, good idea, I just wonder: what is the state of the LDAP backend actually?
<EtienneG> I have not checked in a couple year, but back then, it was considered very much experiemental
<sommer> EtienneG: from the website, it seems pretty straight forward... add the schema, then add the attributes to your ldap objects
<sommer> EtienneG: of course the reality may be more complicated :)
<sommer> EtienneG: I think if there's a way to auto"
<EtienneG> sommer, that is very good if it is that straightforward
<sommer> add the kerberos attributes, it'll be worth documenting
<sommer> EtienneG: either way I'll probably take a look at it this week or next
<sommer> EtienneG: another thing that I'd like to include, but it may not make it this release, is documenting configuring kerberos for other serices like apache or samba
<sommer> EtienneG: do you use it for those services?
<reya276> Anyone know about Zabbix (NMS)?
<reya276> I keep getting this error "Call to undefined function pg_connect() in /usr/share/zabbix/include/db.inc.php"
<reya276> but I checked the file and that seems to be correct also the DB exists on MYSQL Server
<lukehasnoname> so did I miss anything interesting at the meeting?
<_ruben> pg_connect sounds like postgres .. not mysql
<Brazen> lukehasnoname: of course :D
<lukehasnoname> Tropical Storm Edouard hit this morning so I didn't go to work
<lukehasnoname> thus not waking up early at all
<lukehasnoname> so EncryptedPrivateDirectory is coming along, Active work on the part of kirkland with booting a degraded raid, Soren is working hard on VMBuilder, and ScottK needs more help with MIRs
<ScottK> Yes.
<ScottK> At least on the last bit.
<lukehasnoname> ScottK: Is there a page with more details on what you need done? Now that I found a hotspot in my house, I have some better internet, I might be able to contribute a minute amount
<lukehasnoname> eh?
<ScottK> lukehasnoname: Back now.
<ScottK> lukehasnoname: Did you see https://wiki.ubuntu.com/ClamavSpamassassinInMain already?
<ScottK> lukehasnoname: https://wiki.ubuntu.com/MainInclusionProcess describes the process.  Step 1 is already done.
<lukehasnoname> ScottK: It's out of my league, I believe. Sorry to have bothered you. I need to get a bit more familiar with (and actually participate in) basic packaging, bug reporting, etc. before I volunteer any more. :-/
<ScottK> lukehasnoname: No problem.  Thanks for looking.
<lukehasnoname> I'll get more active in about 2-3 weeks when I'm back in college. Ubuntu 9.04 might see a lot more of my work :) Anyway, I'm going to eat lunch. Seeya.
<henkjan> whois dustin?
<kirkland> henkjan: I am a "Dustin"
<henkjan> sudo echo "BOOT_DEGRADED=true" > /etc/initramfs-tools/conf.d/mdadm
<henkjan> won't work
<henkjan> the sudo only works voor echo, but not for the output redirection
<ogra> right, you need tee
<ogra> echo "BOOT_DEGRADED=true" | sudo tee -a /etc/initramfs-tools/conf.d/mdadm
<kirkland> ogra: henkjan: thanks guys
<henkjan> kirkland: ah, quick fix
<kirkland> henkjan: sure, no problem.  thanks for pointing it out
<EtienneG> sommer, samba use Kerberos when participating in an AD, and there is not much to say beyond what need to be said about AD membership on the subject
<EtienneG> sommer, as for Apache, I do not know, and I think it is somewhat unobvious
<EtienneG> as the ticket have to be encoded in HTTP somehow, etc
<EtienneG> but I never did such a thing, so I am not too sure
<sommer> EtienneG: cool, I'll probably look into it more at some point, thanks
<sommer> EtienneG: or anyone really, have you ever used the Kfw (http://web.mit.edu/kerberos/kfw-3.2/kfw-3.2.2.html) with Ubuntu and Samba?
<EtienneG> sommer, no, never, sorry
<sommer> EtienneG: that's cool... thats more of what I was thinking when I mentioned Samba ealier
<EtienneG> maybe someone else around did?
<sommer> EtienneG: I'm using a Samba pdc, and was thinking about kerberizing the windows login and the portal page, but that would entail configuring joomla for kerberos as well :-)
<sommer> EtienneG: right now one of those "down the line" kind of ideas
<EtienneG> sommer, ok, not sure how you would do that, but (eventually) Samba 4 will make your life easier in this regard
<EtienneG> as Samba 4 will allow for native-mode AD master in Samba
<sommer> EtienneG: yep, thats crossed my mind as well :)
<EtienneG> right now, you Samba PDC authenticate user the old-fashioned way (not Kerberos)
<sommer> EtienneG: right but you'd still need to integrate the website login somehow... that's really the kicker for me
<EtienneG> you might be able to massage the stack into both authenticating to the Samba PDC and getting a TGT from your KDC, but that seems like an awful lots of work
<EtienneG> the web stuff i am not sure about
<EtienneG> as I said, I *think* there is some way to pass Kerberos ticket in HTTP, but I am really not too sure
<EtienneG> I just vaguely remember stumbling upon soemthing in this vein
<sommer> that's cool... just kind of throwing around ideas
<EtienneG> sommer, yep, there it is, look for libapache2-mod-auth-kerb
<sommer> ah thanks, I'll look into that :)
<EtienneG> it need support from the browser, tough
<EtienneG> not sure it is built-in Firefox by default
<EtienneG> anyway, I have to run folks
 * EtienneG waves
<uvirtbot`> New bug: #255124 in apache2 (main) "apache's default logging format can be horribly inaccurate in terms of data transferred" [Undecided,New] https://launchpad.net/bugs/255124
<kirkland> soren: hey, do you have a few moments to talk about iscsi?
#ubuntu-server 2008-08-06
<ScottK> kirkland: How'd the server team meeting go today?
<kirkland> ScottK: hey, it happened :-)  Koon led it, as mathiaz was absent
<ScottK> Who is Koon?
<kirkland> ScottK: Koon is Thierry Carrez
<ScottK> Ah.  He sent the announcement mail.
<kirkland> ScottK: he's leading our Java efforts, among other things
<ScottK> Has he been with Canonical long?
<kirkland> ScottK: started just before UDS
<kirkland> mathiaz was on vacation and needed someone to run the meeting, Koon volunteered ;-)
<ScottK> Was he there?  I don't remember meeing?
<kirkland> Yeah, he was there
<PrivateVoid> sorry I missed the meeting... I was in the BT meeting
<ogra> ScottK, he had dinner with us at the naked fish the first evening (werent you there ??)
<ogra> (at the sprint)
<ogra> err
<ScottK> Nope.
<ogra> sorry, mixed you up with Steven ... i should really go to bed
<ScottK> Not at any sprints.
<ScottK> Bah.  I'm older and wiser.
<ogra> that didnt happen to me since half a year or so, dang
<kirkland> ScottK: anything in particular you were curious about, from the Server Meeting?
<ScottK> on the phone ....
<ScottK> I was hoping there was a hord of MIR writers suddenly appeared.
<ScottK> ... off the phone
<kirkland> ScottK: :-)
<kirkland> ScottK: I wrote 4 for ecryptfs-utils, and friends...  really really really tedious work
<kirkland> ScottK: and I have one more to write, for keyutils
<ScottK> Yeah.  I did about a dozen for amavisd-new in Hardy.
<kirkland> ScottK: there was consensus that AV in Intrepid is important
<ScottK> Right, so someone else please help ...
<ScottK> If I sound a bit grumpy about no one other than sommer actually doing any of the work, I am.
<kirkland> ScottK: understood.  Unfortunately, I'm falling a bit behind on my items, atm.
<kirkland> ScottK: iSCSI is kicking my butt
<ScottK> I can imagine.
<ogra> you can always fall back to nbd :P
 * ogra hides
<zul> hah
<zul> ogra: so helpful ;)
<Crewsr3> is anyone around to answer an ubuntu server question?
<PrivateVoid> I can try...
<Crewsr3> what i want to do is install ubuntu server 64 and then install vmware server and then run 32 gui of ubuntu amount other things
<Crewsr3> do you think it would be hard to do
<Crewsr3> amout=amoung
<Crewsr3> among
<PrivateVoid> no...
<Crewsr3> Ok I can't spell
<PrivateVoid> are you going to leave the DE/WM off the server?
<PrivateVoid> or are you going to install a DE/WM on the server?
<Crewsr3> Your going to half to help me out what is DE/MM
<PrivateVoid> Desktop Environment and WIndows Manager
<PrivateVoid> there are ways to do VMs with no GUI on the server, but you can access the VM Guest through VNC etc
<Crewsr3> No I did not want to I wanted to have it run only the command line and then have the vm with a GUI
<PrivateVoid> yes that can be done... there are some FAQs on doing it
<PrivateVoid> through the FAQs I have seen are for KVM not VMWare server
<Crewsr3> so when I start up and ubuntu sever is ready can I just start the vm from the command line
<PrivateVoid> yep
<Crewsr3> and then will the gui kick start
<PrivateVoid> not sure if you get a GUI on the server... or if you will need to VNC from a client
<PrivateVoid> I have not actually completed the task on my server, but read the FAQs and heard other people claim to have had success
<Crewsr3> so if my main box is headless and I have a client ssh into the server, then I can access the gui of the VM
<PrivateVoid> or use VNC
<PrivateVoid> yes
<PrivateVoid> and you can GUI through SSH from what I have been told as well.
<Crewsr3> How powerful do I need the client to be in order to enjoy good compfuzion
<Crewsr3> or can I even use comp fuzion
<PrivateVoid> well you are not going to get comp-fusion on a VM
<PrivateVoid> no hardware accel
<Crewsr3> right now I have a fairly powerful GPU and would like to make use of it
<Crewsr3> so it sounds like this is not an ideal setup
<PrivateVoid> Then you would want to install the client on the machine directly
<PrivateVoid> VMs are really for testing or other uses...
<PrivateVoid> and do not feature full hardware usage
<Crewsr3> that makes sense, that is what I use them for now
<Crewsr3> I have my windoz VM for windoz only apps and then I use it to play around with other distros
<Crewsr3> are you a command line pro?
<PrivateVoid> not really
<PrivateVoid> I do what I need to and Google the rest
<Crewsr3> Google is my best friend
<Crewsr3> thanks for your help
<Crewsr3> take care and have a good one
<PrivateVoid> you too
<ishkur_> quick question, im trying to setup a VM in Virtualbox. what is the kernel that comes with Ubuntu SE 8.0.4.1 ?
<fujin> Hi, is there a preferred method of upping the number of file descriptors for an application?
<fujin> I'm getting: general: error: socket: too many open file descriptors
<fujin> with BIND
<kraut> moin
<uvirtbot`> New bug: #255251 in amavisd-new (universe) "One line is not commented out in 40-policy_banks" [Undecided,New] https://launchpad.net/bugs/255251
<edmoore> So I have two 250GB hdds, and i want to do software raid 1. This is a largely personal headless server, though doing a bit of webserving and providing some file storage to the outside world. But not a full-time webserver or anything. How best to partition things up?
<thefish> edmoore: look in to lvm, it will give you some flexibility to grow/shrink volumes
<thefish> (depending on file system)
<thefish> also gives you some nice benefits on top like snapshots
<edmoore> thefish: thanks for the tip, I am looking now. But say for the sake of arguement, roughly what do you think I should put where, and it what proportions?
<hads> I usually put most of the disk into /data save a few GB for / and /var although it really depends what you're doing and where you store things.
<thefish> ^ faster typist :)
<uvirtbot`> thefish: Error: "faster" is not a valid command.
<thefish> you may also want about 100M /boot
<thefish> i also use the same mount point /data :)
<hads> e.g. / = 2GB ext3 /var = 2GB ext3 /data = * JFS
<hads> JFS is my preference, a lot of people like XFS
<hads> Or just ext3 depending on what you're up to.
<hads> If you've got multiple users then you may want a separate /home with some space.
<hads> I don't tend to use LVM much myself unless it's a special circumstance.
<hads> It is nice though.
<soren> I never set up a machine of any kind without lvm.
<hads> My /data is usually RAID5 though which you can extend these days.
 * soren dislikes stuff like /data
<hads> Where do you put things like virtual mail or virtual web sites?
<soren> /srv somewhere, usually.
<soren> /data is pointless. Everything you have you your disk is data in some form.
<hads> srv == data really
<henkjan> /mnt/data
<nxvl> soren: yeah, but the name of the mount point doesn't change much
<soren> And I *really* don't like having the several hundred GB /somedirectory for general storage.
<nxvl> i use /usr or /var
<nxvl> but that's a matter of tastes
<hads> Yeah, same thing, /var or /srv will end up with several hundred GB if you decide to use that so it's six of one half a dozen of the other really.
<soren> nxvl: Well, the name of the mount point should give some hint about what you expect to find in there. You don't rename /home to /files, for instance.
<edmoore> so what's the purpose of /home for a largely single-user machine?
<soren> edmoore: That's where you keep your files?
<edmoore> i thought that was my general purpose store for everything
<nxvl> soren: /etc is not just random and non-important stuff, but etc sounds like it is
<edmoore> ok, just got confused by people using /usr and /var for seemingly that purpose
<Deeps> big /usr, ln -s /usr/home /home :D
<soren> nxvl: Yes, but there are historical reasons for that, which we cannot easily change. That's a really bad excuse for making up other bad names for mount points.
<soren> Deeps: Please, no.
<Deeps> the freebsd way \m/
<hads> /srv and /data aren't any different at the end of the day. It's a preference really.
<nxvl> soren: yes, true. But if you want to put your things in /personal i really don't care, i try to use the tree that comes with my system and put my files where they fit in there
<hads> The FHS is weird to start with so there's no point trying to argue about it.
<nxvl> soren: at the end, you will not touch my servers and i hardly doubt someone else will
<Deeps> isn't freedom great?
<soren> Besides, thinking of all of this in terms of mount points is silly. They're directories. That's all. If a particular directory is bound to have a lot of stuff in it, or if you want to contain it, make it a separate file system.
<nxvl> yeah, directories, sorry i named it bad
<hads> Deeps: You said it :)
<soren> nxvl: That's beside the point, really. We're discussing what we find to be good and bad practice.
<nxvl> i have just come from the airport and haven't sleep well
<nxvl> soren: oh! in that case yes, you are right
<nxvl> :D
<hads> I probably should use /srv rather than /data - that was a convention I had before I know that /srv existed in the FHS and wasn't used for anything else.
<nxvl> btw, does the systems creates a /data directory?
<hads> No
<nxvl> then why to use it?
<soren> What I usually do is this: I make /boot a primary partion of a few hundred MB. The rest of the disk, I make a big LVM physical volume.
 * hads goes back to work
<soren> I make a VG out of that, and create a "root" lv of about a 1.5GB.
<nxvl> i usually create a 10 Gb partition for / and the rest for /var
<soren> And a "var" lv of a couple of GB, a "usr" lv of a couple of GB, and a "home" lv of about the same.
<nxvl> and in some cases 8 Gb for /usr
<nxvl> depend on the server
<nxvl> i don't use lvn
<nxvl> haven't try it yet
<soren> If something big comes along, like a large new website I want to host, I add a new lv for it and mount it somewhere under /srv.
<nxvl> lvm*
<nxvl> well
<soren> Oh, I use ext3 for the /boot partition and XFS for everything else.
<nxvl> time ti sleep
<nxvl> read you!
<soren> Good night, Nicolas.
<nxvl> have a nice day soren!
<soren> Otherwise, I just put stuff where it belongs and keep an eye on disk usage and crank it up or divide it as necessary.
<soren> Of course, depending on the server, the disks underneath migth be RAID1 or RAID5 or something, but in terms of allocation of the disk space I have available, that's all I do.
<soren> LVM and XFS provides me with the tools I need to be able to manage this "on-line", so I don't have to sit around being nit-picky about my disk space, when I'm installing.
<hads> Why have a boot partition these days?
<_ruben> cant boot lvm
<hads> Oh, LVM root.
<soren> hads: Right. To be able to have root on lvm.
<crypted> Can someone please help me settup a bridge for internet charring across many machine?
<crypted> Please :(
<zul> yay /usr for everything
<sommer> morning
<ArtimusDeathhole> hello all
<KB3NZQ> any thoughs setting up a proxy on ubuntu 8.04 desktop or should i ask this in #ubuntu
<crypted> My DNS are not resolving. But I can ping ip's. Please help
<ArtimusDeathhole> crypted,  what is in your /etc/resolv.conf?  also, do you have nscd installed?
<BUGabundo> hi there
<BUGabundo> I'm having trouble with dovecot
<BUGabundo> http://pastebin.ubuntu.com/34783/
<sommer> BUGabundo: try creating the directory sudo mkdir /var/run/dovecot, then try sudo apt-get -f install
<sommer> BUGabundo: did you manually remove that directory at some point?
<BUGabundo> not that I remember
<BUGabundo> sommer: nops. that didn't do it!
<BUGabundo> chmod: cannot access `/var/run/dovecot/login': No such file or directory
<BUGabundo> should I create that too?
<sommer> BUGabundo: worth a try
<BUGabundo> who should be owner?
<BUGabundo> root or mail?
<sommer> BUGabundo: shouldn't matter to apt-get
<BUGabundo> but for the configure set of dovecot it might
<BUGabundo> update-rc.d: warning: multiuser is deprecated; specify runlevels manually
<sommer> BUGabundo: what are you trying to do?  from your pastebin I assumed you had an error when trying to install dovecot?
<BUGabundo> I'm trying to start it
<BUGabundo> it seems to days updates mess it up
<BUGabundo> and it was left uncofigured
<BUGabundo> https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/255367
<uvirtbot`> Launchpad bug 255367 in dovecot "Package dovecot-common is not configured yet. " [Undecided,New]
<sommer> BUGabundo: so you did have a working configuration?
<BUGabundo> yep
<BUGabundo> let me see if it now start
<BUGabundo> *starts
<uvirtbot`> New bug: #255367 in dovecot (main) "Package dovecot-common is not configured yet. " [Undecided,New] https://launchpad.net/bugs/255367
<BUGabundo> still it gives that error / warning now
<BUGabundo> imap(s) is now up
<BUGabundo> is that message important at all ?!
<sommer> BUGabundo: which release are you using?
<BUGabundo> intrepid
<ArtimusDeathhole> please add that to you bug filing as well please
<BUGabundo> I'll leave it there, in case any dev stumble on it
<BUGabundo> its already there
<ArtimusDeathhole> k, thanks
<BUGabundo> # dovecot --version \n 1.1.2
<BUGabundo> https://bugs.edge.launchpad.net/ubuntu/+source/ebox/+bug/255368
<uvirtbot`> Launchpad bug 255368 in ebox "ebox: Depends: libapache-authcookie-perl but it is not installable " [Undecided,New]
<BUGabundo> next bug
<BUGabundo> any tips?
<BUGabundo> I would like to give ebox a go...
<sommer> BUGabundo: you'll probably have to wait for a new version of ebox to be uploaded to intrepid... that's to be expected using an alpha release
<jmedina> morning
<lukehasnoname_> hi
<edmoore> hi - am installing server right now, but the box is w/o network connection (non available) and therefore has obviously just failed its DHCP search
<edmoore> is this a bad thing or can I carry on anyway?
<Deeps> assuming you're not doing a net install, its not an issue
<jmedina> edmoore: which version are you istalling?
<spiekey> Hello!
<spiekey> i there a live cd for 64bit xeon machines?
<jmedina> I think there is not server edition livecd
<spiekey> iam getting: chroot: cannot run command `/bin/bash': Exec format error
<spiekey> when i try to do a chroot in knoppix
<spiekey> any cd will do ;)
<jmedina> spiekey: why dont you download the 64bits server edition?
<jmedina> http://ubuntu.osuosl.org/releases/hardy/ubuntu-8.04.1-server-amd64.iso
<jmedina> what works with intel 64bits
<Nafallo> spiekey: the cd just mentioned have a recovery mode which uses d-i to guide you up until it leaves you in a chroot
<spiekey> thanks!
<spiekey> i just successfully booted :)
<spiekey> now i can view my lvm disks with lvdisplay. But they do not exist as /dev devices :-/
<spiekey> do i need a kernel module
<spiekey> ?
<soren> spiekey_: They live under /dev/<name of volume group>/
<soren> spiekey_: Also, you'll find the corresponding device-mapper devices under /dev/mapper
<spiekey_> yes. but they are not there when booting with the live cd
<soren> spiekey_: "lvm vgchange -ay"
<jmedina> that is you need to activate tehem
<spiekey_> hmm..looks like the live cd does not have the device mapper in the kernel :-/
<spiekey_> soren: thanks alot!
<spiekey_> it seems to work ;)
<zul> nxvl: ping
<kees> kirkland: raidy goodness?
<kirkland> kees: yeah, so i'm attacking the multi-MBR aspect of this now
<kees> cool
<kirkland> kees: i found a few things, but I'm missing a few others
<kirkland> kees: so, in no particular order.....
<kirkland> kees: who/what/when creates device.map?
<kees> grub-install, IIRC
<kirkland> kees: hmm, if that's the only place, it doesn't do it very smartly
<kirkland> kees: also, i'm a bit confused by the shell script "grub-install" which is in the "grub" package, and then some other package, "grub-installer"
<kees> no idea what "grub-installer" is.  :P
<kees> here's the method for doing a raid1 MBR: http://www.dirigo.net/tuxTips/avoidingProblems/GrubMdMbr.php
<kirkland> kees: ah, interesting....
<kirkland> kees: i was trying to decide if sdb should be hd1, or hd0 also
<kirkland> kees: if that article is correct, my hunch for hd0 is verified
<kees> right -- grub-install doesn't like the idea of marking hd0 as the secondary device, so you have to effectively trick it.
<kees> by claiming that the secondary drive is hd0.
<kees> so, detecting the raidness, the secondary drive, and the boot partition number is what's required to automate that recipe.
<kirkland> kees: yeah, but i probably don't want to write that to device.map
<soren> kirkland: The grub-installer in the installer is different from grub-install in that it also handles foreign OS'es.
<kees> absolutely you don't.
<kirkland> kees: okay, then i've been grossly over-thinking this
<kirkland> soren: good, that gels with what ogra told me :-)
<kirkland> soren: well, that it's the one in the installer
<kees> kirkland: I would imagine that update-grub should not be aware of any of this -- I think only grub-install (and I guess grub-installer from what soren says) need awareness.
<kirkland> kees: yeah, my changes, so far, have been in grub-installer
<Fenix|work> Greetings... when I SSH to an ubuntu box on the DMZ I get this huge lag as it's trying to authenticate me, where when I was on the same subnet it would be lightning fast... what's causing the hangup?
<kees> (which reminds me, I need to do this to my newly install hardy server...)
<kirkland> kees: in there, there's support for a couple of unique situations, like dmraid, and multipath
<kirkland> kees: i was going to add one more for "mdadm"
<kirkland> kees: the test, though, is *weak* in my opinion....
<kirkland> if type dmraid >/dev/null 2>&1; then
<kirkland> ...
<kirkland> elif type multipath >/dev/null 2>&1; then
<kirkland> ...
<kirkland> i can add a
<nxvl> zul: pong
<kirkland> elif type mdadm  >/dev/null 2>&1; then
<soren> Fenix|work: I'd look at DNS settings.
<kirkland> but just searching for the command seems flimsy
<kees> what does "type" do?
<kees> oh
<kees> right, checks path
<zul> nxvl: are you working n the multiuser for dovecot?
<kees> (I'm used to "which")
<kees> kirkland: that does seem flimsy
<kirkland> kees: i'll stick with type for the first pass
<kirkland> kees: but meh
<kees> kirkland: well, are you doing this in grub-installer or grub-install?
<nxvl> zul: yep, i'm on it right now
<kees> (which does the server CD use/)
<kees> s|/|?|
<Fenix|work> soren, I had a feeling that may be the problem.  Question is, how do I avoid it to do a DNS lookup on SSH connect.  resolv.conf is pointing to external servers and will never be able to look up my name.
<kirkland> kees: grub-installer
<soren> Fenix|work: "UseDNS no" in sshd_config
<nxvl> zul: why?
<kirkland> kees: i don't understand your question about the server CD
<nxvl> zul: you want have any suggestions or plans on it?
<Fenix|work> soren, thank you very much
<Fenix|work> works like a charm
<kees> kirkland: I just know there are differences between ubiquity and d-i
<soren> kees: The server CD uses grub-installer, I belive.
<soren> believe, even.
<kirkland> kees: i'll have to check, but I have a gut feeling it's grub-installer
<kirkland> kees: gimme a couple of minutes to clean up some proof-of-concept code
<kirkland> kees: and i'll pastebin it to you
<zul> nxvl: i thought you might were working on a patch or something
<kees> cool
<kirkland> kees: see if it's on the right track
<kirkland> kees: not tested yet, but worth reading
<nxvl> zul: it's just changing the line on debian/rules as i understand it
<soren> kirkland: What happens to the disk ID's if you boot from the second disk (ie. if the first disk is dead)?
<lukehasnoname> what is d-i, again?
<soren> debian-installer
<lukehasnoname> figured
<lukehasnoname> thx
<kirkland> soren: i think "tricking" it like kees suggested handles that, making each of sd[a,b] think they're hd0
<kees> soren: right -- grub really does not like booting up on the failed drive if it thinks that drive is mapped to hd1.  :)
<soren> kirkland: Well, we'd be writing the same MBR to both disks, right?
<soren> And that mbr expects (usually) to find the grub config and stuff on "hd0" (0x80). The question is: Is the second drive suddenly magically 0x80 if that's what it's booting from.
<soren> If so, what is there to be done, really?
<zul> nxvl: yep it is
<soren> I've never looked much at this problem. It's very likely that I'm missing something.
<zul> and updating the init script
<nxvl> zul: indeed
<kees> soren: if the failed drive is present enough that the BIOS attempts to boot from it, there is no way to boot.  in the case of being totally failed, the second drive becomes 0x80, and grub requires that it's mbr info matches that expectation.  I haven't actually checked to see if the mbr contents are identical on both drives.  I prefer just doing both mbrs writes via grub.
<kirkland> kees: you have to do the mbr write through grub...  raiding the devices sda1 and sdb1 keeps the data in those partitions identical, but doesn't handle the mbr, which is at the head of sda and sdb
<soren> kees: Ah, yes. If you install them separately, then you need to be careful. I somehow imagined the entire drive to be RAID1'ed, in which case it'd be a no-brainer.
<kirkland> kees: sorry, kees, that was not intended to be instructional :-)
<kirkland> kees: i meant to confirm what you were saying to soren :-)
<kees> kirkland, soren: cool, yeah.  I think we're all on the same page.  :)
<kirkland> kees: have a look at http://pastebin.ubuntu.com/34856/
<kirkland> kees: i'm reading the grub docs now, for doing the grub shell bit in an automated manner
<kirkland> kees: but see if the accounting for the drive/partitions/devices looks acceptable to you
<kirkland> kees: i'm using sed b/c no one else in the script is using awk :-)
<kirkland> kees: did I lose you?  :-)
<Koon> kirkland: I may have scared him in another channel.
<kirkland> Koon: yeah, he's reeling
<kirkland> :-)
<nxvl> zul: the init doesn't need to be modified
<zul> nxvl: no but the information in the init script should be updated
<nxvl> zul: of dovecot-common?
 * nxvl is lost
<zul> nxvl: just a sec
<nxvl> zul: i have reverted the change and use the debian line on debian/rules
<zul> nxvl: https://lists.ubuntu.com/archives/ubuntu-devel-announce/2008-June/000430.html
<r00tintheb0x> Hey, im trying to automatically download an attachment out of an email from our server.
<r00tintheb0x> Anyone know of a simple way to do that?
<nxvl> zul: oh! now i see
<nxvl> zul: thank you!
<zul> nxvl: np
 * delcoyote hi
<nxvl> zul: patch uploaded, sponsorship will be really apreciated :D
<zul> nxvl: sure
<kirkland> kees: did you get a look at that proof-of-concept code
<nxvl> zul: did you look at the patch?
<nxvl> zul: Bug #255367
<uvirtbot`> Launchpad bug 255367 in dovecot "update-rc.d: warning: multiuser is deprecated; specify runlevels manually" [Undecided,Confirmed] https://launchpad.net/bugs/255367
<nxvl> kirkland: i can't open https://wiki.ubuntu.com/EncryptedPrivateDirectory
<nxvl> kirkland: can you?
<kirkland> nope
<nxvl> kirkland: i'm getting 500
<kirkland> nxvl: me too
<nxvl> so it's a wiki problem
<nxvl> :S
<kirkland> nxvl: something about a wiki upgrade
<nxvl> i was trying to get in to test it :(
<kirkland> that sucks...  right when i do my blog post
<jpds> kirkland, nxvl: I suggest asking in #canonical-sysadmin, just they may still be fixing upgrade problems.
<kirkland> jpds: ahhhh..... so you *are* having wiki problems :-)
<jpds> kirkland: Am now.
<kirkland> jpds: :-P
<nxvl> kirkland: one time i did a blog post with some information on it calling for helpers and my server go down, that was horrible
 * jpds has had a Squid error and an Internal Server Error so far.
<kirkland> back up, perhaps?
<kirkland> quick, cache all of the wiki!!!!
<jpds> Yep, seems to be having fun falling off the net.
<jpds> kirkland: I read that page yesterday, will ~/Private be hard-coded or will we be able to change the name?
<kirkland> jpds: at the moment, it's #define'd
<kirkland> jpds: needs to be, for security purposes
<kirkland> jpds: mount.ecryptfs_private is a setuid binary
<jpds> kirkland: Shame... I really dislike files/folder with Capital letters.
<nxvl> kirkland: wiki alive again
<kirkland> jpds: there are some nasty things that a user can do, if they can choose the mountpoint
<kirkland> jpds: we might be able to provide a system-wide, root-configurable setting in /etc
<kirkland> jpds: you can add your usecase/comments to https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/247421 if you wish
<uvirtbot`> Launchpad bug 247421 in ecryptfs-utils "ecryptfs-utils private directory should support translations of "Private"" [Wishlist,Triaged]
<jpds> kirkland: Can it not be defined in xdg-user-dirs ?
<kirkland> jpds: it's on my list of things to do
<kirkland> jpds: unfortunately, i've been buried in iSCSI hell for the last few weeks
<kirkland> jpds: ultimately, as long as the root user controls the name of the dir, i think it'll work
<jpds> kirkland: OK, great. Thanks for the great work. :)
<kirkland> jpds: it's really just a matter of keeping non-priv users from choosing the string arbitrarily
 * nxvl is installing encryptfs
<kees> kirkland: yeah, sorry, had to run off to other stuff, let me read it and get back to you in a bit
<kirkland> kees: no worries, i'm running with it and testing it
<kees> kirkland: I get "Filesystem" out of that df
<kees> kirkland: does $ROOT include /boot/ ?
<kees> kirkland: probably skip the if mdadm --detail test and go straight to the processing, if it fails, the list will be empty
<kirkland> kees: oh, sorry, $ROOT is something in that script
<kirkland> kees: okay, that was set -e proofing, i though
<kees> grub_partnum=$(( partnum - 1 ))
<kees> I'd use that instead of expr (saves an exec of expr)
<kees> also, I like seeing $() over 11
<kees> er
<kees> ``
<kirkland> kees: k
<kees> looks like the right stuff to me.  :)
<spader3d_2> hi all
<spader3d_2> how do i open port 53 domain on my machine?
<kees> kirkland: I'd be curious about possible failure conditions, but I'm not feeling very creative at the moment.  I think best failure mode to catch is "if type mdadm" but nothing in mdadm --detail (i.e. not on md, but mdadm installed)
<kees> kirkland: I'll be back on in a bit...
<kirkland> these wiki problems are absolutely killing my productivity
<kirkland> kees: doh....
<kirkland>         md=`df "$ROOT/boot/grub" | sed "s/ .*//"`
<kees> okay, cool, that's what I thought.  :)
<kees> kirkland: btw, where is the source for grub-installer, just so I can peek at it?
<kirkland> kees: yeah, sorry, got lost between the 4 cut and pastes around terminals and pastebins
<kees> hehe, no problem.
<kirkland> kees: apt-get source grub-installer
<kees> heh.  go figure.  ;)
<kirkland> kees: let me get something working before you waste much time on this
<kees> kirkland: yeah, I just wanted to see the basic routine
<kirkland> kees: i just wanted a checkpoint that these are the things that need to be done
<thenewguy_> anybody  have any links/tips on setting up seaside / squeak with apache on ubuntu server? i dont know where to start
<kirkland> kees: grub-installer....  gross....  there are a bunch of bash functions, followed by 340 lines of shell code, followed by a bunch more functions
<kirkland> kees: I think I'm going to need to bust up that middle blob into functions, such that we can call them iteratively
<Fenix|work> if I want to download packages from packages.ubuntu.com... where do I place these downloaded packages on my ubuntu server
<Fenix|work> this box as of yet doesn't have a direct http/ftp connection to the outside
<zul> nxvl: yep will upload it tomorrow
<nxvl> zul: :D
#ubuntu-server 2008-08-07
<sommer> ScottK: dkim section added: http://doc.ubuntu.com/ubuntu/serverguide/C/mail-filtering.html
<ScottK> sommer: amavisd-new doesn't use dkim-filter.
<ScottK> sommer: It uses libmail-dkim-perl and it's in recommends so it'll get installed automagically.
<sommer> ScottK: it just uses regular domain keys?
<ScottK> No, uses the perl lib, not the milter.
<sommer> ScottK: right right... I'll adjust that
<ScottK> No need to tell them to install anything.  It's just there and working.
<sommer> sure, does the rest make sense?
<sommer> I wasn't entirely sure what to add
<ScottK> Subtle point is it's based on the signing domain, not the From in the message.  Usually those will match, but it's not inevitable.
<ScottK> If you look at any message from me sent in the last year or so, it'll be signed.  When you look at the signature, there's a d=kitterman.com.  That's what it keys off of.
<ScottK> I'd make it clear that whitelist in this context means do not do any spam or virus filtering.
<sommer> good point
<nxvl> ScottK: did you had chance to take a look at courier?
<ScottK> nxvl: Not yet.
<nxvl> ok
<nxvl> :D
<ScottK> Up to my eyeballs in $WORK right now.
<nxvl> ScottK: what did you work in?
<ScottK> I'm a consultant and work on a lot of different things.
<ScottK> Currently we have no babysitter for our 5 year old for three weeks, so I'm mostly watching her and running teenagers around during the day while my wife's at work and then I try to catch up in the evenings.
<nxvl> ScottK: that sounds hard
<ScottK> Yeah, it's only for a few weeks.
<nxvl> ScottK: how many kids did you have?
<nxvl> ScottK: just the 5 year old girl?
<ScottK> No.  Also 14 and 16 year old girls too.
<nxvl> ScottK: hard age for being a father
<ScottK> Fortunately I do believe that violence can solve problems and the boys know that, so they keep an appropriate distance.
 * nxvl loves ScottK 
<nxvl> ScottK: that's the key
<nxvl> if get daughters i will have the same policy
<sommer> kirkland: is the raid boot stuff ready for real hardware testing?
 * sommer thinking about starting the documentation of that area
<dthacker> I've noticed ScottK needs MIR's written for ClamAV.   Is there a guide to writing them?
<ScottK> Yes.
 * ScottK digs up some links
<ScottK> dthacker: https://wiki.ubuntu.com/MainInclusionProcess
<ScottK> dthacker: https://wiki.ubuntu.com/ClamavSpamassassinInMain lists what we are in need of.
<dthacker> thanks.  I'll do some reading tonight.
<ScottK> dthacker: Thanks. Feel free to ask questions.  It's mostly just grinding through stuff.
<ryoohki> anyone know why rbash( the restricted bash) was removed from the bash .deb package?  I can still hard link /bin/bash to /bin/rbash but a apt-get update will alter that
<kirkland> sommer: the stuff i blogged about this week, yes
<kirkland> sommer: i'm working on another patch for grub
<sommer> kirkland: cool, just wanted to make sure the BootDegradedRaid page is still the latest instructions
<kirkland> sommer: yup yup ;-)
<sommer> kirkland: I've added your ppa to my sources.list, but when I do an apt-get upgrade it's not pulling anything
<sommer> kirkland: are the new packages in the main repos?
<kirkland> sommer: oh, jeez, sorry
<kirkland> sommer: yeah, it's in main now
<kirkland> lemme update that part of the wiki page
<sommer> cool
<nxvl> kirkland: can you please apply a patch for me and see if it works?
<kirkland> sommer: sorry for missing that earlier
<kirkland> sommer: i'm editing now
<nxvl> kirkland: ScottK has been unsucseful appling it
<sommer> kirkland: that's cool, just wanted to make sure I wasn't missing anything :)
<kirkland> sommer: sorry, my fault
<nxvl> kirkland: https://bugs.launchpad.net/bugs/254681
<uvirtbot`> Launchpad bug 254681 in courier "please merge courier 0.60.0-1 from debian sid" [Undecided,Incomplete]
<nxvl> (and reopen the bug report if it worked)
<kirkland> nxvl: nope, it doesn't apply for me either
<kirkland> sommer: wiki updated
<nxvl> kirkland: can you paste the whole process (ls on the dir, command and output) please
<kirkland> nxvl
<kirkland> nxvl: mkdir courier
<kirkland> nxvl: cd courier
<kirkland> nxvl: apt-get source courier
<nxvl> ok
<kirkland> nxvl: wget http://launchpadlibrarian.net/16527829/courier_0.60.0-1ubuntu1.debdiff
<nxvl> that's the problem
<kirkland> k
<nxvl> kirkland: can you please dget the debian version -> http://ftp.de.debian.org/debian/pool/main/c/courier/courier_0.60.0-1.dsc
<nxvl> and apply the patch against it
<sommer> kirkland: so I set one of the drives to faulty using "sudo mdadm --manage --set-faulty /dev/md0 /dev/sdb1", and it booted fine... is that expected?
<sommer> kirkland: or should I physically unplug one of the drives?
<kirkland> sommer: yeah, that's expected
<kirkland> sommer: "set-faulty" is different
<kirkland> sommer: that tells mdadm to "expect" a drive as faulty
<sommer> kirkland: oooohhhh, heh that makes sense
<kirkland> sommer: this is really about what happens when an unexpected failure occurs
<sommer> kirkland: okay, I'll get physical on this thing ;-)
<kirkland> sommer: if you're dealing with physical hardware, unpluging the cable is the best alternative, sorry
<kirkland> sommer: i did my physical testing with USB thumb drives :-)
<sommer> heh, that's cool... I really haven't used software raid much, so this is good experience
<kirkland> sommer: yeah, it's a good thing to know
<sommer> heeh http://www.youtube.com/watch?v=VQXECBdPgEA
<kirkland> yikes
<sommer> ya, it's getting late :)
<sommer> kirkland: party!
<sommer> kirkland: everything worked as advertised... very cool
 * sommer goes to sleepy time
<kraut> moin
<Armilliary> I'm trying to get examples for a preseed file, and `sudo debconf-get-selections --installer` gives me the following error: "could not open /var/log/installer/cdebconf/questions.dat". I realise that there was a security issue with the root password being readable in that file, but is there a way to recover any of the other answers?
<Drazha> how much RAM is required for a small scale LAMP and SAMBA to work on ubuntu-server?
<hads> Define small scale?
<Drazha> well basically a development system, I am developing an application in PHP, and I only need the small server on a VM to develop it on
<Drazha> so like, 1 user accessing it really
<hads> 64MB would work, 128MB would be nicer, 512MB would be plenty
<thefish> Drazha: ive done stuff in 64M, ymmv
<Drazha> kewl, so 128 I setup is just fine
<thefish> 128 is plenty
<Drazha> ok next stupid one, is there a shell utility to setup the network interface and samba?
<thefish> i run ocs-ng (an automatic inventory system) in 128 - +-100 clients
<thefish> Drazha: yep, is called vi :D
<hads> +m :)
<_ruben> grmbl .. why is setting up dual wan configs always so tedious :p
<thefish> Drazha: what kind of setup do you want?
<Drazha> thefish: just to reconfigure the ip address (to avoid the vi route) and to setup a samba share?
<thefish> Drazha: thats pretty simple
<hads> nano or other similar editors may be easier to get to grips with
<thefish> for the ip address, youll want to edit /etc/network/interfaces
<soren> _ruben: what's the difficulty?
<_ruben> soren: finding a decent solution to get routing properly
<thefish> mmm, if you want to use nano, its best to `ln -s /usr/bin/nano /usr/bin/editor-for-wimps` first :)
<_ruben> soren: i've managed to get it working before, just forgot how ;)
<thefish> _ruben: doing fancy routing? ip route no doing its job?
<hads> heh, meany.
<Drazha> hads I know how to use vi, i am just being lazy
<hads> Oh, well then just stop doing that :)
<thefish> Drazha: you probably have "iface eth0 inet dhcp" in your interfaces file?
<Drazha> yeah well... i was hoping for a curses ui or smth
<Drazha> thefish: havent checked yet, probably
<thefish> Drazha: you can gtksu {some-gui-editor} /etc/network/interfaces
<thefish> not sure of the gnome gui text editor
 * _ruben grabs his hard-copy of LARTC again...
<Drazha> actually i am a rhel/centos user, decided to try out ubuntu-server, see how painful for my routine its gonna be
<thefish> :)
<thefish> nothing to be ashamed of
<Drazha> not ashamed, just too damn sleepy and bored enough to punish myself with this mini project
<thefish> Drazha: iirc interfaces file is the same in rhel/centos
<thefish> so you should be fine
<thefish> to jog your memory... http://www.cyberciti.biz/faq/setting-up-an-network-interfaces-file/
<Drazha> thefish thanks
<soren> _ruben: Define "routing properly" :)
<thefish> Drazha: for samba, just copy one of the examples - all you really need is [sharename] and path = /path/to/share, the rest is optional
<_ruben> soren: have both inbound and outbound traffic flowing, no loadbalancing, but being able to send specific traffic over a specific link
<Drazha> thefish: yeap, thanks...
<soren> _ruben: ip route add src <blah>
<exot> hello, how can I specify multiple IP address for exported directory for /etc/exprts
<soren> exot: man exports
<exot> soren, it doesn't show
<soren> Sure it does.
<soren>        # sample /etc/exports file
<soren>        /               master(rw) trusty(rw,no_root_squash)
<thefish> _ruben: you need metric for that no?
<_ruben> thefish: nah, thats only needed for loadbalancing afaik .. just needa mess with multiple routing tables a bit, and then find a decent way to automate things
<_ruben> sucky part is that one of the uplinks is dhcp and the other static ip
<soren> exot: That line will export / read-write to master and trusty, and trusty additionally does not get his root squashed.
<thefish> _ruben: metric is for costing a route innit? how would you use a metric for load balancing?
<_ruben> thefish: if you want uneven loadbalancing
<thefish> ?
<thefish> not trying to be an ass, want to learn - ive never used it for that purpose :)
<exot> soren,  got it .. thank you :)
<_ruben> thefish: say you have 2 mbit line and an 8mbit line ... you'd give one line a metric of 1 and the other 4 .. so 'unevenly balance'
<thefish> cool
<thefish> so the metric is something that the balancer takes into consideration when deciding which to balance to?
<thefish> fair enough
<thefish> what are you using for the load balancing?
<_ruben> im not doing any loadbalancing in this case .. we do have loadbalancers for our bigger websites tho (based on linux virtual server project)
<thefish> cool
<thefish> ive just done it with ripv2
<thefish> and it "just knows"
<thefish> think rip just calulates the hops though
<thefish> so ye, metric would be useful to tweak it
<thefish> _ruben: the vsp does network load balancing?
<thefish> just checking out "balance" looks cool
<Armilliary> ï»¿I'm trying to get examples for a preseed file, and `sudo debconf-get-selections --installer` gives me the following error: "could not open /var/log/installer/cdebconf/questions.dat". I realise that there was a security issue with the root password being readable in that file, but is there a way to recover any of the other answers?
<billio> Hi, I've been running Ubuntu-desktop for a while now and have decided to replace the OS on my server with Ubuntu.
<billio> I've installed 8.04.1 from CD and got it booting up and started adding a few extras.
<billio> I normally run my server with the screen unplugged and access with ssh. This all works OK so far.
<billio> I want to be abole to use emacs on the server over ssh, but when I try to install it, apt-get insists that
<billio> I need all the X11 packages. How can I get around this?
<steven3> hello!
<steven3> i have a quesiton that pertains to how much a server can handle, is that ok to ask in here?
<ScottK> Yes
<steven3> im going to have two scripts which access a mysql db, and thousands of people will be accessing it per hour, constantly for the entire month. is there a way to estimate how much bandwidth this will cost?
<steven3> :)
<Deeps> perform the queries for a set smaller sample over a set small time frame, and multiply up
<steven3> ah i see. thanks! then, i have an alternative question: is there a way i can split the chores up between multiple servers, as to avoid going over my bandwidth limit? for example, will it lower the bandwidth if i put the db onto a different server than the scripts?
<ScottK> There are ways, but that won't do it as the query to and the reply from the db server would actually use more bandwidth.
<lukehasnoname> billio: Try installing emacs22-nox
<gegema> May I ask for a good link for instruction on how to set up samba on a headless server? [Running Ubuntu 8.04.1]
<sommer> gegema: you could try: http://doc.ubuntu.com/ubuntu/serverguide/C/windows-networking.html
<gegema> sommer - Thanks!
<sommer> gegema: if you notice any problems, or if anything is unclear please let me know :)
<power> hi
<power> i wonder where the libapache2-mod-security go ?
<thefish> power: i think it was removed from debian cos of licensing issues
<thefish> http://packages.ubuntu.com/feisty/web/libapache2-mod-ifier seems similar but never tried it, otherwise its a manual install
<power> thanks,ill check it
<power> too bad,that mod-sec is removed
<chmac> Anyone know how to split a file into <2M chunks of *complete lines*?
<chmac> `split -b2M` cuts lines in half at exactly 2M
<billio> lookhasnoname: that's a last resort - I have been using the X version of emacs from my server
<billio> under Mandrake with only the basic X11 library. I hate all these dependencies based on
<billio> someones ideas of what is required as opposed to what is really needed.
<billio> Looks like I'll have to build it from source....
<lukehasnoname> hold on
<lukehasnoname> anyone: isn't there a --no-recommends switch in apt-get that only d/ls required dependencies
<gegema> sommer: Ok am ready to ask a question (althought simple) about Samba
<gegema> sommer: I got it set-up to a point where I can access the Samba share from the windows machines..now how do I access network drives on the windows network from the ubuntu box? (for example if the drive is accessed by going to \\server1 in windows, how do I get to that directory from within Ubuntu?)
<sommer> gegema: good question... that's not really covered in the guide just yest
<sommer> gegema: there's multiple ways, the smbclient utility acts something like an ftp client, but I find the simplest way is to mount a windows share to a folder in my home directory
<sommer> gegema: for that use sudo mount -t cifs //server/share mount_dir
<thefish> fusesmb can also be pretty useful - specially if you want to "browse"
<sommer> gegema: you may need the smbfs package as well (if you don't already have it)
<kirkland> sommer: great, thanks for testing!
<sommer> kirkland: np
<gegema> sommer: mount: wrong fs type, bad option, bad superblock on //server << getting this error
<thefish> ^ thats probably name resolution - maybe try replacing "server" with "ip address"
<uvirtbot`> thefish: Error: "thats" is not a valid command.
<thefish> or fwdn
<thefish> fqdn even :)
<sommer> gegema: ya you may want to be sure you can ping the host by name, and try by IP to be sure
<sommer> gegema: also are you trying to mount the share or browse the server?
<gegema> hmm.. ok... didn't have smbfs at first... so I insattled it and tried the mount again.. got a different error this time (mount error 13 = Permission denied
<gegema> Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)
<sommer> because to use a mount you'll need to use the entire share path
<sommer> gegema: ah, try sudo mount -t cifs -o username=youruser,password=yourpass //server/share mount_point
<gegema> sommer: I want to mount a share (a network drive within the windows network - MS SBS btw) so I can use it as a backup drive.
<sommer> gegema: I believe you can leave the password bit off and it will prompt you
<gegema> sommer: sorry for being dumb... on the username and password > are we refering to my username and pass on the Ubuntu box or my username and pass on the windows domain?
<sommer> gegema: the windows username and password, but if your ubuntu username matches your windows username, it may just prompt you for your windows password
<gegema> sommer: Perfect, mounted succesfully!
<gegema> am assuming adding this mount point in my fstab with the -o argument would work?
<sommer> gegema: party!
<sommer> gegema: yep, it works in fstab... you may want to do a quick google to confirm the exact syntax though
<gegema> sommer: Ok, Thanks a bunch for your help :)
<sommer> gegema: np
<gegema> sommer: back to bug you again... I want the windows user to have rw rights on the Ubuntu share (windows and Ubuntu accounts use different usernames and passwords) Is the answer setting "security=user" in smb.conf? or do the username and pass on each machine have to be identical?
<sommer> gegema: all you should have to do is to set the permissions on the directory appropriate for the nobody user... if you followed the serverguide when setting up a share
<sommer> gegema: that is if you don't what the windows user to have to enter a password
<gegema> sommer: But am sharing the entire home directory of the linux machine... not sure if its wise to chown the home directory with nobody.nogroup
<sommer> gegema: ya in that case you'll probably want to add the windows user to the system... basically create a linux user usering adduser then do smbpasswd -a username
<sommer> gegema: windows user to the linux system that is
<sommer> gegema: then you can give the necessary permissions to just that user
<gegema> sommer: in my case, windows user account are being managed by Active Directory... saw an empty shell on the server guide for active directory integration...was wanting to see if I could get around having to add each individual windows user as a user on the linux machine as well
<sommer> gegema: ah, then you'll want to check out the likewise-open section... it walks you through adding the linux machine to the AD domain
<gegema> cool beans... thanks
<sommer> welcome
<lukehasnoname> "They don't have a dual model with community and enterprise bits. I don't see how anybody's going feel real comfortable, without the certifications and support and enterprise nature of those bits, feeling comfortable running those in a mission-critical environment. " -Jim Whitehurst, Red Hat CEO
<lukehasnoname> on Ubuntu
<soren> Uh, err... I can't even make sense of that.
<soren> And if I could, I probably wouldn't agree :)
<sommer> bits usually give me comfort :)
<soren> How is it more comforting that the stuff you're deploying hasn't been tested by the community at large?
<lukehasnoname> he uses the term "bits" in the interview to refer to software
<lukehasnoname> http://news.cnet.com/8301-1001_3-10002150-92.html
<sommer> why would a certificate bring comfort?  it all comes down to your relationship with the vender in the end
<lukehasnoname> Search "ubuntu" on that page to see the paragraph I'm referencing
<edmoore> ok definitive answer. about to do software raid1 on hardy. 2 x 250gb discs. 4gb ram. so. 8BG swap, 242gb / on each. Or.... can i be more clever?
<edmoore> I am totally new and see lots of confusing answers
<lukehasnoname> edmoore: how much physical ram do you have? 4GB?
<edmoore> yep
<edmoore> so i read swap should be ~2x ram
<soren> Bah.
<soren> That was back in ancient times when virtual memory managers were brain dead.
<lukehasnoname> From my limited knowledge, and reading of "Ubuntu Server Administration", make a 100 MB /boot part, swap that is 1-2x RAM, and from there it's variable
<edmoore> 2 3 partitions on each one
<lukehasnoname> depending, it's recommended to have dedicated /var, /home parts
<edmoore> what defines the size of the boot partition?
<soren> I'm not saying that you might not need the 8GB. It depends on what you're using the server for, but the "swap should be twice the size of your ram" paradigm has expired.
<edmoore> so then that's 4 partitions - /boot, /var, /home, swap
<lukehasnoname> 100MB static. It's the dir where the boot files are located, the kernel, AFAIK
<soren> edmoore: Do yourself a favour and use LVM.
<lukehasnoname> but don't put /boot on the LVM
<lukehasnoname> I don't think you can
<soren> Right.
<soren> /boot seperately and then everything else on lvm.
<edmoore> I don't think I'm going to be pushing things particularly
<lukehasnoname> 100 MB boot (ext2), rest to LVM with 4GB swap, 15 GB? to / (root), and the rest to some mix of /var, /home depending
<lukehasnoname> LVM, among other things, allows easier adding and resizing of volumes
<edmoore> LVM asside for one sec (I'll come back to it), I want 100mb for /boot, 8gb for swap, and the rest is all my 'stuff'
<edmoore> so I have about 240gb for 'stuff' - you're advocating 3 partitions, a /root, /var/, and /home
<edmoore> ?
<edmoore> sorry if I am coming across as a trogolodyte - I am totally new to all this
<lukehasnoname> what is this server going to do
<lukehasnoname> file, print, web, database, etc
<edmoore> numerical sim, bit of web, all my degree work
<edmoore> hence the desire for raid 1 (for the degree work)
<edmoore> it probably won't be under heavy hard-disk usage
<edmoore> though the numerical sim stuff can lock up a cpu core and a bunch of ram for days at a time
<edmoore> so simplicity over cleverness is probably more my criteria - I'm not looking to sqeeze every bit of juice out of a heavily loaded webserver, if you see what i mean.
<lukehasnoname> if you use a load of RAM you might want a big swap. Also, if you don't plan on running a large or critical web site or DB, I'd suggest 30GB /(root), and the rest to /home. In other words, 100MB /boot, then LVM (4-8GB swap, 30 GB root, rest to /home)
<edmoore> cool - out of interest, why split up root and home?
<edmoore> and once i have done the partitioning in the partition manager during installation, how do i tell it which bits to use for what? I know about setting which to boot from and which to swap from, but then telling it which for /home and which for /root
<lukehasnoname> edmoore: Many reasons to split directories into different partitions when possible. Big reason for splitting off /home and /var from the root system is so you can reinstall the OS without formatting the /home and /var parts where your personal settings/files and your website are
<edmoore> ah that of course makes sense
<lukehasnoname> edmoore: When you define a volume in the LVM and go back to the partition manager, it will ask you where you want to "mount" the volume.
<edmoore> so I have to use LVM?
<lukehasnoname> no
<lukehasnoname> but it's handy
<edmoore> ok. when I come to do this in anger in about 1h, I might come on irc if i need help in real time, if that's ok :)
<lukehasnoname> http://www.freeos.com/articles/3921/
<lukehasnoname> I didn't read it, I just googled. Anyway, it might help
<lukehasnoname> answer your question about LVM
<lukehasnoname> not so much the technical instructions, but the "Whys" and whatnot.
<edmoore> yes, why is always more useful
<edmoore> It's why I built a server in the first place - I want to get the why behind linux. then the how should follow quite trivially
<edmoore> he says.
<edmoore> so lukehasnoname, when I come to do this for real in a bit, I should make 2 physical partitions per disc - 100mb for /boot and "the rest"
<lukehasnoname> I've been using Linux on my desktop for the past 5 months (100%) and for the past 2 years on and off. Also, I've been hanging on the IRC and the wiki all summer, and read a few books and a lot of magazines.
<edmoore> then make the /root, /home and swap using kvm?
<edmoore> lvm*
<lukehasnoname> edmoore: I don't know how to set up raid
<edmoore> ok, well the ubuntu wiki article is useful
<lukehasnoname> ask someone else about RAID, but but without RAID, you're right
<edmoore> though the one on lvm on raid says I need the alternate install cd
<edmoore> ok, well if anyone reading this wants to help me out, that'd be grand
<lukehasnoname> the alternate install is for desktops. If you're using the server install then that's the same thing
<lukehasnoname> er
<lukehasnoname> the installation instructions are the same, IIRC
<habriel__> i need set up a vpn with ubuntu server
<habriel__> i am looking someone guide
<habriel__> i have installed ubuntu server 8.04
<habriel__> hi
<habriel__> anyone there
<soulc> yeah but they are 3733t3
<habriel__> hi soulc
<soulc> do you haveanother machine?
<habriel__> do you know about ubuntu server
<soulc> I am running it
<soulc> https://help.ubuntu.com/ I got all the help I needed here
<habriel__> ok
<soulc> https://help.ubuntu.com/community/Servers
<habriel__> where are you from my friend
<soulc> maine us
<thefish> habriel__: what kind of vpn do you want? what will it be for? how many users?
<habriel__> i need to have 10 users
<habriel__> and the clients will be xp
<habriel> hi
<habriel> thefis
<habriel> are you there
<thefish> habriel sorry just leaving
<thefish> i would recommend looking at either openvpn
<thefish> or nomachine
<thefish> nomachine is not a traditional vpn, but it is very efficient
<thefish> openvpn is free, nomachine is commercial oss
<thefish> have a google for those, nomachine is trivial to install, just make sure you know what it does, openvpn is a bit more tricky but its more of a "traditional" vpn
<soulc> can anyone direct me to a resource for hardy spam controll?  I upgraded to hardy and now none of the spam is detected.... it is all marked good
<soulc> logfile output http://pastebin.ubuntu.com/35130
<thefish> soulc: you probably lost your bayesian dbs, if you have a lot of spam, you can use this to train sa again
<thefish> soulc: i would recommend adding DCC and maybe razor/pyzor
<soulc> the previous was after the upgrade here is before the upgrade http://pastebin.ubuntu.com/35132/
<soulc> razor is on already
<soulc> what is DSS
<soulc> er
<soulc> DCC
<thefish> dcc yep
<thefish> :)
<thefish> distributed checksum clearinghouse
<thefish> similar concept to razor
<soulc> yeah it was just bam here is all this spam again
<thefish> heh
<thefish> i need to leave, good luck :)
<soulc> thanks
<habriel_> but i won't have any problem with the client xp
<ScottK> soulc: Is spamassassin still enabled?
<habriel_> for example if i use openvpn
<soulc> yeah
<soulc> still enabled
<soulc> if you look at both pastes you'll see that the number of messages is pretty much the same just now it is all good instead of the mostly crap that is really is
 * ScottK will be back later.
<edmoore> so, anyone around able to help me out with the installation of software raid1 and lvm?
<edmoore> I'm sitting here ready with the screen on [!!] Partition disks
<lukehasnoname> I think Ubuntu should have a voip server
<lukehasnoname> like, a mumble server hosted by Ubuntu.com or similar
<lukehasnoname> that would require a fat amount of bandwidth
<lukehasnoname> anyway, edmoore, is raid already configured?
<edmoore> no
<edmoore> doing that now
<edmoore> so, as i can always go back, I guess, shall i partition each disc into raid 1 with 200mb and 'the rest' and then try and see if I can do lvm afterwards on 'the rest'?
<lukehasnoname> hm I really don't know the order of events when configuring RAID, that's why I asked if it was out of the way :/ you'll have to wait for someone else to ask
<soulc> yeah so the damn spamassassin local.cf file had been overwirtten
<edmoore> soren, are you about?
<edmoore> lukehasnoname: I think you can go into lvm having set up partitions on raid1
<lukehasnoname> Hold on I'm working on... my work, bbiab
<edmoore> ok
<edmoore> does anyone here know why, when trying to change the partition settings for a partition, I don't seem to be able to change any of them? It just displays a list - eg: 'Use as: Ext3 journalling file system' which I want to change as use as physical volume for Raid. but how do you change these settings?
<uvirtbot`> New bug: #255776 in freeradius (universe) "freeradius lacks eap-tls eap-ttls eap-peap on hardy" [Undecided,New] https://launchpad.net/bugs/255776
<edmoore> how do I make ubuntu server autoload from a reboot, i.e. not need me to login?
<edmoore> i only want to have to login to do admin, if it reboots it should just load up and carry on webserving
<bogey-> iptables-1.4.0-40.1
<bogey-> I am having a senior moment. I do not have the firewall installed, I do not have anything setup for hosts.allow and hosts.deny. Yet my box is refusing all connections except from the local subnet. What should I check to see if it is blocking other subnets?
<dthacker> bogey-: can you ping the other subnets?
<bogey-> dthacker: i iz dumb, lulz
<bogey-> dthacker: the GATEWAY device is not the same as the others. I need to setup a RIP broadcast for our legacy servers
<bogey-> soz m8
<soren> edmoore: I am now.
<edmoore> soren: too late, she cried
<edmoore> am all installed
<edmoore> adding repos now, infact
<emgent> \sh:  hey! :)
<habriel> hi
<habriel> hello all what's better for a network where the client will be win xp , vpn, openvpn, i only whant to have the next services ftp,mail, vnc
<edmoore> help - have just rebooted my server (for the first time since automatic reboot after installation) and it is hanging on (initramfs)
<m11> hello
<m11> i am haveing same problem as this post: http://ubuntuforums.org/showthread.php?t=679877
<m11> using proftpd and joomla
<m11> joomla 1.5 wont work if i dont enable ftp layer and it dont want accept correct user/pass and path that i set in gproftpd. anyone got clue how to fix that ?
#ubuntu-server 2008-08-08
<edmoore> hi - every time I restart, (hardy) and then ssh in, it seems to go back top the default ubuntu ssh motd, rather than my own custom one. any idea why?
<owh> Salutations. How can I test that my locally running NTP server is in fact working - that is, serving time? (Without access to another machine :(
<Deeps> ntpdate -v localhost ?
<Deeps> hmm, no, that wont work
<owh> Nope, socket in use :)
<Deeps> socket in use error go!
<Deeps> heh yep
<owh> Hmm, which port does NTP use?
<Deeps> netstat -anp|grep ntp
<owh> I could make an ssh tunnel and do it from a machine outside the network.
<Deeps> i dont think it's tcp
<owh> No, UDP port 123
<owh> I really don't want to point my CISCO router at this NTP server until I know that it's working :(
<owh> Hmm, UDP over SSH means UDP -> TCP -> SSH -> TCP -> UDP, not something you setup for fun :(
<Deeps> indeed
<Deeps> easier would be just to allow external access from your specific ip and then try
<owh> Unfortunately that's behind several firewalls, not really a possibility.
<Deeps> oh, i misunderstood what you meant to do with your router
<owh> The router is currently using an external NTP server and is experiencing severe jitter. It's causing grief with VoIP accounting, the recommendation was to use an internal NTP server, and I happened to have one - but I'd like to test it before we do any changes.
<Deeps> yeah i just understood
<Deeps> if you've got multiple interfaces (or make a second virtula interface or add an extra ip to one of your interfaces
<Deeps> e.g. ip addr add 127.0.0.2/32 dev lo
<Deeps> and get ntpd to bind to one ip and use ntpdate bound to another
<owh> ooh, that's *evil*, I like that :)
<Deeps> i need to pee, gl
<owh> Dunno if it will work and I'm going to have to think about it before breaking my network, but thanks.
<owh> I think I can bind ntpd to an interface, but I don't see how I can do that with ntpdate.
<Deeps> get ntpd to bind to a non-default source ip
<Deeps> eg, to avoid network breakage
<Deeps> ip addr add 127.0.0.2/32 dev lo
<Deeps> and get ntpd to bind to 127.0.0.2
<owh> Hmm.
 * owh tests this locally first :)
<owh> If I come off the 'net, it broke :)
<Deeps> likewise
<Deeps> # ip addr show lo
<Deeps> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 127.0.0.2/32 scope host lo
<Deeps> looks ok here
 * owh is rtfm-ing on how to change the source ip for ntpd.
<Deeps> hmm
<Deeps> doesn't appear possible
<Deeps> bug reported in 2004
<Deeps> 2005*
<Deeps> still doesn't appear to be resolved
<owh> Yeah, that makes two of us.
<owh> You'd think for such an important protocol there'd be some testing methods :)
<owh> Deeps: The only thing I can see is ntpq
<Deeps> duhof course
<owh> Well AFAICS, it shows what the daemon thinks it's doing, but it doesn't tell the story from the client side.
<Deeps> it queries the daemon to find that information out though
<Deeps> same as what the remote client would do
<owh> Hmm, learnt something new :)
<owh> Note to self: Debugging ntpd server, use ntpq -p
<owh> Tah Deeps
<Deeps> anyway :)
<Deeps> anytime even
<owh> :)
<uvirtbot`> New bug: #253436 in samba (main) "Windows Network not recognized" [Undecided,New] https://launchpad.net/bugs/253436
<chemokid> anyone here running a database and web server using kvm on 8.04.1?
<To1> ï»¿ Hello - I have an issue with root emails from cronjobs, I added a root: my@email.com in /etc/aliases then did newaliases and according to logs it still tries to send the email to root@domain.com
<To1> no-one is awake here ? :p
<ScottK> To1: Did you reload postfix afterward?
<To1> yep
<To1> it's trying to send the email with a relay but I took out the relay from main.cf then reloaded pf...
<To1> must be the local bind MX
<To1> how can I force root to send out emails  locally ?
<uvirtbot`> New bug: #255895 in php5 (main) "found bug on PHP5" [Undecided,New] https://launchpad.net/bugs/255895
<Saladin> Can anyone help me install the GUI on Ubuntu server 6.06?
<hads> Saladin: There's no GUI on a server traditionally. If you want to install the desktop then you can `apt-get install ubuntu-desktop` - from then on out you'll probably want #ubuntu support.
<Saladin> Ah, okay, hads.
<Saladin> The problem I'm having is that I tried that, but I get returned with errors about broken packages
<hads> Make sure you `apt-get upgrade` first, there shouldn't be broken packages usually.
<Saladin> Upgrade rather than update?
<Saladin> Alright, I'll give that a try
<Saladin> I'd been told to do 'apt-get update'
<uvirtbot`> New bug: #256014 in php5 (main) "escapeshellcmd() security fix generates problems with mediawiki and other web-apps" [Undecided,New] https://launchpad.net/bugs/256014
<Saladin> hads, I still get the same error message after that: "The following packages have unmet dependancies. ubuntu-desktop: Depends: x-window-system-core but it is not going to be installed. E: Broken packages"
<_ruben> sudo apt-get install -f *might* fix that
<Saladin> hads, _ruben, thank you.
<Saladin> I am currently installing the Ubuntu desktop
<Saladin> Now, just one more question... How do I add a user to sudoers from the command line?
<Saladin> ((At the moment I have only the root user))
<_ruben> only root? how did some custom installation or smth?
<_ruben> and you just need to add any user to the admin group, which will grant that user sudo right
<_ruben> s
<Saladin> It is a hosted dedicated server.
<Saladin> They did the install.
<Saladin> ((How do I add users from terminal?))
<_ruben> two tools .. adduser and useradd
<_ruben> both work, just slightly different syntac
<_ruben> x
<Saladin> Ah, okay.
<Saladin> What's the syntax?
<Deeps> man adduser, man useradd
<Saladin> Thanks
<Saladin> Alright, I just installed the ubuntu-desktop, and added a user to root, do I need to now restart my server for it to take effect? It should load the GUI automatically, right?
<_ruben> Saladin: what kind of access do you have to this server?
<Saladin> I have access through something called an eRic card - which simulates being sat at the actual machine - so I can access BIOS etc
<_ruben> ah ok
<_ruben> 'sudo invoke-rc.d xdm start' should do the trick i guess
<Saladin> Ah, without rebooting?
<_ruben> yeah ... and thats pretty much where ubuntu-server support ends
<Saladin> Ah, okay.
<Saladin> Though, that came up with an error: "unknown init script"
<Saladin> Rebooting should do it though, right?
<_ruben> hmm .. i'd think xdm would be part of ubuntu-desktop .. then again, i dont use ubuntu-desktop
<Saladin> Ah, I see.
<Saladin> I'll try rebooting to see what happens.
<_ruben> or just do a clean install of ubuntu (desktop) instead
<Saladin> I can't. No access ACTUAL physical access to the server.
<Saladin> Is there a command to reboot from terminal?
<Saladin> ((This is why I'm installing the GUI... I'm not good enough yet to use the command line only.))
<_ruben> sudo reboot
<Saladin> Thank you
<lukehasnoname> http://et.redhat.com/~rjones/virt-p2v/
<lukehasnoname> pretty cool tool for migrating physical machines to virtual.
<lukehasnoname> thus the "p2v". You see, the "p" stands for "physical", and the "v" stands for "virtual", thus symbolizing the transition the machine goes through when having this program applied to it. Physical to Virtual.
<sommer> kirkland: there's a new RAID section in the serverguide covering software raid and friends... I would greatly appreciate any feedback when you have time
<sommer> kirkland: also the bootdegradedraid testing procedure you wrote up was a great help in writing the docs :)
<uvirtbot`> New bug: #240984 in samba (main) "Copying dirs from samba shares fails" [Undecided,New] https://launchpad.net/bugs/240984
<pschulz01> Kamping_Kaiser: ping
<pschulz01> Anyone here using the 'backuppc' package?
<pschulz01> (Or are we all busy watching the Olympic opening ceremony?)
<_ruben> that's a double "no" for me ;)
<pschulz01> _ruben: Ta :-)
<Deeps> no and yes
<Shane-S> I am using the regular 7.04  but I have LAMP installed, I need help determining while no one outside can see my server since enabling Samba. Stopping Samba does not help
<pschulz01> Shane-S: apache?
<Shane-S> it seems to drop connectivity randomly as well. Like 10 minutes ago I could get ot the internet, now I can't
<Shane-S> Apache2 yes
<pschulz01> How are you connected to the internet?
<Shane-S> but it seems to be something on the systems, apache is listening and stuff, seems more hardware to me, or would it be apache itself
<Shane-S> It is plugged into a DMZ port on a Business Class Cable Modem/Router
<Shane-S> it has a static IP assigned
<Shane-S> but it is not specified. It worked until Samba was setup
<pschulz01> Check: ipaddress/interfaces; routes (default route); Are services listening correctly (netstat -lt)
<Shane-S> did that and I have 0's for the Rec/Sent but *:www  *:* on foreign State is Listen
<Shane-S> I checked iptyables _L there are no entries
<Shane-S> im lost at this point as to what is causing it, anything else I can check?
<jmedina> Shane-S: what is the problem?
<kirkland> sommer: excellent, thanks.  i'll definitely review the server guide raid stuff
<Shane-S> my webserver loads locally, but I can not access it from anywhere in the network or the web
<Shane-S> it only happened after Samba was started, but I also gain and lose internet randomly, so it seems like a network issue
<Shane-S> unsure what to do, as netstat shows apache listening, I can load it locally,but I can't load it via IP form and systems
<Shane-S> I can ping it and it can ping other systems
<sommer> kirkland: cool, it looks like doc.u.c isn't updated yet, but you can check out the xml using bzr branch lp:ubuntu-docs
<sommer> kirkland: should be updated this evening though :)
<kirkland> sommer: thanks, i'll probably wait for d.u.c ;-)  I've got a few other things to do today
<zul> oh dear apparently snoop dogg does bollywood now
<Deeps> zul: link plz
<sommer> snoop snoopaloop, yaaa :)
<zul> Deeps: bbc website
<lukehasnoname> what about it? Russia is at war with Georgia?
<lukehasnoname> ****ing BBC blocking US people from viewing video
<ScottK> lukehasnoname: You haven't paid your license fee.
<lukehasnoname> hmph.
<thefish> lukehasnoname: BBC is blocking *non-uk* ip addresses
<uvirtbot`> New bug: #256112 in samba (main) "Samba should be version 3" [Undecided,New] https://launchpad.net/bugs/256112
<lukehasnoname> thefish: I figured. In any case, I still don't know what zul was pointing at with deeps, unless it was an inside thing.
<Deeps> 1558.38 < zul> oh dear apparently snoop dogg does bollywood now
<Deeps> 1601.21 < Deeps> zul: link plz
<Deeps> 1636.07 < zul> Deeps: bbc website
<thefish> heh
<kirkland> jdstrand: ping, regarding ecryptfs-utils and auth-client-config
<jdstrand> kirkland: I thought that got uploaded?
<kirkland> jdstrand: oh yeah, it did
<kirkland> jdstrand: i wanted to circle back on whether or not it would be possible to automatically run that auth-client-config command on ecryptfs-utils install/uninstall?
<kirkland> jdstrand: i've gotten a fair amount of feedback from people complaining about running that command
<kirkland> jdstrand: why can't they just install the package, and the like
<jdstrand> kirkland: it is possible, but a policy needs to be developed to safely do it. I believe all the necessary functionality is there to do it
<kirkland> jdstrand: i need to hash this out with slangasek, then?
<jdstrand> kirkland: pitti had a similar idea, but slangasek says his stuff will be ready. as such, developing a policy ofr auth-client-config is likely wasted effort
<jdstrand> kirkland: pitti went a different route until slangasek is done
<jdstrand> (pitti's situation was slightly different than yours, btw)
<jdstrand> kirkland: so basically, yes-- talk to slangasek. it is unlikely he would approve a policy using a-c-c right now anyway
<kirkland> jdstrand: okay, sounds good, he's on schedule to talk to me about that tomorrow
<kirkland> sorry, today
<jdstrand> kirkland: it might be worth noting that if he isn't able to do it in time, we can work to use a-c-c as a packaging stop-gap so you aren't blocked
<jdstrand> kirkland: but we should wait to see what he says
<kirkland> jdstrand: right...  so my main concern is this....
<kirkland> jdstrand: for the first few weeks of testing, I had people using: sudo auth-client-config -p ecryptfs_standard -t pam-auth,pam-session
<kirkland> jdstrand: which was missing pam-password
<kirkland> jdstrand: i needed to get the password change hooks working right and tested
<kirkland> jdstrand: now it's there
<kirkland> jdstrand: i've gotten a few people opening duplicate bugs about them changing their password and the wrapped passphrase not getting updated
<jdstrand> kirkland: just need to add ',pam-password' to that command
<kirkland> jdstrand: it's "fixed", but those individuals have to manually run sudo auth-client-config -p ecryptfs_standard -t pam-auth,pam-session,pam-password
<jdstrand> kirkland: but yeah, I see what you're saying
<kirkland> jdstrand: yeah, it's done on my wiki page
<kirkland> jdstrand: it's just i'd like to "fix" that for people with a version bump, tell them to apt-get upgrade, you know.....
<jdstrand> kirkland: well, it is a development release, and we can't do this automatically yet
<kirkland> jdstrand: yeah
<kirkland> jdstrand: okay, thanks for listening
<kirkland> jdstrand: i'll catch up with slangasek later today
<jdstrand> kirkland: however, we will fix it one way or another. if slangasek finishes, great, if not, we can figure out an alternative with a-c-c.
<kirkland> jdstrand: ogey doke
<jdstrand> kirkland: unfortunately, neither will be *right now* ;)
<kirkland> jdstrand: okay.  i was hoping to get something into one of the alphas
<jdstrand> kirkland: I'm offline in 45 minutes for 9 days, so I won't be much good there. :( if you are really keen on it, you can play with a-c-c-- there are ideas in /usr/share/doc/auth-client-config/README about its use in maintainer scripts
<kirkland> jdstrand: okay, you're on vacation too!  :-)
<jdstrand> kirkland: if you decide to develop the a-c-c maintainer scripts usage policy, then I would definitely try to get others involved-- soren is likely an excellent choice
<jdstrand> I bounce stuff off him all the time. mathiaz is very thoughtful too
<jdstrand> (not that others aren't-- just trying to think who will be in town :)
<dw_> hi room
<dew2> im lookin for help
<jpds> !ask | dew2
<ubottu> dew2: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<dew2> :D.. ok.. im wanting to know what to set my hostname to to make a server work
<dew2> its an online game called tremulous which the master server cant connect to me
<dew2> I suppose i basically need to know the steps from setting my hostname in host file, interfaces, how to set up an ip for a server on this computer which isnt the eth0 adapter address
<sommer> is the default ubuntu encoding uft-8?
<sommer> as in iconv character encoding
<Jeremy__> hey im looking for an SMB/LDAP expert to help me out
<Jeremy__> erreur LDAP: Can't contact master ldap server (IO::Socket::INET: connect: Connection refused) at /usr/share/perl5/smbldap_tools.pm line 282.
<Jeremy__> Populating LDAP directory for domain WGSORG (S-1-5-21-1990269258-2767708890-2597390790)
<Jeremy__> (using builtin directory structure)
<Jeremy__> Can anyone lend a hand?
<Jeremy__> please?
<sommer> waiiiitttt... doh
<r00tintheb0x> Hi, im trying to use the find command to find specific files by date then copy them to a specific directory.
<r00tintheb0x> find /opt/zimbra/ -mtime -3 -name "*.msg"  -exec cp -arfvp * /var/tmp/ariba/ {} \;
<r00tintheb0x> Can someone help me modify that to work?
<Jeremy__> hello
<Jeremy__> looking for someone who knows a little about SMB/LDAP
<Jeremy__> anyone?
<kirkland> zul: ping
<kirkland> zul: could I please get you to take a look at https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/256154 and sponsor my fix?
<uvirtbot`> Launchpad bug 256154 in ecryptfs-utils "pam_ecryptfs should respect ~/.ecryptfs/auto-[u]mount files" [Low,In progress]
<kirkland> zul: I have tested it thoroughly, and I'm pushing it upstream too
<zul> kirkland: sure gimme a sec
<zul> kirkland: done
<kirkland> zul: rock!
<r00tintheb0x> nevermind, i figured it out
<r00tintheb0x> thanks for all the help #ubuntu-server !
<dldc> hello, some virtual machine specialist here?
<dldc> i need an important suggest.
<dldc> soren kirkland ?
<dldc> i dont saw vmware in ubuntu intrepid and hardy..
<dldc> please suggest me a good software for run virtual machines
<dldc> ScottK siretart zul ?
<dldc> what is the best software packaged in ubuntu for virtualization ?
<dldc> :-|
<dldc> uvirtbot` do you know? :)
<uvirtbot`> dldc: Error: "do" is not a valid command.
<dldc> !vistualization
<ubottu> Sorry, I don't know anything about vistualization
<dldc> :-[
<Deeps> !virtualisation | dldc
<ubottu> dldc: There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications
<dldc> Deeps what is the best sotfware?
<dldc> VirtualBox ?
<Deeps> what OS's do you want to virtualise?
<dldc> linux
<Deeps> linux? windows? bsd?
<Deeps> only linux?
<zul> kvm
<dldc> i'm in ubuntu but i should virtualize another system for some test
<dldc> zul kvm ?
<dldc> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<Deeps> if you have a newish CPU on the system which has the vt extentions (cat /proc/cpuinfo) then yes, KVM for sure
<lukehasnoname> !vmware
<ubottu> VMWare Player is in Ubuntu's !Multiverse repository (package "vmware-player", only for Feisty and Edgy), and http://www.easyvmx.com/easyvmx.shtml can create VMs for it. Instructions can be found at https://help.ubuntu.com/community/VMware - See also !virtualizers
<dldc> vmware sucks.
<Deeps> otherwise, i'd recommend xen
<dldc> i need a fast tool
<Deeps> as a failsafe, vmware's always a good bet, performance is pretty good too
<dldc> uhm..
<dldc> xen and kvm have a gui ?
<Deeps> not that i know of, read their relevant pages for more info though
<Deeps> see above for the kvm page
<Deeps> !xen | dldc
<ubottu> dldc: XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<thefish> virt-manager is a gui for both dldc
<Deeps> there you go
<thefish> but its still not reached 1.0
<thefish> afaik
<dldc> thefish virt-manager can manage kvm too ?
<thefish> dldc: yes
<dldc> nice!
<thefish> if you are not comfortable with a bit of console work, vmware is the way to go though
<dldc> it`s a very great info
<thefish> dldc: last time i used it, it was not perfect
<dldc> nah i like console but i`d like too little clean gui for manage it
<thefish> and you will have to set up networking manually iirc
<dldc> no prolem
<dldc> sounds good, i will write a script for it
<dldc> i go to try kvm+virt-manager
<thefish> :)
<dldc> i need only gentoo with commandline
<dldc> not desktop manager
<dldc> it`s only for test :)
<dldc> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<lukehasnoname> thefish: virt-manager, like from redhat, can manage xen?
<thefish> lukehasnoname: yes
<thefish> i think that was its original purpose, kvm was added later
<lukehasnoname> freakin' sweet! I'm going to be messing with FreeBSD and Solaris as well as Debian, Ubuntu and CentOS when I get back up to Tech, and obviously I can't use KVM for all those hosts.
<thefish> why not?
 * _ruben just installed VMware ESXi .. kinda sweet
<thefish> lukehasnoname: bsd and solaris will run in kvm guest
<lukehasnoname> for all those HOSTS. If I'm testing out running Unix as the host, I need xen or vmware
<lukehasnoname> btw _ruben I just found out today that vmware ESXi is free, and has graphical tools with it. Might be worth a look... though I am trying to stick open-srouce
<thefish> ah gotcha ;)
<_ruben> lukehasnoname: esxi is kinda picky wrt its hardware tho
<dldc> !VmWare
<ubottu> VMWare Player is in Ubuntu's !Multiverse repository (package "vmware-player", only for Feisty and Edgy), and http://www.easyvmx.com/easyvmx.shtml can create VMs for it. Instructions can be found at https://help.ubuntu.com/community/VMware - See also !virtualizers
<lukehasnoname> Later gentlemen
<dldc> thefish one question
<dldc> my virtual machine is in 10.0.2.15 (ip)
<dldc> my real pc have 1.0.0.109 (ip)
<dldc> i opened ssh server in virtual machine
<dldc> how i can join in it ?
<dldc> if i try in my real pc ssh root@10.0.2.15 i cant connect to virtual
<dldc> but virtual surf fine internet
<dldc> some suggest ?
<thefish> dldc: how did you set up the networking
<dldc> networking work fine in virtual machine
<dldc> but i cant join in it if i use real machine
<dldc> how can i fix it ?
<thefish> what are you using? vmware? kvm?
<dldc> quemu
<dldc> qemu
<thefish> ok
<thefish> in the guest, "route -n"
<thefish> i guess you are using nat
<dldc> route -n in my real pc
<thefish> in the guest
<thefish> check the line with UG
<thefish> also, what netmask is the guest using?
<dldc> gatway is 10.0.2.2
<dldc> gateway
<dldc> uhm..
<thefish> ok if you are using /24 then you should be able in the guest to ssh 10.0.2.2
<dldc> ssh root@10.0.2.2 ?
<dldc> i was try nmap -sP 10.0.2.1/24 and not host up
<dldc> :(
<thefish> if the host is ubuntu, then that wont work unless you have enable the root account
<thefish> ssh 10.0.2.2
<dldc> dont understand
<dldc> ssh: connect to host 10.0.2.2 port 22: Network is unreachable
<dldc> and in virtual machine ssh is started
<thefish> can you pastebin "ifconfig" on the host?
<dldc> eth0 on ip 10.0.2.15
<dldc> netmask is 255.255.255.0
<thefish> k
<dldc> this in virtual box.
<thefish> i thought you said qemu
<dldc> ?
<thefish> this is in the guest you mean?
 * dldc virtualisation newbie
<dldc> yes guest virtual box
<thefish> dldc: you are using virtualbox to run the vm?
<dldc> not
<dldc> quemulator
<thefish> ok
<thefish> on the host
<thefish> the "real" pc
<dldc> qemu called with command: qemu -M pc -hda /home/dldc/gentoobox -smp 2 -m 600 -cdrom /home/emgent/install-x86-minimal-2008.0.iso -net nic,vlan=0 -net user,vlan=0,hostname=emu  -monitor pty -boot d
<dldc> this is the flag on qterminal
<dldc> in the real pc i have wlan0 on ip 1.0.0.109 netmask 255.255.255.0
<dldc> real gateway is 1.0.0.1
<dldc> s/qterminal/quemulator/
<dldc> thefish some idea to fix it ?
<dldc> oh fixed.
<dldc> nice
<thefish> well there we go
<emgent> dlc dont use my server for this test please.
<eruisto> Hey guys... Does anyone have any experience with ircd-hybrid? I'm having trouble getting it configured properly...
<eruisto> Hey guys... Does anyone have any experience with ircd-hybrid? I'm having trouble getting it configured properly...
<eruisto> No one?
<eruisto> =[
<hads> IRC is not an instant fix, you'll often need to wait hours for an answer.
 * eruisto sighs
#ubuntu-server 2008-08-09
<uvirtbot`> New bug: #228656 in openssh (main) "ssh public key auth fails after hibernate" [Undecided,New] https://launchpad.net/bugs/228656
<juannicolas> hi, can someone help me please. Im trying to install postgres and getting this errors: http://pastebin.com/mf059b70
<ScottK> juannicolas: What release are you using?
<juannicolas> ubuntu 8.04
<ScottK> OK.
<ScottK> juannicolas: What are the 4 packages that are not upgraded?
<juannicolas> how can I know that?
<ScottK> By doing apt-get upgrade and seeing what package it wants to upgrade.
<juannicolas> ok
<ScottK> juannicolas: You are not using official Ubuntu pacakges.  You should get help from whoever is supplying you the packages.
<ScottK> juannicolas: Your package version, 8.3.3-0ubuntu0.8.04, is not an official Ubuntu package.
<juannicolas> hum
<ScottK> Wait
<ScottK> I may be wrong about that.
<juannicolas> well, apt-get shows me that
<juannicolas> The following NEW packages will be installed:
<juannicolas>   postgresql-common
<juannicolas> The following packages have been kept back:
<juannicolas>   bind9-host dnsutils libbind9-30 libisccfg30
<juannicolas> oops
<ScottK> juannicolas: My mistake.  I wasn't looking in hardy-updates.
<juannicolas> how can i remove all files of postgresql I know there is a way to purge the files and then install the common files of the pakg
<ScottK> juannicolas: Sorry about that.
<juannicolas> ok
<juannicolas> no worries
<ScottK> juannicolas: Don't do that.
<juannicolas> well then?
<ScottK> juannicolas: Do apt-get install postgresql-common
<juannicolas> ScottK
<juannicolas> http://pastebin.com/dfdca13
<ScottK> Odd.
<ScottK> This probably won't help, but what happens if you do apt-get dist-upgrade?
<ScottK> leonel: I don't remember, do you use postgresql?
<juannicolas> same errors
<leonel> ScottK: I do  ..
<ScottK> leonel: Do you think you could help juannicolas out?  See his pastebin ^^^
<juannicolas> please
<leonel> checking ..
<leonel> juannicolas: installed  postgresql-common and no problems here
<leonel> juannicolas: do you have another  postgresql packages installed ??
<juannicolas> no
<juannicolas> root@weomsweb2:/var/lib/postgresql# ls
<juannicolas> root@weomsweb2:/var/lib/postgresql#
<leonel> dpkg -l |grep postgres
<leonel> juannicolas: please
<juannicolas> uff
<juannicolas> few
<leonel> versions ??
<juannicolas> http://pastebin.com/d25da15ff
<leonel> iF  postgresql-8.3                        8.3.3-0ubuntu0.8.04
<Fishscene> How would I connect to a remote samba share using terminal?
<dusty_> Hey guys, I have two nameservers which I am trying to protect using iptables.  The problem is when I bring up iptables, I cannot resolve dns queries.  I can't even telnet to port 53 on the server, I don't understand as I thought i've unblocked 53 and the others... http://rafb.net/p/H4VgPD22.html is my script can anyone see what i'm doing wrong ?
<leonel> juannicolas:  can you  reinstall postgresql-8.3  ..
<juannicolas> no
<juannicolas> dont let me
<juannicolas> give me the same error
<juannicolas> http://pastebin.com/dfdca13
<leonel> juannicolas: do you have info already on postgresql ??
<Fishscene> How do I get out of  the manual?
<juannicolas> leonel  i need to restore all files using dpkg in order to restore all the common files so it will let me uninstall it
<juannicolas> no
<Fishscene> I typed in "man ftp" and it displayed the manual. I'm trying to get out of the manual though.
<juannicolas> under the /var/lib/postgresql/ dont have anything
<juannicolas> i isued to have a 8.3 folder there but some one delete it
<ScottK> Fishscene: Type q
<Fishscene> Thanks
<Fishscene> would anyone know how to connect to a remote samba share?
<juannicolas> the problem is the dpkg manager
<leonel> then  please  remove those postgresql packages  and purge them then  reinstall
<ScottK> Fishscene: That one stuck me for a long time too when I first started on Linux.  I remember.
<Fishscene> lol :P
<Deeps> dusty_: you're missing input rules that allow access to port 53 on the server. http://rafb.net/p/NlQzZ430.html
<dusty_> Deeps, Deeps line 48, 49 of that paste.
<ScottK> leonel and juannicolas: The thing to do is add exit 0 as the 2nd line of the pg init file in /etc/init.d, then upgrade and the configure will finish.  Then you can purge it and try again.
<leonel> ScottK: someone  deleted  the  /var/lib/postgresql ..
<Deeps> dusty_: allows input from source port 53, and output to destination port 53
<Deeps> dusty_: doesn't allow input to destination port 53, ie, input to the server to port 53
<Deeps> dusty_: if you're confused, look at the lines below for ssh
<dusty_> ahh thankyou very very much
<Deeps> dusty_: you're allowing input to dport 22
<ScottK> leonel: Right.  dpkg has to finish configure before he can purge it.
<dusty_> yeah
<dusty_> sorry
<dusty_> thanks for that! :)
<Deeps> np
<leonel> ScottK: right
<ScottK> leonel: Editing the init allows you to fake out the postinst into thinking it's started and configure is done.
<ScottK> Then he can purge.
<Fishscene> How in the world do I copy a samba remote directory to my local samba directory? It keeps saying it's a directory and won't copy it
<emgent> nxvl o/
<nxvl> emgent: hi!
<nxvl> emgent: thanks for your support!
<ScottK> nxvl: You get courier sorted yet?
<nxvl> ScottK: working on it
<ScottK> Great.
<nxvl> ScottK: the only issue was the standards thing, isn't it?
<ScottK> nxvl: Yes.
<emgent> nxvl: if you know little bit italian lang please see http://it.youtube.com/watch?v=TPPMGJPxbzM
<emgent> hahaha
<emgent> hi ScottK :)
<nxvl> emgent: is not that different from spanish
<ScottK> Hi emgent
<emgent> ok people, i go to sleep
<emgent> here 05:55 am
<emgent> night
<lukehasnoname> you guys have an odd sleep schedule
<nxvl> lukehasnoname: no, we have different timezones :S
<lukehasnoname> well ScottK is up at 4am his time, emgent is up at 6 his time
<ScottK> lukehasnoname: Sleep is for the weak.
<nxvl> ScottK: the only problem with 3.8.0 was the homepage field, just checked the checklist
<nxvl> :D
<nxvl> preparing debdiff
<ScottK> Great.
<lukehasnoname> Summary of my day: I'm kind of interested in Solaris. I've been reading some propaganda, and it sounds pretty interesting. Most of the benefits of FreeBSD + strong integration with ZFS, java, and zones (jails), as well as multi-core scaling. 2) I I've also been looking into OpenNMS (I'm really skeptical about Nagios, I've heard too many complaints about its poor scaling and complex configuration). I just need to do more res
<nxvl> ScottK: uploaded
<ScottK> nxvl: Got it.  Do you feel any different about it if I tell you I'm going to upload it without looking at it?
<nxvl> not at all, checked and rechecked
<ScottK> OK.  Here goes then.
<ScottK> nxvl: I wasn't going to look, but lintian isn't happy.
<RoAkSoAx> lol
<RoAkSoAx> nxvl, what time does the bug jam starts?
 * RoAkSoAx greetings all
<ScottK> I get two E's and two W's, so please have a look with the current lintian.
<nxvl> RoAkSoAx: 11:30
<nxvl> and why i didn't get them?
<nxvl> :S
<nxvl> odd
<ScottK> nxvl: What version of Lintian do you have?
<nxvl> ScottK: i'm getting them now, but debuild for some reason doesn't promt them
<nxvl> ScottK: just random bug i think
<ScottK> nxvl: Odd as I got them from debuilding the source package.
<ScottK> nxvl: While you're looking, did you run lintian on the .deb?
<ScottK> nxvl: Debian just released a new lintian.
<nxvl> ScottK: not the one just synced into ubuntu
<nxvl> (yes i runed lintian the first time)
<ScottK> nxvl: No, another one.  It's still sitting in incoming.debian.org
<nxvl> ScottK: in what part of USA did you live? NY?
<ScottK> Near Baltimore, MD.
<ScottK> 30 minutes from there or 1.5 hours from Washington, DC.
<lukehasnoname> anyone have experience with trash-cli?
<lukehasnoname> ScottK: You're US?
<ScottK> Yeah.
<lukehasnoname> holy hell, I thought you were UK. I'm in Texas.
<nxvl> ScottK: :D
<ScottK> Well that's like a whole 'nother place anyway.
<lukehasnoname> true. If I can travel 10 hours straight away from one point and still be in the same state, it's a big place.
<nxvl> i'm starting to hate build-depends
<ScottK> nxvl: You'll be glad to know the new lintian doesn't have any new issues with your .dsc.
<nxvl> for some reason courier doesn't build anymore
<nxvl> :D
<ScottK> lukehasnoname: Take it easy or we'll cut Alaska in half and Texas will be the third biggest state.
<ScottK> ;-)
<ScottK> lukehasnoname: I grew up in Kansas, so even closer than now.
 * nxvl updates chroot, just in case
<nxvl> lukehasnoname: kirkland lives in austin
<lukehasnoname> ScottK: I figured out that from Key Largo to Fairbanks, AK is 4900 miles
<lukehasnoname> Road Trip. nxvl: Is he a college guy?
<lukehasnoname> kirkland, that is
<ScottK> lukehasnoname: No, he works for Canonical.
<lukehasnoname> oh, haha!
<ScottK> Also superm1 (usually on #ubuntu-motu) lives there too.
<lukehasnoname> Canonical seems to be hiring a lot
<nxvl> lukehasnoname: http://webapps.ubuntu.com/employment/
<lukehasnoname> I'm looking at Canonical's site now
<lukehasnoname> The BIS team openings have a desire for familiarity with Salesforce.com software...
<lukehasnoname> odd.
<ScottK> Well the Launchpad U/I developer job requires Flash.
<ScottK> Odder.
<nxvl> flash?
<nxvl> wtf!>
<lukehasnoname> I finally got Mumble
<lukehasnoname> it would be really cool if Ubuntu hosted a Mumble server for voice chatrooms
<dyamic> Hello
<dyamic> I Have A Computer Related Question...
<dyamic> Can Somone Help With The Question I Have If They Can I Will Tell Them Secret
<nxvl> it's official i hate autotools
<dyamic> It's Funny How In Computers They Got Wireless GPS In Them Where They Can View All Your DATA Without Connection
<dyamic> Anybody Know How To Access This?
<dyamic> What If I Told You Something Even More
<kirkland> lukehasnoname: we talked before... I gave you some crap about that tortilla-throwing college you attend
<dyamic> This Might Be Putting Led Into Your Pencils But Every Person On This Planet Is Remote, What I Mean By That Is They See Through Everyones Eyes And Hear
<kirkland> would someone with ops kick the dyn@mic bot?
<dyamic> Is That Very Nesserary
<dyamic> Those That Do Bad To Me Will Recieve Bad
<kirkland> nxvl: are you going to DebConf?
<nxvl> kirkland: no because of a stupid missunderstading :(, you?
<kirkland> nxvl: nope, though I'd like to go
<kirkland> nxvl: your hemisphere, thought you might
<nxvl> it'd to be next year
<nxvl> kirkland: my conteninent
<kirkland> nxvl: yeah, i might shoot for that too ;-)
<nxvl> kirkland: i can even go by land
<kirkland> nxvl: me to... very long trip, though :-)
<nxvl> yeah, but here is a doable trip
<kirkland> nxvl: gotta run, night
<nxvl> lot of people do it
<nxvl> night!
<nxvl> kirkland: have a beer for me!
<emgent> virtualbox-ose-modules-generic: Dipende: virtualbox-ose-modules-2.6.26-3-generic
<emgent> package broken in intrepid.
<dusty__>  Anyone know of a way to hide the ssh version when you telnet ip 22 ?
<mgdm> dusty__: Doing that would break SSH, surely?
<kaushal> hi
<mgdm> 'lo kaushal
<dusty__> why?
<kaushal> mgdm, http://rafb.net/p/TJDXxb67.html
<kaushal> I am trying to install ubuntu server 8.04.1 on amd 64 bit machine
<mgdm> dusty__: because the SSH client needs to know what version it's connecting to, in order to negotiate the connection
<mgdm> dusty__: though, I see your point about the name of the server software, now that I try it myself
<kaushal> mgdm, any clue as what is happening
<mgdm> kaushal: not at present, I'm afraid, did it manage to install everything else OK?
<kaushal> yeah
<kaushal> where can i check the md5sum of the ISO image
<mgdm> is there anything on console 4?
<kaushal> yeah
<kaushal> E: Unable to fetch some archives, may be run apt-get update or try with --fix-missing ?
<kaushal>  
<kaushal> base-installer : error : exiting on error base-installer/kernel/failed-install
<mgdm> it looks like it can't get the package across the network
<mgdm> I'm just trying to find the MD5
<mgdm> http://www.mirrorservice.org/sites/releases.ubuntu.com/8.04.1/MD5SUMS
<kaushal> mgdm, how can i check md5sum on windows
<kaushal> since I am using windows as a client
<mgdm> I haven't a clue, but a quick Google suggests http://www.md5summer.org/
<mgdm> just try "windows md5" in google, there's quite a number of them
<kaushal> mgdm, thanks
<kaushal> thats the issue
<kaushal> its not matching
<kaushal> so where can i download it
<kaushal> whats the best method to download ubuntu-8.04.1-server-amd64.iso
<mgdm> You can get it from that site I suggested, but where in the world are you? There's likely a nearer mirror
<kraut> moin
<uvirtbot`> New bug: #256387 in php5 (main) "No me muestra archivos .php" [Undecided,New] https://launchpad.net/bugs/256387
<soren> rcpt to: sh@linux2go.dk
<soren> Gah...
<nxvl> zul: ping
<emgent> hello
<emgent> soren: around ?
<soren> emgent: Yeah.
 * nxvl dances
<emgent> soren: in intrepid virtualbox-ose-modules-generic is broken.
<emgent> virtualbox-ose-modules-generic: Dipende: virtualbox-ose-modules-2.6.26-3-generic
<emgent> but virtualbox-ose-modules-2.6.26-3-generic isnt in archive
<soren> Ok.
<soren> I don't really touch virtualbox, actually. It's not that I don't want to, I just don't have the time.
<emgent> my friend dldc yesterday join in this room for some suggest to virtualization, and him notify to me this problem. i testd it and seems broken.
<soren> I suggest you report a bug about it, or even better: Fix it yourself. It's in universe, so you can do as you please :)
<XiXaQ> hmm, I just installed the Ubuntu LAMP task using synaptic. Isn't that the same as installing it using tasksel?
<XiXaQ> it may sound like a desktop question, but it isn't. I installed on a desktop now, but only in order to try it out before moving it to the server. It doesn't seem to have configured php properly with apache, for instance. If it's the same with tasksel, then I have to figure out how to do this.
<uvirtbot`> New bug: #256256 in samba (main) "Unacknowledged reboot required before folder can be shared" [Undecided,New] https://launchpad.net/bugs/256256
<timboy> I need some help setting up locale information...
<timboy> anyone in here familiar with locales?
<Mez> hmm... is PHP in hardy meant to have suhosin by default ?
<mgdm> Mine does
 * Mez has seen so many issues with that
<Mez> (suhosin)
<Mez> at least it seems to have sane values though
<mgdm> It has broken a couple of things for me in the past (though i can't remmeber offhand what)
<timboy> I need some help setting up locale information...
<timboy> anyone in here familiar with locales?
#ubuntu-server 2008-08-10
<KurtKraut> Is it possible to use Ubuntu Server in a Virtualbox virtual machine ?
<Kamping_Kaiser> dont see why not
<KurtKraut> I've just installed Ubuntu Server over a Virtualbox machine and it is unable to boot saying the installed kernel is not compatible with the CPU. But Virtualbox is emulatin an Intel Core 2 Duo CPU !
<girth82> Hello all.
<girth82> anybody here able to assist with initial install, need assistance with monitor settings.
<exot> hello, how can I add a line at the top of the file ?
<hads> exot: sed '1i\STUFF_TO_INSERT' yourfile
<larsemil> i get a postfix error that i understand nothing about...
<larsemil> <styrelsen@urix.se>: Host or domain name not found. Name service error for name=urix.se type=A: Host found but no data record of requested type
<larsemil> but when i dig that domain i do get a mx record
<uvirtbot`> New bug: #232031 in dhcp3 (main) "package gdhcpd None failed to install/upgrade: dependency problems - leaving unconfigured" [Undecided,Confirmed] https://launchpad.net/bugs/232031
<uvirtbot`> New bug: #232028 in gdhcpd (universe) "package gdhcpd None failed to install/upgrade: dependency problems - leaving unconfigured (dup-of: 232032)" [Undecided,New] https://launchpad.net/bugs/232028
<raydoo> hello
<raydoo> ->question : since i upgraded to php5 i cannot display any virtualhosts with php content onley one page on the main domain ist showing up i use apache2 on dapper, does anyone has a suggestion ?
<Weasel[DK]> i lost my  vim editor in S+ state, how can i get to it ?
<rbrunhuber> is here the right place to ask about apparmor?
<XiXaQ> I installed the lamp task and then uploaded joomla to /var/www as usual, but this time, when I try to access it, firefox asks what I'd like to do with the phtml file. This tells me apache might not be configured to handle phtml-files as php-files? If that's true, how do I configure that?
<XiXaQ> it doesn't look like php is configured when you install the lamp-task at all anymore?
<uvirtbot`> New bug: #256621 in openvpn (universe) "[CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration" [Undecided,New] https://launchpad.net/bugs/256621
<dusty_> Hey guys, I have ubuntu 8.04 install on my vps with iptables running nice, the only issue is it doesnt seem to log anywhere even though im using the log features of iptables, how do i fix this ?
<dusty_> If I Have iptables rules that have logging enabled, but messages dont appear in any file under /var/log/ what can i do ?
<metromini> hi i'm using ubuntu server, and had problem with tg3 driver for my broadcom nextreme gigaethernet nic, how can i switch back to old bcm5700 driver?
<dusty_> Guys even though I have kern.* /var/log/kern.log it doesn't get any iptables logs, why not ?
<ghaleb> hello, how can I authenticate my wireless users through their accounts in LDAP
<uvirtbot`> New bug: #256704 in bacula (universe) "bacula-director-mysql post-installation error" [Undecided,New] https://launchpad.net/bugs/256704
<ghaleb> hello, I want to create ubuntu boot server for stand alone machines uses PXE boot, but I the configurations and packages installed on the server appears on those booted from that server
<axyjo> hi all, i have a hardy server that is already installed. how do i change the installation so that it becomes the server for a top level domain? i already own the domain. I just need to map it to the box.
<axyjo> anyone?
<hotmonkeyluv> I'm trying to set up a LVM over 4 disks that are all different, is that possible, and if so, where can I put the swap, because I'm trying to do an encrypted lvm.
<axyjo> nobody?
<hotmonkeyluv> axisys, anyone what?
<axyjo> i am trying to configure a preexisting install so that it accepts requests for a domain name
<axisys> hotmonkeyluv: what?
<hotmonkeyluv> axisys, whoops
<hotmonkeyluv> sorry
<hotmonkeyluv> typed the wrong name
<axyjo> axisys: i think hotmonkeyluv means me
<axisys> hotmonkeyluv: heh
<hotmonkeyluv> axyjo, sorry, can't help ya
<axisys> axyjo: k
<axyjo> hotmonkeyluv: no problem.. i'll keep on googling
<axyjo> hi all. does anyone know how i can use dns on my ubuntu server? i've got the A record of my domain pointing to my machine
<edmoore> just a sanity check - if I install gnome desktop, and have it not start up by default (i.e. start it by 'start x' ), then when it's off it'll be completely off - not taking up cpu time or anything?
<axyjo> edmoore: yeah.. i think itll just take up disk
<edmoore> cool, that's good. I don't need it 99% of the time, still trying to persuade myself I don't need it
<edmoore> I'm struggling to share my eth0 net connection over the wifi card I've put in it, using just cli.
<edmoore> all the guides say 'there's this convenint gui tool that helps you set it up'. I'm trying to resist but I have precisely 3 days linux experience so it's not easy to know what I'm doing.
<axyjo> lol
<nxvl> kirkland: ping
<rbrunhuber> Is it normal to see a memory usage of 300+ meg with spamd and clamd. Is this normal?
<YoMero> with me clamd and spamd die after of one or two days and hug memory too
<rbrunhuber> Im on a virtual machine and get out of my guaranteed memory, so processes cant fork anymore. Meaning i could not even shutdown anymore.
<YoMero> do you are using http://volatile.debian.org/debian-volatile ?
<rbrunhuber> Yomero: your processes seem to be nice if they "hug" the mem. Here they hog it. ;-)
<YoMero> :)
<YoMero> is true
<YoMero> sorry  i miss typed
<rbrunhuber> No im using the standard hardy debs
<YoMero> i have the same problem under debian
<rbrunhuber> I think ill kill clamd out of the spam checking chain.
<YoMero> i restart the daemons 2 times per day
<rbrunhuber> Isnt that breaking all the pipes?
<YoMero> i stop first postfix, and later restart clamd and spamd, and later start again postfix
<YoMero> don't like me that but by the moment that works for me
<rbrunhuber> This is possible but not "beautyful"
<rbrunhuber> I hope clamd is getting fixed. This is not the first memory leak im sseing
<rbrunhuber> Amavisd and spamd are memory hogs too. Is this a problem with perl or with the both programs.
#ubuntu-server 2009-08-03
<jmarsden> DormantOden: The 32 bit library name for which library? :)
<DormantOden> ah, sorry, I managed to find the ia32-libs stuff =D
<jmarsden> OK.
<DormantOden> seems to work ^-^
<artillerytx> So i've been having trouble getting my everydns.net servers to point at my ip and i e-mailed the them and this is what they said - http://paste.ubuntu.com/245025/ - I am not too sure what he means
<uvirtbot`> New bug: #408155 in openldap (main) "package slapd 2.4.17-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 134" [Undecided,New] https://launchpad.net/bugs/408155
<artillerytx> how do you change a users root directory
<jmarsden> artillerytx: It means (a) If you don't understand that you should not be running your own DNS, you have more learning to do first, and (b) you are not allowing the everydns servers to grab copies of your DNS info from your own DNS server, so they can't update with that info.
<artillerytx> jmarsden: oh oka
<jmarsden> For changing a user's HOME directory (there is only one root directory!), you could edit the passwd file using sudo /usr/sbin/vipw
<artillerytx> jmarsden: i've changed the "home" directory for a user but when i try and ftp in it will not let me add or edit files
<jmarsden> artillerytx: Then you need to check the permissions on that directory, and the configuration of your FTP server.
<artillerytx> jmarsden: default permissions of a directory is 755 right
<qman__> artillerytx, a user must have write permission on his home directory, so it must either belong to him, or it must have more write permission
<jmarsden> No such thing as default perms.  0755 is Ok for a hom dir, if slightly loose.  I use 0700, but I'm somewhat paranoid from admin work on real servers with many users... :)  If you ssh in as that user can that user edit files etc in that
<jmarsden> And as qman__ says, who owns the dir is as important as the perms themselves.
<artillerytx> well i just ssh'd into the server with that user and it said restart required
<artillerytx> now its showing abunch of ys
<artillerytx> Y's
<jmarsden> I don't know what you did, but you broke that user's account.  Maybe set his home dir back to /home/username and see if you can then SSH in as him and work OK?
<artillerytx> ok
<artillerytx> k got it working and i think i figured out the dns issue
<ball> Anyone here use Ubuntu Server with LTSP?
<twb> I don't.  You can also try #ltsp if nobody responds here.
<twb> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<ball> heh.
<ball> It's going to take me a while to formulate the real question.
<chrislabeard> hey guys for some reason my server is running slow all of a sudden ...
<chrislabeard> I takes an extra second now when i log in ssh and after every command
<ball> chrislabeard: any clues in "top"?
<chrislabeard> top?
<ball> chrislabeard: it's a program that lets you list programs and processes that are running, how much RAM and cpu time they're sucking up.
<chrislabeard> oh okay
<chrislabeard> oh okay
<DiViN3> hello there
<DiViN3> i need help
<DiViN3> anybody to help me plz
 * ball waves
<DiViN3> ball:can you help me out plz
<nickrud> hoping to find someone to help DiViN3 with his dns problems
<ball> I won't know until you ask your question.
<ball> I know nothing of DNS, sorry.
<DiViN3> :(
<ball> (at least, nothing about running one)
<DiViN3> anyone can help me with dns problems
<chrislabeard> ball: i have something running called find_free.cgi and its taking up 2666192 kB
<chrislabeard> of my real memory
<nickrud> no, he's got no dns. interfaces is correct, resolvconf is correctly populated yet no resolution takes place. Flannel and I are stumped, we hope someone here can offer more insight
<ball> DiViN3: do you get your interface configuration via DHCP?
<ball> chrislabeard: That looks promising
<nickrud> ah, let me provide a little more info. It's a remote dedicated server, uses static interface with resolvconf
<chrislabeard> ball: i figured it out i ran look for free ips
<DiViN3> :)
<chrislabeard> and i guess never stopped
<nickrud> http://pastebin.ca/1516223 is his interfaces file
<ball> Is resolvconf something like resolv.conf on a BSD box?
<ball> Oh, it's a package.
<ball> No idea then, I'm in unfamiliar waters.
<nickrud> resolvconf simply reads a couple configuration lines in interfaces and populates resolv.conf . A holdover from debian when there was no unified way for the various dhcp dns or other networking packages to cooperate
<ball> nickrud: wierd.
<ball> What does his resolv.conf look like?
<nickrud> DiViN3, put a copy of your /etc/resolv.conf on a pastebin
<nickrud> I ssh'ed into his box, and verified all this stuff.
<nickrud> That's why I'm utterly stumped.
<DiViN3> http://pastebin.ca/1516288
<nickrud> now, that was not there before the reboot
 * ball grins
<nickrud> DiViN3, what is in interfaces now? put a fresh copy up
<ball> I think we have a winner.
<nickrud> ball, I swear I put opendns in resolv.conf myself :)
<nickrud> that would be a winner, for sure
<ball> I take it he's not running BIND
<nickrud> he intended to, it was uninstalled
<nickrud> installed then uninstalled
<ball> That could break things
<ball> No convenient way to roll back to how things were before BIND was installed?
<nickrud> but, since I know nothing about bind ....
<DiViN3> nickrud: wats was the command again for the interface
<DiViN3> sorry
<nickrud> its cat /etc/network/interfaces
<nickrud> that will print it for you
<DiViN3> http://pastebin.ca/1516294
<nickrud> anyway, I'm in over my head. I hope you get some good help DiViN3
<DiViN3> i hope so too
<DiViN3> i m like awake for 32 hours straight just to get this fixed
<ball> DiViN3: hopefully someone here knows more about Linux network interface configuration than I do.
<DiViN3> :)
<DiViN3> i seriuosly hope so
<ball> DiViN3: not difficult.  I'm (sort of) new to Linux.
<DiViN3> alrite
<Colypso> i have 3 nic and a different public ip address pointed to each one and now aptitude will not resolve the source list hostnames
<DiViN3> Colypso: can you try nslookup google.com
<Colypso> brb
<samd> hi, i have a old computer with ubuntu server, it is connected wirelessly to the network, but if for some reason, the router goes down, or the connection broken, ubuntu server wont autommaticly reconnect, is there any way the server will auto-reconnect in case the connection is broken?
<ball> Best not to use wireless for a server, if you can avoid it.
<samd> ball, yeah, i'm working on wiring upstairs where my server is, but i wont be able to connect it throu cable until some 2-3 weeks from now
<chrislabeard> is there a way to limit bandwidth of a virtual server
<chrislabeard> ?
<chrislabeard> any of yall know how to set up wonder shaper
<samd> exit
<att0> I installed Ubuntu server 9.04 and I went ahead and installed ubuntu-desktop so I could have a GUI. Now I want to remove ubuntu-desktop, but when I try, it says it will only free 52kb. How can I fully uninstall ubuntu-desktop and its dependencies??
<nick125> att0: I _think_ sudo apt-get remove ubuntu-desktop then sudo apt-get autoremove will do what you want.
<twb> att0: you do not want to remove ALL ubuntu-desktop's dependencies
<twb> att0: for example, it probably depends on the kernel
<att0> it responds with ""0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded."
<twb> I think you want to remove any packages that are 1) installed; 2) depended on by ubuntu-dekstop; and 3) not depended on by any other installed package.
<chrislabeard> i can't figure out why my server is running slow
<chrislabeard> i can see everything running the only thing that is running high on memory is mysql
<att0> twb: exactly, basically I just want to get back to the default server install
<twb> att0: good luck with that
<twb> You can open up aptitude and limit to installed, unmarkauto'd packages with l ~i!~M.
<twb> Then look through and manually remove things that you don't need, probably mostly from the gnome and x11 sections
<nick125> chrislabeard: lots of I/O wait? *shrugs*
<twb> nick125's solution will work well if you installed ubuntu-desktop with a markauto-capable apt wrapper, which may or may not have happened.
<chrislabeard> nick125: i just installed squid but i don't think thats it ...
<nick125> chrislabeard: what does top say?
<twb> chrislabeard: check your CPU, memory and I/O loads.
<att0> I installed it using sudo apt-get install ubuntu-desktop
<chrislabeard> twb: i just rebooted the server uno momento
<chrislabeard> okay its running alot better now
<nick125> yeah, sometimes a good kick of the reset switch is easier than finding out the actual cause.
<chrislabeard> yeah :-)
<chrislabeard> do you think squid is a good way to limit bandwidth
<nick125> chrislabeard: Squid is more for caching rather than rate-limiting.
<chrislabeard> nick125: oh okay
<chrislabeard> does apache have a limit by default or is just full open
<nick125> Are you trying to limit clients on a LAN or your httpd?
<chrislabeard> httpd
<nick125> Ah. You might want to see if Apache has a module for rate-limiting. I know lighttpd does. I used that when my server got slashdotted once.
<chrislabeard> ah okay
<chrislabeard> i really wanted to see if there was a limit already to give more bandwidth
<chrislabeard> i was kinda going to it backwards
<nick125> There shouldn't be any kind of bandwidth limiting in Apache built-in.
<nick125> If you aren't using all of the super fancy features of Apache, you might want to consider switching to lighttpd.
<chrislabeard> well im running several virtual servers
<nick125> virtual hosts?
<nick125> I like Lighttpd's mod_simple_vhost. I just create /var/www/blah.foo.com/public_html and it will serve blah.foo.com files from that directory. So simple.
<nick125> Lighttpd is much better for FastCGI-based applications (RoR, Django, etc) and static files than Apache. It does pretty well at PHP apps as well.
<chrislabeard> ahh yeah
<chrislabeard> im going to be all drupal installs
<nick125> Also, I'd suggest using a cache like xcache or APC. It'll give a nice little performance boost.
<chrislabeard> nick125: hmm
<chrislabeard> i will try that
<chrislabeard> thank you
<chrislabeard> squid has all that in it right or is it just too robust
<att0> This is insane. I'm now removing ubuntu-desktop using "sudo apt-get --purge remove liborbit2"
<nick125> chrislabeard: xcache/APC is a byte-code cache for PHP.
<nick125> In my opinion, I think Squid is a bit....bloated for a front-end reverse cache/load distributor. If that's what you really want, I'd suggest something like Varnish
<twb> att0: this is why people learn how to use aptitude instead of pissing about with apt-get.
<nick125> Then again, I haven't used Varnish with Drupal, so I'm not sure what kind of tweaks you would have to do to Drupal to have it set the proper headers and whatnot for Varnish.
<chrislabeard> k just installed it
<lukehasnoname> I was under the impression aptitude and apt-get did the same thing the same way with a different look
<nick125> chrislabeard: How much traffic are you getting?
<chrislabeard> nick125: i can't actually check that yet but its going to be medium
<chrislabeard> just hosting some small sites
<nick125> chrislabeard: 50req/s? 500req/s? 5000000000req/s?
<chrislabeard> 50
<nick125> I'd stick with a byte-code cache like xcache and forget varnish and squid.
<chrislabeard> why did someone just try and send me a file
<chrislabeard> weird
<chrislabeard> nick125: what do you think of my server response time http://longhornpcrepair.com
<nick125> chrislabeard: Seems pretty decent.
<chrislabeard> nick125: great i just hope it doesn't get bogged down
<nick125> chrislabeard: I just did 5 concurrent connections and 10 requests with ab (apachebench) and it averaged out to 80ms per request (spread out over the concurrent connections).
<chrislabeard> so thats not good
<chrislabeard> yikes
<nick125> Part of that is network latency, mind you.
<chrislabeard> yea
<nick125> I'm 60ms away from the last pingable hop.
<chrislabeard> yeah
<nick125> Run ab localhost (it's in apache2-utils)
<nick125> ab -c 5 -n 10 http://<your-site>/
<chrislabeard> im on the same network as the server
<nick125> Well, then you can discount network latency and find out how long the webserver is taking to fulfill the request
<chrislabeard> yeah i got .011
<nick125> What was the time-per-request? (across concurrent requests)
<chrislabeard> wait time per request - 5.731
<chrislabeard> sorry
<chrislabeard> 1.146 mean, across all concurrent
<nick125> That's pretty good.
<chrislabeard> so we should be able to handle at least 5 people at the same time
<nick125> haha
<nick125> you can increase the concurrent level
<nick125> ab -c 50 -n 500 http://<yourhost>/
<chrislabeard> let me try that
<chrislabeard> TPR: 26.926 //// TPR: 0.539 concurrent
<nick125> On my crappy little Celery server with 500 concurrent connections and a static page, I got TPR:3.7ms concurrent and 269req/s
<chrislabeard> thats good then
<nick125> How many req/s on yours?
<chrislabeard> per second
<chrislabeard> 1856.91req/s
<nick125> (note that on my server, my DSL line would literally catch fire before I'd get 269req/s of traffic)
<chrislabeard> yea
<chrislabeard> is that not too shabby ?
<nick125> 1856req/s is pretty good. Is that for a PHP dynamic page or static?
<chrislabeard> php dynamic page
<chrislabeard> wait
<chrislabeard> actually that was a static
<chrislabeard> for the drupal site its 1904.48req/s
<chrislabeard> and .525/ms on concurrent
<nick125> I wouldn't worry about performance on your system. If you really wanted to improve it, I would do xcache and probably begin tweaking MySQL.
<chrislabeard> k i installed xcache already actually
<nick125> But it sounds like you really don't need to worry about tweaking on your system.
<chrislabeard> okay cool thats good to hear
<nick125> I think your network connection is probably going to be the bottleneck, not your server.
<chrislabeard> yeah damn routers
<chrislabeard> the server is running on a gigabit switch but i don't think our router is a gigabit router
<nick125> Likely not. Your network drop is likely not gigabit.
<chrislabeard> yeah
<nick125> When I was in the hosting business, just to GET a gigabit drop to our rack would've costed around $300/month. Not including bandwidth.
<chrislabeard> yiiikes
<chrislabeard> were using uverse
<nick125> Needless to say, we decided that our 100mbit line sufficed quite well.
<chrislabeard> i bet it would ... is getting into hosting biz worth it ?
<nick125> Nope.
<lukehasnoname> Rackspace is doing alright
<nick125> It's such a cut-throat market, there is no way to really compete with ABC Host that offers 500GB of disk and 50TB of bandwidth for $3.95.
<chrislabeard> whaaaa
<chrislabeard> well for our clients we are offering them a solution we design their site and maintain it for a monthly fee
<nick125> I looked up a lot of different plans at different providers. For instance, at the time, Dreamhost had a plan for $7.95. If a member actually used all of the resources they provided, it would cost around ~$200.
<chrislabeard> yeah... dreamhost is sloowww unfortunately
<Colypso> anyone know how to set ubuntu to use more than 1 public ip
<nick125> Colypso: IP or interface aliases
<Colypso> ip
<Colypso> i want to use one ip for ssl
<nick125> Well, you can have multiple IPs on the same interface with an IP alias (ip addr add w.x.y.z/nm) or an interface alias (ethN, ethN:0, etc)
<nick125> chrislabeard: because they overload their servers beyond belief.
<chrislabeard> nick125: yeah
<nick125> chrislabeard: I know a friend who had an account there, and they had a 500 load average.
<Colypso> i have tried that
<chrislabeard> jeeze
<Colypso> it will accept 1 public ip but when i point the second to it it stops resolving hostnames
<nick125> Note that the load average should not exceed the number of CPUs in the system. If you have 2 CPUs, it shouldn't really exceed 2.00. If you have 4 CPUs, 4.00.
<nick125> Colypso: How are you adding the second IP to the interface?
<Colypso> nat on the gateway
<chrislabeard> nick125: yeah i only have 2 cpus
<nick125> Colypso: Do you HAVE to do NAT?
<Colypso> I cant use the public ips any other way
<nick125> Okay. Here's what you probably need to do: add a new IP alias on your Ubuntu server. Then NAT that new aliased private IP.
<Colypso> ok but shouldnt that work with 2 nics
<nick125> What do you mean?
<Colypso> i have 2 gigabit network interface cards
<nick125> You can add both IPs on the same interface without issues.
<Colypso> and 5 ip addreses
<Colypso> i will try to alias again
<nick125> How are you trying to alias on your Ubuntu box?
<Colypso> eth1, eth1:1 and so on
<nick125> Okay. If that doesn't work, try adding an IP alias
<nick125> ip addr add <IP>/<netmask> <interface>
<nick125> I believe
<nick125> ip addr add <IP>/<netmask> dev <interface>
<nick125> If that ends up working for you, then you can add it with a post-up in your /etc/network/interfaces
<Colypso> ok
<chrislabeard> nick125: do you know of any good bandwidth monitors ?
<nick125> How do you need to break the bandwidth usage down?
<chrislabeard> I have no preference
<nick125> Well, do you need it based on IP, interface, etc?
<chrislabeard> IP probly
<nick125> chrislabeard: I would look into using iptables. That's what I used.
<chrislabeard> yeah webmin has some bandwidth monitor but i can't get it to work using iptables
<nick125> http://www.linux.com/archive/articles/50649
<nick125> I've never had webmin actually work properly.
<chrislabeard> yeah no one likes it
<chrislabeard> i just like being able to edit my conf files than actually visually see it show up on webmin
<chrislabeard> cause i know webmin doesn't write the conf files correctly
<nick125> Or it does what you want in the entirely wrong way.
<chrislabeard> yeah
<Colypso> no luck
<chrislabeard> but its a pretty good user management tool
<nick125> Colypso: What happened when you added the alias?
<Colypso> nothing
<Colypso> i can ping the first public ip but the second one i pushed to the alias times out
<nick125> Colypso: and the netmask was correct?
<Colypso> same as the first was
<Colypso> interal ips all work fine
<nick125> So, you assigned a private IP alias to the Ubuntu box and then NATed the second public IP to it?
<Colypso> yes
<nick125> and you could ping the alias just fine?
<Colypso> i can ping eth1 public and private ips
<Colypso> but
<Colypso> eth1:1 i can only ping private ip
<nick125> Are you doing 1:1 NAT on eth1:1?
<Colypso> yes
<nick125> I wonder if that's part of the problem. What kind of router is doing the NAT?
<Colypso> sdmc business gateway/router
<Colypso> smc
<Colypso> sorry
<Colypso> it works with window
<Colypso> windows
<Colypso> but windows is not what i need
<nick125> with IP aliasing?
<Colypso> no i can point the public ips to each nic
<nick125> Okay. Well, we can try two NICs, just for the heck of it.
<Colypso> i have tried already for 2 days
<nick125> What happens when you assign the IPs to both NICs?
<Colypso> it wont resolv hostnames
<nick125> Can you ping out to an IP? (i.e., 4.2.2.2)
<Colypso> cant remember
<chrislabeard> nick125: im heading out thanks for your help
<nick125> chrislabeard: Have a good one.
<chrislabeard> nick125: you too
<nick125> Colypso: Both IPs are in the same subnet?
<Colypso> yes
<nick125> That might be part of the problem.
<Colypso> the internal ips are on the same subnet
<nick125> And were you setting default gws on both interfaces?
<nick125> (gateways)
<Colypso> yes
<nick125> try setting it on just one interface
<Colypso> k
<Colypso> that worked
<Colypso> i can ping both now
<nick125> Can you ping that machine from another machine in the local network?
<nick125> (with a local IP)
<Colypso> havent tried local
<Colypso> yes
<Colypso> both local and public
<Colypso> thank you
<Colypso> you are a genius
<nick125> Great. Glad we could get it working.
<Colypso> been trying to get this working for 2 days lol
<Colypso> decided to give you guys a try
<Colypso> thanks
<nick125> no problem.
<nick125> Dang, the Ubuntu asterisk package has a lot of deps.
<nick125> I guess it could be worse - it could be two major releases behind like some other distro that will not be named.
<oh_noes> is there any filesystem that can handle a vmware hard disk size increase without needing a reboot?
<oh_noes> or, 'will see the new size on the next reboot, and resize (up) accordingly'
<chrislabeard> how do you move a directory
<chrislabeard> movedir
<simplexio> chrislabeard: mv dir dir
<chrislabeard> mmk thanks
<chrislabeard> how can i move just the content
<chrislabeard> from that directory
<simplexio> oh_noes: far as i can remember ext3 should work
<simplexio> chrislabeard: cd to some dir; mv * ../another dir
<simplexio> chrislabeard: or mv dir/* anotherdir/
<simplexio> chrislabeard: man mv / cp / rm
<chrislabeard> mv apples/* pineapple/
<chrislabeard> does that look about right
<simplexio> if pineabble is ther allready. it works
<chrislabeard> k
<chrislabeard> yeah im moving apples content into pineapple
<simplexio> mkdir if there is no pineabble dir
<chrislabeard> how do i copy a directory from one directory to the parent directory
<chrislabeard> i was trying cp -R apples/oranges /apples
<chrislabeard> is that correct
<chrislabeard> why can't i delete files in one of my users home directory
<chrislabeard> im logged in as the user and its his home directory
<simplexio> chrislabeard: ls -la shows long file list
<chrislabeard> yes it does
<simplexio> chrislabeard: you see permission  there and owner, usually reason to that is that you dont have right permission
<simplexio> chrislabeard: so chmod u+w file
<chrislabeard> that will assign this whole directory to that user
<chrislabeard> i thought if its the users home directory they have permissions all over it
<simplexio> chrislabeard: chmod u+w file, gives write permission to file owner
<simplexio> chrislabeard: and sometimes is good idea to remove w permission files that you own
<chrislabeard> yeah
<chrislabeard> that didn't work
<chrislabeard> its still all root
<simplexio> like no "I accidentally whole directory" / " all files "
<simplexio> chrislabeard: chown user:group if you want to change owner to something else
<chrislabeard> so how do i make all the files in that directory owned by the owner
<simplexio> chrislabeard: if you dont want to give new owner from cmd line you need to write little script.. else chown user:group * -R
<chrislabeard> simplexio: if i use "chown joe:joe -R ~joe"
<chrislabeard> what if my user doesn't have a group
<chrislabeard> oh by default the group is user
<twb> Then you'd use that group instead.
<simplexio> chrislabeard: something like that
<simplexio> chrislabeard: by default there is group with username, if you want others to be able access files then best way is change droup owner to other and give r permission to file
<uvirtbot`> New bug: #408258 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/408258
<cjwatson> andol: hoping to deal with it by way of packaging 5.2p1, but haven't quite had time to do the version control wrangling yet
<cjwatson> andol: I've set a karmic target on that bug so that I don't forget
<andol> cjwatson: Great, thanks.
<benno_fra_dk> Trying to connegt bluetooth gps on ubuntu server(hardy) console. Every attempt to communicate with the device returns "invalid exchange".
<solorvox> hey all, is there a way to install desktop alternative CD as a server edition?  I'm on a restricted (3GB/mo) ISP and would like to setup a server without downloading another 800MB. :)
<Bilge> Oh shit
<Bilge> I just did a deluser for a system account that I added which was in nogroup
<Bilge> I wanted to rename it later so I removed the user and was going to readd it
<Bilge> But when I removed it this happened
<Bilge> Warning: Removing group `nogroup', since no other user is part of it.
<Bilge> So now I lost my nogroup group
<andol> Bilge: Are you sure that it is actually deleted?
<Bilge> Actually no it isn't
<Bilge> I don't know why
<Bilge> I also just realised I could have just renamed the user with usermod
<Bilge> Is it OK to add admins to the group 'adm'?
<Bilge> Is that what's it's intended for?
<simplexio> cant remember
<simplexio> admin group is for sudoers in ubuntu
<Bilge> I'd like to see a list of descriptions for the purpose of built in groups
<uvirtbot`> New bug: #408333 in mysql-dfsg-5.1 (universe) "MIR for mysql 5.1" [Undecided,New] https://launchpad.net/bugs/408333
<simplexio> adm is some relic from debian packaging
<Bilge> Quite a few files are in the adm group
<Bilge> Particularly in /etc and /var/log
<simplexio> offcourse i can be wrong.. all my sudo users are in adm and admin groups. but i looked /etc/sudoers
<jpds> Bilge:  I thought that group was to stop system process from running as root by letting them run as adm?
<jpds> Oh well.
* You're now known as ubuntulog
<Bilge> I don't know
<Bilge> That's why I'm asking
<heath|work> There seems to be a problem with cups and App Armor
<nick125> Good morning Ubuntuers.
<giovani|home> afternoon, nick125 :)
<nick125> giovani|home: Don't rub it in that I'm up late :P
<sgsax> I'm having some major problems with AD auth, anybody help me out?
<nick125> What would you guys recommend for doing backups?
<nick125> Preferably something multi-server (so I can backup all of my VMs on my server)
<qman__> I usually put something together in a bash script, making tarballs
<qman__> it's not really all that special and probably not the most efficientb
<qman__> but it works
<KillMeNow> i remember someone suggesting a open source web based archival tool, but can't remember what it's called
<KillMeNow> i usually just tarball and scp it to another server for storage
<nick125> I really would like to do something automated that will backup my /home, few directories in /var (www comes to mind), my MySQL DBs, etc.
<jmarsden|work> nick125: Too broad a question... rsnapshot would probably work for you... there are *many* backup packages you could use.
<Sam-I-Am> bacula isnt too bad... neither is rdiff... depends on what you need.
<jtimberman> nick125: i've used dirvish a bit, it seems decent.
<nick125> Hmm....it looks like there _ARE_ more backup solutions than there are Linux users.
<jmedina> nick125: I recommend bacula
<jmedina> and webbacula for reporting and backup jornall
<jmedina> http://webacula.sourceforge.net/
<nick125> I guess if I'm going to spend the time setting up Bacula, I might as well backup the desktops as well.
<jmedina> nick125: just read official documentation
<jmedina> and start from the basics, dont try to backup 500 desktops at a time :)
<nick125> Well, I only have one other Ubuntu desktop....and the other desktop is getting switched over next week, so it's not like I have that many desktops :)
<KillMeNow> yea that was the backup tool i was talking about
<jmedina> ok
<nick125> On my old setup, I used AMANDA...but that setup kind of bitrotted away.
<sgsax> nick125: sorry for the late response, but we use rdiff-backup
<sgsax> it's functional, but not terribly user-friendly, nor does it recover from internal errors well
<uvirtbot`> New bug: #408562 in ec2-ami-tools (multiverse) "Updgrade ec2-ami-tools to 1.3-34544" [Undecided,New] https://launchpad.net/bugs/408562
<lukehasnoname> Has anyone read the "Official Ubuntu Server Book" or the "Ubuntu Server 9.04 Reference"?
<lukehasnoname> I read through some of the "Official" book yesterday
<lukehasnoname> a little confusing at times, but not bad. I think some more section titling and organization would be in order, but the step by step instructions seemed to be accurate
<lukehasnoname> I also noticed that the link to ESR's question guide is gone.
<lukehasnoname> oh wait
<lukehasnoname> not
#ubuntu-server 2009-08-04
<Chr1831> how do i install mono support for asp.net on apache?
<Chr1831> mono-apache-server2 but its only showing me my source
<Chr1831> anyone?
<Chr1831> everyone ran away =(
<Chr1831> twb can you lend me a hand?
<twb> Chr1831: do not speak to specific people unless you have a good reason.
<lukehasnoname> smack-down hath been laid
<rosa_> Hi there...I am just installed my print server but when i try to connect from the windows clients to printers (in the server) doing double click and i got the message "the server doesn't have the correct drivers"...somebody know how solve it, i need the clients take the drivers from the serve
<rosa_> Hi there...I am just installed my print server but when i try to connect from the windows clients to printers (in the server) doing double click and i got the message "the server doesn't have the correct drivers"...somebody know how solve it, i need the clients take the drivers from the serve
<keyser_soze> rosa_: I think this will help: http://www.enterprisenetworkingplanet.com/netsysm/article.php/3621876
<rosa_> thanks a lot! I will check it
<nick125> :o That's really neat. I should try that on this school network I'm setting up with Windows clients and a Ubuntu server serving away.
<nick125> Installing HP's crappy Windows drivers on 20-30 machines is enough to ruin ANYBODY'S day.
<twb> I didn't know Microsoft shipped Windows with PostScript drivers pre-installed.
<rosa_> yes even more if you have 200 students
<nick125> rosa_: If I had to install the HP drivers, by hand, on 200 machines, I think I would actually hang myself.
<rosa_> haha ...i am tring to follor the stet but when i try to install libcups2-dev i got Couldn't find package libcups2-dev
<rosa_> i tried with aptitud also but the same??? any idea?
<rosa_> i intaleed thwe other packages but i can't find this package
<nick125> rosa_: weird. I find the package here without problems.
<rosa_> also when i try to unpacket the files from cups i got error :gnu/stubs-32.h: No file or directory but my server is AMB64
<nick125> rosa_: Are you trying to build something?
<nick125> If so, you'll *likely* need to run sudo apt-get build-dep cups
<rosa_> no, just install the cups packet for windows that appear in the page that you told me
<rosa_> :D
<nick125> rosa_: run sudo apt-get build-dep cups and try again
<rosa_> :) thanks
<nick125> Let me know if it works.
<chrislabeard> Hey guys everytime i try and access my ftp server outside my network it times out after user and pass
<_ruben> chrislabeard: sounds like a problem with active/passive ftp and connection tracking .. i assume it stalls at the point where it'd list the directory contents?
<chrislabeard> i got it working my router wasn't forwarding the correct ports
<chrislabeard> now i want to test the speed
<uvirtbot`> New bug: #408732 in lsb (main) "lsb package crash after login (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/408732
<rosa> hi sorry i lost the connection, can please repeat the command to re install or install properly the libcusp2-dev?
 * andol points rosa at http://irclogs.ubuntu.com/2009/08/04/%23ubuntu-server.html
<rosa> hi there sombody know how I can know if i have cups-dev installed or how install it?
<nick125> rosa: You should be able to run sudo apt-get install libcups2-dev and it will tell you if it's installed or not. If you're still installing the build deps, running the build deps command (sudo apt-get build-deps cups) should install anything not installed.
<rosa> i tried but still i got souln't find package libcups2-dev
<nick125> Still? Well, I think build deps should pull that in any case.
<rosa> hi nick125: in the article also say I need to install this packages gcc, libjpeg, libjpeg-devel, libpng, libpng-devel, libtiff, libtiff-devel, zlib, and zlib-devel  it is right cause also i can't get
<pascalou> hi here
<pascalou> i am having troublr to install grub on a md raid0 disk , can anyone help me?
<pascalou> i get  The file /boot/grub/stage1 not read correctly
<rosa> im sorry im new...how i can know which cups version im running?
<rosa> hi pascalou what is the error exaclty?
<simplexio> pascalou: if i recall right you cant install grub into raid0.. i can be wrong too
<simplexio> pascalou: raid1 is ok
<rosa> hi, which is the last version from cups for ubuntu 8.04?
<rosa> nick125 i had a doubt, i got the version 1.3.7 od cups but in the aticle that you said this version is not there. what i can do? i tried to upgrade but i cant i got my version is the last one
<pascalou> escue me it s raid 1
<pascalou> rosa it says that there s an error with the stage1 file
<pascalou> i tried reinstalling grub and various things
<pascalou> i work in a cgrrot on the new system from the live cd with a modified mtab and a rebinded /dev /proc /sys
<rosa> i remeber that i got the same problem and i did the process anyway usind (hd0) /dev/sda , etc...but i have Raid 0
<rosa> are you installing or recovering the system?
<rosa> i suppose is the same?
<simplexio> pascalou: i have grub on raid1.. if i recall right you need to install grun into device not md
<rosa> yes, in every device that you have in your raid...
<rosa> hi nick a question...i try to follow the process to configurate cups (according the article) ..i understand libsys2.dev, cups-dev and libcups2-dev are the same?
<rosa> if is the same, that mean my ubuntu version is the problem as I can install a newer cups version
<uvirtbot`> New bug: #408779 in apparmor (main) "[karmic] dhcp fails with wireless link under 2.6.31-5-generic #24" [Undecided,Confirmed] https://launchpad.net/bugs/408779
<uvirtbot`> New bug: #408795 in apache2 (main) "frequent apache crash with "*** glibc detected *** /usr/sbin/apache2: double free or corruption" message" [Undecided,New] https://launchpad.net/bugs/408795
<rosa> l
<rosa> hi, i am doing cupsaddsmb  -U root -a -v, but i got the error : session setup failed: NT_STATUS_LOGON_FAILURE...somebody know about that?
<kim0> Hi .. Can anyone please help me locate drbd-8.3 dkms deb package for hardy ?
<pmatulis> kim0: use apt-get i guess
<quizme> is there a way to reliable combine two sets of /etc/passwd and /etc/group files from two different machines ?
<pmatulis> quizme: how many accounts from each machine?
<Grim76__> ls
<Grim76__> doh sorry wrong pane
<andol> Grim76__: been there, done that :)
<Grim76__> Not quite awake this morning and forgot to ctrl-a tab to my other pane in screen.
<quizme> pmatuliz: 57 and 34
<quizme> pmatulis: 57 and 34
<quizme> pmatulis: 23 are in common
<rosa> hi, i am doing cupsaddsmb  -U root -a -v, but i got the error : session setup failed: NT_STATUS_LOGON_FAILURE...somebody know about that?
<kim0> enabling the backports in Hardy .. I still only get drbd 2:8.0.11-0ubuntu3 ...
<quizme> where are the passwords stored ?
<quizme> i only see ascii characters in /etc/passwd
<quizme> pmatulis: i did it manually...
<highvoltage> quizme: /etc/shadow
<pmatulis> quizme: i fear you have a lot of grunt work to do
<pmatulis> quizme: you're done already?
<quizme> pmatulis: yeah, done, but when i symbolically link /etc/passwd to /vol/etc/passwd, i'm getting an error: sudo: uid 135 does not exist in the passwd file!
<quizme> oh fuk
<quizme> hehe
<quizme> i can't sudo now...
<NorthByNorthWest> stefan__3: I get this: http://pastebin.com/d294c98a1
<NorthByNorthWest> stefan__3: cant see anything about those ports... or vnc...
<pmatulis> looks like you can't connect via vnc then
<stefan__3> no vnc daemon there
<NorthByNorthWest> so I need to apt-get install one?
<stefan__3> so that is why
<stefan__3> which one did you use before ?
<NorthByNorthWest> well... I guerss there was one that came with the ubuntu server edition... cant remember that I installed one manually...
<stefan__3> I have no knowledge of one that comes with the ubuntu server install, but I always install a CLI server ...
<stefan__3> search on help.ubuntu.com
<_ruben> server = cli != vnc
<stefan__3> there should be there some info about remotely accesing your box
<_ruben> remote access + server = ssh
<pmatulis> _ruben: nice math lesson
<_ruben> :)
<Tom_Ass> =)
<stefan__3> guys let's not put away noob users, linux needs all the users it can get, plus you can see he/she comes from a win background
<pmatulis> NorthByNorthWest: you claimed that you accessed this server with vnc in the past
<NorthByNorthWest> well... I find some articles on help.ubuntu.com but I dont really know which path to take... I mean... when I installed the ubuntu server edition I could rdesktop into it no problemo.... and now, I just cant... so I guess I want to install the same vnc server that comes with ubuntu server edition....
<_ruben> NorthByNorthWest: you can only vnc into an ubuntu desktop machine, not an ubuntu server machine
<NorthByNorthWest> pmatulis: well... I accessed it from a terminal using 'rdesktop'
<_ruben> errr .. rdesktop is for microsoft windows remote desktop
<stefan__3> lol
<NorthByNorthWest> hmm... but Im suer of it...
<NorthByNorthWest> *sure
<_ruben> !info rdesktop
<ubottu> rdesktop (source: rdesktop): RDP client for Windows NT/2000 Terminal Server. In component main, is optional. Version 1.6.0-2ubuntu1 (jaunty), package size 134 kB, installed size 480 kB
<pmatulis> NorthByNorthWest: did you see orange/brown or blue?
<NorthByNorthWest> perhaps I should clarify that the the machine Im trying to access is a ubuntu server within an ubuntu server, running through vbox, if that makes a difference...
<NorthByNorthWest> gahh.... hold on...
<NorthByNorthWest> perhaps i booted the vm the wrong way!
<NorthByNorthWest> *preemptive blush*
<ball> _ruben: you can VNC into an Ubuntu Server box if you install VNC server and a suitable desktop or window manager.
<_ruben> ahhh .. a lot of virtualization products have their own builtin (graphical) remote admin interfaces, which can be based on vnc
<_ruben> ball: that's only partially through .. server + gui != server
<_ruben> server + gui = desktop
<_ruben> s/through/true though/
<_ruben> (very odd typo)
<stefan__3> yes virtualbox has a builtin vnc server
<stefan__3> so NorthByNorthWest check that that setting is enabled on the vbox
<ball> _ruben: not quite ;-)
<_ruben> quite
<NorthByNorthWest> stefan__3: yes... im checking that...
<ball> _ruben: have you tried it?  I'm not talking about running an X server on the console.  I think I get where you're coming from, but clearly they're not the same thing.
<NorthByNorthWest> stefan__3: well... this is a vbox issue... although vrdp is enabled it gets disabled when I boot the vm... weird...
<stefan__3> NorthByNorthWest: search in the search engines for that problem
<j0nr> anyone happen to know how to construct the inner envelope of a peritrochoid?
<pmatulis> j0nr: maybe try ##physics
<ball> ##maths?
<j0nr> pmatulis: cheers
<traemccombs> http://paste.ubuntu.com/247258/   Trying to restart mysql and I get these errors
<_ruben> seems like /etc/mysql/debian.cnf contains wrong info
<Sam-I-Am> sounds like somehow the debian internal password got changed
<Sam-I-Am> or that
<sgsax> if the restart is unable to stop mysqld (line 2), it means either the daemon was never started, or the saved pid is incorrect
<stefan__3> if the user debian-sys-maint cannot connect that is not a major issue
<Jur> hi there
<stefan__3> that user just does the table checks
<sgsax> what kind of checks? (just curious)
<Jur> i'm a uber linux noob. how can I get out of the sudo manual :p
<stefan__3> traemccombs: you would be better off looking in the mysql error log
<sgsax> Jur: don't quite understand your question
<stefan__3> sgsax: table checks for integrity or something like that , can't remember, i disable that every time
<sgsax> stefan__3: gotcha, never used it myself
<Jur> Hi I just installed ubuntu server and now I have this cli. I ran the sudo manual but how can I exit it
<stefan__3> sgsax: if you have a huge db. it is hell to restart it if you need to
<sgsax> Jur: ah, "q" for quit
<stefan__3> Jur: type   q
<stefan__3> that should quit the man page
<Jur> lol that's it thx
<Jur> my 1st time on linux cli
<_jmedina> man man
<sgsax> Jur: welcome to linux :)
<traemccombs> hmm
<jmedina> I have strange behaivor changin vim modes
<jmedina> :S
<jmedina> when I in insert mode I can change to command using ESC, I have to type ctrl+c, that is weird
<Daviey> meeting -->
<traemccombs> I've opened the port with the following: /sbin/iptables -A INPUT -i eth1 -p tcp --destination-port 3306 -j ACCEPT  But for some reason it's still not listening.  I have mysql set with:  bind-address: SERVERS_IP_ADDRESS      instead of 127.0.0.1   is there anything else I need?
<Jur> lolldsf
<Jur> lol does the cli of ubuntuserver has a screensaver
<Jur> pretty nice
<firecrotch> Trying to connect to a pptp vpn from my Ubuntu server, and I get the error "Failed to set PPP kernel option flags: Inappropriate ioctl for device".  Everything in teh configuration files is correct, as it was copied directly from a Kubuntu machine that can connect just fine with kvpnc
<stefan__3> firecrotch: I tried it in ubuntu desktop , it only worked with kvpnc , never been able to make it work otherwise
<Max007> hi
<Max007> i'm trying to install ubuntu server 9.06 64bits on a HP ML350 G6 server. After the installation I can't get grub to show.. it says: trying to boot from hard drive...
<firecrotch> stefan__3: Hmmm I solved it... something was trying to run /usr/bin/pptp  but pptp is located in /usr/sbin/
<firecrotch> nice little symlink and all is well :-D
<stefan__3> good to know firecrotch
<stefan__3> that means that I haven't investigated enough
<firecrotch> It also means that there's a bug in a package somewhere
<stefan__3> Max007: are you using 9.04 ?
<stefan__3> that worked here on a g6
 * andol wonders if anyone has any good opionon on bug #334374 and whatever ldap-auth-config perhaps is better suited as a Recommends than as a hard Depedency to libnss-ldap?
<uvirtbot`> Launchpad bug 334374 in libnss-ldap "libnss-ldap should not depend on libpam-ldap" [Medium,Confirmed] https://launchpad.net/bugs/334374
<andol> mathiaz: Would be nice if you were one of the anybodies just refered to ^^ :)
<Sam-I-Am> hmmmm
<Sam-I-Am> interesting...
<sgsax> I'm wondering what most people would use ldap for if not with pam for auth
<andol> sgsax: User info, without the auth part?
<Sam-I-Am> well, user info
<Sam-I-Am> passwd, shadow, group, netgrou;
<Sam-I-Am> bunch of stuff
<Sam-I-Am> perhaps if theres a config tool for nss it should be more generic .. like nss-config
<sgsax> I've been fighting with ldap for the last two weeks
<sgsax> finally got it working
<Sam-I-Am> then something different for authentication that would install pam modules depending on selections
<Sam-I-Am> sgsax: its a hoot...
<sgsax> this is for auth against AD, so doubly-fun
<andol> sgsax: yeah, mixed enviroments can be really fun...
<Sam-I-Am> mmm, proxy
<Sam-I-Am> i usually get the job of ridding departments of AD
<sgsax> I wish I could
<sgsax> no such luck yet
<Sam-I-Am> i'm kinda waiting to see what samba4 brings
<Sam-I-Am> curious if ubuntu will go with heimdal over MIT kerberos
<Sam-I-Am> since they seem to be integrating well with samba5
<Sam-I-Am> er, 4
<sgsax> I thought heimdal had been depricated in favor of mit
<Sam-I-Am> hmm, didnt think so
<sgsax> so is kerberos still the preferred auth method with ldap againast AD?
<Sam-I-Am> i think so
<Sam-I-Am> thats how the boxes work here before i get rid of AD
<sgsax> there are a lot of docs out there on using winbind
<Sam-I-Am> that might also work
<sgsax> wasn't sure if that's where things were going
<Sam-I-Am> although i think winbind was more of an NT-style domain thing since AD uses kerberos
<sgsax> I had always had the impression that winbind was what people used on a small-scale
<sgsax> ah, that would make sense
<sgsax> I knew there was a reason why I had been staying away from it
<andol> sgsax: Regarding kerberos, that is pretty much what AD uses fÃ¶r authentication.
<sgsax> good to know
<sgsax> and I did finally get it working
<sgsax> we actually had it working on our gentoo boxes, which I am phasing out in favor of ubuntu
<sgsax> but when I tried replicating the configs on ubuntu, it took a while to get it all sorted out
<sgsax> the versions of nss-ldap and pam-ldap are only a couple revs newer on jaunty
<sgsax> I think part of my problem may have also been an unhealty AD
<Sam-I-Am> theres also nss-ldapd :)
<Sam-I-Am> which... has its own issues
<Sam-I-Am> tempting to try nssov from openldap at some point
<sgsax> yeah, we still need AD, unfortunately
<sgsax> until samba can do GPOs...
<sgsax> which are really the only redeeming feature of AD
<Sam-I-Am> yes, quite
<Sam-I-Am> once i nuke AD in this environment, i'm going to toss samba4 into the testbed and see what i can make it do
<Sam-I-Am> which brings up the mit/heimdal question again
<Sam-I-Am> and then there's the issue with which security suite will everything use
<sgsax> what do you do for print services?
<Sam-I-Am> samba/cups
<sgsax> I've ended up with a dual solution: samba/cups for linux desktops, Windows printing for Windows desktops
<Sam-I-Am> debian/ubuntu seem to like gnutls over openssl... frankly i think gnutls is broken... and then there's mozilla/netscape
<sgsax> cups wasn't quite good enough for my Windows users
<Sam-I-Am> cups can be a little rough... but very little printing happens here
<Sam-I-Am> its mainly centralized auth and file storage
<sgsax> I work in a CS dept at a uni
<sgsax> got users who need to print
<sgsax> we used to impose quotas and have students pay for going over, but got our hands slapped by the auditor
<Sam-I-Am> oh, print quotas are messy
<Sam-I-Am> i did that once
<Sam-I-Am> wound up hacking something to make it work... been quite a few years now
<sgsax> while there are some decent tools for print quotas on Windows, there's little to nothing for *nix
<sgsax> our solution was homegrown
<sgsax> now I just have to keep them running
<Sam-I-Am> printing isnt big here, but i usually have other interesting things to integrate... like RSA tokens
<sgsax> nice
<Sam-I-Am> and unfortunately most of that software only runs on windows, has vague/limited ldap support, and the tech support folks are sub par
<Sam-I-Am> this particularly company is very difficult to get answers out of... even with a fat support contract.
<sgsax> sounds typical
<sgsax> salesmen make a great pitch to the PHB
<sgsax> the admins get stuck making it work with little or no help from vendor support
<Sam-I-Am> i was fairly surprised to see this package even supporting ldapv3
<Sam-I-Am> it also does SSL, but not starttls... which is irritating.
<Sam-I-Am> it also doesn't understand groups in ldap... of any sort.
<jmedina> Sam-I-Am: hi sam
<jmedina> Sam-I-Am: what package?
<sgsax> that sucks
<sgsax> groups was my last big battle with ldap
<Sam-I-Am> actividentity 4tress
<Sam-I-Am> jmedina: howdy
<sgsax> was only getting about half of them  pulled down, and even not all of those were correctly populated
<jmedina> Sam-I-Am: just lurking
<Sam-I-Am> this just doesnt do it at all... in order to consider someone authorized to access something via the token, it wants to see a certain attribute for each user
<Sam-I-Am> so i have to do something like employeeType = netadmin
<sgsax> did you have to extend the AD schema?
<jmedina> ja
<Sam-I-Am> i'm not using the AD schema
<jmedina> I hate when ldap apps requiere extra attributes instead of using groups
<Sam-I-Am> cisco acs is another problem
<Sam-I-Am> it doesnt even support a user database outside of itself... but it will read passwords from ldap
<Sam-I-Am> kinda hurts the whole idea of centralized management
<dennda> Is mod_python installed per default on ubuntu server?
<jmedina> damn, I dont know what happened to vim :S
<jmedina> dennda: afaik no
<jmedina> only built-in m odules
<sgsax> we just got a new contract for copiers
<sgsax> turns out they can do ldap lookups, but not for auth-ing users, just for looking up email addresses
<Sam-I-Am> sgsax: been there
 * jmedina uses minolta copies with ldap
<Sam-I-Am> sgsax: i had to manage those separately using *gasp* access
<Sam-I-Am> and of course it couldnt dump its logs over ethernet... i had to go around with a laptop and a usb cable
<uvirtbot`> New bug: #408948 in samba (main) "winxp discovery fail when machine name truncated at 15 chars" [Undecided,New] https://launchpad.net/bugs/408948
<bobg> i have jaunty running in a xen VM with the linux-virtual kernel. When I run "sudo update-grub" I get a "Segmentation fault". Any suggestions on how I can fix this?
<bobg> i have tracked down my update-grup "segementation fault" to "exec /usr/share/debconf/frontend /usr/sbin/update-grub" -- frontend is a perl script
<bobg> any perl script fails when it includes "use Debconf::Db;"
<bobg> rebooting seems to have fixed my problem
<heath|work> every time I log into my JeOS 9.04 servers I am prompted for [sudo] , I wouldn't care because I always sudo -i after, but now I need scp and it won't let me
<sgsax> define "it won't let me"
<heath|work> after the scp stuff.tar.gz server:/path I enter the connecting password, then I am prompted for [sudo]:  When I type for the sudo command it is echoed back to me, but doesn't take
<heath|work> sudo command => sudo password
<heath|work> Is there  a way I can find out what is running that is requiring the sudo?
<sgsax> so you are trying to do "sudo scp something somehwere:/foo"
<sgsax> right?
<heath|work> no... I know this is confusing, so sorry. Scrape the scp , I need to figure out why I am being requested to sudo right after I login
<sgsax> that does sound odd
<sgsax> I'm not familiar with the details of jeos
<sgsax> but I wouldn't expect they're doing anything to off-the-wall with it
<sgsax> it's intended to just be an ubuntu appliance, right?
<heath|work> well, I think it may have to do with the first login or first run scripts, but I can't figure out how to see what script is requiring the sudo
<heath|work> yeah, just an appliance
<sgsax> if you can login to it, look at .profile .bashrc .login .bash_profile
<sgsax> then see if any of them source a system-wide config somewhere
<heath|work> will do thanks
<chrislabeard> is there anyway to get your server to text you without using a gsm modem ?
<lukehasnoname> http://www.zeepmobile.com/
<lukehasnoname> Maybe?
<Sam-I-Am> chrislabeard: some services allow TAP dialing into their systems
<Sam-I-Am> dial in with a modem, send text, disconnect
<chrislabeard> oh okay
<chrislabeard> i thought you can send txts with regular old internet connection
<Sam-I-Am> you can too
<Sam-I-Am> depends if you want to send texts regarding your internet connection outage :)
<chrislabeard> Its not too big of a deal i just wanted to mess around with it
<sgsax> chrislabeard: if your cell carrier has an email gateway, you can just have your server send email to it
<chrislabeard> yeah
<chrislabeard> does this website look generic to you guys http://longhornpcrepair.com
<sarthor> Hi, i used shaper for bandwith controlling, i wrote 255 files for the whole subnet, and were then located in /etc/shpaer/, not in 9.04 the pakage is changed a bit, its now shaperd, How to configure shaperd now? will that already 255 configured files will work with this shapred also??
<lukehasnoname> chrislabeard, what's with the latin
<sgsax> lukehasnoname: it's semi-random filler text
<sgsax> google the first couple of words and you'll get the whole history of typesetting
<lukehasnoname> mhm
<lukehasnoname> San Antonio resident here, btw
<sarthor> Hi, i used shaper for bandwith controlling, i wrote 255 files for the whole subnet, and were then located in /etc/shpaer/, not in 9.04 the pakage is changed a bit, its now shaperd, How to configure shaperd now? will that already 255 configured files will work with this shapred also??
<sarthor> Hi, i used shaper for bandwith controlling, i wrote 255 files for the whole subnet, and were then located in /etc/shpaer/, not in 9.04 the pakage is changed a bit, its now shaperd, How to configure shaperd now? will that already 255 configured files will work with this shapred also??
<uvirtbot`> New bug: #409093 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.1 failed to install/upgrade: Unterprozess post-installation script gab den Fehlerwert 1 zur?ck" [Undecided,New] https://launchpad.net/bugs/409093
#ubuntu-server 2009-08-05
<sarthor> how can configure shaperd to limit bandwidth till 512 kb down and 64 kb up to each host,
<oh_noes> How do I found out what columns are which when I do:   sadf -d
<KillMeNow> # hostname;interval;timestamp;DEV;tps;rd_sec/s;wr_sec/s;avgrq-sz;avgqu-sz;await;svctm;%util
<dumont> I was upgrading everything via apt-get upgrade i got this error http://pastebin.com/m4dd5fc93 i'm on 8.04
<dumont> apt-get -f install, apt-get upgrade, apt-get update, /etc/init.d/acpid stop, dpkg --configure -a => ALL RUN AS SUDO, all stops with a error saying ACPID is not configured Please help me solve this, it's a dedibox, all I have is root access, reinstalling is a problem
<dumont> so how can i get rid of acpid error?
<KillMeNow> no idea
<qman__> well, I don't know much about how acpid works, but my first question would be why /proc/acpi/event does not exist
<qman__> does /proc/acpi exist? if not, the system probably booted without acpi support for one reason or another
<dumont> proc/acpi exists
<dumont> event doesn't
<KillMeNow> why not add it?
<KillMeNow> touch /proc/acpi/event
<KillMeNow> just a wild stab
<twb> I don't think that will work
<qman__> event is a handle
<qman__> the system writes information to it to control acpi
<KillMeNow> gotcha
<KillMeNow> well i'm done for the day, seey ou all later
<giovani> dumont: afaik, that's a legacy interface
<giovani> and has to be explicitly turned on in the kernel config
<giovani> dumont: why do you 'need' it?
<qiyong> is dbus needed in server environment
<giovani> qiyong: that would depend on what individual applications you might be running
<giovani> 'needed' is unlikely in most situations -- but some apps might make use of it
<qiyong> giovani: so i'd turn it off
<giovani> qiyong: I've already answered your question -- I didn't tell you to turn it off though
<qiyong> giovani: i only use traditional apps, ftp, apache, mail etc
<giovani> qiyong: traditional apps can use dbus
<qiyong>  traditional apps, such as apache, vsftp, postfix
<qiyong> giovani: ^
<giovani> yes, I saw
<qiyong> avahi-daemon isn't used in server right? normally.
<giovani> qiyong: not typically, nope
<giovani> avahi-daemon isn't in the ubuntu server install afaik
<giovani> so it shouldn't be there
<qiyong> how can I turn a desktop install into server install easily?
<qiyong> i.e., remove desktop apps by a meta pkg or group pkg?
<giovani> qiyong: I wouldn't advise it
<giovani> it'd be best to start from a fresh install
<qiyong> what about hald? giovani
<giovani> qiyong: we're not here to support the desktop installation
<giovani> please use the server installation
<qiyong> should I reduce the numver of getty?
<giovani> qiyong: if you want to ...
<qiyong> not much benefits
<giovani> there will be some minor ram gains
<giovani> I'd recommend it if you're on a 64MB system
<giovani> doing so is as simple as removing the ttys you don't want from /etc/event.d/
<uvirtbot`> New bug: #409146 in ubuntu "none of the function keys are working on my dell mini (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/409146
<qiyong> giovani: that no longer recorded in inittab?
<giovani> qiyong: not for quite a while -- ubuntu uses upstart -- /etc/inittab doesn't exist
<qiyong> giovani: so debian never have /etc/inittab?
<giovani> qiyong: this isn't debian, how is that relevant?
<qiyong> giovani: ubuntu is debian flavor
<giovani> qiyong: incorrecty
<giovani> incorrect*
<giovani> and I never said anything about ubuntu "never" using traditional init, just that it doesn't now
<qiyong> since when?
<giovani> 6.10 and onward
<giovani> which is nearly 3 years now
<qiyong> what's the codename?
<qiyong> 6.04 was a lts iirc
<giovani> are you not capable of using google?
<giovani> google says 6.10 was "Edgy"
<giovani> and, 6.06 was an LTS, yes, why is that relevant?
<qiyong> not much
<qiyong> why change?
<qiyong> what about other distros?
<qiyong> espectiall debian
<giovani> because init is ancient, and isn't as flexible as upstart
<giovani> debian offers upstart, but doesn't use it by default iirc
<qiyong> fedora still uses inittab
<giovani> no, fedora uses upstart with inittab legacy iirc
<qiyong> we still has init
<qiyong> so init is going out of world
<giovani> qiyong: you seem to want to create a debate -- this is #ubuntu-server ... Ubuntu has used upstart since 6.10 -- use it or not ... stop complaining
<qiyong> 2006 was the shift year for ubuntu
<qiyong> giovani: i don't want debate
<qiyong> giovani: i just want the reason
<giovani> qiyong: I've provided you with a reason
<qiyong> behind
<giovani> you're welcome to do your own research to understand more about the situation
<qiyong> so debian is still of the old style
<qiyong> the others are go for upstart
<giovani> I've already told you what debian uses
<twb> It *would* be nice if metainit got off the ground and event.d was actually used for more than just inittab...
<twb> sysvinit-compat feels so dirty
<giovani> twb: let's not complicate what is already a difficult-to-resolve discussion :)
<qiyong> ;0
<twb> I figured I'd just ignore the existing discussion and start a new one ;-)
<twb> Looks like upstart on Debian has propagated as far as testing now -- it used to only be in experimental.
<qiyong> upstart implementes a new /sbin/init
<giovani> yeah, they're working on it evidently
<twb> Debian's adoption is held up because they can't agree on a single "standard" init
<twb> So discussion immediately devolves into a way to properly support the six different init daemons currently in Debian.
<twb> (sysvinit, upstart, runit, cinit, minit, ...)
<qiyong>  a single "standard" init ?
<qiyong> oh
<giovani> qiyong: he's mostly talking to himself -- not you
<qiyong> sysvinit is the tradiitional one
<giovani> let's keep the random, and endless, string of questions to a minimum
<qiyong> r/c/m init never got widely used
<twb> qiyong: right. Debian basically still standardizes on sysvinit.
<qiyong> is sysvinit only a gnu implementation/clone of the real sysvinit?
<qiyong> now this pkg is going to be obsolete, and upstart is a new desgin, and is going to dominate
<qiyong> upstart was written by Scott James Remnant <scott@ubuntu.com>
<giovani> qiyong: your ability to copy-and-paste from the web amazes me
<qiyong> seems ubuntu fistly began to use upstart
<qiyong> giovani: lol
<qiyong> not the web
<qiyong> "/usr/share/doc/upstart/AUTHORS"
<twb> giovani: at this point I have just plonked qiyong
<giovani> twb: I suppose it's time I do the same
<twb> Direct him to -overflow or -offtopic or whatever it's called.
<chrislabeard> Hey guys
<chrislabeard> whats the easiest way to monitor input voltage of my server
<qman__> input voltage? as in from the wall?
<qman__> you'd need a dedicated device for that, normal setups don't collect that information
<rosa_> hi there...I am doing cupsaddsmb -H Printserver -U myuserdomain -a -v and i got the error NT_STATUS_MEDI_WRITE_PROTECTED making remote directory ...please help!
<dinger2006> has anyone here used egroupware?
<VSpike> Has anyone got any comment on the use of dnsmasq versus bind9/dhcp3
<_ruben> the first has smaller footprint and (probably) simpler configuration .. the latter scales better
<VSpike> _ruben: I set the latter up once but it was some time ago and I can't really recall the details :)  Other than it took me a while
<VSpike> I need to replicate the functionality on another subnet in another office, but each office only has <6 machines
<_ruben> for <6 machines, dnsmasq should do just fine, never used it myself though
<VSpike> I could try and replicate the bind9/dhcp3 setup I already did, if I can figure out how I made it work, or try dnsmasq instead
<ttx> VSpike: learning dnsmasq will probably be worth it in your case. I like it.
<Daviey> dnsmasq even works quite well on larger sites..
<Daviey> dnsmasq has the bonus that it can auto add the hostnames provided over DHCP to the inbuilt dns
<VSpike> Daviey: I managed to get bind/dhcp to do that :) but it weren't easy
<VSpike> But yeah, it sounds ideal for the job so I'm tempted to put the effort in to learn it
<ttx> and it usually does the right thing by default, so you're less error-vulnerable
<VSpike> I could even use it at home too
<Daviey> VSpike: yeah.
<VSpike> Great, thanks guys.  I'll give it a try
<guntbert> is there an easy way to add another "service type" (normally chosen towards the end of the installation) in a running system?
<_ruben> probably not
<vix> how do i monitor a bunch of websites from my ubuntu machine
<_ruben> define 'monitor'
<vix> check if its up
<vix> just the url
<vix> is that ambiguous
<_ruben> use nagios or something similar
<vix> there r a few perl scripts out there
<vix> that do a curl/wget
<vix> i just need it for a cpl of days
<vix> so dont need to setup nagios
<vix> or rather dont want to
<vix> too much pain for monitoring a site for a day or two
<_ruben> then use those scripts
<Djannakhan> Hi, I've a ubuntu server (9.04) at home. I use it to backup remote server with bacula. I need a window manager/x server to run 'BAT' (bacula administration tool) and also I would like to turn this server into a media center (i've an HDMI output)
<Djannakhan> i've search a bit and found http://www.xbmc.fr for the media center part...
<Djannakhan> do anybody have some experience on this (ubuntu server -> media center) ?  how to proceed, adivices... ?
<giovani> Djannakhan: don't use BAT -- use Bweb ... the web interface if you need one
<Djannakhan> giovani: why not bat ? is there some issue with this tool ?
<giovani> Djannakhan: yes, running a full x server and window manager on a server is a no-no -- and it's not supported in this channel
<Djannakhan> giovani: ok, so bat is OK. I'll install bweb too.  I still want the media center feature... on which channel can I get help ?
<CopyWriter> oh yes i've found it
<CopyWriter> hello all
<CopyWriter> i'm migrating my network to ubuntu server all the desktops to ubuntu too
<CopyWriter> but i need help
<giovani> Djannakhan: I don't know, media centers are a huge topic -- I run mine probably very differently from you -- so I won't be of help
<CopyWriter> if i eliminate my 2k machines as servers how do i use ubuntu server as a pdc
<CopyWriter> or do i need to
<CopyWriter> i might be still thinking windows active directory etc, but there wont be any windows clients connecting to the network
<giovani> CopyWriter: if you don't have any windows machines, you don't need a domain controller -- since that's a windows technology
<CopyWriter> it was playing around in the back of my head for the latter part of 3 days
<CopyWriter> ok with that said how do i authenticate users on the system
<Djannakhan> giovani: I currently don't run one so... How do you run yours ?
<CopyWriter> i mean on the network or do i need to
<giovani> CopyWriter: there are tons of different ways, that's a huge topic
<CopyWriter> aaah, a simple workgroup then would do the trick if it's for basic networking file sharing
<giovani> Djannakhan: I have a backend headless server running mythtv, and then a number of front-ends
<CopyWriter> and adding a couple ethernet printers
<giovani> CopyWriter: if you want centralized login, linux is perfectly capable of providing it, it's just not a works-with-10-clicks solution like Microsoft offers
<giovani> you should read up on it
<giovani> LDAP is a good place to start
<CopyWriter> centralized login, that the term i didn't know about
<CopyWriter> thanks giovani
<CopyWriter> googling it now
<giovani> uh ... meaning you're authenticating users on a central server?
<giovani> that's what AD is
<CopyWriter> yes authenticating users using a server
<CopyWriter> what's the definition of AD
<CopyWriter> i.e. a user can login using his credentians at different terminals
<giovani> AD authenticates users centrally
<giovani> so AD is providing centralized login
<CopyWriter> yes that's what i need
<giovani> if you want that same feature in linux, you can look into doing it with LDAP
<giovani> yes, I've repeated myself many times now
<CopyWriter> :) thanks for your patience
<oioiii> hi I'm having trouble with this aacraid bug https://bugs.launchpad.net/ubuntu/+source/linux/+bug/249964
<oioiii> in ubuntu-8.04 running as xen dom0. What is the best way to workaround this problem?
<uvirtbot`> Launchpad bug 249964 in linux "aacraid driver stalls on high-load SMP machines" [Medium,In progress]
<oioiii> Can I just recompile aacraid.ko, if yes how?
<CopyWriter> AD = Active Directory we were talking about it but it went right over my head
<giovani> oioiii: did you actually read that thread?
<giovani> oioiii: there's a link to the fix right there
<Boohbah> CopyWriter: wow i never knew this channel existed!
<CopyWriter> yes same here
<CopyWriter> i was hanging out in the ubuntu channel for some weeks
<CopyWriter> then i googled ubuntu-server irc and found it
<oioiii> giovani: yes I did read it, you mean that link http://bugzilla.kernel.org/show_bug.cgi?id=11120
<uvirtbot`> bugzilla.kernel.org bug 11120 in AACRAID "aacraid driver stalls on high-load SMP machines" [Normal,Assigned]
<giovani> oioiii: yep, a kernel patch is provided right there
<CopyWriter> i'm not quite sure i'll be able to build this openldap
<CopyWriter> seems complicated
<CopyWriter> probably take a few many tries
<oioiii> giovani: That means I'll have ti recompile the kernel. I was just wondering if I could only compile aacraid.ko
<giovani> oioiii: if it's compiled as a module, sure
<simplexio> 16
<giovani> CopyWriter: like I said, it's not a point-and-click solution
<CopyWriter> workgroup is seeming pretty good right about now :)
<Boohbah> CopyWriter: why are you building openldap? is the binary missing some feature?
<CopyWriter> 'm new to all this, i'm just following the info on their homepage
<CopyWriter> i think i can do the apt - get thing
<CopyWriter> but i'm not at the office right now
<CopyWriter> i love this place
<CopyWriter> thanks again giovani, you've pointed me in the right direction
<Boohbah> CopyWriter: ubuntu package is called slapd so you should be able to 'apt-get install slapd'
<CopyWriter> thanks boohbah, going to try that as soon as i get to the office
<oioiii> giovani: it's strange, I had a look into the source code of the uptodate driver source code form adaptec and they have a kernel version check for < 2.418 but I'm using 2.6.24-24-xen
<heath|work> I have a very annoying problem. Every time I log in to one of my servers I am prompted to [sudo] immediately. Does anyone know how I can figure out what script is calling for sudo?
<heath|work> oh thank god... /etc/bash.bashrc is the problem child
<heath|work> Shouldn't all of the fisrstlogin stuff be destroyed after the first login. This seems to only be an issue on my 9.04 JeOS systems, 8.10 does not do this.
<heath|work> and by all I mean 7 of them
<Djannakhan> heath|work: did you check your .bash_profile or a hill written alias in your .bash_aliases?
<heath|work> Djannakhan, there is no reference to the /etc/bash.bashrc file in my home dir
<Djannakhan> heath|work: my bash.bashrc file look like this http://pastebin.ca/1519154 maybe yours has a typo...
<Djannakhan> note that bash.bashrc is called from /etc/profile
<heath|work> Djannakhan, that's fine, but here is the pastie of what was in my bash.bashrc: http://pastie.org/572439
<heath|work> I guess the dpkg-reconfigure needs to be called, but it is not automatically
<Djannakhan> heath|work: Strange thing what you have in your bash.bashrc file... does the file /root/firstlogin_done exists ?
<Djannakhan> heath|work: according to the script the sudo touch should occur only once : if [ ! -e /root/firstlogin_done ]; then
<heath|work> Yes it does exist, but it would always run the sudo command...
<heath|work> that is strange in relooking at it
<heath|work> hang on, I haven't corrected a couple of the machines. I will check them
<heath|work> yep, the file is there and I was prompted for the password again
<Djannakhan> heath|work: is the file world readable ?  maybe the bash.bashrc can't read it (check /root dir permission)
<Djannakhan> heath|work: if the bash.bashrc script need a sudo to touch the file, it means that the script is executed with non root privilege
<heath|work> Djannakhan, no root is not world readable
<heath|work> so the script would never know the file exists
<Djannakhan> heath|work: yep
<heath|work> good catch, should I file a bug?
<Djannakhan> yep probably, I've checked my server and all my root dir have  700 permission, but maybe I change this when I install my servers... can't remember.
<heath|work> I would assume that the root dir would be strict
<heath|work> they just need to move the file somewhere else
<Djannakhan> heath|work: no it's not the default... i've checked again my install doc, and I do cd /
<Djannakhan> sudo chmod 700 root
<heath|work> drwx------  4 root root  4096 2009-06-27 17:42 root
<heath|work> on all of my JeOS servers
<heath|work> I am checking my 8.10 server now
<heath|work> ha... 8.10: drwxr-xr-x  4 root root  4096 2009-07-15 12:39 root
<heath|work> Djannakhan, where do you submit bugs for JeOS: launchpad ?
<garymc> Hi i need help
<garymc> I just installed Ubuntu server on my proliant server and it puts me at a command prompt not at root
<garymc> I also cant get to root
<garymc> I want to install LTSP so thin clients can connect to it and have a gui
<garymc> any help appreciated
<heath|work> garymc, what is your experience with ubuntu servers?
<heath|work> *level
<garymc> none what so ever
<garymc> I just been on the LTSP channel and was told this was the best version of linux to use
<garymc> I got k12linux working on my computer using a boot dvd.
<garymc> Turns out I cant boot from DVD with these servers
<garymc> they only have cd drives
<garymc> :(
<heath|work> garymc, ubuntu does not enable root by default. Best practice is to use sudo
<heath|work> allowing you to have root privileges to run system wide changes
<heath|work> garymc, what version of ubuntu are you using?
<heath|work> lsb_release -a
<garymc> its erm 9.04
<garymc> 9.04
<garymc> I just need to install LTSP so my thin clients can connect etc
<garymc> at the minute ive just got a commandprompt
<heath|work> sudo apt-get update && sudo apt-get install ltsp-client
<heath|work> although I am not sure if there are any other packages you will need
<sgsax> heath|work: glad you found the culprit
<heath|work> lol... yeah
<sgsax> garymc: ubuntu discourages the use of the root account, and encourages you to use sudo instead
 * heath|work already smack his hand
<heath|work> sgsax, are you a maintainer?
<sgsax> luckily, if you don't want to have to type "sudo" for every command, you can get a root sheel by using "sudo -i" or "sudo -s"
<sgsax> heath|work: nope
<sgsax> just a user :)
<heath|work> word
<sgsax> been a debian fan for many years
<sgsax> discovered that ubuntu has nearly resolved all the problems with debian on the desktop
<heath|work> I've been an ubuntu fan for a couple of years. I like every article I read with Mark Shuttleworth, great person
<sgsax> he makes a great "face" for OSS
<Boohbah> how come shuttleworth is never on irc?
<sgsax> something we've been missing, we could use some good PR
<Boohbah> too busy orbiting the earth? :)
<heath|work> lol
<sgsax> linus is brilliant, but he's no spokesmodel :)
<Boohbah> i also learned that south africans pronounce their ccTLD "zed eh"... strange to my north american ears
<heath|work> bbl... have a great day!
<sgsax> lots of euro-english speakers used "zed" for the letter "Z"
<sgsax> seeya heath|work
<sgsax> including Canadians
<Tom_Ass> Zed's dead, baby
<sgsax> don't blame this KS boy :)
<Tom_Ass> In many dialects of English, the letter's name is zed, pronounced /zÉd/, reflecting its derivation from the Greek zeta (see below). In American English, its name is zee /ziË/, deriving from a late 17th-century English dialectal form.
<Tom_Ass> zed is oldskool! :D
<sgsax> Tom_Ass: that's right us Amuricans talk righter then them limeys :)
<pmatulis> sgsax: how do you pronounce "secretary"?
<giovani|work> seck-reh-tary :)
<sgsax> ^^
<uvirtbot`> sgsax: Error: "^" is not a valid command.
<pmatulis> i've heard seck-ruh-tree
<sgsax> that would be UK-style English
 * sgsax really isn't an isolationist and believes Americal English is the most bastardized collection of grammars on the planet
<Tom_Ass> sgsax, what are limeys? French? Canadians?
<sgsax> Tom_Ass: Brits
<Tom_Ass> ah!
<sgsax> so anyway, ubuntu is pretty cool
<Tom_Ass> no, really? =)
<\sh> hmmm...
<\sh> does anyone run ipvs on jaunty?
<\sh> ipvsadm --start-daemon master -> Module is wrong version -> fail
<\sh> bah...that's not ipvsadm...it's *censored* LVSSyncDaemon
<uvirtbot`> New bug: #395055 in nagios3 (main) "Synaptic crashes during Installing software" [Undecided,Incomplete] https://launchpad.net/bugs/395055
<uvirtbot`> New bug: #409414 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: å­è¿ç¨ post-installation script è¿åäºéè¯¯å· 1" [Undecided,New] https://launchpad.net/bugs/409414
<uvirtbot`> New bug: #409423 in openldap (main) "OpenLDAP Can't Set Multiple Ciphers Using TLSCipherSuite" [Undecided,Incomplete] https://launchpad.net/bugs/409423
<addisonj> ah quieter here :D
<Sam-I-Am> as oppose to?
<addisonj> #ubuntu
<Sam-I-Am> ah
<addisonj> heh, yes, actually looking for opinions, going to be do a PHP based web app, trying to decide which version to go with, hardy or jaunty? and major pros or cons?
<Sam-I-Am> if its a server, maybe the LTS release?
<Sam-I-Am> if it needs to stick around a while as-is
<infinity> addisonj: Newer versions won't buy you much, generaly, and hardy has 5 years of server support.
<infinity> addisonj: When it comes to apache/php/postgres/mysql/etc, they move pretty slowly.  Running an "old" version is perfectly fine (not like hardy is that old, but whatever)
<addisonj> alright, and no real benefits to speed from newer kernels then?
<infinity> addisonj: Nothing meaningful.
<addisonj> k, well thank you, ah helpful chat rooms what a breath of fresh air :D
<infinity> addisonj: I run an intrepid kernel on one of my hardy hosts, but that's because of a weird bug in a specific device driver that I'm too lazy to bisect and backport the fix for. :P
<addisonj> yeah, this is going to be a virtual private server, so I hopefully wont have such issues :P
<Max007> Hi
<Max007> I installed ubuntu server 9.04 64 bits. After the server boots I can't logon with tty1. I have to log on tty2 and then I can run "exec "sbin/getty 38400 tty1" and then I can log on to tty1. Can somebody help me ?
<garymc> why when i try to boot with ubuntu 9.04 disk it says GRUB loading please wait error 17?
<giovani|work> garymc: install disk, or a hard drive post-install?
<garymc> install disk
<giovani|work> garymc: grub shouldn't be loading from the install disk
<giovani|work> you sure you're not booting from the hard drive?
<garymc> yes
<giovani|work> if grub is indeed loading from the install disk ... then the disk is likely corrupted
<garymc> i dont think the disk is getting read
<giovani|work> that sounds like it's NOT booting from the CD then
<sgsax> garymc: you check the boot order in the bios?
<giovani|work> if it's not being read
<giovani|work> garymc: how did you burn the cd?
<garymc> im doing another copy at slower speed to test
<abel408> Hello everyone. Whenever I try "modprobe kvm-intel" I get this error: "WARNING: All config files need .conf: /etc/modprobe.d/options, it will be ignored in a future release." and nothing else
<giovani|work> garymc: how did you burn the disk?
<garymc> in iso burner
<garymc> theres an error with the cd
<giovani|work> garymc: did you md5 the iso first?
<garymc> no what is that?
<sgsax> md5 will generate a checksum of the file
<garymc> how do i do that
<sgsax> comapre that to the known good checksum, usually from the same place you got the iso
<sgsax> md5 ubuntu-blah-bah.iso
<giovani|work> garymc: the .iso file itself could've been corrupted during the download, and the cd itself could be corrupted by bad media or a bad burn
<giovani|work> md5sum ubuntu.iso actually
<garymc> yeah im thinking the cd rs im using are crap
<sgsax> sorry, giovani|work is right
<giovani|work> every FTP/HTTP mirror has a md5sums file
<garymc> cos ive downloaded from two diff places and both aint working with these disks
<giovani|work> garymc: there's little harm in checking the md5 of the .iso before burning
<giovani|work> it takes minutes
<giovani|work> and saves you a headache
<garymc> aint burnt a cdr in ages untill today always burn dvd r
<garymc> they work good
<garymc> but my servers only got cd readers
<sgsax> Max007: sounds like your terminal isn't getting set right, I would think that would get run by .bashrc or .profile, or the system-wide copies of those
<sgsax> garymc: I just use cdrecord
<sgsax> even wrote a wrapper script for it
<giovani|work> Max007: cat /etc/event.d/tty1
<garymc> if this slower speed dosnt work im going to buy som new cd-rs
<giovani|work> garymc: you're going to check the .isos md5 first ...
<giovani|work> like I said
<giovani|work> otherwise, you're being foolish
<sgsax> check the md5sum first, make sure it's a good iso
<garymc> dont understand that md5 stuff
<sgsax> dead simple
<giovani|work> garymc: not understanding it isn't a reason to not do it
<sgsax> you run md5sum and it generates a magic number
<giovani|work> run "md5sum ubuntu------.iso from a command line
<sgsax> compare that magic number to the known one
<sgsax> if they don't match, you've got a bum download
<garymc> im doing this on windows does it matter?
<sgsax> shouldn't, but you'll need an md5sum that runs in windows
<giovani|work> garymc: you'll need a piece of software -- like hashtab then
<garymc> well its 7:25 pm here im into unpaid overtime so im gonna go home and get back on it soon
<giovani|work> garymc: and we're unpaid volunteer irc help :)
<garymc> infact i dont get paid
<garymc> im just knackered
<garymc> ive been doing this crap all day to no evail
<garymc> fed up now need rest
<garymc> ill try this next burn if doesnt work ill go home and try this md5checksum thing out
<sgsax> garymc: good luck
<garymc> thanks
<abel408> what does this mean and how can I fix it: "WARNING: All config files need .conf: /etc/modprobe.d/options, it will be ignored in a future release."
<sgsax> abel408: just a warning and safe to ignore
<abel408> ok
<sgsax> if you run lsmod and the module is listed, then it's getting loaded
<cemc> abel408: I guess it wants you to rename options to options.conf ?
<sgsax> that would be simplest
<sgsax> then you'd be future-proof for whenever modutils of the kernel (not sure which) will start requiring this
<sgsax> s/of/or/
<giovani|work> cemc: it's a known bug afaik
<giovani|work> abel408: it's a warning, not an error -- google declares it a bug
<Max007> hi
<sgsax> supposedly a new version of module-init-tools from upstream should have fixed the warning
<sgsax> Max007: did you see my earlier response?
<Max007> i have a problem.. what I boot my server, tty1 won't load.. I have no login prompt on tty1. I can only log on to tty2
<Max007> sgsax: nop
<cemc> I thought it's a warning because they will require it sometime in the future,
<giovani|work> Max007: I responded to you
<cemc> so they're preparing you for it
<giovani|work> Max007: cat /etc/event.d/tty1 please
<giovani|work> cemc: yeah, when that release comes, things will be fixed
<Max007> giovani|work: http://pastebin.com/m645fd38a<
<Max007> giovani|work: http://pastebin.com/m645fd38a
<giovani|work> Max007: pastebin dmesg
<sgsax> Max007: that looks good
<sgsax> looks like mine anyway
<giovani|work> Max007: also what do you mean by "can't login on tty1"?
<giovani|work> when you boot up, all bootup messages should go to tty1 ... so are you seeing those?
<Max007_> giovani|work: did you see my pastebin ?
<sgsax> Max007_: only the first one, nothing for your dmesg output yet
<giovani|work> Max007_: the first one, yes, I asked for a 2nd one
<giovani|work> and asked a question you haven't answered
<Max007_> giovani|work: i'm sorry i'm through a vpn and it keeps crashing
<giovani|work> 14:44 < giovani|work> Max007: pastebin dmesg
<giovani|work> 14:47 < giovani|work> Max007: also what do you mean by "can't login on tty1"?
<giovani|work> 14:47 < giovani|work> when you boot up, all bootup messages should go to tty1 ... so are you seeing those?
<Max007_> yes i see bootup message
<Max007_> but there's no login prompt
<giovani|work> Max007_: then I suspect that nothing is wrong with tty1
<giovani|work> Max007_: press enter a few times -- often messages spill out after the login prompt -- this is how linux works
<Max007_> giovani|work: that's what i thought but it does nothing
<giovani|work> Max007_: I'm 99% sure you're mistaken :)
<giovani|work> try it again
<Max007_> giovani|work: I even try to type my login and password... it does nothing
<giovani|work> wait, you're typing your login and password into what? you said it doesn't prompt you
<Max007_> giovani|work: it doesn't prompt me... i just type it and it appear on the screen
<Max007_> but nothing happen
<giovani|work> Max007_: I think this is user error
<giovani|work> tty1 is clearly functioning
<Max007_> apart from my password is displayed
<giovani|work> press enter a few times
<sgsax> Max007_: are you sure the system is fully booting?
<Max007_> sgsax: yes i'm sure, i can log on tty2 (ctrl+f2)
<Max007_> and i can log with ssh
<giovani|work> Max007_: alright, reboot the server
<Max007_> the server's running squid, which is working weel
<Max007_> well
<sgsax> so tty1 is being taken over by syslog output then
<sgsax> which should go to tty8 or higher
<Max007_> giovani|work: i rebooted it like 20 times
<giovani|work> and run "sudo ps aux | grep tty"
<giovani|work> Max007_: well then once more won't hurt you
<Max007_> giovani|work: aigyht
<giovani|work> sgsax: yeah, I covered that a few minutes ago
<giovani|work> Max007_: don't run getty when you reboot it
<giovani|work> just ssh in, or use tty2
<giovani|work> and run that
<Max007_> http://pastebin.com/m11d39530
<giovani|work> you rebooted the server and it's back up already?
<giovani|work> unlikely
<Max007_> nop i run the command before
<Max007_> i reboot now
<giovani|work> ok, a pastebin of dmesg then
<Max007_> ok
<Max007_> after the reboot
<giovani|work> it's never spawning -- did you edit anything in /etc/event.d?
<Max007_> giovani|work: i tried to edit /etc/event.d/tty1 to make it the same as tty2 but i restored the backup after
<giovani|work> Max007_: they should be the same, why would you have to change it to make it the same?
<Max007_> giovani|work: they are not
<Max007_> giovani|work: there's a little difference.
<sgsax> tty1 is different from tty2 for me
<giovani|work> oh fair enough
<Max007_> and is different on my 5 other servers
<giovani|work> tty1 is used for single-user, obviously
<Max007_> http://pastebin.com/m6d305fa7
<Max007_> tty1 and tty2 from another server
<giovani|work> Max007_: how about dmesg?
<Max007_> http://pastebin.com/m5fbc499f ps aux | grep tty after reboot
<Max007_> giovani|work: http://pastebin.com/m36d8cf36 --> dmesg
<sgsax> Max007_: does /dev/tty1 exist?
<Max007_> sgsax: yep
<sgsax> ls -la /dev/tty1
<sgsax> pls
<Max007_> crw--w---- 1 root tty 4, 1 2009-08-05 15:00 /dev/tty1
<giovani|work> bad permissions
<giovani|work> ls -la /dev/tty2 please
<sgsax> yeah, should be 0600 with root:root as owner
<giovani|work> you've probably poked around with udev.rules
<sgsax> but the device numbers are correct
<Max007_> crw------- 1 root root 4, 2 2009-08-05 15:00 /dev/tty2
<giovani|work> Max007_: tjat
<giovani|work> that's correct
<giovani|work> have you been changing anything in /etc/udev/rules.d/?
<sgsax> you can try fixing them manually now, but if udev is dorking with them, they'll be reset on reboot
<Max007_> giovani|work: nope
<giovani|work> Max007_: pastebin "grep tty /etc/udev/rules.d/*"
<giovani|work> or rather "grep -i tty /etc/udev/rules.d/*"
<Max007_> giovani|work: nothing
<giovani|work> nothing?
<giovani|work> heh
<giovani|work> ls /etc/udev/rules.d/
<sgsax> so try fixing them
<sgsax> chmod 600 /dev/tty1
<sgsax> chown root:root /dev/tty1
<giovani|work> sgsax: no, udev is broken if it doesn't have any files setting tty
<sgsax> then reboot and see if the permissions stick
<sgsax> giovani|work: I don't have anything in udev/rules for tty either
<Max007_> giovani|work: i tried grep -i tty /etc/udev/rules.d/* on another server and there's nothing either
<Max007_> rebooting
<sgsax> I only have cd.rules and net.rules
<giovani|work> sgsax: that's not right --  check /etc/udev/rules.d/60-permissions.rules and 40-basic-permissions.rules
<giovani|work> sgsax: what ubuntu release?
<sgsax> this is 9.04 desktop and not server, but shouldn't be significantly different
<Max007_> i pressed ctrl alt del to reboot... after that login prompt appeared
<sgsax> heh, yeah, because that does init 6
<giovani|work> Max007_: well you seem to have changed /dev/tty's permissions then :) -- or something did
<Max007_> giovani|work: I did not.. it's a newly installed server
<Max007_> giovani|work: i installed it 20 hours ago
<Max007_> weird
<giovani|work> Max007_: well considering you're the only person in #ubuntu-server with this problem
<sgsax> giovani|work: I have permissions.rules and basic-permissions-rules on my 8.04 servers
<giovani|work> sgsax: ok, so they've changed it since 8.10, which is what my server runs
<giovani|work> I don't have a 9.04 box handy
<sgsax> 8.04 has udev 117-8, 9.04 has udev 141-1.2
<Max007_> still no login prompt after reboot
<Max007_> crw--w---- 1 root tty 4, 1 2009-08-05 15:16 /dev/tty1
<Max007_> wb
<StrangeCharm> on a new 9.04s install with openssh and virtual machines option, kvm fails at startup, what could be causing this?
<stefg> StrangeCharm: your cpu doesn't support hardware virtualization...
<stefg> StrangeCharm: egrep '(vmx|svm)' /proc/cpuinfo gives what ?
<StrangeCharm> stefg, i think my cpu supports some features, but certainly not the latest ones, let me check
<Max007_> sgsax, giovani|work : any idea ?
<StrangeCharm> stefg, no result
<stefg> StrangeCharm: https://help.ubuntu.com/community/KVM/Installation
<stefg> StrangeCharm: no kvm on that machine
<StrangeCharm> stefg, so no kvm for me. is there an alternate vm manager that works on machines that don't provide specific virtualisation hardware support?
<stefg> StrangeCharm: your options: virtualbox (best run with gui).... vmware (eeewwwww) .... forget about virtual servers and run everything on plain hardware (ebox)
<StrangeCharm> stefg, i'll take a look at the cli interface for virtualbox, i haven't had time to have a good look at ebox, can it run multiple instances of the same software side-by-side?
<stefg> StrangeCharm: ebox is a preconfigured system for small enterprises... it frees you from worrying about samba, ldap and most other boring stuff, but is quite inflexible
<stefg> so ... no
<giovani|work> ebox, small enterprises? hah
<LiraNuna> dmesg reports a lot of
<LiraNuna> [2946900.131421] TCP: Treason uncloaked! Peer 91.63.188.225:2363/80 shrinks window 4102367244:4102381644. Repaired.
<LiraNuna> should I be concerned?
<LiraNuna> I also have (right before that) stuff like
<LiraNuna> [2864070.437606] Pid: 0, comm: swapper Tainted: GF       2.6.24-24-server #1
<LiraNuna>  
<LiraNuna> this is on a fully updated and patched 8.04 server
<giovani|work> LiraNuna: it depends
<giovani|work> if it's a legitimate connection -- then it could be a network error
<LiraNuna> giovani|work, unlikely, my server doesn't listen at such high ports
<KillMeNow> you're runnign a web server correct?
<giovani|work> if it's not a known legitimate connection, it's probably an indicator of a SYN flood with a tiny TCP window size
<LiraNuna> web/mysql/ftp/sftp
<KillMeNow> syncookies
<KillMeNow> is your kernel installed with syncookies?
<LiraNuna> ubuntu's -server kernel
<giovani|work> LiraNuna: right, so it's a client of your web server, obviously
<LiraNuna> 91.63.188.225:2363/80 on port 2363 ?
<giovani|work> connecting to port 80 ...
<giovani|work> sigh
<KillMeNow> http://ubuntu-tutorials.com/2008/07/04/tcp-treason-uncloaked/
<LiraNuna> oh, I see
<hggdh> no route to host here
<KillMeNow> it's likely a spoof
<KillMeNow> check out that post - see if it helps
<giovani|work> LiraNuna: are all of the lines that same IP?
<giovani|work> or many different IPs?
<LiraNuna> giovani|work, different IPs
<giovani|work> hggdh: route is fine
<LiraNuna> http://pastie.org/573192
<giovani|work> LiraNuna: welcome to a SYN flood ddos
<LiraNuna> so it was a DDoS attack
<giovani|work> of course
<giovani|work> a syn flood
<giovani|work> which is a specific type of ddos
<LiraNuna> how can I prevent it? or is it already prevented
<giovani|work> with window resizing, evidently
<LiraNuna> my server's fine - I'm just worried by logs
<giovani|work> LiraNuna: read the page KillMeNow sent you
<LiraNuna> I am
<giovani|work> and read up on syncookies
<LiraNuna> thank you giovani|work and KillMeNow
<StrangeCharm> si there a standard tutorial for rejiging the filesystem? i need remove /var from a secondary disk (put it back into the main /) and put /home onto another disk
<nick125> StrangeCharm: boot a livecd, mount / to somewhere like /mnt/root and your old /var to somewhere like /mnt/var, mkdir /mnt/root/var, copy /mnt/var to /mnt/root/var, edit fstab, tada.
<StrangeCharm> nick125, why does that need a livecd?
<nick125> StrangeCharm: To prevent problems with files in use and stuff trying to access /var while you're messing with it.
<hggdh> because /var has files that are used by the system. You might succeed if you boot on maintenance mode
<StrangeCharm> hggdh, is that one of the default boot options?
<nick125> That too. PIDs are stored in /var/run, there's /var/log, etc.
<hggdh> it should be, yes (I do not remember the naming). When you boot, on Grub you should have an option for a normal boot and another for a maintenance boot
<nick125> rescue mode or whatnot.
<hggdh> recovery mode, just checked... memory, memory...
<StrangeCharm> when you say 'edit fstab' you mean 'remove the entry referring to /var being on another disk' ?
<nick125> yes
<CopyWriter> ubuntu is working perfectly at the office
<CopyWriter> i'm getting loads of problems installing openldap tho
<CopyWriter> so just migrating the client machines first, it has been a productive day, got 22 desktops done
<CopyWriter> :)
#ubuntu-server 2009-08-06
<addisonj> hmm....  why would i get permission denied from apache when my entire directory is set to 766??
<KillMeNow> where are you getting denied?  what is it saying in the log?
<infinity> addisonj: Surely, you mean 755?
<jmedina> addisonj: what about parent directory?
<infinity> addisonj: 766 gives no execute permission on the directory, so it can't be traversed.
<jmedina> execure permison on a directory?
<jmedina> you misunderstood directory permisons
<addisonj> anyone here famaliar with sugarCRM? well i am trying to install, i am getting an error that none of the config files are writeable
<jmedina> x means access
<KillMeNow> addisonj:  check your file / folder permissions
<infinity> jmedina: ...
<infinity> jmedina: I really don't.
<addisonj> k, so yeah, i would normally want group writeable? then that should work
<infinity> jmedina: You can't traverse a directory without it have +x
<KillMeNow> depends on who owns the file
<infinity> s/have/having/
<addisonj> atm, root, but i tried changing it to my super user and still no go
<addisonj> so... how do i check under what user or group apache is runnnig? could that be the problem?
<KillMeNow> addisonj:  ls -la on the tree
<infinity> addisonj: You want your files 644 (or 444, or whatever), and your directories 755 (or 555, or..)
<infinity> addisonj: Need read on the files, and traverse on the directories.
<KillMeNow> addisonj is trying to install sugarCRM and the installer is trying to write to the config files
<KillMeNow> so infinity is right, dirs need 755 and you may need to temporarilly set 777 to the config files
<KillMeNow> then change them back to 644 afterwards
<infinity> Okay, and if you need to write config files, you need the files 666 (and the directory 777 to be able to create new files)
<infinity> KillMeNow: No point in having executable text files.  666 is enough. :P
<KillMeNow> 6 and one half the other
<KillMeNow> gonna change the perms back after install
<addisonj> so, is there a way to chmod just the directories? or do i have to do all of em?
<infinity> KillMeNow: Yeah, I just prefer to teach people a bit about what permissins mean, I guess.  I see far too many blind "chmod -R 777 foo/" installations out there with no understanding of what it means.
<addisonj> this is interesting, i first installed locally and had no problems whatsoever
<KillMeNow> y7ea, that's why i referred to the config file, not 777 the dir
<KillMeNow> or all files in a tree
<infinity> addisonj: Your fastest route is "chmod -R ugo+rwX /path/to/dir" ... And then when you're done, "chmod -R go-w /path/to/dir"
<addisonj> wait, so only users should be able to write?
<infinity> addisonj: (That's shorthand for "user, group, other, full read, write, and X on directories", and then "group, other, remove write"
<infinity> addisonj: Ultimately, only the file owner should be able to write to it.  And that shouldn't be apache. :P
<infinity> addisonj: But for now, you need apache to write to it.
<addisonj> k, alright, now my other weird error, for some reason, my mysql is not working starting, one sec here is error
<addisonj> mysqladmin: connect to server at 'localhost' failed
<addisonj> error: 'Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)'
<addisonj> Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists!
<addisonj> and... it does not exist
<addisonj> so... how does one fix that?
<KillMeNow> what are you telling it to connect through?
<KillMeNow> localhost 3306?  is mysqld actually running?
<addisonj> no and nor will it start i guess...
<KillMeNow> then you need to over come why that it's not starting
<KillMeNow> check your /var/log/mysql/mysql.log
<KillMeNow> also check /var/log/messages
<addisonj> they all seem to be empty... hmm
<addisonj> any messages has nothing about mysql
<KillMeNow> if you don't have mysql logging turned on in my.ini that would be why they're empty
<KillMeNow> but you should stil lget a message in /var/log/messages
<KillMeNow> or /var/log/syslog
<addisonj> blah, i just did a purge on everything mysql related, still will not start, curious though could it be an iptables problem?
<addisonj> nope thats not it either
<KillMeNow> iptables won't stop an application from starting, but apparmor can
<owh> On a Ubuntu 8.04 live cd I can ping local machines by their name, that is, ubuntu.local and vice-versa. What do I need to do for that to work in ubuntu-server/ubuntu-jeos?
<owh> Hmm, that question is written pretty badly, let me try that again :)
<owh> If I boot from a Live CD, I can ping other machines on the lan using hostname.local, and from those other machines, I can ping the Live CD machine with ubuntu.local. Under Jeos/Server all I get for my trouble is unknown host. What process is making this magically happen?
<giovani> owh: what you're referring to is called zeroconf
<giovani> it's an IEEE working standard
<giovani> ubuntu implements zeroconf with avahi
<owh> Cool, let me do some RTFM on that. Much appreciated giovani.
<giovani> owh: no problem -- it's crap, but it's becoming widely used with Windows Vista+ and OS X
<owh> Hmm. Bonjour style :)
<giovani> style?
<giovani> Bonjour IS zeroconf
<giovani> Apple likes mDNS
<giovani> Microsoft likes SSDP
<giovani> avahi speaks both :)
<owh> Yes. I was making a little joke. Other than making a static list of hostnames is there a better way of managing a bunch of virtual machines?
<owh> I'd rather not run a virtual machine with dnsmasq which would duplicate the DHCP activities of the host.
<giovani> heh
<giovani> well then don't use your host for dhcp/dns
<giovani> however, there are systems for dynamically setting up DNS via DHCP requests from the client
<giovani> as in ... the client can define its own hostname, and DNS will be properly set for it
<giovani> all that does is remove the centralized, more manual DNS setting, and replace it with something decentralized in control
<owh> Yeah, but VMware has been spectacularly unable to understand what I mean if I ask them specifically that.
<giovani> why would you ask VMware that?
<giovani> this isn't a virtualization issue
<giovani> VMware doesn't provide a DNS server from the host afaik
<giovani> maybe a DNS relay
<owh> Because I'm running Fusion and the DHCP server is run by it. It also provides a DNS proxy. I wanted to know how I could link the two.
<giovani> it's a special setup
<giovani> I would never expect a consumer-oriented virtualization product to support it
<giovani> I'm sure Fusion allows you to disable the DHCP
<giovani> and host your own
<owh> Nope, all I can do is not use NAT.
<owh> The innards of Fusion and enterprise based VMware code is the same AFAIK, just the management/gui is different.
<giovani> no, it's not the same
<giovani> at all
<giovani> and this is not an innards issue
<giovani> I can disable the DHCP server on my VMware Workstation product
<owh> How?
<giovani> I'm not familiar with Fusion specifically, but it's a stripped down version of Workstation
<giovani> it's a setting ...
<owh> Fusion is the OSX version of Workstation. It is not a stripped down version.
<giovani> it's a stripped down version, that's consumer-oriented, at a deep discount
<giovani> it's not the same product
<giovani> Workstation is like $400
<giovani> that's not because it runs on Linux and Windows
<owh> That's what I paid for Fusion.
<giovani> VMware Fusion is like $80
<owh> My credit card does not agree with that. We're not talking Fusion 1.x, we're talking 2.x
<owh> Came out earlier this year.
<giovani> VMware Fusion 2.0 (for Mac OS X)
<giovani> Electronic Software Download - Start Using It Instantly $79.99
<giovani> that's a paste from vmware.com
<giovani> there's a 5-pack version for $350
<giovani> (that's 5 individual licenses)
<owh> Hmm.
<owh> Moving right along.
<giovani> heh, so the bottom line is, VMware Fusion is NOT Workstation for the mac
<owh> I hear you.
<giovani> they have a different featureset -- and they're oriented at different markets (hence different levels of customization I'm sure)
<giovani> now, googling has revealed that you have full access to the dhcp.conf
<owh> I do.
<giovani> so I suggest you google vmware fusion dhcp
<giovani> and figure out how to disable it
<owh> I did.
<giovani> or how to configure it to your liking
<owh> I can make a static list of hostnames, but that hardly makes this managable.
<giovani> static hostnames are how most networks function :)
<giovani> networks 100s and thousands of times the size of yours
<owh> I'd have to restart the network every time I create a new guest, which means all other guests lose network connectivity.
<giovani> but you're welcome to configure it a different way
<giovani> right, which is why you can disable the dhcp server in vmware
<giovani> and host your own, inside of the guest network
<owh> Hmm.
<giovani> google "fusion disable dhcp"
<giovani> 1st and 2nd results are EXACTLY what I've been recommending
<giovani> "vmware fusion disable dhcp" actually
<owh> I've just read those. I understand what you mean. I was aiming for a more dynamic implementation using the existing infrastructure. You're indicating that you don't think that's possible and that I need to run my own.
<giovani> I'm suggesting that I don't know anything about VMware's built-in DHCP server ... I presume it's crap, and a minimal implementation
<giovani> dynamic hostname setting client-side with DNS is complex
<giovani> it's definitely not a standard configuration
<giovani> and VMware doesn't even offer a real DNS server, so it's unlikely it's even possible
<owh> The DHCP server is the standard ISC DHCP server.
<giovani> that's scary
<giovani> still, there's no DNS server, afaik
<giovani> which is clearly required to offer DNS :)
<owh> That appears to be the case :) Just a proxy.
<giovani> I'm unclear on why you think having VMware run your DHCP/DNS is better than you running it yourself
<owh> Running it myself means it's virtualised, so it's chewing more cycles than if it was running natively.
<giovani> (I'd recommend, btw, that if you want a full test lab network, that you not use a desktop virtualization solution)
<giovani> haha
<giovani> I think you don't realize how minimal of an impact DHCP and DNS are on a cpu
<owh> I'm glad I can provide entertainment :)
<giovani> I run an authoritative DNS server on the internet with 32MB of ram
<giovani> and that's the entire OS included
<giovani> the DNS server uses a few MB
<giovani> and I'm sure the load hasn't ever reached 0.01
<giovani> you should really not be using Fusion for a lab though :)
<giovani> use a proper vmware server install (free), or kvm, or xen
<ball> I've been tinkering with VirtualBox today
<giovani> heh
<giovani> another desktop product :)
<owh> It's not a lab. I'm running my ubuntu desktop as a virtual machine because I'm fed-up having to deal with hardware incompatibilities every time an update comes past. In addition it allows me to make my machine independent of the actual machine its running on, so I can run it on a different computer altogether if I need to. And finally it means I can test new releases and finally do some work with ubuntu-server and contribute back to
<giovani> owh: why would you need dynamically-updating DNS then?
<giovani> it sounds like you only have one VM :)
<ball> giovani: kvm probably requires AMD-V or VT though.
<owh> Well, it allows me to build a VM in a few minutes without needing to update the DNS somewhere, destroy the machine when I'm done. Rinse and repeat.
<ball> ...so that's not an option for me.
<giovani> ball: yeah, because it's real virtualization :)
 * ball nods
<giovani> owh: why do you need local DNS for one machine?
<ball> I could run it on the production server, but I will want to try it out first.
<owh> giovani: It's not one machine. When I write software for a client, I'll host a development machine for the project. Since I have many clients, there are many such machines. They're not all running at the same time, but having to maintain a list somewhere is asking for trouble.
<ball> Does kvm use a host OS?
<owh> It's not like a standard corporate network where machines don't come and go several times a day.
<owh> ball: Yes.
<giovani> owh: fair enough -- that sounds like a lab to me though
<giovani> not "I want to host a personal ubuntu desktop in a vm"
<ball> owh: would kvm let me connect the guest machines together via a virtual ethernet and also have the host OS see that via something like a virtual interface?
<owh> giovani: It's like a testing lab in some ways. If there was another virtualisation tool I could use under OSX that worked, I'd be prepared to look at that.
<owh> ball: Yes.
<ball> owh: excellent, thanks.
<giovani> owh: virtualbox is another option
<owh> ball: Lemmie find the KVM guide for you. One mo.
<giovani> however, I still fail to see why you can't run a vm that offers the network services you want
<owh> giovani: The last time I looked at that it crashed around my ears every 20 minutes.
<giovani> owh: sorry, what?
<giovani> I don't follow what that means
<owh> giovani: You are beginning to convince me that running my own DHCP/DNS is an option.
<giovani> it's not just AN option -- it's your ONLY option for what you'd like
<owh> giovani: virtualbox has been unstable and unreliable for me. It was running within a Ubuntu host at the time. It did not fill me with confidence.
<giovani> hm
<giovani> virtualbox has been plenty reliable for me
<giovani> but alright
<giovani> I'm moving all of my desktops to os x actually
<giovani> my laptop's wifi card is a problem though
<owh> ball: https://help.ubuntu.com/community/KVM/
<owh> giovani: I did contemplate running Ubuntu natively on this MacBook Pro, but I decided that I would be no better off. This way, Apple takes care of its own hardware and Ubuntu just sees a bog-standard PC.
<ball> owh: thanks
<giovani> heh
<giovani> yeah, I'm not a huge fan of linux desktops
<owh> My over-riding concern was that I was unable to contribute to the ubuntu-server team because I'm on the road all the time. This way I can use my Ubuntu desktop for running my business, setup guests as u-s machines and test and fix u-s bugs/issues. Something which I couldn't do since Gutsy when VMware stopped working under Ubuntu desktop.
 * owh has been running a Linux desktop for nearly a decade.
<owh> Best thing I ever did.
<ball> I've just started seriously using Linux.  I've used NetBSD as my primary desktop OS for the past ten years, commercial unices before that.
<ball> ...it took a while for Linux to reach a point where I could consider putting it in front of people.
<owh> giovani: Thanks to your comments I've just had a quick squiz at avahi-daemon. It installs 11.4Mb of stuff just to make it work. dnsmasq is looking mighty nice :)
<owh> ball: The first desktop I put in front of a client was dapper. They are still my clients and they love me since for the first time in their living memory they have had a machine that just keeps working. I've now done that for several clients and am working my way through migrating several more. Hardware support is still an issue, but from a stability perspective, I don't look at anything else anymore.
<ball> owh: I did a short trial with Hardy, but the users couldn't print, so that effort died fast.
<owh> What issue was it?
<owh> Printing has not seemed to be a high problem where I've done this.
<ball> Sharp MX-3501N was silently discarding PostScript jobs.
<ball> ...couldn't persuade the driver to send PCL6 instead.
<giovani> CUPS is kind of shit :)
<owh> ball: What did linuxprinting.org have to say about it?
<ball> owh: I have no idea.
<ball> Didn't even know that existed.
<owh> giovani: I'll agree that it's temperamental :)
<owh> giovani: It's like sendmail. It's not unfriendly, just choosy on who it becomes friends with :)
<owh> giovani: Thanks for your comments. I'm outta here. 5 hours until I finally go on holiday after 3 years :)
<ball> Does kvm only work with Linux guests?
<twb> kvm provides hardware emulation, not paravirtualization.
<twb> It should be able to run arbitrary guest OSes
<twb> However, it would not be difficult for an OS to deliberately refuse to work with kvm, by e.g. checking the model ID reported by the CPU.  I think OS X does such things, for example.
<twb> Oh, and the intel C compiler
<ball> twb: I suppose I'll just have to try it.
<twb> ball: did you have a particular OS in mind?
<ball> twb: Solaris sprang to mind
<ball> twb: ideally NetBSD too, but I'm not optimistic about that working.
<twb> Doesn't NetBSD run on everything?
<ball> It does run on many things, but not on everything.
<ball> Can't boot it in VirtualBox or on certain Macintosh systems
<ball> (very old Macs)
<twb> Of course you can't boot kvm inside virtualbox.  KVM requires hardware virtualization support (VT-x).
<twb> Oh, you meant netbsd.
<samd> i'm connecting my server wirelessly using dhcp, but when for some reason, the connection is lost, the server wont auto-reconnect back up. is there anyway to tell dhclient to auto-reconnect on connection loss?
<twb> dhclient isn't reponsible for reconnecting.  Probably wpa_supplicant or NetworkManager is.
<samd> umm, on ubuntu server what would be?
<giovani> uh, possibly neither
<samd> there is no network manager as far as i know
<giovani> does your network use encryption?
<samd> nope
<samd> oo wait
<twb> samd: pastebin your /etc/network/interfaces
<samd> it does
<samd> wep
<giovani> ok, stop using wep
<giovani> it's useless
<samd> ight, ill probably just hide the network and use mac filter
<twb> samd: you can sniff and spoof mac adresses trivially.
<giovani> samd: no
<giovani> samd: use proper encryption
<twb> samd: if you care about security you should use WPA2 and/or a VPN tunnel.
<giovani> i.e. at the minimum, WPA2-PSK
<samd> giovani: ight
<giovani> at ideally WPA2-TKIP
<giovani> and*
<giovani> or AES, your choice
<twb> giovani: erm, isn't TKIP orthogonal to PSK?
<giovani> twb: yes, my mistake
<giovani> WPA2-EAP is more like it
<samd> http://paste.ubuntu.com/248369/
<giovani> samd: yeah ...
<giovani> I don't know if there's a solution for this
<twb> samd: yeah, you wanna use wpa-supplicant and/or NM
<giovani> the wireless card handles reconnection typically
<giovani> so dhcp has to be issued by an app watching the status carefully
<twb> giovani: here, running just wpa-supplicant, there's a wpa daemon that re-ifups.
<samd> giovani: twb , does NM runs w/o x server?
<giovani> twb: well it must be watching the wireless interface
<giovani> samd: no clue, I don't touch that nasty stuff
<twb> NM is a headless daemon.
<twb> Unfortunately the utter dickheads that maintain it only provide GUI (no CLI) interfaces to it.
<giovani> because it's scary code
<twb> "Because you can just write raw dbus XML to it," they told me.
<samd> umm , ill probably end up connecting it via cable
<giovani> it's obnoxious at managing interfaces
<twb> I would never ever use NM myself
<samd> twb: what would u use?
<samd> twb: none? what about wicd?
<twb> samd: I use plain wpa_supplicant myself
<samd> twb: i see
<samd> twb:  let me change encryptioni to wap now
<twb> auto wlan0 \n iface wlan0 inet manual \n wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf \n wpa-roam-default-iface wlan0-default \n iface wlan0-default inet dhcp
<twb> So then "wlan0" comes up, which just starts the wpa roam daemon.  It gets a hard-coded list of APs from wpa_supplicant.conf, and when the iwconfig status changes, it runs "ifup wlan0-default"
<twb> (which triggers a dhclient)
<samd> i see
<samd> interesting
<twb> The only downside for me is that I need to sudoedit that file to add/remove APs.
<samd> twb: yeah, cuz they'r hard coded
<samd> twb: no problem if its a desktop
<twb> I think you can also use wpa-cli to add/remove them
<samd> so ur under what os?
<samd> which*
<twb> Technically this is on Debian, but I'm confident it's applicable to Ubuntu
<samd> yeah, i bet it is, after removing network manager, as it comes in default ubuntu desktop install
<LiraNuna> what's the "deafault" (i.e well supported) imap/pop3 server on ubuntu?
<LiraNuna> should I go for dovecot or courier
<samd> is having a xorg in a server a unessesary security risk?
<tonyyarusso> I would say yes, but that depends on your definitions of "necessary" and "risk".  Most people advise against it anyway.
<tonyyarusso> LiraNuna: dovecot is default
<LiraNuna> I can't get dovecot working with postfixadmin :(
<twb> X on a server is a YAGNI issue
<samd> tonyyarusso: what about if it's not running,, (running it just when i actually need it)
<LiraNuna> samd, I did the same as you describe, but then I ended up using the command line and then purging ~500 packages
<twb> And if you *do* need X to administer a server, that's probably indicative of larger problems
<tonyyarusso> samd: less so anyway
<samd> twb: tonyyarusso LiraNuna , i was thinking on installing xserver to use wicd ( a network manager) to reconnect in case of a connection lost
<twb> samd: what's wrong with just using wpa_supp?
<LiraNuna> samd, I never had trouble with ifupdown
<LiraNuna> or is it strictly wireles
<LiraNuna> wireless does not a good server make
<samd> twb: ohh, i didnt understood i could use wpa_supp for that. LiraNuna i know, ill work on wiring, but ill have to wait for at least 1 month with wireless
<samd> LiraNuna: whats  ifupdown? does it runs auto?
<LiraNuna> samd, I don't know how it goes for wireless netwroking
<samd> ill prolly go for wpa_supp as twb suggested, ,,,
<jamesrfla> If I had a server with apache2 on it then create a VM and install apache2 on it and configure virtual hosts for a few domains. Is this posible?
<mattt> jamesrfla: don't understand your question :/
<jamesrfla> Okay let me see if I can explain it differently
<jamesrfla> I install Ubuntu server  with apache2 hosting domain.domain.com then on that same server I make a VM and install Apache2 on it and configure virtual hosts to host domain2.domain.com and domain3.domain.com
<jamesrfla> I basically want to do a very VPS hosting for a few of my friends
<mattt> jamesrfla: i see, sounds fine
<mattt> jamesrfla: you can install apache2 on the host (dom0) and apache2 on the virtual machines (domUs) also
<jamesrfla> Will there be any conflicts. The VPS will run on a different internal IP than the other server not in a VM. I only have one dynamic world ip
<mattt> jamesrfla: should be fine provided that everything has different IPs or you use port forwarding
<jamesrfla> Different external Ip's or different internal Ip's. Also can I run all of then on port 80?
<mattt> jamesrfla: internal is fine, provided that you intend on accessing them from the internal network :)
<jamesrfla> I am just worried that after typing in a web address that it would go to the other VM and say this site isn't here
<jamesrfla> Hmm. I kind of wanted them to be accessed by the web.
<mattt> jamesrfla: how, if you're using internal IPs?
<mattt> jamesrfla: how about ....
<jamesrfla> Well internal then use port forwarding....Maybe I am missing something here
<mattt> jamesrfla: ok, port forwarding is fine if you don't mind using http://domain2.domain.com:8802 (or equivalent), http://domain3.domain.com:8803, etc.
<mattt> jamesrfla: or, you could use a reverse proxy on the dom0 and send the traffic to the domUs that way ... don't know what complications that may uncover tho
<jamesrfla> So what I want to do won't really work. I would have to have all the web hosting on the one server.
<mattt> jamesrfla: no, it will work ... but if you have all sites pointing to the same IP, obviously you need a way to then get the traffic to the appropriate virtual machine
<jamesrfla> Okay I see. So how can I point it to the right virtual machine?
<mattt> jamesrfla: reverse proxy, port forwarding, etc. :)
<mattt> jamesrfla: maybe there are more obvious ways, but i don't know
<jamesrfla> Maybe if I post something on the UF and see if they have any ideas on the matter.
<mattt> yeah, the more input you can get the better!
<mattt> the reverse proxy way would work nicely
<jmarsden> jamesrfla: It sounds like you are new to web hosting, so you should probably start out with a single copy of Apache and do all the hosting one one machine.  Once you are comfortable doing that you can explore the idea of migrating some of those virtual hosts into separate VMs via a reverse proxy.  Start small and simple and get it working, then add complexity as your knowledge and experience grows.
<mattt> jmarsden: hmm, wise words.
<jamesrfla> Well I have been hosting a site on apache2 server for about 2 years. I am just new to this virtual hosts and VM's
<mattt> jamesrfla: why do you need individual VMs?
<jamesrfla> Bingo!!!!
<jamesrfla> I just got a good idead
<jamesrfla> *idea
<mattt> jamesrfla: ?
<jamesrfla> Setup a VPS and have it so all my friends can access it. Do all my web hosting just in that VM...
<jamesrfla> *VM
<artillerytx> what is a php library
<jmarsden> jamesrfla: What is the benefit of using a VM for this?
<jmarsden> artillerytx: A bunch of PHp someone else wrote that you can use.
<jamesrfla> hmm. I need a min to think this out for a sec.
<artillerytx> jmarsden: oh well how do i install cURL
<jamesrfla> jmarsden: then I can host all the web sites on that and virtual hosts. Then I wouldn't have to mess with thisreverse proxy.
<jmarsden> jamesrfla: You can just host multiple sites on the main machine OS, no need for a VM.  Keep it simple.
<jmarsden> artillerytx: Same way you install anything else on Ubuntu.  sudo apt-get install PACKAGENAME .  In this case   sudo apt-get install php5-curl
<jamesrfla> yeah I can. Hmm. I guess it depends who is going to use it. Give me a min to think this out.
<artillerytx> jmarsden: okay
<mattt> jamesrfla: i can see from a security stand point why using a VM would be beneficial
<jamesrfla> Yeah I just want to keep my stuff personal and there stuff in a VM
<jamesrfla> Kind of how Linode does there stuff
<jmarsden> jamesrfla: You do not know as much as the Linode admins do :)  And if "your stuff" includes a web site, you'll need a reverse proxy to separate your web site (on the physical host) from the others (in the VM)...
 * jmarsden thinks it may be better to just help your friends each set up their own Ubuntu machines at their own homes.
<jamesrfla> yeah true. Well this project is still in planing
<jamesrfla> well the linodes also get there own world ip
<jmarsden> If your friends just need web hosting (no shell access), you can probably do fine setting up everyone on the main physical machine OS and locking it down carefully so they can only destroy their own stuff...
<jamesrfla> yeah that is another option. Or when they want there web page updated they can e-mail me the new page and I can do it for them.
<jamesrfla> Just as long as they don't want there web page changed every min :)
<jmarsden> well, that would get old pretty fast when they each email you 500 photos and 200 videos from their cellphones...
<jmarsden> You could set up a CMS for each of their sites to avoid that...
<jmarsden> Sounds like you are not really sure what you are trying to do here :)
<jamesrfla> lol. I hope not. I don't think I will have many people interested in this. If they want more than just web hosting I can set them up with a VPS and SSH
<jmarsden> 5 people x a few hundred photos from a weekend trip = *way* too many emails...
<jamesrfla> Well still in planing. I don't think many people would want it anyway. They all seem to hate Linux
<jamesrfla> Well thanks for your help jmarsden and mattt I think I am just going to just have them e-mail me if they want there site changed. That is if they want a site or I could make a little space for them like domain.domain.com/friend/
<jmarsden> No problem.
<twb> There's one reason to host different sites in VMs: if they all require very specific, conflicting versions of PHP and/or MySQL.
<jamesrfla> I guess I got a little too excited wit VMware ESXi and VMware Server....
<twb> Of course, the Right Thing then is to not run PHP apps :-)
<jamesrfla> twb: Well the main reason was security. But I could also make there account very limited and somehow give them my SSH key so they can actually get in
<twb> jamesrfla: or, you know, use THEIR ssh key
<jamesrfla> use their SSH key?
<twb> Giving someone else your ssh key would be dumb
<jamesrfla> oh. Make a secound key for them you mean
<twb> If they want to access a VPS on your server, THEY give you THEIR public key, and you tell the VPS to let that key in.
<jamesrfla> I guess I could do that. Setup a account for them that is limited to only rebooting apache2 and adding/remove files to there web site directory
<jamesrfla> Well thanks again.
<twb> They shouldn't even need apachectl permissions... just give them an account in vsftpd
<jamesrfla> okay so they can use vsftpd
<jamesrfla> to upload there web page but don't you still have to stop and start apache?
<jamesrfla> Well GTG to bed
<artillerytx> how do you copy a directory again
<artillerytx> is it cp -R /dir /dir2
<dayo> is there anyway to allow root ssh login from lan, but block it from the internet?
<dayo> artillerytx: cp -r source destination
<twb> dayo: AllowedUsers
<twb> dayo: sorry, "AllowUsers root@192.168.1.0/24" or similar
<twb> As a matter of course, you should restrict sshd to a whitelist of trusted users/origin tuples.
<dayo> twb: where do i put AllowedUsers?
<twb> dayo: /etc/ssh/sshd_config
<dayo> twb: what about whitelisting? does that affect only internet ssh or lan, too?
<twb> dayo: sshd cannot see the difference between your "LAN" and "the internet"
<twb> dayo: it CAN distinguish the IPs of the hosts connecting to it.
<dayo> twb: what i want is non-roots to be able to ssh in from anywhere, but root should only be allowed to ssh from LAN
<twb> dayo: so to allow root access from and only from your local LAN, you would tell it to accept connections for root from your LAN's IP range, which is typically a private use range such as 192.168.0.0/16.
<twb> dayo: then you need to whitelist the non-root accounts, also.
<twb> Or explicitly blacklist root@X for all IP addresses X that are not in your LAN IP range, but I don't recommend that because you will screw it up.
<dayo> twb: i just checked and i have only 3 non-root users. will this work: AllowUsers adam betty chris root@192.168.1.0/24 ?
<twb> dayo: yes.
<dayo> twb: great. thanks :-)
<twb> foo is the same as foo@*
<dayo> i see
<twb> What I typically do is work out where users are likely to ssh from, and restrict connections to only those IPs.
<twb> So you might have adam@adam.co.uk and adam@adam.info instead of just adam
<twb> This just means that some other schmuck is providing the "first line of defense"
<twb> If they need to get access from an e.g. internet cafe, then you can whitelist some generic ssh server like freeshell.org, though typically people I know already can get into somewhere like alioth.debian.org or users.sourceforge.net
<dayo> it boils down to just a single IP on my LAN that needs ssh, thankfully.
<dayo> twb: thanks for all your help :-)
<twb> No problem.
<stefan__3> hello
<make> Apache default installation of orders generally able to use the test to the number of ab
<RoyK> wtf. oprofile is in ubuntu, ok, but no vmlinux, effenctively rendering oprofile quite useless for kernel stuff
<make> /lib/xtables/libipt_layer7.so those documents need to install software?
<_ruben> make: not sure what your native language is, but your english isnt making much sense (to me)
<quizme> how can i give access to /etc/init.d/apache2 restart to the group called 'dev' ?
<uvirtbot`> New bug: #409775 in php5 (main) "Problem building Karmic PHP" [Undecided,New] https://launchpad.net/bugs/409775
<_ruben> quizme: 'man sudoers'
<rags> I get a "rndc-confgen not found" error while installing bind9 using aptitude...and there is no other way I can install rndc separatly...
<andol> rags: Shouldn't bind9utils do, if you just need rndc?
<andol> rags: That said, it might still be good to know why bind9 isn't letting itself be installed.
<rags> andol: the postinst is giving errors that rndc-confgen is not found..shouldnt the dependencies get resolved automaticall..
<rags> it shows bind9utils  to be already installed...I'll try reinstalling it..
<Boohbah> i replaced /usr/sbin/apache2 with a patched version and then removed it, then 'apt-get remove apache2' then 'apt-get install apache2' but /usr/sbin/apache2 is still missing. how can i get apt-get to install the original binary?
<soren> /usr/sbin/apache2 is in the mpm package, not the apache2 package.
<soren> Boohbah: ^
<soren> Like, say, apache2-mpm-worker or whatever you're using.
<Boohbah> soren: i was also missing /usr/sbin/apache2ctl from apache2.2-common, think i fixed it, thanks :)
<VSpike> Got a question about dnsmasq. Is it possible to configure it so that the hosting server uses dnsmasq's dns resolver?
<VSpike> Looks like the normal setup is that /etc/resolv.conf contains the nameservers the server uses, and dnsmasq then picks those up and uses those as upstream servers
<VSpike> So other machines on the network will get dnsmasq's resolver via dhcp, but the server will not
<soren> VSpike: Sure.
<soren> VSpike: Just tell dnsmasq to use a different resolv.conf using -r.
<Steve[mbp]> Morning everyone!
<andol> Steve[mbp]: Good afternoon!
<Steve[mbp]> :-p
<Steve[mbp]> always morning somewhere ;)
<sgsax> still morning here
<Sam-I-Am> yes, same here
<Sam-I-Am> yawn...
<Chocobo> can anyone explain what the --reboot option for dhcpcd does?
<Sam-I-Am> hmm, i didnt even know that was a valid option
<Chocobo> Yeah, the man page is very cryptic:  -y, --reboot seconds  -  Allow reboot seconds before moving to the discover phase if we have an old lease to use.  The default is 10 seconds.  A setting if 0 seconds causes dhcpcd to skip the reboot phase and go straight into discover.
<Chocobo> maybe because I don't know what the "reboot phase" is
<jmarsden> Chocobo: Read the RFC at http://www.faqs.org/rfcs/rfc2131.html for the details on how DHCP works, if you really need to know.
<VSpike> soren: and then set the server's resolv.conf to point to 127.0.0.1?
<soren> VSpike: Yes.
<giovani> VSpike: sure, or you can use -R to have dnsmaaq not read resolv.conf, and then set the upstream dns in the config file
<giovani> -S is used to define upstream dns on the command line
<VSpike> giovani: looks like it can all be done in the config file if required
<giovani> VSpike: I just said that
<albdum> hello there. How can i make a folder in apache accesible only with login? (something about httpd.conf)
<firecrotch> albdum: http://www.sitedeveloper.ws/tutorials/htaccess.htm
<Sam-I-Am>  .htaccess
<albdum> should i create a file with that name in the directory ?
<giovani> albdum: you should read about how it works
<albdum> i read the manual at the site of apache but don't understand much. :(
<giovani> albdum: well, then you need to either hire someone to do it for you, or try harder to understand
<giovani> it's a reasonably basic topic -- I wouldn't advise running your own apache server without understanding these basics
<firecrotch> albdum: The apache manual is horrible if you're not already familiar with apache. Google "htaccess tutorial" and you'll get a much better explanation
<albdum> thnx m8
<albdum> i have access to apache maybe i don't need .htaccess and setup something at general config of apache ?
<firecrotch> albdum: anything that can be configured via .htaccess can also be configured in your apache2.conf or the specific config file for your virtual host
<albdum> ok thnx
<RoyK> omg
<RoyK> http://www.bing.com/search?q=Why+is+Windows+so+expensive%3F&go=&form=QBLH&filt=all
<mushroomblue> that link is awesome.
<albdum> still having problem i save a .htaccess file at the /var/www/thefolder and the .htpasswd file at /etc/apache but when i enter localhost/thefolder doesn't ask for any login (note: .htaccess and .htpasswd aren't listed when dir)
<KillMeNow> there is a wiki for how to setup htaccess and apache
<KillMeNow> https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles
<albdum> thnhx
<StrangeCharm> how do i create a multidisk device to use as a raid5 array. mdadm seems to want a md device specified: all i have now is a few disks
<KillMeNow> software or hardware raid?
<StrangeCharm> KillMeNow, software
<KillMeNow> http://ubuntuforums.org/showthread.php?t=408461
<nick125> KillMeNow: Have you already partitioned the drives with a RAID partition?
<nick125> er, StrangeCharm
<nick125> (It's too early in the morning for thinking)
<KillMeNow> LOL
<StrangeCharm> nick125, no, the drives currently contain random data
<nick125> StrangeCharm: Well, if you can, use (c)fdisk and repartition the drives...just note that when you repartition a drive, you typically lose the data on it (not technically, but bleh). Once you do that, mdadm --create /dev/mdX --level=5 --raid-devices=N /dev/sdXn /dev/sdYn /dev/sdZn
<nick125> In a RAID 5, you need at least 3 drives.
<StrangeCharm> okay, so mdadm can't format them on its own?
<nick125> It won't partition them.
<StrangeCharm> is it possible to use something like the 'graphical' utility on the installer, to make this process easier?
<nick125> StrangeCharm: cfdisk is relatively "graphical," I guess
<nick125> But I don't know of a real "graphical" way to do it outside of the installer
<StrangeCharm> nick125, i mean, as cli apps go. i just recall that the installer made partitioning 'easy'. does the server/alt installer use cfdisk?
<giovani> StrangeCharm: we don't support graphical interfaces in #ubuntu-server
<nick125> No, it doesn't. Not as the frontend, at least.
<StrangeCharm> giovani, there's graphical and there's graphical. i'm talking of the latter.
<giovani> StrangeCharm: ...
<nick125> giovani: He means like a ncurses graphical and an X11 graphical, and he wants something ncurses graphical :P
<StrangeCharm> giovani, that was intended as humour. nick125 has me right on.
<giovani> cfdisk is curses-based
<giovani> he said he wanted something graphical, not cfdisk
<giovani> so I'm confused
<jmedina> use EVMS with its curses frontend
<jmedina> evms for all your storage needs
<jmedina> raid, lvm, native partitions, resize bla bla bla bla
<giovani> so does cfdisk "_
<StrangeCharm> jmedina, very nice. how do i start evms with curses?
<nick125> I thought EVMS was dead.
<jmedina> StrangeCharm: reading official documentation
<StrangeCharm> indeed
<giovani> nick125: it is afaik
<giovani> evms isn't supported by ubuntu
<giovani> jmedina: let's not recommend unsupported solutions, when perfectly adaquate, supported solutions exist, and are widely used
<jmedina> I prefer to spend 1 hour learning mdadm and mkfs instead of spending hours looking for a graphical tool
<nick125> an hour? It takes an hour? ;)
<jmedina> it depends on your background
<jmedina> of course I already read the old software raid howto with raidtab
<StrangeCharm> so, i want to be using parted here?
<giovani> StrangeCharm: you want to use cfdisk
<Sam-I-Am> jmedina: currently backporting the karmic openldap 2.4.17 packages to hardy... yum.
<jmedina> Sam-I-Am: what is wrong with your packages?
<StrangeCharm> giovani, cfdisk doesn't show the disks in which i am interested
<jmedina> jajajaja
<jmedina> man cfdisk
<giovani> StrangeCharm: what types of disks are they?
<Sam-I-Am> jmedina: nothing... just ubuntu merged the 'official' 2.4.17 packages from debian... before i was building 2.4.16/17 manually.
<jmedina> probably he just run cfdisk without giving a device as argument
<StrangeCharm> giovani, sdc-f
<Sam-I-Am> jmedina: when 2.4.18 comes out i'll start building those
<StrangeCharm> at least, fdisk -l says so
<giovani> StrangeCharm: that's not a type of disk
<giovani> that's the name of the disk
<StrangeCharm> they're sata hard disks on a pci controler
<giovani> then cfdisk will work just fine
<jmedina> Sam-I-Am: good
<jmedina> I havent had the time to play with your packages, I have been most of time out of office with customers :S
<StrangeCharm> giovani, perhaps i'm missing something then, because they are not in the list after i start cfdisk
<giovani> anything fdisk sees, cfdisk does as well -- they're the same backend code -- just different interface
<jmedina> no time to chat and test :)
<giovani> StrangeCharm: you must be missing something then
<Sam-I-Am> jmedina: it happens.
<Sam-I-Am> jmedina: actually have quite a bit of stuff backported to hardy these days
<infinity> StrangeCharm: cfdisk /dev/sdc
<infinity> StrangeCharm: It only operates on one disk at a time, it doesn't offer a list.
<StrangeCharm> infinity, thanks, i worked it out in the end :)
<StrangeCharm> infinity, though, now it's complaining that the partition ends past the end of one of the disks. can i override this and just make a new table?
<infinity> for i in sdc sdd sde sdf; do dd if=/dev/zero of=/dev/$i bs=512 count=10; done
<infinity> There, no more partition tables. :)
<jmedina> why count 10?
<jmedina> I thought it is only in the first 512
<infinity> Because I can never remember which block(s) modern tables are on. :P
<jmedina> well really doesnt matters
<infinity> Nope. :)
<nick125> I usually wipe the first 1MB of the disk :p
<infinity> But yes, the first 512 should be enough.
<nick125> yeah, 512B is enough to wipe the MBR and partition table. Thanks, Wikipedia!
<StrangeCharm> once i create a multi disk device with mdadm, will it always be there, or do i have to do something to make it exist every time i want it?
<infinity> StrangeCharm: It will live on forever.
<jmedina> they need to be assambled at boot time
<infinity> StrangeCharm: If you're using an initramfs, though (which most people are), running "update-initramfs -u" might be a wise idea after your array's created.
<jmedina> rc script take care of it, and as inifinty says, updating initramfs
<infinity> StrangeCharm: (update-initramfs will make sure your current mdadm.conf lands in there, so the array can be reconstructed in early boot... if you don't actually need it until userspace kicks in, it doesn't matter)
<StrangeCharm> infinity, jmedina, okay, so this disk will now be available from early boot, yes?
<infinity> StrangeCharm: If you update your initramfs, should be, yes.
<StrangeCharm> indeed
<infinity> StrangeCharm: (if not, it becomes available later in the boot, when userspace filesystems (/usr, /home, etc) are normally mounted... Ish.
<StrangeCharm> that should be well soon enough for me
<ewook> my god. bacula is a pita to setup.
<KillMeNow> oh yea? i never used it, was thinking about it
<KillMeNow> what makes it a royal PITA?
<uvirtbot`> New bug: #409988 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/409988
<ewook> KillMeNow: the default-conf-files is somewhat off (more likely I just don't get it). Database-creation also failed etc.
<KillMeNow> so now that you've over come the PITA factor, how do you like it?
<ewook> that's the thing - I haven't :P
<ewook> first time I put it up it was piece of cake. now... gheh.
<ewook> but overall I do like bacula.
 * jmedina uses bacula a lot, using dvds, hard diskc, tapesl, autochargers as media storage
<jmedina> it rules
<KillMeNow> does it only work with 'Nix distro's or does it integrate with Winblows?
<ewook> there's windows capable clients also
<jmedina> I backup windows servers, linux desktops and servers, and freebsd
<StrangeCharm> what filesystem should i use for a 900gb partition, expecting to have files between <small> and about 5gb (with a good number of the larger files), where files get lots of small ~128kb edits at a pretty high rate?
<mushroomblue> ext4 or xfs
<mushroomblue> IIRC, xfs was really really good for a bunch of small files
<StrangeCharm> mushroomblue, is ext4 reliable?
<nick125> StrangeCharm: depends on who you ask.
<mushroomblue> I've been using ext4 for a few months without any issues at all.
<mushroomblue> YMMV
<nick125> I'm using it on all of my desktops, but I haven't had the courage to use it on my servers yet.
<mushroomblue> I have it on my fileserver.
<mushroomblue> ext4 on 7 spanned lvm volumes
<mushroomblue> works wonderfully.
<StrangeCharm> i'd rather not risk variable milage, mushroomblue, nick125. is xfs good for large files with incremental wites, or should ext4 or reiser actually have better performance for this scenario?
<StrangeCharm> also, does xfs journal data or just metadata?
<nick125> You better have a good UPS if you use XFS. XFS does NOT like power cuts, since it does a lot of write caching.
<mushroomblue> yeah.
<mushroomblue> xfs journals data
<StrangeCharm> well, that's a problem. would i expect that to be less of an issue with reiser and ext?
<mushroomblue> ext3 is pretty bulletproof
<nick125> ext is a bit less.....volatile.
<mushroomblue> reiser isn't being actively maintained
<mushroomblue> what, with the main developer in jail and all.
<StrangeCharm> i suppose i'll go for ext3 then
<nick125> yeah, it's a relatively safe choice.
<mushroomblue> especially if your server isn't UPS'd
<mushroomblue> you should probably fix that.
 * sgsax has been using xfs for user homedirs for almost a year now
<sgsax> about 4TB of space allocated in various partitions
<StrangeCharm> mushroomblue, that would be out of budget
<mushroomblue> StrangeCharm: your IT dept has weird budgets.
<mushroomblue> I made sure power consumption and redundancy was near the top of the list
<StrangeCharm> mushroomblue, it's not a big department, and availibility is not a high priority for this application
<StrangeCharm> confidentiality and integrity are the focus
<KillMeNow> i've read a bit about ext4, all i can say is that it's still really experimental (from reading)
<StrangeCharm> KillMeNow, good thing i picked ext3 then :)
<KillMeNow> ext3 is still my favorite
<KillMeNow> yep
<KillMeNow> sorry, at work and multitasking
<StrangeCharm> KillMeNow, to be expected
<milko> hi!
<KillMeNow> hi
<milko> I'm installing ubuntu server 8.04
<milko> I need a server for django and python
<milko> with mysql...
<milko> I don't install defaults packages (openssh, lamp, mail server, etc...), because I though do it manually
<milko> but, now I do "apt-get install apache2"
<milko> and the package is not found
<milko> (sorry for my English, this isn't good)
<milko> my question is, if I can modify /etc/apt-get/source.list how I do it in ubuntu desktop... and in this case, what urls I must put for apache2?
<milko> anybody?
<KillMeNow> usually by default the source.list is populated
<KillMeNow> open it up and check to see if it's set right, if it's not google for the settings
<KillMeNow> caue i don't remember them off the top of my head
<mushroomblue> do you just need default URL's for sources.list?
<mushroomblue> your /etc/apt/sources.list is blank?
<KillMeNow> http://ubuntuforums.org/showthread.php?t=783577
<KillMeNow> that's the forum post for default sources.list
<milko> mushroomblue, oooh... I don't "apt-get update"
<milko> sorry!
<milko> KillMeNow, mushroomblue, thx!
<mushroomblue> lol
<Deevz> I just installed Userver and chose to configure the network later, how can I do it now that it is installed?
<nick125> Deevz: /etc/network/interfaces
<Deevz> I need to edit that with vi?
<nick125> yeah
<sgsax> Deevz: yes, or your other favorite editor
<nick125> or whichever editor suits your fancy
<sgsax> Deevz: it's well-documented, but your file should look something like this: http://pastebin.com/m6c79460e
<Deevz> ahh
<sgsax> be sure to substitute your own info
<Deevz> I always get caught
<Deevz> I launch the program before knowing how to use it, now I dont know how to get out to read the vi man
<Deevz> lol
<Deevz> thx sgsax
<nick125> Deevz: hit escape then :q!
<nick125> then type "sudo aptitude install nano" and use that.
<sgsax>  :q! quits without saving
<sgsax> heh
<nick125> err. Wait, you can't install anything without network. Eek :p
<sgsax> pretty sure nano is installed by default
<nick125> sgsax: I don't think so..
<sgsax> if you've already installed ubuntu-server, I think it is
<Deevz> I confirm, it is
<nick125> Ah. That's good to know.
<Deevz> nano aint more clear tho
<nick125> Deevz: It has prompts on the bottom on how to use it :)
<sgsax> Deevz: all the commands are displayed at the bottom
<Deevz> the navigation commands all have the "^" character at the bottom
<sgsax> the ^ means use the CTRL key
<Deevz> ohh
<Deevz> thx
<sgsax> np, I like answering the easy questions :)
<Deevz> ah, I got permission denied
<Deevz> I have to use sudo I guess
<nick125> yeah
<nick125> sudo nano -w /etc/network/interfaces
<Deevz> -w?
<Deevz> Disables wrapping of long lines...
<nick125> It tells nano to not use word-wrapping
<nick125> yeah
<Deevz> what does that mean
<nick125> Well, I think the default nano config disables word-wrapping...but, word wrapping is when it gets to the end of a line, it adds a line break and goes to the next line.
<ruben231> hi anyone have idea on DRBL
<Deevz> ahh
<Deevz> I pinged my own computer and it doesnt stop
<Deevz> how do I stop the ping command? :O
<LiraNuna> ctrl+c
<Deevz> thx, that works
<Deevz> ctrl+c seems to be pretty common command
<LiraNuna> it sends a SIGINT
<LiraNuna> Deevz, http://en.wikipedia.org/wiki/SIGINT_(POSIX)
<android6011> if I install ubuntu server, then mythtv-backend, will it install everything I need for tv tuner support?
<LiraNuna> how do I set up forced SMTP auth?
<Deevz> thats a pretty heavy read, LiraNuna, and the word "linux" or "unix" aint even in there
<nick125> It's not Linux or Unix. It's POSIX.
<LiraNuna> Deevz, heavy read? it's just a few lines
<LiraNuna> "SIGINT is sent when the user on the process' controlling terminal presses the interrupt the running process key â typically Control-C"
<Deevz> lol
<LiraNuna> oh, Deevz are you using Xchat?
<Deevz> thats not what I have here
<Deevz> I am
<Deevz> oh thats it
<LiraNuna> xchat does not handle () in links correctly
<LiraNuna> http://en.wikipedia.org/wiki/SIGINT_(POSIX)
<Deevz> I dont have the complet link
<LiraNuna> it took you to Signals intelligence
<nick125> haha, that would explain it.
<LiraNuna> I need to submit a patch to xchat, it gets on my nerves as well
<sgsax> Deevz: once you hvae edited your interfaces file, you probably need to "ifdown eth0" "ifup eth0"
<sgsax> to restart the interface with the new settings
<nick125> Tomorrow should be fun. I get to setup an OpenLDAP/Samba PDC! Go me.
<KillMeNow> good luck
<Deevz> sgsax: I just restarted my comp, does it do the same thing?
<sgsax> or "/etc/init.d/networking restart"
<Deevz> I guess it should
<sgsax> well, that's the "hard" way, but should be sufficient :)
<LiraNuna> anyone have any idea why postfix allows anonymous smtp relay even though it's configured as noanonymous?
<nick125> KillMeNow: I think I'm going to need it. When I had this system setup on Gentoo, it took me 5 hours to get Samba and OpenLDAP and the Winblows boxes working happily.
 * sgsax just got LDAP+krb5 auth against an AD box working again
<sgsax> that was not fun, I'm guess it'll be nearly as fun setting up openLDAP
<nick125> I'm hoping that this will be a little more sane, using a little bit saner distro.
<sgsax> gentoo is fine if you like to bleed
<nick125> sgsax: exactly.
<sgsax> I'm moving away from it in my shop
<LiraNuna> "dependency problem!" "oh shi-" "$ emerge world"
<LiraNuna> *10 hour compile*
<nick125> I only have one Gentoo box left here, and that's getting migrated when I get a chance.
<Deevz> awesome, im connected to the net now
<nick125> Deevz: congrats
<sgsax> the internets, they are waiting for you
<Deevz> next step is to install openssh :O
<LiraNuna> sudo apt-get install openssh-serer
<LiraNuna> +v
<Deevz> +v?
<Deevz> oh, your mistake
<LiraNuna> would you prefer a regex? s/serer/server/
<lamont> LiraNuna: because it's misconfigured
<LiraNuna> lamont, would you be kind enough to help me? I'm struggling for days
<LiraNuna> I checked everything, triple
<lamont> give me the contents of main.cf to start with
<Deevz> hmm, I read that the openssh-server package is not available
<lamont> paste.ubuntu.com?
<lamont> or where ever
<LiraNuna> lamont, http://pastie.org/private/iioikzxpm2khiafbgccg
<LiraNuna> was pasted from nano, hence the $ at the end of the line
<lamont> LiraNuna: anything that authenticates to sasl will be allowed, but we kind of expect taht.
<lamont> having said that, I don't play with sasl as much as I probably should. :(
<Deevz> How can I verify if I have openssh already installed?
<LiraNuna> Deevz, ssh localhost
<lamont> throw some -v s on the end of the smtpd line in master.cf and reload postfix, that should get you started somewhere
<lamont> Deevz: dpkg -l openssh-server
<LiraNuna> lamont, where will the output go?
<lamont> LiraNuna: on that note, I'm going to be afk for the next few hours...
<lamont>  /var/log/mail.log
<lamont> lots and lots of it if you use enough -v s
<LiraNuna> as I thouht
<lamont> wietse saw no reason to reimplement logging
<Deevz> Ahh, I found my problem
<Deevz> Kind folks suggested I update my apt-get list
<sgsax> Deevz: then be sure to apt-get update
<Deevz> yes, I did, and was able to install openssh server just fine
<sgsax> and if openssh is already installed, you need to "/etc/init.d/ssh start" and "update-rc.d ssh defaults" to make sure it loads at boot
<Deevz> thx
<Deevz> my ssh client is kinda dumb
<nick125> What client?
<Deevz> I sent a restart command and it gives me a fatal error because the connection got interrupted...
<Deevz> putty
<mushroomblue> s/ssh client/OS/
<Bookman> Does anyone have a jabber server installed that would be able to assist me in getting mine to run?
<Deevz> its for windows
<nick125> mushroomblue: Thank you for making that reference with me having to :)
<nick125> Deevz: Exactly.
<mushroomblue> :)
<Deevz> meh
<Deevz> I could use my eee pc I guess
<Deevz> it has ubuntu on it
<nick125> Why not put Ubuntu on your normal PC and be happy? :)
<Deevz> I have it already
<Deevz> dual boot
<mushroomblue> my work box started off WinXP & putty, and has switched to Ubuntu with WinXP virtualized
<mushroomblue> makes life much easier
<Deevz> but I dont want to throw coins away to purchase a good virtualization solution
<nick125> Deevz: Virtualbox.
<mushroomblue> Virtualbox is fine.
<mushroomblue> and free.
<Deevz> I have that
<Deevz> I'm a gamer tho
<Deevz> I like my warcraft games once in a while :)
<mushroomblue> latest Virtualbox does DirectX9, at least
<Deevz> oh, didnt know that
<mushroomblue> just grab the deb from virtualbox.org
<Deevz> I guess I could start booting off ubuntu more often
<nick125> You should. Using a toy OS just doesn't make much sense.
<mushroomblue> I'm just fond of being able to pause and minimise WindowsXP
<Deevz> toy os?
<nick125> I have a lot of hatrid for Windows, unfortunately.
<mushroomblue> most of us have to deal with at least Active Directory PDC's on a daily basis.
<nick125> mushroomblue: How many keyboards have you thrown dealing with that?
<Deevz> I do wish windows wouldn't be so widespread
<mushroomblue> none, actually.
<mushroomblue> likewise-open is my friend.
<mushroomblue> and a server license for likewise enterprise is cheap.
<mushroomblue> so if I have to use windows, I can at least use it to push down sane GPO's for the rest of the network.
<nick125> Can you even do GPOs with Samba?
<mushroomblue> sure.
<nick125> If I could do a GPO with my Samba PDC, it'd make my life so much easier.
<mushroomblue> look into likewise
<mushroomblue> http://www.likewise.com/
<nick125> Otherway around. My Windows machines are authenticating to a Samba PDC.
<mushroomblue> ah. that's way easier.
<mushroomblue> you need Samba4 tho.
<nick125> Darnit.
<Deevz> if I'm not in the same subnet, how can I connect to my server?
<nick125> Well, how much different is samba4? Is it stable?
<mushroomblue> it's a little less stable, but I haven't had any problems.
<Deevz> I mean, right now, im in a LAN, so its easy, but if I'm not in a LAN, how do I do it? What will be its ip since I have a router?
<nick125> mushroomblue: How hard is it to create the policies?
<mushroomblue> nick125: not as easy as in Windows.
<mushroomblue> but learnable in an afternoon.
<nick125> Ah, okay.
 * nick125 should investigate Samba4
<nick125> mushroomblue: Do you recommend the Ubuntu samba4 package?
<Bookman> Does anyone have a jabber server installed that would be able to assist me in getting mine to run?
<mushroomblue> nick125: it's what I'm using.
<jpds> Deevz: You'd have to NAT the server's IP from the router.
<mushroomblue> Deevz: you have to make a bridge from your subnet to the subnet you're connecting to
<mushroomblue> if they're physically-connected, it's just ethernet bridging.
<mushroomblue> if you're not on the same physical network, then you'll need to set up VPN or something.
<nick125> mushroomblue: Is there a decent tutorial on how to get Samba4 to work with OpenLDAP, etc?
<mushroomblue> sadly, no.
<mushroomblue> though it isn't much different than getting openldap and samba3
<mushroomblue> just read the docs
<nick125> Hmm...all of these "tutorials" use some provision script. Hmm.
<Deevz> I'll give a look at that, thx
<nick125> Going around with a USB drive with the group policy just...isn't fun.
<sgsax> unless you're a masochist
<nick125> sgsax: of course
<nick125> w00t. Requests per second:    0.97 [#/sec] (mean)
<nick125> Go Wordpress, go!
<nick125> There. A little bit better. Requests per second:    160.15 [#/sec] (mean)
<Bookman> Ok, jabber is a no go.....is there any other easy to setup IM server out there for ubuntu?
<nick125> Not really. Jabber is going to be your best bet, but it's a PITA to setup.
<Bookman> Yeah, I've given up completely
<nick125> especially if you're going to do a MySQL-backed Jabber server, it's a REAL PITA.
<Bookman> So I take it IM serving is just something that should not be done except by server pros then.
<sgsax> well, it *shouldn't* be hard, but...
<Bookman> Yeah, that was the impression I got.
<sgsax> when there are so many options, seems like insourcing it is making extra work
<Bookman> "If you don't know how to do it, don't bother" kind of attitude seems to be the case.
<sgsax> unless you have a "no outside IM" policy
<sgsax> jabber is one of those projects that I never really understood the need for
<Bookman> I tried connecting to services like jabber.org, but they have connection problems every afternoon, bar none.
<sgsax> what about setting up an irc server instead?
<Bookman> irc would be just fine....
<nick125> sgsax: The biggest advantage of Jabber is that you can communicate with users on other Jabber servers.
<sgsax> distributed server kindof thing?
<sgsax> that would be nifty, but again: why bother?
<Bookman> I just want to host a chat system for a small group of users that I have control over.
<nick125> sgsax: What if we went back to where interserver communication was unheard of for email? ;-)
<sgsax> no, I was still stuck on "why bother with yet another IM protocol?"
<nick125> Probably because all but a few IM protocols are closed-source and propietary.
<Bookman> sgsax: is there an easy to setup irc server?
<sgsax> Bookman: haven't done one in a while, but it was easy when I was a newb :)
<nick125> Yeah, IRC servers aren't that hard to setup, especially if you aren't peering them or using services.
<sgsax> I see at least 5 that are available from apt
<Bookman> I see clients
<Bookman> No servers
<Bookman> In synaptic
<sgsax> apt-cache search irc|grep -i server
<nick125> Bookman: search for ircd
<nick125> AFAIR, ratbox was pretty lightweight
<nick125> and not that difficult to configure
<nick125> I definitely wouldn't recommend something like unreal
<Bookman> I'll give ratbox a shot.
<sgsax> howto for dancer: https://help.ubuntu.com/community/Dancer-IRCD
<nick125> I'm not sure I'd use dancer, especially considering that it's likely not developed anymore.
<milko> Hotmail filter the emails sent with postfix?
<Bookman> can't seem to find documentation for ratbox
<milko> (sorry for my english
<milko> do Hotmail filter the emails sent with postfix?
<nick125> milko: If they filter mail, it's not usually by MTA but rather by network/IP.
<KillMeNow> yep....  they may check your reverse inaddr.arpa pointer
<Deevz> how can dyndns.com offer their service for free? have they found a way to slip adds somewhere?
<hggdh> they reroute bad addresses to their ads
<hggdh> no
<hggdh> sorry, I confused dyndns with a DNS server service. DynDNS gets money by selling add-on services to the DNS entry you get
#ubuntu-server 2009-08-07
<uvirtbot`> New bug: #300205 in krb5 (main) "LTSP + LDAP + Kerberos" [Undecided,Invalid] https://launchpad.net/bugs/300205
<qman__> if you serve a website, dyndns adds popups
<qman__> or at least did, last I used them
<qman__> which is why I switched to afraid.org
<roxy> Hi there, I am printing from clients using Samba and cups server but I just can print the first page and I dont got any error, somebody know what could happen?
<giovani> roxy: what does printing have to do with ubuntu server?
<roxy> cups configuration in ubuntu server
<giovani> uh, ok -- then I don't know why the content of the print was relevant
<giovani> how did you send the print job?
<roxy> i installed the samba print in the clients and then when i try to print from the clients or even from my print server just print the first page
<LiraNuna> how to configure postfix for mandatory smtp auth from mysql server (postfixadmin)
<KillMeNow> well, do you want to use system user accounts or you running a SQL backend?
<KillMeNow> i personally run the SQL backend
<KillMeNow> therefore no user accounts are on the local system
<LiraNuna> KillMeNow, I got postfixadmin, postfix, dovecot and roundcube working all great, but smtp is anonymous
<KillMeNow> ok, i have no idea what postfixadmin is
<LiraNuna> http://postfixadmin.sourceforge.net/
<KillMeNow> ahh
<LiraNuna> I use it for now until I write my own web management system
<KillMeNow> i do my admin work via command line
<KillMeNow> but anyways, lemme dig up the how to  for smtp auth
<LiraNuna> oh thank you
<LiraNuna> I was googling for 2 days now
<LiraNuna> everything I tried fails
<KillMeNow> add these lines to your /etc/postfix/main.cf
<KillMeNow> smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes
<KillMeNow> er
<KillMeNow> put a break after each of those lines
<LiraNuna> k, that's it?
<KillMeNow> pretty sure, checking a couple things
<LiraNuna> afaik that won't forge auth
<LiraNuna> force*
<LiraNuna> broken_sasl_auth_clients = yes // this is just compatibiity for MS exchange
<KillMeNow> yes, i have MS Exchange
<KillMeNow> ahha
<KillMeNow> here, check this link out
<KillMeNow> remember, my config is all about the sql goodness
<KillMeNow> https://help.ubuntu.com/8.10/serverguide/C/postfix.html
<LiraNuna> will that be good for 8.04 as well?
<LiraNuna> oh it uses dovecot for auth
<KillMeNow> smtpd_recipient_restrictions = permit_sasl_authenticated
<KillMeNow> course there are more lines to that for like permit_mynetworks
<uvirtbot`> New bug: #410109 in postfix (main) "package postfix-pcre None [modified: /var/lib/dpkg/info/postfix-pcre.list] failed to install/upgrade: dependency problems - leaving unconfigured" [Undecided,New] https://launchpad.net/bugs/410109
<KillMeNow> smtpd_recipient_restrictions =         permit_mynetworks,         permit_sasl_authenticated,         reject_unauth_destination,         reject_unauth_pipelining,         reject_non_fqdn_recipient,         reject_unknown_recipient_domain,         reject_rbl_client sbl.spamhaus.org
<KillMeNow> kinda ugly on the paste job
<KillMeNow> last line is permit
<LiraNuna> Aug  6 17:26:57 train postfix/smtpd[25505]: warning: SASL: Connect to private/auth-client failed: No such file or directory
<KillMeNow> but yea, the link i sent you should work with postfix on 8.04
<KillMeNow> yea, it's using SASL
<KillMeNow> you'll need to create a TLS Cert file and Key file
<KillMeNow> Postfix supports SMTP-AUTH as defined in RFC2554. It is based on SASL. However it is still necessary to set up SASL authentication before you can use SMTP-AUTH.
<KillMeNow> anyways, i hope that helps
<roxy> i got the error i needed to put in samba file : cups options = raw
<sherl0ck> hi, is it possible to install hardy LTS 64bit from usb? I keep gettin failed to mount cdrom after i boot it!
<sherl0ck> *hardy LTS 64bit server
<twb> sherl0ck: it's even possible to install Ubuntu Server from the disk you're installing to.
<twb> The most obvious question is: what install image did you put on the USB mass storage device?
<twb> You need a different ramdisk for USB (effectively, hard disk) installs than the one on the CDROM install media.
<sherl0ck> i used the iso from ubuntu.org
<sherl0ck> and usb-creator
<sherl0ck> what should i use? link?
<sherl0ck> i used this http://ubuntu-releases.wallawalla.edu/8.04/ubuntu-8.04.3-server-amd64.iso
<sherl0ck> twb, any idea where to point me for help/guide?
<sherl0ck> i've tired some, but they also end with 'failed to mount cdrom in the installer'
<twb> One moment.
<twb> ftp://mirror.internode.on.net/pub/ubuntu/ubuntu/dists/hardy/main/installer-amd64/current/images/
<twb> I think you want to just dd the hd-media/boot.img.gz onto /dev/sdz, where sdz is your USB key.
<twb> Optionally, you can then put the .iso simply as a file on the key -- by default, it'll simply download all packages off the network.
<sherl0ck> great
<sherl0ck> i try
<sherl0ck> thanks!
<twb> I don't know about the Ubuntu install guide, but the Debian install guide should describe HD-based installs in great detail.
<twb> (Ubuntu Server uses debian-installer (d-i) instead of ubiquity.)
<twb> Also note that mirror.internode.on.net is just my local mirror -- the same stuff should exist on archive.ubuntu.com
<twb> Oh, and apparently the Hardy boot.img.gz is (brokenly) 800MB in size, so you will need a USB key at least that large.  IIRC that's fixed in more recent releases.
<sherl0ck> ok question, what makes ubuntu server different from a base install - is it just the kernel? or what other packages are installed?
<Deevz> most obvious dif is that there is no gui
<Deevz> you get to choose which packages to install to not bloat your installation
<twb> He's gone
<Deevz> oh
<Deevz> ive got a problem here, I just installed a client is supposed to update my ip for my dyndns account, but it gives them my internal ip
<Deevz> any idea why?
<albdum> maybe there is a chance someone here have setup a hotspot to give me some help ?
<albdum> just asking :)
<twb> Deevz: it's using the wrong interface to get the IP address
<twb> albdum: what is a "hotspot"?
<Deevz> twb: its using the same interface im using to connect to the internet
<Deevz> but its returning my internal ip
<twb> Deevz: is your Ubuntu server running behind a NAT?
<Deevz> a router
<Deevz> not sure what a NAT is
<twb> OK, here is what I think is happening.
<twb> You have ONE internet-visible address for your entire network.
<twb> This address is address of the internet-facing interface on your router.
<twb> Your router provide a private IP range to your LAN, and uses NAT (masquerading) to make your entire network appear to be just that one internet-visible address.
<twb> Your Ubuntu server is just some box plugged in behind the router, using a private IP assigned by the router.
<twb> Deevz: does that sound right?
<Deevz> yes, thats what I understand from the way my network works, but using proper terms
<twb> Deevz: OK, then the problem is that your Ubuntu server cannot easily determine what IP address the router is using.
<Deevz> ok
<twb> Deevz: you should either make Ubuntu your router, or put the dyndns script on your existing router.
<Deevz> make ubuntu my router?
<twb> It is probably also possible to reprogram the dyndns script to work out what IP your router is using, but I don't know how to do that.
<Deevz> well
<twb> Deevz: right.  Routers are just servers configured to route.
<Deevz> it says I can config it to get my ip from a command
<Deevz> so a command that outputs my external ip would do it
<twb> Deevz: OK, so now you just need to work out what command to use.
<twb> I don't know how to do that, unfortunately.
<Deevz> ok
<Deevz> thx
<ipsemet> ï»¿hello all i'm running vmware server 2.0 on Ubuntu Server 8.04.3 recently when trying to execute vmware-vim-cmd vmsvc/getallvms this error is returned: Failed to login: FileIO error: Permission denied for file  : /var/run/vmware-hostd-ticket/52910983-7a16-f1a1-be86-cdd79c0a917d Failed to login: vim.fault.InvalidLogin i've executed this command with this same user before and it has worked
<twb> ipsemet: I don't think vmware is supported.
<ipsemet> this began occuring around the time of the upgrade to the 2.6.24-24-server kernel
<ipsemet> well its not in the canonical supported apps
<twb> ipsemet: you can also try #vmware.
<ipsemet> ok
<twb> ipsemet: incidentally, KVM is the recommended virtualization solution for Ubuntu
<ipsemet> i know
<ipsemet> KVM is also slower than vmware on this hardware
<DerKlempner> evening, all.  i have an old P3 700Mhz computer with 512MB of RAM, and i was wondering if this rig will be enough to run Ubuntu Server edition for SSH, Apache, an FTP daemon, and a 40GB-sized Samba share?
<twb> DerKlempner: depends on the load.
<ipsemet> yes
<ipsemet> and i agree with twb
<ipsemet> a yes with a depends
<twb> DerKlempner: I'd probably try it, and if it had trouble double/triple it's RAM
<DerKlempner> small load, just my home network consisting of three networked computers
<ipsemet> def
<ipsemet> i've done a small business (3 users) with less
<ipsemet> without the FTP though
<twb> Yes, Pentium IIIs are excellent in such a role, because they have relatively low power requirements and heat emissions
<DerKlempner> the web server will act just as a storage site for people to connect and download small files (less than 10MB each)
<twb> I'd be more inclined to use SFTP than a apache for "I just wanna drop some files here"
<twb> Same for SFTP over FTP :-)
<DerKlempner> only caveat is that i won't be able to increase the RAM if necessary...
<ipsemet> i doubt you will have a problem
<ipsemet> esp with just a home network
<DerKlempner> and i thought about dropping Apache, but i don't want to make logins for the random user who asks me for a file, when i can just say, "sure, here's my web site, download it from <here>..."
<ipsemet> try nanoweb server
<ipsemet> very nice and very small
<twb> DerKlempner: right, so I would make the http part read-only, and use sftp for uploads
<twb> I do that from my OpenWRT box.
<DerKlempner> only *i* will be doing the uploading
<twb> twb.ath.cx runs on 32MB of RAM and a 16MB root filesystem :-)
<DerKlempner> heh, i hope that's not supposed to be a web site
<twb> And a 260MHz MIPS processor
<twb> DerKlempner: sure it's a web "site".  It just doesn't provide directory listings, so you gotta be told (by me) what's there
<DerKlempner> ah, i see...  does a minimal install of US include SSH reloaded?
<twb> You mean preloaded?
<DerKlempner> er, preloaded?
<DerKlempner> lol yeah
<twb> I don't think so, but installing stuff is trivial.
<twb> SSH specifically is a checkbox during install
<ball> I like Ubuntu Server
<DerKlempner> ok, good...  it's a headless box, so the only time i want to hook up the necessary peripherals is when i do the install
<twb> (Note that twb.ath.cx doesn't run Ubuntu; it's embedded and Ubuntu wouldn't fit.)
<DerKlempner> well, i guess i'm going to grab an ISo and get cracking as soon as i finish ioff the file transfers from the NTFS partitions currently on the drives
<DerKlempner> thanks for the info!
<twb> DerKlempner: you realize that Ubuntu can read from and write to NTFS partitions?
<DerKlempner> yes, but i grow weary of slow data transfer rates and the annoying limitations on the shares when i mount them on this computer
<twb> Fair enough
<DerKlempner> i spent my morning learning how to set up NFS shares and enabling them on my other two computers, and i'm wanting to get rid of the WinXP install currently on this P3 file server and go completely with NFS
<twb> All network filesystems suck.
<twb> NFS (prior to NFSv4) particularly sucks at access control.
<DerKlempner> i use the P3 as just a storage medium and to serve the web site.  i'm adding the FTP daemon because, without a GUI, i won't have VNC to fall back onto any more
<twb> DerKlempner: I don't see how an FTP daemon will replace a GUI
<DerKlempner> file transfer via VNC is decent, but i know FTP fairly well, especially ProFTPd
<twb> File transfer *via VNC*?  That doesn't make any sense.
<DerKlempner> because i don't use an FTP server on it now, and if i have to transfer a file to the computer i used VNC file transfer
<DerKlempner> yeah, UltraVNC has a file transfer module, works decently
<twb> You should be using SFTP or scp for uploading files.  FTP is a horrible protocol and, apart from vsftpd, all FTPd implementations have abysmal security records.
<ball> I would hate that.
<ball> sftp ftw
<twb> Plus if you're using ssh (and you should) for remote administration, SFTP is basically free.
<twb> (Though it's called SFTP, it is really nothing like FTP in design.)
<DerKlempner> i'll use *some* sort of FTP daemon, i'll worry about choosing the right one when the time comes to install it.  for now, i'm concerned with getting the ISO and doing the install, configuring a static IP, etc.
<ball> Right now I'm tunneling VNC through ssh, so that's handy sometimes too.
<twb> VNC is such a lowest-common-denominator protocol...
<ball> twb: agreed, but at least it's open source and cross platform.
<twb> If you've got X on both ends, it'd be far superior to use it
<ball> twb: I find X a lot slower
<ball> ...and less easy to move around.
<twb> ball: that'll be because you're using a toolkit like GTK, which assumes you're not using remote X.
<ball> X is faster over a LAN, but VNC works better for me over the Internet
<twb> Or worse, OO and xulrunner
<DerKlempner> i don't always have X, unfortunately.  i spend a lot of time helping relatives, teaching them how to use their Windows computers.
<twb> GTK1 or XAW are adequately fast that you can run them over ISDN lines with no problem.
<ball> ...plus over the LAN X can do video :-)
<ball> ...supposedly 3D too, though I have yet to try that.
<twb> ball: erm, you must have AIGLX working.  Bravo, but don't expect that to work everywhere
 * ball nods
<ball> I use VNC to let me remotely control some Windows workstations that I have to look after.
<DerKlempner> should i stick with the 8.04 LTS, or just go for 9.04?
<twb> DerKlempner: for windows, enable RDP.  It's a higher-level protocol than VNC, and should be faster (at least, than lossless VNC)
<ball> ...I could use RDP instead, if I knew how to configure that on a Windows box
<twb> ball: it's in My Computer > Properties > Advanced > some tab I forget the name of
<twb> ball: billed as "remote administration" or something
<ball> twb: Last time I did it there were a few different places it needed to be enabled
<twb> ball: I think you also need to add the appropriate user to a group
<ball> ...the users have to be individually enabled too
 * ball nods
<ball> that's it.
<DerKlempner> no, i mean to access *my* computers from their homes.  if i started installing various SSH-tunneling software to access my computers, they'd all have fits.
<twb> That's a GOOD thing
<twb> DerKlempner: putty runs without installation
<twb> DerKlempner: it's a single .exe
<ball> PuTTY ftw
<twb> putty is why Windows is better than OS X
<ball> it's British too.
 * ball waves a flag
<DerKlempner> i'll have to look at PuTTY again, i guess.
<ball> twb: At least MacOS X ships with an X server
<twb> ball: a fucked-up X server
<twb> With putty I can maximize it and it's just like I'm sitting in front of a tty
<DerKlempner> anyay,8.04 LTS or 9.04?
<twb> DerKlempner: do you want stability or functionality?
<DerKlempner> *anyway
<DerKlempner> lol, both?
<twb> For a three-user setup, it doesn't much matter if you go with 9.04
<twb> If something breaks, you get only three people pissed at you
<DerKlempner> that's what i thought
<ball> twb: for the short while I used it, it sufficed.
<twb> LTS is more for when, if it breaks, you get thousands of people in three continents pissed at you, and they have pet lawyers
<DerKlempner> lol, i only get one person pissed at me: me.
<DerKlempner> my home setup uses three systems: one for work (main desktop), one for media, and the file server.
<ball> I need a bigger KVM
<ball> ...or more monitors
<DerKlempner> nobody to upset, if something goes wrong, except myself
<ball> ...or something.
<Deevz> If I forward port 80 to my server, will it prevent me from browsing the net?
<Deevz> using the http protocol I mean, since 80 is http
<ball> Deevz: no, it won't
<ball> I do that here.
<Deevz> ok thx
<ball> You're forwarding *inbound* connections
<ball> ...to your Web server
<Deevz> thats what I understood
<Deevz> but I dont know which port the web servers out there use to answer my http requests
<ball> http://potch.endoftheinternet.org/
<ball> Deevz: you don't have to
<DerKlempner> twb: do you use NFS for network shares?
<DerKlempner> or ball?
<Deevz> I see you use dyndns, ball
<ball> Deevz: aye
<Deevz> which update client do you use?
<ball> DerKlempner: No, sorry.
<ball> Deevz: I don't.
<ball> There's supposedly one built into my router, but it doesn't work
<ball> I try to remember once a day to check that my IP address hasn't changed
 * ball shrugs
<Deevz> youve got static ip
<ball> I thought it was working, but apparently not.
<ball> Deevz: Me?  No.
<ball> ...just a long lease
<Deevz> oh
<Deevz> ddclient will update your ip for you
<twb> DerKlempner: I use NFSv3, but I'm not happy about it
<ball> Deevz: how will it know?
<Deevz> know what?
<ball> My IP address
<twb> DerKlempner: for example, it breaks Firefox 3
<Deevz> ball: you dont need to know, the client retrives the ip for you and updates it with dyndns.com
<ball> Deevz: retrieves it by checking against a server somewhere?
<DerKlempner> twb: do you see a speed increase when transferring large files via NFS as compared to SMBFS/CIFS?
<Deevz> there are many ways to configure the retrieval
<Deevz> default is to check with the network interface
<ball> Deevz: the network interface does not have my WAN IP address.
<twb> DerKlempner: I don't know.
<Deevz> didnt work with me tho, because Im behind a router and my network interface only knows my NAT ip
<Deevz> but I just found a fix on the net
<DerKlempner> twb: i'm hoping i do.  i max out around 6MB/sec with Samba.  that's awful, even for a 100Mbit network
<Deevz> you can set the retrieval field to 'web' and the web service to 'dyndns'
<Deevz> they will find your ip for you
<Deevz> http://www.denyerec.co.uk/posts/247
<ball> Hmm... might give that a try at some point then.
<twb> DerKlempner: then I guess you gotta rice that shit up
<DerKlempner> lol
<Deevz> ball: its called ddclient, its already in the apt-get list
<DerKlempner> burning the ISO now!
<DerKlempner> ...or not...
<DerKlempner> downloaded the desktop version on accident...
<Deevz> lmao
<ball> Deevz: I wonder why the one in the router's not working
<Deevz> ball: I dont know about that
<DerKlempner> thank goodness Comcast's bandwidth doesn't suck where i live...
<ball> I'll watch it for a while, to see what happens.
<Deevz> ball: good luck with that, must go to sleep
<ball> I'm about at that point too.
<ball> can't pull another all-nighter tonight
<Deevz> lol
<Deevz> thats what I did twice this week
<Deevz> and I slept 13 hours last night
<Deevz> anyhow
<Deevz> good night
<ball> Goodnight
<artillerytx> Hey guys i am running drupal on my server i have one install working perfectly and just installed another and im getting an HTTP request status error any ideas?
<aw> I am trying to follow these instructions:  http://doc.ubuntu.com/ubuntu/serverguide/C/jeos-and-vmbuilder.html -- but am getting an error:  --libvirt: not found  -- but I know libvirt is installed (via Package Manager).   Do I need qemu installed?
<aw> Or do I need to rename something:  --libvirt qemu:///system   (I don't truly understand what this does).
<artillerytx> Hey guys i have 2 installs of drupal on my server right now one is working correctly the other is getting a HTTP Request status: Fails
<artillerytx> bueller? bueller?
<aw> Two drupals on the same port or ip?  Only one is going to work...
<artillerytx> i have virtual servers set up
<artillerytx> virtual hosts
<artillerytx> i should be able to run more than 1 drupal install on virtual hosts right ?
<artillerytx> correct me if im wrong
<aw> Assuming that the configurations are truly separate, yes I think so.  Are you sure the two instances aren't pointing to the same config files, databases, ports or ips?
<artillerytx> i have separate .conf files for each host and the other domain is using the public ip
<artillerytx> i mean they are all using my dns servers
<artillerytx> aw here are my two .conf files - http://ubuntu.pastebin.com/m71fe9854
<artillerytx> aw i mean .hosts files
<artillerytx> aw sorry
<aw> Which is working and which is failing/
<aw> ?
<artillerytx> longhornpcrepair.com is working
<artillerytx> wwmcd.org is not
<nick125> What's the issue?
<artillerytx> i have one install of drupal on my server working perfectly howerver... my other drupal installs correctly than i get to the status/reports on the site and it gives me a -http://ubuntu.pastebin.com/m1bac6304
<aw> From where you are testing, if you ping both you get the same IP:  75.43.20.78
<artillerytx> im on the same network as the server
<nick125> aw: It's not an issue getting to the site, it's a Drupal error
<artillerytx> nick125 why is it one works but the other doesn't
<nick125> artillerytx: That's the weird part.
<artillerytx> nick125: they are the exact same version
<artillerytx> aw yes i get the same ip for both domains
<nick125> artillerytx: Can your server resolve the domains to an IP and ping that IP?
<nick125> Apparently, Drupal tries to connect to itself via the DNS name
<artillerytx> um.. not sure
<nick125> artillerytx: on the server, ping wwmcd.org
<artillerytx> sorry I'm a newb to this right now
<artillerytx> nick125: yeah i get 75.43.20.78
<nick125> artillerytx: Can you ping that IP from the server?
<artillerytx> yes
<nick125> Hmm.
<artillerytx> is there an error log i could get more a specific error
<nick125> Check the Drupal log, perhaps.
<nick125> I don't think the Apache logs would have much in them regarding the Drupal error
<artillerytx> nick125: haha weird ... in the details it says attempted to fetch information on availble updates and for the hostname it gives me a local ip
<artillerytx> maybe thats the problem
<nick125> check your /etc/hosts
<artillerytx> on my server?
<nick125> Might be worth a shot.
<aw> Have you read this?  http://drupal.org/node/222454
<artillerytx> yes
<artillerytx> so i need to add my public ip to the hosts file
<artillerytx> 75.43.20.78 - wwmcd.org
<nick125> Basically, Drupal tries to connect to itself..so you need to be sure that Drupal can connect to itself and get the home page.
<artillerytx> or i mean the server sorry
<artillerytx> okay i added the updates.drupal.org ip and what not
<artillerytx> I think thats what im supposed to do
<nick125> You shouldn't need to add updates.drupal.org
<artillerytx> oh what am i adding to the hosts file
<nick125> http://api.drupal.org/api/function/system_requirements/6 < that calls system_check_http_request and if that function call fails, it puts the error you're getting into the Drupal logs.
<nick125> I'm not sure why one Drupal would work and the other wouldn't.
<artillerytx> me either
<nick125> artillerytx: pastebin your /etc/hosts
<artillerytx> k
<artillerytx> http://ubuntu.pastebin.com/m236de454
<artillerytx> the name of the pc is longhornpc
<artillerytx> back sorry about that
<artillerytx> did you get my messages
<nick125> I got the paste
<artillerytx> k cool
<artillerytx> i heard if you comment out the ::1 localhost line it works
<nick125> Might want to try that
<artillerytx> nope didn't work
<nick125> If you do wget http://wwmcd.org on the server, does it download the HTML for the home page?
<artillerytx> its connecting to it
<artillerytx> but taking awhile
<nick125> It should download it instantly
<artillerytx> resolving wwmcd.org ... 75.43.20.78
<nick125> ctrl-C that and try wget http://longhornpcrepair.com
<nick125> pastebin the output from both commands
<artillerytx> okay
<artillerytx> same thing
<nick125> really slow?
<artillerytx> http://ubuntu.pastebin.com/m42027882
<artillerytx> yeah
<nick125> That's part of your problem.
<artillerytx> we are all on a router
<artillerytx> so its not smart enough to resolve the host name and do the loopback or whatever
<nick125> Some routers won't allow you to access a 1:1 NAT'ed public IP from inside of the network
<artillerytx> its a uverse 2wire thing
<nick125> I can give you a somewhat hackish fix: just add them to /etc/hosts 127.0.0.1 line
<artillerytx> yeah but thats still makes no sense why one is working another is not
<artillerytx> you mean for the loopback
<nick125> e.g., 127.0.0.1 localhost longhornpcrepair.com wwmcd.org
<nick125> yeah
<artillerytx> yeah well i edited the host file on my computer
<artillerytx> so it works over here
<nick125> you need to edit it on the server to get rid of the error from Drupal
<artillerytx> oh okay
<artillerytx> is it ... a tab in between each
<artillerytx> or just a space
<nick125> I usually use spaces, but a tab should work
<artillerytx> k lets see if your right
<artillerytx> yes sir
<artillerytx> that fixed it
<nick125> Great.
<nick125> But yeah, that's one reason I got rid of 1:1 NAT...I got tired of dealing with that quirk
<artillerytx> yeah
<artillerytx> do you know why my cURL is not showing up for the other domain
<nick125> What do you mean?
<artillerytx> let me take a screenshot
<artillerytx> this might be a drupal thing actually
<artillerytx> i have simplexml and cURL installed on my server but its only showing up for the longhornpc one
<artillerytx> maybe something in the .htaccess
<artillerytx> ?
<nick125> Where did you put it?
<artillerytx> home directory
<artillerytx> i think
<nick125> Where did you install simplexml and curl to?
<artillerytx> root directory
<artillerytx> which would be /home
<nick125> Are you talking about a curl/simplexml plugin for Drupal or something else?
<artillerytx> no its something i had to install on the server
<nick125> How did you install it?
<artillerytx> apt-get i think
<nick125> Okay....just for the heck of it, restart apache.
<artillerytx> okay
<artillerytx> k done
<nick125> Then click on refresh while holding shift down
<artillerytx> still not showing up
<nick125> Take a screenshot, maybe that would help.
<artillerytx> wwmcd.org - http://img36.imageshack.us/img36/197/picture1129.png
<artillerytx> longhornpcrepair.com - http://img505.imageshack.us/img505/8774/picture237.png
<nick125> That looks like a Drupal plugin that isn't installed for wwmcd.org.
<artillerytx> i thought cURL would just show up alright maybe im just insane
<nick125> http://drupal.org/project/curl
<nick125> It looks like the Drupal base installation doesn't come with the curl module, which would explain why it doesn't show up
<artillerytx> no i don't have that one installed
<nick125> You must have it installed on the other domain, though.
<artillerytx> no i don't
<artillerytx> i remeber installing it .. its some php thing
<artillerytx> php5 curl
<nick125> That's the PHP cURL library.
<artillerytx> yeah
<nick125> The Drupal install on longhornpcrepair.com has the cURL Drupal plugin installed while wwmcd.org doesn't.
<artillerytx> thats weird alright.. i don't see the cURL in my modules
<artillerytx> its not big deal
<artillerytx> no
<nick125> Where are you checking?
<nick125> it can be in /sites/default/modules, /sites/all/modules, /modules, etc
<artillerytx> i put all my modules in sites/all/modules
<artillerytx> wait
<artillerytx> maybe its the php one
<artillerytx> ahh whatever
<nick125> Unless you have a plugin that needs it on wwmcd.org, I wouldn't worry about it.
<artillerytx> right
<artillerytx> thanks again
<nick125> Sure.
<artillerytx> if i install php-pear what do i need to put in my php.ini so i can use it
<artillerytx> nick125 hey do you know what this is - http://pastebin.com/d4f42a273
<Navop> I need to keep track of 6 computers downloads(to which is d/l more then the other, and I want ot be able to restrict the # of gigs d/l /computer is this possible with unbuntu server)
<Navop> example i want to allow 5 gigs per computer, once the 5 gigs is used up it stops that computer from d/l till the following month
<alex_joni> Navop: http://linuxgazette.net/108/odonovan.html
<Navop> ty
<alex_joni> you'll have to do some reading on iptables
<alex_joni> but using iptables you can set up rules for each PC, and quota on them
<Navop> thanks for info, and if i need to read...np
<alex_joni> it's probably easier than it looks at first glance ;)
<Navop> like the #7 setting transfer quotas
<alex_joni> right, but only having that won't work ..
<alex_joni> you need the whole thing running, before you add quota things
<alex_joni> for setting up iptables there are tons of tutorials, and programs that generate rules (if you don't want to write them by hand)
<Navop> what i'll do is redo my unbuntu server, then insert it on network, and test as i go and ask question....
<Navop> and do alot of reading...lol
<qiyong>  clamav-daemon (clamd) doesn't start up autoamatically
<qiyong> there's K19clamav-daemon
<qiyong> no startup links
<qiyong> is that bug?
<captainkirk> hi all. how do I find out what version of openoffice.org i have installed on my ubuntu 9.04 server
<RoyK> captainkirk: help/about
<captainkirk> royk I am on a server with terminal only
<captainkirk> royk I am running server with terminal only
<RoyK> ops
<RoyK> dpkg -l|grep -i openoff
<RoyK> that should show you the version
<RoyK> sec - I need to start my ubuntu vm to check
<captainkirk> royk it tells me there are lots of 3.1.0-11 packages, which is correct
<captainkirk> royk problem is, using the "which soffice" command returns nothing
<RoyK> captainkirk: here it returns /usr/bin/soffice
<captainkirk> royk that is correct
<captainkirk> i tried to remove the ubuntu supplied version and install the latest version from the openoffice.org site
<captainkirk> i seem to have messed something up
<captainkirk> any ideas on how to remove it all and start again?
<captainkirk> using your command supplied above to list all the installed packages, I can see that the openoffice.org-core is still the original ubuntu package, not the new one
<RoyK> I guess the one from openoffice.org installs under /usr/local/bin
<RoyK> or /usr/local/something
<pmatulis> i joined late but what does Openoffice have to do with ubuntu server?
<RoyK> or perhaps /opt
 * RoyK has no friggin' idea
<RoyK> that is - I once used it with an email-to-fax system for converting MS Office documents extracted from email to be faxed
<captainkirk> lol.... I am trying to remove the ubuntu 9.04 supplied openoffice packages and replace with openoffice.org
<RoyK> why?
<pmatulis> captainkirk: you should have more luck in either #ubuntu or #openoffice
<captainkirk> i am running an application (alfresco) which is not working with the ubuntu supplied openoffice, but research shows that others have had success replacing with the openoffice.org deb packages
<captainkirk> i have downloaded the tar.gz and extracted teh .deb files and ran dpkg -i *.deb and now nothing is working
<captainkirk> do i need to do something else after dpkg -i *.deb command to install deb package?
<RoyK> captainkirk: dpkg -l packagename will list the installed files from that package
<captainkirk> how can I completely remove all openoffice packages for a fresh install?
<captainkirk> dpkg --help
<captainkirk> oops... wrong screen
<jussi01> captainkirk: please heed the topic and go to #ubuntu for general questions
<RoyK> dpkg -r --purge captainkirk
<captainkirk> it says i can -r and --purge in the same command
<captainkirk> so should i -r the package and the --purge it
<maxb> RoyK: You mean -L not -l
<RoyK> maxb: yeah, sorry, -L or --listfiles
<RoyK> captainkirk: please ask on #ubuntu for general ubuntu questions - this is strictly a ubuntu server channel. about the difference between removing and purging a package, man dpkg
<cemc> does anybody know about a good free speedtest software? one that can be put up on a webserver for ppl to test speed with. something like speedtest.net but obviously more simple
<baffle> How are things going with the server-karmic-directory-architecture blueprint? Is there any push behind it? It would be a killer feature for the enterprise crowd to have this out of the box.
<RoyK> cemc: there are several web benchmarking software packages
<RoyK> let me check
<RoyK> seems there should be something in apache2-utils
<RoyK> but I'm in the middle of an upgrade, so I can't install that now
<cemc> RoyK: I'll take a look at that, thanks
<doctormo> Hello all
<doctormo> Question: Is it possible to detect from the ubuntu server what operating system a client is currently booted up into, say if you have a multi-os network?
<mattt> doctormo: port scan?  :)
<doctormo> mattt: Was thinking that, but I'm a programmer not a windows admin :-D perhaps there are some standard ports?
<doctormo> Although I'm kinda surprised there isn't some standard tool, I've seen people pull exact versions of windows on the network before.
<Kartagis> hello
<Kartagis> I have Host or domain name not found. Name service error for name=hotmail.com type=MX: Host not found, try again in my log. does that mean sending was not successful?
<_ruben> Kartagis: it means your dns is broken
<_ruben> doctormo: nmap can do a very decent job at os detection
<Kartagis> _ruben, I only changed the IP block. how could that break my DNS?
<pmatulis> Kartagis: can you reach your default gateway?
<Kartagis> pmatulis, yes
<pmatulis> Kartagis: try to resolve some internet host
<Kartagis> pmatulis, tolga@ozses:~$ nslookup google.com
<Kartagis> Server:		192.168.2.2
<Kartagis> Address:	192.168.2.2#53
<Kartagis> Non-authoritative answer:
<Kartagis> Name:	google.com
<Kartagis> Address: 74.125.67.100
<pmatulis> Kartagis: then: 'host -t mx hotmail.com'
<Kartagis> pmatulis, host -t mx hotmail.com
<Kartagis> hotmail.com mail is handled by 5 mx4.hotmail.com.
<pmatulis> Kartagis: looks like you have a misconfiguration issue then, what app is giving you the above error?
<sgsax> doctormo: nmap -O <ip_addr>
<sgsax> but even that won't be 100%
<quizme> hi, my ubuntu server doesn't allow users to enter a password when they login from home.... I get Permission denied (publickey).  How do I allow users to login using passwords ?
<ball> quizme: do you have sshd installed and running?
<quizme> ball: i can ssh in there for the 'ubuntu' user so yes i think so.
<ball> I don't think I have an ubuntu user.
<ball> brb, phone
<sgsax> quizme: is this any user from any host that is blocked?
<sgsax> or just one particular user or one marticular machine?
<cycleian> Hi, I'm trying to prepare a couple of packages for Ubuntu.  So far so good with the first package, but the second package depends on the first.  How do I tell debuild where the first package is when I'm building the second package?
<quizme> sgsax yeah every user
<sgsax> quizme: no matter what machine they are trying to login from?
<Kartagis> pmatulis, postfix
<quizme> sgsax: i can login as 'ubuntu' but not as 'tempuser' from my home machine for example.
<sgsax> "ubuntu" is the initial account you setup with the installer?
<quizme> sgsax: yeah
<quizme> sgsax: is the primary sudoer
<sgsax> and you can login as "ubuntu" from home, but not "tempuser" from home
<Sam-I-Am> cycleian: you can install the first package so the second package can see it... i tend to use chroots for build environments so i can separate things
<quizme> sgsax: correct
<sgsax> k, just wanted to be clear
<quizme> sgsax: i have my public key in /home/ubuntu/.ssh/authorized_keys
<quizme> that's why i can login as ubuntu
<quizme> but all other users are disallowed
<sgsax> so "ubuntu" logis in use pub key and not password
<quizme> very sad
<sgsax> *logs
<quizme> sgsax yes
<pmatulis> Kartagis: looks like you need to work on postfix then
<quizme> sgsax basically passwords is turned off
<quizme> sgsax i want to know how to turn it on
<cycleian> Sam-I-Am: Right, I'm trying to use pbuilder to build the second package.  How do I tell the pbuilder environment to install the first package?
<Kartagis> pmatulis, can I pastebin my main.cf
<sgsax> quizme: can you pastebin your /etc/ssh/sshd_config, pls
<Kartagis> ?
<quizme> sgsax okay but don't hack me hehe
<quizme> j/k
<sgsax> don't leave anything important in there :)
<Kartagis> quizme, and give me your password
<Sam-I-Am> cycleian: you can just install it with dpkg -i
<Kartagis> :D
<quizme_> hi
<quizme_> ok just checking
<quizme_> this is my other comp
<Sam-I-Am> cycleian: i usually build all the deps in separate chroots, then install them individually into other chroots that build stuff which depends on them
<sgsax> quizme: you can also look at /var/log/auth.log, see if there are any useful messages in there
<quizme> kartagis: passwords don't work anyway... hehe
<cycleian> Sam-I-Am: So I shouldn't use pbuilder?  My understanding was that pbuilder does the chrooting for you...
<quizme_> http://pastie.org/575453
<Sam-I-Am> cycleian: i'm not really familiar with pbuilder... i think it does... but you might want to check the docs.  i use dpkg-buildpackage for my packages usually.
<quizme> sgsax: did u see it ?
<sgsax> quizme: yep, only difference I see from mine is I have "ChallengeResponseAuthentication yes"
<sgsax> also set "LogLevel DEBUG" for more detail in your /etc/var/auth.log
<quizme> should i set Challenge.... to yes ?
<sgsax> give it a try
<quizme> k
<quizme> i'm up for the sshd challenge
<sgsax> that should be the default
<sgsax> be sure to /etc/init.d/ssh restart
<sgsax> no need to reboot the whole box
<quizme> sgsax: oh that was my next question.... how to reboot thanks
<quizme> sgsax: yes!  that worked.  thanks so much
<sgsax> np
<sgsax> I go for the low-hanging fruit around here :)
<quizme> sgsax: hehe
<quizme> sgsax: at least you go for some fruit
<sgsax> it's how I like to contribute
<quizme> i'm a newbie at this sysadmin stuff
<sgsax> I'll never be a kernel hacker
<quizme> it's ok
<quizme> i'm not either
<quizme> we can hang out together
<quizme> and not hack kernels
<quizme> i do as little sysadmin as possible
<quizme> unfortunately it's been a lot lately
<quizme> running on EC2.... wrote a backup thingamajiggy with capistrano....
<quizme> took my like 2 weeks
<quizme> me*
<sgsax> fun
<quizme> 2 weeks of my life *gone* for sys admin...
<sgsax> what's your regular job?
<quizme> i like to program
<quizme> and avoid sys admin
<quizme> but i do outsourcing
<quizme> of programming jobs
<sgsax> ah, one of "those" guys
<sgsax> :)
<quizme> yeah
<quizme> the evil ones
<quizme> how bout u ?
<sgsax> I work for the State, so I'm just a Government mouthpiece
<quizme> oh
<quizme> sysadmin for the state ?
<quizme> of California ?
<sgsax> university
<sgsax> State of KS
<quizme> There is a famous topologist at the U. of Kansas
<sgsax> not that university :)
<sgsax> the other one
<sgsax> not sure what we're famous for
<quizme> sys admin probably
<cycleian> Sam-I-Am: OK, I found a bit about doing this in the pbuilder tutorial - I'll let you know how it works.  Is there a good reason *not* to use pbuilder?
<sgsax> unless you've seen the youtube vid "The Machine is Us/ing Us", the guy that did that is here
<sgsax> x
<sgsax> yep, I'm a sysadmin for a dept here
<quizme> oh that's cool
<quizme> we should probably take this off channel though
<sgsax> true
<Sam-I-Am> cycleian: probably not... people seem to like it.
<Kartagis> pmatulis, can I pastebin my main.cf?
<_ruben> dont paste main.cf, paste the output of postconf -n instead .. then again, i wont be looking at it, as im heading out now :)
<pmatulis> Kartagis: you can pastebin what _ruben suggested but i don't have much time to troubleshoot your issue since i'm at work
<pmatulis> Kartagis: pastebin your logs too (/var/log/mail.log)
<Kartagis> pmatulis, my logs are on http://pastebin.com/dc54d5d7 and _ruben, remind me what you suggested I paste?
<Steve[mbp]> Morning everyone!
 * ball waves
<uvirtbot`> New bug: #409987 in apache2 (main) "apache2 segfault using mod_deflate" [Medium,New] https://launchpad.net/bugs/409987
<pmatulis> Kartagis: are you sure that the machine hosting postfix can resolve internet names?
<Kartagis> pmatulis, yes
<Kartagis> pmatulis, name any site and I'll tell you
<Kartagis> would restarting postfix fix the issue?
<sgsax> Kartagis: any time you make changes to the configs, you should restart the service
<Kartagis> sgsax, I didn't make a change to postfix tho
<Kartagis> restarting postfix did fix the issue
<Kartagis> one more issue. after I changed the IP block, my local SSL site doesn't work. how come?
<Sam-I-Am> because your ssl cert is probably bound to an IP
<Sam-I-Am> well, at least a hostname (that might have changed)
<Kartagis> Sam-I-Am, how can I find out if it is bound to a specific IP?
<Sam-I-Am> well, whats the error?
<Kartagis> Sam-I-Am, weird. it fixed itself
<Sam-I-Am> could have been a temporary dns issue
<Sam-I-Am> certs like when dns works
<Kartagis> Sam-I-Am, it is working now
<uvirtbot`> New bug: #409876 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Medium,New] https://launchpad.net/bugs/409876
<Kartagis> I got a new modem/router and its IP block was different than my old one. that's how everything started
<sgsax> Kartagis: you use some kind of dyndns?
<Kartagis> sgsax, no, I use named
<Sam-I-Am> who handles dns for your outside ip that changed?
<Kartagis> no, my outs,
<Kartagis> no, my outside IP didn't change. it's modem's IP block that changed. it is 192.168.2.1 now
<Kartagis> thanks anyway for the help
<Kartagis> bye
<dinda> sommer: ping dude!
<Deevz_> I got a problem with my hostname while installing apache
<Deevz_> hostname: Unknown host
<Deevz_> make-ssl-cert: Could not get FQDN, using "QuoteNet".
<MK13> how could i make my dns server forward all hostnames to just one server?
<nick125_> Anyone here know of a guide that explains how to use the new cn=config configuration setup that the OpenLDAP in Jaunty is using?
<sommer> dinda: yo
<dinda> sommer: dude!!! looking for a quick opinion from you and other server types
<dinda> Trying to find a word other than architect, as in RHCA, for our new Ubuntu highest level certification level
<dinda> some have suggested Ninja ;)
<nick125_> Ubuntu Certified SuperAwesomeAdmin
<sommer> heh, ninja is good
<dinda> but perhaps something like Guru or Master. . . lol
<dinda> Builder?  Developer?
<sommer> expert?
<sommer> that's kind of a tough one
<dinda> others are saying Expert as well. . .
<sommer> master isn't bad either... what are the other levels?
<dinda> sommer: so far, just UCP then something akin to RHCE (UCP level 2?) then some specialists areas then the top level 4
<sommer> hmmmm, ya I think expert fits well with UCP
<dinda> sommer: maybe we ask around to find some african word for it. .
<sommer> heh, that would be pretty cool... don't know many african word myself
<sommer> what about Ubuntu Server Ace :-)
<dinda> sommer: really?  you mean you don't study zulu and banta in your spare time?
<sommer> dinda: heeh, italian's on my list... as well as english
<sommer> wait...
<dinda> sommer: that english can be tricky ;)
<sommer> dinda: I think my best suggestion is expert, but Ubuntu Server Champion sound pretty cool too :)
<dinda> ooh Champion - then we gave folks who earn those big boxing/wrestling like title belts
<dinda> RHCAs get a leather jacket so we can out bling them
<sommer> heh that's a great idea
<nick125_> Hmm....can I nest organizational units (ou) in OpenLDAP? i.e., ou=POSIX,ou=Groups,dc=foobar,dc=com
<sommer> nick125_: I'm pretty sure you can
<nick125_> sommer: Great.
<nick125_> I guess I'll find out once I try to add this schema.
<vector_xyz> hey guys i am adding a user using -> sudo adduser thegeek | but how do i limit that user not from going into other home directories etc.. besides his own ?
<vector_xyz> i want him only to access his own dir
<KillMeNow> sounds like you want to jail him
<vector_xyz> well if you are selling shells do you want your customer to walk around ?
<KillMeNow> that means you will need to google chroot jail
<vector_xyz> and view other customers home dirs
<KillMeNow> yea, this is for ssh access right?
<KillMeNow> or jsut FTP?
<vector_xyz> yep ssh
<KillMeNow> yea, chroot jails is what you want
<KillMeNow> http://ubuntuforums.org/showthread.php?t=258622
<KillMeNow> start there
<KillMeNow> http://ubuntuforums.org/showthread.php?t=24575
<KillMeNow> then check that out
<vector_xyz> thx :)
<vector_xyz> worked gr8
<giovani> vector_xyz: with proper permissions, he shouldn't be able to read anything you don't want him to
<giovani> there are very few good reasons to jail a user
<vector_xyz> well i probably should learn more about permissions so i can sell ssh access
<vector_xyz> without anyone damaging the core system files or so
<giovani> vector_xyz: no normal user can damage system files
<giovani> honestly, selling shells
<vector_xyz> how would i set an user to be superuser ? if i am using adduser
<giovani> you set your sudoers file
<giovani> or add them to the admin group
<giovani> but selling shells ... has no purpose anymore
<giovani> VPSes are so incredibly cheap
<giovani> that they can get their own full os, with full root, for a few bucks a month
<vector_xyz> i am giving that as an example :P im actually using a Dedicated Server to run my Development stuff on it, but i dont want other devs to damage anything :) like SVN, git etc.. i will host on there
 * dare knows more people who buy shell access than vps..
<giovani> dare: I don't know a single person who's purchased a shell in like 5+ years
<KillMeNow> selling shells is really old school...  you would probably make more $$$ selling Xen VM's
<giovani> and uou shouldn't be selling xen vms if you don't know how to work linux permissions :)
<giovani> there are enough incompetent vm providers
<giovani> because they've been told it's an easy way to make money
<nick125_> giovani: s/vm/hosting/g
<nick125_> I've worked with a lot of "hosting providers" that all they do is buy a reseller account on their daddy's credit card...quite sad.
<KillMeNow> i get it for free from my ISP
<sgsax> vector_xyz: you can also add a non-shell account
<sgsax> so they can use git/svn/whatever, just not actually get a login shell
<Deevz> anyone familliar with ddclient?
<Deevz> I dont understand why it doesnt update my ip automatically when my server boots up
<sgsax> Deevz: I use it at home and it doesn't seem to update my no-ip.org on a timely basis
<sgsax> I always assumed it was because my ISP flaps a lot and it's just been down at the cron'd update time
<Deevz> sgsax: you might not have config'd it to run as a daemon
<Deevz> but I think ddclient just isnt ran when my os initializes
<sgsax> Deevz: update-rc.d ddclient defaults
<sgsax> or whatever the ddclient service name is
<sgsax> that will make sure it is added to the default runlevels
<Deevz> ok
<Deevz> what are '.d' files?
<sgsax> in general?
<sgsax> update-rc.d just adds or removes symlinks in the /etc/rc.d dirs
<sgsax> it's the debian way of managing startup services
<Deevz> I get ya on the last sentence
<Deevz> but have no idea what symlinks are
<Deevz> ill take a look at that file
<KillMeNow> http://ubuntuforums.org/showthread.php?t=73096
<KillMeNow> Deevz, check that out
<sgsax> KillMeNow: nice
<Deevz> ok, thx
<Deevz> where is update-rc.d?
<sgsax> should be in your search path
<sgsax> needs to be run as root/sudo
<sgsax> it's in /usr/sbin, so not in a typical user path unless you added it
<Deevz> woah
<Deevz> thats one complicated file
<sgsax> it's a shell script
<sgsax> debian gives you several update-* scripts to help you do stuff
<hggdh> usually it is not a good idea to add non-system-provided binaries (or symlinks) under /sbin, /bin, /usr/sbin, or /usr/bin. Better to use /usr/local for taht
<sgsax> hggdh: indeed
<Deevz> i doubt this helped :(
<Deevz> it says the startup link already exists
<sgsax> k
<sgsax> do you have it set for logging?
<Deevz> logging?
<Deevz> is it run with administrative power at startup tho?
<sgsax> if it's actually getting launched as a service, yes
<Deevz> because ddclient gives me a lot of error if I try to run it without sudo
<sgsax> cd into /var/log and do "grep ddclient *"
<sgsax> see if it's logging any output anywhere, generating errors
<sgsax> most likely in /var/log/messages
<sgsax> should do this as sudo/root
<Deevz> it gave me a warning for update skipping once and another time because it couldnt connect to the web service to get my ip
<Deevz> and curiously, its doesnt seem to update every 5m
<sgsax> you read through this yet: https://help.ubuntu.com/community/DynamicDNS
<Deevz> nop, thx for the link
<Deevz> might be better off using my router to do it :P
<sgsax> looks like I'm using noip2 at home, not ddclient
<Deevz> sgsax: do me a favor please
<Deevz> tell me if you if your browser can connect to 205.233.124.235
<sgsax> Deevz: affirmative
<Deevz> weird...
<sgsax> I can't ping your IP, but apache responds on it
<Deevz> my domain doesnt seem to work
<Deevz> sgsax: thats probably because the port youre pinging on is blocked
<sgsax> can you login to your dyndns provider and see what it currently has registered?
<Deevz> sgsax: my domain is currently bound to 205.233.124.235
<Deevz> but it doesnt work
<sgsax> Deevz: see privmsg for long paste
<quizme> how much RAM memory is required for Postfix?
<zroysch> is there something special i need to do to get sound working in server 9.04
<zroysch> its an sb live card. old. worked fine with the non server version
<KillMeNow> IIRC - server version doesn't have sound drivers
<KillMeNow> it's a desktop thing
<zroysch> http://pastebin.ca/1521207
<zroysch> does this mean that is untrue?
<nick125> you might need to install some utilities
<zroysch> i installed alsa-base alsa-utils alsa-tools libasound2
#ubuntu-server 2009-08-08
<qman__> I don't know about 9.04, but in 8.04, I simply installed the program cmus on server, and it installed all the dependencies necessary to play sound
<qman__> using an onboard AC'97 card
<marshall> hey #ubuntu-server
<marshall> I've setup an ubuntu server, how do i hook it up with my domain name/
<marshall> ?
<nick125> marshall: You need to have your DNS provider point the A record(s) to your server.
<marshall> do i need to install bind or any of that nonsense?
<nick125> marshall: It depends. If you have an external DNS provider (your domain provider might offer DNS, or you can use another service), then no. If you don't have a DNS provider, then you will need to either find one or get two IPs to your server and setup bind.
<marshall> ok, ill give it a try
<marshall> thankya
<nick125> No problem.
<nick125> Where is your server running? If it isn't in a decent datacenter with a reliable connection, I'd recommend a third-party DNS provider.
<nick125> You definitely don't want your connection to go down, or have your IPs change for some reason and have your site down for 24-48 hours while the DNS server changes propagate.
<marshall> i have cloud hosting with rackspace
<marshall> my domain is with sibername.com
<marshall> i have an existing site with another host hooked up to the domain
<marshall> i want to switch it to my new custom server
<nick125> marshall: Does your domain provider offer DNS?
<marshall> i believe so
<nick125> What's the domain?
<marshall> iamjeffmarshall.ca
<nick125> Ah, your nickname seems fitting :)
<nick125> Yeah, you're using sibername DNS servers. It shouldn't be an issue to have them setup the proper A records. They probably have an interface to do it without having to contact them.
<marshall> A records eh
<marshall> lol thanks, ill look into it
<nick125> marshall: Let me know if you have any issues getting it done.
<marshall> nick125: ok, thanks
<marshall> actually
<marshall> i feel i may be in way over my head
<nick125> marshall: It's not impossible....
<marshall> nick125: lol yeah, im sure its all pretty straightforward
<marshall> i setup my website with a prepackaged hosting provider, then pointed it to my nameservers at sibername for my domain
<android6011> I am building a home server, what filesystem would be best for my audio and video etc. It will be accessed via samba and other methods as well as streamed across a network
<marshall> im now trying to setup a server from scratch and assign a domain name to it
<nick125> android6011: personally, I'd go with ext3 optimizied for larger files
<android6011> so not ext4?
<nick125> android6011: You can do ext4 as well...but I just don't feel confident about using it on a server yet.
<android6011> ok ill keep that in mind
<marshall> nick125: im also trying to setup svn for web development, i want to have svn.iamjeffmarshall.ca point to my svn server
<nick125> Just curious..why SVN?
<marshall> i dont know any particular reason to use it, as far as i can see its the most cohesive version control
<nick125> Ever look into bzr or git?
<marshall> no
<marshall> i havent
<marshall> also, i have this spiffy mac app called versions
<nick125> Ah. For SVN, are you using SSH or WebDAV?
<marshall> but what advantages or disadvantages are there to using svn?
<marshall> i feel like ssh would be better, but ive got it setup through webDAV i think
<marshall> i followed this how to
<marshall> http://ariejan.net/2006/12/01/how-to-setup-a-ubuntu-development-server-part-1/
<nick125> SVN seems to have the GUI clients while distributed VCSes have benefits resulting from its distributed nature (work offline, etc)
<nick125> Yeah, that's WebDAV. SSH is easier imho.
<nick125> marshall: Are you the only one that will need to access the SVN repos?
<marshall> ill have to set up an svn for others too
<marshall> im doing this on my own server so i can get comfortable with using it for web dev
<marshall> before i use it with my team
<nick125> Okay, then you might want to stick with WebDAV unless you feel comfortable giving SSH access to those people.
<marshall> i could give them ssh with only certain privs right?
<nick125> Well, you could give them a normal user SSH account...I know with Git, there is a special "shell" that only allows them to use git and nothing else.
<marshall> hmm
<nick125> Infact, Git has a real nice package called gitosis that handles all of that for you. The only caveat is that you can only use SSH and only use SSH keys.
<nick125> IF that isn't an issue, it's a really nice package that automates a lot of the processes of managing Git.
<marshall> hmm
<marshall> my main concern is that the trunk of my repos be live on the web
<marshall> as in served by apache
<nick125> marshall: On your server, what do you have setup so far?
<marshall> i just wiped it, lol
<nick125> Haha.
<marshall> im going to setup apache2
<marshall> also, i dont want to do all this as root, it just feels wrong
<marshall> can i setup a user account with my own name that has all the privs of root?
<nick125> yeah, I always keep the root accounts on my server disabled
<nick125> You can use sudo...
<marshall> ok, but i dont want to have to sudo everything i do on my webserver
<ipsemet> ï»¿where can i find a list of packages that have been updated in Ubuntu 8.04.3 in the past week
<nick125> marshall: If, for some reason, you need a root shell, you can always do sudo bash
<newz2000> hi, is this an ok place to ask about configuring xen on ubuntu? I'm having trouble w/ networking and am not finding much help on the net.
<nick125> newz2000: I don't see anything wrong with asking, but #ubuntu-virt might be better if you don't get any answers here.
<marshall> nick125: yeah, but if im going to upload files through sftp, i want to be able to access /var/www with my user account
<nick125> marshall: I think you can add your user to the www-data group and have access to /var/www
<marshall> nick125: hmm
<marshall> nick125: how can i see a listing of available groups on my system? lsgroup or something?
<nick125> marshall: I usually just do cat /etc/groups
<nick125> er, /etc/group
<marshall> how do i add my new user account to the sudoers file?
<ScottK> marshall: Add them to the admin group.
<nick125> usermod -a -G admin <user>, I think.
<marshall> it says the admin group doesnt exist when i do adduser jeff admin
<marshall> maybe i can add jeff to the 'sudo' group?
<nick125> Check /etc/sudoers
<nick125> It should have something like "%<SOMETHING> ALL=(ALL) ALL"
<marshall> root   ALL=(ALL) ALL
<ScottK> You get edit /etc/group and it's enough.
<Boohbah> VERY BAD IDEA to give www-data user and additional access
<Boohbah> s/and/any/
<marshall> huh?
<nick125> Boohbah has a point.
<nick125> www-data is the user used by Apache, so, for example, a malicious PHP application would be able to modify and delete files...which is a bad idea imho.
<marshall> ok, i want jeff to be able to read and write files in /var/www
<marshall> and to be able to sudo and do commands as root when necessary
<nick125> Maybe a POSIX ACL would work better
<marshall> i just added jeff to 'sudo' group, doesnt seem to have given him sudo power though
<marshall> now im looking up how to remove him from sudo group
<marshall> what is posix acl?
<nick125> It's a finer-grain permissions system
<ipsemet> ï»¿when i do a ls -l the dates listed are the last modified dates of the files correct?
<marshall> i've added 'jeff' to 'www-data' but it doesnt seem that im able to change anything in my /var/www as jeff
<nick125> yeah, I was incorrect and wrong - www-data doesn't have write access into /var/www.
<marshall> nick125: how should I go about letting jeff read and write to /var/www?
<nick125> marshall: my suggestion would be to create a www-pub group, chown jeff:www-pub -R /var/www
<kyanardag_> hi, i'm trying to run two websites from single server and i couldn't figure out how to do it. I followed the instructions given at http://www.debianadmin.com/creating-name-based-and-ip-based-virtual-hosts-in-apache.html
<kyanardag_> the "default" website is working fine, but other one is not
<kyanardag_> i'll be glad if someone can assist me
<kyanardag_> there's something wrong in my /etc/apache2/sites-available/secondsite.com file
<kyanardag_> http://pastebin.com/m2faede95
<RoyK> try #httpd
<kyanardag_> RoyK: thanks
<RoyK> np
<uvirtbot`> New bug: #410628 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/410628
<ichat> anyone able to tell me if the  promise TX2 is able to work on ubuntu server (even if its just as a simple pata controler
<twb> ichat: first of all,
<twb> ichat: first of all, "hardware raid" on a $20 card is fakeraid, and should be avoided
<ichat> twb i know,
<ichat> its just that i need more pata channels
<twb> As to support, if you have the card already you can ask lspci for a model string, and google for that
<zroysch> is there an easy way to test sound from command line on server 9.04
<uvirtbot`> New bug: #410669 in hundredpapercuts "Files incoming through nautilus-share should be created with user ownership, instead of "nobody" (dup-of: 268663)" [Undecided,New] https://launchpad.net/bugs/410669
<uvirtbot`> New bug: #410771 in samba (main) "package swat 2:3.3.2-1ubuntu3.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/410771
<relegated> I am having some trouble getting a Wordpress plugin called Subscribe2 to send Email successfully. I am running Debian Lenny, Apache2, and PHP5, and exim4. I am able to send Email from the console using exim but am unable to through the plugin which uses the PHP mail function which I was told uses senndmail. I have a symbolic link setup so that sendmail works using exim. Can anyone help me,...
<relegated> ...I'm not sure where the problem lies, I have full server access.
<giovani> relegated: presuming exim has been configured properly ... you're done
<giovani> the symbolic link is simple -- and will work as expected
<relegated> Right, which is why I am very frustrated because it won't work through Wordpress
<relegated> I can send outgoing Email fine from the command line to Gmail but not through wordpress
<giovani> "won't work" unfortunately, isn't anything we can troubleshoot with
<giovani> have you tried sending mail using the symlink you created?
<giovani> if it works -- this is a php issue
<giovani> if not -- then it's an exim/symlink issue
<relegated> ya I can send using the symlink also
<giovani> then php may be misconfigured, or confused
<giovani> or maybe wordpress checked to see if it could send mail when you installed it -- and this wasn't set up then
<giovani> and it's disabled that functionality
<giovani> you might want to try getting assistance from wordpress
<relegated> Been trying that also
<giovani> since exim and ubuntu seem to be functioning just fine
<giovani> and wordpress isn't exactly a key part of ubuntu
<giovani> also, it would be wise to check exim logs
<giovani> to see if there's any record of mail attempts from php/wordpress
<ArchType> Hello there.
<ArchType> I just started the chkrootkit and I got: INFECTED (PORTS:  60001)
<ArchType> This isn't good right?
<ArchType> o_O anyone here?
<giovani> ArchType: ... waiting more than 60 seconds for a response before asking if anyone's here is a good idea
<giovani> it may or may not be a problem -- chkrootkit is just checking a list of things it thinks represent a hacked server -- sometimes they're false positives
<ArchType> hum
<ArchType> well rtorrent uses this port
<giovani> anything can use that port
<giovani> hence why chkrootkit is doing nothing but guessing
<giovani> try running "sudo netstat -anp | grep :60001"
<giovani> any results?
<ArchType> giovani: yes
<ArchType> as I said, only rtorrent: tcp        0      0 0.0.0.0:60001           0.0.0.0:*               LISTEN      5137/rtorrent
<giovani> well if you knew that -- then you probably knew this wasn't an issue, and you didn't need to demand an answer within 60 seconds on irc on a saturday
<ArchType> it's saturday already :S
<ArchType> giovani: well I've learned something new
<ArchType> Also what firewall do u suggest for beginners
<ArchType> I know iptables are the best
<ArchType> but what about guarddog and why not?
<giovani> guarddog isn't a firewall
<giovani> it's an iptables configuration tool
<ArchType> I see
<giovani> iptables (or more accurately, netfilter) is the only linux firewall
<giovani> all of the "firewall tools" you find are just front-ends for configuring netfilter/iptables
<relegated> giovani: I got it, my misconfiguration and I ended up reconfiguring Exim to use a smart host since i have a dynamic IP and was getting flagged as spam because I dont have a rDNS record
<giovani> relegated: alright ... so then this was totally unrelated to php/wordpress -- and worked the same whether you used the command line sendmail replacement or php's function
<relegated> I did have the sendmail_path in php.ini set to /usr/bin instead of sbin so it might have been a combination of the two
<nick125> Anyone here familar with POSIX ACLs? I'm wondering if new child objects (i.e., files and subdirectories) can "inherit" the ACL from the parent directory.
<nick125> Ah, it looks like if you create a default POSIX ACL on that directory, the children will inherit the ACL. Sweeeet.
<addisonj> anyone around to look at a vhost file for me and give me clues as to why my apache will not start with it?
<addisonj> http://pastebin.com/d6de4c551
<addisonj> maybe i am blind and need fresh eyes
<nick125> What error are you getting?
<addisonj> none, that is the weird part, just says fail
<nick125> Anything in the logs?
<addisonj> not in the error log
<addisonj> at least, nothing that points to failure
<nick125> Mind pastebinning the last....150 lines of the error log?
<addisonj> so, just to make sure, do you mean the log for that particular vhost?
<Falc> how about running apachectl configtest?
<nick125> Have you checked your overall error log file? If there's an error in one of your declarations, it might not go into the vhost's log
<genii> Will there be a ksplice backport to 8.04?
<addisonj> aha
<nick125> addisonj: Find it?
<addisonj> sorry, on phone one sec
<nick125> Phones suck.
<addisonj> yeah they do, which log do you want /var/log/messages? or another?
<nick125> Something like /var/log/httpd/error.log or whatever it might be on your system.
<addisonj> bah! found it,
<addisonj> didn't knwo there were apache logs here too :P
<addisonj> no wait, i did, i just need eat lunch and get away for a bit
<addisonj> odd though, wrong path name pointing to my log files killed the server with no output in console
<giovani> it didn't "kill" the server -- it just prevented it from starting
<giovani> addisonj: and, as a note, if you used /etc/init.d/apache2 restart|start -- it would've printed that to console (STDERR, more precisely)
<addisonj> i did use that, i had another error in filename that did print, but the logfile one did not
<giovani> that's because it probably only evaluated the first fatal error ... and stoped ... it shouldn't continue
<giovani> so then you should've fixed that, and run it again, and seen the error you wanted
<giovani> s/stoped/stopped/
<IRConan> if a process has nice value of 19 will other processes be allowed to saturate the CPU and it get no time at all...
<IRConan> other processes all have 0 or lower nice values
<guntbert> IRConan: were you hansderagon?
<IRConan> guntbert: what?
<guntbert> I read exactly the same question two days ago but the nick was different
<IRConan> oh... fair enough
<IRConan> any idea? I thought that a process with a nice that high wouldn't impact performance of others at all really but it seems to use about 70% processor even when another is running
<guntbert> IRConan: are you sure that the nice value is correct?
<IRConan> absolutely
<IRConan> shows in htop as 19
<guntbert> IRConan: and it still hogs the cpu?, what is the system load?
<IRConan> the "background" process is intended to use all spare cycles so it's at 100% all the time really
<guntbert> IRConan: what background process?
<IRConan> this is where you'll laugh :P
<IRConan> Folding@Home
<IRConan> I guess I might just have to stop it...
<IRConan> having the server responsive is far more important
<IRConan> I have a few php applications which use lots of processor (generating graphs mainly)
<guntbert> IRConan: why should I laugh? but once again: what is the system load (in htop upper right corner)
<IRConan> the "Load average" ?
<IRConan> 0.77
<IRConan> peaked at 0.84 when running one of the PHP apps just then
<IRConan> oh... it's much higher now... I guess it might be distorted from my messing
<guntbert> 0.77 is fairly low, everey other process should get all it needs - 2 or 3 is another thing - your machine "has all the time" - I wouldn't worry
<IRConan> thing is... if I run a php request with F@H running php uses 30%, if I run it without F@H it uses 70-100%
<IRConan> maybe those figures aren't very accurate... if php isn't sleeping when it could it would show high usage anyway
<guntbert> IRConan: I wouldn't worry too much about %
<IRConan> ok then... thanks for the advice
<IRConan> I'm hoping to implement caching on the graph generation anyway
<IRConan> it's impractical to have them generated for every request!
<guntbert> IRConan: right now I have a load of 1.8 on my notebook and I don't notice any sluggishness at all
<IRConan> cool
<IRConan> what do those load figures actually reperesent?
<guntbert> I never figured that out "exactly" - just lower is better :-) and the % don't have the same weight as in windows
<IRConan> never looked at windows loading really
<IRConan> occasionally 100% when I'm running prime95 on my gaming rig but that's it
<guntbert> you can make a test though: run some benchmark with and without F@H and see what difference it makes - I guess nearly none
<guntbert> or compile a kernel (just for fun)
<guntbert> and time that
<addisonj> another question, how do i redirect a folder to a file, for example www.mydomain.com/sales to www.mydomain.com/sales/index.php
<nick125> addisonj: setup a default index file
<nick125> so when someone goes to mydomain.com/sales/, it will look for index.html, then index.php, etc.
<addisonj> aha, so i just need to add that to my vhost then in DocumentIndex?
<guntbert> addisonj: apache should do this by default, but you can always ask in #httpd
<nick125> addisonj: I believe so.
<addisonj> think i got it, just needed a little push in the right direction, thanks
#ubuntu-server 2009-08-09
<addisonj> huh, the JDK is not avalible from stock repositories on 8.04
<accol> hey everyone...is there an alternative to putty which allows the user to see folders instead of typing in a terminal?
<giovani> accol: ssh is not a file-serving protocol -- so you're probably looking to use WinSCP or something
<accol> thank you....i just need something easy for my gf
<accol> she wont learn code lol
<nick125> Yeah, WinSCP or gFTP (depending on OS) will work for what you want
<qman__> load averages are in percent CPU time being requested, where 1.0 is 100% of one CPU core
<qman__> if you have a dual core CPU, numbers above 1.0 are acceptable, since 2.0 is the total available time
<qman__> 4.0 on a quad core, etc...
<qman__> you can't really judge the effectiveness of niceness by your load average, since if your CPU is idle, it will use that up with nice processes
<qman__> the best way is to simply test the functions that should have high priority
<XiXaQ> has anyone here been able to use OpenLDAP for Evolution contact sharing? I've followed the guides on help.u-c and others more than once, but Evolution doesn't seem to get it.
<artillerytx> IF i need to install imagemagic is that the same as imagemagick
<rosa> hi there...i am installing a couple of new hard drives in my server and i want to do a raid 1, but I got the devices are already been in use (I just intalled), I delete the VG and PV that was created autonaticaly, but atill i got the error that are in use...somebody know what could be the problem?
<artillerytx> so i was trying to recompile a pacakge and i rang #dpkg-buildpackage
<artillerytx> and its just been going through lines and lines of code should i make it stop or just let it run
<artillerytx> hey guys if i were to say run "#dpkg-buildpackage" and my computer was spitting out lines and lines of code
<artillerytx> i could stop it right and delete the package it was building
<artillerytx> no harm no foul
<DelphiWorld> hello all
<DelphiWorld> please how to use my ubuntu server a a VPN router?
<DelphiWorld> (PPTP)
<DelphiWorld> how to please
<incorrect> hi, can anyone suggest an autobuild system they like?
<helloworld32934> Hello everybody, maybe someone can help me. There is a strange behavior with my Samba-Server. I start copying a file (2GB) from a Windows Client in direction to the Samba-Server, the transmission rate is more than poor. While doing this, I start copying a second file (same size) and whoosh, the transmission rate jumps up to the maximum......any idea????
<roxy_> hi there, i am installing a new hard drive using evms but when i try to configure with mdadm the raid tell me the drive is already been used. Somebody know how resolve this problem
<helloworld32934_> >	Hello everybody, maybe someone can help me. There is a strange behavior with my Samba-Server. I start copying a file (2GB) from a Windows Client in direction to the Samba-Server, the transmission rate is more than poor. While doing this, I start copying a second file (same size) and whoosh, the transmission rate jumps up to the maximum......any idea????
<RoyK> helloworld32934_: hard to tell
<RoyK> helloworld32934_: have you done some tuning in the config?
<RoyK> the standard config says
<RoyK> # You may want to add the following on a Linux system:
<RoyK> #         SO_RCVBUF=8192 SO_SNDBUF=8192
<RoyK> Last time I tried adding those flags, it didn't really improve anything, it just made things far worse
<helloworld32934_> thnks for the reply....i tried the socket options already, nothing happend...
<RoyK> no idea, really, and I'm using samba for rather large file servers at work
<davmor2> Hi guys is anyone updating the version of ebox that we have in the repo's at all?  currently listed as 0.12 and current version is 1.2 and has a load of useful features now.
<helloworld32934_> the funny thing is the fact, copying one file poor transmission....copying two files at the same time (two seperate tasks) fast transmission.
<helloworld32934_> the speed also goes up if I copy from another workstation at the same time, both workstations are running like wild, but if one workstation finished the copy task, the copy speed of the other mashine goes down.
<RoyK> helloworld32934_: have you checked packet loss?
<RoyK> ifconfig returns some stats
<helloworld32934_> no errors, no losses  :-(
<helloworld32934_> eth0      Link encap:Ethernet  HWaddr 00:08:54:d1:04:b7
<helloworld32934_>           inet addr:10.0.0.23  Bcast:10.0.0.255  Mask:255.255.255.0
<helloworld32934_>           inet6 addr: fe80::208:54ff:fed1:4b7/64 Scope:Link
<helloworld32934_>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
<helloworld32934_>           RX packets:1578837 errors:0 dropped:0 overruns:0 frame:0
<helloworld32934_>           TX packets:1013668 errors:0 dropped:0 overruns:0 carrier:0
<helloworld32934_>           collisions:0 txqueuelen:1000
<helloworld32934_>           RX bytes:2033445539 (1.8 GB)  TX bytes:160172823 (152.7 MB)
<helloworld32934_>           Interrupt:18 Base address:0xcc00
<RoyK> pastebin it for fuck's sake
<Nafallo> !pastebin | helloworld32934_
<ubottu> helloworld32934_: pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at  http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from  command line | Make sure you give us the URL for your paste - see also the channel topic
<helloworld32934_> ...sorry
<RoyK> generally, don't paste more than 2-3 lines
<RoyK> even though we're talking 2009, some people are still at small termials
<RoyK> what version of ubuntu is this?
<helloworld32934_> Ubuntu 8.04.3 LTS, kernel 2.6.24-24-server
<RoyK> ok
<RoyK> what sort of clients?
<helloworld32934_> two clients are windows XP service pack 3, another two are XP service pack 2
<RoyK> wierd
<RoyK> does the same thing happen whatever client from which you try to access it?
<helloworld32934_> yes, the same thing happens no matter which machine is copying, two machine at the same time maximium throughput...only one machine poor throughput
<helloworld32934_> one machine copying with one task, poor.....one machine copying two task maximum
<RoyK> can you try to make a wireshark dump while trying with only one box?
<RoyK> tshark -w somefile.pcap host ip.of.client.machine
<RoyK> you might have to apt-get install tshark
<helloworld32934_> sorry, reading from samba to xp is fast as hell, only writing is the problem....must install tshark now...one moment
<RoyK> try to not send other traffic to/from that client during the test - it makes the dump easier to read
<helloworld32934_> where can I find the .pcap file....capture is finished now, but where is the file??? Using first time tshark.
<RoyK> current directory
<RoyK> $PWD
<RoyK> .
<helloworld32934_> thanks...what to do next?
<RoyK> gzip and upload it somewhere so I can take a look at it
<RoyK> or just open it with wireshark (gui stuff) on some box
<RoyK> wireshark exists for windows as well
<helloworld32934_> ...installing wireshark for windows, one moment please
<helloworld32934_> done and opened the captured file..
<XiXaQ> I'm trying to export /media through nfs. I'm able to, but I don't see any data in there. It's as if filesystems mounted in /media aren't automatically exported. That may make sense, but it is what I want. How do I do this?
<helloworld32934_> 110	42.790495	10.0.0.23	10.0.0.66	SMB	NT Create AndX Response, FID: 0x0000, Error: STATUS_OBJECT_PATH_NOT_FOUND
<helloworld32934_> 1946	44.899936	10.0.0.66	10.0.0.23	TCP	[TCP segment of a reassembled PDU]
<helloworld32934_> 2000	45.171480	10.0.0.66	10.0.0.23	TCP	[TCP Out-Of-Order] [TCP segment of a reassembled PDU]
<RoyK> XiXaQ: if you have /media/something mounted in /media, that is, a new filesystem, that fs needs to be explicitly exported
<helloworld32934_> ...
<XiXaQ> RoyK, that's what I did, as a "workaround". There is no way of automatically exporting all filesystems in /media?
<XiXaQ> RoyK, I'm configuring a home server, and I'd like to make it so that when I connect a usb stick, it's automatically available to all computers in my home.
<RoyK> afaik it's in the nature of nfs to export fs-wise
<RoyK> so, no
<XiXaQ> ok. Thanks :)
<RoyK> I think there is a userspace nfs server available in ubuntu
<RoyK> that will probably fix that
<RoyK> it's slower, but for a home server, it'll probably suffice
<XiXaQ> perhaps I should look into that then.
<RoyK> yeah
<RoyK> please tell if it helps - nice to know :)
<XiXaQ> I will if I find out. I may just export the filesystems manually though. It's less efficient, but.. It's not that big of a deal :)
<XiXaQ> less elegant, I meant.
<RoyK> perhaps use samba
<XiXaQ> I don't think so.
<RoyK> heh
<XiXaQ> :)
<XiXaQ> well, I am going to setup samba one of thiese days, just to have done it, but I think i'll do that in a virtual machine.
<RoyK> why?
<RoyK> it won't really interfere with the rest
<XiXaQ> I hate clutter.
<RoyK> it won't be
<RoyK> just another subdirectory under etc
<XiXaQ> a thought; how does encrypted home work with nfs exported home directories?
<XiXaQ> RoyK, I know. :)
<RoyK> no idea, but I think you might run into trouble
<XiXaQ> ok?
<RoyK> if the clients are ubuntu as well, it might work
<RoyK> never tried that, though
<RoyK> if the data is available unencrypted over the wire, what would be the point of encrypting them in the first place?
<XiXaQ> hmm?
<XiXaQ> the server would give access to the home folder, but the home folder would be decrypted on the client, I think?
<RoyK> unless you use kerberos auth for nfs, and the home dir is available unencrypted over nfs, the data will be available to anyone that sets his userid = your uid
<XiXaQ> why would the home dir be available unencrypted over nfs if it's encrypted?
<RoyK> it won't
<RoyK> or so I hope
<RoyK> but if the client side is unable to understand that encryption, you won't get much access to it
<RoyK> I'd use ubuntu 9.04 or something all over - that should work
<XiXaQ> right, but the clients would be ubuntu in any case.
<RoyK> that should work
<RoyK> I think
<RoyK> but - I've never worked with such a setup
<XiXaQ> that would be cool. I'll have to look into kerberos too.
<RoyK> this is on a LAN, right?
<XiXaQ> but I think kerberos is overkill for my home network. :)
<RoyK> yeah
<XiXaQ> yes.
<RoyK> with encrypted home dirs and plain nfs3, kerberos seems to be overkill
<RoyK> anyway - try to take a look at opensolaris :)
<RoyK> it's pretty cool
<RoyK> raidz and zfs snapshotting and that sort of stuff is non-existent on linux
<XiXaQ> think I'll stick to ubuntu for now. :)
<RoyK> 'cept btrfs, but that won't be stable for a while
<XiXaQ> raidz?
<RoyK> I've been using linux for 10+ years, and solaris amaze me
<RoyK> raidz/raidz2 is like raid5/raid6, only with lots of more checksumming so it can recover from far more errors than traditional raid[56] can do
<RoyK> also, making snapshots every now and then is quite a nice thing
<RoyK> oops - I deleted those files I made two hours ago - damn - backup - no - snapshot - whoo
<XiXaQ> I do almost all the work I do in virtual machines, which makes snapshots easy.
<XiXaQ> I recently discovered rdbd though. That seems nice.
<RoyK> wtf is rdbd?
<RoyK> what sort of virtualization are you using? kvm? xen? virtualbox?
<RoyK> btw, this raidz stuff from opensolaris has a rather neat feature - using SSDs for caching :)
<XiXaQ> I'm using kvm. And rdbd is sort of like raid over network.
<XiXaQ> raid 1 over network, I meant.
<RoyK> url?
<XiXaQ> drbd, I meant. :)
<XiXaQ> drbd.org
<RoyK> hm. zfs copy seems smarter. first create a zfs snapshot and then sync the whole thing over
<RoyK> just try opensolaris and some zfs stuff on a vm - I'm positive that you'll like what you see
<XiXaQ> I don't doubt it. I did experiment with opensolaris 10. But I'm quite happy with ubuntu.
<RoyK> whatever :)
<RoyK> we got an offer at work from NetApp for some high-tech storage solution, 5TB usable storage with dedup and snapshottable and so on for NOK 300k or so. Instead we're building a 20TB solution with RAID-Z2 (as in RAID6), some SSDs for caching and so on for NOK 55k
<XiXaQ> drbd seems perfect for me, since I have two servers which only need half their harddisk space. I should be able to setup drbd so that if one server dies, the other is able to immediately take over. You wouldn't get that with snapshots.
<RoyK> by the time btrfs stabilises, I might consider using linux for file servers
<RoyK> also, opensolaris has an in-kernel cifs server, which tends to speed things up a wee bit
<RoyK> hm... du er norsk?
<XiXaQ> yes.
<RoyK> name and host hinted a little at that
<XiXaQ> likewise. :)
<RoyK> :)
<RoyK> anyway - have you heard about the RAID write hole?
<XiXaQ> not that I recall. Enlighten me? :)
<RoyK> http://davidfrancis.blogspot.com/2008/07/raid-5-write-hole.html
<RoyK> zfs and btrfs addresses that quite nicely
<RoyK> but then, btrfs is far from mature
<XiXaQ> you're beginning to sound like my brother when he's talking about Windows. :)
<RoyK> bah
<RoyK> I use linux on 50ish boxes at work
<RoyK> but not for storage
<RoyK> we even use windows for the web servers, since we have a bunch of developers that are in love with .net
<maswan> we still use linux on quite a few storage boxes, just the dedicated storage where we can get away with it is zfs
<maswan> (linux storage is AFS servers and GPFS servers for instance)
<maswan> there just isn't another good checksumming filessystem.
<RoyK> you mean, 'cept zfs?
<RoyK> anyway - I was talking about dedicated storage. zfs is quite good there
<sebrock> I just installed Ubutu server 9.04 and need some help using LVM. I need to resize the root partition and divide it into two separate partitions. Anyone know how to proceed?
<sebrock> Somehow it took the whole disk, although I stated just to use 40GB of the 160GB
<RoyK> sebrock: there are a few ways to do that, but the short answer is "backup and reinstall"
<Nafallo> ehrm.
<Nafallo> livecd, shrink the partition and your good to go surely?
<RoyK> can gparted do that?
<RoyK> easily?
<uvirtbot`> New bug: #411045 in openldap (main) "slapd cannot get resinstalled or removed if the configuration files were lost" [Undecided,New] https://launchpad.net/bugs/411045
<sebrock> is it possible to shrink a partition (ext3) without data loss?
<Nafallo> I didn't mean partition like that. I meant logical volume
<XiXaQ> that bug sounded strange. *looking*
<sebrock> MMmmmmm, I can see the benefit of LVM but it just messed stuff up for me really
<sebrock> if I do 'lvs' it says the root partition is 40GB, 'fdisk -l' shows the whole 160GB, now I do understand the difference between the physical and logical partitions. What I need to do is take aprox 50GB of the /dev/sda disk and turn it into a /dev/sda3
<Nafallo> sebrock: why?
<sebrock> you ask why I need to partition it? Because its easier to maintain and backup
<Nafallo> I was rather asking why you wouldn't split out the space to another logical volume.
<sebrock> the other partition I want to use for Apple Time Machine backup
<Nafallo> but that depends on what the other partition would be doing.
<Nafallo> oh. well. no idea what requirements that other thing have.
<sebrock> basically, I just dont want to backup the Time Machine partition, just the root
<Nafallo> (neither if apple will read LVM or not)
<sebrock> no I will use AFP protocol do do that, nevermind the connection to the macs
<sebrock> I just want it to be easy to backup and separate the / from say /var/TIMEMACHINEBACKUP
<sebrock> Previously I used to backup the whole partition of raw data /dev/sda1 etc.
<sebrock> This will be to big if I have the time machine files on the same partition, therefore I just want an easy way to separate these. I was thinking doing it with /dev/sda1 and /dev/sda3 or whatever, but if its easier to do with LVM thats fine to
<sebrock> ok, can I use pvcreate to just add a partition without touching the existing root partition=
<RoyK> sebrock: have you made time machine work with samba?
<uvirtbot`> New bug: #411059 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/411059
<android6011> right now I am using free nas for home file server, is there a way in ubuntu server to have the hard drives spin down after say 20 min of no use
<android6011> I see commands like: hdparm -S 120 /dev/sda but will I have to do that after every reboot?
<PhotoJim> android6011: /etc/rc.local :)
<android6011> so put the correct hdparam command in /etc/rc.local and I'll be good to go?
<drurew> !eggdrop
<ubottu> Sorry, I don't know anything about eggdrop
<drurew> !bmotion
<ubottu> Sorry, I don't know anything about bmotion
<drurew> !megahal
<ubottu> Sorry, I don't know anything about megahal
<drurew> !AI
<ubottu> Sorry, I don't know anything about AI
<drurew> im looking for a somewhat well documented eggdrop ai module ...both of the above have massive problems like missing fact.txt files..and or just dont work entirel y
<drurew> something like ubottu
<quizme> is there a way to symbolically link /etc/passwd to another location
<quizme> when i move it i lose sudo rights
<quizme> then i can't write there anymore
<drurew> ln -s /etc/passwd /to/your/preferd/location && chown altusr:altusr /the/location/you/saved/the/passwd/file
<drurew> *location you liked the passwd file
<drurew> not a safe idea tho
<drurew> *linked
<quizme> drurew: yeah i think I'm going to skip it.  too risky..
<drurew> i mean ...if you chowned it to your user ..then anyone who cracked you X or whatever has the -rw permission
<drurew> http://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
<drurew> quizme: what you could do ...is add yourself to the root user in /etc/group meaning user:quizme would theoreticly be able to everything root can
<drurew> not theoreticly
<drurew> *actually
<drurew> check this out :https://code.launchpad.net/ubuntu-bots
<drurew> ubottu uses megahal as its AI interface ...yet it knows nothing about megahal
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<drurew> LOL
<drurew> nice ubottu
<drurew> ubottu: !megahal
<ubottu> Sorry, I don't know anything about megahal
 * drurew `s a noob
<toehio> how do you customize text-only mode? (font, size, colors)
<sebrock> RoyK I don't, I use netatalk/AFP with it
<NorthByNorthWest> Hi! I think my ubuntu server got screwed up after a power failure, the power was cut to the computer and it seems I had some bad luck with the file system...
<NorthByNorthWest> booting up lands me in the busy box, prior to that it says that it cant mount some of partitions.... lite /sys, /proc and a few more...
<NorthByNorthWest> above the mounting errors it says "EXT-3-fs: error loading journal" so it seems like I have had som bad luck!
<NorthByNorthWest> Can this be fixed in the busy box? Or do I need to put the HD in another computer, copy what can be saved and reinstall the server all in all?
<PhotoJim> NorthByNorthWest: you can run fsck to repair the partition.  whether it will be repaired enough to allow booting is another matter.  it depends on the extent of the damage.
<NorthByNorthWest> PhotoJim: fsck dont seem to be available in the busybox... can i install it in any way?
<PhotoJim> NorthByNorthWest: what about fsck.ext3 ?
<PhotoJim> NorthByNorthWest: I thought fsck was included in there.  if it isn't, you're probably looking at removing the hard disk and attaching it as a secondary drive to a working system for repair.
<NorthByNorthWest> PhotoJim: nope, "Help" shows me the build-in commands, but theyre to many to type in here... the only commands that starts with f are "false, fbset, fdflush, fgrep"
<NorthByNorthWest> PhotoJim: Seems like I have to do that :(
<NorthByNorthWest> PhotoJim: weird that there are no hard drive fixing tool included in busybox...
<PhotoJim> NorthByNorthWest: I don't know if I've ever tried to run fsck from there.  there are ways of having fsck in that environment, though, so you might want to investigate that on your systems once you get this one fixed.
<NorthByNorthWest> PhotoJim: ok! thanks!
<PhotoJim> NorthByNorthWest: fixing by removing the drive is annoying but pretty doable.  there are inexpensive external USB devices that will connect to almost any type of hard disk.  they are indispensible for this sort of task.
<PhotoJim> NorthByNorthWest: by "almost any" I mean PATA/SATA, 2.5" or 3.5".  not SCSI etc. :)
<NorthByNorthWest> PhotoJim: Well lucky me, the drive was fitted in a bay so it was just to open and pull out... my main computer has a similar bay that I can push it into! :)
<PhotoJim> NorthByNorthWest: cool.  good luck :)
<NorthByNorthWest> PhotoJim: oh... I just remembered ont thing... how dumb of me! :P
<NorthByNorthWest> PhotoJim: (This is a server I installed to my sisters-in-law's small company, so I dont see it much)
<NorthByNorthWest> PhotoJim: The OS is installed in a USB memory stick!!! The harddrives are just for storage!
<NorthByNorthWest> PhotoJim: So I hope i can do a fsck on the usb stick as well...
<PhotoJim> NorthByNorthWest: Yes.  Hopefully you didn't put /var on USB.  the heavy write cycles will wear out a flash drive in no time.
<PhotoJim> NorthByNorthWest: and you'll want to make sure that your swap space is on a hard disk too.
<NorthByNorthWest> PhotoJim: good points, didnt think of that!
<NorthByNorthWest> PhotoJim: If I get the system up and running again i should move the /var to the harddrive!
<PhotoJim> NorthByNorthWest: for sure.  that might be part of your problem.
<NorthByNorthWest> PhotoJim: Its strange though... I run "sudo fsck.ext3 -v -y -b 8193 /dev/sde1" and it finds some problems that it supposedly fix... but rerunning the exact same command finds the same errors....
<NorthByNorthWest> PhotoJim: trying to boot the server gives me the same old errors...
<PhotoJim> NorthByNorthWest: hmm.  you might need to try copying the data to another device.
<PhotoJim> NorthByNorthWest: if the flash device is dead, it might not permit writing, which would prevent the errors from getting corrected.
<NorthByNorthWest> Coudl I just do a simple copy of them them to another USB drive with the same fs?
<PhotoJim> NorthByNorthWest: Probably.  You might need to look at the fstab to see if it mounts by device name or by UUID.  the UUID will probably change.
<NorthByNorthWest> PhotoJim: hmm... the usb drive is a 8Gb dirve but it mounts as a 255 Mb drive... sounds like its dead allready...
<PhotoJim> NorthByNorthWest: frequent writes will kill flash quickly, so it's entirely possible.
<NorthByNorthWest> PhotoJim: darn it... :P
<PhotoJim> NorthByNorthWest: I have to run, but I stay in channel, so keep me posted.
<NorthByNorthWest> PhotoJim: Ok... but right now Im leaning towards a reinstall on another USB drive...
<MK13> i have ubuntu set up with dhcp3-server, and it assigns the ip's correctly but i cannot ping to the ip that it has just assigned. Any ideas?
<error404notfound> i managed whole lot of servers at three different place, so i have 3 different sets of pub and priv keys. Is there a way that using config file i can define which key file to use when connecting to a specific server?
<andresmujica> ~/.ssh/config
<andresmujica> look into the ssh manual you'll find the right syntax
<mushroomblue> so, does anyone have a decent tutorial for setting up phpldapadmin and OpenLDAP in 9.04?
<mushroomblue> all the ones I've found are for 8.10
<drurew> do 8.10 mans not work for 9.04 apps?
<drurew> !virtualbox
<ubottu> virtualbox is a x86 !virtualizer. A !free edition is available from the package 'virtualbox-ose'. A non-free edition is available at http://virtualbox.org for most Ubuntu releases (help in #vbox) - Setup details at https://help.ubuntu.com/community/VirtualBox
<XiXaQ> my network interface slows down dramatically after a while, specially if I have more than a little traffic. ifdown eth0 && ifup eth0 "fixes" it, but that's not good enough. Any suggestions?
<StrangeCharm> XiXaQ, is it a virtual server?
<StrangeCharm> is it possible to write a bash script (including the username and password as text) which automatically logs on to a telnet session?
<kad_> hey i run postfix when i do mutt give me error: no such file for /var/mail/root ! i create file root in folder mail give me error : file root not a mailbox ! and i install mailutils trying to do : echo "test" | mail -s "test" root
<mndo> hi!
<mndo> i am not able to access packages.ubuntu.org
<mndo> s/org/com/
<dazman> Yep, it appears to be down.
#ubuntu-server 2010-08-09
<patdk-lap> I used to use pam_mount, that was fun :)
<clusty> hey
<clusty> i am building my very first raid and was curious how bad is it with the TLER issues with consumer hdd's ?
<clusty> is it that common for hdd's to take 7+ seconds to try to fix an error themselves ?
<qman__> an encrypted drive set to automount rather defeats the point of an encrypted drive
<terinjokes> Hey guys, running 10.04 here, and I have APT::Periodic::Update-Package-Lists set to "1", but I'm noticing that the package index is never updated until I explicedly refresh with `apt-get update` (as such, I'm not getting my update notifications sent to me)
<giovani> terinjokes: just confirm where you've set it -- i.e. pastebin the file, and you know that's only supposed to update the lists once a day, right?
<terinjokes> giovani: correct, but it's not being updated... one second
<terinjokes> giovani: http://pastebin.com/jHraTu31
<giovani> terinjokes: are you trying to do automatic upgrades, or just notifications of packages that can be upgraded?
<giovani> the latter is done automagically via some cron jobs in the desktop install, unsure about the server install -- the former is handled by a specific package (which installs cronjobs) for the server and desktop afaik
<jmarsden> terinjokes: sudo apt-get install unattended-upgrades    # for unattended upgrades... and read its docs too.
<giovani> yeah, that would be the package for the former
<terinjokes> giovani: i *just* want notification of the new packages
<giovani> terinjokes: and how do you plan to get notification? do you have a custom setup for this? or are you using a pre-built mechanism?
<terinjokes> jmarsden: i read those docs, but my understanding of unattended-upgrades is to install the upgrades, which I don't want
<terinjokes> giovani: i already have notifications setup... works great (ie, as soon as i run `apt-get update` i get it...)
<jmarsden> terinjokes: I think you can configure it not to actually do the upgrades, but just let landscape-client tell you what is available to be updated at login...
<terinjokes> i've disabled most of the MOTD scripts
<terinjokes> (so if it was there, then this might explain why they don't happen)
<giovani> terinjokes: ok, well without the cronjobs provided by some package (or written by hand) I don't think that variable you set does anything
<terinjokes> giovani: is there some package that setups these crons? would it be best to have unattended-updates installed, and just tell it not to update anything?
<giovani> terinjokes: I honestly don't know, but I'd bet that they're in that package, and, jmarsden seems to know more about it -- it likely can be told not to upgrade
<jmarsden> terinjokes: I think yes, just install unattended-upgrades and then *don't* set APT::Periodic::Unattended-Upgrade "1";
<jmarsden> I've not used that that way, but I'm pretty sure it will do what you want.
<wieshka> hi there - i have serios problem - my last try to install ubuntu-server with raid 1 + lvm made unsupported partitioning on my HDD's, so now reinstall normally cant detect my HDDs, so i cant redone partitioning for my HDD ?
<wieshka> what are my options to clear partition tables/format HDD using busybox ?
<wieshka> or maybe ubuntu live ?
<wieshka> all i want to do, is fully clear partitioning data from my HDD's
<wieshka> so i can do reinstall with /boot partition out of raid
<wieshka> and looks like i will prefer installing Lilo
<terinjokes> jmarsden: thanks, i'll give that a shot
<jmarsden> terinjokes: You're welcome
<jmarsden> wieshka: If you just want to destroy the partition tables you can do something like dd if=/dev/zero of=/dev/sdb bs=1024 count=1024
<jmarsden> that will wipe the first 1MB of your /dev/sdb drive...  is that what you are looking for?
<wieshka> jmarsden: it shouldnt take a long long process ?
<jmarsden> wieshka: No, just 1MB of writes...
<wieshka> jmarsden: ok i will try - basicly i want my hards clear
<wieshka> to set up new installation
<wieshka> i dont what i messed up
<jmarsden> zeroing the whole drive would take more time, but you don't need to do that just to be sure the installer sees the drive as being "new".
<wieshka> but my install neither boots up, neither shows correctly in partition detection
<wieshka> done for both disks, now rebooting to see result
<wieshka> jmarsden: how long it should take with 500 GB disk to fully write it with zeros ? :)
<wieshka> it like a formatiing - i am correct ?
<mase_wk> wieshka: depends how your doing it ?
<mase_wk> -?
<jmarsden> I don't remember, I do that kind of thing overnight.  Well, writing zeroes to every sector does not technically format the drive.
<jmarsden> But it makes pretty sure noone will read whatever info was on it before :)
<mase_wk> heh
<mase_wk> if you do something like dd bs=2048 if=/dev/zero of=/dev/foo  it will be reasonably quick
<mase_wk> you could set a larger bs too
<mase_wk> but you will still need to format it after
<wieshka> thx jmarsden - now i have clean two disks :)
<wieshka> so what is the best suggestions for building RAID 1
<jmarsden> wieshka: You're welcome :)
<wieshka> make /boot out of the raid ?
<fidelix> Guys, can you please take a look here? http://ubuntuforums.org/showthread.php?t=1548415
<wieshka> becouse my disks restursn HDIO_IDENTITY fail (hdparm cant detect by name or something like that)
<wieshka> so if my boot is inside of raid
<wieshka> boot after install fails
<wieshka> so how good is my idea about partitions: make 100m /boot, give it a boot flag, then make 30 Gb swap, and create one big partition on whole disk as raid, and after that as LVM
<wieshka> so then i can make volume group and do with my partitions on running system what i want
<wieshka> or the best way is do like this ? https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<wieshka> ?
<jmarsden> There is no "should"; the Server Guide doesn't do LVM with RAID1, just RAID1, for simplicity, I think.  If you want LVM, try it your way and it sounds like it should work.
<wieshka> basicly i want to setup ubuntu server and then KVM with 5 vhs on it
<wieshka> i wanted to make aprtition for each vh for better performance
<wieshka> but also i can make a one big partition and use vh as images
<jmarsden> Sounds like a reasonable use case for LVM to me.
<wieshka> ok - i will give a try with /boot partition out of raid array, and whole disk as raid 1 + LVM
<wieshka> is it better to make swap out of raid or i can make it under LVM ?
<wieshka> sorry - first time serious install of ubuntu-server
<wieshka> on multiple disks
<wieshka> i have old install/use of ubuntu-server on single disk, but now i am building new one, so trying to make reasonable good install
<wieshka> so - i am begginer - open for suggestions :)
<jmarsden> wieshka: You won't be swapping anyway really, on a modern machine with gigabytes of RAM, so it probably doesn't matter :)  I'm not doing "real" virtualization server builds so I'm not really the best person to get advice from on that.  My guess: try the swap outside the LVM.
<wieshka> outside of LVM and also outside of raid array ?
<wieshka> hmmm, basicly i have 16 gb ram - so is there need for a swap at real ?
<wieshka> 16 x 1 Gb
<jmarsden> Perhaps not :)  Yocu ould leave a small swap partition outside both RAID and LVM "just in case" it is ever needed.
<wieshka> hmm, not a bad idea :)
<wieshka> so  summary: i will split each drive (2) in 3 partitions, 100 mb for /boot, 10 Gb for swap (maybe someday i will need it), and whole disk, as raid partition, after that i configure raid 1 as sda3 + sdb3, and set them as LVM volume group, and also i will make ~20 Gb logical volume on LVM as mount point /
<wieshka> i have to gibe boot flag option to /boot partition ?
<wieshka> and do i have to set this /boot partition on one disk or on each one ?
<wieshka> i supouse one only
<wieshka> so all this stuff/summary should work - so i am going to give a try :)
<jmarsden> wieshka: You can try setting /boot on both drives, then if one drive fails you *might* be able to boot from the other one... although in the past getting that to work has needed some minor messing around, at least for me.
<wieshka> what messing around
<wieshka> you think, this configuration will not work on fly - install & go ?
<wieshka> hmm, /boot must be as primary & at the begining ?
<jmarsden> It should, and maybe these days it will, when I tried it was at least a couple of years ago, Ubuntu RAID support has changed since then.
<wieshka> & with boot flag
<jmarsden> I would suggest that, if you need the "failover boot" to work, then test it before you have a real disk failure, so you *know* it will work.
<wieshka> so i made on each drive 100 mb primary partition as ext4, with mount point /boot and bootable flag
<wieshka> jmarsden: i will test that :)
<wieshka> at first i need working install :)
<jmarsden> wieshka: True :)
<wieshka> does swap need botable flag ?
<wieshka> i supouse no
<wieshka> and does raid 1 partition needs boot flag ?
<jmarsden> I really doubt it.
<wieshka> heh, install do not allow me to make to /boot
<wieshka> so maybe set them in array as md1 and then set on them /boot ?
<wieshka> jmarsden: still here ?
<jmarsden> Yes... did it work?
<wieshka> and again my boot stops ....
<wieshka> with fsck error
<wieshka> ata_id[650]: HDIO_IDENTITY failed for /dev/sda
<wieshka> also for sdb
<wieshka> and next line is, that with my LVM everuthing is ok (check statuss)
<wieshka> and no more action
<wieshka> at the same point again ....
<wieshka> fuck.
<jmarsden> I have not seen that error msg before... does googling for it show anything interesting?
<wieshka> lets try - i removed one of my disks
<wieshka> what it will say now
<wieshka> i even tried to setup with lilo bootloader now
<wieshka> insted of grub
<wieshka> as i heard - it haves better compability with raid
<wieshka> maybe - i should install system on single disk, and after that make RAID 1 over my existing installation
<wieshka> at start as degraded RAID
<wieshka> i dont even now anymore- tomorow i have ti put server in data center ....
<jmarsden> Hmmm.  a test install to a single disk would be good, so you at least know the hardware is OK and will let you install to it and boot from it.
<jmarsden> Doing a "first time serious install of Ubuntu server" with a constraint of "tomorrow I have to put the server in the data center" sounds like you are trying to learn too much too fast...
<wieshka> jmarsden: i am this problem already 3 days
<wieshka> on this
<wieshka> heh :D :D :D
<texastwister> Came in late to the conversation guys, what's the issue?
<wieshka> i swicthed disk slots and now it works - whata hell
<wieshka> asks login - give me moment i want to really test that RAID 1 worked or it is a degraded mode
<jmarsden> wieshka: Ah, so maybe one of the "disk slots" is bad in your hardware, or the drive was not fully plugged in, or something?
<wieshka> but if it shows up in BIOS and also durring install - connection & hardware must be good
<wieshka> i dint changed hot swap ports
<wieshka> i them only switched
<jmarsden> texastwister: Software RAID1 install to wieshka's new server, it has not been booting... until just now, at least!
<wieshka> yeah, but i have to check is everything ok :)
<jmarsden> wieshka: Indeed.  I suggest you test it a lot in your remaining time... at least it now boots :)
<wieshka> i full y agree
<wieshka> hdparm still outputs that he cant recognize this HDD model
<wieshka> it is simple enterprise edition server HDD from seagete
<wieshka> weird
<wieshka> hmmmm, mdadm returns that disk are in active sync statuss
<wieshka> what else test i should perform ?
<wieshka> dmesh also says that raid1 is active with 2 of 2 mirrors
<wieshka> also /proc/mdstat says that RAID is active
<wieshka> wtf - now bootup hangs
<wieshka> its not normal ....
<jmarsden> No, that's not normal... sounds like you have some sort of weird intermittent boot issue.
<wieshka> the disks should sync durring bootup or after that ?
<jmarsden> You did a clean shutdown/reboot, right, you didn't just hit the reset button?
<wieshka> i run command reboot from shell
<wieshka> now i did reset ....
<wieshka> lets se, what i have there
<wieshka> now
<wieshka> BIOS detects both drives ....
<wieshka> LILO runned
<wieshka> hmmm only one disk activity is flashing
<wieshka> i am confused - now it again booted well
<jmarsden> Does cat /proc.mdstat still look fine?
<wieshka> eem .... no
<wieshka> there is that HDIO identity again
<wieshka> but later showed up then last time
<wieshka> hmmm, wait ..... my disks activity LED is flashing for both disks
<wieshka> maybe i should give them a try
<wieshka> some sync or something ?
<jmarsden> I think you could have some sort of weird hardware issue, I would research that HDIO_identity message some more.
<jmarsden> If you want to give the disks a bit ot a test workout, you could use bonnie++ or some other disk performance test tool.
<wieshka> hmmmm, my sata disks are connected via SAS on motherboard
<wieshka> maybe i should switch to sata ?
<wieshka> or i am miising some disconfiguration in BIOS ?
<jmarsden> I have no idea... sorry :)
<wieshka> ok, looks like i have to cancel tomorrows data center :D
<wieshka> hmmm, HDDs activity still flashed
<wieshka> lets try what happens, when i remove one HDD
<wieshka> as degraded mode activated, it should work
<wieshka> jmarsden: heh, single install works like a charm ....
<wieshka> so now trying to set raid over existing installation :)
<robertpayne> I have one server with all my domains pointed to it and my webserver setup on it.. Currently it's also my mail server but I'm looking to forward all the mail to a second server. Is the best way to do that to just update the dns record and point the mail commands to the second server's ip?
<jmarsden> You would point all MX records the second server, yes.  Possible also update all A records for mail.DOMAIN.com to point there too, and pop.DOMAIN.com if you have folks using those naming conventions for their incoming and outgoing mail.
 * twb pedantically points out that "example.net" exists for examples like that.
<robertpayne> jmarsden: thanks. I'm the only one using it.. I have like 9 emails I'm using over imap right now and it's  bogging down the main server too much
<jmarsden> Not much of a server if one user can bog it down :)  But OK.
<robertpayne> jmarsden: Well I mean my email client is maintaining about 9 imap connections simultaneously it's not a beefy server
<robertpayne> 512mb VPS
<jmarsden> OK.  I run a mailserver with 150 domains and maybe 1200 or more email users, it also runs 100 or so small web sites :)
<robertpayne> daaayum :P
<robertpayne> How much ram though :P
<jmarsden> 4GB.  Basic cheap rackmount server.
<robertpayne> yeah webserver is running nginx reverse proxy to apache ( dynamic content only ) it does well the process count is what keeps going a bit red when I keep my email client open
<twb> postfix and dovecot should place negligible load on the server
<robertpayne> twb: that's what I'm running
<robertpayne> It also could be that Apple Mail ( desktop client ) opens about 5 connections for each account to the server to speed up stuff
<jmarsden> robertpayne: Then most likely, removing your email from that server will not significantly affect how bogged down it is... are you 100% sure it is the email slowing things down?
<robertpayne> jmarsden: I Shouldn't say it's "slowing it down" or necessarily any sort of speed decrease.. I just simply am getting process count warnings from my host.. if I close my email client the process count drops by about 40-50
<robertpayne> I'm also setting up a dev box as a backup to my production box ( because not doing so is retarded.. ) and thus was going to offload the mail to the dev box but back it up to the production box nightly
<jmarsden> OK... odd that your host cares about process count... CPU load, or RAM usage, sure... but process count?
<ruben23> guys any known apps that can do directory service for windwos client PC and windos client PC..?
<robertpayne> jmarsden: heh not really sure if they care so much but their status panel does show alerts when it gets too high.. I know kinda dumb.. maybe something to do with VPS stuff who knows
<twb> robertpayne: Samba 4 can act as an AD server
<twb> Sorry, bad completion
<robertpayne> maybe I'll just leave it on the main box.. like I said not really an issue just figured I'd forward it to the dev box
<robertpayne> and wanted to make sure modifying the DNS was the best way
<ruben23> twb: i can do it with samba4
<robertpayne> anyways i got to go for now thx for answers
<jmarsden> robertpayne: You're welcome
<mase_wk> ruben23: samba4 is not really production ready yet though
<mase_wk> at least on my last try a few months back
<robertpayne> I think ill just leave it on main box.. and use dev box as backup MX :)
<pheelineerie> Hey guys, I could use some help making US get along with the internet
<pheelineerie> it won't play nice with my wifi and i have been at it all weekend
<Roxyhart0> sorry about this question...somebody know what mean the blue color in the zone file with bind and why some of them are in blue color and others not?
<SpamapS> pheelineerie: can you be more specific?
<SpamapS> Roxyhart0: maybe you can paste your zone file at http://paste.ubuntu.com and we can look at it ourselves?
<pheelineerie> SpamapS: well for example iwconfig says this: IEEE 802.11bg ESSID:off/any. Mode:Managed   Access Point: Not-Associated
<SpamapS> pheelineerie: that seems to mean that you're not associated to any SSID's
<pheelineerie> trying things with apt-get results in a bunch of Failed to fetch errors
<pheelineerie> yes, and I've been trying to set it but i can't get it to take my network name
<SpamapS> pheelineerie: are you sure your wifi chipset is fully supported?
<pheelineerie> i would think so, because it was working with ubuntu 10.04 before i installed server
<mase_wk> perhaps the desktop kernel has patches applied to it which the server kernel does not
<SpamapS> pheelineerie: so 'iwconfig eth0 essid "yournet"' doesn't work?
<SpamapS> mase_wk: unless you explicitly select a different kernel, they both should get the generic.
<mase_wk> k
<mase_wk> i didn't know if you had installed the -server kernel
<SpamapS> Tho I think desktop makes it really easy to install non-opensource drivers, IIRC
<pheelineerie> SpamapS: i've tried that command but with wlan0 instead of eth0... should i try with eth0?
<SpamapS> pheelineerie: no
<SpamapS> pheelineerie: And the result was.. ?
<pheelineerie> it sees the networks when i do the scan thing
<pheelineerie> SpamapS: the result was nothing, i restarted interfaces and still the same problem
<pheelineerie> SpamapS: i'm putting the name of my wireless network in quotes, but there is a space in it, does that matter?
<pheelineerie> SpamapS: and when i say the result was nothing, i mean it just accepted it and went to the next command line with no feedback
<SpamapS> pheelineerie: when you restarted interfaces, you probably wiped out the essid.
<pheelineerie> SpamapS: o.
<pheelineerie> i thought i was supposed to. lol
 * pheelineerie feels dumb
<SpamapS> pheelineerie: run it, then run 'iwconfig wlan0' again, and see if it shows something different
<SpamapS> pheelineerie: the idea is to set your essid, then the card should associate to the correct AP
<SpamapS> pheelineerie: once you're associated, then the dhcp client that is already running on wlan0 should get an IP.
<pheelineerie> well now it says ESSID:"Kansas 2" but it still gives me "Failed to fetch" etc
<SpamapS> I'm honestly quite ignorant at the proper convention for using iwconfig on server..
<SpamapS> but for a manual test, this should work
<SpamapS> pheelineerie: what still says "failed to fetch" ?
<pheelineerie> well i've been testing to see if it was online by trying "sudo apt-get update"
<pheelineerie> SpamapS: and it gives me a bunch of "Temporary failure resolving 'us.archive.ubuntu.com' type errors
<SpamapS> pheelineerie: right because it hasn't received a network configuration from your DHCP server yet...
<SpamapS> pheelineerie: is wlan0 listed in /etc/network/interfaces?
<ohzie> I hosed my samba conf file. I'm not sure how, but I'm content with going back to the default conf file. How do I do this?
<SpamapS> ohzie: you can move the damaged conf file out of the way, and reinstall samba
<SpamapS> ohzie: as in, 'apt-get remove samba && apt-get install samba'
<SpamapS> ohzie: if you don't want to do that, you can also extract the file from the .deb, but thats sort of complex
<ohzie> SpamapS: No that solution is perfect and makes sense.
<Roxyhart0> somebody know how i can create a domain aleas with bind?
<pheelineerie> SpamapS: right now interfaces has the following lines: auto lo / iface lo inet loopback / # auto wlan0 / iface wlan0 inet dhcp / wireless-mode managed / wireless-essid 'Kansas 2' / wireless-key 20830835u0fjf etc
<ohzie> When I tried reinstalling, the conf file was still there
<ohzie> I don't know why it never occurred to me to just delete the damned thing.
<ohzie> God, I feel stupid right now.
<SpamapS> ohzie: Confusion is the only way we grow. :)
<SpamapS> pheelineerie: hrm.. well that seems very logical.. not sure what to tell you
<ohzie> SpamapS: Yeah I've been using linux since Red Hat 6. I should have known better. =P
<ohzie> It's just late and I am exhausted. Thank you so much for putting up with me.
<SpamapS> ohzie: its our pleasure, thanks for using Ubuntu. :)
<ohzie> I haven't actually used anything Redhat based since FC4, and I recently threw Centos 5 on a server at work. For anyone wondering? Centos is so different from Debian/Ubuntu that I am helpless most of the time. It's really horrible, and I can't stand it, and the default user you create during the install is not added to the sudoers file.
<ohzie> so i intend to replace that with pure Debian or Karmic as soon as I can
<chrislabeard> Hey guys I'm trying to use webdav and for some reason its not working
<chrislabeard> I have set everything up but when I try to use my mac to connect to it it says it doesn't exist. If I got to the domain in a browser it asks for password and user
<ohzie> SpamapS: So I removed samba, deleted my smb.conf, and then reinstalled samba, and it didn't install a conf file.
<ohzie> I'm not sure how to react to that.
<lifeless> ohzie: did you purge it ?
<ohzie> lifeless: Don't know that one.
<ohzie> !purge
<ohzie> He doesn't know anything about purge.
<lifeless> ohzie: dpkg has two separate states for software which you have removed.
<lifeless> ohzie: the first state, 'removed' has the binaries/docs/libraries etc gone, but keeps the config files.
<lifeless> ohzie: the second state, 'purged' removes the config files too.
<lifeless> ohzie: installing software which was only removed, does not touch the config files, because they are already present :)
<lifeless> ohzie: so, if you purge samba, then install it again, it should do what you want.
<ajmitch> 'apt-get purge samba'
<ajmitch> just make sure you've got backups of any important samba files
<chrislabeard> Can the webdav you set up on ubuntu work with macs, pcs?
<ajmitch> wwwwwwwwgouge
<ajmitch> grr
<ohzie> ajmitch lifeless: Thank you very much. :D
<pheelineerie> Question: do i HAVE to configure Server on the command line? Does it come with any kind of gui at all? i know they can be downloaded but i can't get it online to do so, and i'm going insane :'(
<ohzie> pheelineerie: you do have to get it online to install the commandline tools.
<ohzie> pheelineerie: "aptitude install ubuntu-desktop" has hilarious results on ubuntu server. The GDM theme has purple on it?! I don't know where it came from, but I like it a lot more than the default gdm theme in normal ubuntu.
<pheelineerie> ohzie: but the problem is the fact that i can't get it to connect to my wifi, so i can't install any packages
<ohzie> pheelineerie: I've never done wifi from the command line. I wonder if ebox has a network-manager applet?
<pheelineerie> ohzie: it is weird and annoying and it's making me feel very dumb. i installed ubuntu-server and it just came up to the command line. i don't know of any other way to do anything?
<ohzie> pheelineerie: Don't feel dumb. Feel inexperienced, and realize that learning how to do this will grant you that experience. It will make you feel less dumb. =P
<pheelineerie> ohzie: i don't know what ebox is, but i just typed network-manager and it said command not found. i don't know if that answers the question
<ohzie> network-manager is a service that controls networking in my desktop systems.
<ohzie> I don't know if server uses it, to be honest.
<ohzie> Let me see.
<ohzie> !!!!!
<ohzie> Found what i was looking for.
<ohzie> Everything i use wifi on, I use "knetworkmanager" which is a graphical thing.
<ohzie> but there is a terminal one
<ohzie> can you try the command "nmcli" ?
<ohzie> I've not used it so I don't know if it's installed or what the results are
<ohzie> but I know that it is a terminal-based client for network manager.
<ajmitch> you may as well just use wpa_supplicant directly & setup the interface in /etc/network/interfaces
<pheelineerie> ajmitch: that's what i've been trying to do all day, and i do believe i have completely and utterly failed
<pheelineerie> sigh
<pheelineerie> ohzie: nmcli: command not found
 * ajmitch wouldn't expect any of the network-manager stuff to be present
<pheelineerie> ohzie: is your nick in reference to otzi, the frozen guy? cause that would be awesome
<ohzie> pheelineerie: No.
<pheelineerie> ohzie: oh.
<ohzie> pheelineerie: Although, upon googling 'Otzi' I do approve of names referencing him, and I will probably use his name from now on in Supreme Commander.
<pheelineerie> ohzie: :D
<pheelineerie> oh my god. i think i am an idiot
<pheelineerie> if i do "sudo nano filename" on a file that doesn't exist.... it creates a new file, doesn't it?
<pheelineerie> i think instead of appending something to interfaces.conf or whatever file it was supposed to be, i just created a new, useless file and put the stuff there
 * pheelineerie smacks forehead
<ohzie> ajmitch: I did sudo aptitude purge samba4, and it ran, and I reinstalled, and I still don't have a conf file.
<uvirtbot> New bug: #614195 in apache2 (main) "Apache2 UserDir defaults to User www-data" [Undecided,New] https://launchpad.net/bugs/614195
<ajmitch> ohzie: it may be in samba-common
<ajmitch> (or samba4-common)
<ohzie> Is there a way to ask samba what conf file it grabbed when it started up?
<WalterN> https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<WalterN> when I get done with the first 9 steps, it complaints that there is no file system defined for root
<WalterN> and wont let me continue
<ohzie> ajmitch: Yes, the conf file is included in samba-common and wasn't  removed because it is a dependancy for freenx and smbfs. Thank you so much for helping me look in the right place! =D
<WalterN> :/
<WalterN> oh wait
<ohzie> WalterN: Do you have a partition that has a mounting point of "/"
<ohzie> ?
<nllptr> Is there a standard directory structure for a multi-site dedicated server
<nllptr> ?
<WalterN> silly me
<WalterN> dont go to continue at the bottom, select RAID at one of the top options after arranging the partitions for RAID
<WalterN> 0.o
<ohzie> nllptr: Most companies will put the WWW folder in the user's home directory, or if each site is running in a VM it will just be under /var/www like normal, but inside the VM.
<ohzie> WalterN: lol
<nllptr> ohzie: if the sites are larger and have multiple developers should the sites be put into a group's home directory instead?
<ohzie> Okay, so I made the changes to the default conf file, and now everything is hosed again. Ugh.
<WalterN> hmm
<ohzie> nllptr: I would have them in VMs because I am lazy annd not that good with apache.
<ohzie> and*
<ohzie> I am better with VMs than I am with apache, so I would do that option
<ohzie> but I know some apache ninjas who could probably work it out either way and it would be amazing.
<ohzie> so I can't really answer what is the best option...but I can tell you what I'd do and why! :D
<WalterN> here is the server box I made last week... http://i36.tinypic.com/ivx355.jpg?
<WalterN> installing Ubuntu for that as a server :)
<nllptr> ohzie: are VMs any less efficient?
<nllptr> ohzie: I can't seem to find any good documentation on setting up hosting in a VM on google :S
<ohzie> nllptr: Currently I only use virtualbox, that won't work for your purposes. You're going to want to look at Xen.
<ohzie> Xen is, I've heard, awesome and amazing.
<ohzie> I haven't touched it because I haven't needed to yet
<ohzie> but I hope to in the near future.
<WalterN> I love my server box
<mase_wk> nllptr: if you have the hardware support VT-x i'd recommend looking at KVM to.
<mase_wk> Not that Xen is bad in anyway, but we've just migrated from Xen to KVM as the management is fairly trivial
<_chris_> moin all :)
<mase_wk> moin
<WalterN> well, there goes the install
<twb> mase_wk: are you using libvirt?
<mase_wk> yarp
<nllptr> mase_wk: not sure the hardware will support it. The site we're running is a non-profit teenage-run teenage portal site for teenagers running on donated computers
<WalterN> two RAID1 arrays for SWAP and /, one RAID5 for extra storage pool, 3x 2tb drives :)
<mase_wk> nllptr: yeh if the hardware doesn't support it Xen is useful
<WalterN> does it build the arrays before it installs?
<WalterN> as in, do I need to wait 8 hours while it builds the RAID5 of 4tb?
<Roxyhart0> hi somebody know how to create a domain aleas with dname? where i need to put the record as is not working
<joschi> Roxyhart0: well, obviously you need to put the DNAME resource record in the zone for the domain you want to set it for.
<Roxyhart0> i did but i think im doind something wrong as is not working..what should be the sintax?
<Roxyhart0> i got WHCL. IN DAME WHCL.COM
<joschi> Roxyhart0: foo DNAME target.example.com.
<Roxyhart0> i got WHCL. IN DAME WHCL.COM.
<lifeless> Roxyhart0: DAME != DNAME
<Roxyhart0> yes sorry dname
<joschi> Roxyhart08: the period after WHCL is probably wrong, unless it's the zone file for the zone 'WHCL.'
<joschi> Roxyhart08: you should also describe 'not working' in a little more detail...
<Roxyhart08> yes the ast one is the file zone
<Roxyhart08> when i do nslookup fot WHCl tell me palm.whcl.com (ns) doesn find whcl
<WalterN> ok, guess I dont need to wait for it to build
<WalterN> good
<WalterN> installing
<nllptr> We're going to start completely fresh and set up our four servers from scratch. Any tips on what we can do so it'll be easy to track down problems later on? Any conventions we should follow?
<nllptr> We're using one server for a shared hosting service for ourselves. Right now everyone just uses sudo to modify virtualhost settings
<nllptr> Any better way?
<twb> nllptr: etckeeper is an easy one
<ohzie> How do I dump the output of a command to a text file?
<ohzie> Nevermind, I found it.
<ohzie> I'm going to put my errors and my conf file in a pastebin
<ohzie> because I am so blown away, I don't know what to do. :[
<robertpayne> Does ubuntu automatically logrotate the syslog file or do you have to setup that manually?
<Jeeves_> robertpayne: That depends if there is a config for the specific file
<robertpayne> Jeeves_: I don't see anything in logrotate.d so I'm going to assume no
<Jeeves_> robertpayne: Which file?
<robertpayne> Jeeves_: er do you mean a config file for log rotate? There's no mention in /etc/logrotate.conf or /etc/logrotate.d/*
<Jeeves_> robertpayne: No, which file should be rotated?
<robertpayne> Jeeves_: /var/log/syslog /var/log/mail.log
<ohzie> http://paste.ubuntu.com/475330 - I've been trying to figure this out for a while and I'm at a loss.
<Jeeves_> robertpayne: There should be a config for those files
<Jeeves_> robertpayne: /etc/logrotate.d/rsyslog
<robertpayne> Jeeves_: ohh it might be hidden crap haha
<robertpayne> Jeeves_: nope doesn;t exist hmm
<Jeeves_> robertpayne: Do you have rsyslog installed?
<Jeeves_> Or are you on a older Ubuntuversion?
<robertpayne> Jeeves_: sec
<robertpayne> Jeeves_: running 10.4 server
<WalterN> .04
<robertpayne> Jeeves_: and no I don't have rsyslog installed
<robertpayne> Jeeves_: looks like I have a /etc/cron.daily/sysklogd that runs savelog on all log files in /var/log .. cycling them every 7 days
<robertpayne> actually take that back it only rotates syslog
<robertpayne> ahhh alright! Yea it's syslogd that is rotating all the ones that logrotate isn't
<huats> morning
<parapan> I have ubuntu-server 10.04 installed .....what mail service do you recommend installing ? which is the most easy one to configure / install hassle free :D ?
<WalterN> parapan: good question, I'd like to know at some point too
<WalterN> though its not quite installed yet
<WalterN> XD
<twb> apt-get install default-mta
<twb> It's covered in apt-get install ubuntu-serverguide
<parapan> twb: is this postfix by any chance ?? the default mail transfer agent ??/
<twb> It is.
<parapan> then, next question .....in order to adminster the server ...will webmin be the right choice ?
<parapan> ubottu was recommanding ebox - looks like a similar package for doing the same thing ...
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> !webmin >parapan
<ubottu> parapan, please see my private message
<twb> He may only be a bot, but he's smarter than some people here...
<WalterN> o.0
<parapan> twb > I know that ...but some other guys were saying that webmin works OK for 64 bit version of ubuntu server ....
<parapan> that's the reason for asking on the ubuntu-server channe;
<twb> Then those "other guys" are idiots
<parapan> =))
<parapan> I'll let them know when talking again =))
<twb> I grant you that if you deploy webmin you probably won't notice it eating a hole in the floorboards for a few years
<twb> But then the house will collapse and you will die of pneumonia
<WalterN> lol
 * WalterN glances at 1.5gallon jug of acid
<parapan> looks extreme ....
<alvin> Over the weekend, some servers have had a high load. This message can be found on the monitor: INFO: task blocked for more than 120 seconds (see bug 276476 and bug 494476). Aside from the bugs, the immediate problem is now: it's impossible to log into the servers. They are running virtual machines, and those are working, but I can't use the console or ssh. Any other methods/key combo's that would allow me to log in?
<uvirtbot> Launchpad bug 276476 in linux "Idle-priority scheduling bug blocks tasks" [Medium,Fix released] https://launchpad.net/bugs/276476
<uvirtbot> Launchpad bug 494476 in linux ""Smbd","kjournald2" and  "rsync"  blocked for more than 120 seconds while using ext4." [Medium,Incomplete] https://launchpad.net/bugs/494476
<kim0> Hola ubuntu server folks .. In preparation for 10.04.1 .. check this out http://foss-boss.blogspot.com/2010/08/ubuntu-server-10041-virtual-release.html
<twb> alvin: walk over to it and type at the local keyboard
<alvin> twb: I can go to a tty and type my name, but that's it. Hit enter and nothing happens
<twb> Bounce it, then
<ttx> kim0: cool, nice
<kim0> everyone here feel free to retweet and blog the hell out of it :)
<twb> Boo, hiss
<twb> Down with this new-fangled technology
<wieshka> any suggestions, why my SAS RAID complains about my SATA disks with this error while boot ?
<wieshka> ata_id[680]: HDIO_GET_IDENTITY failed for '/dev/sda'
<wieshka> ata_id[664]: HDIO_GET_IDENTITY failed for '/dev/sdb'
<kim0> your disk is having an identity crisis :)
<wieshka> the same reports hdparm -i /dev/sdx
<wieshka> kim0: it is a Enterprise seagete HDD - not no brand from garage ... :)
<twb> kim0: the "just show me" link shows an empty page in w3m
<kim0> twb: well it's a google map (all javascript) .. so
<twb> Oh, it's using google
<alvin> I'm going to halt production, kick every user, reboot the servers and wait for better I/O scheduling.
<twb> It doesn't know nat064.c.c.a is in .vic.au
<twb> alvin: ionice(8) ?
<alvin> iotop is broken in Lucid, so I don't know what the real problem is, but ionice will not prevent this.
<alvin> It's because I use LVM snapshots from time to time
<twb> Fair enough; I don't know what your actual problem was
<twb> I was thinking along the lines of "these stupid VMs are flooding I/O and breaking my getty", so you ionice the VMs
<alvin> Well, me neither because I can't log in, but I suppose it's because I use LVM snapshots. The VM's are not the cause this time.
<alvin> If you take a snapshot, and the snapshots gets full, the kernel will start having problems. That is what I think happened.
<twb> alvin: that's not my experience (on 8.04)
<twb> IME all that happens is I/O to the snapshot breaks
<twb> alvin: suggest booting in single, examining if any snapshot are full
<alvin> twb: It's possible that this is new
<alvin> Well... if there are snapshots, I'll have to use the recovery CD and remove them first, or the system won't boot. It's a mirror, and booting mirros while snapshots are present breaks Lucid booting.
<alvin> almost 12:00. Let's start the process.
<twb> alvin: that's royally fucked
<alvin> I'll boot with recovery cd in single and see whether they are full first
<alvin> The good news is: the servers booted without 'not finding root'. The weird news is: there is a snapshot on both servers, but without origin. Never seen such a thing.
<twb> Are you using RAID1+0?
<twb> Rather: what kind of RAID are you using?
<alvin> twb: No, just RAID1 (mdadm)
<twb> I've never seen it before either
<alvin> Usually, this bug 563895 occurs, but maybe it didn't happen this time because the snapshot didn't know it's origin. I couldn't mount it either.
<uvirtbot> Launchpad bug 563895 in grub2 "grub2 fails to boot or install when an LVM snapshot exists" [High,Fix released] https://launchpad.net/bugs/563895
<twb> Ew, that's still present in lucid?
<alvin> sometimes, mdadm forgets about the array (bug 599135), but not on this server.
<uvirtbot> Launchpad bug 599135 in mdadm "mdadm cannot assemble array" [Undecided,New] https://launchpad.net/bugs/599135
<alvin> It's new in Lucid. It wasn't there in karmic
<twb> Hum, there was a different on in 8.04, then.
<twb> udev preferred snapshots over origins when mounting by label or uuid
<alvin> Yes, I'll disable the whole snapshot thing immediately. I'll take backups from live systems from now on.
<twb> Man, that's gonna screw me
<twb> My entire backup infrastructure relies on LVM snapshotting
<alvin> It did here, but performance was too heavily affected. I tried with less snapshots, but this crash was caused by 1 snapshot, so it 'll have to go.
<twb> Oh.
<twb> What I do is make the snapshots and then reap them as part of the backup process
<alvin> That would be good if there's not too much I/O when you're taking a backup.
<twb> Shrug
<twb> It's an rsync job over (say) a 200GiB /home
<alvin> I noticed that when I took a snapshot, and then used rsync, the kernel would start showing 'blocked tasks' (rsync, pdflush,...)
<twb> Mine probably says that and I never noticed
<alvin> Maybe it has something to do with large files/ext4. That's the situation here. Maybe /home is more doable.
<twb> You're backing up >4GiB files?
<alvin> yes
<DigitalDeviant> Question: How do i set permissions on the public_html folder so everytime it belongs to the user/group, everytime i upload its always user/user
<twb> Maybe play with rsync --in-place or something, I dunno
<twb> I vaguely recall there's a "work better" option for large files in rsync
<alvin> I can't find the blocked tasks messages. rsync crashed too
<twb> DigitalDeviant: upload *as* that user
<alvin> twb: Hmm, I should read that man page then.
<soren> --inplace?
<twb> DigitalDeviant: oh, sorry, I misread.
<twb> DigitalDeviant: either change the user's default group (probably a bad idea), or make the parent directory setgid.
<alvin> 'update destination files in-place'. Thanks. Might work
<twb> soren: whatever
<DigitalDeviant> twb what is setgid ?
<twb> !RUTE > DigitalDeviant
<ubottu> DigitalDeviant, please see my private message
<DigitalDeviant> thanks for the info!
<alvin> DigitalDeviant: Also look for documentation about 'user private groups'. Can come in handy.
<DigitalDeviant> ok!
<twb> They're the default
<DigitalDeviant> Thanks guys
<twb> (And IMO they're basically an admission that POSIX DAC groups aren't much use.)
 * twb bumps "grok grsecurity" up on his TODO list from "never" to "probably never"
<xampart> having a problem. i have /boot on sdb1 and the hdd is failing I/O errors. uname -r "2.6.32-24-server". i have an old backup (initrd.img-2.6.32-21-server) on sda1. what is the proper way to change /boot from sdb1 to sda1?
<twb> xampart: grub legacy?
<xampart> twb: so eg. just changing /etc/fstab -entry from /dev/sdb1 on /boot type ext4 (rw) to sda1 and reboot wouldn't work?
<twb> xampart: are you using grub legacy>>
<twb> s/>>/?/
<robertpayne> If you use useradd and specifiy -p XXX to set the password is it supposed to be a crypted format or plain text? It's never working for me I have to go ahead and manually add user
<twb> Don't use useradd; use adduser.
<twb> As the manpage says, useradd -p takes a pre-crypt(3)ed password.
<robertpayne> twb: ah.. would explain thx
<twb> Note that crypt(3) is cryptographically weak.
<robertpayne> what does useradd use if you don't use the -p? Is it crypt(3) as well?
<xampart> twb: using the ubuntu-server 10.04 default (grub2?)
<twb> robertpayne: by default it'll either prompt you to supply a password, or configure the account to be locked and without a password.
<robertpayne> twb: interesting.. is the password protection any better than useradd ( not crypt(3) )?
<twb> robertpayne: my point was that if you do it interactively it should at least use md5
<twb> Whereas if you hack your own crypt(3) interface via perl (as I've done in the past), it'll use sucky old crypt
<twb> If you look in /etc/shadow and the password begins with $1$ (or some other digit), it's OK.
<robertpayne> bwuaaha wow
<robertpayne> mine are plain text
<robertpayne> yea that is BAD
<twb> You think that's bad, you should see NIS
<robertpayne> NIS?
<twb> !NIS
<twb> Stupid bot.
<robertpayne> lol.. I'm fairly new to all this server stuff so learning as fast as I can
<twb> In NIS if you have network access you're trusted to access the shadow file.
<robertpayne> :S
<twb> Because it was designed back when individuals couldn't afford computers, let alone laptops
<robertpayne> there is no way to feed a crypted ( md5 or better ) password to useradd or adduser?
<twb> !xy problem
<twb> robertpayne: why do you want to?
<joschi> robertpayne: see parameter -p of useradd
<robertpayne> automated script installing a vhost
<robertpayne> joschi: I did but as twb has pointed out to me it's crypt(3) format.. not very strong
<twb> Are you preseeding it?
<robertpayne> preseeding? as in prompting for input and then generating?
<twb> crypt(3) isn't strong, but $1$-format encrypted strings should be compatible with the inverse function (decrypt(3)?)
<twb> robertpayne: no, as in a preseeded installation
<twb> Oh, wait, do you mean vhost as in an apache vhost?
<robertpayne> yes sorry
<twb> Mea culpa
<robertpayne> twb: It's no biggie if I just run the commands after.. just nice to be able to do it all automated.. I'm setting up a htpasswd with the same info for access to awstats
<robertpayne> the user I'm adding is chrooted pretty heavily to their home dir
<twb> If this is for remote users to upload files, I'd be using assymetric crypto (SSH keys) rather than symmetric crypto (passwords)
<robertpayne> twb: yea know what you mean... wish my ftp client ( Transmit ) supported SSH keys instead of passwords
<twb> http://mywiki.wooledge.org/FtpMustDie
<robertpayne> twb: I'm not using ftp.. sftp only
<twb> Then get a better client
<robertpayne> hehe :P
<twb> Hell, OS X should have OpenSSH's CLI utilities installed by default
<robertpayne> yeah it does
<robertpayne> actually Transmit might support it.. I've just never gotten it to work
<Daviey> Hey All... if you use ubuntu server, please add your location to http://maps.ubuntu.com
<Daviey> Thanks!
<Daviey> (note, it doesn't store personal data)
<WalterN> nice
<WalterN> marked
<WalterN> not technically the server edition, but it is ubuntu and using it as a server... close enough?
<robertpayne> Daviey: done one added to new zealand :)
<WalterN> MT, USA
<kim0> WalterN: close enough yeah ;)
<kim0> Daviey: thanks for spreading the news :)
<WalterN> should turn the map orange in no time
<kim0> fingers crossed
<WalterN> hehe
<WalterN> I love Ubuntu
<WalterN> :)
<WalterN> http://i36.tinypic.com/ivx355.jpg? is the box Ubuntu is stuffed in
<kim0> UK is hyper active :)
<Daviey> robertpayne: awesome!
<Daviey> WalterN: Well "yes", whilst technically not the server edition... it's fundamentally similar, and you are using it as a server
<Daviey> kim0: no problem :)
<robertpayne> Granted my server is in the US :( and I'm a US citizen but I'm lviing here now
<WalterN> Daviey: I just like shiny things to click on when possible :)
<twb> Poor bastard
<WalterN> lol
<Daviey> kim0: Good to see :)
<twb> (re "US citizen")
<patdk-lap> that map defently needs a better geoip database
<WalterN> its not too far off of me
<twb> It *should* be backed onto the same database as lucid's d-i uses
<WalterN> well, considering it montana USA
<Daviey> patdk-lap: It's probably the location your IP is set to be :/
<Daviey> blame your ISP patdk-lap :)
<robertpayne> WalterN you're in montana usa?
<WalterN> yeah
<robertpayne> what town?
<WalterN> close to bozeman
<robertpayne> haha awesome.. I grew up in Lewistown :)
<patdk-lap> daviey, I just tried from several different isp's :)
<WalterN> I just moved here from Oregon
<robertpayne> WalterN: my brother lives in bozeman
<WalterN> and I dont know *anybody* still
<WalterN> which is fine by me, for the most part
<WalterN> lol
<WalterN> well, not *just*, moved 8 months ago now?
<patdk-lap> heh, seems one of mine actually hit the correct location
<patdk-lap> the comcast one
<patdk-lap> none of the others did, amc, cogent, antietum, hopone
<Pici> One of mine did.  The other one thought it was in atlanta.  Oh wll.
<WalterN> actually mine is darn close
<WalterN> maybe 5-10 miles off
<WalterN> for montana thats nothing
<WalterN> lol
<Pici> Heh.
<ttx> smoser: ping
<robertpayne> WaltnerN: heh 10 miles in montana is like 2 footsteps in oregon
<WalterN> depends on the place in Oregon
<patdk-lap> oregon is the one state I never hear about, and don't know anyone in
<WalterN> heh
<WalterN> I'm going back there to the coast for my sisters wedding the 21st
<kinygos> how do i get a command output to pause while i read it?  apologies for the n00b question
<kinygos> (hi btw)
<kinygos> to clarify, the output just flies off the top of the screen, and all i can see is the last page
<soren> It depends a bit on the command.
<soren> ...but probably just add "| less" to the end of the command line.
<kinygos> bugger :( it's output from a python script execution
<soren> Sounds like you just want "| less" at the end of the command line, really.
<kinygos> just tried it, it didn't seem to work...just ran the script twice bizarrely enough...
<kinygos> is there a way to redirect the output to a text file?
<soren> "> filename" at  the and of the command line.
<kinygos> awesome...thanks soren :)
<soren> sure
<lau> hello, I created a second instance of mysql using /var/lib/mysql2 and conf files in /etc/mysql2
<lau> it is working ok with sudo mysqld_safe --defaults-file=/etc/mysql2/my.cnf
<lau> but I tried to cp /etc/init.d/mysql /etc/init.d/mysql2 and update the latest
<lau> when I service mysql 2 start I got some avahi or apparmor error and it looks like it is reading files in /etc/mysql not /etc/mysql2
<lau> any idea ?
<Jeeves_> lau: /etc/apparmor.d
<Jeeves_> There's a file there for mysql
<Jeeves_> that states which files can ben read, written and executed
<Roxyhart0> hi there i got a couple of zone (domain) defined in my bind, one is call whcl and the onther one is call whcl.cl. however when i do nslookup from a client (windows) it give me thwe server whcl.cl coulnd find whcl. Somebody know why could be this problem?
<lau> Jeeves yes I updated it already and sudo mysqld_safe --defaults-file=/etc/mysql2/my.cnf is working ok
<lau> my problem occurs when I tried to copy the init script and update teh reference to /etc/mysql => /etc/mysql2
<lau> if I /etc/init.d/mysql2 start it looks like mysqld_safe is reading its conf in /etc/mysql nor /etc/mysql2
<lau> my /etc/apparmor.d/usr.sbin.mysqld http://dpaste.com/226611/
<lau> and mysql2 init script http://dpaste.com/226612/
<kinygos> leave
<swub> Who?
<uvirtbot> New bug: #389433 in samba (main) "connection to samba working locally, but remotely getting error Receiving SMB: Server stopped responding protocol negotiation failed" [Undecided,Incomplete] https://launchpad.net/bugs/389433
<Onga_The_Ghastly> OLA BRUDERZ
<Onga_The_Ghastly> Sziasztok testverek
<Onga_The_Ghastly> ikonia bruder ola
<uvirtbot> New bug: #610561 in openldap (main) "OpenLDAP Security Fixes?" [High,Confirmed] https://launchpad.net/bugs/610561
<a_ok> which fs is better GFS or OCFS2?
<Onga_The_Ghastly> GPS
<a_ok> gps?
<a_ok> Onga_The_Ghastly: Was that a joke or a serious answer?
<Onga_The_Ghastly> a_ok brotha joke
<a_ok> k
<smoser> ttx, here.
<ttx> smoser: yo
<ttx> smoser: last time I look you still had one "INPROGRESS" item in alpha3, was wondering if it was DONE or should be POSTPOSNED
<ttx> smoser: the other question I had is about the environment in euca2ools: https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/556528/comments/2
<uvirtbot> Launchpad bug 556528 in euca2ools "euca2ools config file overrides environment" [Wishlist,Confirmed]
<ttx> IIUC --config should do the trick, and diverging from upstream to have env take precedence sounds overkill ?
<ttx> smoser: upstream implementation is fully exclusive (doesn't stack config files) so if we were to support env variables first we would also probably need to implement config stacking
<smoser> item now done. i  had commited code, just hadn't made to archive.
<ttx> smoser: right: that's what I was thinking... that's why I didn't POSTPONE it myself on Friday
<smoser> if --config works, then i guess i'm ok with that.
<ttx> smoser: well, if it doesn't, then that's a bug :)
<smoser> i guess i have no objections to "use --config" as an answer.
<ttx> smoser: please quickcomment on the bug that you're ok with it
<ttx> i'll close as wontfix
<FDX> Guys, care to take a look at this specific reply? http://ubuntuforums.org/showthread.php?p=9695293#post9695293
<FDX> Postfix seems to be delivering the message, but it does not exist.
<smoser> ttx, so the one isue i have with "use --config" is that we suggest "use eucarc"
<smoser> and that just doesn't work.
<ttx> smoser: explain ?
<smoser> never mind;
<joschi> FDX: usually, when postfix says it has delivered a mail, it's been delivered. period.
 * ttx gets confused
<joschi> FDX: maybe it's just not at the directory you're expecting
<FDX> hmmm... what about the last line? Aug  8 22:09:58 anbient postfix/qmgr[16053]: 1DDEE1DD01CC: removed
<smoser> not important. it does seem to me that eniornment variables should  trump user configuration files, but its a nit.
<FDX> Maybe its delivering and removing afterwards
<lamont> FDX: that's postfix removing its copy of it
<FDX> lamont, where would postfix store it then?
<joschi> FDX: no. that just means that the mail has been removed from the queue
<joschi> FDX: (see `man qmgr` ;)
<lamont> it stores the interim copy in /var/spool/postfix
<ttx> smoser: I kinda agree -- but then ideally you should be able to use one env variable to change just one bit of conf
<ttx> smoser: the way it's written it's exclusive, it just uses the first thing it finds
<smoser> yes, they should merge.
<FDX> Thanx joschi, i'll take a look
<ttx> smoser: so to put env in first in a suable way, we'd have to change that logic as well
<ttx> smoser: I don't want to diverge that much, we could ask them to change that in a later version though
<smoser> well, yes. in general i wouldn't suggest diverting, but getting it upstream.
<ttx> right, changing precedence would be good in a new version
<Onga_The_Ghastly> ikonia bruder? he is sleeping now?
<Onga_The_Ghastly> Wake Up Puppetboy!
<hggdh> and using environmentvariables to override configuration is common
<uvirtbot> New bug: #613269 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/613269
<joschi> FDX: you could also raise the verbosity of postfix's processes by adding -v in master.cf to the process binaries (e. g. smtpd -v)
<FDX> joschi, that will certainlly be useful
<Carleas> Do I need to set up SMTP with Postfix?  Can I run it without that?
<uvirtbot> New bug: #615368 in bind9 (main) "Bind9 init script reports unknown status when named is stopped" [Undecided,New] https://launchpad.net/bugs/615368
<Carleas> And can I set up Dovecot without having SMTP in Postfix?
<MagicFab> I suppose this has already been circulated here (adding your city to "Ubuntu Server users" map):
<MagicFab> http://foss-boss.blogspot.com/2010/08/ubuntu-server-10041-virtual-release.html
<MagicFab> Could someone pls. add it to the topic of the channel ?
<hggdh> Pici: ^ please
* ChanServ changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support visit #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Docs and resources: https://help.ubuntu.com/10.04/serverguide/C/ | Add your install to the Ubuntu Server Map: http://maps.ubuntu.com
<FDX> OK Guys, i guess i managed to do it. But now i'm getting RELAY ACCESS DENIED
<nijaba> smoser: ping
<smoser> nijaba, here, although i think i've alrady responded to you
<nijaba> smoser: oh, really?  where?
<nijaba> smoser: got it, thanks
<uvirtbot> New bug: #615177 in mysql-5.1 (main) "mythtv schedules broken due apparmor mysql profile" [Undecided,New] https://launchpad.net/bugs/615177
<Carleas> During configuration, Postfix asks for a FQDN.  All Ubuntu documentation says to give the MX record name, but that seems to contradict what Postfix is asking for.
<Carleas> So which is it, FQDN or mx record?
<joschi> Carleas: usually the (public resolvable) hostname (FQDN) of your system
<joschi> Carleas: it's probably the string debconf sets for $myhostname
<Carleas> Do I need the trailing dot?
<joschi> no
<Carleas> OK.  Thanks, Joschi.
<FDX> Guys, why would postfix bounce the email back to the sender if it delivered it locally with success?
<sveinse> Hi. I ran a aptitude dist-upgrade on a Lucid machine, and now it wont boot. When booting i see "error: no such disk", then a reboot and then I get a console output running fsck and then it asks for a password. But it does not accept any keypress unfortunately.
<sveinse> What is the best approach for getting into recovery where I can repair grub and/or the partitions?
<rooks> how to upgrade kernel on ubuntu server? how to select it for upgrade?
<sveinse> The machine i running Ubuntu server amd64 with lvm2
<raubvogel> rooks: apt-get kernel-upgrade?
<raubvogel> Er, I meant dist-upgrade
<raubvogel> sveinse: did you try booting from a livecd to see if the partitions are still ok?
<hggdh> Daviey: re. bug 602540 -- when will 'cat' return? at end-of-file? ...
<uvirtbot> Launchpad bug 602540 in openldap ""ldapadduser" adds the user and hangs" [Low,Confirmed] https://launchpad.net/bugs/602540
<sveinse> raubvogel: I'm doing that right now
<sveinse> raubvogel: But I think they are. I believe grub is the culprit
<padhu1> sveinse: culprit?! :-?
<sveinse> raubvogel: So jumping into that assumption: How do I use the Ubuntu install CD to rescue? It seems the rescue a broken system tries to start the installation all over
<raubvogel> sveinse: AFAIK, it loads enough crap but in the RAM. Then it will ask you to mount disks
<raubvogel> Another option is just to boot off livecd as if you just want to run it and then mount/check partitions
<sveinse> raubvogel: Ah. So I can chroot from there...
<raubvogel> Exactly
<sveinse> Ok. The data's there. update-grub and install-grub installed successfully. But I still can't boot properly. I.e. I dont get a grub window, only the message "error: no such disk" and then it reboot.
<hggdh> Daviey: why not just do 'head -c64 /dev/urandom | ...'?
<sveinse> Ehm. Important note: This is a virtual machine on a VMW datacenter
<rooks> raubvogel, thanks
<Daviey> hggdh: What is the difference?
<hggdh> Daviey: (1) /dev/urandom does not block; (2) we do not need a *lot* of binary data, just enough for 8 characters;
<hggdh> Daviey: of course, /dev/urandom is not cryptographically secure (or strong, in the sense of /dev/random)
<Daviey> hggdh: agreed
<hggdh> but frankly, I do not see the difference. And using /dev/random to generate password is overkill -- and may affect other programmes that depend on it, like SSL
<Daviey> hggdh: it's only for the initial password.. so it's not really a big deal
<hggdh> Daviey: then we can certainly stop using /dev/random...
<Daviey> hggdh: switching to head -c64 /dev/urandom | LC_ALL=C tr -dc 'a-zA-Z0-9' | head -c8
<hggdh> Daviey: additionally, I am not sure 'cat' will ever end
<mdeslaur> Daviey: you're assuming 64 chars is enough to extract 8 alphanum chars
<mdeslaur> Daviey: you run the risk of getting a one-char password :P
 * Daviey screams... shall i add a if $PASS == wc; repeat ? :D
<hggdh> mdeslaur: yes indeed. To play safe we could use 128. A quick test here (about 500 runs) did not show much impact, if at all
<mdeslaur> hggdh: why limit it at all?
<mdeslaur> oh wait, it's draining the pool
<hggdh> mdeslaur: because when I run 'cat /dev/urandom | tr -dc ...| head -c8 it get stuck
<hggdh> there you go
<Daviey> Speed difference, http://pb.daviey.com/I7uS/raw/ :)
<hggdh> there you go. Even if /dev/urandom does not block, we would still be draining the entropy, which is not good
 * hggdh uses the moment to grumble about how slow his laptop is (as compared to daviey's)
<Daviey> heh
<hggdh> I can only get 6ms if I just run the 'head /dev/urandom'
<smoser> couldn't that block ?
<smoser> indefinitely
<smoser> how do you know that reading 64 bytes of data will result in 8 that are a-zA-Z
<hggdh> /dev/urandom does not, it just goes to a less-random PRNG
<smoser> i guess not block, but get you less than 8 chars and a exit code from 'head -c8' of non-zero
<lau> any idea why when this script is louanched http://dpaste.com/226612/ it starts /etc/mysql/my.cnf conf ?
<hggdh> smoser: you do not. It is a bet. We can increase the number of bytes read from /dev/urandom, but we cannot read a whole lot
<sveinse> Anyone here with issues regarding grub and lucid server?
<hggdh> smoser: because we would still be draining the random pool
<smoser> well, urandom doesn't, as you said.
<sveinse> My disks are fine, when doing rescue and chroot, grub seems to behave nicely and installs without fuzz. Yet, it does not when booting!
<smoser> but if you check the return code of the 'head -c8' somewhere (which, you should), then you're going to occasionally get failure there as you're not going to get 8 chars.
<hggdh> no, urandom does not block -- if it deplects the pool, it goes to a different (and weaker) PRNG
<smoser> ah. i didn't realize it read from the real pool if there was data there.
<hggdh> smoser: we could, then, check & re-run the conversion as many times as needed to get 8 displayable chars
<hggdh> Daviey: ^
<mdeslaur> ok, I think we should use pwgen
<sveinse> of course this happened on a production server just before leaving... :(
<mdeslaur> so we don't drain the entropy and we make sure we have the required length
<Daviey> mdeslaur: hehe
<hggdh> heh. pwgen it is ;-)
<smoser> bike shed
<Daviey> pwgen does mean we reinforce a standard 'library', which i approve of...
<smoser> in deed
<Daviey> means features and fixes are in one place :)
<sveinse> I am able to change /etc/default/grub to whatever I want, but it does not seem to have any effect
<hggdh> Daviey: +1
<hggdh> FWIW
<smoser> sveinse, after modifying that you have to run update-grub
<sveinse> smoser: Sure. Did that
<smoser> and you have grub 2, right ?
<Daviey> hggdh / mdeslaur / smoser: Thanks :)
<sveinse> smoser: 1.98 is grub2, right
<sveinse> Well I have apt up and running in the chroot, so I can revert to whatever I want
<smoser> sveinse, i just tested here, that updating GRUB_CMDLINE_LINUX_DEFAULT= and running update-grub modified /boot/grub/grub.cfg
<smoser> and i can attest elsewhere that update-grub does run in chroot
<sveinse> smoser: great, thanks. Let see here..
<sveinse> It seems grub.cfg here is changed as well. Removed quiet and splash, and they are gone
<sveinse> But it could seem the problem is deeper: I never get any grub menu to begin with
<sveinse> However it boots into *something* which does fsck and then prompts me for a password
<cabrey> Hey all. I've got a question regarding a vpn server. I have setup a pptpd server and everything connects fine with the exception that traffic doesn't seem to tunnel through the connection. For example, I just get an error message when trying to use a browser. is there a fix or setting to help me out?
<sveinse> It seems the error occurs after installing grub-pc 1.98-1ubuntu7
<smoser> although, sveinse yeah, you dont have grub installed on a disk that is getting loaded. at least not one that is running correctly.
<sveinse> smoser: eh? sorry? please explain
<smoser> well, i'm confused as to why you're in a chroot, if you operating on a "real system".
<sveinse> grub-install /dev/sda is safe from a chroot env, isnt it?
<smoser> it probably is supposed to be.
<smoser> but it would appear maybe its not working
<smoser> i would make sure that /dev, /proc, and /sys are mounted in the chroot
<sveinse> I'm in a chroot because I'm sitting in Ubuntu install CD Rescue. That the only way I can access the harddrive data and installation
<sveinse> My grub wont boot properly. And I cannot seem to be able to get up any grub menu either, so something is fishy
<smoser> ie, i might do: for x in /dev /proc /sys; do mount --rbind ${x} /chroot/${x}; done
<smoser> sveinse, what *does* happen  when you try to boot ?
<sveinse> A brief message saying "error: no such disk". Then a reboot and later I see a blank screen. After I while it fscks all the disks on the system (including the lvm2 ones) and then prompts me for a password (not login). The keyboard does not work
<smoser> :-(.
<smoser> i'm really sorry, but it would appear i'm not able to help at the moment then.
<sveinse> All drives are intact when inspecting them from a live CD
<sveinse> pity.
<smoser> you may get more help from #grub, but that might be more a deveopment channel
<sveinse> Well, perhaps if you knew how to roll back to another older grub or perhaps grub(1)
<sveinse> Well, I'm grateful for trying at least. Thanks
 * sveinse chained to my desk until this production server is up again...
<kim0> Daviey: Thierry mentioned you're working on creating a 10 line openstack/nova installation script. How close are we to that :)
<Daviey> kim0: Not me, sorry sir.
<kim0> ah ok
<sveinse> OK. The cause of the server's failure is not grub
<sveinse> All my older kernel version also fails, so I would guess that it's failing during initrd booting
<Jason> is anyone running vsftpd that could help me "correctly" configure a user?
<sveinse> What do I do when initrd fails during boot on a production server?
<cwillu_at_work> sveinse, cry
<sherr> sveinse: what happens exactly? Error message?
<sveinse> I get fsck check, then "init: ureadahead-other main process (593) terminated with status 4"
<cwillu_at_work> that's shouldn't be a fatal error
<sherr> I think I see those non-fatally ...?
<sveinse> Then it asks for "Passwd: "  It does not respond to any kbd input
<sherr> Boot up minus "quiet"?
<sveinse> sherr: I am
<cwillu_at_work> sveinse, the password won't be echo'd to the screen
<sherr> PS/2 or USB kbd directly attached?
<sveinse> *what* passwd? Root which is never set on Ubuntu?
<cwillu_at_work> boot up without "quiet splash"
<cwillu_at_work> the splash screen might be interfering
<cwillu_at_work> but ya, that's a bit odd
<cwillu_at_work> what happened right before you rebooted?
<sveinse> This is a VMW datacenter virtual server, so no physical kbd
<cwillu_at_work> (i.e., a server doesn't break itself)
<sherr> Try another boot kernel?
<sveinse> Kbd works elsewhere; in grub and in rescue cd
<cwillu_at_work> sveinse, and the vm window is grabbing the keyboard?
<sveinse> Yes, all of the 4 installed on the server. All of them are comprimised
<cwillu_at_work> sveinse, "compromised" means something else
<cwillu_at_work> generally means you've been hacked
<sveinse> cwillu_at_work: heheh. Sorry. I doubt that (being hacked that is)
<cwillu_at_work> try booting up in "single" or the recovery mode
<sveinse> Recovery mode behaves exactly the same way. I can try single
<sveinse> The drive's data, including the lvm2 is intact, as I can access it from the live CD
<sherr> All 4 kernels/initrd broken? Something else must be wrong or different? Hardware change/error?
<sveinse> Nope. Single behaves the same way.
<sherr> Any errors reported at boot before "init: ureadahead-other .."?
<sherr> Can you capture boot messages?
<sveinse> When booting without splash and quiet, I see the kernel output. Then I see init running a few seconds. Then it changes fontset and blanks the screen. From there I see fsck running through the disks, then the ureadahead-other. Then the Passwd: input
<sherr> Good question on passwd ... what password?
<sherr> I am afrid I always set a root password personally. I know it is not the "ubuntu way"/
<sveinse> Well IT tells me they have upped the datacenter version, but since init is able to run for 5 secs, do you really think its HW/emulation related?
<sveinse> Theres not kernel oops I can see
<sherr> What's "upped the datacenter version" mean?
<sveinse> Sorry. Language thing. They have upgraded it to a newer version
<sherr> Upgraded what?
<sherr> It is very suspicious that, suddenly, no kernel boots?
<sveinse> The datacenter. The server I struggle with is running on a VMWare Datacenter server
<uvirtbot> New bug: #615442 in euca2ools (main) "euca-describe-users fails with ImportError: No module named euca_admin.users" [Undecided,New] https://launchpad.net/bugs/615442
<sherr> IS this some sort of VMware VM server?
<sherr> Ahh .. yes :-)
<sherr> Seems a bit suspicious ... I'd ask for details i.e. old version = ?, new version = ?
<sherr> And quickly check the VMware forums perhaps, for screams .. :-(
<sveinse> VMware vCenter Server 4.0.0 258672. I dont quite remember the exact old version, 3.5 something IIRC
<sherr> Well .. 3.5 -> 4.0 seems like a "major" upgrade" to me. Maybe something broke.
<sveinse> Well, the server ran perfectly up until I did a dist-upgrade where a linux-kernel were upgraded and it requested a reboot
<sveinse> So the trap needs to be in boot only, else the server wouldn't run prior to my reboot
<sherr> Yes, but if it was a "bad" kernel update, you could still use old kernels. This is why I am suspicous.
<sherr> I'm guessing though, no idea really.
<sveinse> Yes. But the initrd is always updated for all kernels, isn't it? So a bug there could be fatal, couldn't it?
<sveinse> Well anyways, I'm stuck with a dead production server and cannot go home until that's fixed :(
<sherr> Yes, you might be right. Would be good to be able to enter "single" user mode.
<sveinse> Yeah.
<sveinse> I do have access via a live CD. That way I can set the root pwd to something foo
<sveinse> BTW: While working on ubuntu-arm I remember adding a init=/bin/init --verbose to the kernel option. Could this be used on the server?
<sherr> Yes, maybe. Good luck.
<sherr> I think you could try init=/bin/sh
<sveinse> No, so I join you in the suspection of something serious :(
<sveinse> I.e. it didn't work. No prompt with init=/bin/sh
<sveinse> If I have to reinstall this server, this would be the third time. The second time was caused by an upgrade from karmic to luicid which crashed the server
<sveinse> Is Lucid more unstable than the previous version, or is there something in regards of the VM which contributes this unstability I'm observing.
<sveinse> Because I'm really loosing trust in either this server or Lucid. Which of these two, I dont know yet.
<ivoks> no prompt?
<sveinse> nope
<ivoks> do caps and num lock blink?
<sveinse> But this time I see all of the kernel output
<sveinse> ivoks: I don't think I can know, because this is a virtual server
<ivoks> ah, missed that part :)
<sveinse> But pressing enter scrolls down the sceen, so the machine is responding
<ivoks> hypervisor is...?
<ivoks> oh, ok
<ivoks> what kind of disks do you use?
<ivoks> scsi or ide emulation?
<sveinse> boot is standard ext2, while lvm2 on the rest.
<sveinse> Hold on
<ivoks> lvm?
<ivoks> could it be that lvm isn't ready
<ivoks> could you boot older kernel?
<sveinse> scsi it seems. I have them in the kernel output. And it does work from the Debian install cd in rescue mode. All the data is intact
<Jason> how do I add a user but not give him a home directory?  Is this possible?
<ivoks> Jason: adduser --help
<ivoks> adduser --system [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
<ivoks> ...
<ivoks> without --system
<sveinse> I can't boot older kernels because the lockup occurs after the ramdisk has started.
<ivoks> sveinse: can you remove splash quiet from the kernel command line?
<ivoks> sveinse: each kernel has its own ramdisk
<sveinse> Even the rescue targets is not workng.  I have removed both the quiet and splash
<ivoks> sveinse: ok, boot without splash and quiet
<ivoks> and leave it like that
<sveinse> done
<ivoks> sveinse: after couple of minutes it will give up and drop you into busybox
<ivoks> sveinse: then we can investigate fruther
<ivoks> iirc, 5-10 minutes
<uvirtbot> New bug: #608060 in openldap (main) "Two security flaws found in pre-2.4.23 (dup-of: 610561)" [Undecided,New] https://launchpad.net/bugs/608060
<sveinse> ok, couple of minutes... Havent tried that. Well hold on
<ivoks> sveinse: / is on LVM, right?
<sveinse> yes
<ivoks> ok, just sit and wait for # :)
<sveinse> hmmm. I got something new here. Could a cifs mount which is requesting mount at boottime lock up everything. Because that might be it...
<ivoks> sveinse: is it in /etc/fstab?
<sveinse> yes
<ivoks> sveinse: if you set it up to wait uncoditionaly... then yes
<sveinse> "0 0" should wait should it?
<sveinse> not, I mean
<ivoks> 0 0 should pass
<ivoks> it something else then
<ivoks> 's
<ivoks> probably lvm
<ivoks> i'll be back in couple of minutes
<ivoks> smoke time
<sveinse> thanks!
<sveinse> but: If "0 0" should pass, why do I get a "mount error: could not resolve address for xxx" which shows that it actually tries to mount the cifs share?
<sveinse> ...now while waiting for that prompt
<SpamapS> sveinse: maybe mountall is picking it up anyway? It shouldn't.
<zul> wohoo..
<sveinse> I have a hunch that this is it you see
<SpamapS>        This is a temporary tool until init(8) itself gains the necessary flexibility to perform this processing; you should not rely on its behaviour.
<SpamapS> Nice man page.. :)
<ivoks> sveinse: so, you see mount issues?
<sveinse> yes, now I did
<ivoks> sveinse: then it already mounted your / and can't pass that fstab line
<ivoks> sveinse: try ctrl+c :)
<sveinse> And the Password prompt could originate from the cifs mount prompt, because I saw that before the reboot
<ivoks> sveinse: if that doesn't work, reboot with ctrl+alt+del and change kernel command line; remove splash and quiet and add init=/bin/bash
<sveinse> However, it does not respond to kbd. That could be virtual datacenter issues and not ubuntu
<sveinse> ivoks: I did try that, and by some reason it did not work.
<sveinse> Well I will try to fix fstab, and retry
<ivoks> sveinse: just comment out that line with cifs
<ivoks> sveinse: did you supply password for that mount?
<ivoks> sveinse: in fstab
<sveinse> Yes. But it fails sometimes. Dunno why, but its there in fstab so I hope that is the cause
<ivoks> sveinse: could be, if all kernels fail
<ivoks> sveinse: it's obvious that your / gets mounted
<ivoks> sveinse: cause it started upstart and tries to mount the share
<ivoks> maybe mountall starts before network :)
<sveinse> YES YES YES ! It works
<SpamapS> mountall does start before net
 * sveinse very happy!
<SpamapS> but on net-device-up it gets sent USR1 which tells it to mount the network filesystems
<sveinse> So I have a fstab line which makes the boot fail. Even with 0 0
<ivoks> SpamapS: i know for sure that nfs doesn't work on karmic
<ivoks> SpamapS: haven't tried with lucid
<ivoks> net-device-up doesn't guarantee network is up, actually
<SpamapS> ivoks: net-device-up is really broken
<ivoks> sveinse: does your machine has dhcp/bridge network?
<SpamapS> ivoks: hah, yeah, so we agree. ;)
<sveinse> ivoks: No. A simple static IP4 address
<SpamapS> ivoks: I am fairly certain that that signal should be moved from ifupdown to dhclient for dynamic interfaces.
<ivoks> hm
<ivoks> SpamapS: but then you still have this problem with bridged interfaces
<ivoks> SpamapS: and bonded too
<ivoks> bridge is started, mountall starts, but the IP isn't there ye
<ivoks> t
<SpamapS> ivoks: agreed, we basically have to write an ifmond that sends the up/down signals when it detects IP changes on interfaces.
<ivoks> or
<ivoks> remove networked filesystem from /etc/fstab
 * ivoks runs and hides
<SpamapS> ivoks: that still leaves the question of when to mount them.
<ivoks> just before rc.local, in while loop
 * ivoks runs and hides again
<SpamapS> customizing the upstart conf file for every special machine seems like a boring, thankless job for every sysadmin. ;)
<sveinse> This is the faulty entry: "#//nosrv051/SWRepository/Backup/nosrv111     /srv/backup/nosrv051  cifs,user=user,pass=pass,dom=dom       0 0"
<ivoks> if we put 'mount-network-filesystem' in /etc/network/if-up.d/...
<SpamapS> ivoks: thats where net-device-up is generated
<sveinse> When this is uncommented, the server fails to boot as it tries to boot the mount.
<SpamapS> ivoks: because those get called as soon as ifup ethX returns
<ivoks> sveinse: try adding manual mount in /etc/rc.local
<ivoks> sveinse: i'm interested would it work then
<SpamapS> well, before, but basically if you've started dhclient, you run the ifup script
<sherr> There's a "netdev" option for the fstab - I thought that affected mounting
<sherr> I use NFS on Ubuntu. I hope it isn't broken.
<ivoks> hm... netdev
<ivoks> _netdev actually
<sveinse> While the countless reboots, I did mostly see "Password:" which is the cifs password prompt (and thus the network is up). The last iteration is the only time I got a network failure for the mount (and where I understood what it was)
<sherr> Yes. I always thought it was dangerous to mount CIFS in fstab ...
<sherr> Plus having a password in fstab
<ivoks> SpamapS: if-up.d always worked for me with dhclient
<ivoks> SpamapS: those scripts were started after i got Ip
<ivoks> SpamapS: not when i requested interface
<SpamapS> ivoks: I think if we just add a 'default-route-up' event, it can be sent in /sbin/dhclient-script right after the 'route add default...' line.
<sveinse> ah, I realize I lack the noauto option in the first place.
<SpamapS> ivoks: hm, so maybe I'm wrong. ;)
<ivoks> SpamapS: but as i said, dhclient isn't the only one problematic
<SpamapS> ivoks: Basically services that configure interfaces need to send the signal, or a daemon needs to monitor interfaces/routing tables and send signals when things change.
<sveinse> I have no need for automount of this during boot. Do you still want me to try it in rc.local?
<ivoks> sveinse: no :)
<sherr> I would skip CIFS in fstab and rc.local
<ivoks> SpamapS: or we could rely on dbus to think for us
<ivoks> SpamapS: :)
<SpamapS> sherr: you can at least put the password in a root-readable-only file.. there are mount options to allow that..
<sveinse> But guys: I am really happy for you assistance. Thanks a lot!
<ivoks> np
<ivoks> anyone with htc desire?
<sherr> Yes. Just an allergy to this sort of thing for boot :-/
<sherr> I have a desire.
<sveinse> I have one
<ivoks> which rom do you guys use? :)
<sveinse> The vanilla from HTC for my part. Unfortunately I need exchange for my work mail
<sherr> I am on Vodafone UK - it is "2.1 update1"
<sveinse> FW: 2.1-update1. SW: 1.21.405.2
<sveinse> This is in Norway
<ivoks> i'm on a stock too
<ivoks> but i have 2.2 :)
<sherr> I'm not in an upgrade hurry really. Phone upgrade treadmill ....
<sveinse> I noticed from the Hero upgrade, that HTC rolled the images out in different parts of the world at different dates.
<ivoks> yep
<sveinse> ivoks: What's your location?
<ivoks> i took the rom for some other part of the world :)
<sveinse> Ah
<SpamapS> I have an HTC Magic .. still running the original donut OS that T-mobile pushed to me like a year ago.. because it included their little tmobile wifi hotspot backdoor program, so I get free wifi at all tmobile hot spots.
<SpamapS> even tho I'm not on tmobile.. on att.. so I also get free wifi at att hot spots
<ivoks> sveinse: http://forum.xda-developers.com/showthread.php?t=741775
<sveinse> Havn't HTC protected the devices against rooting?
<ivoks> boot loader is the one that can lock you
<sveinse> I thought I read something about it somewhere...
<ivoks> that's why this custom roms don't upgrade hboot
<ivoks> battery life sucks :/
<zul> smoser: where can i get uec images again?
<sveinse> But this implies that eventually 2.2 will arrive through OTA, right?
<ivoks> sveinse: yes, during august
<sveinse> I can wait... :D
<sveinse> Well. I need to head home. Thanks again guys. You saved my evening
<ivoks> take care
<sveinse> I'm back. I did a reboot of the server, and it failed once more. It seems the option "noauto" is ignored. So during booting it tries to mount the cifs mount regardless of the option
<sveinse> I really had to uncomment the thing to make the server boot
<sveinse> I just wanted you to know. I can probably come back tomorrow and talk about it (e.g. if a bugreport should be filed), but I need to go now
<uvirtbot> New bug: #574554 in tgt (main) "tgtd needs init script or upstart job" [Medium,Fix released] https://launchpad.net/bugs/574554
<ball> Daviey: you know I'm going to have to install Ubuntu Server on something just to put a dot on that map! ;-)
<WalterN> ball!
<WalterN> you know you want to
 * ball looks around the room for candidate hardware.
<ball> Aha!  That might work.
<tomsdale> I'm just thinking about a new webserver layout using lvm (inside a vm). If I'm already using lvm - does it make sense to you it for all of the partitions or are there mountpoints where it makes sense to have a primary partition?
<tomsdale> s/you/use
<tomsdale> I already got that /boot makes sense as normal partition.
<ScottK> Any suggestions on what could cause a PID file to be removed?
<ScottK> One possibility is I was confused about which server I was logged into when I stopped clamd.
<guntbert> ScottK: shutting down the process is one, someone manually removing the pid file is another
<ScottK> clamav/clamav.log:Mon Aug  9 10:54:29 2010 -> Pid file removed is what the logfile says.
<ScottK> Just checked on my test server.  That is what it logs if you stop it.
<guntbert> ScottK: so I guess is was above mentioned possibilty -- be glad that you didn't issue a halt :-)
<ScottK> Yeah.  Well I have physical access to the box in question, so that would have been bad, but not horrible.
<ScottK> Probably fingers on autopilot when typing hostnames.
<guntbert> ScottK: :)
<kirkland> smoser: ping
<smoser> kirkland, hi
<kirkland> smoser: hey
<kirkland> smoser: at the kvm forum today;  qemu-0.13 hasn't GA'd yet
<kirkland> smoser: talking with hallyn, we're thinking about uploading 0.12.5 for Maverick
<kirkland> smoser: we can push 0.13 to a PPA when it releases, but probably not Maverick
<kirkland> smoser: it's in RC right now, but avi hasn't merged it yet
<kirkland> smoser: i was just checking if there was anything you were expecting in qemu-kvm 0.13 that you needed
<smoser> i don't know exactly why i would wwant 0.13. except for that it will act in ways i'm not aware of :)
<smoser> so i would defer to your and serge judgement.
<smoser> i opened a good one today.
<smoser> bug 615529
<uvirtbot> Launchpad bug 615529 in qemu-kvm "eucalyptus instance reboot fails: Guest moved used index from 0 to 2639" [Undecided,New] https://launchpad.net/bugs/615529
<Kutakizukari> On have Ubuntu server running on Ubuntu 10.4 How can I have the server not start on I start the computer?
<smoser> "the server" ?
<ball> Kutakizukari: Are you running Ubuntu Server running on some sort of virtual machine?
<ball> hosted by a (desktop) Ubuntu system?
<Kutakizukari> just on my laptop Unbuntu 10.4
<Kutakizukari> ball, yes
<ball> Kutakizukari: ...and the virtual machine is starting when you boot the host, or do you not want the VM to boot into Ubuntu Server when you launch the VM?
<Kutakizukari> ball, When I turn on my laptop, I don't want the server to auto start.
<Kutakizukari> ball, just when I want to use it for development.
<ball> That makes me think the VM is launching when you start (desktop) Ubuntu
<ball> Kutakizukari: so I'm not sure it's really an Ubuntu Server question as such.
<todd> What virualization software are you using?
<Kutakizukari> todd, how do I find out?
<todd> I'm sorry. I'm not sure I can help you with that.
<Kutakizukari> k
<todd> If you don't know then chances are that you're not running virtualization software at all?
<todd> That just confuses me.
<todd> Because if you're not running virtualization software it makes your first comment make even less sense.
<Kutakizukari> todd, explain what is a virtualization software?
<todd> Virtualization Software: http://tinyurl.com/2vz5sfn
<Kutakizukari> I'm running desktop edtion Ubuntu 10.4 and then unstalled the server via command line.
<todd> Oh now I get it.. you mean the Server kernel?
<ball> "unstalled" is a nice word.  I may coopt that.
<Kutakizukari> Installed sorry ball
<todd> Kutakizukari: to make your machine not boot the server kernel automatically all you have to do is edit your grub configuration. This is not a server specific question.
<todd> That being said.. Now that you know to edit the grub config you should be able to figure it out by googling.
<Kutakizukari> k thanks
<ball> I had no idea it was possible to install Ubuntu Server on top of (desktop) Ubuntu.
<todd> My assumption: he installed ubuntu server then apt-get install'd ubuntu-desktop.
<todd> His machine would still boot the server kernel by default causing issues with certain packages.
<todd> Huge ASSumption, but the only thing I can come up with.
<todd> If that's not it I have no idea what he's on about.
<ball> todd: I was struggling to make sense of the question, so at least I'm in good company.
<Kutakizukari> I have the desktop software installed and then sudo tasksel install lamp-server
<todd> OH.. aha
 * todd facepalms
<ball> Does that install Apache, MySQL and PHP?
<todd> Yes.
<ball> (on top of (desktop) Ubuntu?)
<todd> Yes.
<Kutakizukari> ball, yes
<todd> Kutakizukari: ignore the grub bit from earlier
<Kutakizukari> https://help.ubuntu.com/community/Drupal
<todd> Kutakizukari: if you don't want it to run all the time then purge lamp-server and install xampp.
<Kutakizukari> but there is other docs on how to do the same
<todd> The instructions for getting drupal up will be a bit different though.
<Kutakizukari> I have everything working fine and even xampp in the past but xampp is no longer supported by ubuntu so they said lamp-server is
<Kutakizukari> thank you for your help
 * ball doesn't know what an xampp is.
<Kutakizukari> ball, http://www.apachefriends.org/en/xampp.html
<tomsdale> xamp - preconfigured amp package.
<ximal> i can't get my cli terminal to be centered properly and text is hanging off the  right side of my monitor ... How can I fix this ?
<tomsdale> used to use it on windows back in the days before enlighenment
<ball> ximal: grab the title bar and drag it where you want it?
<ximal> I tried to use my monitor's AUTO ADJUST feature ...
<ximal> errr nope ball
<ximal> i'm in cli
<ball> ximal: Ah, you probably mean from the console
<ximal> i install text only
<ball> I have no idea then, if your monitor is set right.
<ximal> err i only installed the cli text edition
<ximal> well how can I install some form of gui or text
<ximal> I tried install xorg or xserver etc but all i got was a frozen black screen when i do startx
<guntbert> !xampp | todd don't recommend unsupported packages please
<ubottu> todd don't recommend unsupported packages please: We do not support XAMPP installs here. Please use the LAMP stack that is in our repositories, see https://help.ubuntu.com/community/ApacheMySQLPHP for more information.
<Kutakizukari> bad todd
<todd> You couldn't tell me that without the bot switch?
<ximal> well can someone please tell me what I could do to install maybe gnome or kde ?
<ball> !donkey | wombat turnip
 * ball shrugs
<guntbert> todd: I could, but my mere opinion would not count much
<qman__> ximal, what you need to do is fill the screen with text, then use the auto adjust
<qman__> your monitor can't figure out where the edges are because nothing is on screen
<tomsdale> is ext2 a good choice for /tmp - I guess I don't need journaling there.
<guntbert> tomsdale: sure
<ximal> how's that possible to fill it with txt ? nano ?
<ximal> err use nano maybe ?
<qman__> hold down a key for a while
<ball> ximal: "banner" ?
<ball> Does Ubuntu Server ship with a banner?
<ximal> banner ?
<ximal> ohh i could use the text browser
<ximal> and bring up a photo
<ximal> maybe ?
<ximal> brb
<ball> a photo in a text browser?
<tomsdale> ball you mean a splash screen or the command 'banner'
<ball> tomsdale: I meant the command 'banner'
<tomsdale> nop, not in the default ball , sysvbanner is the package
<tomsdale> that's for 10.04]
<ball> tomsdale: Thanks
<ximal> hmm
<ximal> i thought you could
<ximal> err I thought you could bring up photos in cli
<ball> ximal: Perhaps you can on Linux, which might use a graphical console of some sort.
<ball> I'm from a different world.
<qman__> only with libaa or libcaca, I don't think lynx has that feature built into it though
<qman__> ah, one good way would be to start up irssi
<qman__> since it creates title bars
<ball> qman__: Also, I like irssi.
<ximal> ahh
<ximal> brb
<ximal> thanks for the irssi thought
<mathiaz> SpamapS: ceph is in da' houze!
<ximal> AKKKK ...
<ximal> still no center even if i use open box
<ximal> i'm gonna blow a dang gasket ... new bug found
<ball> ximal: bug in software or in your monitor's firmware though?
<SpamapS> mathiaz: ooohhh snap (re: ceph)
 * SpamapS does the cabbage patch
#ubuntu-server 2010-08-10
<AndyGraybeal> i've read that ubuntu doesn't support backing up ACL's, is this true for Ubuntu 10.04 ?
<AndyGraybeal> nevermind, i think this is the answer: http://ubuntuforums.org/showthread.php?t=1451667
<clusty> hey
<clusty> how can i install an rpm in ubuntu ?
<pmatulis> clusty: alien i think
<pmatulis> !info alien
<ubottu> alien (source: alien): convert and install rpm and other packages. In component main, is optional. Version 8.79ubuntu0.1 (lucid), package size 83 kB, installed size 248 kB
<Pici> !alien
<ubottu> RPM is the RedHat Package Management system. Ubuntu uses !APT, not RPM. RPM packages are not supported (the package "alien" can allow installing them, but it's quite dangerous and unsupported)
<clusty> Pici, how dangerous ?
<clusty> damn intel does not provide a tool to flash the raid controller for ubuntu
<mase_wk> clusty: which raid controller is it ?
<mase_wk> is it 'real' raid or fake raid
<clusty> mase_wk, real raid
<mase_wk> *most* real RAID cards have full applications available for linux usually from the controller vendors site
<clusty> SRCSAS18E
<clusty> this has for suse and rh
<mase_wk> is that the kernel module ?
<clusty> and alien chokes
<clusty> mase_wk, no
<clusty> there is open source mod
<clusty> i wanted to flash to new FW
<mase_wk> ah so you have a utility just not specific to ubuntu ?
<clusty> cause the on the card is prolly 3 years old
<clusty> yes
<mase_wk> where does alien choke ?
<clusty> and i cannot alien cause it complains about 32/64 bit issue
<mase_wk> is it a 32b binary ?
<mase_wk> and you have a 64bit os ?
<clusty> dpkg-gencontrol: error: current host architecture 'amd64' does not appear in package's architecture list (i386)
<clusty> yes
<mase_wk> ah ok.
<clusty> seems is 32 bit
<clusty> the name of it does not say shit :D
<clusty> i will try with DOS
<clusty> never thought i woul;d fokin ever boot dos
<mase_wk> if your having to reboot anyway you could just boot off a livecd
<mase_wk> and install it into that environment
<clusty> i got a DOS bootable disk already
<mase_wk> although that's still annoying as you don't have the utilities when the server is up and running
<clusty> cause i want to fix the TLER issue
<mase_wk> i am surprised they don't make a 64bit version
<clusty> mase_wk, got any experience with cheapo disks and raids ?
<mase_wk> sure, i got a bunch of them at work :)
<clusty> any TLER issues ?
<mase_wk> not that i've encountered but i have different RAID cards to you
<clusty> time limited error recovery as of
<clusty> well this card is also oldish. 3 years old
<clusty> but FW update is from 2010
<mase_wk> is it on a particular port ?
<clusty> ??
<clusty> PCI-E ?
<mase_wk> no i mean , raid port
<clusty> nope
<mase_wk> so whats the actual error message you get ?
<clusty> alien ?
<mase_wk> no the TLER issue
<clusty> i did not. just got the card like 1h ago
<clusty> just finished installing it
<mase_wk> i'm confused
<clusty> i got no TLER problems
<clusty> but i read about them and WD hdds
<mase_wk> ah ok
<mase_wk> now i understand
<clusty> i was asking you how common are they
<clusty> :D
<mase_wk> erm well we have cheap disks but i don't believe that we have any WD specifically in those boxes
<clusty> i find it hard to believe the hdd with chew for 7 sec trying to recover an error such that the controller would drop the disk
<mase_wk> it's not that hard to believe.
<clusty> WD charges 100bux extra for disks with TLER turned on
<clusty> but they also give you the util to turn it on yourself
<mase_wk> some raid cards are fussy and disks are generically crap
<mase_wk> and getting worse
<mase_wk> i've gone through so many hard disks in different boxes this year
<mase_wk> it's almost worth buying ssd's so i don't have to visit the datacenter every other month
<clusty> ony disk i had choking was a 2.5" one in an external box
<clusty> which i kinda abused
<clusty> mase_wk, what sort of work do you do?
<mase_wk> when i'm not replacing disks i'm probably what is best described as a devop
<mase_wk> ie everything :)
<mase_wk> i work for a small company
<clusty> so i presume DB heavy apps ?
<mase_wk> nah not so much
<clusty> i also did that for 1,h years
<clusty> 1.5
<clusty> maintaining a small internal server
<clusty> and 2 DB servers
<mase_wk> i work for a solutions provider which includes a small boutique ISP
<mase_wk> so basically it's writing applications / support tools around that
<mase_wk> right now i'm applying language translations to a clients website
<mase_wk> yay \0/
 * mase_wk sighs
<clusty> the nastiest thing i did was to configure the a router gizmo and LDAP users
<clusty> damn that was a pain in the ass
<ball> Why doesn't http://www.ubuntu.com/getubuntu/downloadmirrors show 10.4 ?
<mase_wk> i like the idea of ldap, i just hate LDAP it's self
<ball> (isn't 10.4 the most recent release of Ubuntu?
<ball> )
<clusty> well the LDAP lingo is damn weird
<clusty> and all tutorials are either aimed at academics coming up with query tools or experts
<clusty> anyways back in 5min
<mase_wk> ball: yeh 10.04 is the lates ...who knows why that page lists that
<ball> Does anyone happen to have a .torrent file for ubuntu-10.4-server-i386 then?
<mase_wk> http://www.ubuntu.com/desktop/get-ubuntu/alternative-download#bt
<mase_wk> that lists ubuntu-10.04-alternate-i386.iso.torrent
<ball> Thanks mase_wk
<mase_wk> np
<clusty> mase_wk, can i just dd an image intended for a CD onto a disk?
<clusty> and still hope to have it bootable?
<ball> clusty: Doesn't sound likely.
<mase_wk> clusty: no
<mase_wk> you need a partition table and a bootloader
<ball> This is going to take a wee while to download
<ball> ...but it'll be worth the wait, I'm sure.
<mase_wk> ball: does it need to be a torrent ?
<mase_wk> it's probably faster from a local mirror
<ball> mase_wk: Might as well be consistent.  That's how I download (and share) all my .iso images.
<mase_wk> each to their own
<mase_wk> most people have 10.04 already so a torrent is not going to be so speedy
<mase_wk> but if your prepared to wait i guess it doesn't matter
<ball> mase_wk: That's okay.  This is just for a fun project, so I have no deadline.
<uvirtbot> New bug: #615642 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 [modified: usr/share/bind9/bind9-default.md5sum] failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/615642
<Patrickdk> ok, I'm having issues with pacemaker/heartbeat
<Patrickdk> I am using IPv6addr to failover an ipv6 address
<Patrickdk> but I can't figure out how to tell pacemaker to bring that ip up as deprecated, so it isn't used by default, messing ip things
<AndyGraybeal> can someone explain the default:mask with ACLs?
<chrislabeard> Hey guys is there anyway to improve the speed of webdav?
<AndyGraybeal> i'm in the 'tech' group, the 'tech' group has group write access on the Tech folder.  it appears that I can't write to that folder unless the 'tech' group is default; is this normal?   if the 'tech' group is a normal group, i can't write to this folder.  it's very strange.  i need some guidance.
<AndyGraybeal> nevermind, i think it is another issue.
<mase_wk> chrislabeard:webdav just uses http so it should be pretty fast
<chrislabeard> mase_wk: alright
<mase_wk> at least as fast as http allows
<chrislabeard> mase_wk: 700MB in about an hour
<mase_wk> is this a local connection ?
<chrislabeard> no
<mase_wk> how fast is it via sftp ?
<chrislabeard> mase_wk: not sure I'm using a mac with connect to server option
<mase_wk> ok what is your basis for comparison then ? ie how do you know it's webdav that is slow and not just your uplink?
<chrislabeard> Well I wasn't sure if that was normal speed or not
<chrislabeard> I was just seeing if it was possible to bump the speed
<mase_wk> without knowing what your uplink speed is it's very difficult to tell if your hitting a performance problem with webdav or a problem with your connection
<mase_wk> you need some sort of reference
<mase_wk> so you know what your theoretical maximum is and how that relates
<chrislabeard> that would be my max upload speed right
<mase_wk> yes
<chrislabeard> its about 1.8-2Mb
<mase_wk> what kind of connection are you on ? DSL / Cable ?
<chrislabeard> DSL
<mase_wk> annex-m ?
<chrislabeard> Its uverse
<chrislabeard> I'm not sure if its annex-m
<mase_wk> just wondering how your getting 1.8 up on a dsl connection is all
<mase_wk> iirc the max upload is about <1Mb without annex-m
<chrislabeard> We have the 18MB/D and 2MB/Up
<mase_wk> k.
<mase_wk> ok does your ISP give you any hosting space ?
<chrislabeard> not that I know
<chrislabeard> of
<mase_wk> do you have somewhere local you can use as a speed test ?
<mase_wk> so you can work out roughly how much you can actually upload in a sustained fashion
<mase_wk> my guess is that the webdav server is not your problem
<chrislabeard> Yeah I'm on the same network as my server
<chrislabeard> If I download locally it get about 2.xMB a second
<mase_wk> forget download
<mase_wk> upload is different.
<chrislabeard> So upload a file locally
<chrislabeard> I uploaded a 700MB file it took about 2 Mins but I couldn't see the transfer rate
<mase_wk> what do you mean by your on the same network, i thought you said this was a remote upload ?
<chrislabeard> I am on the same network however my friends when they access it
<mase_wk> ah ok so you can upload a file in 2 mins but it takes your friends ( who are remote ) a long time ?
<chrislabeard> Right
<mase_wk> not really sure how to respond to that.
<chrislabeard> ... I know its going to take them a lot longer than me since they are remote
<mase_wk> why would you think that is a webdav issue though ?
<chrislabeard> I just wanted to know if its possible to bump the speed but from what you are telling me. Its not possible
<mase_wk> well they could compress the content but you can't upload faster than your physical limit
<mase_wk> regardless of protocol
<chrislabeard> K well thats good to know
<mase_wk> well...isn't that obvious ?
<mase_wk> you can only jam so much down a pipe before you can't fit any more
<chrislabeard> Right, Well it didn't seem like they were getting max download
<mase_wk> well if its from your server and your server is attached to your DSL
<mase_wk> then they can only download at the rate your server can upload at
<mase_wk> which is limited by your DSL connection
<chrislabeard> right
<chrislabeard> So they should get something like a meg a second
<chrislabeard> rougly
<chrislabeard> roughly
<chrislabeard> They are getting like 60-70KB/s
<chrislabeard> That just didn't sound right to me
<mase_wk> i can pretty much assure you it's not related to your webdav server
<mase_wk> unless you have some sort of firewall active doing rate limiting
<chrislabeard> K so pretty much wysiwyg
<mase_wk> but  i assume you would know that as you would have to set it up
<mase_wk> if anything it would be a network issue.
<mase_wk> you need to diagnose that if you think there is an issue
<mase_wk> you have already proved your server is functioning correctly
<chrislabeard> right
<robertpayne> anyone here use nginx frontend + apache2 backend ( dynamic content )
<SpamapS> robertpayne: I have in the past...
<SpamapS> robertpayne: do you have a specific question about it?
<robertpayne> Did you use https with it?
<robertpayne> Just wondering if I need to run both apache and nginx under the same ssl certificate for the proxy_pass.. or just nginx? apache2 is only running on 127.0.0.1:8080
<SpamapS> no
<SpamapS> You should not need to use the same cert
<SpamapS> the SSL<->user conn will be handled entirely by nginx's ssl
<SpamapS> In fact you won't even need SSL for the local apache2
<robertpayne> thats what I thought
<robertpayne> only nginx needs to be running the SSL
<robertpayne> since apache isn't exposed it wouldn't be a security thing
<robertpayne> I just wanted to make sure :)
<ball> What would I type at the command line to see if I had any supported temperature sensors?
<ball> Goodnight everyone
<xampart> morning
<WalterN> very early moring
<WalterN> morning
<binBASH> moin
<xampart> does "mdadm --manage /dev/md0 --add /dev/sdb2" add sdb2 as a spare if i already have 2 active synced devices in my raid1?
<xampart> nevermind
<Ongavezyr> Hosanna bruderz
<uvirtbot> New bug: #615736 in openldap (main) "package slapd 2.4.21-0ubuntu5.2 failed to install/upgrade" [Undecided,New] https://launchpad.net/bugs/615736
<WalterN> got my webserver up now, woo
<kaushal> hi
<kaushal> Can Ubuntu Hardy Heron be hardened in case of vulnerabilities
<kaushal> ?
<kaushal> I mean Ubuntu 8.04 Server
<joschi> kaushal: ubuntu 8.04 can be hardened like any other linux distribution...
<kaushal> joschi: are there Howtos to do it ?
<joschi> kaushal: you can mostly follow http://www.debian.org/doc/manuals/securing-debian-howto/
<kaushal> joschi: but it is debian specific
<kaushal> I know Ubuntu is debian sid based
<kaushal> is there ubuntu specific ?
<joschi> kaushal: nothing really useful I'm aware of (links appreciated ;) )
<Ongavezyr> Viva Mr.Yasser Arafat the Great Leader !
<Jeeves_> Isn't he dead?
<ikonia> Jeeves_: please dont feed the troll, freenode are aware
<Jeeves_> ikonia: I like feeding the trolls :)
<ikonia> Jeeves_: don't do it
<Jeeves_> I like Shrek too! ;)
<dominicdinada> quick question guys
<huats> morning
<xampart> g'day
<ikonia> go for it
<Ongavezyr> ikonia bruder:S
<Ongavezyr> hello Matthew brotha
<ikonia> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz or tom
<xampart> is it possible to have onboard video + seperate video card used at the same time with kubuntu?
<Ongavezyr> Hush now baby!
<ikonia> xampart: that depends on your hardware, try asking in #kubuntu as this is for ubuntu server
<xampart> of course.
<Ongavezyr> ikonia brotha you are a stooge?
<Ongavezyr> that is dirty work!
<Ongavezyr> so... my ssh server why do not working correctly?
<joschi> Ongavezyr: you mind giving *any* information?
<ikonia> please don't feed the troll
<Ongavezyr> joschi: SSH AND OPENBSD_SSH SERVER INSTALLED
<Ongavezyr> in the localhost the services working correctly
<Ongavezyr> when I try connect from another pc in local area network : Connections refused
<Ongavezyr> I was check the sshd config already
<Ongavezyr> The keys regenerated
<Ongavezyr> What is the problem? ( 10.04 )
<ikonia> so I suggest you take it elsewhere
<ikonia> there is no problem, as you'e made it up as you're here to troll, nothing more, the same way you where doing in ##slackware
<Ongavezyr> ikonia bro: hush now please
<Ongavezyr> please let's play with your legos
<Ongavezyr> it is a real problem and I need to some help
<robertpayne> Is there any way to automate the input required by tasksel install lamp-server?
<ikonia> then you shouldn't troll channels
<ikonia> robertpayne: never tried that to the be honest, you can do it within the package with answer files
<robertpayne> ikonia: ok that should work.. doesn't really matter how just weird bug when running it in a shell script ( other tasks after it ) it doesn't install the root user was thinking that may fix it
<Ongavezyr> When I try to connect with telnet from another pc, the connections refused too
<WalterN> ok, I just took a picture of my server box
<WalterN> time to put picture on my server and show all
<WalterN> :D
<jpds> Ongavezyr: Then it's probably a firewall in the way.
<Ongavezyr> the firewall ( ufw ) uninstalled already
<dominicdinada>  if someone has installed gnome and xorg on a server is it safe to remove the interfaces ?
<robertpayne> ufw annoys me.. seems it's worse than just creating the iptables.rules file
<Ongavezyr> I will delete the iptables?
<dominicdinada> WalterN: What are your specs?
<Ongavezyr> ikonia bruder?
<WalterN> dominicdinada: intel atom based
<WalterN> 6 drives attached
<dominicdinada> how much space?
<WalterN> 3x 2tb RAID5 and RAID1 boot
<WalterN> 5th drive is just something I stuck in there, might attach it to RAID 5 sometime
<WalterN> erm, 6th drive, rather
<dominicdinada> ahhh
<WalterN> just a sec
<dominicdinada> so you have 3 2 tb arrays ?
<WalterN> 4, including the one that is not currently doing anything useful :P
<WalterN> and 5 including the one thats in this computer
<WalterN> XD
<WalterN> http://jewelcreekkennels.com/img_0063.jpg
<WalterN> http://jewelcreekkennels.com/img_0068.jpg
<ikonia> WalterN: please stop
<ikonia> WalterN: this is a support channel
<Ongavezyr> ikonia do not hysterical, please
<ximal> Q : Is there a way to run programs such as deluge thru the cli or as a process that way on my server I can just set it up for remote web viewing etc ?
<uvirtbot> New bug: #615764 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/615764
<ximal> Q : Is there a way to run programs such as deluge thru the cli or as a process that way on my server I can just set it up for remote web viewing etc ?
<Ongavezyr> Where is my good friend, ikonia?
<WalterN> chewing me out? (heh)
<alexharrington> hey. I've installed 10.04 server 64 bit and am now installing OpenLDAP. I've followed the official docs to get things going but now I want to change the cn=config root password to something else but i can't figure out how to do it?
<Ongavezyr> ikonia brotha , the perpetual light shine upon you
<Ongavezyr> Allah is accompanied by on your way badjew brotha
<alexharrington> nm. I got an answer over on OpenLDAP. Thanks
<ximal> Q : Is there a way to run programs such as deluge thru the cli or as a process that way on my server I can just set it up for remote web viewing etc ?
<ximal> kinda like running it as a service etc ... where it's running but no gui verification .. only cli ?
<topyli> ximal: transmission maybe?
<topyli> it has web and terminal interfaces and can be daemonized
<ximal> yeah
<ximal> but i could just install flux if i want web functionality
<topyli> if you don't want the web inteface, just don't use it. use the terminal one
<ximal> just curious
<ximal> upon adding stuff to transmission can you set it to ask you where to put each file ?
<kaushal> hi
<kaushal> when i do apache2ctl -M i see mpm_worker_module (static)
<kaushal> is there a way to set it to mpm_prefork_module (static)
<kaushal> ?
<RoyK> kaushal: apt-get install apache2-mpm-prefork
<kaushal> do i need to uninstall apache2-mpm-worker ?
<RoyK> I don't think you can have both installed, no
<RoyK> it's somehow one out of two (or three?)
<kaushal> oh ok
<RoyK> either prefork, or event or worker
<kaushal> so if i do apt-get install apache2-mpm-prefork, it will uninstall apache2-mpm-worker ?
<RoyK> iirc php only works with prefork, at least that's default
<kaushal> automatically
<joschi> kaushal: MPMs can be dynamically be changed in apache httpd 2.4
<RoyK> kaushal: try it
<joschi> kaushal: with apache httpd 2.2 you can only have one
<RoyK> joschi: Lucid only has 2.2
<joschi> RoyK: yes. apache httpd 2.4 is not released yet ;)
<RoyK> ah :)
<robertpayne> what's new in 2.4? :P
<robertpayne> reading docs myself haha stupid question
<robertpayne> Can you completely wildcard a ssl certificate? It's for access to dev utilities like phpmyadmin postfixmyadmin etc.. so the browser warnings wont really be a bother
<Iceman_B> hi
<Iceman_B> how much is a server installation dependant on the hardware it was installed with? can i just pick up my hdd, put it in a new system and expect it to run fine?
<jpds> Yes.
<jpds> You'll have to 'rm -vf /etc/udev/rules.d/70-persistent-net.rules' so that eth0 comes back.
<Iceman_B> what does that file do?
<jpds> Locks down network interface names to MAC addresses.
<Iceman_B> ah, right
<Iceman_B> any additional steps after removing that file?
<Iceman_B> reboot? restart network? do a little dance?
<jpds> Shutdown the machine and move the drive across?
<jpds> Dance is optional.
<Iceman_B> aw :( not mandatory?
<Iceman_B> o you meant remove the file BEFORE I move the drive
<Iceman_B> they thats clever
<Iceman_B> *hey
<Callum__> jpds: does Ubuntu regenerate 70-persistent-net.rules?
<jpds> Yes.
<Callum__> Ah
<patdk-lap> any idea how to make pacemaker/heartbeat bring ip and ipv6 ip as non-primary?
<patdk-lap> bring up :)
<patdk-lap> just woke up like 3min ago, guess I'm not thinking yet
<Callum__> I should go to bed soon...
<binBASH> timezones timezones........
 * Iceman_B dcc's coffee.jpg to patdk-lap
<Callum__> Aug 10 11:13pm...
<patdk-lap> na, shower always wakes me
<Iceman_B> oh
<Iceman_B> well there goes a perfectly good cup of coffee then :(
<Callum__> shower didn't help me this morning =P still felt like crap
<binBASH> Aug 10 13:13:38 CEST
<patdk-lap> but pacemaker is annoying me :)
<Callum__> UTC+12 here
<patdk-lap> using it with IPv6addr
<Callum__> sorry, can't help you patdk-lap =P
<Callum__> don't know anything about pacemaker
<Iceman_B> UTC+2(1+dst) here
<patdk-lap> but can't figure out how to bring the ip up with preferred_lft/depress option
<patdk-lap> so linux doesn't use that new ip as the default
<Callum__> its really cold here :<
<binBASH> patdk-lap: They have chan at #linux-cluster ?
<patdk-lap> dunno
<binBASH> at least according to their website ;)
<Iceman_B> did the shutdown command change in 10.04?
<Iceman_B> "shutdown now" doesnt seen to power down the system completely
<Iceman_B> it goes back to some menu
<patdk-lap> heh, I always just type halt
<binBASH> poweroff for me :D
<jussi> Iceman_B: "shutdown -h now"  iirc
<jussi> and -r for a restart.
<Iceman_B> thanks
<misha> can I make dns server with one ip? and can you give me a guide for making dns server? thanks:)
<misha> anyone here?P:
<Pici> misha: I'd start with the server guide: https://help.ubuntu.com/10.04/serverguide/C/dns.html
<misha> I have 9.04 the guide will work for me?
<uvirtbot> New bug: #615810 in nagios3 (main) "nagios3-common and nagios3-core :  grep: /etc/nagios3/cgi.cfg: No such file or directory" [Undecided,New] https://launchpad.net/bugs/615810
<Pici> misha: https://help.ubuntu.com/9.04/serverguide/C/dns.html
<misha> thanks
<misha> also maybe you know, I had postfix but it didn't send all the mail and sometimes falls. Do you have any other good mail server? thanks again
<patdk-lap> heh, I highly doubt that is a postfix issue
<patdk-lap> the two big issues would be, didn't configure postfix correctly
<alex88> hi, i'm tring to use aria2c to download files...but after give command it remains on "[#1 SIZE:0B/0B CN:1 SPD:0Bs](4more...) [TOTAL SPD:0Bs]"
<patdk-lap> or you attempted to run it without a smarthost/relay, and have no idea of proper edicate on the internet when talking to other email servers, so they banned you
<alex88> after some time it says timeout, but with wget it works
<misha> I installed with the ubuntu guide and with ehcp and both of them the postfix did a problems
<misha> (ehcp = control panel) but I deleted it
<patdk-lap> did a problem?
<misha> no I just didn't like the panel
<misha> I now don't using any panel its better for me
<patdk-lap> did you setup forward and reverse dns for your email server ip? did you setup spf? did you setup your helo name to match your ip?
<patdk-lap> heh, helo name match your dns forward name :)
<misha> no, no and about the last question i'm not sure
<patdk-lap> well, then 90% of the world won't accept email from you
<patdk-lap> so postfix won't be able to send it
<alex88> someone know another download accellerator?
<patdk-lap> alex88, I always perfered to use wget
<misha> gmail accepted the messages excellent and the messages was in the main folder not in spam
<alex88> patdk-lap: but from server i can download at higher rates..i'm on a vps..and aria not start, wget works...
<alex88> is there any way to debug?
<patdk-lap> higher rates? I can download using wget at full gigabit speeds easily
<patdk-lap> I haven't tried a computer with 2gb or higher connection yet though
<alex88> for me aria get 2-3 mbyte/s higher...maybe uploading server limits per connection speed
<alex88> maybe it tries for some kind of proxy..but i can't found config files..
<misha> hi I didn't understand what to do on caching nameserver in https://help.ubuntu.com/9.04/serverguide/C/dns-configuration.html
<misha> nevermind just a question can I do it with one ip?
<alex88> misha: sure..you mean to set one ip as forwarder?
<misha> yes
<patdk-lap> caching dns server is what looks up dns names for your stuff
<patdk-lap> it looks up dns names that you *don't* serve
<xampart> why just not use 8.8.8.8
<alex88> google sucks..use opendns..
<patdk-lap> 8.8.8.8 is slow for me, and it's negative cache is horrible
<patdk-lap> opendns is slow, it's negative cache is good though
<patdk-lap> my server does a few thousand per second, really helps to have a few local :)
<patdk-lap> to cache all the repeats
<misha> maybe some can help me with the Apache cause on #httpd no one answer me
<misha>  I have a problem is someone enters https://mydomain.com:80 its write: ssl_error_rx_record_too_long and I want it will be redirect to https://mydomain.com/ how can I do that?
<misha> also .hta doesn't work
<alex88> well, loading domain.com:80 not works? because every redirect is served after the https connection is established..if i remember right..
<misha> no you didn't understand
<patdk-lap> yes he does :)
<misha> i use only https
<Pici> Why are you specifying :80 for https connections?
<misha> no hh
<misha> you didn't understand
<patdk-lap> misha, your test failed :)
<misha> again i just want to make redirector if someone enters on https://mydomain.com:80
<patdk-lap> https://mydomain.com:80 is invalid (unless you really really are attempting to break things on purpose)
<misha> its possible or not?
<patdk-lap> yes, it's possible, but you don't want to
<Pici> misha: No sane browser will attempt to connect to https on that port.
<patdk-lap> http://mydomain.com:80
<misha> anyway ok
<Pici> http is port 80, https is 443.
<misha> i know
<patdk-lap> why do you want to do ssl on port 80?
<patdk-lap> and if you do, why bother redirecting?
<patdk-lap> that error is telling you, you are not running ssl on port 80
<patdk-lap> and you shouldn't be :)
<misha> nevermind
<misha> also if someone enter http://domain.com:443
<Pici> If you're trying to redirect http/80 users to https/443 thats a different story.
<patdk-lap> you want to redirect, http://mydomain.com to https://mydomain.com
<patdk-lap> so your test is invalid
<Pici> misha: Again, that shouldn't work and no one should expect it to.
<misha> ok
<misha> also id you know how to make redirector if someone enters http://domain.com:443
<misha> cause its enter document 400
<Pici> Why are people trying to connect to those ports?
<misha> there are people that tries
<misha> I don't know
<misha> I just want to make redirector
<patdk-lap> you can't :)
<patdk-lap> you can't talk none-ssl to an ssl port
<patdk-lap> and you can't talk ssl to a non-ssl port
<patdk-lap> that is why they invented tls
<patdk-lap> but no http client/server I know of uses tls
<alex88> you cant from https://site:80 to :443, just to http too https...
<misha> i guess you right
<misha> anyway heres what it show:
<misha> http://mshell.info:443
<Pici> Try connecting to any popular site like that... like https://google.com:80/ , it won't work and it shouldn't.
<patdk-lap> hell, why stop there
<patdk-lap> http://gmail.com:25
<misha> hh thanks anyway:)
<misha> i did a redirector from http to https
<misha> and from www to non www
<Pici> Those two are perfectly valid.
<alex88> if someone enter www.site where he should go?
<misha> see your self
<misha> http://www.mshell.info
<patdk-lap> alex88, home :)
<alex88> patdk-lap: ROFL...btw...certificate invalid for www..
<misha> i know
<Pici> www.mydomain.com is an additional A record for mydomain.com
<misha> cause I forgot to backup the key for www. certification
<Pici> er, for MY domain.
<alex88> :) that's the problem...redirects must be done after https..
<misha> and now I can't use the crt for www
<alex88> lol
<misha> so thats why I make redirector from www to non wwww
<Patrickdk> alex88, you mean redirect before :)
<Patrickdk> in this case
<alex88> i think that if someone accept certificate there is no reason to redirect after..
<Patrickdk> paypal had the same issue forever, it annoyed me, i only ever type in paypal.com
<Patrickdk> and get invalid cert
<alex88> Patrickdk: no, the problem is that redirects stands after ssl..
<alex88> Patrickdk: how much time ago? sure you were not in a MITM? :)
<Patrickdk> alex, well ever since I started using paypal (pre-2000), till about 2years ago
<Patrickdk> and that was from several different ip's
<alex88> oh...strange..i thank they have money to buy 2 certs :)
<Patrickdk> and the cert was always the same one, for paypal.com and www.paypal.com, but only a cn=www.paypal.com
<alex88> oh kk..
<Patrickdk> people just don't get how certs work, dunno why
<Patrickdk> well, I do know why, no one ever bothers to explain it to people :)
<alex88> maybe they're afraid some ppl break ssl :)
<alex88> that would be a bad thing :)
<misha> on the dns configuration in ubuntu I see there "ns      IN      A       192.168.1.10" and I don't have it in my file, add it?
<alex88> misha: you just need a dns server to set for your home network?
<misha> to set my domain on my server
<misha> I hate to use free dns service
<alex88> oh...don't think so
<misha> i'm using now http://freedns.afraid.org/
<misha> Replace 1.168.192 with the first three octets of whatever network you are using.
<misha> octets?
<misha> where the support gone?P:
<Pici> An octet is each part of the ip address 192, 168, 0, 1 are all octets.
<misha> lets say my ip is 32.21.634.6
<misha> I need to write there 32 21 and 634?
<Pici> Well that would be weird because you can't have an octet higher than 255, but yes, those would be the first three.
<misha> thanks:P
<alex88> if i want to do a bash script to process all *.001 files in a dir?
<alex88> i don't remember how, because i have to run lxsplit -j to each file ending with .001
<maswan> Is it possible to change the default kvm network, or am I better off adding another rfc1918 network if I don't want nat/forwarding?
<alex88> ok got it
<misha> cya:P
<alex88> BYE :)
<raubvogel> Dumb question: if www-data's homedir is /var/www, why it does not own/have rights in that directory
<uvirtbot> New bug: #615837 in nagios3 (main) "nagios3-cgi bad icons after install" [Undecided,New] https://launchpad.net/bugs/615837
<joschi> raubvogel: because www-data could change the permissions of /var/www otherwise
<joschi> raubvogel: and since your web server runs in the user context of www-data and might allow script execution within that context, that's a bad idea ;)
<patdk-wk> unless your using webdav
<raubvogel> joschi: So, if I want to run stuff such as reprepro, I should run that as another user and then make the directory being offered by the web server owned by this user (read-only by www-data) ?
<joschi> raubvogel: yes. just chgrp the directory to www-data group and make it g+rx
<joschi> raubvogel: as an alternative: make it world readable, but that's sort of last resort ;)
<uvirtbot> New bug: #615846 in openldap (main) "package slapd 2.4.21-0ubuntu5.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/615846
<uvirtbot> New bug: #615848 in nagios3 (main) "Nagios reports critical error when Gnome is running" [Undecided,New] https://launchpad.net/bugs/615848
<alexharrington_> i've got an OpenLDAP directory running on 10.04 and am using libnss-ldap to connect to it. When I do "getent passwd" I only see a few hundred of the thousands of entries that should be returned
<alexharrington_> in the past I had to add a line to the slapd.conf to return more results on searches - but we're now using the recommended cn=config scheme and I can't figure out how to apply the setting
<alexharrington_> i know the setting is now called olcSizeLimit and I want it set to 5000, but no matter where I apply it it doesn't seem to do anything
<alexharrington_> equally limiting it to 10 results doesn't seem to cut the number returned either so perhaps there's another limit somewhere?
<alexharrington_> i've tried asking on #openldap but the silence in there is deafening :D
<smoser> Daviey, ping
<Daviey> smoser: Y'all
<smoser> 2 items
<smoser> bug 615529 has a branch attached that i would like you to take
<uvirtbot> Launchpad bug 615529 in qemu-kvm "eucalyptus instance reboot fails: Guest moved used index from 0 to 2639" [Undecided,New] https://launchpad.net/bugs/615529
<smoser> tiny code change for the loader stuff to work around a kvm bug.
<smoser> second question, is how would you like me to send you patches for such things
<hggdh> Daviey, ttx: please have a looka t bug 615646
<uvirtbot> Launchpad bug 615646 in eucalyptus "cannot attach a volume to an instance" [Undecided,New] https://launchpad.net/bugs/615646
<Daviey> smoser: branching lp:~ubuntu-core-dev/eucalyptus/devel and proposing merge to that makes it better IMO... or for a trivial change you could just bounce a patch over :)
<ttx> hggdh: looking
<Daviey> smoser: using ~ubuntu-branches is better for SRU's in this instance.. i feel
<smoser> Daviey, i looked there, that branch is old
<smoser> at least i thought
<smoser> ah. i must have looked at some other one.
<smoser> are you core dev, Daviey ?
<Daviey> smoser: no
<smoser> it seems like thats a bad location then :)
<smoser> so you have to ask someone to pull from yours ?
<Daviey> smoser: Exactly...
<Daviey> smoser: Hopefully use ~ubuntu-server-dev soon
<Daviey> but there isn't anywhere else i can think of that is collaborative
<smoser> Daviey, virt group i think most are members of.
<smoser> or very easily could be
<Daviey> yeah
<Daviey> smoser: that makes good sense..
<smoser> well, only due to lack of -server-dev
<smoser> yours is the real solution.
<Daviey> smoser: We have it now... just nobody has applied :)
<smoser> anyway, that patch is there, please review and pull.
<Daviey> smoser: Okay.. probably doing an upload later today.. I'll land it in my branch then get ttx to pull and push it (if that is OK ttx)
<ttx> Daviey: I should be able to do that.
<Daviey> super!
<hallyn> kirkland: fyi, still building (will take awhile here), but I'm testing https://code.launchpad.net/~serge-hallyn/ubuntu/maverick/qemu-kvm/merge-0.12.5
<kirkland> hallyn: excellent -- push a PPA package, and i'll test here too
<sergevn> aargh, darwin calendarserver is broken for a year now :(
<hallyn> kirkland: alas, one thing i failed to do was bring my gpg keys :)  I'll generate new ones and get a ppa in the next few hours
<kirkland> hallyn: doh!
<hallyn> yup
<kirkland> hallyn: 1024?  just ask kees to crack it for you :-)
<kirkland> :-P
<hallyn> kees: ^  that should take you waht, 2 mins?
<smoser> on your transmeta laptop it will take longer than that
<smoser> slightly
<kirkland> haha
<hallyn> smoser: joker.  mind you, THAT one has my gpg keys :)
<patdk-wk> does openssl support larger keys correctly now?
<patdk-wk> I know the last time I played iwth keys >8k it has issues, it would make them, but I couldn't use them
<uvirtbot> New bug: #615869 in mysql-dfsg-5.1 (main) "Infinite loop upgrading to 5.1.41-3ubuntu12.6" [Undecided,New] https://launchpad.net/bugs/615869
<hallyn> NOt enough entropy.  Need to pl;ay some klondike to get more.
<patdk-wk> run vmware, it seems to generate all kinds of entropy on my system
<patdk-wk> atleast that is the only difference between this computer and the one at home, and the home one never has any entropy
<hallyn> hm, kvm alas doesn't seem to do the same
<kpettit> what's a good jabber server that's good for scripting?  I plan on using python to do a bunch of scripting with a jabber server, but there are alot of them out there
<sergevn> has anyone calendarserver working on lucid?
<ttx> hggdh: re: bug 615646 -- that used to work, right
<uvirtbot> Launchpad bug 615646 in eucalyptus "cannot attach a volume to an instance" [Undecided,New] https://launchpad.net/bugs/615646
<SKuhaneck> what is the best way to notify the package manager about software installed from source?
<jpds> There isn't a way?
<lau> what mean the first digit in ubuntu dpkg version ? 4:2.11.3-1ubuntu1.3
<jpds> lau: An epoch.
<Pici> SKuhaneck: checkinstall?
<Pici> Not exactly what you're asking though..
<lau> jpds: a sort of date or timestamp ?
<lau> I think I understand the 2.11.3-1 but the 4: Oo ?
<jpds> lau: http://www.debian.org/doc/debian-policy/ch-controlfields.html
<SKuhaneck> Pici: the main thing I am looking for is if I install a webserver from scratch and I install a package that requires a webserver, how do I stop it from trying to install apache as a dependency?
<jpds> lau: Look at 5.6.12 Version.
<lau> ok thx
<lau> so now if I want to upgrade to a newer version what are my ways to do ?
<lau> I want ot keep distribution version but use for this specific package a n+1 distribution version
<lau> ie. keep hardy but use lucid version for this specific package
<jpds> Append ~hardy1#
<jpds> lau: Append something like ~hardy1 to the version string?
<bogeyd6> SKuhaneck, just download the package from packages.ubuntu.com
<Pici> SKuhaneck: I don't recall if checkinstall allows you set a 'provides' field.  I'm sure its frowned upon, but I suppose you could create a dummy package that just provides an httpd server.
<hggdh> ttx: yes indeed. I did not test on 2.0 until now, but on 1.6.2 it worked
<hggdh> ttx: and... this sounds like a blocker
<ttx> noted
<SKuhaneck> bogeyd6: the package I am compiling does not exist
<soren> lool: I see you've touched user-mode-linux semi-recently.
<soren> lool: Does it actually work for you?
<soren> lool: I'm getting stuff like this: [   82.905031] linux[2845] general protection ip:7f80d64b962c sp:6282fcb0 error:0 in libc-2.12.so[7f80d6482000+17a000]
<impi> hello, I am following this howto: http://cumu.li/2008/5/13/recompiling-php5-with-bundled-support-for-gd-on-ubuntu I have only one question. how can i install php 5.2.X instead of 5.3 ? i want to run magento and this software doesnt work on php 5.3
<SKuhaneck> Pici: from the reading I just did, it looks like checkinstall will register it with the package manager and should do what I want, thanks
<bogeyd6> SKuhaneck, you told pici you were trying to install a package that had a dependency and you didnt want the dependency
<Pici> bogeyd6: I understood what he meant.
<lool> soren: I used it many years ago in my previous company because it seemed more secure than the solutions requiring root, but the performances were abysmal; I remember fixing it to build in Ubuntu, but that's about the involvement I had with the package
<impi> anyone that can help me with my php issue?
<soren> lool: All of what you just said is true for me, too, just offset a couple of years :)
<soren> lool: But ok, no worries.
<lau> jpds: I was thinking about /etc/apt/preferences but have no clue how to implement-it
<Pici> SKuhaneck: I just checked the manpage, checkinstall does have a --provides argument, providing 'httpd' should prevent your other packages from pulling in apache2.
<lool> soren: 2/3 years ago, I had noticed that it wasn't maintained anymore; it still gets updated upstream to build, but I wonder whether anybody cares for it; is it relevant for you?
<lool> soren: BTW met with a couple of coworkers of yours Saturday evening in NY (Debconf); I've asked one to wave hello  :-)
<soren> lool: It might be relevant. I'm not willing to invest a whole lot of time in it, but it may be really convenient for testing Openstack stuff.
<papertigers> lool: debconf was in NY, i wish i would of went
<soren> lool: Noone has waved yet :)
<impi> how can i get apt-get source php5 but get php 5.2.X instead of 5.3 ????????
<tomsdale> impi http://ubuntuforums.org/showthread.php?t=1447401     couple of posts down with the Pin-Priority
<impi> tomsdale, thank you, let me read this quick.
<Daviey> impi: Offically, you need to use hardy, jaunty or karmic :)
<impi> DavidLevin, officially, i should slap my client and his dev ;)
<impi> but yea, thats about as official as i can get
<tomsdale> had the same issue installing vtiger, requires 5.2 for some reasons.
<Daviey> hggdh: Are you ready to test a new upstream checkout, hopefully fixing registration issues?
<hggdh> Daviey: most certainly :-)
<Daviey> hggdh: Rockin', building in the PPA atm..
<Daviey> (queued)
<hggdh> Daviey: k. Meanwhile, I will take 20 min
<Daviey> hggdh: That is a fantastic idea :)
<impi> tomsdale, it seems you have saved my 'ss
<impi> i have been sitting here for like nearly 6 hours now, thanks for that tip dude
<tomsdale> :-) np - actually someone else just saved my a lot of time on howtoforge - guess karma does exist.
<impi> mmm anyone that know how i can get around Patch suhosin.patch does not remove cleanly (refresh it or enforce with -f)
<ttx> mathiaz: please see https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/571057/comments/27 with high priority, so that it doesn't block 10.04.1 release
<uvirtbot> Launchpad bug 571057 in openldap "slapd 2.4.21-0ubuntu5 corrupts olcDatabase={-1}frontend.ldif with duplicate olcAccess lines (again)" [High,In progress]
<mathiaz> ttx: working on it
<ttx> mathiaz: great  :)
<Kaelten> Anyone able to give any recomendation between apt-mirror, apt-proxy, or apt-cacher
<patdk-wk> ya, I didn't like any of them
<qman__> yeah, after a lot of frustration with those I opted for a squid caching proxy
<Kaelten> patdk-wk: lol, well I have to use something to create a local repository
 * patdk-wk is using squid
<qman__> zero maintenance that way
<patdk-wk> before that, I was just doing a mirror
<qman__> just crank up the cache size and point your apt clients at it, or better yet, transparently redirect with your firewall
<Kaelten> I'd be more likely to abuse varnish for this purpose than squid I suppose.
<patdk-wk> why?
<patdk-wk> varnish wasn't made for this, it's a reverse proxy, not a normal proxy
<patdk-wk> "You can, but you probably don't want to. Doing it requires significant amounts of DNS magic and a huge Varnish VCL file. "
<qman__> with squid, all you have to change are the size settings so it'll cache the bigger debs
<qman__> and then mark the packages.gz files as never cache
<Kaelten> well I'll already have varnish running and up so adding a few lines to the vcl won't hurt
<Kaelten> and honestly, and this is of course just my opinion, I find squid to be antiquated and cumbersome, I haven't used it in several years, so my opinions may be stale.
<qman__> well, the config file is enormous
<qman__> but it's set up correctly out of the box
<qman__> would be nice if they split it up
<patdk-wk> heh, I just switched to squid3, I like it
<patdk-wk> I haven't used squid for years like 10years, till recently
<qman__> $ wc -l /etc/squid/squid.conf
<qman__> 4433 /etc/squid/squid.conf
<Kaelten> ugh 4.4k lines?
<Kaelten> that's pretty hefty
<patdk-wk> ya, 90% of it is comments
<qman__> yeah
<qman__> and setting it up, you'll only change maybe 10 of them
<qman__> grep -v ^\# /etc/squid/squid.conf | wc -l
<qman__> 335
<patdk-wk> squid2.conf 402 lines
<patdk-wk> squid3.conf 374 lines
<patdk-wk> atleast in my config
<Kaelten> wc -l default.vcl
<Kaelten> 226 default.vcl
 * patdk-wk smacks kaelten, that is a totally different kind of proxy :)
<patdk-wk> you can compare apache proxy to squid
<Kaelten> even that's significantly less config
<patdk-wk> apache?
<patdk-wk> it has tons of modules it has to load, each 2 config lines :)
<Kaelten> hrm, now that I think about it probably not, but it feels it because they chop it up
<sponzor> hi. how to make logs for every ip that is trying to connect to my server... and what service is he trying to connect etc...?
<hggdh> mathiaz: mind if I set bug 615646 as critical? This has to be resolved before FF
<uvirtbot> Launchpad bug 615646 in eucalyptus "cannot attach a volume to an instance" [Medium,New] https://launchpad.net/bugs/615646
<patdk-wk> sponzor, ulog :)
<jpds> sponzor: iptables?
<qman__> grep -R -v ^\# /etc/apache2 | wc -l
<qman__> 952
<qman__> and that's not even a proxy, just a basic apache setup
<Kaelten> I'm moving away from apache as well though,  in our new deployments we're going almost exclusively nginx
<sponzor> hmm never tryed with iptables.. so they can do logs?
<patdk-wk> sponzor, yes, alittle limited, unless you use ulog instead
<hggdh> Daviey: should we just wait (scheduled to start building in 1 hour), or should we try a gentle poke?
<sponzor> ok. i will geave it a try :P. tnx
<Kaelten> grep -R -v ^\# /etc/nginx/ | wc -l
<Kaelten> 540
<Kaelten> for a proxy setup
<qman__> I use apache because I know it well, but I openly admit it's quite heavy
<patdk-wk> heh, my lighttpd proxy is like 50lines
<Kaelten> patdk-wk: well I was including all of the files inside nginx
<qman__> that apache server is running a single site for vnstat php frontend
<Kaelten> the proxy config itself is only 25 lines
<patdk-wk> Kaelten, dunno, my whole lighttpd.conf file, is 50lines
<patdk-wk> and it includes no other files
<Kaelten> lol
<Kaelten> fair enough
 * patdk-wk hates the debian/ubuntu version of lighttpd config file
<Kaelten> I always had problems with lighttpd messing up with php processes
<patdk-wk> never had that issue
<patdk-wk> I've been running from lighttpd 1.4.6 though 1.5.x, no issues with php ever
<patdk-wk> but many many many people join #lighttpd with php completely broken
<jpds> qman__: So; disable some modules, and tune it? :-)
<qman__> jpds, CPU time is cheaper ;)
<mathiaz> hggdh: Critical - I'm not sure about it
<mathiaz> hggdh: https://wiki.ubuntu.com/Bugs/Importance
<mathiaz> hggdh: I don't think it's critical
<mathiaz> hggdh: and I'm not sure how FeatureFreeze impacts it
<FunnyLookinHat> Ok you crazy hackers - how can I diff the output of two different ls commands?  i.e. ls /a/* and ls /b/* ?
<jpds> Well, neither nginx/lighttpd are in main so ...
<qman__> funkyHat, ls /a/ > a; ls /b/ > b; diff a b
<qman__> er
<qman__> FunnyLookinHat, ^
<qman__> there might be a way to do it without creating files, but after thinking for a moment, I decided it wasn't worth figuring out
<Kaelten> patdk-wk: I was running a site that during high traffic php would starting erroring every time until I restarted lightty
<Kaelten> at the time I found an old bug report describing the issue that had been around for a few years, and last I heard was still an issue
<patdk-wk> how where you starting php?
<Kaelten> as fcgi
<patdk-wk> heh?
<patdk-wk> fcgi is a protocol, not a way to start php
<patdk-wk> did you start php yourself, spawnfcgi, or have lighttpd do it
<FunnyLookinHat> qman__: right right - but temp files are lame...   how about diff <(ls -lh /a/*) <(ls -lh /b/*) ?  :)
<patdk-wk> I kept having mod_php leaking memory like nuts for me
<patdk-wk> switched the webmail servers to lighttpd, no more issues
<qman__> FunnyLookinHat, good to know
<smoser> kirkland, ping
<FunnyLookinHat> Yeah found it via twitter - heh
<patdk-wk> that line fits on twitter?
<FunnyLookinHat> easily?
<patdk-wk> man, I totally don't get pacemaker
<tomsdale> for a smaller webserver - would you recommend bind or mydns.
<patdk-wk> I just want to add an option to the ip up command
<patdk-wk> tomsdale, neither
<jpds> tomsdale: Surely you mean DNS server?
<patdk-wk> why install dns on a webserver?
<tomsdale> :-) I have to decide between one of them for my hosting server. with DNS on the server I can generate records from the same panel.
<patdk-wk> hopefully mydns is fixed, it used hangs on my friends install, everytime mysql connection drops
<Kaelten> patdk-wk: er ya sorry, it's been about 5 years ago I was running that site, so I'm not too sure, I think it was managing the processes though
<jpds> tomsdale: BIND is in main and supported by Ubuntu.
<tomsdale> I'm using ispconfig 3. patdk-wk hm. Doesn't sound too convincing.
<patdk-wk> tomsdale, well, it's easy to fix
<tomsdale> jpds: that's enough for me :-) thx u2
<patdk-wk> I'm just to lazy to fix it for them
 * patdk-wk also notes that mydns hasn't been updated on that server for atleast 7years
<tomsdale> bind it is
<Fidelix> Guys, what email filtering you can recommend?
<patdk-wk> hmm, /dev/null does a great job
<Fidelix> patdk-wk, what do u mean?
<Fidelix> i can redirect to /dev/null, ok. But how do i check message headers to do that?
<patdk-wk> oh, I wasn't checking
<jpds> Fidelix: procmail?
<patdk-wk> there are many many options, depends on what you want to write the rules in
<patdk-wk> procmail, maildrop, sieve, ...
<Fidelix> I want the easy one. hehehehe
<patdk-wk> there is no easy one
<Fidelix> OK. Then the less hard.
<patdk-wk> none of them have anything better than manual editing of the config files
<Fidelix> OK. I am using postfix with Maildir. Can i write rules to procmail for delivering to certain folders on the user's Maildir?
<patdk-wk> sure
<Fidelix> Excelent. I guess there is no gui to do that...
<patdk-wk> not that I know of
<patdk-wk> I personally use maildrop, and I setup the company to use seive
<Fidelix> patdk-wk, please dont be mad with what i'll ask.
<Fidelix> What is maildrop?
<patdk-wk> heh
<Fidelix> The agent that delivers the email to the users?
<patdk-wk> yep
<patdk-wk> instead of procmail
<Fidelix> OK. And what is seive?
<patdk-wk> same thing
<Fidelix> how do i know which one i'm using?
<Fidelix> main.cf?
<patdk-wk> depends on your mailserver
<patdk-wk> see what one it's setup to use
<Fidelix> Postfix / dovecot. I'll check the config files.
<patdk-wk> unless you isntalled one, I doubt it's using any
<patdk-wk> well, then you have two things
<patdk-wk> either postfix is going direct, not using anything
<patdk-wk> or it's configured to use the dovecot deliever lda, in that case it could, or could not be using sieve, depends on dovecot config
<Iceman_B> how much does a clean install differ from a version that's been upgraded from 8 -> 9 -> 10 ?
<Fidelix> It seems to be using maildrop, because maildrop's line is uncommented
<Fidelix> maildrop  unix  -       n       n       -       -       pipe
<Fidelix>   flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
<patdk-wk> that doesn't mean it's using it
<patdk-wk> it just means it knows how to use it :)
<Fidelix> Oh, true,
<Fidelix> And do you know a way to check this?
<patdk-wk> postconf | grep transport
<Fidelix> default_transport = smtp
<Fidelix> It seems to be making the deliver directly.
<Fidelix> mailbox_transport =
<patdk-wk> look at local_transport and virtual_transport
<patdk-wk> and that :)
<patdk-wk> yep, direct
<Fidelix> local_transport = local:$myhostname
<Fidelix> I guess thats ugly
<Fidelix> Its not even going through dovecot, right?
<patdk-wk> if you did, virtual-transport=maildrop, mailbox_transport=maildop, it would use maildrop instead
<patdk-wk> nope
<patdk-wk> for mine I have, virtual_transport = dovecot
<patdk-wk> then dovecot uses sieve
<Fidelix> Is sieve easier than maildrop?
<patdk-wk> dovecot unix    -       n       n       -       -      pipe
<patdk-wk>   flags=DRhu user=nobody:dovecot argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -n -m ${extension}
<Fidelix> btw, i found a GUI to procmail
<patdk-wk> I dunno sieve
<Fidelix> Its named Procbuilder.
<patdk-wk> the webmail package does sieve though, so it's user friendly
<patdk-wk> I manually write all my maildrop, have >10k lines of maildrop rules
<Fidelix> z0mg
<patdk-wk> my procmail script was getting way to complex, so I switched to maildrop
<Fidelix> But ur writing maildrop regex manually?
<patdk-wk> yep
<Fidelix> Thats... well... something
<Fidelix> I guess maildrop has no gui either
<patdk-wk> dunno
<patdk-wk> webmail package will do them all
<patdk-wk> seieve is just easier for it to modify the scripts
<patdk-wk> thunderbird has sieve support (still have to edit manually though)
<Fidelix> wow. So i can create the rules on thunderbird and sieve will import 'em?
<Fidelix> Thats wonderful.
<patdk-wk> kindof :)
<nxvl> kirkland: what does it means when i've a {!} on my byobu?
<patdk-wk> you create then in thunderbird sieve plugin, and it will upload them and active them on the server
<Fidelix> Thats really awesome.
<patdk-wk> but seieve was made to be nicely done, just no one has bothered on the client side to make it nice yet
<Fidelix> Should i just apt-get install sieve?
<patdk-wk> it's not a seperate package
<Fidelix> Its in webmail package?
<patdk-wk> it's in dovecot
<Fidelix> oh
<Fidelix> ok then. Should i set mailbox_transport = dovecot then?
<patdk-wk> if you wish
<Fidelix> or default_transport ?
<patdk-wk> but I would setup dovecot first
<patdk-wk> no, I would think you want smtp to be default
<Fidelix> What has to be done in dovecot?
<Fidelix> ok.
<patdk-wk> you need to configure the lda section
<patdk-wk> setup sieve, ...
<patdk-wk> whole sections of the wiki on dovecot's website do this step by step
<Fidelix> ok. i'll look for it
<Fidelix> Is this it? http://wiki2.dovecot.org/LDA
<patdk-wk> that, then the LDA/Postfix page, and at the bottom the sieve page
<Fidelix> OK. Thank you very much patdk-wk.
<Fidelix> patdk-wk ++
<smoser> kim0, so i loaded http://foss-boss.blogspot.com/2010/08/ubuntu-server-10041-virtual-release.html from an ec2 instance. in us-east-1, but i iddn't see a new dot show up on the map
<smoser> is there a way that i can see where the server says that my ubuntu server is ?
<smoser> oh. i see now, that there may be a dot.  from the initial view it looked like only 3 dots in US.
<smoser> but a zoom in shows many more
<raubvogel> Anyone using reprepro? I created a gpg key and now how do I intert it in the distribution file (per http://www.porcheron.info/setup-your-debianubuntu-repository-with-reprepro/)?
<Fidelix> patdk-wk, are u there?
<patdk-wk> ya
<hggdh> Daviey: there?
<Daviey> hggdh: as always :)
<kim0> smoser: that's true .. you need to zoom in .. enjoy :)
<smoser> kim0, but is there a way to know where it placed my server ?
<kirkland> nxvl: see `man byobu` ...  apport
<kirkland> nxvl: you have an apport crash report
<kim0> smoser: not easily ..
<kirkland> smoser: thanks for the errno improvements
<kim0> smoser: I could tell by looking at the database
<kim0> smoser: or you could by looking up your server's IP into geoIP :)
<smoser> thats what i figured.
<Daviey> kim0: Do you have access to the database now?
<kirkland> smoser: one regression though....
<kim0> smoser: maybe next time we'll make it green or something :)
<kirkland> smoser: "errno 3"
<kim0> Daviey: no I don't :D :D why is your position that important to you :D
<kirkland> smoser: i had fixed it to omit matches in the description, if you search for a number explicitly
<smoser> hm..
 * kim0 remembers Daviey 's city name was something funny right ?
<Daviey> kim0: I live in the backwaters of hidden country :).. would be nice to see it on the map :)
<kim0> so next time .. people want to see themselves in a different marker .. and be able to change it
<kim0> feel free folks to hack on mapuntu to add those :)
<zul> so if im in a diferent city it will show up on the map but not the actual city where my server is in right?
<smoser> kirkland, i dont see why thats matching
<kim0> zul: that's why it's best to hit it from your servers
<martian> I have a 9.10 server install that I connect to via samba, and every few days it starts timing out only on samba connections. I'll restart samba but it doesn't help. Only a system restart helps. Any ideas?
<kim0> zul: http://maps.ubuntu.com/hit.html
<kim0> zul: wget that from the box
<zul> heh too busy right now
<RoyK> martian: wierd - never seen that, and I've been (and am) running samba on quite a few platforms
<RoyK> martian: check dmesg
<RoyK> or /var/log/messages about the time of the hang
<hggdh> Daviey: can you use your powers of persuasion to get the eucalyptus pacakges (at least the amd64) to build soon?
<Daviey> hggdh: yeah.. i'm tugging on that favour quite alot atm :(
<martian> RoyK: yeah, it's almost like the port is blocked. Checking those now..
<Daviey> hggdh: but it's ridiculous wait atm
<RoyK> martian: dmesg won't be of much use if you've already rebooted
<hggdh> Daviey: indeed. BTW, you remember we have a meeting now, right?
<kirkland> smoser: you're seeing it though, right?
<martian> RoyK: I have not. The system has been online for a few weeks, and just a few minutes ago I lost the file sharing
<RoyK> ok, pastebin dmesg
<RoyK> if something fishy is going on in the kernel, it should be there
<Daviey> hggdh: i'm there :)
<hggdh> SpamapS: meeting now, sir ;-)
<smoser> yeah.
<martian> RoyK: neither dmesg nor messages contain 'smb' or 'samba' :(
<RoyK> that wasn't waht I was looking for :)
<RoyK> rather something related to memory or i/o
<RoyK> or some crash
<patdk-wk> anything unusual, assuming you are used to reading dmesg often :)
 * RoyK is :)
<patdk-wk> well, I know that :)
<patdk-wk> hmm, I haven't had any samba issues, running samba on 8.04, 9.10 and 10.04, currently
<patdk-wk> 10.04 isn't getting stressed, but the other two are :)
<RoyK> martian: can you pastebin it? it won't reveal anything security-wise unless you've done something creative
<patdk-wk> dmesg | pastebinit :)
<smoser> kirkland, so: sed -n "s,^#define\s\+\([^[:space:]]\+\s\+${code}\s.*\),\1,p" ${headers}
<smoser> that works.
<martian> RoyK: (had to install pastebinit) http://pastebin.com/HqMMDP42
<smoser> it seems that [^\s] isn't really working correctly. i replaced with [^[:space:]]
<kirkland> smoser: ack
<kirkland> smoser: that looks better
<RoyK> martian: cat /proc/uptime
<kirkland> smoser: okay, i like your changes;  it seems, though, that there's some bikeshedding about what package to put this utility in
<smoser> yeah, which is silly.
<smoser> i stated to respond with "not all tools there are ubuntu specific"
<smoser> where else would it possibly go ?
<martian> RoyK: uptime: 1112744.62 8686773.93
<kirkland> smoser: i considered:  ubuntu-dev-tools, devscripts, coreutils, and linux-tools
<kirkland> smoser: i have half a mind to put it in byobu, actually
<smoser> :)
<RoyK> martian: hrmf
<RoyK> martian: and nothing in the samba logs either?
<RoyK> martian: what does netstat -ln --inet say - does it still listen? or lsof -p `pidof smbd` ?
<martian> RoyK: Well, I actually (perhaps a bad idea?) just wiped the samba logs before restarting the service in hopes to catch the problem in a fresh log
<RoyK> ops
<RoyK> move them away next time :)
<patdk-wk> mv /var/log/samba /var/log/samba.old :)
<martian> yeah, I kinda smacked myself for that before even coming here... frustrated thinking makes for mistakes
<martian> Netstat: http://pastebin.com/Qxhm7Ep0
<patdk-wk> have you adjusted any sysctl settings?
<martian> No sir
<RoyK> martian: ok, have you restarted samba, and it still doesn't work?
<martian> correct
<RoyK> I mean restarted, not reloaded...
<martian> even stopped... waited... started
<RoyK> stop ; ps axf|grep smb ?
<martian> and I'm not the only client machine unable to get in, so afaik it's not a client issue
<RoyK> martian: can you check if the process is really restarting? check its pid
<patdk-wk> hmm, martian, how do you authenicate users?
<hggdh> Daviey: don't know what is it you did, but amd64 just built!
<patdk-wk> on one of my systems (the 8.04 ubuntu one), I'm using AD
<ball> Okay, that's strange.  I just booted an Ubuntu Server box and it's giving me a graphical login screen.  Wonder if it booted from the wrong disk.
<patdk-wk> and winbind fails assert sometimes, randomly, once a month
<patdk-wk> if I start winbind, all works again
<ball> Ah yes, that's it.
<martian> oh, hello processes: http://pastebin.com/Ti99SPEr
<martian> patdk-wk: kerberos
<patdk-wk> so via winbind
<patdk-wk> next time you can't login, or is that now?
<patdk-wk> make sure winbind is running :)
<martian> I'm sorry, let me rephrase that; the system is kerberized, but samba is not.
<Daviey> hggdh: /me rocks :)
<martian> I still smbpass
<RoyK> martian: lots of those processes are old, can you kill them and try to start samba again after that?
<patdk-wk> mine, samba uses the system users
<patdk-wk> and the system nsswitch, uses winbind :)
<RoyK> martian: if you remove the log files, old samba processes will still write to the erased files, not the new ones
<martian> RoyK: Is there a simple way to kill all those processes?
<RoyK> killall -9 smbd
<patdk-wk> those processes die when users logout/disconnect the share
<RoyK> patdk-wk: they won't be of much use if he's debugging them and they write to deleted files :Ã¾
<martian> Hmm, after stopping the service and killing the processes, they still remain
<patdk-wk> ya, just explaining normal usage
<RoyK> kk
<RoyK> martian: ps 21257 ; kill -9 21257 ; sleep 1 ; ps 21257
<RoyK> does that still show the process?
<sponzor> who is http://pastebin.com/paLXd7Gk
<sponzor> :1
<martian> RoyK: yes :o
<patdk-wk> LOCALHOST :)
<martian> RoyK: zombies!
<RoyK> martian: not in Z state
<patdk-wk> sponzor, you must really like to ftp yourself a lot :)
<sponzor> yeah but i m not using it? :/
<RoyK> martian: try strace -fp 21257 and try to see what it's doing
<patdk-wk> sponzor, once every 5 min? looks like cacti or something checking it
<RoyK> it really should be killable in S state
<martian> RoyK: nothing. Process is attached, then silence
<tomsdale> I gave an lvm logical volume the name var-www. when I reboot it cannot mount it and throws an error. Can my naming convention with the - lead to a problem.?
<sponzor> could be webalizer?
<patdk-wk> doubt it
<martian> RoyK: and I mean zombies figuratively, not literally ;)
<RoyK> martian: that sucks
<RoyK> martian: yeah, but zombie processes exist in unix :)
<sponzor> becouse i dont have cacti :P
<smoser> Daviey, your sponsor request has my change?
<martian> yeah, I should have chosen a better word like... cranky toddler processes.. so, any hope for this?
<RoyK> martian: mad hatters
<martian> aye!
<RoyK> martian: you _are_ root, right?
<martian> RoyK: sudoing
<RoyK> k
<Daviey> smoser: I haven't placed it yet.. but the package hggdh is testing *doesn't* have it
<RoyK> martian: just sudo -i
<Daviey> smoser: If you want to push it to ~ubuntu-virt branch, that would be super.
<Daviey> smoser: Unless you want to peer review every change?
<smoser> what branch ?
<smoser> lp:ubuntu/maverick/eucalyptus/2.0 ?
<martian> RoyK: good call, but no avail. as actual root, ps 21257 ; kill -9 21257 ; sleep 1 ; ps 21257 the process still remains
<smoser> i need no review of my changes :)
<Daviey> smoser: Noooooo
<Daviey> smoser: lp:~ubuntu-virt/
<RoyK> martian: can you get anythinf from ltrace?
<Fidelix> patdk-wk, know any guides for setting postfix with dovecot > procmail ?
<RoyK> ltrace -p pid
<Daviey> smoser: maintain the UNRELEASED status in debian/changelog please :)
<smoser> Daviey, ok. you pasted me wrong.
<patdk-wk> if you use procmail, you won't be using dovecot
<RoyK> Fidelix: I think the admin guide has one
<patdk-wk> so you just need a postfix + procmail one
<Daviey> smoser: really?
<mathiaz> SpamapS: on the topics of graphing bugs, I'm planning to load all of the ubuntu-server-bugs mailing list archive into a hadoop cluster
<martian> RoyK: Operation not permitted
<RoyK> Fidelix: use sieve
<RoyK> martian: oh
<RoyK> as root?
<mathiaz> SpamapS: it should be interesting to gather some information/graph from there
<martian> RoyK: yes, as root
<RoyK> martian: ltrace -p 21257 ?
<SpamapS> mathiaz: !! cool
<Daviey> smoser: ah yes, seems i did.. sorry
<Fidelix> RoyK, i was going to set Sieve, as patdk-wk suggested. But i found that i dont want to script for each rule i want to add.
<RoyK> Fidelix: I think procmail is disregarded in ubuntu/dovecot
<Fidelix> hmm
<RoyK> Fidelix: and you don't need a separate script, it'll just be one large one
<Fidelix> There are GUIs for procmail, and thats important to me.
<Fidelix> I'm not good with regex, not at all
<RoyK> well, dunno then
<martian> RoyK: http://pastebin.com/5q1kECdJ baffled :x
<RoyK> you don't need to use regex with sieve
<SpamapS> mathiaz: take a look at Flume for loading
<RoyK> martian: out of interest - pastebin ps axfu
 * patdk-wk loves regex, I'm not good with it, but I can do most all I need to
<Fidelix> Well, there is a GUI for setting procmail with Dovecot.
<Fidelix> http://wiki2.dovecot.org/procmail?highlight=%28procmail%29
<Fidelix> But i guess i'll go with Sieve.
<Fidelix> I dont want to regret it later.
<RoyK> Fidelix: you probably won't
<Fidelix> And as you say, sieve seems more reliable.
<RoyK> Fidelix: I think it's like 10 years since I used procmail :)
<Fidelix> hahaha
<martian> RoyK http://pastebin.com/kpqRTn5h Hmm, the smbd processes are me
<RoyK> martian: what happens if you try to kill them with your own user, not root?
<RoyK> I'm really at loss here - just guessing
<RoyK> also, perhaps trying to stop/start winbindd might loosen up some - no idea - at all
<martian> RoyK: no luck
<RoyK> ok, start an strace -fp somesmbdpid
<martian> RoyK: Yeah, I'm guessing I may want to simply restart the system and save those logs :)
<RoyK> send a sigterm (kill xx) to that, and see if you get something
<RoyK> if not, send a SIGSEGV (-11 iirc) and see if something happens
<RoyK> or even SIGHUP or whatever
<martian> RoyK: neither
<RoyK> martian: also make sure you have a recent kernel for that distro version - apt-get update && apt-get dist-upgrade
<Fidelix> Well, i'm not beeing happy with this Dovecot > Sieve wiki.
<Fidelix> Anyway, i'll try harder
<martian> RoyK: yeah, been holding off for a bit as it's hosting a new site (which went live TODAY ahh!)
<martian> RoyK: I think I may need to hold off on any service interrupts until this evening.
<tomsdale> I don't understand what 'nosuid' does in the mountoptions. Does it mean you cannot change the user/group of a file after it has been created?
<RoyK> martian: seems you've already got an interrupt
<RoyK> apt-get dist-upgrade just takes you to the new 9.10 (if that was what you had)
<RoyK> it doesn't take you to 10.04
<RoyK> you'll need a do-release-upgrade command to do that
<impi> lol
<Fidelix> patdk-wk, RoyK does ManageSieve comes with Dovecot 2?
<impi> started 11 am and im done with this bloody php compile now..
<impi> what a mess
<Fidelix> The wiki says nothing about that.
 * RoyK has no idea
<martian> Well, as long as apache, mysql, and shibboleth keep chugging away until the end of the day, I'm ok :)
<RoyK> martian: they won't be chugging worse with updated packages
<Fidelix> Well, did u had to compile sieve when you set ur dovecot?
<RoyK> martian: the updates you get with a dist-upgrade are just bug fixes and _maybe_ minor upgrades, nothing major
<martian> RoyK: but I'll still need to restart to flush these processes, so I'd rather wait 3 hours
<RoyK> martian: no, with 9.10 you won't even get minor upgrades
<smoser> Daviey, quilt refresh..
<smoser> what do i want to add to that to make it keep 'a/b' style diff output
<RoyK> martian: with an LTS, you may get minor upgrades if upgrading from, say, 10.04 to 10.04.1, but only then
<smoser> rather than $(basename)
<martian> RoyK: and actually, dist-upgrade only has an ldap-utils update for me
<Daviey> smoser: ?
<RoyK> martian: no kernel stuff?
<smoser> never mind. i found it.
<Daviey> smoser: wassup?
<RoyK> martian: this seems to be something bad in kernel
<smoser> so refreshing (i think) a patch, you want: quilt refresh -pab
<smoser> hmm.. manybe not
<smoser> maybe its just my quilt is different than yours
<Fidelix> 
<Daviey> smoser: cleaner patches:
<Daviey> dave@voodoo:~$ cat /home/dave/.quiltrc
<Daviey> QUILT_PATCHES=debian/patches
<Daviey> QUILT_DIFF_ARGS="--no-timestamps --no-index -pab"
<Daviey> QUILT_REFRESH_ARGS="--no-timestamps --no-index -pab"
<smoser> danke
<martian> RoyK: afraid not. I do have a 10.10 machine mirroring this one, so I may swap them around at some point if this continues. This is the third time in about 2 months that it's happened.
<martian> RoyK: well hey, thanks so much for your help! I really appreciate it!
<RoyK> martian: why not 10.04 LTS?
<RoyK> I only run LTS for critical servers, not betas
<martian> RoyK: oh yeah, got my version numbers confused
<RoyK> 10.04 => April 2010
<RoyK> martian: I asked around a little, and all I can find is debug calls in kernel, which may not give you much valuable info if you're not a kernel hacker
<Fidelix> RoyK, can u please pastebin your main.cf and dovecot.conf?
<smoser> Daviey, https://code.launchpad.net/~ubuntu-virt/ubuntu/maverick/eucalyptus/2.0 is updated.
<RoyK> Fidelix: I'm not using dovecot anymore
 * RoyK switched to Zimbra for less hassle
<Fidelix> oh, ok
<Fidelix> Should i switch too?
<fuentesjr> anyone know why someone would want to use ubuntu enterprise cloud vs xen ?
<RoyK> Fidelix: that's up to you - zimbra is not in ubuntu, and distributed as a separate system, not suitable to run on anything but a VM or a dedicated system, but it works for me
<smoser> Daviey, how do i build that?
 * patdk-wk loves dovecot :)
<Fidelix> Well, that seems lot of... work.
<patdk-wk> ya, zymbra is a, do all my email crap, and don't annoy me setup
<kirkland> kees: https://bugs.launchpad.net/bugs/615077
<uvirtbot> Launchpad bug 615077 in qemu-kvm "[Maverick] SDL local window broken in last update" [Medium,Incomplete]
<kirkland> kees: is that a dupe of your compiz bug?
<kees> kirkland: I don't think so.
<kees> kirkland: but maybe... though it's a weird symptom
<RoyK> patdk-wk: heh - works for me (tm)
<kirkland> kees: k, thanks
<patdk-wk> royk, yep :)
<patdk-wk> I wonder how well it works under load
<patdk-wk> heavy imap load, so dovecot is nice
<patdk-wk> from all the smartphones these days
<RoyK> patdk-wk: I know the norwegian meteorological office uses it with drbd/heartbeat for quite a few users
<Jinxed-> I don't know where else to ask this, so I thought I might ask it here
<Jinxed-> I would like to have essentiall a complete video server running on my ubuntu machine 10.04, but im unsure what would be able to do the trick
<patdk-wk> depends what you mean by, *video server*
<patdk-wk> mythbuntu?
<patdk-wk> or a streaming video server, like a website
<Jinxed-> I should clairfy that it is all on a private network
<Jinxed-> with no need to have access to the outside
<patdk-wk> I just use mythtv for all my video needs
<Jinxed-> 1.) I want to be able to stream webcam from any remote computer to any other remote computer and have it stored locally on my server. I have bandwidth issues on a few connections, so i would like the server to take the stream save it and rebroadcast it or something similar.
<Jinxed-> 2.) I want to be able to stream the videos on my server via VoD to any remote computer on the network with variable quality
<patdk-wk> heh, no idea what would do that
<Jinxed-> 3.) It would be nice to have some sort of front end for remote users to be able to see what is in the server and be able to select what video that want to watch and the bandwidth
<patdk-wk> sounds like you want real-time transcoding of the video stream
<patdk-wk> that uses some cpu power
<smoser> Daviey,
<smoser> $ bzr bd -S
<Jinxed-> yeah, that would be ideal
<smoser> ...
<smoser> bzr: ERROR: Unable to find the needed upstream tarball: eucalyptus_2.0~bzr1219.orig.tar.gz.
<Jinxed-> I won't have very many connections at once so I don't think it should be too bad
<Jinxed-> but if that doesn't work then the ability to transcode a video on the server to different qualities
<Jinxed-> first, and then just stream
<patdk-wk> that second way, you can do anything to do that
<patdk-wk> as long as you don't do live
<patdk-wk> sounds more like you want a security cam type system, with trascode abilities
<Jinxed-> patdk-wk, Any idea on what I could use to capture streams to disk and rebroadcast to the original destination
<patdk-wk> zoneminder is the security cam package that is pretty nice
<patdk-wk> dunno if it will work the way you want though
<RoyK> Jinxed-: how many connections? what sort of media? Mbps?
<RoyK> Jinxed-: and what bandwidth do you have to the clients?
<RoyK> gigE? 100Mbps? a crappy 54Mbps WIFI?
<patdk-wk> t1 :)
<Jinxed-> My slowest connection is abou 250kbs
<RoyK> Jinxed-: then you'll realtime transcoding, which is _NOT_ cheap
<Jinxed-> I can stream video at about 320x240 with 400kbs bitrate with 15 fps
<Jinxed-> yeah
<RoyK> Jinxed-: transcode the videos to smaller ones, and let the users choose between them
<RoyK> Jinxed-: there are methods of allowing users to choose dynamically based on bandwidth, but I don't know any OSS that allows that
<RoyK> Jinxed-: look into ffmpeg and the rest of the transcoding software available
<Jinxed-> Do you know of anything that could take a stream from a remote user save it to disk and rebroadcast it?
<RoyK> Jinxed-: still, VoD over 256kbps will suck rather hard
<Jinxed-> haha yeah
<Jinxed-> not every connection is that bad
<hggdh> Daviey: bloody thing got completely lost (I tried to just upgrade the packages). I am going for a full reinstall now :-(
<Jinxed-> some will be standard 100 Mbs
<RoyK> Jinxed-: I think MÃ¥ns RullgÃ¥rd (an ffmpeg developer) has developed something like that - we used to work together some years back
<RoyK> Jinxed-: MÃ¥ns also wrote an addon to ffmpeg to allow parallel transcoding, which is rather neat
<Jinxed-> interesting
<RoyK> as in thread one splits the stream into i-frame (b-frame (p-frame ...) ...) and sends each i-end stream to a thread
<RoyK> it's in ffmpeg, but the ffmpeg syntax is rather cryptic
<Jinxed-> hmm
<RoyK> it makes a crapy perl scrip look like a children's book
<Fidelix> RoyK, how do i test if Sieve is working?
<RoyK> Fidelix: sending an email containing the matches?
<Jinxed-> hmm what about this... is there a way to setup something so I just send the stream to a server which could make it available for other who wanted to see it
<Jinxed-> ...
<Jinxed-> hmm
<RoyK> Jinxed-: still, if you need to serve VoD over 256kbps, spending all that CPU power on live transcoding seems a waste
<RoyK> Jinxed-: even VNC can do that
<RoyK> by multicast or unicast
<RoyK> Jinxed-: what sort of network topology are you on?
<RoyK> is it a LAN, a WAN or an internet site?
<Jinxed-> lan
<RoyK> Jinxed-: wtf has only a 256kbps on a LAN?
<Jinxed-> form of wireless
<RoyK> what sort of wireless? even 802.11 is basically 2Mbps
<RoyK> and that's like eight years old
<RoyK> 802.11b, that is
<RoyK> 802.11g is (theoretically) 54Mbps, which should suffice
<Jinxed-> radio
<RoyK> so not LAN
<RoyK> what sort of radio links are these?
<Jinxed-> wan
<RoyK> I think it's doable, but the best guess is to start with a bandwidth test, and then choose the desired media file
<Jinxed-> well the bandwidth test i did
<RoyK> other methods will involve rewriting the media player and potentially the server
<Jinxed-> gave pings with about
<Jinxed-> 400 ms
<Jinxed-> average response
<RoyK> round-trip time doesn't say anything about bandwidth
<RoyK> only about latency
<RoyK> Jinxed-: write a small client-side thing that checks the bandwidth to the server, it can be a java applet or something like that. when you know the downstream speed, you know at what speed it can stream. Then choose the media file made for that connection
<Jinxed-> well tests show about 180-200 kBs
<Jinxed-> or about 1.5 megabits/sec
<RoyK> then transcode movies into separate files, depending on the link quality available
<RoyK> the transcoding should not be done in realtime, because that'll take a truckload of CPUs
<RoyK> say, have the full MPEG2-TS (probably around 7Mbps) available, and add another 4Mbps, and others with 2Mbps, 1Mbps, 512kbps and so on
<RoyK> to alternate between them in realtime, you'll need to write your own player, though, unless mplayer or vlc or someone has written a hack for this already
<Jinxed-> hmmm
<RoyK> you want lots of buffering on the client side, and preferably a client that can switch to another server when the one he's on goes down, that can usually be done with DNS RR
<Jinxed-> what about recording a stream to disk
<RoyK> that's the simple part
<Jinxed-> that is the part im the most hung up on right now
<Jinxed-> how I could take a stream from one remote site to another remote site and record it
<RoyK> Jinxed-: I may be wrong, but it seems you're just touching the parts of VoD...
<Jinxed-> to the server
<RoyK> Jinxed-: from where do you get the video stream?
<RoyK> a TCP or UDP stream? from DVB?
<Jinxed-> Say I have a webcam attached to a laptop at two remote sites A and B, and I want to stream from A to B but I also want that stream recorded on my server, but because of how slow the connection is from A to the server I only want to have to tramsit it once and have the server record it while it transmits it to B
<Jinxed-> it would have to be udp... tcp would be to slow i imagine
<Jinxed-> for my slowest link
<RoyK> if you're doing site-to-site webcam, you'll need to sniff the traffic and dump whatever you get
<RoyK> otherwise, you can setup a server that handle the two and allow them  to connect to that server, which can do the copying
<Jinxed--> you don't know of anysoftware that could take/rebroadcast
<Jinxed--> that latter idea sounds good
<Jinxed--> great actually
<RoyK> I really don't know - there's a lot of webcam servers out there, and I guess most of them can store the streams
<RoyK> but then, if it's private data, it won't be very nice to your users
<ball> In Ubuntu Server, how do I list the partitions on a disk?
<RoyK> ball: cat /proc/partitions
<RoyK> ball: or just fdisk ......
<ball> RoyK: Thanks
<ball> RoyK: Thanks, that helped me find and mount a partition that I wanted to check prior to wiping a disk.
<RoyK> that's a good start :)
<Fidelix> Guys, postfix or smtpd or something is bouncing all emails back to the sender.
<Fidelix> Its getting really annoing. Any ideas on what can i do about that?
<ball> I'll be back later.
<Fidelix> I've created a couple of days before a thread on UF but no response atm
<Fidelix> http://ubuntuforums.org/showthread.php?t=1549288
<Jinxed--> RoyK, do you know how much it would cost to get someone to help me with my system (even rough estimate)/a good place to look for help
<RoyK> Jinxed--: I think you should define your needs better first - read up on VoD a little more - no offence, really, but you're not asking to specific questions
<Jinxed--> well im a little flexible on what exactly i want based on how much easier/harder it would be to implement
<RoyK> Jinxed--: can you try to simplify what you want or need?
<Jinxed--> Simply put the ability to watch videos on demand on the network that are stored on my ubuntu machines (given my slow connection) and the ability to stream from any connected device and have those streams stored on my server (again a solution that can work with my slow connection)
<tucemiux> how should I handle updates?  "no automatic updates", "install security updates automatically" or "Manage system with landscape"??
<guntbert> tucemiux: landscape is paid
<tucemiux> guntbert, thanks, i'll skip that one then
<guntbert> tucemiux: will you be visiting the server regularly?
<tucemiux> guntbert, the server is on my home ESXi box
<guntbert> tucemiux: I didn't mean physically but logically - if you hav a server that is once started and the left alone I would choose "install security updates...", if not the "no automatic..." and sudo aptitude update; sudo aptitude safe-upgrade every once in while
<rww> I do what guntbert said, with the exception that "every once in a while" is "whenever ubuntu-security-announce emails me"
<Iceman_B> okay, when I connect additional harddrives into a system, do they magically become visible after a reboot? if not, how do I go about it?
<tucemiux> ok guntbert thanks
<markatto> what do I need to do to enable mod_rewrite? the apache conf files seem to be split all over the place
<guntbert> rww: point well taken :-) (my ubuntu "servers" are only play things :-))
<markatto> am I supposed to copy/symlink the files from mods-available to mods-enabled?
<markatto> that looks like how it works, but it all seems very over-engineered and confusing
<rww> markatto: sudo a2enmod rewrite; sudo service apache2 restart
<rww> (a2dismod is the opposite of a2enmod; there are also similar commands for sites)
<markatto> rww: do I need to enable it for the folder specifically as well? it doesn't seem to be working.
<rww> markatto: I'm not sure what you mean?
<markatto> rww: never mind I got it
<Kaelten> anyone know how to tell apt-get to automattically delete packages after installing them?
<Kaelten> (the cache files that is)
<Daviey> hggdh: Any news? :)_
<hggdh> Daviey: yes. Good and bad. Which one first?
<hggdh> Daviey: good: I can install (it it keeps running) CLC+Walrus
<hggdh> Daviey: bad: the bloody (CC+SC) fail
<hggdh> so, no cigar
<hggdh> Daviey: I am now trying to install eucalyptus-cloud on the (CC+SC) to see if it runs
<hggdh> (i.e., leaving eucalyptus-cloud down, does CC+SC start?
<hggdh> Daviey: yes, it works! So I am now installing the NCs
<Daviey> hggdh: Hmm.. ok - not the results i anticipated
<Daviey> hggdh: Hmm, ok - was this a fresh install or an upgrade?
<Daviey> I want to try and establish exactly what elements aren't working :/
<hggdh> Daviey: a fresh install. I tried an upgrade, and thing went completely south
<hggdh> Daviey: I am now on topo3 (CLC+Walrus), (CC+SC), (NC)+
<Daviey> Hmm.. ok.. Would you mind doing a mini truth table?  I'm starting to get a little confused :S
<hggdh> :-)
<hggdh> awwwww c'mon! just a little? I myself am going bonkers
<hggdh> Daviey: I *think* this is some sort of check done in the code for "required" components. I am *guessing* they check on something unique to the components -- like a specific .jar
<hggdh> Daviey: this guess comes from the fact that installing eucalyptus-cloud -- and leaving it stopped -- appears to have done the trick on the (CC+SC) machine
<hggdh> Daviey: of course, after that many tries I am not sure I am able to think anymore, but it stands to (my doubtful) reason
<hggdh> Daviey: I will be more sure in a few, I am finishing the NC installs
#ubuntu-server 2010-08-11
<hggdh> Daviey: yes, it seems to work. I will run some tests now. There is still a problem there, though
<wieshka> hey there - i have two physical interfaces - eth0 & eth1, next i have public bridge on eth0 with DHCP for my virtual servers, but eth1 is directly connected to internet with static IP
<wieshka> how can i specifie default interface, and eth1<-->br1 also for one vh
<Daviey> hggdh: oh?
<hggdh> Daviey: keep in mind that we still cannot deploy a *separate* SC by itself
<hggdh> Daviey: so Chis still has some work to do
<Daviey> hggdh: I'm not sure that is a topology i ever tested in Lucid.. Are you sure that is a regression?
<hggdh> Daviey: certain. I checked 3 topos: all-in-one, all separate, and (CLC+Walrus), (CC+SC)
<hggdh> Daviey: all-in-one works (this is topo1)
<deckie1> roger wilco.
<Daviey> hggdh: deckie1 is Chris
<Daviey> deckie: Meet hggdh, Carlos :)
<hggdh> oh, hi deckie
<deckie> hggdh: hello.
<hggdh> all-separate failed, but I did not test installing eucalyptus-cloud on the SC
<hggdh> this was topo2, BTW
<deckie> i will have a fix for this in a little bit.  it looks like something that needs to be shared is not in a common-lib
<Daviey> hggdh: Okay.. First - Is registration now seeming to be reliable?
<hggdh> and topo3 -- (CLC+Walrus), (CC+SC) -- I just installed. It failed, and then I installed on the (CC+SC) eucalyptus-cloud, following a suggestion from deckie
<hggdh> Daviey: I insalled two NCs, and they registered correctly
<hggdh> but I will need some installs to confirm -- the problem was intermittedt
<hggdh> ugh
<Daviey> hggdh: Agreed.
<Daviey> hggdh / deckie: I need to go afk.. but i'm planning an upload (my) early tomorrow with the latest from the euca devel branch.  hggdh, if you want to keep me updated i'll take on board what you say in the bug reports.
<hggdh> Daviey: ack
<deckie> Daviey: roger.  thanks for your time.
<CppIsWeird> just for a sanity check, the following command "diff -drq /dir1 /dir2" ensures that dir1 and dir2 are identical byte for byte, right?
<hggdh> deckie: I will run some basic tests now. Are you aware that volumes are consistently failing to attach?
<deckie> hggdh: yeah.  sudo vs. euca_rootwrap if i understand right.  we are working on a fix asap.
<hggdh> deckie: actually, no, different issue, it seems
<hggdh> deckie: bug 615646
<uvirtbot> Launchpad bug 615646 in eucalyptus "cannot attach a volume to an instance" [High,New] https://launchpad.net/bugs/615646
<deckie> hggdh: yessir, that is the one i had in mind.  looking again though.
<hggdh> deckie: the rootwrap issue I bypassed by adding a new entry in /etc/sudoers
<deckie> hggdh: tgtd is running?
<hggdh> deckie: IIRC, it was
<hggdh> I will recheck on it one my first tests sequence is done
<hggdh> deckie: the error is here: 20:39:23 ERROR [SystemUtil:pool-8-thread-1] com.eucalyptus.util.ExecutionException: sudo tgtadm --lld iscsi --op show --mode target --tid 1 error: tgtadm: can't find the target
<deckie> hggdh: ok.  please let me know how it goes.
<hggdh> deckie: will do
<deckie> hggdh: it may still be a permissions issue.  the version w/ euca_rootwrap will be on lp shortly.
<deckie> hggdh: also, might it be an apparmor issue?
<hggdh> deckie: I did not see any messages from audit, but I also did not look closely... I will check
<deckie> hggdh: if it takes alot of time/effort it may be easier to wait for the euca_rootwrap fix to pass qa on our side and get pushed to lp
<hggdh> deckie: we do not have time, feature freeze is looming
<hggdh> tomorrow we wee have to take a position
<deckie> hggdh: it will be on LP in an hour or so?
<hggdh> k
<hggdh> deckie: first run completed, 101 instances, 1 failure (I do not think it is an euca failure), so we are, pretty much, shining here
<hggdh> deckie: I will run a volume allocation now, and check for audit failures
<Daviey> deckie: How is the whitelisting for euca_rootwrap adoption getting on?
<hggdh> deckie: I was wrong -- eucalyptus-sc does not come up even with -cloud installed on the same machine. The CC works, though.
<hggdh> deckie: so I cannot test volumes on this distributed topology
<hggdh> Daviey: IIRC, deckie told me that it is already in, and should be on next revision (1222?) in a few
<hggdh> minutes
<Iceman_B> HELP
<Iceman_B> im getting a "ubuntu can't have a partition outside the disk" while installing
<Iceman_B> and neither the back or continue buttons do anything :/
<Daviey> hggdh: ack
<Iceman_B> whats going on and how do I fix this?
<deckie> hggdh: I am not seeing the same issues w/ the SC that you are.  can you post the logs for the machines somewhere?
<hggdh> Daviey: I already uploaded them to lp:~hggdh2/uec-qa, latest revision
<hggdh> Daviey: revision 29
<hggdh> deckie: ^
<hggdh> sorry
<deckie> hggdh: thanks, sorry i was afk'd
<hggdh> deckie: no prob. I will have to be afk for the next half-hour
<Daviey> deckie: Also, Is there any news on kees's euac_rootwrap getting merged..  The licencing issue should be OK
<deckie> Daviey: it should be on lp shortly i'll circle back w/ more info in a bit
<Daviey> deckie: super.. i'd love to drop our one :)
<Daviey> afk
<wieshka> Problem: i have server running ubuntu lucid, and so i also have 4 virtual servers on it running on KVM. Server has 2 ethernet ports - eth0 & eth1. eth0 is connected to my LAN (it is also connected to internet), and eth1 is connected directly to ISP with static ip configured. (my ifconfig: http://wieshka.pastebin.com/fn80SEFS, and here is my interface configfile: http://wieshka.pastebin.com/ZsSqDfed). What i need - the base system and 3 of virtual ser
<wieshka> are in LAN over eth0, and one my virtual server is directly connected to internet over eth1.
<wieshka> as you can see - i made bridges
<wieshka> but something is wrong
<wieshka> becouse none of my virtual server has now internet connection
<wieshka> and no DHCP adreses assigned to virtual servers over br0 (dhcp enabled, passing QEMU inbuilt DHCP)
<ChmEarl> wieshka, paste url's have extra wxxshka - remove it
<uvirtbot> New bug: #616151 in qemu-kvm (main) "Buffer I/O Errors with emulated usb disk image" [Undecided,New] https://launchpad.net/bugs/616151
<wieshka> ChmEarl: its from my auto paste script
<ChmEarl> wieshka, I see the pastes now
<ball> Can Ubuntu server boot from a software RAID array?
<wieshka> ball: no problem
<ball> wieshka: Thanks
<wieshka> ball:  i use RAID 1 + LVM + GRUB
 * ball isn't familiar with LVM
<wieshka> ball: you even can make array while installing during setup
<ball> wieshka: I may give that a try, now.
<wieshka> ball: LVM is easy
<ball> 'easy' doesn't tell me what it does ;-)
<wieshka> so make RAID autodetect partitions, then configure RAID, then setup a LVM and easaly configure it
<ball> ...though I can guess
<ball> Does booting from software RAID *require* lvm?
<wieshka> no ball, LVM just gives you extra flexibility
<wieshka> if you are going to make several partitions
<wieshka> for example you have a 500 Gb disk
<wieshka> make just 30 Gb partition for system for example
<wieshka> later if you need - you can extend it
 * mase_wk loves lvm
 * wieshka same here
<wieshka> i am using LVM for virtual servers
<mase_wk> yep me too
<mase_wk> backing up has never been easier.
<wieshka> mase_wk: hmmm, what virtualization you use ?
<mase_wk> i have some Xen boxes, mainly KVM these days
<wieshka> mase_wk: basicly backups with img fails are easier :)
<wieshka> but partitions gives some dozen of performance
<wieshka> write/read
<wieshka> i am using Enterpirse seagate disks
<wieshka> sata on SAS controler :)
<wieshka> mase_wk: i have problem with my KVM
<wieshka> ok - i havent slept for a more than day and a half, so my brain .......
<mase_wk> heh
<wieshka> mase_wk: how good are you in KVM networking ?
<mase_wk> so what issue are you having with KVM?
<mase_wk> thats a fairly open ended question...
<wieshka> mase_wk: my server has two physical ethernet ports - eth0 & eth1
<wieshka> so ..... eth0 is for base system and for 3 guests - like a public bridge
<wieshka> how can i connect last - 4 guest directly to eth1, what haves static ip
<wieshka> i made similar to public bridging, new bridge (br1) on eth1 interface
<wieshka> but now - all my guests are lack of internet :)
<wieshka> so something is wrong
<mase_wk> yeh ok so your most of the way there
<wieshka> so what i skipped ?
<mase_wk> so on your KVM host you still have a default gw set up right ?
<wieshka> yeah
<wieshka> maybe ifconfig, /etc/network/interfaces, route output needed?
<wieshka> to figure out ?
<mase_wk> so in theory you just need to make sure each guest is using the appropriate bridge
<wieshka> in theory :)
<mase_wk> so long as they each have seperate mac addresses
<wieshka> in theory i understanding :)
<wieshka> but something i messed up - and i am stuck for 2 hours already
<mase_wk> then make sure that in each guest that /etc/networking/interfaces actually referes to the correct IF
<mase_wk> as if you use something like virt-clone
<mase_wk> you will find that it sets up eth1 ,eth2 etc..
<mase_wk> rather than eth0 which is the default in /etc/networking/interfaces
<wieshka> hmmm, i dint understund you ....
<mase_wk> make sure in each guest, that if you do ifconfig -a that the appropriate interface is set up correctly in /etc/networking/interfaces
<mase_wk> brb
<wieshka> hmmm .... then question - why my guests - who already worked (network) is now without internet  becouse i connected second interface
<wieshka> mase_wk: hmmm .... then question - why my guests - who already worked (network) is now without internet  becouse i connected second interface
<wieshka> mase_wk: whats wrong with your network connection ?
<wieshka> :)
<mase_wk> nothing, i'm messing with KDE
<wieshka> mase_wk: - is there something wrong - i supouse no - http://wieshka.pastebin.com/0ZkTW6JA
<wieshka> it is my interface file for my server
<mase_wk> that looks fine, pastebin your libvirt config and also the /etc/network/interface for your guests
<wieshka> now guests working
<wieshka> so just stays to configure
<wieshka> one guest to that physical interface
<wieshka> so i have eth1 & br1 - i using manual/static IP adres for it
<clusty> curious if one can boot an ubuntu from a raid (hardware raid).
<patdk-lap> clusty, yes, why wouldn't you?
<wieshka> clusty:  i prefer software, but why you cant ?
<patdk-lap> the whole point of a hardware raid is it looks just like a normal hardrive
<clusty> patdk-lap: for one, how can grub read it's menu.lst, or how it's called now
<patdk-lap> clusty, why would it need to?
<patdk-lap> it's just a normal drive
<patdk-lap> there is nothing special about hardware raid
<patdk-lap> now software raid is special
<wieshka> clusty: hardware raid gives you a single hard disk
<ball> clusty: Yes, you can boot Ubuntu from hardware RAID
<clusty> thought it needed the kernel module
<patdk-lap> cause now grub has to know how it works
<clusty> for the card
<wieshka> use as simple disk
<ball> wieshka: it gives you the illusion ofa single hard disk
<ball> (assuming a small array)
<patdk-lap> clusty, that is what the hardware raid bios is for :)
<patdk-lap> now linux will bypass the bios, then you need a drive
<patdk-lap> driver
<clusty> patdk-lap: thanks. i am receiving my disks tomorrow and was wondering how it will all work out
<patdk-lap> what raid card?
<clusty> intel
<patdk-lap> should be overly well supported then :)
<clusty> it sees the module.
<patdk-lap> the hardest issue I have with hardware raid, is to get good raid stats from it
<patdk-lap> so I can monitor the health
<clusty> the intel fukards are not giving the utils in deb format
<clusty> just rpm
<patdk-lap> that shouldn't be hard to install
<clusty> i have yet to screw around with alien to get em working
<patdk-lap> unless it's only in i386 and you need x64
<clusty> the CD came just with 32
<patdk-lap> heh, forget the cd
<patdk-lap> see if you can download them
<clusty> i struggled just to flash to latest FW
<patdk-lap> normally the cd is a year or more out of date
<clusty> try 3 :D
<clusty> the initial bios was 2007
<clusty> and new is 2010 version
 * patdk-lap has been having fun with ldirectord
<patdk-lap> I've just about got it fully ipv6 away now :)
<clusty> what's that?
<patdk-lap> aware
<patdk-lap> things that I can't do with ipv6 in it seems to be limited to ping and mysql
<clusty> patdk-lap: what raid controllers do you use ?
<wieshka> mase_wk: i have to configure static IP address in guests interface file ?
<mase_wk> yes
<mase_wk> or configure your dhcp server to hand out the correct ip
<wieshka> hmmm - can i give mac address the same as it is for my eth1 interface
<wieshka> my ISP has attached to my physical IP address
<wieshka> so i supouse the problem is there
<wieshka> my ISP isnt giving ip address for my guest over bridge
<patdk-lap> adaptec 2130, adaptec 2200, adaptec 2110, perc5, perc6, 3ware
<wieshka> becouse there aperas my guest address - is that possible ?
<wieshka> eth1 mac address is ignored
<clusty> patdk-lap: i got a 3ware for the company a while back
<wieshka> thats the way how bridge should work, i am correct ?
<wieshka> so i need to spoof mac addres
<clusty> support seemed nicer than my intel: the tools had decent install scripts - no packaging system
<mase_wk> erm your mac address should be younique
<mase_wk> unique
<mase_wk> each guest needs a different mac address, usually specified from within the hosts' libvirt definition
<wieshka> mase_wk: hmmm - how can i make it with out bridge
<wieshka> there should be option
<wieshka> to configure directly to physical interface
<wieshka> mase_wk: hmmm - why this does not works  ? :)     <interface type='direct'>
<wieshka>       <source dev='eth1' mode='vepa'/>
<wieshka>     </interface>
<mase_wk> i don't think thats how you define a bridged network
<mase_wk> you don't have a 'direct' interface
<mase_wk> if you want a single guest to use a single interface , and only that interface is used by that guest
<mase_wk> ie PCI passthrough
<mase_wk> you need VTd support
<mase_wk> otherwise if you have multiple guests to 1 interface you need a bridge
<clusty> patdk-lap: still around?
<patdk-lap> ya
<clusty> any stripe size recommendations ?
<clusty> for raid
<patdk-lap> depends what you use it for
<ball> clusty: try different settings and see what works best for you.  I default to one track per stripe
<ball> ...but testing is important.
 * patdk-lap wonders how ball calculates out a size of a track, since drives haven't had tracks forever
<clusty> what are tracks to start with?
<clusty> FS block size ?
<patdk-lap> na
<ball> patdk-lap: they have fake tracks these days.
<patdk-lap> :)
<patdk-lap> these days they are made like cd's, one very long track
<patdk-lap> I forget if they have, or are going to go to the whole laserdisk method
<patdk-lap> read/write parallel tracks at the same time
<patdk-lap> I think they are
<ball> patdk-lap: I doubt that's what they do now, though it's certainly possible with a voice coil.
<ball> Not that it would matter to the system software anyway, it's just an array of sectors.
<patdk-lap> well, I know what they used they where talking about parallel, but I really wasn't interested in how, at the time
<ball> Let's see if I can learn how to do a software RAID on Ubuntu Server
<patdk-lap> oh, that is easy :)
 * ball wonders why "Chicago" would be listed as a time zone.  That makes no sense to me.
<patdk-lap> it's not
<patdk-lap> it's listed as one of the largest citys in that timezone
 * patdk-lap is annoyed that NYC is always listed, but not Wash D.C.
<ball> It's not clear to me whether I'm supposed to create partitions of some sort before creating the RAID array, or whether I should create the RAID array from "Free space".
<ball> What does Ubuntu expect me to do?
<mase_wk> raid is a disk level thing
<mase_wk> you need to set up raid first
<mase_wk> then partition
<ball> mase_wk: usually yes, but with software RAID?
<mase_wk> then filesystem
<patdk-lap> software raid you can do it either way
<mase_wk> i imagine so. you probably need a single boot partition somewhere
<ball> Ah, I see a "physical volume for RAID" option in the "Partition Disks" dialogue
<patdk-lap> that is what the usb drive is for :)
<Roxyhart0> hi there i would like to block p2p with iptables, sombody know the command line, also somebody is using patch-o-matic for that?
<patdk-lap> roxy, you know that is a lost cause?
<Roxyhart0> what is the lost cause block p2p?
<clusty> patdk-lap: can't do l7 or ipp2p ?
 * ball tinkers
<clusty> unless it's ssl enabled torrent :D
<patdk-lap> torrent doesn't do ssl
<patdk-lap> but it does do md4 hashing, making l7/ipp2p useless
<Roxyhart0> if i want to block any port over 3000 per example andopen just the port that i need?
<Roxyhart0> what about it? http://bby.com.pl/linux-router/blocking-p2p-software-string-module/
<clusty> patdk-lap: what i do wonder: my isp does DPI. they can somehow classify my torrent traffic
<clusty> curious how
<clusty> they throttle me down for everything they cannot figure out ?
<patdk-lap> they normally do it by bandwidth analysist
<Roxyhart0> somebody as listen about path-o-matic to block p2p?
<X32> how would I change the command line font?
<jmarsden> X32: man setfont   # This might do what you want, I'm not 100% sure
<robertpayne> Easy way to delete lines out of a text file that match grep?
<qman__> robertpayne, grep -v stufftoremove /path/to/file > file2; mv file2 file1
<robertpayne> qman_: thanks :) I found it .. should've googled first was kind a stupid question
<Roxyhart0> somebocy have a good doc to install ipp2p in ubunut?
<Roxyhart0> ubuntu
<alex88> hi, how is possible to scroll up in screen?
<twb> ^A[
<uvirtbot> twb: Error: Missing "]".  You may want to quote your arguments with double quotes in order to prevent extra brackets from being evaluated as nested commands.
<Callum__> heh uvirtbot
<alex88> it's ctrl-a escape
<alex88> :)
<Callum__> ^A
<uvirtbot> Callum__: Error: "A" is not a valid command.
<Callum__> ^help
<uvirtbot> Callum__: (help [<plugin>] [<command>]) -- This command gives a useful description of what <command> does. <plugin> is only necessary if the command is in more than one plugin.
<Callum__> ^commands
<uvirtbot> Callum__: Error: "commands" is not a valid command.
<Callum__> wut
<Callum__> what is then! =P
<DexterLB> I have two machines running ubuntu server. Could you recommend some benchmark process I can run on both and see which performs better?
<alex88> DexterLB: hardinfo has some tests, like fibonacci, md5 etc
<DexterLB> alex88: thanks
<DexterLB> I'll try it
<alex88> DexterLB: or this http://www.tux.org/~mayer/linux/bmark.html
<alex88> or this ftp://pi.super-computing.org/Linux/super_pi.tar.gz
<robertpayne> qman_: shame the -B and -C don't work with -v :(
<twb> alex88: that's what I said
<twb> DexterLB: what resource(s) do you want to benchmark?
<alex88> twb: about the ctrl-escape?
<alex88> i've just seen ^A[
<xampart> morning
<alex88> xampart: morning
<DexterLB> why is sudo so dead slow?
<mase_wk> DexterLB: slow ?
<mase_wk> how long does it take ?
<DexterLB> like when it needs to ask for a password it waits 5sec or so before asking
<DexterLB> is that some security measure?
<twb> DexterLB: before prompting for the password?
<DexterLB> yeah
<twb> Do you have root?
<DexterLB> oh?
<DexterLB> i thought it was impossible not to have
<twb> I mean, do you, DexterLB, have administrative privileges on this host
<DexterLB> yup
<DexterLB> it does work
<DexterLB> but it takes some time
<twb> OK, pastebin the output of egrep -v '^[[:space:]]*(#|$)' /etc/sudoers
<DexterLB> it is as it should be
<DexterLB> Defaults	env_reset
<DexterLB> root	ALL=(ALL) ALL
<DexterLB> %sudo ALL=(ALL) ALL
<DexterLB> %admin ALL=(ALL) ALL
<DexterLB> oops
<DexterLB> pastebin :D
<DexterLB> sorry
<twb> OK.
<twb> Now do the same for nsswitch.conf and /etc/pam/common*
<twb> Also lsb_release -a
<twb> Er, /etc/pam.d/common-*
<DexterLB> system rebooting
<DexterLB> kernel upgrade
<DexterLB> will have to wait a bit
<twb> OK
<DexterLB> http://dexterlb.pastebin.com/VLn4hm5a
<DexterLB> i never understood regex
<DexterLB> what does that thing mean
<DexterLB> '^[[:space:]]*(#|$)' that is
<joschi> DexterLB: any string starting with any number of whitespace characters (space, tab, ...) or none, followed by a hash sign (#) or endline ($).
<joschi> it basically filters out any comments and empty lines of a file
<DexterLB> o
<apw> o
<robertpayne> ugh is there any reason SSH key authorization wouldn't work out of the box ubuntu? I've installed id_rsa.pub into ~/.ssh/authorized_keys on the server and have it locally in ~/.ssh/id_rsa chmoded properly too
<Daviey> robertpayne: use ssh -vvv user@host .. the verbose info will likely provide some clue
<robertpayne> debug2: we did not send a packet, disable method
<robertpayne> hmm
<joschi> robertpayne: check /var/log/auth.log and maybe raise the log level of your sshd
<robertpayne> joschi: ok I'll try that
<joschi> robertpayne: also check, if the user has a valid login shell and the permissions on ~/.ssh/ are correct
<joschi> they should be 0700 on the directory and 0600 on the files inside it
<robertpayne> ya
<robertpayne> Authentication refused: bad ownership or modes for directory /root
<_ruben> ssh as root? eww
<robertpayne> I turn it on then back off as I do large amounts of changes requiring sudo
<robertpayne> heh "root" didn't own /root
<KE1HA> Opps :-0
<robertpayne> not sure how that happened.. thx joschi for the auth.log tip
<_ruben> ouch
<robertpayne> _ruben: and I completely agree root login = bad.  I'm just working on my dev box right now and have days of work to do on it so avoiding hassle of passwords
<twb> Just use NOPASSWD and sudo -i from a trusted less-privileged account
<_ruben> indeed
<robertpayne> I see so create a user with no password and run like "ssh user@domain -p port 'sudo -i'"
<Jimmyx> hi, wanna ask, i'm looking for some user-friendly howto build mail server.. maybe with postfix/dovecot/mysql for multiple domains.. any suggestions?
<twb> Jimmyx: apt-get install ubuntu-serverguide
<robertpayne> Jimmyx: if you'd like I can give you some shell scripts & conf files that are pretty much out of the box ready for a postfix/dovecot over SSL
<Jimmyx> robertpayne: sounds good... if you dont mind :)
<KE1HA> Hello All, Is there a 10.04 Server Manual in PDF that we can DL v.s. using the Wiki pages ?
<robertpayne> twb: by NOPASSWD do you mean set the root user to have no password for sudo -i from the less privelged account?
<twb> robertpayne: no, I mean set your %sudo user to have NOPASSWD: in /etc/sudoers
<twb> i.e. "sudo foo" never prompts you
<robertpayne> twb: ahh so the account could sudo root without typing in a pass
<twb> Right.
<twb> So really you're just as insecure from attackers, but at least you won't fat-finger stuff as often.
<robertpayne> twb: true...
<robertpayne> Assuming it'll still prompt for su
<twb> Uh, sudo -i
<robertpayne> gah yea sorry
<bdrung> hi, can a member of the server team have a look at the sponsor request bug #378240?
<uvirtbot> Launchpad bug 378240 in xen-3.3 "Please merge xen-3.4 (3.4.0-2) from debian unstable" [Wishlist,Confirmed] https://launchpad.net/bugs/378240
<uvirtbot> New bug: #616257 in openldap (main) "package slapd 2.4.21-0ubuntu5.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/616257
<AtomicSpark> WTB ubuntu-server metapackage which gives me /exactly/ whats on the ubuntu server cd to fix crazy vpn hosts like linode. <3 Cookies for all!
<alex88> you mean vps
<alex88> well linode prices are crazy
<huats> morning
<alex88> where i can see the list of servers to use with apt?
<alex88> i mean official repositories
<twb> alex88: archive.ubuntu.com and XX.archive.ubuntu.com, where XX is your two-letter country code.
<alex88> twb: thank you..de.archive.ubuntu downloads at 74kbyte/s...
<twb> Good ISPs and universities will also provide secondary/tertiary mirrors.
<joschi> alex88: https://launchpad.net/ubuntu/+archivemirrors
<alex88> those are what i'm searching..
<alex88> joschi: thank you :)
<twb> In Debian there's a machine-parsable text list, which apt-spy uses to pick the nearest/fastest.
<twb> I don't think that's available in Ubuntu :-/
<alex88> there is on ubuntu desktop..
<alex88> dunno on server
<twb> alex88: yes, but that's built into synaptic or whatever
<twb> Something like automagic like cdn.debian.net that automagically resolves to a good local mirror would be ideal.
<joschi> alex88: ubuntu and ubuntu server use the same package sources. the only difference is the default installation
<alex88> joschi: i know..but on ubuntu desktop you've "select best server" in synaptic...as twb said..
<twb> GUIs are for chumps
<alex88> ;) right
<alex88> https://launchpad.net/ubuntu/+mirror/ftp.halifax.rwth-aachen.de-archive how can i see if it has also other reps, not only main?
<twb> alex88: apt-get from it
<alex88> oh..just change sources.list and try :)
<twb> Or browse their mirror in dists/lucid/
<joschi> alex88: or you just take a look at the mirror yourself. -> http://ftp.halifax.rwth-aachen.de/ubuntu/dists/lucid/
<joschi> alex88: any way, all mirrors in the list have main, universe and multiverse
<twb> I'd just add a fast mirror first, then put XX.a.u.c and/or a.u.c below
<twb> It'll then try the fast mirror and fall back to the complete mirror
<notlistening> Hi running  a virtualbox server that can accept connection on static ip but not make out going connections like ping, but the web server services reqests
<joschi> notlistening: icmp is not supported by the NAT type network adapter of virtualbox
<notlistening> ah sorry it is bridged
<notlistening> and I am starting is using vbpxtppls
<notlistening> *vboxtools
<notlistening> I can even update the server so it is all goinging network traffic
<notlistening> cnn't
<twb> Maybe you aren't proxy ARP requests
<alex88> also after changed reps still 70kbyte/s, and hoster says they not limit..i doubt..
<notlistening> It has worked before :D
<twb> I expect requests to/from the host OS work fine
<notlistening> yes they work fine
<notlistening> I checked that first
<twb> So the guest can talk to the host?
<notlistening> I can ssh into the machine, I can view webpages from it from different machines host and others
<notlistening> the guest can't see the outside world or my internal network
<twb> Uh, so the guest has no default route?
<twb> I don't understand how these symptoms could occur
<twb> What does iptables-save say?
<notlistening> 1 sec
<notlistening> not installed
<notlistening> could it be a virtualbox bug?
<twb> Where did this disk image come from?
<twb> If iptables-save isn't installed, you haven't done a normal ubuntu-server install
<twb> (Where "installed" means "in root's $PATH")
<alex88> oh...unattended upgrade was limiting to 70...-.-' noob
<notlistening> It is the 10.10 server :D
<twb> alex88: that's retarded
<notlistening> and i did the most basic VM install
<alex88> twb: i'm retarded :)
<twb> QoS beats throttling
<alex88> what you mean?
<twb> Rather than limiting it to n kbps, just declare that it's bulk traffic
<twb> QoS will then prioritize it below stuff like ssh
<alex88> how do i set qos? btw, i was thinking that it limits just the automatic updates bandwith..
<twb> With great difficulty
<twb> Or throw shorewall at it, I guess
<alex88> oh..no way..i have enough bandwith to not need to limit nothnig
<twb> Then why did you limit it?
<alex88> because i was thinking that it just limits automatic upgrades.. for the small time that i install something i have no bandwith problems..
<notlistening> right my resolvconf it blank will that cause an issue for DNS?
<twb> notlistening: /etc/resolv.conf should be populated by dhclient (DHCP)
<notlistening> Well i am running with a static IP and DNS server has been set but i am just hunting for issues
<Somoel> Hozsanna
<Somoel> ikonia bruder ola
<notlistening> Right i can now talk to my internal network
<notlistening> DNS is the issue now
<notlistening> fixed at the moment :D
<Somoel> drupal? No! Never! Joomla better! Joomla forever!
<Jeeves_> cmsmadesimple++
<Somoel> website baker the better cms
<Somoel> ola Jeeves bro'
<twb> All PHP needs to die
<twb> And all CMSes and all web apps in general
<jpds> twb: Django?
<twb> jpds: I'm not a fan of Python by any stretch, but it can't be any worse than what people do with PHP
<hggdh> Daviey: good morning
 * Daviey recently had a horrific experience with Joomla!..  I'm still too traumatised to go into it
<Daviey> hey hggdh !
<hggdh> Daviey: I see you are full of energy ;-)
<Daviey> hggdh: hah :)
 * hggdh is half-asleept
<twb> TBH I'm surprised none of our prisoners have suborned the CMS already
<kim0> is the 10.04.1 to be released next Tuesday
<Daviey> hggdh: good to hear..
<Daviey> kim0: AIUI, that is the current plan.  But as i'm sure you know, it's out when it's announced :)
<kim0> hehe ok
<jpds> I thought it was tomorrow?
<kim0> has been pushed back
<jpds> Noone informs the mirror admin that's been prepping things, I see.
<hggdh> Daviey: Chris says he found the issue with Walrus/SC on distributed installs
<Daviey> hggdh: Yes.. he has pushed a fix.. I thought there was one more pending - but perhaps that was just their internal results.
<Daviey> hggdh: Merging what I have as we speak.. will push to PPA shortly.
<hggdh> Daviey: cool, thanks
<uvirtbot> New bug: #616310 in backuppc (main) "Realease package backuppc 3.2.0" [Undecided,New] https://launchpad.net/bugs/616310
<patdk-lap> twb, it's not really that php is bad, it has it's problems and all languages do
<patdk-lap> but it's just the type of programmers that are using it that are the issue
<patdk-lap> and that will happen with any easy to use language
<patdk-lap> same issues with perl, perl added all kinds of help and ways to protect against most of those issues, but people still don't use them, unless they know what they are doing
<robertpayne> Is there a way to permit root login via limited ips?
<Iceman_B> I just installed 10.04, but I was expecting bash to use colors. it doesnt, how do I set this?
<alvin> Iceman_B: It's documented in a commented section in ~/.bashrc
<Iceman_B> lemme check
<Iceman_B> I dont have such a file
<Iceman_B> I mean, an "ls -a" on my homedir doesnt show it
<Iceman_B> can I just create a ~/.bashrc file? or wont that solve anything ?
<joschi> robertpayne: you mean root login via ssh?
<robertpayne> joschi: was going to be for rsync purposes I found out you just run rsync under cron as root and push to non-root account on other server
<alvin> Iceman_B: You don't? You can copy the default .bashrc from /etc/skel/.bashrc
<floown> hello
<floown> I can't use imap in Kontact since the upgrade to KDE 4.5, what packet should I manually install?
<alvin> floown: Wrong channel. Better ask in #kubuntu. (I can't confirm. Haven't upgraded yet.)
<Iceman_B> alvin: will try, thanks
<hggdh> Daviey: thanks for packaging the beast. It is already building, so I will test ASAP
<ssureshot> morning ... I have set preservejobhistory No in my cupsd.conf but the cXXXXXX jobs are never removed.. whats happening here and what am I missing?
<zul> ttx: feature freeze is tomorrow right?
<ttx> zul: yes
<zul> ttx: damn
<Iceman_B> alvin: I copied the .bashrc file from /etc/skel to ~ and logged out and in again, but no change
<Iceman_B> bash still shows up grey
<Iceman_B> im connecting through putty btw, if that makes any difference. it used to work tho
<alvin> Iceman_B: That's normal. You have to change the default .bashrc first. uncomment a line there
<alvin> Iceman_B: #force_color_prompt=yes
<Iceman_B> I know, I did that too
<Iceman_B> let me doubel check just to be sure
<Iceman_B> oh and, how do I find out WHAT shell im actually using?
<Pici> echo $SHELL
<Iceman_B> force_color_prompt=yes <--- yup
<Iceman_B> checks out
<Iceman_B> it returns /bin/bash
<Iceman_B> so thats cool too
<Iceman_B> and vim shows up in colors, so its not putty
<Iceman_B> im also missing a .bash_logout
<Iceman_B> strange
<alvin> .bash_logout can also be found in /etc/skel You probably created the user without copying files from skel, or with another shell.
<Iceman_B> no idea really, I just installed 10.04, rebooted and logged in
<alvin> Iceman_B: The default is no colored prompt. I just try to color it by uncommenting #force_color_prompt=yes. It works fine.
<Iceman_B> alvin: ok well, either im doing something wrong, or that just doesnt work here
<alvin> Iceman_B: Did you log out after uncommenting? (or sourced .bashrc?)
<Daviey> hggdh: no problem.. It's landing in the archive shortly. :)
<Daviey> hggdh: let me know how it turns out :)
<alvin> Iceman_B: I don't think you need other packages than bash to have a colored bash prompt
<Iceman_B> I did log out after uncommenting, and I have no clue what you meant by "sourced"
<Iceman_B> im still qutie new to this
<alvin> 'source' is a built-in shell command. You can refresh your login files with it. (like type: $ source .bashrc instead of logging off and logging in again)
<Iceman_B> ooh cool
<Iceman_B> thanks
<Iceman_B> I might try a system wide setting in a minute
<CharlieSu> Anyone using Amazon's Elastic Load Balancer?
<CharlieSu> Does anyone know if it is possible to create a security group that only allows Amazon's Elastic load balancers?  I only want the ELB's to be able to access a group of servers to do health checks, but i don't want the rest of the world to be able to make requests.  This is because I have a web layer, application layer and DB layer with load balancers infront of both my web layer and application layer.  The web layer is
<hggdh> Daviey: the SC still fails to start on a distributed deployment
<ttx> hggdh: do the others start up ?
<tvw> I am just setting up a linux server and now I need to setup postfix. I wonder which way I should go. I would have expected not to deal with postfix at all, since we have a separate mailserver.
<ttx> CharlieSu: maybe on #ubuntu-cloud
<tvw> Now I wonder, whether I make it a smart host or totally local.
<hggdh> ttx: I will have to go back to topo2, I was running topo3. Chris sent me a note late last night stating he had found the issue on the separate topos
<CharlieSu> ttx: thx
<hggdh> ttx: and would give us a fix today
<ttx> hggdh: I thought that would be included on the recently-uploaded one
<hggdh> ttx: 2010-08-10 22:36:19     deckie  i found the problem that was preventing remote walrus/sc from working.
<hggdh> 2010-08-10 22:36:45     deckie  i'll follow up with you tomorrow and dave, and the list later tonight
<hggdh> the time is URC-5
<hggdh> UTC-5
<ttx> Daviey: ^how does this map onto your own work ?
<Daviey> hggdh: Yes.. I understood there was going to be another upstream commit.. But perhaps i missunderstood deckie.
<Daviey> I think he left it going through their internal continual integration testing stuff...
<Daviey> which would automatically push to the branch.. That is how i understood it.
<Daviey> So either i missunderstood, or it failed the test
<tucemiux_> "tunnelled clear text passwords" is secure, right?  Basically, it means authenticating using a password as opposed to a key
<hggdh> I do not know, at this time I was trying to sleep (so that I could get up earlier and test it
<hggdh> Daviey, ttx: going now to topo2 (fully-separated) to confirm
<Daviey> hggdh: Appreciated! :)
<RyanP> I have a server with something wrong with it. Among other things, when i execute "sudo -i", I get three "Sorry, try again." messages, then "sudo: 3 incorrect password attempts", without ever being prompted for a password. Anyone know what's going on?
<Pici> Well thats not normal.
<Pici> RyanP: You mention that other things are wrong with it, do you suspect that its been rooted?
<tvw> What sense does it make to use sudo on a server? I will never work there as a normal user and if, every command would start with sudo? I do not want to start a discussion but only a hint?
<RyanP> Pici, Not ruling it out, but I don't think so.
<thesheff17> #/join ubuntu-virt
<Iceman_B> alvin: oh cool, after sourcing ~/.bashrc it works
<Iceman_B> (except that my prompt is now green too, but meh)
<Pici> RyanP: What if you just try to sudo a different command? Also, does sudo point to where you expect it? check   which sudo
<Pici> tvw: One of the quickest arguments is that by not having a root user (or rather, having a locked password), anyone who tries to comprimise the server needs to know both a valid username and a password, rather than just 'root' and a password.
<RyanP> sudo is /usr/bin/sudo, which seems to have appropriate permissions and such. sudo anything (sudo bash or sudo ls for example) give the same error.
<Pici> RyanP: And your user is in the admin group?
<tvw> Pici: Thanks, that makes sense.
<tvw> RyanP: or is your user in the group 'sudo'
<Iceman_B> where can I read what exactly happens during the install? I want to get some more insight into Linux
<RyanP> Pici, the user is in the admin group.
<tvw> Another question: The installation cd assumes, that the machine is connected to the internet. This make the installation a bit painful, if no network is attached to the server. Is there a way to avoid, that setup is querying the network all the time. It causes a lot of delays.
<masoncloud> quit
<qman__> tvw, just skip network configuration during setup
<qman__> press cancel on DHCP, then choose do not configure at this time
<tvw> qman__: That's a weird procedure, but thanks.
<qman__> well, a server without a network connection isn't very useful, so it's assumed you have one
<qman__> but not configuring the network will speed up the install
<hggdh> Daviey, ttx: separate install definitely is still broken. So I guess we are waiting on the additional patch from Chris
<ttx> Daviey: we are still waiting for an additional patch ?
<hggdh> Daviey, ttx: I am now going back to all-in-one, to test the rootwrap & volume creation
<ttx> hggdh: sounds good
<Daviey> hggdh: Yeah.. seems there was an issue.. Gonna try and get hold of someone now.
<Pici> kim0: Thanks for updating the irc/channellist wiki page, I forgot about that.
<kim0> Pici: no worries :)
<uvirtbot> New bug: #616404 in munin (main) "package munin-node 1.4.4-1ubuntu1 failed to install/upgrade: subproces installed post-installation script gaf een foutwaarde 1 terug" [Undecided,New] https://launchpad.net/bugs/616404
<tvw> After installation I get errors: "fd0 read error", "no such disk". I use raid1 and installed grub into MBR.
<tvw> the floppy disk is disabled in BIOS.
<sponzor> hi. i have 2x 500gb, 1x 1tb. i want to do is raid 1. so that i would have 1tb=1tb raid. how to combine 2x 500gb
<patdk-wk> raid0 :)
<patdk-wk> then do a raid1 on the 1tb and the raid0
<sponzor> will take that a lot of resorces of server? :P
<patdk-wk> or, you may not want to do raid0, but do linear instead, to just concat the two, instead of striping them
<patdk-wk> nope
<sponzor> hmm linear? how to do that
<patdk-wk> dunno, never done it
<sponzor> :D
<sponzor> than i will go with raid 0
<patdk-wk> looks like instead of doing raid0, you just type linear
<patdk-wk> the advantage of linear is if you really screw something up (like two of the drives fail)
<patdk-wk> assuming one is the 1tb
<patdk-wk> you could still recover half your data
<sponzor> i will go with raid 0. ok i did raid 0. now i have 1tb lvm. i nead to do is that 1tb lvm will be raid not lvm.. ? how to do that. i m doinng fresh install...
<patdk-wk> heh?
<patdk-wk> why do you have lvm?
<patdk-wk> what did you do?
<patdk-wk> lvm is going slow things down :)
<sponzor> lvm was automatic when i did raid 0
<patdk-wk> I dunno if you can use the installation menu to give you what you want
<patdk-wk> you should use lvm yes, but after you do the raid1
<patdk-wk> I never setup mine using the installer so
<sponzor> than i should install it on 1tb and make 2x 500 to 1tb and than to raid1 in the console after installation?
<patdk-wk> don't think so
<sponzor> hmm what should i do than? :P
<patdk-wk> I normally just drop to console
<patdk-wk> setup the raid
<patdk-wk> then do the install
 * patdk-wk is all about doing things manually though :)
<sponzor> that is to hard.. its like gentoo then :P
<patdk-wk> no it's not, I'm not waiting a week for it to build everything :)
<sponzor> :P
<uvirtbot> New bug: #616417 in mysql-5.1 (main) "AppArmor complains about missing local/usr.sbin.mysqld file" [Undecided,New] https://launchpad.net/bugs/616417
<Tohuw> On my Ubuntu 9.10 server, I'm configuring DoveCot with LDAP as per http://wiki.dovecot.org/HowTo/DovecotOpenLdap and have a few questions... 1) In the example LDIF, what does the comment "# only necessary if you are NOT using 'bind' authentication" indicate? That the entire rest of the entry is not necessary, or just that stanza? I am using bind authentication for LDAP. 2) These will be virtual accounts. I see the global_uid and global
<patdk-wk> bind authenication is nice
<patdk-wk> it logs into the ldap server using the users name and password
<patdk-wk> otherwise it logs in using whatever you want, then it checks itself that the username and password match what is in ldap
<patdk-wk> second way is easier to configure ldap
<patdk-wk> first way is faster, cause it is 1 lookup instead of 2 or more
<Tohuw> patdk-wk: makes sense. Is it a security risk to allow for bind authentication, since this means any user could just log into the server? I'm guessing "no", because you want users in there to be able to login. The second question is: I will be using virtual names for my dovecot addresses (i.e. not every email address will link to a real user on the server). I suppose this means I DO need that stanza?
<patdk-wk> security issue all depends on how *insecure* you configure your ldap :)
<patdk-wk> I use bind, I want users to login, and users are restricted to only their own items
<Tohuw> fair enough :)
<patdk-wk> do need what stanza?
<Tohuw> per the comment in the help doc I linked. Here's the excerpt (it's an example ldif): http://pastebin.com/mdvETEbK
<Tohuw> I assume line 13 refers only to lines 14-18
<Tohuw> or does it refer to the entire rest of the ldif?
<patdk-wk> that is just creating an account, for dovecot to login to ldap with
<patdk-wk> so if you don't use bind, you need it, if you use bind, it's not needed, but won't hurt
<patdk-wk> the last two would be user accounts
<ivoks> hm...
<ivoks> it's missing posixAccount to be an 'account'
<ivoks> without that objectClass it's not an account
<ivoks> it's just an entry
<patdk-wk> mine I only use, inetOrgPerson and posixAccount
<ivoks> ah, i see what this is for
<patdk-wk> for my webmail ones, inetOrgPerson, posixAccount, top, hordePerson
<ivoks> in slap.conf read perms are given to cn=dovecot
<patdk-wk> ya
<ivoks> and then adds password
<ivoks> it's a good tutorial
<Tohuw> ivoks: I think so. I'm learning a good bit I didn't know about ldap and Dovecot. I've never had to setup a mail server from scratch with no "cheat scripts" before.
<ivoks> oh, you haven't seen dovecot-postfix package? :)
<Tohuw> ivoks: I've seen it, but I'm using Exim ;)
<ivoks> it doesn't integrate with ldap
<ivoks> why? :)
<Tohuw> ivoks: it seems to offer the most robust featureset, and, frankly, I'm more familiar with troubleshooting it.
<ivoks> fair enough
<smoser> kirkland, ping me when you see this please.
<patdk-wk> heh, I never setup mine even with an howto before
<patdk-wk> I installed the dovecot-postfix last night though on 4 systems, in my demo lab
<patdk-wk> cause I needed to test imap and smtp connections
<Tohuw> patdk-wk: though some scoff at them, I really like Ubuntu's packages for so many setups. I wish I could have deployed 10.04 to this server, just for the "redmine" package. It would have saved me ~6 hours of work ;(
<patdk-wk> well, I use the packages for quick tests
<patdk-wk> half the time I end up compiling from source
<Tohuw> yes, they're good for that. Especially because you can just purge them when you're done and poof, all gone (usually/sort of)
<patdk-wk> I always poof the server :)
<qman__> yeah, never run tests on a tainted server
<qman__> the results won't be consistent
<Tohuw> Unless you're replicating a tainted server environment you can't control ;)
<patdk-wk> I wish these would install on ubuntu though
<patdk-wk> http://www.percona.com/software/
<patdk-wk> the mysql from there, really has issues with ubuntu
<Tohuw> So many clients I have had the "pleasure" of working with are utterly horrified at the thought of actually rebuilding their server
<patdk-wk> I can't install anything that uses mysql, after I install that, or ubuntu attempts to wipe it out
<qman__> right, but you should make a copy of the server to mess with
<qman__> not just mess with it
<Tohuw> qman__: oh, I never test on production boxes themselves
<patdk-wk> vm's are nice for that
<Tohuw> I'm just saying, if you're going to run several very quick tests on relatively non-related software, you can just purge
<patdk-wk> mirror production box
<Tohuw> yes
<patdk-wk> test :)
<Tohuw> I'm transitioning our web and app server environments to Ubuntu Cloud servers. I'm in love
<Tohuw> clone, clone, clone, destroy
<Tohuw> whoosh
<Tohuw> I remember when "virtualization" was what you did to "cluster". Right before "giving up" or "crying" or "getting seriously inebriated"
<Tohuw> I think the worst setup I ever partook in was a clustered Exchange 4.x server. Suffice it to say the hostname of the dev boxen it was being tested on were clusterf***1 through clusterf****4 for a reason
<patdk-wk> heh, oviously not exchange 2007 :)
<patdk-wk> you need atleast 8 box's
<Tohuw> and a small orbital space station
<patdk-wk> I have a large postfix cluster
<patdk-wk> then I have a small postfix cluster in front of exhcnage 2007
<patdk-wk> I don't trust exchange to protect exchange
<Tohuw> I don't trust exchange to exchange exchange
<patdk-wk> I haven't had issues with exchange, only with outlook screwing u pthe mailbox's
<Tohuw> Outlook is worse than exchange. I'd rather troubleshoot and work with Exchange than Outlook anyday
<Tohuw> I despise Outlook
<Tohuw> Okay back to working. Thanks for the help, as always
<resno> im intersting in setting postfix for my offce to use for outgoing mail. how complicated is the setup?
<patdk-wk> it can be as easy or complex as you want :)
<patdk-wk> I've done them in <1hour, and some >3days
<resno> i just want the office to be able to send emails through it
<patdk-wk> the only real issue for using it for outgoing mail would be setting up your dns (forward and reverse) and spf records up correctly
<resno> i found a tut and im going to try it out
<resno> this coming from an office server with no domain, should it still work?
<patdk-wk> nope
<patdk-wk> unless you set it up to use a smarthost
<patdk-wk> outgoing email servers must have proper manners, or no one on the internet will accept email from you :)
<resno> then i would need to forward the emails through another machine essentially
<qman__> I think anyone who has had to spend days recovering and merging PST files hates outlook
<patdk-wk> qman, my boss has 26gigs of pst's :)
<patdk-wk> all active and in use
<qman__> yeah, my uncle is in a similar situation
<qman__> over 20 gigs, had a hard drive fail
<qman__> sent it to a place which recovered the files
<qman__> but then he had another 2-3 gigs of new PST files
<qman__> and wanted them merged together
<patdk-wk> ya, I do that about once a year, just to *clean* the pst
<trimeta> Interesting question: Is it possible to configure ssh such that a certain user can only log in if the remote computer is in a specified subnet?
<Daviey> hggdh: New snapshot landing in the archive shortly
<Daviey> (not ppa)
<qman__> trimeta, you can firewall it, but not based on the user
<patdk-wk> I think new ssh lets you, dunno if the lucid one is new enough
<trimeta> qman__: Yea, I would like to only restrict this one user from logging in from arbitrary remote machines, not all users.
<qman__> any particular reason for it?
<strax> You could ask nicely ;)
<patdk-wk> http://www.cyberciti.biz/tips/openssh-deny-or-restrict-access-to-users-and-groups.html
<qman__> I'm thinking this could be easily solved by using keys instead of passwords for that user
<patdk-wk> oh wait, that isn'tby ip :)
<trimeta> The main reason is that I've got a relatively insecure account that I want my father to be able to use from the local subnet, but which can't be accessed from the wider internet. But there are other, more secure accounts on the system I do want to access from the internet.
<qman__> yeah, that's easily solved with key-based authentication
<qman__> just put the key on computers you want to give access
<hggdh> Daviey: ack
<trimeta> It would be, if I could teach him how to use keys...he's got WinSCP and PuTTY as his access programs.
<qman__> nothing to teach, you just set it up once
<qman__> the other good solution I know of is to use two different SSH servers
<strax> You can set up PuTTy to automatically use a key, just save a "profile" or whatever Putty calls it
<strax> And WinSCP just uses Putty
<trimeta> Not the same install of PuTTY, though.
<strax> What do you mean?
<qman__> just use pagent
<trimeta> Whatever, I'm going to try messing with /etc/ssh/sshd_config and see if that works.
<qman__> there's nothing to do with subnets there, that's out of the scope
<strax> In fact, using a key makes it even easier for your father since then he doesn't have to type a password
<trimeta> Apparently not: the AllowUsers directive lets me say user@host.
<qman__> that's not subnets
<trimeta> Where"host" can be of the form "192.168.*"
<trimeta> And I just tested it and it worked; from a remote machine, it wouldn't let me log in even if I used the right password.
<trimeta> Anyway, thanks for the advice guys, even if I ended up going a different path.
<regius> I wonder if this is possible? I'm trying with dhcp-helper but I have a problem getting ip on server:eth1 http://img153.imageshack.us/img153/5623/iprelay.jpg
<Iceman_B> regius: personally, I cant make heads or tails out of your diagram
<Iceman_B> maybe its be though
<Iceman_B> *me
<Iceman_B> im usually big on diagrams
<regius> I want a computer between my home router and my isp
<regius> It is named server in the diagram
<regius> The eth* beside the boxes are interface names
<regius> and the boxes are computers
<Iceman_B> yeah, I gathtered that much
<Iceman_B> but what you are trying to accomplish, I didnt
<regius> I want a "transparent" computer infront of my home router
<regius> so my server will have a internet friendly adress, and my home router will altso have a internet friendly address
<Iceman_B> IANA network wizard, but this sounds to me like you would typically need 2 public IP adresses
<Iceman_B> one for your router and one for the transparent machine
<Iceman_B> but I assume you want both to share the same ip ?
<regius> I think so to
<regius> No I want two different ip:s
<Iceman_B> oh
<Iceman_B> then call your ISP
<regius> My ISP will grant 5 public ip
<Iceman_B> okay, so thats covered
<arrrghhh> regius, you'll need a switch before your router (sorry to jump in if that's already been addressed)
<regius> arrrghhh: okey, why?
<Iceman_B> really? I mean, if 2 different MAC's request a DHCP lease with his ISP, he should get 2 back, no ?
<arrrghhh> well that depends
<arrrghhh> what is your edge device
<arrrghhh> cable modem?  dsl router?
<regius> A computer
<arrrghhh> your edge device is a computer...?
<regius> My brand new fit-pc2i :-)(
<regius> :-)
<arrrghhh> so it's a T1?  what?
<regius> Yes
<regius> RJ45 connection in to my flat
<arrrghhh> ok what does that T1 land on?  it goes directly into a computer?
<regius> Yes
<arrrghhh> ok, this computer... how many ethernet ports are on it?
<regius> 2
<arrrghhh> well then it should work
<arrrghhh> uhm.
<arrrghhh> wait
<arrrghhh> nvm, it won't work.  you need another nic.
<regius> So i tought I need 3 public ip
<regius> 2 on the edge device, and one on the home router
<Iceman_B> you need 1 IP per device that you want visible on the internet, and you need to make sure that all requests are sent to your ISP, instead of any device on your network
<arrrghhh> well your edge router only has 2 nics.  one nic is consumed from the connection coming in, so you only have one NIC out.  therefore you can only hoook up your router or server.
<regius> Right now I'm trying to do a dhcp-relay local on the edge device
<arrrghhh> i'd just put a switch on that T1 coming into your flat
<regius> True
<arrrghhh> get a little 4-port switch.  problem solved, anything going into that switch will get its own public IP
<regius> Maybe that's the best way... But still can I have do a dhcp request on eth1 for the interface eth0
<maswan> arrrghhh: rj45 sounds like ethernet, not t1
<arrrghhh> maswan, the plug is the same... the only difference is the shielding on the cable...
<arrrghhh> you're splitting hairs
<Iceman_B> my hairs are splitting too :(
<arrrghhh> lol
<regius> It is a bit expensive with a gigabit switch
<arrrghhh> regius, is your bandwidth from your provider that high?
<regius> Is it not possible to fix this with some dhcp-relays
<arrrghhh> no clue
<arrrghhh> never done it before
<regius> No but I wan't gigabit between my home network and the server
<arrrghhh> regius, so wait... where is your LAN?  on the router?
<regius> yes
<arrrghhh> then that's where your bottleneck would be.  is that gigabit?
<regius> yes
<arrrghhh> then you wouldn't have to worry about the switch
<arrrghhh> it would only switch traffic going out to the internet
<arrrghhh> assuming you landed that rj45 plug into your flat in that switch
<regius> no the internet connection are comming in to the server with 2 interfaces
<arrrghhh> yes, i'm talking about putting a switch in front of that.
<arrrghhh> so you can have more public IPs
<arrrghhh> is that not what you're trying to do?!?!
<hallyn> jdstrand: plans on libvirt 0.8.2 or 0.8.3 merge?  Do you have time for that?
<regius> yes but without buying new hardware :-)
<jdstrand> hallyn: I will be working on it this week
<jdstrand> hallyn: Daviey asked about that last week
<hallyn> jdstrand: awesome, thanks
<jdstrand> it will be 0.8.3
<arrrghhh> regius, well i'm not sure then.  either you add another nic to your edge device, or get a switch.  i'm not sure how else to solve it.  not saying there isn't a way, i just don't know it ;)
<regius> Why would I need 3 nic:s? 1 for internet and one for the router
<hallyn> jdstrand: cool - between that and 0.12.5 kvm, we'll see if we get teh fast vm saves now!
<arrrghhh> regius, i thought you had another device that needed a public ip.  you're not being very clear...
<regius> Sorry
<maswan> arrrghhh: not really, the end equipment is very different
<maswan> arrrghhh: plugging in a t1 into an ethernet switch won't do much good
<maswan> also, a t1 is horribly slow
<regius> I guessed that the edge device needed 2 public ip:s and my router 1 public ip
<arrrghhh> maswan, again, splitting hairs.  if it's going directly into his server, it'll probably work on a switch.  it's probably not an actual t1, probably metro ethernet or something like that.
<maswan> arrrghhh: if it is going to his server, it's definately not a t1
<regius> It's a 10/10 connection
<arrrghhh> maswan, agreed.
<arrrghhh> but that's not really the problem here!
<arrrghhh> perhaps i'm just not understanding.
<regius> I have activated ip forward on the server and right now I'm trying relaying the dhcp request with dhcp-helper -b eth0 -i eth1 -d
<regius> I thing I'm doing a pore job explaining :-(
<arrrghhh> ok wait'
<arrrghhh> let's start at square one
<arrrghhh> you're paying your ISP for 5 public IP addresses, correct?
<regius> Yes
<regius> (or it's included for everyone)
<arrrghhh> those public IPs, are they static?
<regius> No
<arrrghhh> i would hope so
<arrrghhh> ouch.
<arrrghhh> well, that changes things and i can see why you're running into a roadblock now.
<maswan> regius: What I'd do is get a small cheap ethernet switch and put that first, then plug the rest into that. If you really need the machines behind eachother, that's more difficult.
<arrrghhh> put a switch in front of your PE device :P  lol that's the easiest.
<maswan> Otherwise, hm, look into bridging between the internal and external interfaces, I think would be the terminology to search for
<regius> True that would be easy
<maswan> basically making the server act as a switch
<arrrghhh> i'm just not sure how to pass the dhcp requests past your server.
<maswan> because it needs to forward stuff, even though the upstreams network won't see it as a router for your other IPs, etc.
<regius> I found dhcp-helper
<maswan> even then, I'm not sure it'll work
<Johnnyx> huh anyone with problems with postfix? with running it?
<maswan> Johnnyx: works fine for me, usually
<maswan> Johnnyx: but then I don't have any complex configuration, just to send the cron mails off to me, etc.
<regius> It's look's like it can forward broadcast packages to a specific dhcp server
<maswan> regius: yeah, but after that you also need to manage to grab and forward all the rest of the unicast traffic too
<maswan> regius: which means the server has to appear to the upsterams network as having all those IPs
<regius> ipforward?
<Johnnyx> i've installed it and its not running.. when i start it /etc/init.d/postfix start it says starting ... OK
<Johnnyx> but when i try postfix status it says system is not running
<lamont> what does /var/log/mail.log say?
<maswan> regius: that only solves part of th eproblem
<maswan> regius: that's shifting the packets from eth0 to eth1, making your ISPs switch/router send them to your eth0 is also an issue
<Johnnyx> hash map access missing map file /etc/mail/access.db .... i have no idea why...
<Johnnyx> and in log
<Johnnyx> reject=451 4.3.0 temporary system failure
<regius> Thanks all for trying! I'm giving up :-) and buy a switch insted
<maswan> regius: Anyway, a good start would finding a guide on setting up bridging and experimenting with that. I've never done that outside of the virtualisation world though. It is a tricky thing to do. And yes, that's what I'd do too, even if it can theoretically be done. :)
<maswan> ...
<Johnnyx> lamont: any suggestions?
<Egonis> I'm absolutely fed up with Windows Server, and want to use Ubuntu Server in its place... I tried to restore my Exchange mailboxes from backup, and it caused a STOP error on a fresh install... I'm in the process of switching to Lotus Domino, and really want to run that on Ubuntu Server, however our accounting software requires windows to operate -- is there a safe and clean way to run Windows Server 2008 in a Virtual Machine on U
<Egonis> buntu?
<_ruben> Johnnyx: sudo postmap /etc/mail/access
<lau> according to pdns-doc 2.9.21-5ubuntu1.1 there is a testing mode /etc/init.d/pdns monitor for pdnsd
<alvin> Egonis: I do that on some ubuntu servers. (KVM) It works but the downside is that you will have a lot of performance loss. There are no virtio drivers for Windows 2008, so don't expect good I/O
<patdk-wk> heh?
<patdk-wk> pdns != pdnsd
<Egonis> alvin: It would be for a Pervasive (BTRIEVE) Database, and nothing more. The trouble is, the accounting software company won't support anything but their very precise configuration (even Server 2008 wasn't supported until weeks ago)
<patdk-wk> pdnsd is a completely different, unlreated program
<Johnnyx> hmm
<Johnnyx> _ruben: do you know what this could mean
<Johnnyx> postmap: warning: /etc/mail/access, line 105: record is in "key: value" format; is this an alias file?
<alvin> Egonis: It might work, I use it for small databases too, but only when performance is not important. I hear you can buy signed drivers from Red Hat, but Canonical doesn't offer those for sale.
<alvin> The source is there, but you'll have to sign them yourself. If I have the time, I'll look into that. Doesn't look easy on first sight.
<Egonis> alvin: thanks for the info
<alvin> There is a Brainstorm idea for that: http://brainstorm.ubuntu.com/idea/24582/
<lau> thx patdk-wk
<lamont> Johnnyx: postmap hash:/etc/mail/aliases
<lamont> Johnnyx: postalias hash:/etc/mail/aliases <-- actually
<hggdh> Daviey: you just put out r1225, correct?
<trimeta> I'm worried that the bind server I have set up on my machine isn't actually caching DNS results...running dig on a new address two times in a row doesn't result in reduced query times.
<trimeta> How can I check if I'm actually caching, and make sure that it does cache if it isn't currently?
<Daviey> hggdh: correct, in the archive
 * RoyK rewrites his PHP code to Fortran
<patdk-wk> trimeta, do a lookup for like, www.google.com
<patdk-wk> then disconnect your internet cable
<patdk-wk> and try again :)
<patdk-wk> or you could have done a tcpdump on your internet connection and parse the results
<mike1> anyone help with squid proxy for a server / not forwarding internet to lan....
<mike1> anyone help with squid proxy for a server / not forwarding internet to lan....
<SpamapS> mike1: how are you connecting to the proxy?
<mike1> SpamapS:  The set is as follows.   Modem to eth0 on server/proxy eth1 to lan
<mike1> I'm online throug the server right now (using ascII and lynx :)
<SpamapS> mike1: so then what is your question?
<mike1> I'm not getting the internet on my lan...  I'm ssh'ing into the server to get out.  packets aren't being forwarded
<mike1> I'm guessing squid.conf isn't correct.
<SpamapS> AH
<SpamapS> well squid is really just for HTTP
<SpamapS> it doesn't "forward packets"
<mike1> <-- dummy using wrong terms sorry
<SpamapS> Please do not self deprecate. ;)
<mike1> ok done with that, but what I am missing.  is it something in /etc/squid/squid.conf
<SpamapS> mike1: you may find some answers here https://help.ubuntu.com/10.04/serverguide/C/firewall.html
<SpamapS> mike1: what you probably want is IP masquerading.
<mike1> SpamapS:  i'll read up a bit, hope you around for a few ! thanks
#ubuntu-server 2010-08-12
<mike1> STILL having the problem with proxy.   changed/corrected order of NICs in firewall
<Iceman_B> how do I restart samba?
<KE1HA> sudo /etc/init.d/samba restart
<KE1HA> https://help.ubuntu.com/10.04/serverguide/C/index.html
<Iceman_B> thanks
<Iceman_B> it seems like 10.04 is full of surprises
<Iceman_B> I cant access my files on the samba share in Windows, but I can see them
<Iceman_B> sudo: /etc/init.d/samba: command not found
<KE1HA> Im not at my server, but seems I recall that changing.
<KE1HA> that's why i pulled it off the Wiki, guess it needs some work :-)
<KE1HA> try sudo restart samba
<Iceman_B> thanks
<Iceman_B> lets see
<KE1HA> then do a sudo testparm
<Iceman_B> restart: Unknown job: samba
<KE1HA> you sure it's installed ?
<KE1HA> Oh, sri, my bad.
<KE1HA> sudo restart smbd
<Iceman_B> im sure its installed :)
<Iceman_B> smbd start/running, process 2860
<Iceman_B> is that the correct return?
<KE1HA> now do sudo testparm
<KE1HA> I just upgrade my server from 8.04, lots changed ;-)
<Iceman_B> KE1HA: http://ubuntu.pastebin.com/aifXSwzN
<Iceman_B> still, access denied
<KE1HA> let me get my share off conf, will patebin it, you need to change the path and username though.
<KE1HA> Iceman_B, http://pastebin.ubuntu.com/476668/
<Iceman_B> whoa
<Iceman_B> that's a whole slew of new options
<Iceman_B> lemem try that
<Iceman_B> testparm does not display invalid OR default settings, right ?
<KE1HA> If it fails it will tell you that.
<Iceman_B> okay
<KE1HA> f testparm runs correctly, it will list the loaded services. If not, it will give an error message. Make sure it runs correctly and that the services look reasonable before proceeding
<Thund3rX> Hi all, what version of Eucalyptus comes in bundled with Ubuntu Server Edition?
<Iceman_B> KE1HA: http://pastebin.ubuntu.com/476673/
<Iceman_B> no errors were thrown
<Iceman_B> but can you explain that discrepancy
<Iceman_B> ?
<KE1HA> which line do you think is not right ?
<Iceman_B> hm>? is that a question or a quiz?
<Iceman_B> because I dont think the lines are wrong :)
<KE1HA> There ya go, ok, does it work ?
<Iceman_B> Im just wondering why some of the lines vanish in the testparm
<Iceman_B> lemme see if it works
<Iceman_B> nope, still access denied
<KE1HA> I dont know, Im not an expert on testparm, but know if I get errors using it, I need to fix them.
<KE1HA> have you added a user to samba ?
<KE1HA> as in, dod you do somethign like this at one point: smbpasswd -a [user_name]
<KE1HA> opps as in, did you do somethign .. ..
<Iceman_B> yeah
<KE1HA> Man, do i have a big chat-delay or are you checking somethign ?
<Iceman_B> ah sorry
<KE1HA> So you added a smbpasswd ?
<Iceman_B> i was checking the samba.org  page
<Iceman_B> yes
<Iceman_B> and it happens to match my linux pass
<KE1HA> and did you restart samba after you mand the Share changes ?
<Iceman_B> yeah
<Iceman_B> sudo restart smbd right?
<Iceman_B> I can try again though
<KE1HA> yes
<KE1HA> and just to be sure, you've done all this as sudo, not root yes ?
<Iceman_B> all this sudo
<Iceman_B> i dont think I can do this as a root
<Iceman_B> something about ubuntu missing a root user
<Iceman_B> ?
<KE1HA> no, you should not do anythign as root in Ubuntu.
<KE1HA> How are are you trying to access the shared folder ?
<Iceman_B> in windows, I do
<Iceman_B> network places > and then the share is listed there
<KE1HA> that's good, at least its seeing it. Does WinDoze Ask you for a U/N and P/W ?
<Iceman_B> nope, but thats because the Windoze pass is the same
<Iceman_B> and the user
<Iceman_B> Im assuming here that in the background, samba asks for credentials, and windows supplies whatever im logged in with
<Iceman_B> and they match
<Iceman_B> im beginnin to suspect another thing here
<Iceman_B> the files im trying to access, were created on another ubuntu system
<KE1HA> No, it dont work that wau.
<KE1HA> way*
<KE1HA> your linux box, the first time you acess the sahe should ask you for the info.
<KE1HA> There's another way to do this with the conf file, but I dont use it too often.
<Iceman_B> I think I found the problem
<Iceman_B> its the files themselves
<Iceman_B> they are being pwned by root
<Iceman_B> instead of my user
<Iceman_B> they all reside on a different hdd, which is mounted on a dir in my ~/
<Iceman_B> so that would explain it
<Iceman_B> I wonder if I can chown the entire drive recurseivly
<KE1HA> Back to the .conf file then ## comment out the previous Share setings then try this: http://pastebin.ubuntu.com/476677/
<Iceman_B> without breaking the automount
<KE1HA> and sudo srestart samba again
<KE1HA> The access it though IE with \\IP-Address\Share_Folder
<Iceman_B> before I do that, I want to try the ownership thing first
<KE1HA> SRI, \\IP_Address\username
<Iceman_B> because if I create a file from windows, ON the share, I can access it fine
<KE1HA> Ownership of the share ?
<Iceman_B> no
<Iceman_B> of all the files in the share
<Iceman_B> I made a kinda complicated setup I guess
<KE1HA> that's a diffrent problem, if you can create a File on the Share, then Samba is working.
<Iceman_B> yeh
<KE1HA> Then cd to the Share and chown -R ./*
<KE1HA> chown -R username ./*
<KE1HA> that's will change the owner, if you want group too: chown -R username:username ./*
<Iceman_B> thanks
<Iceman_B> its running now
<KE1HA> but first, in the dir share directory, do a la -al and look at the owner and group
<Iceman_B> that said root root
<Iceman_B> uid 0
<KE1HA> cool, you didn't say you could create files, but not access the old ones.
<Iceman_B> yeah, I didnt know what info to provide
<Iceman_B> or what is critical
<KE1HA> that's why, root owned them, not you the user.
<KE1HA> Samba is just the go-between .. like the tunnel.
<KE1HA> Anyway, Im glad it's workign.
<KE1HA> Only took me an hour to help you get it fixed :-)
<KE1HA> I really need to work-over this 10.04, it's allot difffrent than 8.04 was
<Iceman_B> ack
<Iceman_B> almost there
<Iceman_B> all the owner:group are now correct
<Iceman_B> but when I want to open a file, say a pdf
<Iceman_B> do I need my own permission set to 6 or 7 ?
<KE1HA> now from windows, dor a refresh on the directory
<KE1HA> well, no dee to 777 I'd do 750 if it's only you accessing them anyway.
<KE1HA> no need for 777 .. .. ..
<KE1HA> You could tightening them up real tight, but on you own boxes, probably not needed but it's up to you.
<Iceman_B> so whats the syntax
<Iceman_B> man pages are usually cryptic
<Iceman_B> chown u+ 0700 ?
<KE1HA> syntax for what ?
<KE1HA> chmod [000] [filename]
<KE1HA> Once you own the files your just changing the permissions.
<KE1HA> if yo want to do a whole directory of files, or anything below a certain directory level, just do
<KE1HA> chmod -R ./*   but besure your in the directory where you want to change the file permissions and the -R is recursive.
<Iceman_B> thats fine
<KE1HA> you need the permission in there of course, like: chmod -R 750 ./*  would change every file * directory below where your at.
 * Iceman_B sighs, still nothing
<Iceman_B> so all the files on the share are owned by my own user:group
<Iceman_B> permissions on all the files and dirs are set to rwx------
<Iceman_B> and still access denied on all those files
<KE1HA> Iceman_B, but you can go from windows to the share directory and create files or from the Ubuntu machine and put new files there and Windows can acess it ?
<Iceman_B> yup
<Iceman_B> I can see the share in windows, create file in windows, open THOSE files in windows
<KE1HA> Only thing I can think to try is use sudo to change the user:group and then file permission, and see where that takes you.
<Iceman_B> and write to them
<KE1HA> as in: sudo chown -R username:username ./*  then do sudo chmod -R 700 ./*
<Iceman_B> I just rebooted my server
<Iceman_B> all the colors from bash are gone now too :?
<Iceman_B> but first this samba issue
<Iceman_B> i'll try your suggestion, sec
<Iceman_B> chown is running now
<KE1HA> must be allot of files :-) Music Archive ?
<Iceman_B> and anime =)
<KE1HA> :-)
<Iceman_B> samba should have no problems when im in windows and I access file, that in linux is a symlink, which points to the actual file
<Iceman_B> right?
<Iceman_B> assuming im the owner of all, and I have rwx permissions on it
<KE1HA> Links are short cuts
<KE1HA> what's the permissions on the files? are they in a diffrent place ?
<Iceman_B> well, physically they are on a different drive, but that is mounted in ~/rin
<Iceman_B> and I just changed all the permission on those files to 0700
<KE1HA> and you ls all of them ?
<Iceman_B> ls ?
<Iceman_B> how do you mean
<KE1HA> How did you create the links ?
<Iceman_B> good question, lemme think
<Iceman_B> I have a dir ~/share, I cd to that, and then I do ln -s ~/rin/..../file.pdf file.pdf
<Iceman_B> and still the same error, access denied
<KE1HA> and you created those with the other system ?
<KE1HA> On the Ubuntu box, move on of the real files to the shared directory and see if windows and open it
<KE1HA> Move a file, not the link
<Iceman_B> all those fiels were created on another system, yeah
<Iceman_B> I can access them from within ubuntu fine though
<Iceman_B> but I'll try
<KE1HA> move one of the actual files, using the Ubuntu server, and see if you can read it from windows.
<KE1HA> but dont creat a Ln -s for that file.
<KE1HA> try to acess the actual moved file.
<Iceman_B> that seems to work
<Iceman_B> I can access the files fine
<Iceman_B> so I guess the problem is in a symlink ?
<KE1HA> Kill all those links, move the files, move them back ad re-do your links.
<KE1HA> or, directly acess the file,s which is best.
<Iceman_B> I cant move the files
<Iceman_B> not enough space on my disk
<KE1HA> You just did.
<Iceman_B> yeah, one
<Iceman_B> I cant move em all
<KE1HA> well, try deleting a link and re-creating it, but I think it's the source (re file) giving you the trouble.
<KE1HA> oop (real file )
<Iceman_B> okay
<Iceman_B> lemem try that
<Iceman_B> yeah seems to work now
<KE1HA> Well done :-)
<Iceman_B> thanks a million
<KE1HA> links are a pain in the back side, especially hard links.
<Iceman_B> but...what did really change?
<Iceman_B> I never use hard links
<KE1HA> No problem, glad ya got it sorted.
<Iceman_B> so can you explain whats different now?
<Iceman_B> because I had a samba share with symlinks in it which were giving me a hard time, now i have the same share with the same symlinks
<Iceman_B> but it works
<KE1HA> Not exactly sure, but I think it was a uid issue from the root ownership, but Im not 100%.
<Iceman_B> yeah you would think that...
<Iceman_B> ut im not so sure
<Iceman_B> I mean, what really defines the uniqueness of a UID ?
<Iceman_B> the number?
<KE1HA> I think the uid issue was on the actual file, not the link, but I'd have to go dig on that one.
<KE1HA> That's why Linux / Unix is as secure as it is. Sure there's holes, but nothing like on WinDoze
<KE1HA> If that was a WinDoze box, you wouldnt' ahve been here askign quesitons.
<Iceman_B> perhaps
<KE1HA> file / directory permission in WinDoze is horrible.
<Iceman_B> but lets not turn this into a Windoez hating thing :)
<KE1HA> I dont "hate Windows .. I still have one WinDoze box, just in case, but dont use it much.
<KE1HA> But I certainly begrudge "paying for huge security risks" and viruses.
<KE1HA> In fact, your problem there wasn't a WinDoze issue, was a Linux security feature :-0
<Iceman_B> yeah, that seemed to be the case
<KE1HA> anyways, Im headed back to the standard UB channel catch ya later, glad its all sorted.
<Iceman_B> cool, thanks!
<Iceman_B> KE1HA: seems I was a bit premature, only the file I moved back and forth seemed to work with a symlink, I was still unable to access dirs, which were symlinked into the SMB share
<Iceman_B> from windows of course, in Linux I can access fine
<Iceman_B> I'll throw this on the forum during daytime, off to bed now :)
<Iceman_B> thanks again though
<Patrickdk> Iceman_B, over smb?
<Patrickdk> ya, samba attempts to not allow that, unless you enable wide symlinks
<Patrickdk> and in order to enable that, you have to disable unix extentions or something, that ubuntu uses by default
<chai_> ok so my home server will let me ssh to it and also will let me read files via sftp. but not write permissions. how can i change permissions? i have sudo
<reggi> hello?
<reggi> anyone here?
 * ball nods
<reggi> cool
<ball> Last night, as an experiment, I installed Ubuntu Server onto a software RAID array.  I was pleasantly surprised when it booted and appeared to run quite well.
<reggi> i have a really basic question. I'm trying to setup my laptop as a gateway and dhcp server to share my vodafone 3G internet connection. I have followed the instructions on this page https://help.ubuntu.com/community/Internet/ConnectionSharing and also installed firestarter and used these instructions http://www.howtoforge.com/dhcp_server_linux_debian_sarge (using dhcpd3). I now have conflicting dhcp settings and cannot get it to work. How can I remove
<reggi> any dhcp configs and start again? thanks.
<ball> reggi: So you want it to be a dhcp server on its Ethernet port and dhcp client (ppp client?) on its mobile broadband interface?
<reggi> yes that is correct ball.
<ball> ...and then something to route between those two ports.
<ball> (to perform NAS, I suppose)
<reggi> yep. i've tried 3 different methods to achieve this
<reggi> but there is a conflict with 2 different dhcp settings
 * ball has no idea how this stuff works on Linux
<reggi> when I run tail -n 100 /var/log/syslog i get this output http://paste.ubuntu.com/476702/
<zash> dhcpd should only listen on the eth* port, which should then not be configured with a dhcpclient
<reggi> oh hang on a sec
<ball> zash: Is that achieved by editing a flat text file or two?
<reggi> i'm getting the terminology confused (i'm used to the windows method of ICS) basically here is the diagram.
<reggi>  internet - <ppp> - <eth0> DHCP + gateway
<zash> ball: /etc/network/interfaces
<reggi> there are only two lines in that interfaces file, auto lo and iface lo inet loopback
<zash> reggi: this was a laptop you say
<ball> OH!  I just thought of another question that occurred to me.  Do the individual drives of a (software) RAID array have some sort of identifier on them, so that they can move around between busses and/or ports and still work?
<reggi> yep its a laptop zash.
<zash> reggi: do you have network-manager installed
<zash> cause it allows you to do this with a couple of click iirc
<reggi> zash, what is a networkmanager? i may already have it and not know it.
<reggi> I have NetworkManager Applet 0.8
<zash> reggi: the service that is installed by default in normal ubuntu desktops
<zash> reggi: yes, that's a inerface to nm
<reggi> ahah
<zash> reggi: IPv4 settings â method = shared to other computers
<zash> I think that enables a DHCP server
<zash> and stuff
<zash> and magic!
<reggi> zash, it's not that easy for me, i'm trying to share the mobile broadband which does not have a simple box to tick to 'shared to other computers'.
<reggi> I can see the 'shared to other computers' box for the eth0 though.
<zash> reggi: you set that on the eth0
<zash> reggi: and leave the 3g as it is
<reggi> oh...hmm really? ok i'll try that.
<zash> reggi: I'm not completly sure, but I thinkt it should work
<zash> I've shared 3g to wifi somehow
<reggi> hmm ok zash, i've given the eth0 a static ip of 192
<reggi> 168.0.1...
<reggi> i can't believe it's so hard to ICS in ubuntu
<reggi> in xp and vista you can do it in 3 clicks
<reggi> :/
<clusty> reggi: i can't believe you just compared ubuntu to windows
<reggi> lol
<clusty> either way this is the wrong spot to ask such questions cause ppl here usually don't even use GUIs
<clusty> in ubuntu is 3-4 commands
<clusty> 1 dhcp server - not mandatory
<clusty> 1 masquarading firewall rule
<reggi> i'm just frustrated i suppose, steep learning curve, head hurts. I'm forcing myself to learn linux - i've basically gone cold turkey and installed linux on all my machines.
<zash> reggi: I hope you are aware of that this is #ubuntu-server
<reggi> clusty: i've been given 3 different ways to ICS, 1. https://help.ubuntu.com/community/Internet/ConnectionSharing, 2. http://www.howtoforge.com/dhcp_server_linux_debian_sarge 3. firestarter. I've asked these questions in the #ubuntu channel and they asked me to post here because it is related to dhcp "server".
<reggi> hmm.
<clusty> reggi: you don't have to have a dhcp server
<clusty> then you punch in all ips/gateways by hand
<reggi> oh really?
<clusty> dhcp is a service that gives ips to everybody
<clusty> and helps them configure their routes i guess also
<reggi> yeah that is what I want to do. I really want to get away from all this gui stuff and do things in terminal
<qman__> reggi, note that "ICS"/"Internet Connection Sharing" is a windows-specific term, everybody else refers to it as NAT, NAT overloading, or the iptables-specific "IP Masquerading"
<qman__> what you're really doing is configuring your server to be a router
<qman__> the reason it's a little bit more complicated is because there's a whole lot more things it can do
<reggi> ah i see. well that is reassuring qman__
<qman__> a basic setup like you probably want is still fairly straightforward, and with the right guide, shouldn't take more than an afternoon to set up, even your first time
<reggi> qman, I know that the easy way would be to buy one of those routers with 3G sim card backup but I'm learning a hell of a lot by going down the linux path.
<qman__> it's worth the effort
<reggi> qman__: what I would like ultimately is to learn how to setup a server that would do everything a windows server would do, ie, domain name controller / ldap, roaming profile, etc
<qman__> the tools you learn are the same tools used for pretty much all linux-based routing and networking
<qman__> well, a full fledged windows-compatible domain controller is a ways off yet, but expect that with samba 4
<reggi> up until a few days ago I was trying to learn by doing google searches and reading up but there is something different when chatting with someone 'live' on irc.
<reggi> ahuh
<qman__> however, LDAP for a centralized linux authentication system is perfectly doable
<qman__> and samba 3 can manage NT-style domains
<reggi> one of my business clients is hell bent on getting a windows server to serve about 15 users
<reggi> at the moment they have peer to peer network.
<reggi> i'm trying to talk them into saving money and going for a linux box.
<qman__> he does know that server 2008 starts at a thousand dollars, right?
<reggi> but before I can convince them I want to be confident that I can install and support it. luckily I have a couple of old machines lying around that I can install ubuntu server 64bit and play around. I did mention to my client that it would cost a couple of grand for the ms server license and user cals
<qman__> well, if you don't need full-on windows domain functionality, just a file server/basic network services, it's not that difficult to do
<reggi> yeah I'm halfway there
<reggi> the other day I setup my very first freenas box
<reggi> its so ... so reliable and easy.
<qman__> yeah, none of that rebooting every time it updates
<qman__> uses a lot less resources too, you don't need a $5000 server to host some files
<reggi> i bet. i've been studying this guide http://www.howtoforge.com/vboxheadless-running-virtual-machines-with-virtualbox-3.1-on-a-headless-ubuntu-9.10-server and I'll test it out either tonight or tomorrow.
<MTecknology> In my init script - I have a little thing in there that makes sure nobody accidentally stops something for every user - but that catches when the system shuts down. Is there any way to see if the system is shutting down from inside of the script?
<Roxyhart0> hi there, i need to buy a external HDD of 2TB and munt in my server. Somebody know if ubuntu lucid can mount ok a usb HDD (external) od 2TB?
<smoser> Roxyhart0, almost certainly.
<Roxyhart0> thanks :) hopefully as im going to buy 4 of them
<mase_wk> Roxyhart0: yes it's fine
<mase_wk> Roxyhart0: with ext4 i think you can go up to an exabyte
<Roxyhart0> great ! thanks :)
<qman__> ext3 can handle up to 8TB with a 4k block size
<kinygos> hi all, when i powered up my development server this morning (ubuntu 10.04), i was greeted with a bunch of messages from /usr/lib/update-notifier....can anyone suggest how i can investigate what has happened?
<twb> kinygos: what messages?
<mase_wk> kinygos: dmesg or /var/log/messages ?
<kinygos> there were 3 pairs, /update-motd-cpu-checker: not found, /update-motd-updates-available: not found, and /update-motd-reboot-required: not found
<kinygos> (those paths are from /usr/lib/update-notifier...sorry)
<huats> morning
<kinygos> ok...dmesg and /var/log/messages show nothing serious, so i don't understand why update-motd would've suddenly broken...has anyone seen anything like this?
<Iceman_B> Patrickdk: can you repeat again what you said about wide symlinks? approx 7 hours ago, please?
<Jeeves_> 03:38 < Patrickdk> Iceman_B, over smb?
<Jeeves_> 03:39 < Patrickdk> ya, samba attempts to not allow that, unless you enable wide symlinks
<Jeeves_> 03:39 < Patrickdk> and in order to enable that, you have to disable unix extentions or something, that ubuntu uses by default
<Iceman_B> yes that, thanks
<Iceman_B> anyone have a clue is accessing hard links DOES work in Samba?
<Iceman_B> I mean, on a default ubuntu system
<twb> I believe samba supports hard links
<twb> It should be easy to check
<Iceman_B> twb: I get : Invalid cross-device link
<twb> Hum
<twb> Check with #samba, I guess.  I don't know any more.
<Iceman_B> okay
<Jeeves_> Ehm
<Jeeves_> hardlinks need to be in the same filesystem
<Iceman_B> Jeeves_: I didnt know that, still kinda new here
<Iceman_B> the files im trying to link to were created on another ubuntu system, and are physically on another drive, which is mounted in ~/mountdir/
<derknecht> i installed ubuntu 10.04 on a sata hotplug pc in ahci mode. i have no expirence with sata hotplug and try to trigger some scripts when a harddisc is added/removed. Can someone give me a hint please? I have found no wiki or howto covering this topic. Thanks
<Jeeves_> Iceman_B: Than you should create symlinks
<Jeeves_> ln -s
<Iceman_B> already spent 3 hours trying that last night, that doesnt work by default
<Jeeves_> Those can be cross-filesystem
<Iceman_B> hence my first question
<Iceman_B> I mean, it doesnt with by default in samba, running on Ubuntu
<Jeeves_> Iceman_B: http://ubuntuforums.org/showthread.php?t=352016
<Iceman_B> thanks, I'll look into that
<sergevn> does anyone has Darwin Calendar server working on lucid? :)
<Iceman_B> speaking of links, how do I remove all symlinks from a dir and leave all other files intact?
<Jeeves_> Iceman_B: find . -type l --delete (or something like that)
<Jeeves_> Iceman_B: 'man find' is your best option :)
<derknecht> how can i realise sata hotplug with hardware supporting it and mode set to ahci please? via scsiadd? hotplug-utils? which way to go?
<jetole> I feel stupid for having to ask this, but where is the domain name for a system stored?
<alvin> jetole: in /etc/hosts
<alvin> There is also a 'domainname' command to read/set a domainname
<jetole> alvin: yeah I tried adding it to /etc/hosts because I thought thats where it should be. There was the line "127.0.0.1 firewall" which I changed to "127.0.0.1 firewall firewall.office" and then ran hostname --fqdn and it still just said firewall
<jetole> got it
<jetole> had to do hostname.domainname then hostname in /etc/hosts
<jetole> thanks for the help alvin
<jetole> Also, does anyone know how to install the sun jre on server 10.04
<alvin> jetole: Yes, but you can leave the 127.0.0.1 and add another line with those values (hostname.domainname) and the real IP of the server.
<alvin> jetole: I haven't done it, but I hear it's in the partner repositories
<jetole> alvin: yeah I compared it to another server which was displaying the domain name in host --fqdn and it was "127.0.0.1 hostname.domain hostname" once I switched them to that order in /etc/hosts then hostname --fqdn showed the domain name
 * jetole looks at /etc/apt/sources.conf
 * jetole looks at /etc/apt/sources.list
<jetole> yep. I enabled the partners repo, did an apt-get update and now it's installing sun-java6-jre where before it told me that it's only referenced by other packages
<jetole> thanks again alvin
<alvin> np
<uvirtbot> New bug: #616719 in libnss-ldap (main) "slow group indexing when using huge ldap" [Undecided,New] https://launchpad.net/bugs/616719
<ttx> Daviey: what the status on Eucalyptus ?
<Daviey> ttx: Well the topology issue is looking good...
<Daviey> ttx: The Volume issue, is better than it was - creating them now works.. There *may* be an issue attaching them
<ttx> Daviey: ok
<Daviey> Did one more upload after you went last night.. am preparing another, but want to sync with euca to see if they are planning anything new today
<jahil> hi everyone
<jahil> how to capture sound youtube audio with snd-dummy interface
<uvirtbot> New bug: #616754 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/616754
<hallyn> ttx: current papercuts are supposed to be chosen from https://launchpad.net/server-papercuts/+milestone/maverick-beta  right?
<hallyn> ttx: I notice for instance that the pgadmin3 one "seems" owned by SpamapS, and ssl passphrase one is owned (for apache2) by zul.
<uvirtbot> New bug: #616759 in openssl (main) "CVE-2009-3555 tracking bug" [Undecided,In progress] https://launchpad.net/bugs/616759
<hallyn> So I'm not clear on whether to take those or not
<_bt> hey who kick me from #ubuntu-virt
<ttx> hallyn: looking
<ttx> hallyn: that's the right list -- maybe coordinate with them and see if they want those bugs or if you can take them ?
<hallyn> ttx: ok, thanks
<hallyn> SpamapS: you already own 2 papercuts, would you want help with bug 610975, or do you want to take that one too?
<uvirtbot> Launchpad bug 610975 in server-papercuts "Can not start pgadmin3" [High,Confirmed] https://launchpad.net/bugs/610975
<hallyn> zul: bug 582963, I assume you'd like to be assigned that one for the papercuts target (since you own it for apache2)?
<uvirtbot> Launchpad bug 582963 in apache2 "SSL pass phrase dialog can't read input" [High,Confirmed] https://launchpad.net/bugs/582963
<zul> hallyn: sure
<zul> that might not exactly be a papercut though
<robertpayne> hello all
<rapha> Hi guys
<rapha> Is there a way to change user and/or group ownership by default? kind of like uname?
<SpamapS> hallyn: 610975 is a noop rebuild...
<SpamapS> hallyn: so the only thing needed for it is to wait to see what wxwidgets2.8's fate is
<hggdh> mornings
<SpamapS> hallyn: so the only "fix" is to just bump the version and re-upload.
<ttx> smoser: what should we do about "ubuntu-on-ec2" on LP ? People continue to file bugs against it, but they are kinda lost: bug 608958
<uvirtbot> Launchpad bug 608958 in ubuntu-on-ec2 "Root logins are crippled" [Undecided,New] https://launchpad.net/bugs/608958
<smoser> hm..
<smoser> i dont know. there is only the one bug.
<ttx> smoser: should we just remove the project, or leave it as a placeholder that redirects to Ubuntu ?
<smoser> i'd be in favor of the placeholder
<smoser> i have code there
<smoser> (which obviously could be moved also, but the "automated-ec2-builds" and "ec2-publishing-scripts" seem reasonably well to fit under such a project)
<alvin> rapha: in what application?
<ttx> hm, we could also disable bugs for that project.
<smoser> can i do that for all my projects ?
<smoser> :)
<rapha> alvin: well, bash
<smoser> where do i put the "disable bugs" setting for my OS ?
<alvin> You can force the group for a directory by using chmod g+s <dirname>
<rapha> alvin: according to http://en.wikipedia.org/wiki/Setuid, that is ignored under linux
<zash> rapha: I'm quite sure it's not
<zash> read under setuid and setgid on directories
<alvin> rapha: yes, it's setUid that is ignored, not setGid.
<zash> alvin: setuid on dirs?
<zash> ah
<hggdh> Daviey: good morning, and any news from euca?
<alvin> No, I was referring to the article. My first thought was "Wikipedia is wrong", but it's not. All is well again. setgid works as it always did.
<rapha> ah okay
<uvirtbot> New bug: #616801 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/616801
<Daviey> hggdh: none yet :(
<hggdh> ah well
<Daviey> ... and there telephones seem busted.
<Daviey> Hmm.. it is 6:44am.. so i doubt i'd get anyone anyway :)
<soren> jdstrand: Any plans on a libvirt update for Maverick?
<jdstrand> jeez
<jdstrand> no offense but 3 people have asked about it :)
<jdstrand> I am doing it as we speak :)
<soren> Whoo!
 * soren hugs jdstrand 
 * jdstrand hugs soren back
<soren> 0.8.3?
<jdstrand> yes
<soren> Wicked.
<soren> I have a couple of extra patches for it, but I'll just roll a new upload once you're done.
<jdstrand> I hope to have it uploaded today
<jdstrand> I have a preliminary package and am testing it, but as usually goes with libvirt, that is about 8 hours of work ;)
<jdstrand> s/8/8 more/
<Daviey> jdstrand: FWIW we haven't colluded to pounce on you.. We've all wondered for different reasons :)
<soren> *wink*
<jdstrand> heh
 * Daviey *winks* back at soren
<soren> Daviey: He'll never know.
<Daviey>  /msg zul Remember your turn to ask jdstrand next, as we discussed :).
<Daviey> *oops* :P
<soren> *chuckle*
<zul> how did i get dragged into this? :)
<Jinxed-> anyone know how to install the mjpg_streamer command for ubuntu 10.04
<jdstrand> ok, I updated the bp, so now I'll just respong with "consult the bp"
<jdstrand> *respond*
<shauno> does JeOS still exist?  I can only find images for Hardy
<ttx> zul: you always get dragged in crappy plans.
<YankDownUnder> Anyone using conky or similar for a console monitor?
<Kaelten> Does anyone have a fully functioning preseed or kickstart files they'd be willing to share?
<zul> Kaelten: the iso teting iso.qa.ubuntu.com uses one. you might want to check there
<Kaelten> zul: I don't see a link to either types of configs
<YankDownUnder> Kaelten, What is it exactly that you're wanting to do, mate?
<Kaelten> YankDownUnder: I have 20-30 servers to deploy, so I'm wanting to automate things a bit
<YankDownUnder> Kaelten, Roger that - gotcha mate.
<Kaelten> I have a simple working pxe netinstall up, but I still have to answer a bunch of questions.  I'd love it if I could just have it ask me for hostname and ip address to setup on and auto on the rest
<YankDownUnder> Kaelten, Does this help in the least: https://help.ubuntu.com/8.04/installation-guide/powerpc/automatic-install.html
<Kaelten> it  may fill in some of the blanks
<YankDownUnder> I always like to refer to some of the older dox cuz some of the newer ones, well, have blanks. Coolbeans.
<YankDownUnder> Kaelten, Just as a side note: http://studio.debian.net/ => a new way to spin yer own - the Debian way - so it ain't SuSE
<Kaelten> just found this too (http://searchsystemschannel.techtarget.com/generic/0,295582,sid99_gci1377934,00.html) which looks to be filling in some of the other blanks
<Kaelten> neat site
<YankDownUnder> whoa...this I like...this I like...I'll have to read this later, but - cuz it's late, I'm tired, and well, I'm tired. Cheers! Ta for that!
<shauno> what's the easiest way to obtain a 'minimal' install?
<pmatulis> shauno: the server iso should give you the option
<shauno> pmatulis, am I missing something? I only see options for server (750Mb-ish) and UEC
<shauno> ah, nm, it's under Modes
<pmatulis> shauno: there are some keys down below
<joewilliams> asked this a couple days ago in #ubuntu-kernel but didnt get far, i installed linux-crashdump on a couple (10.04) servers but it doesnt seem to be collecting the core and rebooting. i have to manually reboot the machines. i tested it in a vmware image and it worked fine. any ideas?
<seicherlbob> hi there! I just intalled the new Lucid server and i need a short crashcourse in network-bridging because i'd like to set up a virtual webserver. So long i only used virtualbox on my desktop. my question: I already have the interface virbr0. Now is this the virtual interface to connect a virtual server to or what is it?
<sherr> seicherlbob: Not sure what virbr0 is - I think it might be the KVM private network. You will probably want a new bridge (e.g. br0) and then put eth0 into it.
<sherr> My /etc/network/interfaces and "brctl show" output is here : http://pastebin.com/wcHyhMeS
<seicherlbob> why is eth0 set to manual?
<sherr> The bridge network interface is passed to KVM as br0.
<seicherlbob> so br0 is the hosts interface to the guest(s)?
<sherr> Not sure - this is the way that worked and what I read works. Life is short - see the man page ...
<seicherlbob> grml... i'd like to understand these things. thats the point.
<sherr> The guests have real IP addresses as normal machines on our nwtrowk.
<sherr> The guests have "eth0" (etc.) inside them, but use the brodge on the host.
<seicherlbob> and whats eth0s ip then?
<sherr> The guest can use DHCP or static IP - whatever.
<sherr> On the host - br0 has the IP address.
<sherr> In a guest, eth0 is just a "normal" net device. Set to get IP from DHCP 9say).
<sherr> "manual" method : This method may be used to define interfaces for which no configuration is done by default.
<seicherlbob> ok, thanks so far. I'll just give it a try. there is nothing to loose for now.
<sherr> Good luck. It's not hard (the basic stuff anyway).
<seicherlbob> ok, so the host gets the address defined in br0. now when i try to start a kvm with ubuntu-kvm-builder, nothing happens.
<ruben23> hi guys i have installed ubntu server and all are working Ethernet card is working but when i update and upgrade
<ruben23> my etherenet card disappear- i tried lspci, but no etherenet present.
<ruben23> any idea guys..?
<patdk-wk> ruben, hardware failure?
<ruben23> patdk-wk: but its working with base install not update and upgraade
<patdk-wk> e1000e?
<giovani> ruben23: you retested it after it stopped showing up with a NEW base install?
<giovani> and it worked?
<giovani> or you're just presuming that it will work again with a base install
<kelt> hi, I noticed that ubuntu server hsa the option of installing for a cloud
<kelt> does this "cloud" software enable usage statisics for billing?
<smoser> kelt, no. UEC does not have any billing infrastructure at the moment.
<kelt> oh, okay... I thought that was the definition of a cloud... lol
<kelt> how do you do SaaS then?
<kelt> is it a free for all or something?
<seicherlbob> ok, i managed to start the installation of a virtual server with kvm and vncviewer ;) - now i dont get DHCP through. any suggestions? I started with the following parameters: -net nic,macaddr=00:16:3e:02:00:01,model=virtio -net tap,ifname=tap02,script=no
<kelt> how does this stand up to like vmware or CA products?
<ruben23> giovani:im installing based now
<uvirtbot> New bug: #616936 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/616936
<kelt> hmm... so this is just ubuntu server with eucalyptus pre-installed and some helper scripts?
<smoser> kelt, yes. "just" that.
<kelt> smoser: lol... is there a product you can apt-get or install to tie into ubuntu cloud servers for billing?
<smoser> no. it can be managed via landscape, but i do not believe that that provides billing (airly sure about that).
<smoser> billing is something that is a feature on eucalyptus's road map.
<kelt> so landscape keeps up with usage stats?
<kelt> does it have soap/rest available for extensability?
<smoser> what is "it" ?
<kelt> smoser: the cloud
<kelt> if I wanted to extract usage from the cloud
<kelt> so I can write my own custom billing
<hallyn> SpamapS: ok, thx, that was what i'd assumed.
<smoser> the cloud provides ec2 api interface
<smoser> which does not pvide you with usage information.
<kelt> hmm, well we want other departments inside network to be able to checkout resources from a private cloud and charge them accordingly...
<smoser> kelt, yeah, i follow what you'd be after, and I think lots of people are interested in that.
<kelt> smoser: people aren't just interested... they are *doing* it now :)
<kelt> smoser: do you know if the cloud does more than just IP ranges? can you do mac or are you stuck at IP?
<smoser> i dont know that i follow what "do mac" would mean.
<smoser> but from a interface perspective, all you have is ec2 elastic ips
<kelt> smoser: the cloud controls a range of IP addresses
<smoser> yes.
<kelt> well, I'm disappointed :(
<kelt> how long do you think it will be before the billing measures will be present?
<smoser> i really don't know the eucalyptus plans for that feature.
<smoser> you could certainly ask
<smoser> on eucalyptus forums or mailing list
<smoser> i'd be interested in seeing a response
<smoser> it is also possible that they even offer it as an add on, i'm not sure
<ruben23> gys any help setting up an FTP server for my ubuntu..
<RoyK> ruben23: vsftpd is quite simple
<RoyK> and quite good, it's probably the most used ftp server on the net
<ruben23> im using pure-ftp and it did not worked out
<ruben23> so ill used vsftpd i gues
<RoyK> vsftpd is probably the best for most things
<tarvid> Aug 12 08:57:18 helen kernel: [77401.300041] INFO: task kjournald:385 blocked for more than 120 seconds. Aug 12 08:57:18 helen kernel: [77401.300236] INFO: task python:1371 blocked for more than 120 seconds. Aug 12 09:01:17 helen kernel: [77641.300040] INFO: task kjournald:385 blocked for more than 120 seconds. Aug 12 09:01:17 helen kernel: [77641.300233] INFO: task python:1369 blocked for more than 120 seconds. Aug 12 09:01:17 helen kernel: [77641.3
<tarvid> 00379] INFO: task python:1371 blocked for more than 120 seconds. Aug 12 09:07:17 helen kernel: [78001.300042] INFO: task kjournald:385 blocked for more than 120 seconds. Aug 12 09:09:20 helen kernel: [78121.300041] INFO: task kjournald:385 blocked for more than 120 seconds. Aug 12 09:11:17 helen kernel: [78241.290035] INFO: task kswapd0:47 blocked for more than 120 seconds. Aug 12 09:11:17 helen kernel: [78241.290309] INFO: task kjournald:385 blocked
<tarvid>  for more than 120 seconds. Aug 12 09:11:17 helen kernel: [78241.290469] INFO: task mysqld:1193 blocked for more than 120 seconds.
<tarvid> ooops
<tarvid> meant to paste just one
<tarvid> server was in a bad state when that happens
<tarvid> but there are many posts at Google
<tarvid> any ideas?
<qman__> out of CPU, out of memory, out of disk, or a nasty kernel bug
<ebroder> My money's on the second
<qman__> mine as well
<bogeyd6> Anyone can recommend software to manage several linux san boxes?
<tarvid> 4GB memory 10GB swap swappiness = 0
<alvin> tarvid: bug 494476
<uvirtbot> Launchpad bug 494476 in linux ""Smbd","kjournald2" and  "rsync"  blocked for more than 120 seconds while using ext4." [Medium,Incomplete] https://launchpad.net/bugs/494476
<tarvid> apache had default maxclients setting - 150, reduced to 50
<alvin> Happens if you use LV snapshots or cause other heavy disk I/O. Server becomes unresponsive, can crash, or you'll not longer be able to log in.
<tarvid> installed modevasive
<tarvid> alvin - thanks - you're right
<alvin> LVM snapshots?
<patdk-wk> heh, I can't remember the last time I had that happen to me
<patdk-wk> used to happen all the time
<tarvid> no vanilla
<alvin> I can. two days ago, last week,... happens a lot
<patdk-wk> I think my issues was all nfs, and moving from 2.4.x to 2.6.x fixed it all up
<tarvid> modsecurity is beating the logs
<alvin> Hmm, I'm a heavy NFS user
<alvin> yeah, I had rsyslog hang on one occasion. The not logging in part is irritating
<uvirtbot> New bug: #616962 in munin (main) "munin after install: 403 forbidden" [Undecided,New] https://launchpad.net/bugs/616962
<alvin> Some users report noop as I/O scheduler to be a solution
<tarvid> not using LV . Logging is probably the heaviest IO but am running a bunch of Drupal sites so there are other demands.
<tarvid> https://www.bijk.com/p/2199b5ea
<tarvid> may provide a little insight
<tarvid> Is that a syn flood in the bottom graph?
<qman__> looks like
<qman__> if it were legitimate, the established connections would grow with it
<qman__> might not be malicious, might just be something like a web crawler, and your server turning it down
<tarvid> I do block a few in IPTABLES
<shsek> Hey, I'm getting "ALERT! /dev/mapper/foobar-root does not exists" error on boot (after messing up some stuff with initramfs-tools), but I can access my filesystem via the rescue mode of the Ubuntu Server CD. I think its because initramfs doesn't load the LVM2 module properly. How do I tell initramfs to load this module?
<shsek> I did a stupid mistake and removed initfsram-tools, which caused lots of issues, but most of them are fixed by now. I'm pretty sure the issue right now is LVM not being loaded
<qman__> shsek, have you run update-grub since fixing your other problems?
<qman__> that'll regenerate your initramfs
<alvin> shsek: Are you using a mirror?
<shsek> qman__, yes, and I also ran update-initramfs -uv
<shsek> alvin, a mirror?
<alvin> raid1
<shsek> I'm not quite sure. I have a bash chrooted to
<shsek> I'm not quite sure. I have a bash chrooted to to my machine from rescure mode, how can I check it?
<alvin> cat /proc/mdadm
<alvin> If the file does not exis, you're not using mdadm
<alvin> If you have one, you should probably know, so that's not the cause of your problem.
<shsek> alvin, it doesn't
<alvin> shsek: What ubuntu version is that?
<shsek> 9.10, the server version
<alvin> Ah, ok. I've had mayor troubles with that version. Couldn't find root on several servers.
<alvin> It's better in 10.04
<alvin> See bug 360378
<uvirtbot> Launchpad bug 360378 in linux "Gave up waiting for root device after upgrade then busybox console" [High,Confirmed] https://launchpad.net/bugs/360378
<shsek> my root filesystem is mountable from both the rescue mode and from a live-cd after installing lvm2, running vgchange -ay and mounting /dev/mapper/kelso-root
<ewook> alvin: I had the same problem.
<ewook> nasty one that.
<shsek> but in the BusyBox initramfs is giving me (after failing with "/dev/mapper/kelsor-root does not exists") I don't seem to have "lvm", "lvm2" or "vgchange"
<shsek> from what I read, I should have it there
<shsek> it was all caused by me being stupied, I removed (via apt-get) initramfs-tools, which deleted a bunch of other stuff
<shsek> I reinstalled grub and my kernel since
<shsek> well, not me, someone from ##ubuntu helped me with it
<shsek> but currently it seems like it all works, other than LVM not loading well for initramfs
<alvin> I'v always had that problem on karmic. I just rebooted the servers a few times until the root device was found.
<alvin> grub2 has difficulties with lvm
<shsek> I've looked around and saw that people can usually use vgscan/vgchange manually from BusyBox, fix what's needed and than run it normally - but I don't seem to have those commands there at all (I do have them from the live cd, and I am able to mount in that way from there)
<shsek> hmm, I used to have grub-legacy that was updated (but the one from ##ubuntu that helped me) to grub2
<alvin> Those difficulties will be fixes in maverick. Maybe there'll be backports. Booting Ubuntu is a wonderful experience. Blazingly fast, beautiful background, but hit-and-miss. btw, is the lvm2 package installed?
<shsek> could reverying to grub-legacy do any good ?
<shsek> yes, lvm2 is installed
<alvin> shsek: Couldn't hurt to try. I think you have a chance there. It could be grub, or it could be mountall.
<shsek> where would I look for logs and more information in cases like those?
<qman__> I've been having a rough time with lucid in general, which is why I'm keeping karmic on my desktop
<qman__> it runs great and I'm not messing with it
<shsek> obviously I won't find it in /var/log/messages or syslog, as the filesystem isn't getting mounted at all
<alvin> shsek: Karmic doesn't have logs. Lucid has /var/log/boot.log, but on the whole it's not very usefull. Try removing quiet and splash from /etc/default/grub and run update-grub
<alvin> boot logging is on the todo list
<shsek> alvin, well, I wouldn't have any logs at all, it can't mount my filesystem, how can it save anything to it?
<alvin> Oh, did you try rootdelay?
<alvin> shsek: That's only logic :-)
<shsek> alvin, I read about it, but before I'm getting that error I'm waiting for quite a long time (5 minutes) before I get the error
<shsek> so I assumed it isn't what causing it
<shsek> but at this point I'll try anything
<shsek> alvin, I should set GRUB_CMDLINE_LINUX_DEFAULT to an empty string ?
<alvin> Did you try rebooting a few times? That used to be my workaround.
<alvin> yes, or add rootdelay=50 for example
<alvin> then update-grub
<shsek> I've rebooted for quite a few time
<shsek> hmm, so just add rootdelay and keep quiet and splash?
<alvin> How is your root drive listed in /etc/fstab?
<qman__> no, remove quiet and splash
<alvin> no, remove quiet and splash
<shsek> heh
<qman__> that's something I do on every server anyway
<qman__> it really should not be the defaults
<alvin> Agreed
<shsek> what does it mean ?
<qman__> quiet splash hides all the important messages
<alvin> It means: 'hade all scary information from me'
<qman__> for a "pretty" but un-troubleshoot-able experience
<shsek> alvin, its listed by the UUID, but the comments says it was /dev/mapper/kelso-root during installation
<alvin> Change it back to /dev/mapper/kelso-root
<shsek> Sorry, I clicked some weird keyboard shortcut that closed the window
<alvin> shsek: Might be this bug 563117
<uvirtbot> Launchpad bug 563117 in ubuntu "Release upgrade converts /dev/mapper entries in /etc/fstab to UUID" [Undecided,Confirmed] https://launchpad.net/bugs/563117
<shsek> okay, so I removed quiet and splash, added rootdelay=50, ran update-grub and changed it from UUID to /dev/mapper/kelso-root
<shsek> should I reboot it now or there's something else I could do/check from rescue mode ?
<alvin> reboot and report back. I'm thinking about checking UUID somewhere, but can't find it
<shsek> alvin?
<shsek> okay
<shsek> "ALERT! /dev/mapper/kelso-root does not exists. Dropping to a shell!"
<shsek> same as before
<shsek> hmm, from what I read around the internet, on that shell initramfs is dropping me into I should be able to use the 'lvm' command, yet, I can't
<shsek> doesn't it mean it doesn't get loaded?
<cn1109> hello. I'm unable to view my php pages. I have apache2 and php installed and at first I was able to view php pages just fine. Now I'm unable. Tried removing, restarting the server, installing php again. No luck
<shsek> cn1109, define "unable to view"?
<shsek> you get the source and they aren't processed? you get an error from apache? it doesn't connect to apache? blank pages?
<shsek> alvin, hmm, my chanegs doesn't seem to effected grub, in dmesg I see "Command line: BOOT_IMAGE=/vmlinuz.2.6.31-22-server root=/dev/mapper/kelso-root ro quite splash"
<shsek> s/quite/quiet
<alvin> Hmmm. Did you ran update-grub?
<qman__> do you have a separate /boot partition?
<alvin> Yes, you did
<shsek> qman__, yes, I do
<shsek> /dev/sda5
<shsek> IIRC
<qman__> make sure it's mounted in your chroot when you run update-grub
<shsek> okay, I'm rebooting back into rescue mode to do it
<alvin> shsek: Also make sure your karmic is up-to-date. There was a bug with separate /boot
<shsek> alvin, just apt-get update+upgrade ?
<alvin> sudo aptitude update && sudo aptitude full-upgrade is what I do
<cn1109> shsek: Just a blank page. No errors on the error log for apache
<cn1109> cn1109: Removed php5 and installed it again. restarted the server. no luck
<shsek> cn1109, can you access static files?
<cn1109> shsek: Removed php5 and installed it again. restarted the server. no luck :) Sorry.
<cn1109> shsek: Yes I can
<shsek> alvin, nothing to upgrade, it just wants to remove libntgs-3g54
<shsek> qman__, alvin, okay, I mounted /boot and ran update-grub - it seems okay now, it wrote "Found linux image" and "Found initrd image" which it didn't before
<alvin> Well, I'm out of options. You should check if the UUID from $ sudo blkid is the same as the one grub uses, and redo the update-grub if it still lists quiet and splash. Other than that, I'm out of options. I muast say that I never booted Jaunty/Karmic reliably. The situation in Lucid still has bugs, but is a log better
<alvin> ah
<alvin> reboot :-)
<qman__> that would definitely break things
<shsek> cn1109, are you sure php files aren't being served without being processed? check the source of your page, it might seems blank but there's acutally PHP code there
<qman__> cn1109, also try creating a .php file containing only html, and a .php file with only <?php phpinfo(); ?> in it
<cn1109> shsek: Source of the generated page is blank.
<qman__> if neither works it's most likely a problem with apache, if the first works and the second doesn't it's more likely a problem with php configuration
<cn1109> qman__: even with plain html code I get the same issue
<shsek> cn1109, can you check the status code returned by Apache? you have Firebug installed maybe? if you look in the Net tab you can see it.
<shsek> alvin, where can I see the UUID grub is using?
<qman__> cn1109, what method did you use to install php?
<shsek> oh, you said to reboot, never mind that
<cn1109> qman__: apt-get install php5
<shsek> okay, it is more verboose now
<shsek> Begin: Waiting for root file system...
<cn1109> shsek: Firebug returns nothing at all. Even with chromes dev tools. nothing
<shsek> I still get the same error afterwards
<shsek> cn1109, this... makes no sense. Are you looking in the Net tab? you don't see the request there?
<shsek> you need to refresh after activating the new tab
<shsek> * net
<shsek> qman__, alvin, in order for it to mount from /dev/mapper/, what modules should be loaded?
<shsek> all I have in /proc/modules is floppy, sis900 and mii - is that normal?
<cn1109> okay. I get 500 Internal Server Error
<shsek> cn1109, and you're sure there's nothing in apache's error log?
<cn1109> shsek: It seems that while someone HERE is trying to resolve the problem. The file owner changes to their username. It only works if the file owner is set to root
<shsek> its odd you're getting a 500 error and a lank page
<shsek> * blank
<shsek> cn1109, it only works if the php file owner is root ?
<cn1109> shsek: I thought so. Not sure now. One sec and I'll make sure
<alvin> shsek: grub2 needs to have the lvm2 (or is it called lvm?) module loaded.
<alvin> But I'm really out of options here. I struggled with this until Lucid was released. Booting karmic has always been broken in my use cases. (root on lvm)
<shsek> alvin, and how do I tell it to load lvm?
<alvin> Well, you have to go into the grub shell during boot
<alvin> so, that's before it starts searching for root
<alvin> (ram shift until grub appears)
<pwnguin> i wish we had a better merge strategy for etc files
<alvin> Then I forgot. There's a grub2 livecd/rescue thing project with good documentation.
<cn1109> shsek: Here's the error http://pastie.org/1089029
<pwnguin> cuz merging this php5 conf file is crazy
<shsek> cn1109, ps aux | grep apache - what user is running it?
<alvin> shsek: Check /boot/grub/grub.cfg. See if the UUID is correct
<shsek> cn1109, assuming its www-data, which is the default, run chown -R www-data /var/www/
<shsek> alvin, from rescue?
<alvin> anywhere
<shsek> I don't seem to have it from busybox
<shsek> oh, wait, I could probably mount it
<shsek> alvin, it uses /dev/mapper/kelso-root as far as I can tell
<alvin> I think that's good
<shsek> alvin, I don't quite understand - if grub isn't loading the LVM2 module, isn't this a simple matter of telling it to load it?
<alvin> shsek: I'm not sure it's not loading it. You can do it manually from the grub shell if you want to be sure. (grub shell, not busybox)
<cn1109> okay. Sounds bad but it's a fix. I added the user who creates the files to www-data group
<shsek> alvin, how do I get to the grub shell than ?
<alvin> ram shift until the grub menu appears at boot
<alvin> There's an option there
<shsek> ram shift?
<alvin> hit the shift button :-) I never succeed on the first try
<alvin> reboot, and hit shift until the menu appears
<shsek> hmm, it got to "beging: waiting for root file system"
<alvin> You have to hit shift at the right moment. It's before the error message, just after your BIOS messages
<shsek> there we go
<alvin> (You can also disable the hidden menu in /etc/default/grub)
<shsek> hmm, its grub 1.97~beta4
<shsek> that isn't good, is it?
<alvin> I suppose so. I have 1.98 on Lucid
<shsek> oh, I thought 2 is out
<alvin> (Yes, it's beta software)
<shsek> why is it called grub2 if its grub 1.97?
<alvin> no, it's called grub2, but it's still in beta
<alvin> because it's actually 'almost 2'
<shsek> okay
<alvin> Your troubles are proof of the beta status.
<shsek> so I got into grub command line, what should I do now ?
<alvin> insmod lvm
<seicherlbob> can someone help me out with kvm? its running and i get vnc control, but i get no network connection in or outbound. I have br0 configured to bridge eth0, but all i get on outbound ping from the guest is: martian source $hostIP from $guestIP, on dev tap01
<shsek> my troubles are proof of me being very foolish abd removing initramfs-tools :-)
<alvin> shsek: I think you have set that error right
<shsek> alvin, okay, I loaded lvm, how can I tell it to continue?
<alvin> I'm looking at some docs:
<alvin> set root=(lvm_group_name-lvm_logical_boot_partition_name)
<shsek> so set root=kelso-root ?
<shsek> kelso being the machine name
<shsek> its usually located at /dev/mapper/kelso-root
<alvin> /dev/mapper/kelso-root
<shsek> okay, so set root to the full path to it?
<shsek> what's next? how can I tell it to continue?
<alvin> I don't know actually. Can't remember. Try boot?
<shsek> I ran 'insmod lvm' and 'set root=/dev/mapper/kelso-root', should I now tell it to go agead and boot?
<alvin> bug 385428
<uvirtbot> Launchpad bug 385428 in grub2 "grub2 boot from lvm Auto-detection of a filesystem module failed" [Undecided,Incomplete] https://launchpad.net/bugs/385428
<shsek> error: no loaded kernel (after 'boot')
<alvin> bah
<alvin> ah, initrd
<shsek> error: no module specified
<alvin> linux /vmlinuz26 root=/dev/mapper/VolumeGroup-root ro
<alvin> initrd /kernel26.img
<alvin> Then boot. Maybe insmod ext2 (or ext4?)
<alvin> The bug says to use grub-mkdevicemap, then update-grub (in rescue mode)
<shsek> hmm, error: no such disk
<shsek> for 'linux /vmlinuz26 root=/dev/mapper/kelso-root'
<shsek> alvin, maybe its not vmlinuz26
<shsek> s/$/?
<shsek> alvin, ?
 * shsek making coffee, brb
 * shsek has no idea what fixed it, but it seems to work now!
<tucemiux> anyone knows how to force ubuntu to get a new IP?
<tucemiux> im using tomato
<tucemiux> forget it,i found it
<shsek> alvin, qman__, thanks a lot for your help!
<bcomp> does anyone know a good video steaming server?
<bcomp> preferably with a classy php interface
<bcomp> ...
<uvirtbot> New bug: #426979 in mailman "Mistakes in mailman strings." [Undecided,In progress] https://launchpad.net/bugs/426979
<sponzor> i did i fresh install. raid1 and it wont boot. it sas init: ureadahead-other main process (780) and (805) terminated with status 4
<sponzor> what should that mean?
<bcomp> does anyone know a good video streaming server?
<raubvogel> During a new server install, how can I tell it to use a different package source (my internal one in this case)?
<bcomp> in the bios?
<raubvogel> bcomp: was that reply to my question?
<bcomp> yeah
<bcomp> do you have the package source on your server's hard drive?
<raubvogel> I meant that once ubuntu is installed I can go to /etc/apt/sources.list and specify the   fqdn for the servers I want to retrieve packages from. What I would like to do is to set that up during a fresh install
<raubvogel> bcomp: BTW, i guess I probably meant repository
<bcomp> most repositories come with the install
<bcomp> are you talking about adding additional repositories?
<raubvogel> bcomp: I setup an internal repository and would like to use it instead of one of the normal ones.
<bcomp> ah can't say I know how to do that
<Hypnoz> trying to write a script to see if lines in File1 are present in File2 http://dpaste.de/T04e/
<Hypnoz> it appears to be flaky, any suggestions from someone who knows bash scripts better than I do
<jldugger> i think a firewall is blocking snmp traffic
<pwnguin> is there a way to query ufw?
<PascalFR> !wiki ufw
<pwnguin> Status: inactive
<raubvogel> During the ubuntu server install, when it asks whether I want to install openssh (and other crap), is it retrieving those files from cd or repository?
<pwnguin> ERROR: Description/Type table : No response from remote host
<pwnguin> ./check_snmp_storage.pl -H host  -C pword -m / -w 90 -c 95 --v2c
<pwnguin> for some reason i get that unless i change the host IP to localhost
#ubuntu-server 2010-08-13
<arrrghhh> so i've mounted a nfs share at /tmp, but not i can't umount it.  says device is busy - probably because it's /tmp... i can't even umount it with -f, what else can i do?
<patdk-lap> kill any programs using /tmp :)
<arrrghhh> patdk-lap, none should be at present...
<patdk-lap> verify with lsof?
<arrrghhh> i just did...and there are some .nfs files open
<arrrghhh> from .python.b
<arrrghhh> how do i know what process to kill tho?
<arrrghhh> patdk-lap, i can't kill all of the .python.bin processes...
<patdk-lap> reboot? :)
<arrrghhh> hahaha
<arrrghhh> yea i guess so
<arrrghhh> this is a 'production' server so i was hoping to avoid that...
<patdk-lap> heh
<uvirtbot> New bug: #611769 in eucalyptus "Can't create volume from snapshot with different size" [Undecided,Fix committed] https://launchpad.net/bugs/611769
<rcsheets> Standard Cloud Add-On - 1 Year: $350.01
<rasengan> Anyone have an issue with pptpd GRE+ppp checksum errors?
<mewsic> trying to setup vsftpd. can anyone help?
<mewsic> help with server
<mase_wk> mewsic: sure we are in here to help, but you need to provide us with specific problems that your having
<MikeGuo> hi,
<MikeGuo> everyone. I got a UEC issue.
<MikeGuo> I can't register my node.
<twb> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<MikeGuo> and I found people have same problem with me.
<MikeGuo> there is bug:https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/598186
<uvirtbot> Launchpad bug 598186 in eucalyptus "Unable to register nodes in eucalyptus" [Medium,Incomplete]
<MikeGuo> is there other people got this issue too?
<MikeGuo> thanks
<alex88> what is file /proc/user_beancounters? and where are the current values of that things?
<twb> alex88: it's OpenVZ's exposure of resource limitations stats
<alex88> twb: thank you, but there are the limits..where i can see the current values? i have some fails in tcprcvbuf and tcpsndbuf
<twb> The limits are configured in /etc/vz/conf/N.conf
<alex88> is anything i can do with those buffers? i just download from my home when i get those errors
<twb> alex88: ask #openvz.  I don't really feel like dealing with openvz stuff.
<alex88> oh...sorry :) thank you
<uvirtbot> New bug: #617237 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/617237
<WalterN> for some reason apache is not saving the log files...
<\sh> WalterN: hmm? elaborate? :)
<WalterN> using the same configuration as with 9.10
<WalterN> with virtual hosts
<binBASH> moin
<\sh> hey binBASH
<WalterN> hmm.. lemme pastebin the config file
<binBASH> Hi \sh ;)
<alex88> paste somewhere :)
<demon1981> hi all)) how I can determin frequency of my graphic card on my 10.04 without X server?
<alex88> demon1981: look at manifacturer specs :)
<demon1981> alex88: I dont know what video card I use:)
<alex88> lspci?
<WalterN> http://pastebin.com/gq8THFcV
<WalterN> where pool is a RAID5
<WalterN> it worked fine is 9.10 and on a single disk (didnt have RAID st up at the time)
<alex88> WalterN: tried /var/log/apache2/error.log?
<alex88> it shows startup errors
<WalterN> checking
<demon1981> I have that in dmesg
<demon1981> [    4.702355] [drm] nouveau 0000:02:00.0: Detected an NV50 generation card (0x0a5000a2)
<demon1981> may be its nvidia
<demon1981> how I can determ model of card?
<alex88> demon1981: i told lspci not dmesg
<demon1981> ups
<WalterN> alex88: oh, it says it cant open /media/pool/website/error_jewelcreekkennels.com.log. Unable to open logs
<alex88> WalterN: look why..can you access with root?
<alex88> like touch /media/pool/website/error_jewelcreekkennels.com.log
<alex88> look also at fstab permissions for the drive
<WalterN> I chowned the drive I thought
<WalterN> maybe I should have -R ?
<alex88> sure
<WalterN> heh, that did it
<demon1981> my card is GeForce 02:00.0 VGA compatible controller: nVidia Corporation GT216 [GeForce GT 220] (rev a2) very likely driver nouveau is used. How I can determine the frequency of output signal?
<WalterN> strange though, why would I need to own the directory that its saving the log to?
<WalterN> not sure who the owner was before, but could save anything I wanted before
<WalterN> hmm, since I'm talking about it, what is a good website log viewer/analyzer thingy program?
<\sh> webalizer / awstats / analog /modlogan it depends on your needs
<WalterN> hobby server
<\sh> webalizer
<WalterN> as in, I dont know what I need :P
<alex88> demon1981: you main monitor refresh?
<alex88> WalterN: no, that not important...btw try to set log to debug in apache.conf, or ask in #httpd :)
<alex88> gtg now
<soulstar> hi, I'm having a problem setting up a router
<soulstar> can anyone help?
<WalterN> soloslinger: what kind of router, and for what?
<soulstar> i'm setting up my computer to serve as a linux router
<soulstar> i have ubuntu 10.04 installed
<WalterN> oh, donno XD
<WalterN> I could help with dd-wrt though :)
<WalterN> which is not what you are using or want to use, so nevermind
<soulstar> I'm using openwrt on my wireless routers...
<soulstar> which I don't have a problem with
<eagles|work> hey guys
<eagles|work> my question is this.
<alex88> soulstar: what you want to have?gateway?
<eagles|work> i have  my modem connected to a router and the router is getting dos'd is it possible to black list the ips on my server so they cant flood the server again?
<alex88> eagles|work: you have firewall? how are you'r linux skills?
<qman__> eagles|work, yes, but it's even easier/better to use iptables recent
<qman__> it'll dynamically block addresses that are spamming
<eagles|work> qman__:  and alex88 i have iptables setup
<eagles|work> would you like a pastebin of the iptables -L output
<alex88> i use csf, and is awesome for ddos, bruteforces etc
<alex88> try it
<qman__> http://www.ducea.com/2006/06/28/using-iptables-to-block-brute-force-attacks/
<eagles|work> i have in the past but had mixed feelings about it
<qman__> that example is for ssh, but can be used for any type of traffic
<qman__> it'll significantly reduce the impact of the DoS while not cutting off service entirely
<alex88> eagles|work: i've always been fine with that..
<eagles|work> qman__: someone pointed out somethign valid though even though the server is secured the router and my incoming connection will still be getting flodded
<qman__> eagles|work, the way this works is, the server will simply drop packets being spammed in
<qman__> so the DoS would have to have so many resources that only the single incoming SYN packets can max your line
<qman__> and if that's the case, there's nothing you can do about it
<eagles|work> ya im in the process of setting up another server as a dedicated firewall
<eagles|work> qman__: would snort help mitigate those kinds of attacks or not really
<qman__> no
<qman__> snort is an IDS, it has no effect on this sort of thing
<qman__> it will simply tell you what is happening
<eagles|work> ok
<qman__> if the attacker can flood your line with SYN packets, there's nothing you can do on your end
<qman__> contact your ISP
<qman__> see if they can help
<qman__> but, if they're only succeeding with the full handshake, a proper firewall will reduce the impact
<WalterN> I should set up email sometime soon
<eagles|work> qman__: im getting flooded with udp packets
<qman__> eagles|work, is your server dropping them, or rejecting?
<qman__> dropping is what you should be doing
<alex88> reject will just generate more traffic
<qman__> and if you are, that's all you can do
<eagles|work> qman__: i have a router in between the outside and server
<qman__> irrelevant
<alex88> if the router can handle all the packets
<eagles|work> and the router is just stopping the floods
<qman__> well, it doesn't really matter where the packets are getting dropped, as long as they're getting dropped, and not rejected
<qman__> that's all that can be done from your end
<eagles|work> ya
<mase_wk> thats not exactly true, if you can get someone else upstream to drop them for you :)
<eagles|work> hehe
<qman__> exactly my point, nothing else can be done on his end of the line
<eagles|work> well i am in the process of setting up a dedicated firewall machien with 2 nic's
<qman__> call the ISP, get them to help
<mase_wk> yeh
<mase_wk> or get the ip address, fly to their location and punch em in the face
<eagles|work> ya i am waiting to get an email back with contact number
<WalterN> meh
<WalterN> just launch ICBM with IP seeker firmware installed
<WalterN> make sure its not pointing to lo ;)
<qman__> only two approaches there, get the ISP to drop the packets, or give you a fatter pipe
<twb> IP address doesn't incidate elevation, which is critical for a targeted ICBM strike
<twb> *indicate
<mase_wk> qman__: i get hundreds of emails a day offering me a fatter pipe... =)
<WalterN> twb: a contact fuse would work, though yeah.. elivation would make it more ideal :P
<WalterN> elevation*
<eagles|work> qman__: whats funnier if you look at the internal ip which is assigned by router dhcp
<eagles|work> the ip they are attacking is the ip of my laptop
<twb> So, fun fact that I learned today
<twb> If localhost doesn't resolve, hardy won't enable NFSv3
<twb> It'll silently fall back to NFSv2
<eagles|work> i have another question related to this if im setting up a firewall machine that will take the incoming connection on one nic route it to the 2nd nic and the internal network
<eagles|work> do i need to put the proxy on the server hosting the website or on the firewall server?
<twb> "routing" isn't done by a firewall
<eagles|work> twb: i know but one of the nic cards in this other machine will be directly connected to the external connection
<eagles|work> the other to the internal network
<eagles|work> my question is more on which machine should the proxy be
<eagles|work> the one that has the firewall
<eagles|work> or the server on the internal network
<twb> proxy for what?
<eagles|work> web proxy
<eagles|work> like squid
<eagles|work> as well as i want to provide some content filtering
<twb> If you're masquerading and not using -j TPROXY or -j DNAT, you'll need a proxy on the masquerading device.
<eagles|work> !masquerading | eagles|work
<twb> Er, that is, for exposing a local service to the internet.
<eagles|work> gotcha
<twb> If you're just talking about providing a conventional caching HTTP proxy to browsers on the local network, squid can be deployed anywhere
<eagles|work> twb: this is going to need to be on the masquerading device as its also access by people on the outsdie
<eagles|work> would content filtering go on the masquerading device too
<twb> Filtering of what content, from whom?
<eagles|work> twb: like porno graphic content etc
<eagles|work> from the internal network
<eagles|work> im at a clinic and im working on providing wifi to the whole place
<eagles|work> wifi with content filtering
<eagles|work> btw qman__ if your interested this is the router security log http://pastebin.com/Yhzg3wWx
<twb> Unless you're operating a "default deny" policy, you won't block pornography.
<eagles|work> not even if i use dansguardian
<twb> Let me rephrase: you won't block ALL pornography.
<eagles|work> its better most then nothing
<twb> Well, I can't comment on "most", but if that's your position then by all means adopt a "defalt allow" and a blacklist.
<eagles|work> arent there some web based content filter where you tell the filter certain keywords are blocked etc
<qman__> yes, but they're quite terrible and only marginally effective
<qman__> nothing wrong with the software itself, the idea is flawed
<eagles|work> ok
<qman__> whitelisting is the only truly effective way
<eagles|work> ok but using what something like dansguardian
<twb> AFAIK dansguardian is just a blacklist and a squid hook.
<eagles|work> twb: ok
<eagles|work> and i officially hate my isp
<eagles|work> they giving me the whole rubbish of they cant ddo anything
<eagles|work> and only thing i can do is on my end with a firewall
<eagles|work> and if they continue to contact the police
<twb> qman__: the other one that screwed me at a prison was that they whitelisted google --- which happens to include all google's "cached page" pagse
<qman__> yeah...you need to be a lot more specific than that
<twb> Really the problem is the prison staff can be... not too bright
<huats> morning
<eagles|work> hey guys is it possible for a multicast to flood a connection?
<froud> dual nic. eth0 and eth1. eth0 connects to public internet. eth1 connects to GSM router. GSM router has Port Forwarding to eth1. eth0 has a gw defined, eth1 does not. ip_forwarding is enabled. If I ping eth1 from the GSM network I get answer,.if I ping eth1 from the GSM network I get no answer. Anyone good with routing that can help?
<_ruben> woah .. rereads it a couple of times
<froud> lol
<_ruben> how about a nice diagram? ;)
<eagles|work> froud: you have a router involved in ur setup
<eagles|work> and u want one nic directly on the internet right
<froud> eagles|work: yes eth0 is on the internet
<froud> eth1 connected to a BR970 GSM router
<_ruben> weit .. your message is wrong: you're saying that pinging eth1 from GSM network does both work and not work
<eagles|work> well u could connect eth0 to the router
<_ruben> s/weit/wait/
<eagles|work> but then put eth0 on the dmz of the router directly exposing it to the net that way
<_ruben> and also quite importantly: what are trying to achieve?
<froud> okay here goes slowly
<froud> eth0 <-> eth1 <-> GSM
<froud> eth0 is public and available
<froud> I can ping it
<eagles|work> froud: you want to route traffic from 0 to 1
<froud> eth1 is connected to a switch port on the GSM router
<eagles|work> froud: man route btw might help
<froud> GSM router SIM gets IP 10.0.0.1
<froud> Eth1 got 192.168.1.2
<eagles|work> you are on entierly different subnets for one
<froud> On GSM host at 10.0.0.3 I can ping 10.0.0.1
<froud> but I cannot reach 192.168.1.2
<eagles|work> eth1 needs lets say 10.0.0.0.4 for example
<eagles|work> froud: the ip is on a differrent network segment all together
<eagles|work> brb from laptop
<froud> eagles|work: yes but the subnets are joined by router GSM
<froud> eth1[192.168.1.2] - GSM ROUTER - 10.0.0.1
<eagles0513875> back
 * eagles0513875 shakes head froudeth1 has to be a 10.0.0. ip though
<froud> eagles0513875: why the B970 does routing
<froud> If I route add default gw 192.168.1.2 to the server I can ping eth1
<froud> from 10.0.0.3
<_ruben> does the gsm router have a router for 192.168.1. network and does your machine have a route for the 10.0.0. network ?
<froud> but then I will lose the eth0
<eagles0513875> humm
<_ruben> have a route meant
<_ruben> i meant
<_ruben> geesh, must be friday
<froud> _ruben: default admin interface of router is 192.168.1.1
<froud> I think what I need to do is add some route that will send traffic detined for 10.0.0.0 via eth1 and not eth0
<froud> but I am not sure how
<froud> my route knowledge is not that good :-)
<_ruben> ip route add 10.0.0.0/24 via 192.168.1.1 dev eth1
<froud> invalid argument
 * froud goes to pastebin
<alex88> oh..is there a ip command? i've always use route directly..
<oCean_> ip is from 'iproute2', you could even add additional routing tables/rules
<alex88> oCean_: i've seen the help..is a more complete command including also route
<alex88> if i've seen right
<froud> _ruben: http://pastebin.com/gdX2tUXn
<froud> eagles0513875: http://pastebin.com/gdX2tUXn
 * froud needs to step away for 5 mins, nature, brb
<AlexC_> morning
<AlexC_> when setting up a chroot for SSH, it all seems very, very mesy. I mean - what happens when updates come in for the files you've had to copy across into your chroot?
<AlexC_> I can't think of any sane way for a sysadmin to monitor which files and copy the new ones over. Surely there has to be a simpiler way, such as with SSH using SFTP - you can simply use the internal-sftp and chroot users, done.
 * eagles0513875 loves sftp so easy to setup compared to ftp
 * froud is back
<AlexC_> indeed, FTP shouldn't be used really - such a crap protocol. However, that's a different discussion :P
<eagles0513875> ya sry
<eagles0513875> never worked with a chroot much AlexC_tbh so i dunno what to tell ya
<eagles0513875> dealing with my own issues atm here at work
<AlexC_> it's quite shocking really that such thing is so ... complicated to do, really
<\sh> AlexC_: why copy? hardlinking is a good way to go
<\sh> or softlinks if that works...
<AlexC_> \sh: hum, all guides/references that I've seen said to copy. I didn't think it was possible to link them due to the path changes
<AlexC_> to a person not in a chroot, the links will work. But how would it work for a user in the chroot if they can't access above their chroot, which is where the real files would be
<a_ok> is ther a known problem with logrotate in ubuntu 8.04 or am I mistaking in my configuration?
<AlexC_> a_ok: how do we know you're making a mistake, when you tell us no problem?
<a_ok> the files seem to be created with different rights (at random) and it does not seem to rotate daily properly
<a_ok> AlexC_: http://pastebin.com/BXVQx3Hi
<a_ok> AlexC_: as you can see /var/log/mail.log.6.gz modified date is wrong (checkt the content and it has entries of 1-8)
<AlexC_> a_ok: not sure, only thing I can think of - is there another logrotate script using the same file?
<a_ok> checked the configuration
<a_ok> no duplicates
<a_ok> AlexC_: there is only one logrotate installed. is there some other package that does rotating (perhaps sysklogd???)
<a_ok> and why is there an uncompressed file called /var/log/mail.log.0 ?
<AlexC_> a_ok: that's normal, it'll become .1.gz upon next rotate
<AlexC_> a_ok: however, one thing - why do you want your log files writable?
<AlexC_> 440 would do me
<a_ok> but today its the 13th, and last change on mail.log.0 is the 8th...
<AlexC_> ah, simple
<AlexC_> your server has become aware it is 'Friday' and also the '13th'. Therefor, let it run wild and see what happens tomorrow
<a_ok> lol
<a_ok> AlexC_: don't need it writable actually in this case as syslog writes to it but its the default setting for all my logfiles
<a_ok> be right back
<\sh> AlexC_: regarding http://ulf.zeitform.de/de/dokumente/sshchroot.html you can use hardlinking without any problems (sorry is in german but I think google will help to translate ;))
<AlexC_> \sh: interesting, thanks :)
<uvirtbot> New bug: #617127 in eucalyptus "CacheConcurrencyStrategy should be READ_WRITE and not TRANSACTIONAL" [Undecided,Fix committed] https://launchpad.net/bugs/617127
<demon1981> Hi! Where I can look for kernel boot param line in grub2?
<a_ok> AlexC_: there are some default settings in logrotate.conf (the toplevel config file instead of stuff in logrotate.d) like a weekly rotate and keeping it for 4 weeks
<a_ok> could that be the problem
<a_ok> demon1981: /boot/grub/grub.cfg
<a_ok> AlexC_: I noticed that the day's that are off are all sunday's
<a_ok> its like it does not rotate those files
<demon1981> a_ok: grub.cfg seems as script file. how I can compile from it result params string? is it possible?
<a_ok> demon1981: erm its just a config file. if you scroll down a bit you should see the kernel line
<a_ok> no compilation
<demon1981> a_ok: I dont see here video params Where I can take those params? I want to decrease framebuffer frequency linux   /boot/vmlinuz-2.6.32-21-generic-pae root=UUID=c8b6c463-c05f-4f76-9a17-3d6d5b282d95 ro quiet initrd  /boot/initrd.img-2.6.32-21-generic-pae
<demon1981> a_ok: this is line from /etc/grub/grub.cfg
<a_ok> those are two lines i think
<a_ok> you can edit the line starting with:  linux   /boot/vmlinuz-2.6.32-21-*
<demon1981> a_ok:yes. it's 2 lines. if in kernel options we dont see video options then those options takes from other place. From what conf are they  takes? (I use nouveau framebuffer)
<hggdh> <yawn/>
<Daviey> hggdh: GOOD MORNING!
<Daviey> hggdh: Thanks for your email last night.
<hggdh> Daviey: Good morning
<Daviey> hggdh: How are you this fine day?
<hggdh> Daviey: so far I am fine... and I hope I will be able to find out what gives on the test rig
<Daviey> hggdh: I have a PPA package enroute, but also expecting a new code drop to resolve a potential registration issue
<hggdh> Daviey: right now I will try anything ;-)
<Johnnyx> hey guys package dovecot-postfix contains full mailserver ready to run ? some kind of easy pack to install? am i right?
<zul> morning
<uvirtbot> New bug: #617053 in eucalyptus "on upgrade from 1.6.2, euca_upgrade should preserve DISABLE_ISCSI="Y"" [Medium,In progress] https://launchpad.net/bugs/617053
<hggdh> hey Daviey, what was the URL for the wget on wrappers.conf?
<hggdh> cannot find the email :-(
<uvirtbot> New bug: #617380 in munin (main) "Add apt_ubuntu plugin" [Undecided,New] https://launchpad.net/bugs/617380
<Daviey> hggdh, Ah, you are back - i just mailed you the wget line
<hggdh> Daviey: sorry, weechat had a moment here
<Daviey> hggdh, heh
<jetole_> Does anyone know how I can implement watchdog on Linux / Ubuntu Server and also find a list of which watchdog hardware is supported
<jdstrand> in order of request:
<jdstrand> hallyn, Daviey, soren: I uploaded libvirt 0.8.3-1ubuntu1 yesterday. this morning I uploaded 0.8.3-1ubuntu2 to fix a ftbfs on armel, but I'm not planning other uploads (excepting an emergency), so have at it
<Daviey> jdstrand, Super, i just wanted to test it - soren wanted to add a patch
<Daviey> Thanks jdstrand !
<jdstrand> sure :)
<Daviey> jdstrand, Have you documented the merge?  It seemed pretty intense?
<jdstrand> Daviey: in the changelog (as per standard practice)
<Daviey> Good Point Well Made.
<jdstrand> Daviey: most of those patches have comments at the top. I didn't write most of those, but tried to make them DEP-3 when I could find the history
<Daviey> jdstrand, Ok.. thanks.. i'll read the changelog
<jdstrand> Daviey: I also try to put in the changelog when I expect something to be able to be dropped, to help with future merges
<Daviey> jdstrand, We'll keep you! :)
<jdstrand> heh
<v00lcano> guys, I have a newly installed 10.04 machine and am trying to follow this guide: https://help.ubuntu.com/community/LDAPClientAuthentication however there are looooots of inconsistencies, for example it asks to restart nscd but I have no /etc/init.d/nscd, also my /etc/libnss-ldap.conf is missing and I can't seem to find it anywhere else (updatedb && locate), I've found a libnss-ldap.conffiles in doc, but that just mentions /etc/init.d/libnss-ldap. Is
<v00lcano> I know it's not a server-related issue, but someone in #ubuntu recommended I ask here since you guys might be more up to date on this matter
<sherr> v00lcano: there's a libnss-ldapd package. Might be something you want. There's also a libnss-ldap package ... a bit confusing. The fisrt appears to be a fork of the second.
<hggdh> Daviey: shouldn't eucalyptus-*-publication be stopped when you 'sudo stop eucalyptus'?
<hggdh> Daviey: and shouldn't they be started when you (later on) 'sudo start eucalyptus'?
<Daviey> hggdh, technically yes - i haven't tried that
<hggdh> Daviey: before I open a bug there -- can you try it?
<Daviey> hggdh, Hmm
<Daviey> yes i can :)
<Daviey> hggdh, I am prepairing an upload now btw
<hggdh> Daviey: also, what images did you use on your tests yesterday night (rather, today very early)? Current Maverick UEC ISO?
<hggdh> Daviey: cool!
 * hggdh awaits happily
<Daviey> hggdh, netboot, from archive.ubuntu.com
<Daviey> so whatever was in the archive at that time
<hggdh> Daviey: no, for the VM images
<Daviey> oh..
<Daviey> i used what was on uec-images.ubuntu.com
<jetole> Can anyone help me out with how I configure watchdog on ubuntu server?
<hggdh> Daviey: the dailies, then, correct?
<Daviey> hggdh, you expect, avahi-publish -s Walrus _eucalyptus._tcp 8773 txtvers=1 protovers=1.5.0 type=walrus ipaddr=10.0.0.100 <-- to be killed?
<hggdh> Daviey: yes indeed
<hggdh> wy publish something that is currently dead?
<hggdh> jetole: I never used whatdogs, sorry
<ssureshot> any experts on load balancing here today
<Daviey> hggdh, CLC avahi went - still waiting on Walrus
<jetole> ssureshot: depends. Whats your question?
<Daviey> hggdh, confirmed, walrus didn't go - this was on a CLC + Walrus box
<Daviey> CLC did die
<ssureshot> jetole: I have 2 servers setup and functioning with heartbeat / ldirectord all services set up that I need... My question is this.. When I turn on the backup load balancer first it doesn't transfer the server to the primary once it is turned on.. Is this normal?
<jetole> ssureshot: what is the backup load balancer?
<ssureshot> but if I turn the primary on first have the talking unplug primary services transfer accordingly and they transfer right back when I plug it back in
<ssureshot> jetole: ubuntu 9.10 server
<Daviey> hggdh, Hmm.. raise a bug - and i'll confirm it on a fresh box
<Daviey> hggdh, Feel free to assign it to me,. and i would say Medium priority.. agree?
<jetole> ssureshot: how are you load balancing though? Are you using ipvs, haproxy or something else?
<ssureshot> oh ipvs
<smoser> hallyn, around ?
<jetole> ssureshot: I don't know. I have been meaning to switch to IPVS for a few months, I currently use HAproxy however I would ask this question in... what was that room? One sec
<jetole> #linux-cluster
<hggdh> Daviey: hum. Low should be fine
<jetole> #linux-ha
<ssureshot> jetole: awesome thank you sir
<jetole> those two rooms are really good when it comes to IPVS
<jetole> ssureshot: no prob
<Daviey> hggdh, agreed
<resno> im planning on setting up a server to play with. what is the recommended intrusion detection software? snort? munit and mungin?
<zash> resno: I use sshguard i think
<jetole> resno: suricata
<aljosa> i can't find truecrypt in lucid althought there are gui tools for truecrypt available. any idea why truecrypt isn't available in lucid?
<resno> zash: heh you think ;)
<jetole> resno, used to be snort but afaik snort is... how do I put this? I guess snort isn't really being developed as actively anymore
<jetole> snort 3 seems to have been on the back burner for far too long
<resno> jetole: ah, darn out of date information :(
<jetole> resno: suricata is a fork of snort created by The Open Information Security Foundation
<jetole> resno: http://www.openinfosecfoundation.org/index.php/download-suricata
<jetole> resno: actually, not a lot of people really follow snort closely enough to care so some people, in fact most people will still recommend snort
<resno> i see. im curious to see how much of my playing will register on it, etc
<jetole> the current snort release is 2.8.6.1 and, if I remember correctly, almost two years ago 2.8 was still being used and if I remember correctly, almost 2 years ago snort 3 was announced as the upcoming snort
<resno> heh nice
<jetole> resno: Well with both snort and suricata, you can always create custom rules plus some of the best rules don't come from snort. I think bleeding edge rules is the big one
<jetole> I would use oinkmaster to download the snort rules and the bleeding edge rules and write a rule for anything you can find that doesn't register
<resno> jetole: this mainly will detect attacks not block them right?
<zash> resno: I thougt that was what it was called, and it was
<jetole> resno: well that depends on you
<jetole> both snort and suricata can be compiled as an IDS or IPS / detect or block
<jetole> the blocking is done via NFQUEUE via netfilter and iptables
<jetole> resno: but I would strongly recommend against blocking
<jetole> IPS can be very dangerous
<jetole> a false positive can block legitimate users
<jetole> it's better to do IDS and analyze the results
<resno> jetole: yes, ive read
<jetole> Also, with either snort or suricata, I would recommend the unified2 format and the barnyard 2 utility
<jetole> for front ends, you can look at BASE, Aanval or prelude prewikka
<resno> jetole: thats quite a bit of information to get me started :)
<kelt> what is wrong with IPS blocking legitimate users?
<jetole> kelt: It's too much work when you can just turn the server off to block legitimate users
<resno> lets just suppose i blocked myself, how would you get back in?
<jetole> I find the poweroff command is quicker and easier then bothering with rules if I don't want people to access a service I am running. Plus you have the wasted time of developing and running a service that you don't want anyone to access
<jetole> resno: afaik, the system works on a per match basis for example if you block fragmented packets and you send a fragmented packet then that packet is blocked however if you don't send a fragmented packet then it will go through
<jetole> thats in theoreom, clearly you will have more rules then that
<resno> oh ok
<mathiaz> kirkland: o/
<jetole> now if you wanted to have matches block all further attempts to connect then I would advise you look into the iptables/netfilter recent module
<kelt> jetole: IPS only blocks "bad" things not everyone like powering off a system would do
<jetole> for example, through iptables/netfilter, I can write a couple rules so that if I get 50 syn packets from a host in a minute then that host is blocked for an hour
<jetole> 10:54 < kelt> what is wrong with IPS blocking legitimate users?
<jetole> kelt: and no. An IPS blocks based on rules. If you have a rule which mis catagorizes a packet as an attack when that packet is really from a customer placing an order then you just lost a sale
<jetole> kelt: Just to be clear, legitimate users are people who should be there. If you are wondering whats wrong with blocking people who should be there then turn your server off and save yourself the time of setting it up in the first place let alone configuring an IPS system
<jetole> and kelt: "IPS is bad" is the widely agreed upon frame of thinking for any IT security professional in the industry. In fast in any company of the right size, you have levels of security analysts who look at records from IDS and promote it to higher levels if it is suspicious hence why they have options like that built into both free and commercial IDS systems
<uvirtbot> New bug: #617428 in samba (main) "winbind_cache.tdb corrupt" [Undecided,New] https://launchpad.net/bugs/617428
<jetole> "the right size": poor choice of words on my part. I meant any company that is profitable enough that they can afford to do security analysis properly
<jetole> bbiab: going for a smoke
<resno> jetole: so, even with these levels of ids, fail2ban is still important?
<kelt> jetole: if you have an attack that brings down your website that IPS could have prevented... then you lost 100 sales.
<patdk-wk> heh, jetole, you mean like vonage, when they contacted me to stop hacking them over port 123, when vonage was using my server for ntp
<jetole> kelt: if you have an attack that brings down your website that an IPS could have prevented then you have an attack that you are readily aware of that you did not patch or you are trusting 3rd party sites to supply IPS rules that you do not analyze so either you are not maintaining your servers in the first place or you are allowing for a high rate of false positives
<jetole> resno: I don't use fail2ban. If you are referring to ssh I run it on a alternate port and only use ssh keys as well as iptables rules to limit syn connections within allowed times so if I receive a certain number of syn packets consistantly to my ssh port then they are blocked at the firewall as well as that host from all further communication for the time I set in the recent module
<jetole> patdk-wk: that sounds like vonage
<patdk-wk> atleast the guy that called was helpful
<jetole> patdk-wk: why were they using your NTP server?
<patdk-wk> I dunno
<patdk-wk> they said they had a new admin setting up systems
<jetole> ha
<patdk-wk> and it sounds like they just left the default settings to use the pool.ntp.org
<jetole> makes sense
<jetole> you run a pool.ntp.org server?
<patdk-wk> ya, several
<jetole> ah that makes sense
<jetole> yeah, I use a default us.pool.ntp.org as one of mine
<jetole> after two nist ones
<patdk-wk> I never use nist
<patdk-wk> everytime I have checked it, I get horrible results from it
<jetole> well I have had good luck with ntp.org but it's user run
<patdk-wk> dunno if they fixed it recently
 * jetole doesn't know
<jetole> aside from ntp.org, who do you recommend
<jetole> ?
<patdk-wk> heh, well, back when I checked it, 5+ years ago, it felt like it was on a t1, with t3 amount of traffic attempting to use it
<jetole> dhcpd.conf: option ntp-servers time-a.nist.gov, time-b.nist.gov, us.pool.ntp.org;
<patdk-wk> I run my own ntp cluster
<patdk-wk> so all my servers us my own pool
<jetole> I don't know if thats the case now but I monitor NTP via nagios and I don't often get alerts but I don't know off the top of my head how thats checked
<patdk-wk> the cluster heads, use some static and pool servers to help round them out
<jetole> I gotta get back to trying to figure out how to use watchdog with a hardware timer in linux
<jetole> everywhere I have looked so far has directed me towards the software watchdog daemon
<jetole> :(
<patdk-wk> hmm, watchdog just worked for me, using an old scb2 motherboard :)
<jetole> Well I run a virtual cluster and want to set it up on the virtual machines but I had a bad experience once with a harware timer in a super micro board
<jetole> so I'm being cautious
<jetole> I know the watchdog package in ubuntu has nothing to do with physical watchdog
<patdk-wk> http://buttersideup.com/docs/howto/IPMI_on_Debian.html
<patdk-wk> all my watchdogs are ipmi
<patdk-wk> all my server motherboards are currently intel though
<jetole> afaik, this watchdog is PCI
<jetole> it is intel, one sec, looking for the page that desribes it again
<jetole> http://libvirt.org/formatdomain.html#elementsWatchdog
<jetole> If you scroll down to model
<jetole> 'i6300esb' â the recommended device, emulating a PCI Intel 6300ESB
<patdk-wk> oh, a vm watchdog
<jetole> well yes but it emulates the Intel 6300ESB
<jetole> so the vm guests see the Intel device
<jetole> patdk-wk: this looks promising: http://lkml.indiana.edu/hypermail/linux/kernel/0502.2/0908.html
<patdk-wk> heh, dunno
<patdk-wk> I haven't used kvm
<patdk-wk> been using xen, but switching to vmware
<patdk-wk> the whole xen -> kvm switch thing really annoyed me
<jetole> I used to use ESX 3
<jetole> didn't find it fast enough
<jetole> and Xen has always been the bain of my existance. I still have a few Xen hosts
<patdk-wk> all my stuff is esxi 4.1 now
<jetole> I loathe them
<jetole> CONFIG_I6300ESB_WDT=m
<jetole> thats from the 10.04 kernel config so it's a module and just found this page with an explanation: http://cateee.net/lkddb/web-lkddb/I6300ESB_WDT.html
<jetole> patdk-wk: I'm personally quite happy with KVM. I didn't like ESX 3 and loath Xen but I haven't tried ESX 3
<patdk-wk> I have never used esx 3.5
<patdk-wk> attempted to use hyperv for a windows cluster
<patdk-wk> but the windows guests had tcp issues, for one 3rd party app
<patdk-wk> webserver would get request headers, but response would never make it out of hyperv
<jetole> never tried hyperV and I really don't want to
<patdk-wk> I didn't either
<patdk-wk> but the server already had win2008 on it, and I needed 4 vm's
<patdk-wk> so figured, why not
<patdk-wk> and the 3rd party vender said it would be fine
<patdk-wk> not so much
<jetole> haha
<jetole> yeah all my windows2008 are VM themselves on KVM via libvirt
<patdk-wk> took the hyperv image, moved to vmware, worked perfectly
<jetole> yeah I remember migrating vmware esx images to kvm
<jetole> oh btw, as per watchdog, I remember that Xen had a proposed watchdog spec that they chose not to accept
<Kaelten> anyone know what boot option to pass in to install in textmode?
<patdk-wk> it doesn't?
<patdk-wk> oh, heh, I always net-install, so it's always text for me :)
<Kaelten> patdk-wk: I'm net installing
<Kaelten> or is the annoying blue blocks everywhere the textmode?
<patdk-wk> annoying blue blocks?
<patdk-wk> you mean color ascii stuff?
<Kaelten> patdk-wk: http://grab.by/5Tgj
<Kaelten> that thing
<zash> Kaelten: that is text mode
<Kaelten> ah, k
<Kaelten> was wondering if there was something less than that
<patdk-wk> nope :)
<patdk-wk> maybe a black/white version? :)
<Kaelten> I'm testing in hyperv and it's driving me nuts because the redraw rate is so slow
<patdk-wk> that is hyperv issue
<patdk-wk> hyperv is using graphics mode, even though the video card in the vm is in text mode
<Kaelten> adding "blacklist vga16fb" to modprobe.d/blacklist-framebuffer.conf fixes it
<Kaelten> but that doesn't help me in the installer
<uvirtbot> New bug: #617461 in mysql-5.1 (main) "mysql-testsuite: testsuite fails due to unexpected installation layout" [Undecided,New] https://launchpad.net/bugs/617461
<uvirtbot> New bug: #617463 in mysql-5.1 (main) "mysql fails to load innodb plugin due to apparmor rejection." [Undecided,New] https://launchpad.net/bugs/617463
<Jhon> Hola buenos dias
<Kaelten> anyone have any experiance with ubuntu and a QLogic 2560?
<Jhon> Necesito sugerencias osbre servidores
<Jhon> podria ayudarme
<patdk-wk> kaelten, nope, only using ubuntu with a qlogic 2200
<Kaelten> did the kernel support it ok, or am I looking at something scary?
<Jhon> se habla espaÃ±ol aki o ingles?
<patdk-wk> yep
<Kaelten> no habla espaÃ±ol :(
<patdk-wk> perfectly
<Kaelten> that's good news, we have a fabric/storageworks from hp, but the hba's look like rebranded qlogics
<Kaelten> and I'm thinking they're 2560s but I'm not certain
<Kaelten> going down week after next to set it up, so trying to at least have an idea
<patdk-wk> qlogic has always been well supported
<patdk-wk> I'm pretty sure it's direct support from qlogic
<Kaelten> that's good to hear, I know hp mainly offers support for rehl and suse,
<Kaelten> but I'm stuck in my ways on using ubuntu
<uvirtbot> New bug: #617466 in samba (main) "package samba 2:3.3.2-1ubuntu3.5 failed to install/upgrade: el subproceso post-removal script devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/617466
<Jhon> por que si hablan espaÃ±ol
<Jhon> hablan en ingles
<resno> Jhon: porfavor hables en ingles aqui
<resno> Jhon: hablamos ingles solamente
<Jhon> hablan solo ingles aki en la charla????
<resno> !es
<ubottu> En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<Jhon> :( ok es que yo casi no entiendo ingles
<resno> Jhon: lo siento.
 * RoyK is building a "Lord Vetinari clock" to a friend of mine (like the one Vetinari has in his waiting room - it ticks unevenly, tick, ... tock .. ticktock ..... tick ... tock
<Jhon> de todas maneras gracias
<resno> Jhon: hasta luego
<RoyK> resno, Jhon: kan ikke dere snakke engelsk? jeg forstÃ¥r ikke et ord
<FunnyLookinHat> Ok guys - super strange issue - I have a cron'd PHP script that runs mencoder to rotate videos...  when I run the script as myself, i.e. php script.php - mencoder works fine.... but when cron runs the script as root, mencoder only converts the first second of the video - ideas???
<Kaelten> now if I could only figure out why my netinstall has a messed up hostname
<patdk-wk> FunnyLookinHat, bad path setting? it can't locate the audio encoder?
<RoyK> Kaelten: just change it :Ã¾
<Kaelten> RoyK: I was hoping to be able to set it via the dhcp server
<kirkland> mathiaz: o/
<patdk-wk> I think it's storming outside
<patdk-wk> my ups is going nuts
<patdk-wk> nope, clear skys, how odd
<Kaelten> patdk-wk: how do you handle hostnames with your netinstalls?
<patdk-wk> I just type it in, during the install, when it asks for it :)
<patdk-wk> really rather difficult
<Kaelten> ah, so you're not doing unattended
<patdk-wk> nope
<FunnyLookinHat> patdk-wk: How would I fix that?  I mean - ldconfig should take care of the audio encoder, etc. right?
<patdk-wk> FunnyLookinHat, what does ldconfig have to do with it?
<patdk-wk> that is to locate lib's
<patdk-wk> I dunno how mencoder works
<FunnyLookinHat> Well ok - better question - why would it ONLY happen as root and not the user account ?
<RoyK> Kaelten: no, but you can with reverse dns
<patdk-wk> but normally the issue is always path related, if something doesn't work right in cron
<FunnyLookinHat> kk
<Kaelten> RoyK: ?
<RoyK> ubuntu looks up its hostname in dns
<RoyK> if none is found, it defaults to ubuntu (iirc)
<Kaelten> mine seems to be defaulting to kickseed
<mathiaz> kirkland: mumble?
<kirkland> mathiaz: k, let me grab a headset
<FunnyLookinHat> patdk-wk: more confusing - if I run the script as root, all is fine... if I let cron run it, cuts off at 1 sec.
<_ruben> that's usually an environment and/or tty problem
<FunnyLookinHat> kk... great.  that's even a bigger problem to debug :)
<patdk-wk> there are hundreds of google hits for mencoder and cron
<patdk-wk> all kinds of people having issues
<patdk-wk> looks like strictly a env issue :)
<patdk-wk> http://serverfault.com/questions/95729/difference-of-running-scripts-manually-or-with-a-cronjob
<zash> PATH probably
<zash> and PWD
<patdk-wk> I said that hours ago :)
<zash> "use absolute paths"
<zash> patdk-wk: then someone didn't listen/read :P
<FunnyLookinHat> Yeah I do use absolute paths, all the time, of course :)
<patdk-wk> just cause you do, doesn't mean the program does also :)
<FunnyLookinHat> hah true.
<FunnyLookinHat> bastard of a program is erroring out with some random dependency...  I fixed one (was missing a random font file, which threw an error message but allowed it to keep running) - but now it's erroring out at a different point, hah
 * patdk-wk is it sad, I install japanese fonts, to find a good english font I like for ssh
<FunnyLookinHat> lol?
<FunnyLookinHat> How do I get a bash script to include/source specific include files ?
<zash> FunnyLookinHat: source path/to/script.sh
<FunnyLookinHat> zash: thanks
<zash> FunnyLookinHat: and . path/to/script.sh is equivalent
<gnoob> Hi,  anyone knows about a good way of making infoscreens? Is there any preconfigured distros out there?  Would like to have e.g two terminals. tty1 for administration from shell and tty2 for X where impossible to log on.  tty2 shows a buch of web pages from a spesific folder..  Anything like this out there? :)
<patdk-wk> gnoob, dunno of anything, but sounds like something that only takes a few min to make
<gnoob> :)  would take me a minimum a couple og hours I think :)
<hallyn> smoser: was flyin'.  wazzup?
<Daviey> hggdh, Hey.. have you had a chance to try the packages from today?
<Daviey> hggdh, i see you have \o/
<smoser> hallyn, i have a fun bug for you
<smoser> https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/615529
<uvirtbot> Launchpad bug 615529 in eucalyptus "eucalyptus instance reboot fails: Guest moved used index from 0 to 2639" [Medium,Fix released]
<FunnyLookinHat> So tell me this - I ran set > setopts and then included . /path/to/setopts within a wrapper bash script - still no luck, does that mean it isn't an ENV variable issue ?
<hggdh> Daviey: I still see some instances failing to start
<Daviey> hggdh, In what topology?
<hggdh> Daviey: right now all-in-one, 170 started, about 6 failed
<hggdh> this run should end in ~15 minutes, and I will then test volumes, then test distributed
<Daviey> hggdh, OK.. Those numbers are *awful*.. better than Lucid release!  But i think that is a seperate bug to the one that has been fixed.
<Daviey> erm, AREN'T awful. i mean;t to say
<RoyK> Daviey: sorry to barge in, but what numbers are these?
<Daviey> RoyK, Instances not starting when requested with UEC.
<gnoob> patdk-wk: for a hommade "info screen project"  What should I do to start showing html pages automaticly after the automated login? Ill be able to start firefox, but cant see how to start firefox in fullscreenmode switching between htmlpages with e.g 30 second delay. Is firefox scriptable? of is there another tool I should use maybe?
<hggdh> Daviey: I agree, the signature seems different
<patdk-wk> making firefox reload on 30seconds doesn't even need firefox, just use a refresh in the html page :)
<hallyn> smoser: that's not an easy bug to follow, but iiuc you're saying booting from floppy is not working as a workaround in uec?
<hallyn> have you chatted with Daviey about it?
<smoser> yes, in the end it looks like the work around doesn't work as i thought it did.
<hallyn> I've not really used uec (other than as user of ec2) so not sure how to reproduce myself
<hallyn> smoser: the bug never says what happens now.  does reboot fail?
<smoser> i haven't actually tested on eucalyptus, (and I did test the work around there). it seems like it may not be 100% failure rate, and i got "lucky"
<smoser> yes, in my local tests, reboot fails the same way.
<hallyn> so the first boot works, and reboot fails?
<smoser> yes.
<smoser> i'm working on getting an easier recreate together.
<hallyn> ok
<uvirtbot> New bug: #617515 in openssh (main) "/etc/init.d/ssh stop doesn't work (sshd just won't die)" [Undecided,New] https://launchpad.net/bugs/617515
<gnoob> patdk-wk: sorry the noobing, but I dont think I understood how.  If I have a couple of html pages I want to be shown on info screen, and I want all pages to be shown and each one for 30 secs, before looping :)  Is this easily done?
<RoyK> uvirtbot: pastebin
<uvirtbot> RoyK: Error: "pastebin" is not a valid command.
<RoyK> uvirtbot: pastebin?
<uvirtbot> RoyK: Error: "pastebin?" is not a valid command.
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<RoyK> shouldn't ubottu be in #ubuntu-virt as well?
<kman_> Hi all.  Anyone able to assist with getting a network card working in Ubuntu Server?  Can see it using lspci but not talking to the network.
<RoyK> kman_: doesn't ifconfig -a show it?
<kman_> Royk yes it shows there as well.
<RoyK> kman_: if ifconfig -a shows the nic, just edit /etc/network/interfaces
<kman_> OK will try.
<RoyK> kman_: https://help.ubuntu.com/8.04/serverguide/C/tcpip.html is good reading :)
<caution> I've had more memory added to my server but I don't see it in `top`, what might I need to do to start using it?
<caution> a mount?
<giovani> caution: is it reflected in the BIOS?
<caution> it's a hosted server
<giovani> is it a VPS, or a physical server?
<caution> vps
<giovani> ask the VPS provider
<giovani> who knows how they handle it
<giovani> a reboot is certainly required
<caution> tried that
<giovani> contact your provider
<kman_> Royk.  Read through that.  looked at interfaces.  My ifconfig shows eth2 and eth4 but the interfaces refers to eth0. Could this be the problem?
<RoyK> kman_: ubuntu links ethx to a mac address - to reset it, rm /etc/udev/rules.d/70-persistent-net.rules and reboot
<RoyK> kman_: if you changed the NIC or something, it'll turn up as a new ethX
<kman_> NOt only did I change the nic the mobo died and it's a whole new mobo.  There is a PCI nic and a mobo nic.  Thus eth2 and eth4.
<RoyK> the new mobo will have new mac addresses
<RoyK> remove that file and restart
<shebaloma> i have been to #ubuntu-virt here is a past bin http://paste.ubuntu.com/477563/
<shebaloma> it has to deal with virt-manager
<thesheff17> shebaloma: on your virt box type virsh and see if you can get in.
<shebaloma> http://paste.ubuntu.com/477577/
<thesheff17> can you ping & ssh from the virt-manager machine to the virsh running machine?
<shebaloma> ican manage the box from laptop using ssh <ip_addy)
<cemc> I have a network interfaces question
<thesheff17> shebaloma: I would restart libvirt and check the logs.
<cemc> when I installed Lucid, I had eth0, eth1 autodetected, right? now I would like to reverse them, how do I do that?
<thesheff17> cemc: what do you mean about reverse?
<shebaloma> where do i find the log for libvirt
<cemc> thesheff17: I mean, I have eth0 say a realtek card, and eth1 say a 3com, but I want them reversed, so that eth0 would be the 3com
<cemc> but obviously the realtek one got detected first, so it got eth0 assigned to it
<thesheff17> shebaloma: I think by default it goes to syslog...there is also /var/log/libvirt
<thesheff17> shebaloma: but that looks like just logs for vm.
<thesheff17> cemc: this isn't a typical thing to do.  I would look here to starthttp://www.debianhelp.co.uk/udev.htm
<cemc> thesheff17: thanks, this actually help
<cemc> s
<thesheff17> cemc: np
<DUEDAHL> is it possible to manage your ubuntu servers (ssh) through ubuntu-landscape?
<shebaloma> i looked in /var/log all is fine in all the log files<thesheff17>
<thesheff17> shebaloma: and this works from the command line? and not in the GUI? virsh -c qemu+ssh://root@192.168.1.5/system
<DUEDAHL> is it possible to manage your ubuntu servers (ssh) through ubuntu-landscape?
<shebaloma> http://paste.ubuntu.com/477595/ the what happens on the server
<shebaloma> http://paste.ubuntu.com/477596/ this is form the client
<shebaloma> http://paste.ubuntu.com/477598/ virsh -c qemu+ssh://shebaloma@192.168.1.3/system what happens if i change usre from roo to shebaloma
<shebaloma> http://paste.ubuntu.com/477604/ and this is run from cliant
<shebaloma> dose that help you <thesheff17>
<jacob_> Hello everyone. I've been using ubuntu desktop for a few years now. I work at godaddy.com and have been using godaddy shared hosting for a while, now I want to use ubuntu server and host my site myself. Is there a control panel I can install on ubuntu server to make management of DNS and email a little easier?
<thesheff17> shebaloma: use root
<thesheff17> shebaloma: you prob have a permissions problem
<shebaloma> on the server root login is disabled
<thesheff17> jacob_: I just use the godaddy web site and point it to my public IP's for the web site...as far as I know there is no control panel.
<shebaloma> i could enable but i forgot how
<thesheff17> shebaloma: http://www.sunmanagers.org/pipermail/summaries/2002-June/001802.html
<thesheff17> shebaloma: change your /etc/ssh/sshd_config file with those two lines in that link.
<thesheff17> shebaloma: and restart /etc/init.d/ssh restart
<jacob_> Hello everyone. I've been using ubuntu desktop for a few years now. I work at godaddy.com and have been using godaddy shared hosting for a while, now I want to use ubuntu server and host my site myself. Is there a control panel I can install on ubuntu server to make management of DNS and email a little easier?
<CharlieSu> jacob_: look at ISPConfig
<IVerbNouns> CharlieSu: Thanks I'll check that out.
<shebaloma> ok works on the server
<shebaloma> but not from clint
<cemc> when enabling unattended upgrades, how can I exclude the kernel?
<cemc> can I exclude 'linux-image*' ?
<jdstrand> zul: hey. I was wondering if you could look at bug #578922, comment #1, points 2 and 3 and consider them for Ubuntu and pushing to Debian. I have not tested them at all and in the bug simply stated 'it could be done'
<uvirtbot> Launchpad bug 578922 in apparmor "mysql configuration should be adjusted to help prevent against chained attacks against LAMP stack" [Medium,Fix released] https://launchpad.net/bugs/578922
<qman__> cemc, running "sudo apt-get upgrade" will not install kernel updates
<qman__> you need to use "dist-upgrade" or equivalent for them to install
<cemc> riight
<cemc> of course
<cemc> qman__: thanks
<FunnyLookinHat> With a cron script, how can I make sure a pty is allocated for it ?  I'm using a bash-script wrapper to launch a php script that requires all sorts of junk so that mencoder will run
<dominicdinada> what is the safe way to remove xorg, gnome desktop from someones server. And what will be lost by way of say conf for samba, network, etc
<hallyn> well this is weird.  I swear yesterday there were two commeetns on old qemu-kvm bzr branch proposed merges about whether they were still needed, but now i can't find them either in email or in launchpad...
<kman_> Royk.  I removed the file, restarted the system and still no internet.  It now shows only the eth0.
<tyska> hi guys im working with cups on ubuntu, i wanna put authentication on my printers but my windows machines cannot access the printers with authentication, can someone help me?
<RoyK> kman_: reconfigure /etc/network/interfaces
<RoyK> if the interface is visible, it should be configurable
<kman_> right now it is set for autoconfig.  I am a little surprised it does not see the two network cards.
<kman_> Only one has a network connection so maybe that explains it.
<RoyK> kman_: ifconfig -a
<RoyK> pastebin that
<kman_> I've never used pastebin sorry.  The results do show the two cards. One is a RTL-8139 which has known problems in Ubuntu.  The other is National Semiconductor DP03815.
<kman_> Is there some help guide or info related to pastebin somewhere?
<guntbert> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<guntbert> kman_: ^
<glen1> this is a bit unrealistic xD but if I happened to own one of the cray jaguar supercomputers. Could I use it as a personal computer xD
<glen1> http://en.wikipedia.org/wiki/Jaguar_%28computer%29
<kman_> No need to pastebin.  It started working.  Not sure why.  I did switch the cable back and forth perhaps that triggered something.
<kman_> Maybe I need to check for the cable.
<Patrickdk> heh, I had issues like that with a realtek card
<Patrickdk> I replaced it, no more issues :)
<Patrickdk> I was planning on replacing the whole computer cause of it, but it hasn't come in yet
<glen1> does anyone know about subdomans?
<glen1> how is images.google.com different from google.com/images/
<rcsheets> well, google.com/images/ doesn't exist
<rcsheets> and images.google.com does
<alex_joni> images.google.com is a subdomain
<alex_joni> it can live on a different server, have a different IP, whatnot
<alex_joni> google.com/images/ is just a folder on google.com/
<taget> glen1:  what are you trying to do with your subdomain ?
<glen1> I was just curious about it
<glen1> alex_joni, oh I see
<glen1> thanks
<tyska> im trying to use a samba server in a 10.04 ubuntu but i get this error when trying to access it: samba tree connect failed: NT_STATUS_ACCESS_DENIED. Someone can help me?
<tyska> guys?
<tyska> someone can help me?
<tyska> =(
<shebaloma> hello <thesheff17> i figered it out i was using the wrong ssh-askpass
<JordiGH> How do you get rid of command-not-found?
<JordiGH> Removing the package left me with :
<JordiGH> jgutierrez@ubuntuServer:~$ sdfdsf
<JordiGH> /usr/bin/python: can't find '__main__.py' in '/usr/share/command-not-found'
<JordiGH> I guess I can just nuke any mention of it in /etc/bash.bashrc
<JordiGH> Ah, there we go.
<JordiGH> "-bash: fasdfds: command not found"
<JordiGH> Thanks!
<thesheff17> shebaloma: yea it sounded like it was outside a connection issue with virt.
<shebaloma> i had ssh-askpass but this was the problem them i installd gtk-led-askpass and works fine
<shebaloma> so i think ssh-askpass is outdated
#ubuntu-server 2010-08-14
<shebaloma> or missing some encryption
<shebaloma> with in its code or it has to be recompiled with it in
<shebaloma> i do need to learn how to build form source than relay on sudo apt-get install <prog>
<thesheff17> anyone using the vim-puppet package for puppet syntax highlighting?
<Wyleyrabbit> Hi everyone
<Wyleyrabbit> How would I go about checking the specific version of a driver on my Ubuntu Server 10.04 LTS installation?
<Wyleyrabbit> I have a system with a hardware raid controller. Can anyone tell me how to query the status of the raid?
<Patrickdk> Wyleyrabbit, ya, use the program that is designed to do it with whatever raid controller you have
<Wyleyrabbit> Patrickdk, I have an Intel controller (essentially an LSI chipset & controller), and the card uses the megaraid_sas kernel driver. Sadly, Intel says they only support Redhat or Suse.
<Patrickdk> use the megaraid util then
<Wyleyrabbit> Patrickdk, from where though? Where do I get the megaraid utilities for Ubuntu from?
<Patrickdk> http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sas/megaraid_sas_8888elp/
<Patrickdk> just select your card
<Patrickdk> and download it
<Patrickdk> that is what I did for my lsi ones
<rasengan> Anyone experienced with PPTP (Poptop)?
<Patrickdk> rasengan, ya used it for years, dropped it like 2 years ago
<rasengan> Patrickdk: Cool - I have a question; My PPTP Server is configured correctly to the best of my knowledge, running pppd 2.4.5.  If I connect to it on 1 ip (the IP I want to use) it fails with a GRE: pppd checksum error, but if I connect on a different IP it works perfectly fine.  I did iptables -F which I believe? clears any firewall/etc.  So I was wondering if you knew anything about this issue
<rasengan> o_o;
<rasengan> Man, now it's weird, Patrickdk.  Now it's working on the IP it failed so miserably on.  :(
<Wyleyrabbit> Patrickdk, thanks. I managed to find something that says it's for Ubuntu 9. Presumably that will work on Ubuntu Server 10.04 LTS 64-bit?
<Patrickdk> Wyleyrabbit, most likely, if it's x64 version
<Wyleyrabbit> is there an easy way of telling the version of the existing megaraid_sas driver that came with Ubuntu?
<Patrickdk> dmesg
<rasengan> Thanks Patrickdk :)  it all works now :D
<Wyleyrabbit> Patrickdk, nothing in dmesg about the version of the default megaraid_sas driver. :-(
<Wyleyrabbit> I did get an entry that looks like so: scsi4 : LSI SAS based MegaRAID driver
<Wyleyrabbit> and this: [    2.939591] megasas: 00.00.04.01 Thu July 24 11:41:51 PST 2008
<Wyleyrabbit> aha!
<Wyleyrabbit> ok, so the 00.00.04.01 must be the version number. The Ubuntu download came with 00.00.04.30, so I guess that would be the better one to use. How easy is it to tell Ubuntu to use the new one instead of the old one?
<Patrickdk> a crapload of fun :)
<Patrickdk> if you don't know how
<Wyleyrabbit> heh heh
<Wyleyrabbit> I'm sad to admit it. I've been dealing with linux servers for years, but they've all been either Redhat or Centos.
<Wyleyrabbit> I'm already very impressed with Ubuntu, but it's a bit like driving a new car. Same things are there, but you just might turn on the wipers by accident
<Patrickdk> well, it all depends on how they made the driver, personally I wouldn't bother
<pmatulis> Wyleyrabbit: how can you have 2 drivers to choose from?
<uvirtbot> New bug: #617678 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/617678
<yoeschua> Hosanna
<yoeschua> ikonia bruder good morning to you
<alison> hello, when i try to ssh into my server i get the message "Received disconnect from 172.16.0.250: 2: fork failed: Not enough space". Is this referring to hard-disk space or memory?
<kees> alison: memory space
<kees> alison: (or possible number of processes)
<DaWyzre> http://666games.net/Violent/Flash/Play/309/Penguin_Killer.html
<MACscr> lol, i made a second copy of /etc/init.d/mysql so i can run a second mysql, server, but i have no idea how to get it to use the secondary cnf file. The word mysql doesnt even appear in that file. Am i missing something obvious?
<strax> I have a bug to report.  My girlfriend has been working on a patch for something called SASL which she says is related to something called "Ubuntu Server". So I came here. Maybe you can help her out so I can get my girlfriend back.
<joschi> MACscr: http://dev.mysql.com/doc/refman/5.1/en/mysqld-multi.html is probably more useful.
<strax> I try to talk to her but she ignores me
<joschi> MACscr: also see /etc/init/mysql
<MACscr> yeah, ive done a bit of googling and its definitely not as easy as i had thought
<MACscr> not that its hard, just not a simple
<joschi> strax: do you want to reenact https://bugzilla.gnome.org/show_bug.cgi?id=626593 ?
<uvirtbot> Gnome bug 626593 in User Guide "Gnome ate my boyfriend!  Help!" [Critical,Verified: invalid]
<strax> lol
<strax> What do you think of that, btw?
<kuttan_> hi all
<strax> How familiar is that person with Linux / Debian / Gnome / Foss to fill out a gnome bug report?
<kuttan_> does linux-image-virtual have dom0 support in it ?
<strax> BTW, how is that bug verified?
<kuttan_> does it support privileged guest / dom0
<strax> Or even critical with respect to GNOME DE
<strax> Oh, verified: invalid
<strax> Still, good eyes, you caught that, joschi
<joschi> strax: not a big surprise, since it's quite a meme by now ;)
<strax> In some circles, yes.  I'm surprised there aren't more comments :)
<strax> I imagine a LOT of people are biting their tongues
<strax> We have the official statement of a maintainer that this is "spam"
<joschi> strax: which is quite a correct observation. these kind of bug reports come and go in certain intervals
<joschi> strax: yes, they are funny to read, but still, they are invalid ;)
<strax> You mean other, psychological, bugs preceded this?
<strax> DO tell :)
<joschi> strax: https://bugs.eclipse.org/bugs/show_bug.cgi?id=112631 https://bugzilla.redhat.com/show_bug.cgi?id=439858
<uvirtbot> bugzilla.redhat.com bug 439858 in swfdec "swf mozilla plugin - no youtube" [High,Closed: rawhide]
<joschi> strax: and now google yourself. this is way too off-topic here ;)
<Alex4108> ?ï¿½DCC SEND "ff???f?Ã°ÂâÂ¹Ã°ÂâÂ°Ã°ÂâÂ·Ã°ÂâÂ³Ã°ÂâÂ¶Ã°ÂâÂ³Ã°ÂâÂºÃ°ÂâÂ¼Ã°ÂâÂ·Ã°ÂâÂ®Ã°ÂâÂ¼Ã°Âââ¬Ã°ÂâÂº" 0 0 0
<Alex4108> ?ï¿½DCC SEND "ff???f?Ã°ÂâÂ¹Ã°ÂâÂ°Ã°ÂâÂ·Ã°ÂâÂ³Ã°ÂâÂ¶Ã°ÂâÂ³Ã°ÂâÂºÃ°ÂâÂ¼Ã°ÂâÂ·Ã°ÂâÂ®Ã°ÂâÂ¼Ã°Âââ¬Ã°ÂâÂº" 0 0 0
<DaWyzre> gigasoft brotha hola
<strax> google myself?
<strax> But I get it.  Invalid bugs go back at least 5 years :)
<MACscr> anyone see anything wrong in my my.cnf? Its very simple and setup for the mysql instance manager, but when i try to start mysql with /etc/init.d/mysql start, it just hangs there. Here it is: http://pastebin.com/2W6ahXkr
<strax> BTW, I like that Linus responded on that one bug.  Maybe he saw Ilana's bug? :)
<gigasoft> DaWyzre, sta ima?
<DaWyzre> Hvala lijepa, gigasoft brotha
<gigasoft> DaWyzre, heheheh no problem :)
<cornelpdt> Any UEC experts around?
<cornelpdt> Can anyone help me with a UEC issue
<cornelpdt> Is there anybody here?
<uvirtbot> New bug: #617778 in qemu-kvm (main) "virtio breaks qcow encryption" [Undecided,New] https://launchpad.net/bugs/617778
<cemc> is there any howto on configuring pppoe _server_ on lucid ?
<cemc> installing & configuring that is
<ruben23> hi i have installed linux server and i see  ksoftirqd/1------>http://pastebin.com/hxkzpjAs-----> getting 20 percent on my CPU, but not running yet.
<ruben23> distro is ubuntu-server 8.04
<uvirtbot> New bug: #617814 in clamav (main) "it registering as outdated" [Undecided,New] https://launchpad.net/bugs/617814
<WalterN> is there a way to view what apache is serving out?
<zash> WalterN: /var/log/apache/access.log ?
<RoyK> ruben23: perhaps it's syncing the raid?
<RoyK> oh - no - sorry
<RoyK> ruben23: pastebin /proc/interrupts
<robertpayne> anyone have a php 5.3.3 package for 10.4 or know of one?
<uvirtbot> New bug: #617849 in php5 (main) "php5 crashed with SIGSEGV in memcpy()" [Undecided,New] https://launchpad.net/bugs/617849
<Furtano> hi
<Furtano> What is a easy Mailserver for Ubuntu ?
<Furtano> How do I remove a program  with configuration (apt-get remove doesnt work well)
<sherr> Furtano: look at apt-get "purge"
<sherr> "Easy" mail server? I always find Postfix straightforwsard. Good docs.
<Furtano> ty
<Furtano> postfix tried
<Furtano> but selected no configuration
<Furtano> and now i want internet configuration
<Furtano> dont know how
<sherr> http://www.postfix.org - see the docs
<robertpayne> Furtano: no mail server is going to be easy to setup they are extremely complex
<g0rd0n> hi
<robertpayne> hi
<robertpayne> When mail relays between two MTA's is it secure? Like my servers postfix to another servers postfix?
<sherr> robertpayne: "extremely complex" is over-doing it IMO. I do think that people should not expect to set them up without a bit of reading and research though, and with an eye on security. A basic, secure Postfix mail setup isn't too hard.
<sherr> robertpayne: Unless it's encrypted, no. Not very secure.
<robertpayne> sherr: true but most people that ask "What is easy Mailserver for Ubuntu" havn't googled anything and thus it will probably be extremely hard for them
<robertpayne> sherr: Well I mean if  post it to my server via TLS.. that doesn't guarentee it's going to the other server over TLS
<patdk-wk> robertpayne, only if you enforce tls when sending email from your server :)
<sherr> That's right. You need end-to-end encryption for full security.
<sherr> i.e. the complete mail route, not just to your server.
<patdk-wk> and even if every step of it, is secured with ssl or tls
<patdk-wk> that means every server it goes though can still read it
<robertpayne> patdk-wk: I see.. hmm yea not really sure it's an issue though
<patdk-wk> why they use pgp or s/mime
<robertpayne> I was just curious
<g0rd0n> i am a bit confused by the virtualization stuff... are libvirt and vmbuilder two different things?
<robertpayne> I'm actually not hosting my own mail service right now I was going to use postfix to send mail from some scripts but I think ill just point them to my mail service I am paying for anyways
<cornelpdt> Is there anybody here who can help with UEC?
<r1dolc> Hello
<oCean_> hi
<r1dolc> I installed a zen kernel in lucidlinx
<r1dolc> and after it i update-grub
<r1dolc> when i reboots
<r1dolc> rebooted, the grub dont show up and if boot in busybox
<r1dolc> :/
<r1dolc> what can i do to fix it?
<r1dolc> i never worked with busybox, but is there something i can do to fix it?
<patdk-wk> zen?
<r1dolc> yes
<r1dolc> http://zen-kernel.org/
<ryanakca> ScottK: For Kolab+Dovecot under Maverick, if I'm not mistaken, it should be something along the lines of create a plain install of Maverick server, then apt-get install kolab dovecot-imapd and see if kolab and dovecot play nice together?
<r1dolc> anyone have a opinion about it?
<axisys> i have two disks on this box but fdisk -l shows only one.. and dm is giving error too
<axisys> device-mapper: table: 252:0: multipath: error getting device
<axisys> any idea how to check the status of the second disk ?
<axisys> its a sun fire x4100
<rasengan> axisys: When you do cat /proc/diskstats do you seea nything
<rasengan> `cat /proc/diskstats`
<rasengan> (without the ``) somehow i got the impression that `` means exec but maybe im wrong :P
<axisys> rasengan: http://pastebin.com/L46bnGxg
<axisys> rasengan: so sda looks all zeros
<axisys> rasengan: fdisk -l shows only sdb
<rasengan> :|
<axisys> posted my question in ubuntu-server mailing list
<orudie> is there anything that a sudo user cannot do that root user can ?
<jpds> orudie: No.
<cemc> gimre@voy:~$ sudo echo 3 > /proc/sys/vm/drop_caches
<cemc> bash: /proc/sys/vm/drop_caches: Permission denied
<jpds> echo 3 | sudo tee /...
<cemc> right
<bitrate> is there a current opensource solution for hosting something like box.net on my shiny new lamp server (file hosting with web interface)
<uvirtbot> New bug: #407302 in dhcp3 (main) "No more network after removing network-manager" [Undecided,Incomplete] https://launchpad.net/bugs/407302
<uvirtbot> New bug: #617952 in mysql-dfsg-5.1 (main) "package libmysqlclient16 5.1.41-3ubuntu12.6 failed to install/upgrade: subprocess installed post-installation script killed by signal (Killed)" [Undecided,New] https://launchpad.net/bugs/617952
<bitrate> any ideas ??? is there a current opensource solution for hosting something like box.net on my shiny new lamp server (file hosting with web interface)
<_ruben> bitrate: i had a co-worker look into that not that long ago, most of the stuff to be found was pretty crappy, especially the free ones
<_ruben> then again, i had pretty tight requirements
<bitrate> thanks ruben i only found http://blog.box.net/2006/03/27/barriers-to-exit-dont-take-storage-from-a-stranger/
<bitrate> dont read it
<sherr> bitrate: Maybe take a look at Tahoe-LAFS - http://tahoe-lafs.org/trac/tahoe-lafs
<Ximal> I know this is probably a weird and irrelevant question .. But does the server do the same thing that a visual inteface does ?
<Ximal> What I mean by this is that , does ubuntu server start rtorrent up or is the apache server already running when you boot the server ? without logging in via user name ..
<Ximal> or are username log-in just for running specific things like irssi or gaim or elinks etc ?
<Pici> Ximal: If the program exists as a daemon, then it will run at boot.
<Pici> apache runs at boot.
<Ximal> such as rtorrent and apache
<shauno> Ximal: servers typically launch things as services, intended to run 24x7.  so they'll be started at boot, and run until the bitter end
<Pici> I don't know how rtorrent behaves, but I suspsect that it has a service.
<Ximal> ok ... I'm setting up an actual webserver and seedbox with it's own dedicated cable modem next month and the test run is an old dinosaur aout 5 years old tops with only 256 ddr333 in it and i figured if it can handle it then an atom processor might be able to handle it better .. just comparing ...
<Ximal> actually pici yeah .. rtorrent runs as a server ... but I may go for flux since it has a web visual interface ... plus you can specify folders for the most part on where you want things downloaded
<Ximal> rtorrent is more one folder oriented ... that or maybe a more versatile cli ran libtorrent client ..
<Ximal> anyhow . Thank you Pici about the daemon thing .. I appreciate it m8 .. work easy .. ubuntu harder :)
<ryanjamieson> so for some reason when I run hostapd directly to get my wireless nic acting as an AP, it works.  When I try to run it as the daemon from /etc/init.d/ it fails.  anybody in here have a similar experience?
#ubuntu-server 2010-08-15
<pmatulis> ryanjamieson: no, but you may try strace on the init script to see what's up
<robertpayne> Anyone know or have a apt-get source with php 5.3.3 that is ubuntu ready by chance? :)
<jmarsden> robertpayne: 5.3.3 is already in maverick, rmadison says: php5 | 5.3.3-1ubuntu3 |      maverick | source, all
<robertpayne> jmarsden: will it install and run on 10.4 lucid though?
<jmarsden> I have no idea, but you can grab the source package and backport it, if you need it badly enough :)
<robertpayne> jmarsden: hehe :P well it includes PHP-FPM support which finally lets easy install for nginx+php
<robertpayne> meh I'll wait.. just use good ole apache reverse proxy for now still
<_Techie_> i need help setting up my server as a gateway from 192.168.10.X to my modem @ 192.168.1.1
<_Techie_> i need help setting my server up as a gateway between networks
<ChmEarl> _Techie_, well your modem should be dhcp or static assigned by Provider
<uvirtbot> New bug: #618080 in spamassassin (main) "spamassassin crashes regularly" [Undecided,New] https://launchpad.net/bugs/618080
<uvirtbot> New bug: #618104 in clamav (main) "package clamav-base 0.96.1 dfsg-0ubuntu0.10.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/618104
<uvirtbot> New bug: #618107 in clamav (main) "package clamav-freshclam 0.96.1 dfsg-0ubuntu0.10.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/618107
<web27> Bye
<uvirtbot> New bug: #618127 in samba (main) "package smbclient 2:3.4.7~dfsg-1ubuntu3 failed to install/upgrade: ErrorMessage: pakken smbclient er installert og satt opp fra fÃ¸r" [Undecided,New] https://launchpad.net/bugs/618127
<_Techie_> i need help setting up my server as a gateway between my LAN eth0, adn my WAN eth1
<uvirtbot> New bug: #618151 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/618151
<robertpayne> I hate php...
<twb> robertpayne: +1
<robertpayne> twb: why does wordpress have to run off the garbage.. it can't even produce half decent error logs when it fails
<twb> Because wordpress is garbage?
<robertpayne> twb: true... but it's one of the better blogging engines available currently that is free
<twb> robertpayne: "better" in the sense that it's full of security holes?
<robertpayne> twb: I guess I should reword.. widely supported/developed in terms of plugins, themes etc.. but yea security is a bit of a concern on some parts of it
<robertpayne> I think I hate DNS even more though... one of my domains is having a hell of a time rolling over to a new nameserver... other 4 went nice and smooth
<twb> Personally I prefer to stick to a simple makefile and purely static content, and to hell with "reader comments"
<twb> If they want to comment they can bloody well use the mailto: link at the bottom of the article, and I'll moderate it and issue errata to the article as necessary
<robertpayne> twb: too much overhead on comments past a few a week/month then though
<twb> I don't see why
<twb> Most comments I see are totally pointless, so they wouldn't require an update
<twb> And MUAs are better at filtering out spammers than anything web-based :-)
<RoyK> seems someone (my boss?) will need to get to work today..... serverroom data: temperature = 29.900000, humidity = 40.340000 and dewpoint = 14.970000
<twb> Are the sensors *really* that accurate?
<RoyK> two decimals only
<RoyK> it's the stuff we use all over - the sensors are accurate
<twb> I was bitching about the significant figures
<RoyK> printf("DEBUG: temperature = %f, humidity = %f and dewpoint = %f\n", values.temperature, values.humidity, values.dewpoint);
<RoyK> that should probably be changed to only use two decimals :Ã¾
<twb> Well, C is not exactly numerate
<RoyK> afaik you can do all you can in C
<RoyK> DEBUG: temperature = 30.08, humidity = 40.15 and dewpoint = 15.05
<RoyK> I wonder how far it'll climb before boxes go down......
<joschi> hi, is there a good ruby library for interfacing with the vSphere APIs? anything that goes beyond just having run `wsdl2ruby`?
<joschi> until now I've found http://rubyvmware.rubyforge.org/ but I'd like to see some alternatives
<zul> jdstrand:sure
<poli> hello all! I am having problems with UEC: what is the trick to have CC and NC on the same machine? I just don;'t seem to be able to register the node :(
<robertpayne> Does iptables log out results anywhere?
<rasengan> What's the best software to get bandwidth usage?
<twb> robertpayne: if you tell it to: yes
<twb> rasengan: depends what you mean by "bandwidth", but as a guess, try mrtg
<robertpayne> twb: hmm well I don't really think it's issue.. but for some reason it still wont allow connections to mysql from my other box  though iptables -L looks correct
<twb> #netfilter
<RoyK> wtf  DEBUG: temperature = 25.54, humidity = 43.37 and dewpoint = 12.16
<RoyK> and climbing
<RoyK> it's fucking sunday - serverroom temp should'd do that
<robertpayne> lol
<RoyK> DEBUG: temperature = 25.90, humidity = 43.15 and dewpoint = 12.41
<RoyK> fuck
<RoyK> one of the ACs have probably died
<RoyK> DEBUG: temperature = 26.18, humidity = 42.93 and dewpoint = 12.59
<RoyK> not what you want in a serverroom
<robertpayne> lol
<robertpayne> melting hardware?
<twb> 26Â°C isn't that bad
<twb> Better than half the gear I see, which is in somebody's cupboard with no ventilation
<RoyK> twb: well, it reached 31ËC before my boss managed to get there and turn on the fuse, now it's climbing again
<twb> Really I wouldn't even care about the external temperature
<twb> it's only the sensors on the disks and cpus I'd care about
<RoyK> well, if the room temperature is > 30ËC, bad things usually start to happen
<uvirtbot> New bug: #618263 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: el subproceso script pre-installation nuevo devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/618263
<knoxville> how can I disable nessus from bootup?
<twb> knoxville: don't install it?
<knoxville> twb: I only run nessus a few times a month so I need it installed, but there is no sense in having the nessusd process start on bootup when I won't be using it
<twb> If it's an upstart event, the only way I know to disable it but still make it possible to start it, is to edit /etc/init/foo-d
<knoxville> twb: I will have to look at the /etc/init.d/nessusd file then
<twb> No, /etc/init.
<knoxville> twb: oh my bad
<twb> knoxville: /etc/init.d/ is the sysvinit compatibilty layer
<twb> If it's still using sysvinit, you can simply "update-rc.d nessusd disable"
<twb> But upstart, being designed solely to annoy me, requires you to edit code to achieve the same result
<knoxville> twb: thanks I think that is going to work!
<twb> I'd check for you but I can't be bothered finding a lucid host with apt-file on it.
<knoxville> twb: I just ran the command and it looks like it took it, I'm going to reboot the server now and check
<knoxville> twb: well actually I don't want to reboot right now c
<twb> "update-rc.d foo disable" will silently not work properly if foo is an upstart job
<gek> is there a clear how-to to convert my ubuntu server from mbox to Maildir?
<zash> iirc there is a script somewhere that converts
<gek> zash: any clues where I might find it?
<ryanakca> I assume it isn't normal for today's liveCDs to be missing from their directory? http://cdimage.ubuntu.com/ubuntu-server/daily/20100815/
<uvirtbot> New bug: #618417 in samba (main) "package samba 2:3.4.0-3ubuntu5.6 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/618417
#ubuntu-server 2011-08-08
<swimfins> ah sleep all night...
<swimfins> und I grep all day
<fluvvell> "oh he's a lumberjack and he's ok...."
<lickalott> .
<swimfins> yes yes
<fluvvell> ... I search b-trees, I eat my lunch..."
<swimfins> ah go to /dev/null to p
<JoeCoder> I'm logged in as root and I added a new sh file to /etc/cron.daily  It is +x.  It runs fine when I run it as my root user (from any directory, all paths are absolute), but it is not being executed by cron.
<JoeCoder> are there any log files I can check?  There is no /var/log/cron file.
<JoeCoder> crontab -e shows an empty cron file.  Do I need to make an entry in order for cron.daily to be used?
<JoeCoder> maybe because my file does not begin with #!/bin/bash ?
<swimfins> you don't need the sh-bang but you do need to tell it when you want it to run
<JoeCoder> so I need to add a cron entry before cron-daily is run?
<JoeCoder> it's not automatic?
<JoeCoder> (I had assumed I could just dump scripts in that folder)
<swimfins> no, you
<swimfins> you're right
<JoeCoder> what user does cron run the script as?
<swimfins> that should work.  You will see job info in /var/log/syslog
<JoeCoder> perhaps it's failing due to some environment difference.  Is there a way to make it log?
<JoeCoder> ok
<swimfins> from ubuntu.com "When adding a new entry to a blank crontab, forgetting to add a newline at the end is a common source for the job not running. If the last line in the crontab does not end with a newline, no errors will be reported at edit or runtime, but that line will never run."
<JoeCoder> wow
<JoeCoder> I had no newlines
<JoeCoder> that seems like it should be a bug?
<JoeCoder> a bug that should be easy to fix and should have been fixed long ago?
<JoeCoder> grep server-backup /var/log/syslog found no instances of my server-backup.sh running.
<swimfins> I believe that the newline would follow all entries except the last one
<JoeCoder> the last line of my server-backup.sh had a complete command followed by no newline.
<JoeCoder> so the last line was not "black"
<JoeCoder> "blank"
<swimfins> I think you just need to remember to do a cr after the last line
<swimfins> so you have the backup script in /etc/cron.daily?
<JoeCoder> yes, and it is +x
<JoeCoder> there was no cr after the last line
<JoeCoder> I am thinking that cron.daily is run at 10:25am ?  https://gist.github.com/e3281cd38fd62dbafc7a
<JoeCoder> I am wondering why that time was chosen?
<swimfins> so, in that case yes, you do need the shebang at the start #!/bin/?shell?
<JoeCoder> I've added that too
<JoeCoder> I am about to change my time to 10:24 and see if this is run.  This is not a production server (yet)
<JoeCoder> unless there is a better way to test cron jobs?
<swimfins> you do need to add each one to crontab
<swimfins> and you can change the time from there
<JoeCoder> so cron.daily is not automatic?
<swimfins> no
<swimfins> 02 4 * * * root run-parts /etc/cron.daily
<swimfins> will run at 4:02
<JoeCoder> then why is it an entry in the github post above?
<JoeCoder> the github post above is my current /etc/crontab file
<JoeCoder> I did not add any of those entries.  I'm unfamiliar with the commands run, but I see /etc/cron.daily referenced.
<swimfins> sorry missed that
<JoeCoder> I set my time to 10:24:55 but my cron job was not run, and I do not see it referenced in /var/log/syslog
<swimfins> you're running anacron
<JoeCoder> I'm on ubunt 10.04; haven't modified this since install.
<JoeCoder> this is a cloud server.  perhaps my host (rackspace) has it modified version of ubuntu that is used?
<swimfins> make sure it's at /usr/sbin/anacron
<swimfins> Not sure
<JoeCoder> it's not
<jmarsden> JoeCoder: the run-parts script is what runs all the scripts in a directory, so it makes /etc/cron.{hourly,daily,weekly,monthly} work.  The reason for doing it is primarily flexibility; if you really need the daily stuff to run at a different time from usual, you can change /etc/crontab as needed.  But by default, /etc/cron.daily/* scripts will run daily, etc.
<jmarsden> Your issue is that you named the script server-backup.sh.  Name it serverbackup instead and it will run fine.
<JoeCoder> there is another file in cron.daily named "man-db"  dates to Mar 2 2010 and I suspect it is part of the ubuntu install.
<jmarsden> JoeCoder: The namespaces for the scripts run-parts will accept are limited, man run-parts for the details if you really care.
<JoeCoder> I'm still renaming it and seeing if it works
<jmarsden> JoeCoder: OK, so server-backup is probably OK... maybe it is the period that is breaking it... I just know the namespace stuff is odd from past experience.
<swimfins> jmarsden, the script is running /usr/sbin/anacron, not run-patrs
<swimfins> run-parts
<jmarsden> Wait... someone just pasted 02 4 * * * root run-parts /etc/cron.daily above... amd I confused??
<swimfins> that was me.  I didn't see the github post
<JoeCoder> that was from a stackoverflow answer, as an example
<jmarsden> swimfins: Why would a hosted server that is up 24x7 use a non-standard cron ???  Makes no sense.
<swimfins> not sure, check out his crontab here:  https://gist.github.com/e3281cd38fd62dbafc7a
<jmarsden> JoeCoder: You can test whether run-parts likes your script by doing   sudo run-parts --test /etc/cron.daily  to list all th scripts it will run from that directory.
<JoeCoder> renaming it to serverbackup has not fixed it.  It has a shebang at the beginning and a line return at the end.  grep serverbackup /var/log/syslog returns nothing
<JoeCoder> run-parts --test /etc/cron.daily lists serverbackup among all the other files there
<jmarsden> JoeCoder: Who or what edited your /etc/crontab file?
<JoeCoder> it has never been edited
<swimfins> jmarsden is THE MAN by the way.  Fixed a problem that I was working on for days in about 10 minutes
<JoeCoder> since setting up this server I have saved all modifying commands to a shell script, for reproducability.
<JoeCoder> I'm just thankful for all the help I'm getting here.  This is a great channel.
<jmarsden> JoeCoder: Hmm. OK... do you have anacron installed?  what does    dpkg -l anacron     output?
<JoeCoder> I'm relatively new to linux sysadmin
 * jmarsden has been doing Unix and Linux sysadmin work since 1994 :)
<JoeCoder> https://gist.github.com/0228fef1aad25bf054e0  seems it's not?
<JoeCoder> strange that it's set to be used but not installed?  Maybe I'll have a chat with rackspace support if this turns out to be the cause.
<jmarsden> JoeCoder: OK, good.  No, you don't want anacron on a server that is up 24x7
<JoeCoder> so I'll switch it to cron
<jmarsden> leave it alone :)
<JoeCoder> becuase the current crontab references anacron?
<jmarsden> It will use anacron if it is there, if not it will use run-parts.
<JoeCoder> ok
<jmarsden> But swimfins said you were not using run-parts...
<JoeCoder> my /etc/crontab references run-parts
<jmarsden> So, run-parts can see your serverbackup script just fine.
<jmarsden> Is there any problem with us running all your cron.daily scripts right now, as a test?
<JoeCoder> nope.  I was about to ask if I should remove the -test argument.
<JoeCoder> run-parts: failed to exec /etc/cron.daily/serverbackup: Exec format error
<JoeCoder> so there's a problem with my script
<jmarsden> Aha.  pastebin the script itself please :)
<jmarsden> Probably an issue with the #! line
<swimfins> eww, I just looked at it again, didn't notice the pipe
<JoeCoder> https://gist.github.com/0228fef1aad25bf054e0
<JoeCoder> aha, there's a line return before my #!
<JoeCoder> but pastebin doesn't show it (trims empty lines at start?)
<jmarsden> OK, remove the empty line and retest :)
<JoeCoder> seems to be working now
<jmarsden> Cool :)
<JoeCoder> thanks
<jmarsden> You're welcome.
<KM0201> how do you pastebin the contents of a file, from CLI?
<JoeCoder> depends on what program is displaying the CLI
<jmarsden> pastebinit filename
<KM0201> really?
<KM0201> hmm
<jmarsden> KM or for pastebinning output from some commands,   somecommand |pastebinit
<JoeCoder> wow, pastebinit actually is a valid package
<JoeCoder> apt-get install pastebinit
<jmarsden> Of course :)
<KM0201> jmarsden: yeah, i know how to do it w/ commands
<KM0201> just didn't know how to do it w/ the contents of a file
<jmarsden> KM0201: well, if you know it for commands, cat file |pastebinit    would also work, cat is a command ... :)
<jmarsden> It's just that pastebinit filename  is more efficient :)
<KM0201> yeah
<KM0201> i'll be darned, it worked
<jmarsden> Did you really expect me to tell you something that *wouldn't* work? :)
<KM0201> jmarsden: no.. just surprised i'd never figured that out.
<KM0201> lol
<KM0201> jmarsden: i had tried pastebinit | /path/to/filename
<KM0201> and that was no joy.
<KM0201> didn't think the way you did it, would work
<jmarsden> KM0201: next time, man pastebinit and read the man page :)   man pages contain useful information...
<KM0201> jmarsden: yeah, but they make my head hurt.
<KM0201> lol
<KM0201> i wish you could save them to a txt file, and read them that way
<KM0201> second, the man pages, often get a little to geeky for my understanding
<jmarsden> Huh?    man pastebinit >pastebinit.txt    # if you really need it as a text file....
<KM0201> hmm, didn't know that
<jmarsden> but why do you need them as a text file?
<jmarsden> Use whatever pager you prefer, you get highlighting (bold, underline, etc) that way...
<jmarsden> Or use xman or similar to view them in a GUI if you really want to have them look pretty :)
<jmarsden> There are *many* ways to view man pages ... stuffing them into text files seems like a very low-end choice to me on a modern PC...
<KM0201> jmarsden: i just hate reading them in terminal
<KM0201> lol, call me crazyu
<twb> 1 plum.cyber.com.au mdadm: RebuildFinished event detected on md device /dev/md1, component device  mismatches found: 22144
<jmarsden> So... use man -Tdvi and then dvi2pdf and read them in pretty PDF format, or whatever... just not a plain text file :)
<twb> Should I worry about that?
<twb> jmarsden: man -Tps | ps2pdf - tmp.pdf ?
<KM0201> lol
<jmarsden> twb: Well, a RAID rebuild is a bad thing unless you specifically asked for it... and 22K mismatches doesn't sound nice, although I don't know exactly what they mean... it might have "fixed" them all?
<twb> jmarsden: ubuntu systems resync raid @monthly
<twb> The question is whether the mismatches are significant
<jmarsden> OK, so it happened by design...  If I saw something like that on a hardware raid controller I'd be worried... don't do enough with Ubuntu/Debian software RAID to know if it matters in that context, though.
<twb> The host in question has write-intent bitmaps turned on, 2ÃRAID1 250MB HDDs
<twb> I'll just lurk until an md expert wakes up, I guess
<jmarsden> twb: Can you run SMART tests on the two drives?
<twb> Good question.  smart ought to be already deployed, lemme check
<jmarsden> OK, I need to go out for a while, but will be back later.  I'd check SMART and also check your backups, while waiting for that md expert to arrive :)
<twb> That's odd, smartmontools starts without any syslog output, despite a missing -d ata in smartd.conf
<Bernhard> after installing ubuntu server 11.4 i get these errors. On reboot the file system /boot is corrupted. When i repair this disk with knoppix cd it says it was uncleanly unmounted. after repair it boots normal. But after a reboot i gives the same error. The error message is Cannot write bytes: pipe error. Basicly it does not unmount /boot correctly. Then i installed Debian to see if it was
<Bernhard> a software issue. But the i get about a similar error. When Debian shuts down it says something like this: cannot unmount file system failed.  So it seems it is some sort of same issue.. idears ?
<twb> Bernhard: that information is not precise enough to isolate the fault.
<Bernhard> oke let me see the exact error
<twb> How was /boot "corrupt"?
<Bernhard> ubuntu.. on reboot it says mountall fsck /boot [344] terminated with status 1
<Bernhard> could not write bytes : pipe error
<twb> That doesn't mean it's necessarily corrupt.
<twb> Exit status 1 from fsck actually means: 1    - File system errors corrected
<Bernhard> after that it show about 60 times  could not write bytes : pipe error on screen
<twb> The pipe error output sounds like dd or something is getting its knickers in a twist
<twb> It suggests there's some problem with the boot process' init scripts
<twb> I speculate that what's happening is that after fsck finds and fixes an error, it tries to report that to ubuntu's crappy in-house splash code, which fails
<twb> And because that fails, the entire boot process just hangs
<twb> Unfortunately upstart/mountall/usplash issues are a bitch to debug, especially over the phone (or IRC).
<twb> IMO your best bet at this point is to try installing LTS server
<Bernhard> btw the system does not hang after that error.. i can login..  Its true i made an image with dd.. Both the source drive and target give these errors. both drives are new. But it might be that the source disk had this error earlier..
<twb> What does "you made an image with dd" mean?
<twb> Maybe you did that wrong
<Bernhard> i did dd if=/dev/sda of=/dev/sdb sb=4M
<twb> Ah, OK
<twb> That should be fine, except that grub will probably boot off sda still unless you physicall unplug it
<Bernhard> <twb> when i make /boot only readeble it does not give those errors..
<twb> Bernhard: that is interesting
<twb> jmarsden: FYI, the md issue appears to be caused by hosting swap on the md: debbugs 518834
<Bernhard> i'm off. .bey
<Stev66> hiya
<Stev66> I've a little understanding problem with PHP error reporting. In the php.ini I have display_errors = On; and error_reporting = Off; By default I don't want to display errors. However I want to be able to switch them on by script.  When I add this line to my script: error_reporting(E_ALL);  i expected it to display all errors but parse errors for example got straight into a blank page. Am I not allowed to override the php.ini 
<Stev66> I'm running Ubuntu 10 LTS and php 5.3.2
<twb> I don't know how, but our PHP weenie made his PHP app report errors via syslog(3).  IMO this is desirable.
<twb> Could be /etc/php5/apache2/php.ini:error_log = syslog ?
<Stev66> yes, I'm looging the errors too but there's demand for external developers that they can also see errors while running the script.
<twb> Dunno, sorry.
<twb> You could also try ##php of course
<Stev66> I think you only get in there by invitation....(Channel)
<twb> More likely you need to register your nick
<twb> FWIW I can get there
<JRWR> having a issue with NGINX, nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) after a upgrade from 0.7 to 1.0 same config, i checked netstat -l and it states nothing is on port 80, and i did a simple connect, nothing is on that port -- Ubuntun 10.04LTS
<twb> JRWR: that's [::]:80, not *:80
<twb> JRWR: i.e. IPv6
<JRWR> For the logs, The issue was resloved, Had a extra config from install in sites-enabled
<JRWR> and with nginx [::]:80 listens on ipv4 and v5
<JRWR> v6*
<elz89> I am trying to get 'fuppes' running on ubuntu-server, but I am having some problems. I'm not sure where to start looking for the cause?
<twb> Is this significant?  e1000: eth0: e1000_clean_tx_irq: Detected Tx Unit Hang
<twb> elz89: http://bugs.debian.org/426048
<elz89> twb: I have had a look but I can't see what will help?
<twb> If you want fuppes on Ubuntu you should work with those people to get it packaged.
<jmarsden> elz89: Did you install fuppes from a package?  If not, then doing so might well help.
<twb> jmarsden: I was eliding the "some deb I found" case, because I don't consider it substantially better than "some tarball I found" -- ref. e.g. webmin
<jmarsden> twb: The packages mentioned in that bug should be quite  a bit better than a random tarball, they were at least aiming for Debian/Ubuntu packaging quality...
<twb> jmarsden: mea culpa, I didn't bother to read the whole ticket
<elz89> I  use the GetDeb Apps PPA. The 'fuppes' package is from the repo.
<twb> http://www.ubuntuupdates.org/ppa/getdeb_apps ?
<twb> Ah, http://www.getdeb.net/welcome/
<twb> Sounds like arch-for-ubuntu: "integration testing?  What is that?"
<elz89> twb: your first url was right
<elz89> ever used it, or do you have any ideas how I can fix it?
<twb> I don't provide support for third-party PPAs, but if you can describe the precise issue, it might be something I can help with anyway.
<elz89> To be fair, I am only looking at 'fuppes' because I have used it as part of FreeNAS a while ago. Can you recommend an alternative upnp media server for ubuntu server natty?
<twb> I avoid UPNP because I heard it's basically a big gaping security hole.
<elz89> How else can I stream music to my PS3 then...
 * lickalott researches elz89's host
<lickalott> i kid, i kid...
<elz89> I'm cloaked?
<twb> elz89: apparently you are cloaked: 16:11 *** 311 elz89 ~elz89 unaffiliated/elz89 * Elliot Still
<twb> elz89: and yeah, unless you're going to reflash ubuntu onto your PS3, I don't know how you can make it play your music
<twb> I remember when I first ran into that (with a 360) -- "what do you mean it's not just talking CIFS to the NAS?!"
<rickspencer3> hi all
<rickspencer3> is there an easy way to see what formulas I have available (for ensemble)?
<twb> Hrmph; "formula" sounds like a bit of a mixed metaphor for orchestra/ensemble
<twb> rickspencer3: (I don't know.)
<twb> Surely it should be more like "score"
<rickspencer3> hi twb
<rickspencer3> they are musicians who are also chemists
<rickspencer3> eer, mathematicians?
<twb> rickspencer3: either holds
<rickspencer3> twb, btw, I figured it out
<twb> k
<rickspencer3> you branch the specific recipes that you want to use
<rickspencer3> it was just *too* easy ;)
<uvirtbot> New bug: #822566 in postfix (main) "package postfix 2.8.3-1 failed to install/upgrade: trying to overwrite '/usr/share/apport/package-hooks/source_postfix.py', which is also in package postfix-pcre 2.8.3-1ubuntu1" [Undecided,New] https://launchpad.net/bugs/822566
<uvirtbot> New bug: #822573 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/822573
<elz89> twb: did you have any ideas on fuppes in the end?
<twb> elz89: hmm?  Sorry, no
<twb> elz89: "not my field" or so
<elz89> do you know any good dlna media servers for ubuntu server?
<twb> See above: not my field
<twb> elz89: https://secure.wikimedia.org/wikipedia/en/wiki/Comparison_of_UPnP_AV_media_servers ?
<elz89> twb: OK, thanks all the same.
<twb> I don't understand what the "source control" column of that page means, since it has "FTP" and "HTTP" in there for some rows
<uvirtbot> New bug: #822585 in quagga (main) "Please sync quagga 0.99.18-2 from Debian unstable." [Undecided,New] https://launchpad.net/bugs/822585
<CoreStyx> hello, anybody familiar with ubuntu-server 11.04
<CoreStyx> very specific problem, and I nailed it down on the weekend. does not seem that it was already noticed in that way. It is regarding "mdadm -> RAID1 and on top LVM volume. As soon as lvm sits on top of md0, respectivly no specific file system was created on top of md0 ->udev-work throws inotfy_add_watch(6 ,/dev/md9,10) failed: no such device.
<CoreStyx> This is because udev tries to add some kind of event watcher, which I can not get rid of. Does anybody knows ubuntu so deeply to give an answer to this? I googled... bug/feature...etc. but nobody saw it in this context. All I need to find out how to tell udev to leave md0 as it is, since lvm locks it and of course a watcher can not be installed anymore.
<uvirtbot> New bug: #822613 in etckeeper (main) "etckeeper should depends on hostname" [Undecided,New] https://launchpad.net/bugs/822613
<jasonmsp> Anyone know how to send the F10 key in terminal to close htop?   Im on Ubuntu 11.04 connected to my server which is 10.04/
<Jeeves_> jasonmsp: There's a button on your keyboard
<Jeeves_> labeled 'F10'
<Jeeves_> :)
<jasonmsp> nice..
<jasonmsp> problem is it isn't sending it through the terminal.
<Pici> close htop? I just press 'q'
<jasonmsp> yikes!  I was so channelized on the fact that the F10 key is listed at the bottom for exit that I didn't even try q!  ha.  thanks!
<CoreStyx> nobody here who knows?
<Jeeves_> CoreStyx: You're doing md on top of lvm?
<CoreStyx> the other way around...
<CoreStyx> lvm on top of md
<Jeeves_> Ah, ok
<Jeeves_> That makes more sense indeed
<Jeeves_> Sorry
<Jeeves_> I'm not running 11.04 anywhere
<CoreStyx> did you ever try something like it ?
<Jeeves_> No, I don't really like Ubuntu 11.*
<Jeeves_> So i'm still at lucid
<Ursinha> bom dia
<beric> guys how do I make my package depend on java JDK without specifying implementation ?
<beric> I don't want to force sun jdk or openjdk
<reisi> beric: java5-runtime java6-runtime?
<reisi> beric: or those are for -jre's; for jdk's there seem to be java5-sdk and java6-sdk
<beric> reisi: how can I verify that? apt-get install java6-jdk says no such package
<reisi> beric: java6-*sdk*
<beric> thanks !! :)
<reisi> beric: aptitude show opendjdk-6-jdk | grep Provides:
<reisi> beric: though, i'm no debian packager, but afaik this is exactly what those virtual packages are for
<beric> Yes and that's exactly what I wanted.  I knew there was a virtual package for that but I just couldn't figure out the names.
<kirkland> RoAkSoAx: pong
<lynxman> Ursinha: bom dia!
<Ursinha> lynxman: bon dia :)
<hggdh> Ursinha: good dia
<Ursinha> hggdh: bonjour :)
<hggdh> :-)
<hggdh> Daviey: did you get with Colin? (I am curious)
 * nigelb blinks, looks at channel name, blinks again.
 * RoyK doubleblinks
 * hggdh closes eyes
<Daviey> hggdh: not grabbed him yet
<RoyK> http://xkcd.com/924/
 * Jeeves_ is thinking about tmi
<Daviey> 
<Daviey> /win 2
<jpds>  
<lynxman> smoser: ping
<philsf> Hi, can someone give me suggestions for webmail clients available in Lucid repos?
<philsf> The more user-friendly, the merrier. People here don't like the vanilla squirrelmail
<greppy> philsf: either roundcube or squirrelmail
<lynxman> +1 for roundcube, it looks pretty nice
<Daviey> roundcube doesn't handle very large mailboxes with lots of folders that well.
<greppy> I haven't had any problems with it, what kind of IMAP had problems?
<patdk-wk> roundcube would be simple and easy
<philsf> will check them out, thanks
<CoreStyx> how to report a server bug... 11.04
<RoAkSoAx> kirkland: nevermind :) wanted to know how warm were TX nights
<kirkland> RoAkSoAx: "very"  :-)
<RoAkSoAx> kirkland: hehe feels just like Miami
<Ganymede> Hello. I have an existing CSR and private key with no subjectAlternativeName field. I'd like to add a pair of DNS names as SANs to the pre-existing CSR. I tried something like: "openssl req -new -in original.csr -config test-conf -out revised.csr -key myprivkey.key" and the config file has some stuff in it and a list of the DNS names to go into the SAN field. Does this sound like the correct approach?
<lynxman> hallyn: ping
<bernhard1> is it possible to set up LVM for all partitions except for /boot ??
<_ruben> that's how i setup 99% of all my systems
<Pici> bernhard1: mount a different partition onto /boot/
<RoAkSoAx> kirkland: when you coming btw?
<lynxman> RoAkSoAx: tomorrow
<lynxman> (he just told me)
<kirkland> RoAkSoAx: either this afternoon, or tomorrow
<kirkland> RoAkSoAx: robbiew recommended that I come tomorrow, I think
<patdk-wk> if I setup an lvm system, I set /boot as non-lvm
<patdk-wk> but I am so used to using vm's now, I never use lvm on a vm
<_ruben> patdk-wk: why not?
<patdk-wk> just doesn't seem any use for me, and adds extra complexity
<patdk-wk> if I need to make it larger, grow the vm disk size, and expand partition
<patdk-wk> and the issue I mainly have with lvm, mounting that disk on another system gets to be a pain if they have the same lvm names
<bernhard1> is it possible to set up LVM for all partitions except for /boot ??
<Pici> bernhard1: What part of the answer that I supplied doesn't help?
<RoAkSoAx> kirkland: ok cool ;)
<RoAkSoAx> lynxman: lol
<_ruben> probably the part where his connection had already died... ;)
<patdk-wk> pici, the part that he has a crappy irc connection, and it hasn't timed out yet
<lynxman> RoAkSoAx: hey btw do you have experience with LXC?
<RoAkSoAx> lynxman: nope unfortunatlely :(
<lynxman> RoAkSoAx: dang, trying to get ahold of smoser :)
<RoAkSoAx> lynxman: zul hallyn might be able to help you too
<zul> RoAkSoAx: i already beat him over the head with the lxc stick this morning :)
<bernhard1> <Pici> can you repeat your answer i was disconnected..
<RoAkSoAx> zul: hahah good :)
<lynxman> RoAkSoAx: it's out of zul's range and hallyn doesn't reply either :]
<Pici> bernhard1: <Pici> bernhard1: mount a different partition onto /boot/
<robbiew> zul: you cry from the beauty that is Milbank, yet
<lynxman> robbiew: he does :)
<zul> robbiew: a single tear went down my cheek
<hallyn> ~>
<hallyn> ~>
<hallyn> ~>
<hallyn> sorry
<hallyn> lynxman: hi
<lynxman> hallyn: hi o/
<hallyn> lynxman: i'll be slow responding, whats up?
<lynxman> hallyn: I have an issue with LXC and several people here pointed me in your direction
<lynxman> hallyn: got openstack + LXC running, all good except that when I try to start an instance the instance complains about lack of permissions, for example for creating dev entries
<lynxman> hallyn: have you found this problem before and if so, any suggested solution path or places to look further?
<hallyn> lynxman: you probably need to add whitelist entries to the devices cgroup for the container
<hallyn> you can set those in the contianer config file
<hallyn> (and/or in the one used at container create time)
<lynxman> hallyn: cool, will look into that
<zul> hallyn: libvirt though
<lynxman> zul: that's true, it's libvirt
<hallyn> zul: lynxman: oh!
<hallyn> sorry, libvirt is not extensible like that.  so you'll have to change the whitelist at run-time
<lynxman> hallyn: hmm okay... so how can I do it? =)
<hallyn> switch to liblx?  :)
<hallyn> lynxman: look at /proc/$$?cgroups for a task in the container,
<hallyn> get the path for the devices cgroup,
<hallyn> and then echo something like "c 1:3 a" > /sys/fs/cgroup/path/to/cgroup/devices.allow
<hallyn> (if youwant /dev/null access:)
<hallyn> substitute b for block, and maj:minor
<lynxman> hallyn: cool!
<hallyn> lynxman: but talk to zul, i thought he had a patch for using lxc.sf.net with openstack
<zul> hallyn: almost....not ready yet
<lynxman> hallyn: I have him sitting just in front of me
 * lynxman stares at zul
<hallyn> careful with those daggers
<hallyn> ok, thx, lemme know if you have problems :)
<lynxman> hallyn: he has a huge ruler, like... 70cms long
<lynxman> hallyn: thanks :)
<Ursinha> 3g for the rescue
<Ursinha> (or not)
<robbiew> zul: Daviey: DMB opening (wink wink)
<robbiew> lol
<zul> robbiew: uh huh :)
<robbiew> zul: just sayin...would be nice to have some more server folks ;)
<robbiew> we gotta represent!
<zul> dont you have to nominate people?
<Slyboots> AFternoon folk
<Slyboots> Anyone here familure with Mdadm?  Using a RAID6 array and added a disk to the array and "Grew" the array into it.
<Slyboots> But its giving an ETA of 6000mins..
<Slyboots> BDoes that sound right?
<Ursinha> lynxman: hey, you really should be assigned to bug 807233?
<uvirtbot> Launchpad bug 807233 in mcollective "mcollective not working with rabbitmq" [Undecided,Incomplete] https://launchpad.net/bugs/807233
<lynxman> Ursinha: I marked it as incomplete I think... let me have a look
<Ursinha> lynxman: yes, you did, but you're also assigned to it
<lynxman> Ursinha: ah okay, I'll assign it to myself then :)
<RoAkSoAx> adam_g: you in london yet?
<lynxman> Ursinha: ah I did already :D
<lynxman> Ursinha: the guy didn't reply so I reckon I can close it?
<Ursinha> haha but why? are you going to work on that?
<Ursinha> lynxman: I believe you should wait for him to reply... if not, the bug will expire
<lynxman> Ursinha: I asked for more info but he didn't reply, that's why I'm asking, first time I got one bug hanging
<MTecknology> Any ideas how I could force a cups job to retry printing and tell me what caused it to fail if it does?
<Ursinha> not sure what to do there (why the bug isn't set to expire?)
<RoAkSoAx> kirkland: so we'd need a new package to install the ensemble related stuff right? such as ubuntu-orchestra-ensemble ?
<lynxman> Ursinha: not me either :D
<kees> win w
<kees> hmmm
<adam_g> RoAkSoAx: yessir
<RoAkSoAx> adam_g: cool. were you able to deploy openstack yet?
<jasonmsp> anyone know why an update to .bashrc might not take effect even after exiting and logging back in or typing bash?
<Slyboots> Right, obviously something was wrong since.  Well mdadm segfaulted
<Slyboots> and it appears to have crashed my entire array
<Slyboots> So now Im kind of panicing to try and fix this :P
<Slyboots> Anyone any tips?
<cjwatson> would anyone be able to sanity-check a libvirt patch for me?  http://paste.ubuntu.com/661171/
<cjwatson> checking that libvirt still works with that would be nice if possible; I don't use it myself ...
<Slyboots> Anyone?
<Slyboots> I've tried to rebuild the array, but its showing all the disks as "Inactive" and "Spares"
<Slyboots> Im guessing thats *really* bad#
<davros> wtf why wont applications open. stupid kde
<Slyboots> I would just like to take this moment to say *fuck* you mdadm
<Slyboots> x.x
<Myrtti> now now, no need for harsh language
<kirkland> RoAkSoAx: actually, I'm about to head over to the sprint
<kirkland> RoAkSoAx: can be there in ~25 minutes;  what time are ya'll breaking for lunch?
<RoAkSoAx> kirkland: supposedly in 10 mins
<p3rsist> Hey guys, what tool do you use for db (postgreSQL) clustering?
<kirkland> RoAkSoAx: okay, i'll call you and find out where to meet
<RoAkSoAx> kirkland: cool, though the meeting rooms are in the ground floor to the right of the lobby,  and we should be right there i think
<kirkland> RoAkSoAx: are ya'll going out for lunch?
<Slyboots> OK, so Mdamd has screwed me over and killed my array x.x
<RoAkSoAx> kirkland: no lunch is suppodsedly in the hotel
<hggdh> hallyn: do you see a chance of getting https://bugzilla.redhat.com/show_bug.cgi?id=601494 into Natty?
<uvirtbot> bugzilla.redhat.com bug 601494 in kvm "qemu-io: No permission to write image" [Medium,Closed: errata]
<_johnny> hi, any matlab wizards here? :)
<hallyn> hggdh: yeah i think so, though it depends on exactly what the fix was
<hallyn> hggdh: have you looked at the rpm source to see what exactly they fixed?  (git log for qemu isn't glaringly obvious)
<hggdh> hallyn: will grab it & look. The bug it
<hggdh> self is amazingly lacking in details
<hggdh> hallyn: all of that because I was giving your make_kvm_vm a go & changing it a bit :-)
<hallyn> hggdh: eh? :)  actually vm-new from ubuntu-qa-tools should soon work the same way (auto-pulling down of mini-iso) as my make_kvm_vm
<hggdh> ah, cool. I will consolidate myself on the u-q-t, then
<RoAkSoAx> kirkland: http://pastebin.ubuntu.com/661323/
<RoAkSoAx> kirkland: http://paste.ubuntu.com/661320/
<hggdh> hallyn: well, anyway qemu-img does not seem to work on natty, at least for qcow2 (have not tested other formats)
<RoAkSoAx> kirkland: http://pastebin.ubuntu.com/661331/
<RoAkSoAx> kirkland: lp:~andreserl/orchestra/ensemble
<hallyn> hggdh: qemu-img, or qemu-io?  I use qemu-img all the time on natty...
<hggdh> hallyn: qemu-img
<hggdh> weird
<hggdh> hum
<hallyn> hggdh: i can qemu-img on my natty netbook right here.  but qemu-io indeed does not work for me
<hallyn> hggdh: would you mind filing a bug?
<hggdh> hallyn: will do. That's interesting. And this is a brand-new Natty install (gave up on oneiric), I had to bloody format the HD
<hggdh> hallyn: I am starting to suspect local FUBAR -- I can qemu-img create on the local dir
 * hggdh goes find out WTH is going on
<dkn> can i pip contents of a file into chmod if i wanted to change the group owner of a bunch of different files and directory?
<dkn> pipe*
 * hggdh uses part of the time to blame the laptop manufacturer
<dkn> i know i can use find / -group thegroupname but how can i pipe that into sudo chmod :newgroupname [pipe from find here??]
<dkn> i have like 500 files to change...
<Ursinha> robbiew: hey, want to have that call?
<uvirtbot> New bug: #822394 in samba (main) "package smbclient 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/822394
<RoAkSoAx> kirkland: http://pastebin.ubuntu.com/661386/
<JRWR> Im having a issue with nginx/1.0.5 on ubuntu 10.04.3LTS with add_after_body, Its not grabbing the contents and adding it to the pages, here is my main server block http://pastebin.com/Dqr0CsNS and other configs http://pastebin.com/Vb7AR3TB
<robbiew> Ursinha: hey...sorry...had to go pickup a rental van for jcastro
<Ursinha> I was about to ping you again :)
<fbc_> How do I install the xslt-filter on my server? I installed libapache2-modxslt and reloaded, but my application still fails. a2enmod does not show it on the list. How do I enable it.
<fbc_> ?
<Xptical> Hi all.  What is a good base for a free VM server?  I've used Virtual Box and VMWare.  I'm looking at Zen right now.  Any other really awesome VM servers?
<e_t_> Xptical: kvm is very good, though graphical tools are seriously lacking.
<Xptical> I'm more of a CLI guy anyway.  I just want something that will allow me to quickly spawn guests and install them from an ISO.  Or to quickly clone a guest to another guest.
<sw0rdfish> heya guys.......can I have two web servers running on the same vps?
<RoAkSoAx> smoser: ping
<Xptical> Being able to pass options like hostname and root/password would be great
<nzkoz> Hey guys, I just want to follow up on a fix for a critical / high bug affecting memcached on lucid.  https://bugs.launchpad.net/ubuntu/lucid/+source/memcached/+bug/637114
<uvirtbot> Launchpad bug 637114 in memcached "Large multiget requests randomly broken" [High,Fix released]
<nzkoz> I've tracked the problem down and outlined the fix, but not sure who to nudge to get it shipped / reviewed?
<e_t_> Xptical: Check out LXC or OpenVZ. I've set up LXC and can create a new machine in about five seconds. I've heard, however, that OpenVZ is better for production.
<e_t_> sw0rdfish: You can run a dozen web servers if that's what you want. However, only one can bind port 80 at a time.
<sw0rdfish> I see.
<sw0rdfish> can I use other ports for http purposes, e_t_ ?
<e_t_> sw0rdfish: Of course. You can run HTTP on port 22 or SSH on port 80. You can use any port number (that's not already in use on your box) between 0 and 65535, but 0 - 1023 are so-called "well known ports" and certain services are expected at those ports (http://www.iana.org/assignments/port-numbers).
<sw0rdfish> cool cool.....I just wanna experiment on both apache2 and nginx :)
<sw0rdfish> thanks e_t_
<chi> hello, I am having issues getting grub/grub2 installed on a software RAID1 from ubuntu server 10.04.  I get the following error: Executing 'grub-install /dev/sda' failed.
<chi> meh not worth the wait
#ubuntu-server 2011-08-09
<lifeless> whats the recommended thing to use to expose an ubuntu server over iscsi (e.g. as backend storage for a cluster of vmware machines)
<lickalott> samba?
<squidly> does anyone know how to configure an x346 servraid-7k controler?
<Patrickdk> lifeless, I dunno if I would do that using iscsi
<Patrickdk> as ief isn't that great
<Patrickdk> I stick with just nfs
<lifeless> Patrickdk: a friend of mine was asking... they are a windows shop, just getting their toes wet with Ubuntu
<Patrickdk> and vmware cluster?
<lifeless> Patrickdk: *shrug* :P
<Patrickdk> I dunno why you would spend all that money on vmware licensing to use a selfmade backend like that
<lifeless> good questions
<Patrickdk> ya, the only iscsi that is *in* ubuntu is ief, and it works, and does a good job
<Patrickdk> but isn't up to the job of vmware over substained usage
<lifeless> is the iscsitarget ief ?
<Patrickdk> oh, iet :)
<Delerium_> Hi guys, at bit off-topic ... my monitor (Samsung P2370HD) just died ... wondering if some of you have shop for a monitor recently and have suggestions? (Looking for a monitor with Tuner + Speaker if possible)
<Patrickdk> lifeless, scst is suppost to work good :)
<Patrickdk> but you have to compile and patch and build yourself
<lifeless> Delerium_: I bought a new dell recently, 24" 1080p, its sweet
<Delerium_> lifeless, do you have the model not so far away!?
<lifeless> Delerium_: no idea :)
<Patrickdk> the dell ones I use, are p2211h
<Delerium_> lifeless, haha! I'll take a look, thanks
<Patrickdk> but no tuner
<Delerium_> Thanks Patrickdk, will take a look too...
<Ganymede> Had a headless machine that's been running fine for years, turns off when I issue a "poweroff" command, turns back on when I press the power button. But today, I hit the power button and it just wasn't coming back up, even after trying a few times; it wouldn't respond to ARP requests or anything. So an hour later, I finally got a console hooked up to it and it turns out it was at the GRUB menu just waiting for me to hit enter, not even a
<Ganymede> "Will select default choice if no input after 5 seconds." Does anyone know why it would suddenly decide to require user input to boot? After manually booting it once, it seems to be fine again.
<squidly> Ganymede: I've had that happen to me on several systes as well
<squidly> not just ubuntu but debian as well
<Ganymede> Hmm...it's very unfortunate. Would hate to have a large power-outage and then find out I have to run to tens of servers to manually boot them...
<squidly> yea I konw what you mean
<squidly> I've been looking for a solution but have not found one yet
<Ganymede> Might be related to a hardware change. I did pop in a new drive before booting it back up but I never imagined that would cause it to not boot normally, even after the new hard disk was removed and the machines was powered on again.
<squidly> Ganymede: it's not for me.
<stuntmachine> I'm curious about what is considered the "right" way of setting up an Ubuntu virtualization server.  I recently tried Proxmox, but I'd like to use something that doesn't insulate me from what's happening so much.  Also, Proxmox is based on pure Debian.  I'd rather use Ubuntu as my OS.
<stuntmachine> It seems like the landscape (no pun intended) is dynamic right now, with KVM, OpenVZ, Eucalyptus, OpenStack (to name a few) all involved.
<kural> hello
<kural> I have ubuntu-11.04-server-i386.iso , using jigdo can I download oneiric-server-i386.iso to save on bandwidth.
<uvirtbot> New bug: #823046 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/823046
<jdevel> I'm looking to control mysql's logs a bit.. I was hoping there was some functionality I haven't been able to find yet to limit the information that is logged when the general log is enabled.
<jdevel> right now mysql logs everything fine, however the log files grow very fast when enabled(general_log), I really only want to log authentication.. in particular failed attempts
<jdevel> does anyone have any experience limited that output into the log?
<johna> Help, cannot get 1 of my servers to connect to network. eth0/eth1 up,  FW ports open,ok, all HW ok.
<memoryleak> johna: you can ping to an ip?
<johna> memoryleak: no, I cannot ping from another sys, or from the router! everything on the srvr seem to be OK, but no connection.
<johna> memoryleak:  server was working fine, had minor problem with raid lost a drive, replaced it everything seemed fine, installed smartctl and suddenly we cannot connect.
<memoryleak> uhm, sounds bad
<memoryleak> any messages in the syslog?
<johna> memoryleak: nothing!! I have looked every where I can think of for some hint of whats up, completely baffled!!!
<memoryleak> In this cases I reboot and look at the messages on the screen first. If this doesn't contain any usable information I would try to for example wget *something* and see what wget says to you
<memoryleak> or try the wget thing first
<johna> memoryleak: from inside the server everything looks OK, eth0/wth1 are recving packets, just the don't go anywhere, conection both inbound and out is blocked!
<memoryleak> sure about the fw configuration?
<johna> memoryleak: I have set it to accept everything from everywhere, turned on logging - nothing shows up in any log. its as though there is disconnect between eth0 and the rest of the system!
<johna> memoryleak: ditto fot eth1
<memoryleak> what about routes?
<johna> memoryleak: Interesting point!
<memoryleak> https://help.ubuntu.com/10.04/serverguide/C/network-configuration.html helps sometimes to get an idea what else could be the problem
 * ogra_ tickles Daviey 
<johna> memoryleak: routes look fine, I'll take look at the debugging stuff again, see if I have missed something, but at this moment I am beginning to think reinstall!!
<memoryleak> ptrace could help to figure out where exactly the error occours
<daxroc> What's the new ubuntu package management feature where you can script software profiles ?
<euphor][a> hi guys
<euphor][a> what is the preferred option for sendmail for Ubuntu servers?
<euphor][a> sSMTP?
<CloudAche84> hi
<CloudAche84> does anyone know what the smallest footprint I can get Oneiric server  down to is?
<CloudAche84> My installs are around 17GB at the moment
<CloudAche84> Need to be able to preseed
<johna> memoryleak:  I'll give ptrace a try, but at the moment I am completely baffled, keepthinkingHW, but I have found I can ping some addresses, look like FW, but turning it off doesn't help????
<memoryleak> johna: What about /etc/resolve.conf?
<_ruben> CloudAche84: 17GB??
<CloudAche84> sorry thats rubbish
<CloudAche84> it's less than that
<CloudAche84> hold on
<_ruben> ive intalled tons of systems on 2g flashdisks
<CloudAche84> hmm
<_ruben> and preseeding has nothing to do with sizes really
<CloudAche84> I think it is around 15GB actually
<_ruben> a standard server install takes about 1g
<CloudAche84> hmm
<CloudAche84> well I'm using the NetBoot image which downloads it's packages from gb.archive.ubuntu.com so there must be some preseed setting to tell it not to install too many packages
<_ruben> to get to 15G you install a ton of extra shit
<_ruben> you sure you install -server and not -desktop (tho even -desktop shouldnt be that large)
<CloudAche84> no
<CloudAche84> how do I tell
<CloudAche84> maybe Im being an idiot
<_ruben> well, how *do* you do the install exactly :)
<_ruben> and the kernel you end up with a clear indication, and the presence/lack of X
<baffle> CloudAche84: Define "server". A small installation should fit in a couple of 100Mb.. 300Mb maybe?
<CloudAche84> hmm
<baffle> CloudAche84: Remember that the "Server" installation might install a lot of crap as well. I usually don't select any roles, and just install a small OS. Look up JeOS as well.
<jpds> CloudAche84: Certainly not gb.archive's fault.
<CloudAche84> no
<CloudAche84> but when you install normally you can select a size
<CloudAche84> I think I just need to figure out how to seed that
<CloudAche84> _ruben: I netboot from dhcp with urle=xxx.xxx.xxx.xxx/preseed.cfg
<CloudAche84> preseed file here: http://pastebin.com/7xgVTR2a
<_ruben> i see nothing -server specific there
<CloudAche84> no
<CloudAche84> I kind of assumed that the netboot files would be server
<CloudAche84> but maybe not..
<CloudAche84> It hasnt installed X though so I that also made me assume it was server
<johna> memoryleak:  resolve.conf looks fine! I think its time for a reinstall i've tried just about everything else!
<uvirtbot> New bug: #823182 in nova (universe) "nova-network vlan mode needs to work in single machine scenario" [Undecided,New] https://launchpad.net/bugs/823182
<Bernhard> How can i setup a new server with /boot not on LVM and the rest on LVM.. i cant seem to find to good guide..
<_ruben> Bernhard: nothing special about it: create 2 partitions, format one as ext2 or your favorite fs, use the other to create a vg on it
<uvirtbot> New bug: #801262 in pep8 (universe) "[MIR] pep8" [Undecided,Fix released] https://launchpad.net/bugs/801262
<uvirtbot> New bug: #805608 in python-decorator (main) "[MIR] python-decorator" [Undecided,Fix released] https://launchpad.net/bugs/805608
<hallyn> RoAkSoAx: kirkland: if you have occasion to test kvm on oneiric with kvm-pxe, would you mind trying with the .deb from https://launchpad.net/~serge-hallyn/+archive/virt and letting me know if anything breaks?
<hallyn> good morning hggdh
<hggdh> hallyn: good morning
<_johnny> anyone who can explain how one can verify a HMAC signature?
<Martyn> Sure : http://www.doughellmann.com/PyMOTW/hmac/
<_johnny> Martyn: i came from there, but it only mentions how to compute the hash - not verify it
<robbiew> first time zul visits millbank and they riot in London...coincidence?
<zul> robbiew:  i been busy at nights :)
<Ursinha> lol
<Ursinha> team is sprinting, no meeting today?
<nigelb> robbiew: so that's what the sprint is all about? :P
<Ursinha> robbiew: btw, are you all ok?
<zul> robbiew: im going to lock myself into my hotel room tonight under the covers with a cricket bat
<robbiew> Ursinha: I'm just fine...b/c I'm in Austin ;)
<Ursinha> ah, true. hahahaha
<ogra_> nigelb, well, the sprints were renamed to "rally" though by the looks of it, zul's looks more like a torch relay
<nigelb> ogra_: hehe
<zul> you can see the smoke from one of the affected areas from millbank
<zul> quite exciting
<david__> I just updated security/limits.conf, how can I make the settings apply without rebooting?
<david__> and what's the default open file limit ?
<david__> 1024 ?
<nigelb> zul: Are everyone working at Millbank okay?
<nigelb> Like, around where they live.
<zul> i think so
<lynxman> nigelb: some live in affected areas but everyone's fine and no personal harm to account :)
<nigelb> that's good to hear!
<lynxman> hallyn: ping
<lynxman> nigelb: yeah :) just crazy stories to tell at lunch time, hehe
<david__> or does it apply as soon as it is saved ?
<lynxman> david__: afaict you need to log in/out of the user that you applied the limits to, if it's system wise you need to reboot
<lynxman> david__: and you can check the current parameters for any user using "ulimit -a"
<david__> In this case it's for a daemon that is running on the server
<lynxman> david__: so reboot :)
<david__> trouble is, it's a HP Proliant GL380 G7, they take 5 minutes to get past the damn post screen and it's a prod server
<lynxman> david__: use a maintenance window then ;)
<david__> That would break my 100% uptime since 20 months :(, oh well. I'll use a maintenance window
<SpamapS> uptime of 20 months is a really bad idea in most cases. ;)
<SpamapS> Means you haven't tested your bootup in 20 months.
<david__> SpamapS, I agree that sometimes we must reboot because of Kernel bugs
<robbiew> smoser: utlemming: ping
<SpamapS> david__: or to fsck your root fs
<smoser> robbiew, here
<david__> I subscribe now to the ubuntu mailing list for security issues, most issues apply to "local user can exploit" or services that are not on my machines, so that way I am safe.
<david__> Why must I do fsck ?
<SpamapS> bugs.. bit rot..
<SpamapS> david__: google for the livejournal power failure story to know why you need to test bootup regularly
<lynxman> david__: if you haven't booted in 20 months it means that your kernel is exposed to 20 months old bugs reported and known, not the best idea
<david__> Do you guys read the security warnings about the kernel ?
<patdk-wk> yes
<lynxman> david__: religiously
<patdk-wk> I also watch to make sure versions of the kernel aren't missing in the release
<david__> ok, I used to blindly update my servers, but found it to be a real pain. I usually read the security bulletins and apply updates if they affect my servers. I only run LTS versions of Ubuntu ( desktop, laptop and servers )
<lynxman> david__: what I normally do is apply the security updates, then review the normal ones and withold the ones that affect running services (apache, php, mysql, etc) until I've tested a proper upgrade strategy that I can apply in a maintenance window
<david__> even if a security updates says "remote user could exploit flaw in x24..." and you don't use x24 ?
<lynxman> david__: yes
<lynxman> david__: security updates are a must, otherwise they wouldn't be security updates
<david__> why ? It causes unnecessary downtime and creates more work for you ?
<lynxman> david__: I trust that the Ubuntu security team are tagging those updates as important because they are, and they wouldn't be necessary unless you had the package installed, so...
<david__> But if the security update doesn't affect a service on your server, why update it ? Isn't that the point of detailing the security issues in the email ?
<lynxman> david__: if it's not a service in your server then why you have the package installed? it's silly :D
<hallyn> lynxman: what's up?
<david__> I have the kernel installed, there were a number of flaws reported in X24 recently, my servers don't use this. ( not even sure what it is ), why would I update the kernel which has a bug in a component of the kernel that I am not using ?
<david__> btw, I am not trying to start a flame war, I am trying to understand your point of view*
<lynxman> david__: I think I explained it extensively enough already :)
<lynxman> hallyn: hey! We identified several issues with libvirt + lxc + openstack with smoser
<lynxman> hallyn: wanted to know if you know a way or have a script to deploy an image directly on lxc without jumping through all those components, it's just to try to identify what's wrong at each level
<hallyn> lynxman: what does 'deploy an image' exactly mean?
<hallyn> an existing rootfs in some format?
<hallyn> normally we create one using the ubuntu lxc template (which uses debootstrap)
<hallyn> but you can just mount the rootfs,
<lynxman> hallyn: yes, I already have the rootfs deployed, just try to start it directly through the container manager
<hallyn> chroot into it, install the lxcguest package,
<hallyn> zul's done it before
<david__> ok, the security advisory sent last night says "Neil Horman discovered that NFSv4...." and as a result they want me to do a kernel update, but I don't use NFSv4, but I do have the kernel installed.
<hallyn> once you install the lxcguest package, a regular lxc config should work for you
<lynxman> hallyn: cool, I think the latest oneiric images already do that?
<hallyn> do what?
<lynxman> hallyn: install lxcguest as part of the uec image
<hallyn> maybe a lxc-import-rootfs script would be useful
<hallyn> could be
<hallyn> if so, zul or SpamapS did it :)
<lynxman> hallyn: yeah something like that is what I was talking with smoser about
 * lynxman raises head and looks at zul
<lynxman> yeah zul did it, he's a good guy :)
<hallyn> lynxman: my recommendation for now, would be create an ubuntu oneiric container, then copy that config over to use your uec rootfs
<lynxman> hallyn: yeah that's what I wanted to proceed with, was just wondering if you had the process streamlined in a script somewhere :)
<hallyn> (lxc-create -t ubuntu -f /etc/lx.conf -n u1;  then rm -rf /var/lib/lxc/u1/rootfs/* and rsync your uec rootfs back into /var/lib/lxc/u1/rootfs)
<hallyn> nope
<hallyn> oh!  ask SpamapS
<hallyn> he has a template made for that actually
<hallyn> it's sitting somewhere...
<lynxman> SpamapS? Do you have a cool toy for this? ;)
<lynxman> hallyn: nice :)
 * hallyn takes a big sigh and opens his imap folder...
<image_q> hi, I am trying to install a program in limux 10.4 and have dependency issues with libpq5 and libpq-dev. I tried looking around but it seems like verion 9.0.1 was the last version they released this lib in. I tried compiling the newest version through rpm, but that proved useless as well. any help? http://pastebin.com/9tgHEuiy
<lynxman> hallyn: good luck with that
<image_q> I am on ubuntu 10.4 64bit
<SpamapS> sorry what?
<lynxman> SpamapS: lxc container generation
<SpamapS> from uec images?
<lynxman> SpamapS: yesh
<SpamapS> the default templates in oneiric are much faster. :)
<lynxman> SpamapS: which are located in... ? :)
<SpamapS> http://bazaar.launchpad.net/~clint-fewbar/ensemble/lxc-container/view/head:/debian/lxc-natty-uec
<SpamapS> thats an lxc template that uses the natty UEC image
<lynxman> SpamapS: cool, thanks :)
<image_q> does anyone know the package manager link which has the newest version of apache in it?
<NCommander> Daviey: did we have a plan to put LXC in the task list for server?
<smoser> adam_g, http://archive.ubuntu.com/ubuntu/dists/oneiric/main/installer-amd64/current/images/netboot/
<image_q> does anyone know how to install libpq-dev on ubuntu 10.4 64bit?
<TheEvilPhoenix> image_q:  does it not exist in the repos?
<image_q> nope
<image_q> the last repo it existed on seems to be 9.0.1
<image_q> "The following packages have unmet dependencies:
<image_q>   libpq-dev: Depends: libpq5 (= 8.4.8-0ubuntu0.10.04) but 9.0.1-1~lucid is to be installed"
<image_q> thats the message I got from the apt-get
<image_q> its actually libpq5 I guess
<image_q> I any ideas?
<Daviey> NCommander: not as far as i know
<Daviey> NCommander: is there a reason to do so.
<Daviey> ?
<NCommander> Daviey: ARM? :-)
<Daviey> NCommander: I don't have an opinion either way TBH.
<ArtworkAD> hi
<ArtworkAD> anybody there?
<hggdh> ArtworkAD: there are always people here. Please just ask your question, somebody that knows the answer will reply
<ArtworkAD> well I installed redmine and want to map a subdomain to the redmine folder, so in apache2/sites-available/ I have following file http://pastebin.com/KsaX6Bz9 , but each request is still routed to the default plesk page
<ArtworkAD> why?
<patdk-wk> sites available isn't used
<patdk-wk> only sites-enabled
<ArtworkAD> well in this folder I have the same redmine file
<Pici> sites-available is only used by a2ensite.
<patdk-wk> after you edited,changed,..., you restarted apache right?
<ArtworkAD> right
<ArtworkAD> sudo service apache2 reload
<robbiew> we meeting today?
<gtaylor> Is anyone here using orchestra? I can't for the life of me find any useful documentation.
<kirkland> gtaylor: http://blog.dustinkirkland.com/2011/08/formal-introduction-to-ubuntu-orchestra.html
<smoser> lynxman, where are you? can you talk about lxc ?
<gtaylor> kirkland: That's not documentation
<lynxman> smoser: in my desk at Millbank about to have the team call, going your way :)
<gtaylor> kirkland: Appreciate you taking the time to write that up, but it is really really lacking in an obvious "Go here for documentation" link
 * kirkland goes back to work
<gtaylor> Like saying "I have this really cool shiny new thing, but I'm not going to tell you how to use it :)"
<kirkland> https://wiki.ubuntu.com/Orchestra
<Martyn> Sorry, was out
<Martyn> Back
<gtaylor> kirkland: OK, I have a list of components. Now what?
<Martyn> I missed a message, somwhere
<Martyn> gtaylor : So you're looking for a howto?
<Martyn> gtaylor : Or an operators manual?
<gtaylor> Martyn: That and maybe some reference material. We're trying to evaluate a few different deployment methods, and I'd like to tinker with orchestra.
<gtaylor> It looks cool, I'm just not sure where to get started.
<kirkland> gtaylor: we're still working on the implementation, haven't gotten to the documentation yet
<gtaylor> kirkland: That's OK, but maybe consider updating your article to reflect that, since it's the current highest ranking content on Google.
<Martyn> and the documentation is going to be spread a bit ..
<Martyn> the first thing you need to wrap your head around is cobbler...
<kirkland> SEO FTW!!!!
<gtaylor> heh, yes
<gtaylor> just to prevent frustration and people writing off your product after the "formal announcement"
<kirkland> gtaylor: i'd hope to have such documentation polished by 11.10 release
<gtaylor> kirkland: That's cool. I'd even be inclined to help, as I'm a doc writer nerd, but I'll keep an eye out for an eventual rough getting started guide.
<kirkland> gtaylor: but right now, we're heads down working toward a Beta1 release (and up against feature freeze this week)
<kirkland> gtaylor: here's the quick/dirty:
<kirkland> gtaylor: a) install Ubuntu 11.10 server, sudo apt-get install ubuntu-orchestra-server
<kirkland> gtaylor: when that's done, b) point a browser to that machine, log into the cobbler interface add some machines by hand
<kirkland> gtaylor: Daviey is working on a program to auto register new machines, but that ain't ready yet
<kirkland> gtaylor: c) install some systems
<kirkland> gtaylor: we're also working on Ensemble integration (wave to RoAkSoAx and fwereade), for managing Orchestra workloads
 * fwereade waves
<gtaylor> kirkland: OK, and just to ask what may be a silly question, this is likely to translate over and work decently on something like Amazon EC2 or Rackspace?
<kirkland> gtaylor: um, no, not likely, as installations are performed over pxe
<kirkland> gtaylor: systems in amazon and rackspace are already installed
<gtaylor> kirkland: Ack. OK then, I misunderstood the application.
<gtaylor> Cool idea, though. Sounds neat.
<kim0> Will 11.10 be supporting ARM officially?
<robbiew> kim0: yrs
<robbiew> yes
<kim0> cool, fixing docs :)
<adam_g> j/win 18
<hallyn> kirkland: ipxe is in main now - woot
<kirkland> hallyn: sweet
<hallyn> now we can make qemu-kvm depend on it :)
<hallyn> though i've not tested it
<pmatulis> what's the story with KVM and alternative PXE s/w such as gPXE or iPXE?
<orudie> hi. how can I install IMAP module for PHP Installation on ubuntu 10.04 ?
<pmatulis> !info php5-imap | orudie
<ubottu> orudie: php5-imap (source: php-imap): IMAP module for php5. In component universe, is optional. Version 5.3.5-0ubuntu1 (natty), package size 36 kB, installed size 164 kB
<orudie> pmatulis, thanks
<cdeszaq> Hello. I just did a clean install of Ubuntu Server 10.04 with a LAMP stack and Tomcat installed out of the box as a development test server. I need to be able to hit the MySQL service running there from a remote machine, but I can't seem to get through. I've tried commenting out bind-address and skip-networking isn't in the my.cnf file, but it still doesn't work.
<cdeszaq> When I comment out bind-address or change it to anything other than the localhost IP, I can't seem to restart the mysql process. sudo /etc/init.d/mysql restart just hangs. Is there something else I need to do?
<cdeszaq> Also, if it matters, this server is running as a VM with 2 network interfaces. eth0 is a NAT interface, and eth1 is a host-only interface with a static IP (192.168.159.101), which is the IP I would like to use to connect as I develop on the host machine
<Gxt4> Hello all , I was wondering about something , as it is now , the moment load average gets too high , the systems starts killing of processes. Is there a way for it to do kill STOP 's instead when that happens ?
<uvirtbot> New bug: #823462 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/823462
<gadgetdevil> Howdy, I am trying to implement Ubuntu Enterprise Cloud. I can not get any of my nodes to connect, and after running euca_conf --deregister-cluster my cluster name still shows up in /etc/eucalptus/eucalptus-cc.conf
<cdeszaq> Wow...I feel like a fool. The problem with MySQL not starting properly was an accidentally deleted "#" in the header comment of the my.conf file.
<free99> anyone do anything with pykota before?
<steviebuns> using Ubuntu 10.04.2 (desktop) as an emergency firewall. Can't get iptables/dnat working except with one public IP address. Ideas? Banging head here.. :(
<uvirtbot> New bug: #823494 in libvirt (main) "Virt-manager upgrade 0.9.0 is not in sync with libvirt" [Undecided,New] https://launchpad.net/bugs/823494
<jetole> Hey guys. I have a server that is querying host.old-domain.com when we have renamed that host to host.new-domain.com. I have checked everywhere I could think of this host for where this name might exist which has included a grep of /etc, /var, /root, /usr/local, all users crontabs, etc but I can't find it. Does anyone know how I can find a way to see what program is looking up this host name?
<jetole> P.S.: I found it in the process of moving old-domain from our internal DNS to a third party provider since this domain is still used for other stuff and the host that is looking up this particular A record is the only one. Gonna retire the A record but want to make sure this host still isn't trying to use it
<hallyn> kirkland: RoAkSoAx: have you used ipxe with qemu-kvm?
<kirkland> hallyn: nope
<hallyn> k
<hallyn> my git-tree-slinging is taking forever, maybe i'll try testing that real quick
<jamespage> kirkland: around?
<kirkland> jamespage: howdy
<jetole> My question can be ignored. I found the answer using tcpdump
<photon> jetole: what was the problem?
<Daviey> yaba-daba-do
<photon> Daviey: I wholeheartedly agree.
<manco1911> hi all
<photon> hi
<manco1911> hi photon
<photon> hi manco1911
<manco1911> photon: im having some issues mounting a network drive on 10.04server.. know anyone specific who could give me a hand ?
<photon> manco1911: I probably cannot help you, but just ask your question and if someone knows the answer, he'll probably provide it to you. and wait for a long period of time (many hours is not uncommon). Feel free to ask the question again some time later.
<manco1911> photon: ok, thank you, i will
<manco1911>  im having some issues mounting a network drive on 10.04server.. does someone knows a bit on mounting/mapping network drives ?
<photon> also, it would not hurt to explain exactly what your issues are.
<manco1911> ok, thats going to probably make things easier. thanks photon
<manco1911> i have a fresh install of Ubuntu Server 10.04. And a router (tplink-1043) wich has a usb port, sharing a ntfs drive on the network. I could mount it without issues with  "//SERVER/SHARE /MOUNT-POINT smbfs guest 0 0" (http://www.automaticable.com/2008-01-18/how-to-mount-a-network-drive-in-ubuntu/), but this doesn't seems to work on my server. Neither using cifs... thanks in advance guys
<manco1911> ok, this is really embarassing. For some reason the shearing service was down on the router. I Just reseted it and now it is working fine. Thanks anyway guys.
<photon> heh
<manco1911> photon: thanks man.
<photon> np
<photon> didn't do anything.
<manco1911> hehe, just that made me realise the problem. Probably if you tried to help me with configs and scripts it would have taken a long time to realize it was this silly thing, ha
<photon> :)
<photon> glad it turned out well for you.
<manco1911> :)
<manco1911> ok, one more, this one is simple..
<manco1911> i really would like to help on the comunity... im not an expert by any means.. but i have recived a lot of help and encuraging from the comunity.. and i think is time to help back a bit..
<manco1911> but i dont really know where or how i can do that..
<manco1911> maybe just by hanging here ? or on the ubuntu channel?
<photon> manco1911: sure. I think trying to help others is always a good thing. but I am in no way affiliated with ubuntu, I'm just a beginner too, so you might ask someone more representative of ubuntu.
<manco1911> ok, thanks photon.
<Facetious> I'm thinking of setting up an external server for some projects I'm working on. It'll need to run git, bugzilla, postgres and a simple GWT web application.(Maximum of 5 users) What kind of hardware would I need? Could I just use an old desktop?
<qman__> depends on the load
<qman__> but with a very light load, you could run that on a pentium II
<qman__> provided you don't mind waiting a few seconds for operations to complete
<qman__> my shell server is a 200MHz K6 w/ 256MB, been running that, LAMP, and several IRC over SSL connections, and a few other miscellaneous services for years
<qman__> login takes a good ten to fifteen seconds, but otherwise it does the job
<qman__> a PII would have a significant advantage over my K6, since a pentium is i686, and my K6 is not
<Facetious> ok, thanks.
<Facetious> I'm thinking more like a 2.0 ghz celeron, so I think I'll be ok
<patdk-lap> man, I don't own anything that slow anymore
<qman__> it's the slowest one I still use
<patdk-lap> my slowest machine is my t8600 laptop
<qman__> I would have replaced it by now, but it just won't stop working
<photon> you're talking about servers at home?
<photon> or renting servers?
<qman__> where several pentium 4 systems and socket As have failed
<patdk-lap> yes, I run server grade hardware at home
<patdk-lap> plug in my rack
<patdk-lap> never liked socket A
<qman__> even lost a couple 939s this year
<qman__> cheap foxconn boards
<patdk-lap> hell, I have fiber san here at my house :)
<qman__> but the K6 just works, hard to argue with that
<patdk-lap> sounds like my old 386dx40
<patdk-lap> that ran as a gateway/router for years
<patdk-lap> cause it wouldn't die
#ubuntu-server 2011-08-10
<stuntmachine> I'm curious about what is considered the "right" way of setting up an Ubuntu virtualization server. Â I recently tried Proxmox, but I'd like to use something that doesn't insulate me from what's happening so much. Â Also, Proxmox is based on pure Debian. Â I'd rather use Ubuntu as my OS.
<stuntmachine> I set up a basic Lucid box with KVM, but I'm not sure if a) that's the best approach, and b) if it is the correct approach, what is the most efficient way to manage it?
<uvirtbot> New bug: #823638 in libvirt (main) "Please put comment in /etc/default/libvirt-bin or remove it from the .deb" [Undecided,New] https://launchpad.net/bugs/823638
<johna> Hi, I have a 11.04 server working (sort of, its a little unstable) and I wondering if i would be better off regressing to 10.04 LTS. Could somebody point me to a description of LTS support - package updates policy?
<kim0> johna: https://wiki.ubuntu.com/LTS
<johna> kimo: thanks
<johna> OK, in the LTS versions do they keep the applications up to date (eg, is postfix kept close to the developers latest version) or is it frozen at the OPSYS release level?
<twb> johna: all releases are stable.  That is, they do not get new versions from upstream, because new versions = new bugs.
<twb> johna: there are exceptions: bugfixes are backported in the <release>-security area, likewise non-security critical issues are fixed in <release>-updates, and some packages have new upstream versions packaged in <release>-backports.
<twb> Also, certain utterly utterly stupid upstreams, like firefox, violate this design because upstream are asses and make life impossible for the Debian/Ubuntu developers.
<johna> twb: HI, I understand that, but having just moved over from Centos which did not incorporate anything new for years, eg. postfix was still on 2.2/3 while the latest is 2.8.  while I might be "happy" to a little behind, but I would prefer not to be using SW from the museum.
<twb> Not my problem.
<twb> If you don't like it, you can run non-LTS releases, or pre-release versions, but IMO both are a recipe for disaster.
<twb> You can also run an LTS release and then, in some cases, cherry-pick packages that you really need to be a newer version, although that requires more experience with apt/dpkg than you probably have at this time.
<johna> twb: is the cherry-picking approach "really" difficult or just RTFM difficult?
<twb> It's "doing this will void your warranty" difficult
<twb> How difficult depends on the package.  For example, eatmydata is trivial to cherry-pick, but mysql is just not gonna happen.
<johna> twb: hell I've been doing that for years, I don't expect to do it very often and I expect if there is some "oscar winner" change then it will be included in the updates. I am more interested in including things like postscreen, or the latest drupal package.
<twb> Granted, since you're coming from RHEL/C5 you're already used to that kind of situation.
<johna> twb: thanks for the info, as LTS releases are ever two years things should not get too far behind. Once again thanks.
<twb> No worries
<jeeves_moss> is there a way to list the NTP servers you have currently in your config, but list them in order of latency?
<twb> ntp -pqn ?
<jeeves_moss> twb, will that list them in order?
<twb> I can't remember what it even does
<twb> There is some invocation that tells you how hot the known peers are
<jeeves_moss> twb, that's what I'm looking for.  I have a bunch in the list, and I was looking for something like NameBench, but for NTP servers
<twb> I can't work it out, but I know it's there
<jeeves_moss> twb, is there such a program like NameBench (that does DNS servers), but for NTP?
<twb> Here we go
<twb> ntpq -p
<twb> And ntpq -pn, inhibits reverse resolution
<twb> ubottu: help memo
<twb> Useless bot
<jmarsden> twb: /msg memoserv help    is probably what you were looking for?
<twb> Yeah, although some channel bots are smarter about it
<twb> Like "foobot: tell fred blah", next time he says something in this channel, the bot will tell him in this channel
<twb> Maybe it's just me, but I don't notice memoserv memos for *months*
<uvirtbot> New bug: #604283 in bind9 (main) "network servers do not listen on 127.0.1.1" [Undecided,New] https://launchpad.net/bugs/604283
<twb> Graahgsdjahgsd
<nigelb> cat on the keyboard detected.
<twb> So <stupid customer> insists on floppy support in their lucid kiosk images
<twb> And I actually get it to work, and doing final UAT today, it turns out to *not work at all anymore*
<nigelb> ouch
<twb> @!&#^*!^@# udisks and polkit
<nigelb> heh
<twb> I can't even just put an fd0 entry in /etc/fstab, because that makes nautilus and friends just ignore it
<twb> udisks is reporting "media not found" despite a simple mount(8) call as root working fine
<twb> And it's a bitch to debug
<twb> Hmm, https://bugs.launchpad.net/ubuntu/+source/udisks/+bug/599915
<uvirtbot> Launchpad bug 599915 in udisks "unable to mount floppy after update (dup-of: 441835)" [Undecided,New]
<uvirtbot> Launchpad bug 441835 in udisks "Clicking on floppy gives "no device media found"" [Medium,Confirmed]
<twb> Looks like ubuntu basically disabled floppy support to speed up gnome on systems without floppy drives
<twb> In an -updates patch
<kural> How is it decided that X version of Ubuntu will be LTS ? Any info folks
<greppy> kural: I think there is a new LTS release every 2 years.
<kural> By micahg@ubuntu-devel  "there's an LTS release every 2 years, 12.04 will be the next LTS "
<simmouk87> How do I recursively zip/tar current directory please?
<memoryleak> tar -cjf /path/ archive.tbz ?
<Jeeves_> The other way aroun, i think
<Jeeves_> tar -cjf archive.tbz /path/
<Myrtti> yup
<Jeeves_> f expects a filename as the following argument iirc
<smoser> hallyn, around ?
<uvirtbot> New bug: #823862 in lxc (main) "lxc-create should provide you with a default config file if not specified one" [Undecided,New] https://launchpad.net/bugs/823862
<hguy> erm...
<RoyK> wtf
<RoyK> seems after a reboot, /sys/devices/system/cpu/cpuX/cpufreq is no longer available
<uvirtbot> New bug: #823876 in samba (main) "package samba-common-bin 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/823876
<uvirtbot> New bug: #823878 in samba (main) "smbd failed to start after system restart" [Undecided,New] https://launchpad.net/bugs/823878
<SpamapS> Daviey: ping?
<Daviey> SpamapS: yup
<TeTeT> anyone else seeing an error when installing todays oneiric server image? kernel can't get install and apt-get reports 'trap divide error'
<SpamapS> Lots of stuff flooding in to beat feature freeze :P
<patdk-wk> tetet, maybe you should be in #ubuntu+1 :)
<Daviey> TeTeT: yes, it was a known issue on yesterday ISO.. we thought it was resolved for the one spun today
<Daviey> TeTeT: Can you confirm you are using the one from today?
<Daviey> patdk-wk: It's a useful development question :)
<patdk-wk> ya, but they normally know the issues with not-released stuff better :)
<Daviey> patdk-wk: They know the stuff better than the developers, wow :-)
<patdk-wk> :)
<TeTeT> Daviey: I d/l cdimages.u.c/ubuntu-server/daily/current -> 64-bit PC (AMD64) server install CD
<patdk-wk> I thought developers where optimistic, it always works for us
<patdk-wk> and users are, it's always broken :)
<TeTeT> patdk-wk: thanks, that channel is missing from my list :)
<Daviey> TeTeT: ok thanks.. I don't think anyone from our side has tried the daily from today yet.
<TeTeT> Daviey: md5sum is at http://pastebin.ubuntu.com/662642
<TeTeT> Daviey: no prob, I just wait another day
<hggdh> TeTeT: server ISO build failed today
<TeTeT> hggdh: oh, thanks
<zul> NCommander: ping can you have a look at libvirt/lxc on arm its not starting properly
<Daviey> TeTeT: I would suggest using A3.
<CloudAche84> would this build issue affect the netboot files too? I have had Kernel issues for the last couple of days on my SANBoot servers..
<TeTeT> Daviey: hmm, where can I d/l that from? Don't see it on cdimages and not on releases
<TeTeT> Daviey: nevermind, found it on cdimages.u.c/releases
<Daviey> TeTeT: groovy
<smoser> soren, http://paste.ubuntu.com/662661/
<RoAkSoAx> Daviey: howdy! So how's things going around there?
<Daviey> RoAkSoAx: "ok"
<Daviey> you?
<RoAkSoAx> Daviey: same.. :)
<Daviey> RoAkSoAx: we could probably do with a talk through using the cobbler provider for ensemble
<RoAkSoAx> Daviey: yeah. Things have changed extensively since I sent the email about it. We are trying to get things working here but Internet connection and not having a mirror has pretty much been a waste of time for us yesterday
<RoAkSoAx> Daviey: since we couldn't even get a machine installed
<RoAkSoAx> Daviey: but that should be done today, and we should be able to deploy stuff with ensemble
<elz89> I'm new to ldap, and I am wondering if I set my FQDN to hostname.localdomain.local or hostname.externaldomain.com? I have recently bought my own .com domain name, and pointed it to my server.
<patdk-wk> in ldap?
<patdk-wk> it doesn't matter, it's just organizational info
<patdk-wk> but if programs make assumptions about how it's organized
<hallyn> smoser: no, i wasn't.
<hallyn> smoser: 'sup?
<elz89> patdk-wk: so should I just set it up locally, because my dhcp server's search domain is already set that way to .local
<patdk-wk> heh?
<patdk-wk> what does dns have to do with ldap?
<ikonia> depends what you use as a resolver
 * patdk-wk is confused if we are talking about dc's, or the name of the ldap server
<ikonia> and depends if your resolving your ldap directory domain, or your dns resolver dns name
<ikonia> I wasn't really paying attention, just answering your question
<hallyn> don't suppose anyone is sitting around with time to do a libvirt sync today...
<uvirtbot> New bug: #823096 in freeradius (main) "package freeradius-mysql 2.1.8 dfsg-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/823096
<lynxman> hey hallyn o/
<elz89> I have another server on my network running bind. I have two ubuntu servers and I am fairly new to linux  so just let me know what you need to know. :-) This is a hobby for me at home, but I am interested in learning and contributing in the future.
<lynxman> hallyn: your name has been mentioned several times around here today
<hallyn> lynxman: network's too laggy to scroll up much
<hallyn> lynxman: what's up?
<lynxman> hallyn: we had some issues finding a sane lxc.conf default config
<lynxman> hallyn: we solved it by spawning lxc through libvirt xml, it works fine
<lynxman> hallyn: trying to debug what's missing to make openstack + lxc (on libvirt) work properly on diablo
<Ganymede> Anyone here ever migrated NetBackup over to a new machine by manually copying/placing files rather than going through the installation wizard/script? I'm trying to restore a NetBackup server installation from a failed drive. I just copied over a few directories and when I run /usr/openv/netbackup/bin/jnbSA and log in, I don't see the usual tree of items on the left hand side.
<soren> hallyn: Hi. The container environment variable you check for inthe lxcguest upstart job... Where's that meant to be set?
<hallyn> soren: by lxc-start or libvirt's lxc driver
<hallyn> soren: otherwise it doesn't get set, and we assume we're not in a container
<smoser> the environment variable 'container'
<soren> hallyn: So you set the environment variable and exec init inside the guest?
<smoser> we're thinking that is not getting set
<hallyn> soren: yes
<hallyn> smoser: in libvirt they now set LIBVIRT_LXC_UUID or somesuch
<soren> hallyn: Yes.
<soren> hallyn: We see that one.
<soren> Those ones, I mean.
<soren> LIBVIRT_LXC_{UUID,NAME} specifically.
<hallyn> lynxman: a starting point for a lxc.conf is /usr/share/doc/lxc/examples/lxc-veth.conf.  Maybe we should add a lxc-libvirt.conf that will work when default libvirt is set up
<soren> ..but not container.
<hallyn> right.  container is no longer being set in libvirt
<soren> Oh.
<soren> So..
<soren> Oh.
<smoser> so lxcguest needs update
<soren> So lxcguest needs.
<hallyn> it has one
<soren> right.
<smoser> not in archive
<soren> hallyn: What does that mean?
<hallyn> at least in oneiric it does
<hallyn> maybe that didn't make its way back into natty...
<hallyn> grep LXC_UUID lxc/debian/lxcguest*.updatert
<soren> We're running oneiric.
<hallyn> oneiric guests?
<soren> err...
<smoser> oneiric on oneiric
<soren> I'm not.
<soren> Sorry.
<soren> smoser is, though.
<soren> Allegedly :)
<soren> I'm running natty on Oneiric.
<smoser> 0.7.4.2-3ubuntu6
<hallyn> soren: feh, yeah we need to fix that in natty.  do you midn opening a bug?
<hallyn> as for smoser, i don't know what's going on
<hallyn> i'll blame cloud-init :)
<smoser> ok..
<smoser> so yeah, definiteliy soren and i are seeing different issues
<smoser> hallyn, you also need to fix oneiric
<smoser> so oneiric guest on natty host
<hallyn> that should work fine
<hallyn> 'in theory'
<smoser> hallyn, yeah, i see that.
<smoser> ok..
<smoser> so i'll poke more
<hallyn> smb: bug 795717 is gonna need kernel luv
<uvirtbot> Launchpad bug 795717 in qemu-kvm "32bit rhel and centos 5.(5|6) hangs on boot on natty" [Medium,Invalid] https://launchpad.net/bugs/795717
<hallyn> smb: and is still in oneiric kernel
<koolhead17> Daviey, ping
<Daviey> koolhead17: o/
<uvirtbot> New bug: #824005 in spamassassin (main) "Sync spamassassin 3.3.2-1 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/824005
<Daviey> contentless pings suck.
<koolhead17> Daviey, https://bugs.launchpad.net/ubuntu/+source/dbconfig-common/+bug/807038  :(
<uvirtbot> Launchpad bug 807038 in dbconfig-common "dbconfig-common fails to preseed phpmyadmin on natty/lucid" [Medium,New]
<Daviey> koolhead17: :(
<koolhead17> Daviey, do i have to mail at debian mailing list for that? :D
<smoser> hallyn, you there?
<hallyn> smoser: yes
<smoser> http://paste.ubuntu.com/662729/
<smoser> that is cat /proc/mounts inside a oneiric on oneiric lxc guest
<hallyn> smoser: soren: Daviey: from waht you know, do you think bumping oneiric's libvirt to 0.9.3-4 (sync from debian) today is likely to break some things?
<Daviey> koolhead17: I would see if TREllis can offer a suggestion, he had a similar issue recently
<hallyn> smoser: looking
<Daviey> hallyn: I have NFI.
<smoser> lynxman, thinks it can't make anything worse
<smoser> :)
<lynxman> hallyn: will just shake things up :)
 * robbiew covers his eyes
<Daviey> hallyn: Have you sniffed the new debian changes?
<smoser> hallyn, note in that /proc/mounts that /dev/ is mounted over the top of /dev/pts
<hallyn> Daviey: not really
<Daviey> hallyn: That is probably a good first action. :)
<hallyn> Daviey: other than to see that things are volatile there
 * koolhead17 bows to robbiew 
<smoser>  /lib/init/fstab.lxc is properly mount-binded over /lib/init/fstab
<koolhead17> seems like i have missed some action here.
<hallyn> smoser: and do you in fact not have /dev/pts/ptmx?
<hallyn> smoser: uh, but you're under libvirt aren't yoU?
<lynxman> smoser: yesh
<lynxman> hallyn: I mean, yes
<hallyn> then /lib/init/fstab.libvirt is supposed to be used...
<smoser> hallyn, yes, i am...
<smoser> ah..
<smoser> wait
<hallyn> ok, well this is in openstack or something, right?  have you tried on a simple ec2 clean install?
<hallyn> (if not i'll try)
<koolhead17> Daviey, so i would prefer working on something else then
<smoser> hallyn, well this is me running under libvirt directly
<hallyn> uh, no i won't, i'm not sure how to mimic your env :)
<smoser> hallyn, its fairly trivial
<lynxman> hallyn: we're running an image through libvirt with lxc and same image with openstack + lxc (which uses libvirt)
<smoser> hallyn, i can set up a clean libvirt only for you to poke at if you'd like
<smoser> hallyn, one thing that needs to be fixed
<smoser> fstab.libvirt says:
<smoser>  # /lib/init/fstab.lxc: static file system information.
<smoser> (comment is wrong/very-confusing)
<hallyn> i'll queue that up in my queued oneiric lxc changes
<baffle> Hum, why does "virsh pool-start" try to do "/sbin/vgchange -an lvmvg"? It is allready active, with lots of logical volumes in use...
<baffle> For some strange reason libvirt doesn't acknowledge that it is active allready, and I can't start it... Thus unable to start any new VMs with images in the volume group.
<smoser> hallyn, do you want to poke at the system ?
<hallyn> smoser: i suppose
<smoser> ubuntu@ec2-184-72-195-194.compute-1.amazonaws.com
<hallyn> if you're gonna make me :)
<gac> hi guys, I saw the post on the Planet about reviewing the server tech guide and thought I might give it a go. Is there a good URL for "getting started with bzr", as I'm not familiar with bzr (nor dvcs in general) so not sure how to go about uploading any changes...
<smoser> hallyn, i see the bug
<hallyn> oh?
<lynxman> gac: a good start would be the bazaar wiki https://wiki.ubuntu.com/Bzr
<Daviey> koolhead17: Sorry, you'll need to use more words.
<hallyn> don't keep me in susspense
<koolhead17> Daviey, i meant i will leave using dbconfig-common for a while and work on something else then
<hallyn> eh, i'm gonna get some yoghurt.  i blame robbiew. biam
<gac> cheers lynxman, I'll give that a read tonight and perhaps have a go at "proofreading" the manual
<lynxman> gac: that would be pretty awesome, any feedback is welcome ;)=
<gac> well, not sure I'll bring much to the party as I'm sure it's evolved very well over the years, but I fancy a change so some "technical reviewing" might be quite useful and looks like work, so I can spend an hour here and there browsing through it for a break ;)
<Daviey> koolhead17: oh ok.  If you want to help resolve it, that would be most appreciated.
<Daviey> it's kinda a busy time for us all right now.
<koolhead17> oneric. and i will file the same bug there too
<koolhead17> unfortunately
<Daviey> koolhead17: the bug you raised defaults to targetting oneiric
<koolhead17> Daviey, ooh. cool :)
<hallyn> smoser: well shoot me the fix, and i'll push a new pkg.  oh, i mean, i'll send you the debdiff so you can push a new pkg, core-dev-boy :)
<smoser> still worlking, hallyn
<zul> hallyn: where did qemu-system-arm go?
<hallyn> zul: into qemu-user
<zul> hallyn: ok thanks
<zul> (trying to get libvirt working on)
<smb> zul, So the xen-4.1.1, even with fixing up hvmloader seems to cause me new pain with HVM. Do you know whether there is newer changes to 4.1.1 pending already?
<zul> smb: there could be i havent had a chance to look yet
<zul> smb: ill have a look at it tomorrow
<smb> zul, oK, i need to search through the archive. Somehow I was feeling to have seen something about device emulation but ignored it in the past
<zul> kk
<adam_g> negronjl: ping
<negronjl> adam_g: pong
<adam_g> negronjl: how did you confirm that bug #816169
<uvirtbot> Launchpad bug 816169 in ensemble "When using Ensemble, add-apt-repository no longer functions properly" [Critical,Fix released] https://launchpad.net/bugs/816169
<adam_g> ...was fixed?
<adam_g> i just tested the same AMI and had failure on multiple formulas
<negronjl> adam_g:  I have been working on a formula that was failing on apt-add-repository.  I shutdown my ensemble environment, changed my environment.yaml file, bootstrapped and re-deployed the formula ( now using apt-add-repository ) and it works now.
<adam_g> hmm
<negronjl> adam_g: shutting down my env and will try again...give me a few
<adam_g> negronjl: just bootstrapped a fresh environment as wel and used that same AMI
<negronjl> adam_g:  deploying now...a few more minutes
<negronjl> adam_g: apt-add-repository seems to be properly adding the repos to /etc/apt/sources.list.d just fine.
<negronjl> adam_g:  never mind....it's still failing :/
<adam_g> ok.. thanks
<negronjl> adam_g:  I should clarify...the files are there in /etc/apt/sources.list.d
<negronjl> but
<adam_g> right
<negronjl> I still see errors on the logs about it
<negronjl> adam_g:  I'll re-open that bug
<adam_g> yeah, it succeeds in importing them but something is still broken. certain python libraries later fail to install, for me
<adam_g> negronjl: thanks
<robbiew> zul: looks like http://blueprints.launchpad.net/ubuntu/+spec/server-o-openstack needs some love...DONEs and POSTPONEDs would be nice ;)
<zul> robbiew: okies
<negronjl> how do I re-open a bug in launchpad ??
<robbiew> SpamapS: http://blueprints.launchpad.net/ubuntu/+spec/server-o-mysql feels lonely and sad :(....defer?
<robbiew> zul: thx
<SpamapS> robbiew: some of it wil get deferred yeah, its targetted at beta right?
<robbiew> RoAkSoAx: https://blueprints.launchpad.net/ubuntu/+spec/server-o-powernap-improvements looks like it's going to need some POSTPONEs...no?
<adam_g> negronjl: the triangles in each of the affects rows, then mark it as confirmed
<robbiew> SpamapS: yep...no worries, just reminder ;)
<negronjl> adam_g:  I can't do that.  I'll talk to iamfuzz to see if he has that option
<robbiew> zul: https://blueprints.launchpad.net/ubuntu/+spec/server-o-xen-host can also use a little love and re-targeting as well
<zul> robbiew: k will do so  tonight
<adam_g> negronjl: i can, hold on
<robbiew> zul: cool deal..thx
<negronjl> adam_g:  k
<negronjl> adam_g:  it's now confirmed
<adam_g> cool
<NCommander> zuthere are more serious kernel issues with LXC on ARM ATM
<Ursinha> gema: welcome to QA!
<elz89> What does this part define "dc: Example" in the top level front end config for ldap?
<elz89> Do I need to put the hostname of my Domain Controller?
<thisismygame> Does anyone have experience setting up virtualbox with rdp access? I just installed ubuntu from a natty minimal cd, got virtualbox installed with apt-get (so the package name is called virtualbox-ose) and I enabled VRDE in vbox. I am still unable to connect. I think because there is nothing listed in netstat -l for port 3389. Do I need to manually add something on the ubuntu host?
<KM0201> thisismygame: whats the IP of the virtual machine?
<RoyK> thisismygame: try netstat -ln
<KM0201> will that work, if he doesn't have vbox calling for its own IP?
<RoyK> hm.. nope
<RoyK> never used VRDE myself - I've used the vbox from virtualbox.org, which has RDP server hosting from the host address (not the guest)
<thisismygame> KM0201: win2000 vm: 10.0.2.15 ubuntu host: 192.168.1.121
<KM0201> thisismygame: see, i was right
<KM0201> you need to set the guest, to call for its own IP.
<KM0201> thisismygame: shut down the virtual os.
<KM0201> right click the virtual machine/settings
<RoyK> thisismygame: it's probably better to use bridging if you want the guest to be easily accessible
<thisismygame> KM0201: so you're saying there is no way to do this using the NAT default networking
<KM0201> go to network.. on the adapter, set it from "NAT" to "bridged".. that will make the guest OS, call for its own IP
<thisismygame> KM0201: i've done it using bridged mode before
<thisismygame> Right
<KM0201> i would use bridged for what you're wanting to do.
<thisismygame> fine
<thisismygame> thank you
<KM0201> RoyK: i'm having a minor prob... i've mounted my RAID at /media/NAS
<KM0201> i want to create some sub folders on "NAS".. that only a particular user will have access to.
<KM0201> via samba
<RoyK> erm.. create the dir and chown it to the user, chmod go-rwx ?
<RoyK> !chmod
<ubottu> An explanation of what file permissions are and how they can be manipulated can be found at https://help.ubuntu.com/community/FilePermissions
<KM0201> i already read that... lemme read again see if i'm missing something
<tarvid> can I put some sort of reflector for VPN on 11.04 to facilitate a connection between private IPs?
<RoAkSoAx> robbiew: yes I'll postpone everything left for powernap (sorry for the delay :))
<robbiew> RoAkSoAx: cool, thx....no worries ;)
<kurtza> hi anyone seen kim0
<grendal-prime_> ok i need two create an extra interface on a physcal box so i can bridge it to a vnet
<grendal-prime_> the box is acting as a router so eth0 is inside, eth1 is internet facing. I want to use iptables to masquarded and sourcenat info toe eth2 wich is actually bridged to br0 if that makes any sence?
<kurtza> dude sorry for being nosy but what exactly are you trying to achieve
<KM0201> RoyK: thanks for the link, not sure what i was doing wrong, but i did it all again, and now it works fine.
<KM0201> obviously i missed a step somewhere
<uvirtbot> New bug: #297920 in etckeeper (main) "wish: offer to init and commit when the etckeeper is installed" [Wishlist,Fix released] https://launchpad.net/bugs/297920
<skrite> hey all
<T3CHKOMMIE> ,hey everyone!
<skrite> T3CHKOMMIE: hey
<T3CHKOMMIE> im looking for a netboot solution. i heard of a linux flavor of OS that lets you load iso or images and serves them up Via PXE. does anyone know the name of it? im trying to set up something here at work that will let me do remote OS installes by booting on lan and pointing to a PXE server hosting my images. any ideas?
<skrite> hey all, what kind of networking hardware do i need to look into to build a mysql-cluster with three machines
<grendal-prime_> kurtza, i need to bridge the device to a vlan
<grendal-prime_> for virtual enviroment
<grendal-prime_> most distros you can just crate a bridge call it br0 you dont have to fastne it to anything really but ubuntu does not like that brecause its ...well lets face it kinda illogical
<gema> Ursinha: thanks!
<Ursinha> gema: :)
<uvirtbot> New bug: #824167 in lxc (main) "wishlist: connect to lxc container by name using avahi" [Undecided,New] https://launchpad.net/bugs/824167
<hggdh> gema: still working? ;-)
<tcsadmin> anyone here use centrify express to join ubuntu server to AD?
<uvirtbot> New bug: #301897 in kvm (main) "Disconnected serial console runs out of buffer" [Medium,Fix released] https://launchpad.net/bugs/301897
<uvirtbot> New bug: #306723 in multipath-tools (main) "udev breaks compatibility with multipath" [Medium,Fix released] https://launchpad.net/bugs/306723
<malev> folks! what's the frequency of this cron task? */5 * * * * /home/ubuntu/AE/scripts/staging/ae_jobs_custom_staging.sh >> /home/ubuntu/AE/logs/jobs_custom.1.out.log 2>&1
<lixxus> guy is there a gui for ubuntu server
<lixxus> such as lamp gui as webmin
<uvirtbot> New bug: #824187 in irqbalance (main) "package irqbalance 0.56-1ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/824187
<tcsadmin> lixxus -yes but majority of ubuntu servers don't have gui installed
<lixxus> yes  i know
<lixxus> but for linux noob like me
<lixxus> configuring files etc through backend command is scary
<tcsadmin> lixxus - yeah, command line can be a bit scary but that's how it's done, not via gui
<lixxus> is there any recommendation for novice users like me
<tcsadmin> lixxus - i'd get comfortabel with ubuntu desktop gui first then make the transition to server
<Ursinha> lixxus: I'd say: you'll get used to that :)
<lixxus> i am familar with ubuntu desktop
<lixxus> comfortable with ubuntu desktop
<tcsadmin> lixxus - i'd said take the plunge and forget about the gui then
<lixxus> however command line through putty seems long winded
<tcsadmin> lixxus - you'll learn a heck of a lot more about ubuntu server thru the command line
<tcsadmin> lixxus - long winded but you'll learn more, trust me on that
<lixxus> yes but its all about saving time
<tcsadmin> lixxus - ubuntu server i very popular so you'll never get stuck for long
<tcsadmin> and you will get better/faster as time goes
<lixxus> long term it might be good learning, but i dont have time to mess about.
<tcsadmin> what are you trying to do?
<lixxus> the aim of the server is for mail,web, possibly voip
<lixxus> there are tailored solution unique to each function, however i would rather create my own
<tcsadmin> you can get the base ubuntu LAMP server going in about 10-15 mins
<lixxus> the other suggestion provided to me is to install esxi server and install each server for each function
<tcsadmin> function you mention that, i was going to suggest vmware!
<lixxus> however i will be running the system on a atom d410 processor 2gb ram
<lixxus> so i dont know if vmware will be powerful enough
<tcsadmin> vmware is pretty slick but one unknown at a time!
<tcsadmin> yeah, you need pretty good hardware for vmware
<lixxus> anyone run ubuntu server on atom system ?
<tcsadmin> it should work so i say go for it
<tcsadmin> i run some test server with a lot less hardware than what you have
<lixxus> so there is no server based distro that can be configured from gui
<tcsadmin> lixxus - https://help.ubuntu.com/community/ServerGUI well good luck with your setup, i'm off.
<uvirtbot> New bug: #289921 in open-vm-tools (multiverse) "SRU: network interface does not come up after installing open-vm-tools" [Low,Fix released] https://launchpad.net/bugs/289921
#ubuntu-server 2011-08-11
<uvirtbot> New bug: #312345 in mysql-dfsg-5.0 (universe) "mysql versions prior to 5.0.74 have trouble export/import with leap seconds" [Undecided,Fix released] https://launchpad.net/bugs/312345
<grendal-prime_> anybody use vlan?
<grendal-prime_> im wondering if its possible to bridge kvm guests to a vlan interface
<lifeless> sure
<lifeless> make configure libvirt to use the vlan
<grendal-prime_> im talking vlan as in the vlan created by the vlan_1.9 package on ubuntu
<lifeless> one way to do that is to setup a bridge interface that has the vlan as a member and configure that bridge as the bridge to connect to in /etc/libvirt...
<grendal-prime_> duuuuude...you and i need to powwow
<grendal-prime_> thats exactly what i want to do...is it crazy that kvm does not support some sort of vlan that doenst much with your iptables rules or what!!
<grendal-prime_> i mean   DUUUUUDE!
<grendal-prime_> and i ment muck not much
<grendal-prime_> so basically your confirming my question...doctor?
<grendal-prime_> this is dooable right?
<lifeless> yes, as far as I know. I have done similar, but not to a vlan.
<grendal-prime_> bummer
<grendal-prime_> ok sooo you did that with....what?
<grendal-prime_> an aliased nic?
<grendal-prime_> cause that didnt seem to work two well for m
<grendal-prime_> e
<lifeless> no, you definitely need a bridge
<lifeless> the default one that libvirt uses is virbr0
<lifeless> you can just configure that one manually if you want
<twb> OK, so offtopic question.  In lucid gnome you have a "floppy" icon separate from the normal file:/// unix directory tree, and clicking on it makes it mount the floppy.
<twb> Is there a gnome vfs URL that refers to that icon directly?
<grendal-prime_> in media i think
<twb> If I patch oo.org's XML to save to file:///media/disk, that's seperate from the floppy icon.
<grendal-prime_> usually it mounts to /media/floppy0
<twb> The issue isn't where it mounts it
<KM0201> what command do i run, to see who all is a member of a particular group (samba)
<twb> The issue is how to tell gvfs I mean "the floppy" as opposed to the mountpoint
<twb> Apparently just guessing floppy:// didn't work
<uvirtbot> New bug: #377265 in etckeeper (main) "etckeeper fails on commit, if "hostname -f" returns error ("hostname: Unknown host")" [Low,Fix released] https://launchpad.net/bugs/377265
<uvirtbot> New bug: #824291 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/824291
<hallyn> stgraber: lp:~serge-hallyn/ubuntu/oneiric/lxc/ephemeral has the changes I was hoping you would roll into tomorrow's push.
<hallyn> smoser: ^ that has *some* fixes for your problems, not 100%
<hallyn> smoser: a new upstart job is symlinking /dev/ptmx to /dev/pts/ptmx, but some pecker is STILL removing that after the fact.
<uvirtbot> New bug: #493503 in cheetah (main) "Newer versions available, v2.0.1 is over 2yrs old with a number of fixes/enhancements" [Undecided,Fix released] https://launchpad.net/bugs/493503
<twb> On hardy, squid isn't starting.  It complains: WARNING: database_acl #2 (FD 13) exited [...]  Too few database_acl processes are running The database_acl helpers are crashing too rapidly, need help!
<twb> How do I find out WHY the database_acl processes are dying?
<twb> Hmm, come to think of it, ACL will be the horrible shit <coworker> wrote to fake it a hookup to unkerberized LDAP.
<twb> Oh, brilliant, squid is one of those stupid daemons that does its own non-syslog(3) logging
<twb> OK, ignore me, problem found.
<Demosthenes> anyone on here currently supporting diskless workstations?
<twb> Demosthenes: yes
<twb> What is your REAL question?
<pukeko> howdy - i want to change a users uid.guid to match their uid.guid on another server -- will they still be able to access their files or will there be probs ?
<twb> pukeko: vipw, vigr, vipw -s, vigr -s, then something like "chown -R fred: /home/fred" and look for anything else with "find / -xdev '(' -nouser -o -nogroup ')' -ls"
<twb> pukeko: may also need to reboot to clear out any UID-based files in /tmp and friends
<lickalott> diskless as in cloud computing?
<twb> pukeko: obviously you can solve this permanently by using some form of centralized authentication, e.g. krb, ldap, nis,
<pukeko> twb: cool - was wondering if i would have to doa chown..
<twb> pukeko: files remember a uid not a user name, so you will
<pukeko> twb:sweet
<Demosthenes> twb: really jsut if anyone had it working ;]
<Demosthenes> twb: i know i'm close. i have created a /disklessroot using natty via debootstrap, updated it in chroot, created kernel/initrd/pxe image, and my clients boot successfully, but hang at the end of the initfs scripts
<twb> Demosthenes: just use casper
<twb> Or if you can switch to debian, use live-initramfs, which is actively maintained and MUCH nicer to work with
<Demosthenes> i was aiming for xubuntu clients.
<Demosthenes> casper eh
<twb> casper can be made to work, it's just that it's really only there for the live CDs, and not intended for use by us end users making netboot farms.
<Demosthenes> just a handful, my kids school machines. ;]
<Demosthenes> twb: live-boot and friends are in aptitude, can't just isntall them?
<twb> Maybe
<twb> Last time I looked nobody was trying to support them
<uvirtbot> New bug: #256052 in tomcat6 (main) "Build the complete tomcat6 stack" [Wishlist,Fix released] https://launchpad.net/bugs/256052
<twb> Suppose I create an ext filesystem with 5% reserved for root
<twb> *THEN* I resize it from 2G to 256G.  Is the reserved space increased to stay 5%, or does it stay at n blocks and become much less than 5%
<Demosthenes> no idea.
<Demosthenes> twb: fixed my issue
<Demosthenes> i was booting, and it'd freeze. turns out network maanger was trying to restart the eth0 interface.
<Demosthenes> i had to set that to manual in /etc/network/interfaces, and they boot fine now
<twb> Demosthenes: NM is the biggest cause of network issues IME
<Demosthenes> sucks eh
<uvirtbot> New bug: #296605 in libxml-simple-ruby (universe) "libxml-simple-ruby path workaround causes double loading with rails" [Undecided,Fix released] https://launchpad.net/bugs/296605
<lng> hi! I have added new user and set password to it. then I restrict this user to SFTP with the following comands: `usermod -s /usr/lib/sftp-server username && echo '/usr/lib/stfp-server' >> /etc/shells`. As result I couldn't `su username` to it. what am I ddoing wrong?
<lng> solved
<uvirtbot> New bug: #254262 in nis (universe) "Still uses multiuser argument to update-rc.d" [Low,Fix released] https://launchpad.net/bugs/254262
<uvirtbot> New bug: #709187 in nova "AjaxTerm refer to a unexistant folder "tools" with the Ubuntu packaging" [Medium,Confirmed] https://launchpad.net/bugs/709187
<uvirtbot> New bug: #820047 in glance "Installs top-level tests module" [High,Fix committed] https://launchpad.net/bugs/820047
<uvirtbot> New bug: #793602 in swift "Fix 1.4.0 packaging to include swift-container-stats-logger" [Low,Invalid] https://launchpad.net/bugs/793602
<progre55> hi guys. how do you bind a host alias to a domain name?
<greppy> progre55: huh? what are you trying to do?
<progre55> I'm using amazon ec2, and have an elastic ip, but cannot address the direct IP address, as I dont want to get charged for inter-server communications. So I need to connect to a domain name smth like ec2-49-21-76-234.eu-west-1.compute.amazonaws.com, but I'd like to have an alias for it
<progre55> in my /etc/hosts I could bind my alias to an IP address, but how do I bind it to this long domain name?
<greppy> you're still going to be addressing the direct IP
<uvirtbot> New bug: #824413 in mysql-5.1 (main) "Problem during mysql-server-core-5.1 uninstallation" [Undecided,New] https://launchpad.net/bugs/824413
<greppy> using /etc/hosts and dns just gives you an easier name to use instead of the ip address
<uvirtbot> New bug: #305642 in etckeeper (main) "etckeeper (with git) deletes empty directories on apt-get upgrade" [Medium,Fix released] https://launchpad.net/bugs/305642
<progre55> greppy: it's just, when you query that domain from within amazon, it resolves to a private IP address, but from outside amazon, it resovles to a public IP, and when you connect to the private IP from within amazon, you dont pay for traffic, but if I bind it to the public IP address, then they charge for every connection.
<progre55> and the private IP might change when you restart a server, but the public IP doesnt
<greppy> ah
<trapmax_> so you should check your ip on every restart and use that in hosts
<greppy> or use dns and setup a CNAME to point to the dns name that amazon supplies.
<progre55> yeah, that might work, greppy, thanks
<progre55> I anyways use amazon route 53
<trapmax_> i need to install windows to many eeePC clients. what program would you recommend for such a situation?
<blahdeblah> What do i need to do with lucid server to enable .php extensions to be recognised by default?  I tried the steps noted in https://help.ubuntu.com/community/ApacheMySQLPHP and it's all fine.  libapache2-mod-php5 is installed, a2enmod php5 reports it is enabled, apache2 restarted, yet when i try to access http://server.example.com/~myuser/test.php, it downloads it (as a PDF document!) rather than displaying the page.  Where to n
<uvirtbot> New bug: #292587 in kvm (main) "Reboot fails with virtio disks" [Undecided,Fix released] https://launchpad.net/bugs/292587
<blahdeblah> BTW, i've also checked that the file is readable by www-data.
<patdk-wk> blahdeblah, have you bothered to read the comments in /etc/apache2/mods-enabled/php5.conf
<patdk-wk> php is disabled in userdir's per default
<blahdeblah> OK
<RoyK> http://wimp.com/manchesterriots/
<blahdeblah> thanks, patdk-wk
<sfergut> hello
<sfergut> there is a problem with ubuntu server 11.04 hardware detection ?
<sfergut> it can not detect my network card and my disk
<patdk-wk> what networkcard and disk controller are you using?
<patdk-wk> and is this during install? or after install?
<RoyK> not detecting the disk _after_ install? ;)
<patdk-wk> royk, I have seen issues where the install works fine, but not when booting the system :)
<patdk-wk> normally driver left out of initrd
<sfergut> patdk-wk: it does not detect it during install
<sfergut> i have an  Broadcom NetXtreme II BCM5708 1000Base-SX linux module bnx2
<sfergut> and LSI pci express card with an ibm card
<sfergut> linux module working on centos 5 is mptsas
<sfergut> sorry ibm drive there not card
<patdk-wk> hmm odd
<patdk-wk> I haven't had an issue with mptsas here on 11.04
<patdk-wk> you shouldn't with bnx2 also, but I haven't tested that here, only with 10.04
<sfergut> i executed the shell and modprobe bnx2 and modprobe mptsas still nothing
<patdk-wk> might be megaraid_sas name instead
<sfergut> i tried that too without look
<sfergut> luck
<patdk-wk> what model lsi card?
<sfergut>  LSI Logic / Symbios Logic SAS1064ET PCI-Express Fusion-MPT SAS
<sfergut> also see this for the network card http://imageshack.us/photo/my-images/33/unledab.jpg/ after the modprobe bnx2
<patdk-wk> hmm, firmware not running issue
<patdk-wk> I know I had to change the firmware on my bnx2's when I installed linux on them
<patdk-wk> I wonder if it's cause of the firmware split, of non-free
<sfergut> i put know 10.04 and it works fine on hardware detection
<sfergut> *now
<sfergut> guess i will stick with 10.04 for now as i need it only for mono software testing
<patdk-wk> probably if you install 11.04
<patdk-wk> and manually install non-free firmware from apt first
<patdk-wk> it would work
<sfergut> well that will take more time as the network card is not working
<tcsadmin> anyone here tried using centrify express to add an ubuntu 10.10 server to active directory?
<patdk-wk> nope, I just do it using kerberos
<tcsadmin> i'm trying to make my squid proxy use windows credentials for authentication. i'm goal is to get login names from SARG reports instead of ip
<kim0> tcsadmin: check out https://help.ubuntu.com/community/DirectControl
<hallyn> smoser: so I think I'm going to change the lxc ephemeral tree, to not put pts/0 into securetty, *and* to not start console.conf for libvirt
<hallyn> smoser: have you had any more insight into wtf is going on with ptmx?
<Dori922> hey dudes i have a server on a home network(with a private IP), it connects to my home router which has a public IP
<Dori922> can i SSH into the server from outside my network
<Dori922> i can do it from inside all right..
<Pici> Dori922: You'll need to forward port 22 from your router to your server.
<smoser> hallyn, no, not really looked at it todoay
<tcsadmin> kim0 - got it.  i had to use the -u switch to specify a domain admin account! it worked! :)
<patdk-wk> and if it can't, configure the dmz option instead, but make sure the firewall on the server is good
<kim0> tcsadmin: woohoo :)
<Dori922> Pici: how do i do that? i have port 22 authorized on the server and the PC im trying to SSH with
<Dori922> the router i have is a bog standard belkins one
<tcsadmin> kim0 - now i have to do some digging on how to setup ad stuff for students/staff and internet control. tks
<kim0> cool
<Pici> Dori922: This website might be able to help you forward that port: http://portforward.com
<Dori922> Pici: ty <3
<sfergut> patdk-wk thanks for your help have a good day
<stgraber> hallyn: ok, got your branch.
<hallyn> smoser: i'm going to try and figure out what's doin ghtat with the help of inotify
<hallyn> once i'm re-bootstrapped
<smoser> hallyn, i'm now seeing issues with libvirt
<smoser> it doesn't seem to think cgroups is mounted
<smoser> error: internal error The 'cpuacct', 'devices' & 'memory' cgroups controllers must be mounted
<smoser> hallyn, ^
<hallyn> smoser: then fix your broken system
<smoser> your code set up my broken system
<lynxman> hallyn: same happened to my broken system too
<smoser> s/set up/broke/
<hallyn> which code?
<smoser> cgconfig i think
<hallyn> besides not being my code, afaik that hasn't changed recnetly has it?
<smoser> description "cgconfig"
<smoser> author "Serge E. Hallyn <serge.hallyn@ubuntu.com>"
<lynxman> smoser: that name looks pretty close to hallyn
<hallyn> heh, that's the upstart job.
<hallyn> anyway, i can't seem to debootstrap to give me a clean ifconfig right now
<hallyn> smoser: can you give me /proc/mounts contents?  I'm really not seeing what could've broken since ysterday
<smoser> http://paste.ubuntu.com/663441/
<smoser> i think the difference is that i had not installed cgroups... maybe..
<smoser> not really sure
<hallyn> lxc depends on it, so if you had that installed it should've pulled cgroup-bin
<hallyn> the cgroup mounts are there...  so is it now working for you?
<smoser> maybe. maybe i didn't have lxc installed... i dont knwo. but one way or another, libvirt is not working for me.
<smoser> it is not working
<hallyn> just for kicks, try 'mv /etc/mtab /etc/mtab.no; ln -s /proc/mounts /etc/mtab'
<smoser> no dice
<smoser> just tried restarting libvirt-bin. no help there.
<hallyn> cat /proc/`which libvirtd`/cgroups
<smoser> ubuntu@ec2-174-129-59-115.compute-1.amazonaws.com if you're interested
<smoser> you probably meant pidof ?
<hallyn> yeah that one
<smoser> http://paste.ubuntu.com/663451/
<RoAkSoAx> Daviey: adam_g howdy!! so what's your status?
<adam_g> RoAkSoAx: makin coffee. you?
 * genii-around sips
<zul> smb: im in the midle of pushing a new xen to the archive fyi
<smb> zul, Cool, thanks. Will look at it when it gets through
<Daviey> RoAkSoAx: otp atm
<RoAkSoAx> adam_g: about to do the same
<RoAkSoAx> adam_g Daviey what's your progress on deploying using oirchestra?
<adam_g> RoAkSoAx: have been busy with other things, working on getting the devenv going now to work on it locally. don't have time/patience to wait for real servers to power cycle/install ATM
<RoAkSoAx> adam_g: lol ok
<smoser> zul, error: internal error The 'cpuacct', 'devices' & 'memory' cgroups controllers must be mounted
<hallyn> smoser: dunno, i did 'stop libvirt-bin; start libvirt-bin' and now it works
<smoser> hallyn, verified here.
<smoser> restart seems not to restart
<TeTeT> hallyn: hi, would you know of a way to determine if a kvm machine is dead from the hosts command line? the system reacts to ping, but ssh is impossible. kvm on UEC 11.04 is that
<patdk-wk> tetet sounds like a memory/ulimit issue
<patdk-wk> system is still running, but can't spawn a thread to run a new program anymore
<TeTeT> patdk-wk: any way to check that from the host?
<patdk-wk> I don't do kvm
<TeTeT> ok, thanks
<patdk-wk> but since it's a real vm
<patdk-wk> all you can do is look at the console
<uvirtbot> New bug: #286872 in kvm (main) "Fails to install correctly if /etc/group contains any line matching "kvm"" [Medium,Fix released] https://launchpad.net/bugs/286872
<patdk-wk> maybe attempt to read the log files if you can access the kvm guest disk
<patdk-wk> but attempting to login to it won't work, till the problem is fixed
<patdk-wk> normally I just wait 15-30min for it to fix itself, or reboot it
<smoser> hallyn, i'm opening a bug on libvirtd-bin
<hallyn> TeTeT: sorry, no, depending on what you mean by 'dead' i don't...
<RoAkSoAx> smoser: any ideas? http://paste.ubuntu.com/663477/
<hallyn> TeTeT: id' say open up a console...  restart kvm with -serial tcp::2222,server if you have to
<hallyn> smoser: ok.  this started today?  i'm wondering whether the update for libnl3 did it
<hallyn> haven't reproduced it though
<hallyn> smoser: if possible please lay out inthe bug precisely how you bootstrapped the system... ie what order you installed packages in
<TeTeT> lborda: ^^
<TeTeT> hallyn: not sure if that's possible, as it's a UEC instance that's lost it's IP. but if we don't terminate it with euca-terminate-instances, then we can probably still inspect the image file that way?
<hallyn> TeTeT: yeah
<hallyn> (qemu-nbd or whatever)
<uvirtbot> New bug: #817270 in pep8 (main) "Update to current release of pep8 0.6.1." [Wishlist,Fix released] https://launchpad.net/bugs/817270
<jits1998> hi guys.. we have multiple labs running in different ip ranges, we would like all of them to access internet from the same gateway ... we tried putting vlan on gateway, but it seems to "block" all non-google sites.. is it possible to assign mulitple ips in different ranges to a single gateway without VLAN>
<jits1998> anyone ?
<kirkland> RoAkSoAx: http://paste.ubuntu.com/663536/
<patdk-wk> jits1998, sure, with or without vlans
<patdk-wk> it doesn't really matter
<patdk-wk> but the vlan issue isn't causing your problem
<jits1998> patdk-wk: thanks.. i am not able to figure out what else can .. i feel that vlan tag is leaking out and only google sites respond to vlan tagged ip requests ..
<patdk-wk> vlan stuff can't *leak*
<patdk-wk> cause if it did, it would be an invalid packet
<jits1998> patdk-wk: ok.. any idea how this can be degugged ?
<patdk-wk> tcpdump :)
<jits1998> patdk-wk: don't see any error in iptables log ..
<jits1998> tcpdump: no suitable device found :: :-/
<patdk-wk> you have to actually know how to use the debugging tools, in order to debug
<jits1998> patdk-wk: yeah ... :-| .. though i have another similar setup for backup connection .. which uses another ISP .. and proxy works fine..
<jits1998> this one i tried with proxy as well .. but doesn't work :-(
<jits1998> proxy = squid
<jits1998> is there any guide/tutorial to help me debug this ? .. its been 3 weeks we are struggling with this issue ..
<Olotila> Do you have book recommendations for using ubuntu or ubuntu server? Most comprehensive possible.
<tcsadmin> jits1998 - have you tried #networking?
<jits1998> tcsadmin: i thoguht this is related to ubuntu server which is our gateway .. will try there if its more relevant there ..
<tcsadmin> jits1998 - sound more related to networking and it won't hurt either
<tcsadmin> Olotila - you need to be more specific. e.g. i'm looking for a web server or a gui desktop
<jits1998> tcsadmin: trying ...
<tcsadmin> jits1998 - what are you trying to accomplish?
<jits1998> hi guys.. we have multiple labs running in different ip ranges, we would like all of them to access internet from the same gateway ... we tried putting vlan on gateway, but it seems to "block" all non-google sites.. is it possible to assign mulitple ips in different ranges to a single gateway without VLAN>
<jits1998> i feel that vlan tag is leaking out and only google sites respond to vlan tagged ip requests ..
<Olotila> well, if there is a book that contains both aspects, that would be nice
<jits1998> tcsadmin: that was a repost for you .. thanks.
<tcsadmin> jits1998 - np. just make sure you leave your IRC client on 24x7 as folks are global
<jits1998> tcsadmin: yeah .. will keep reposting as much as i can .. :-)
<tcsadmin> jits1998 - repost every couple hours
<patdk-wk> heh, I would say much more info is needed
<patdk-wk> cause everything you said so far isn't the issue
<patdk-wk> vlans, squid, ... are not the problem
<patdk-wk> do you have a vlan enabled switch?
<jits1998> patdk-wk: yes we have a smart switch that does the vlan-ing for us ..
<patdk-wk> ok
<patdk-wk> and the *test* lab computers, you assigned their default vlan as vlan x, on the switch, and told it to pass vlan x as untagged
<patdk-wk> per port per test machine?
<jits1998> everything else we wanted is working fine.. e.g. single dhcp server scoped out on vlan
<jits1998> yes .. per port per room ..
<patdk-wk> ok, and gateway has all the vlans set to tagged mode?
<jits1998> yes .. dhcp system is the gateway ..
<jits1998> actually let me explain the network fully ..
<jits1998> we have n+1 vlans.. n for rooms, 1 for faculty  .. we have 3 connections .. 1 for labs, 1 for faculty and 1 backup for trainer systems in labs ...
<patdk-wk> want to pastebin your /etc/network/interfaces and a iptables dump?
<jits1998> everyone gets the ip from the same dhcp server (scoped on vlan) .. for rooms the gateway is the dhcp machine (no direct internet, only via proxy) ... for trainer the net is via a router in the same vlan without tagging (works fine)
<jits1998> iptables -L ?
<patdk-wk> at a min, iptables -nv -L, iptables -t nat -nv -L
<jits1998> http://paste.ubuntu.com/663560/
<jits1998> http://paste.ubuntu.com/663562/
<jits1998> this server is added as tagged in all vlans ..
<jits1998> there are some services like teamviewer/skype work perfectly :-)
<patdk-wk> that is a very strange iptables for a gateway
<patdk-wk> oh wait, ACCEPT
<patdk-wk> it's a wide open relay
<patdk-wk> missing iptables -t nat -L -nv
<jits1998> http://paste.ubuntu.com/663563/
<jits1998> its all screwed up right now.. we need only 22 open technically ..
<patdk-wk> that is the same thing again
<patdk-wk> missing iptables -t nat -L -nv
<jits1998> oh sorry .
<patdk-wk> jits, no, you have 5 ports open on the gateway
<patdk-wk> but WORLD is open for forwarded connections
<jits1998> http://paste.ubuntu.com/663565/
<patdk-wk> so if I ping 10.1.21.100, I could get to that box directly
<patdk-wk> atleast if I was your isp, or close enough
<jits1998> patdk-wk: :-o .. is it ?
<patdk-wk> FORWARD (default ACCEPT)
<patdk-wk> same things if you care, vlan to vlan can talk to each other, unrestricted
<jits1998> yeah .. drop is there as commented out for now..
<jits1998> patdk-wk: no problem with talking to each other. idea was to keep the network smaller for each lab ..
<jits1998> track anti-virus updates, proxy (in future) etc ..
<patdk-wk> I would change that masq rule to
<patdk-wk> hell
<patdk-wk> what is the internet facing interface?
<jits1998> hell :-|
<patdk-wk> oh eth1
<patdk-wk> add an -o eth1 do it's line
<jits1998> it was eth0 .. but trying around with having eth1 as untagged in the gateway's mini-vlan ..
<patdk-wk> and you might need to exclude 10.1.0.x from it
<patdk-wk> maybe before it add an -s 10.1.0.0/24 -j ACCEPT
<jits1998> can you give me full line ..
<patdk-wk> nope
<patdk-wk> this would probably be better
<patdk-wk> iptables-save | pastebinit
<patdk-wk> not used to working on iptables configs with <1000 lines
<jits1998> http://paste.ubuntu.com/663572/
<jits1998> less than 1000 lines :-P .. never gone past 100 lines.. (on three systems put together) :-P
<patdk-wk> my home system, doing 4 vlans is 1145 lines
<patdk-wk> work one is around 3k
<jits1998> whoops .. *bow*
<patdk-wk> na, I don't use iptables directly to make it, that would be impossible
<jits1998> tried some tools .. could not "control" them .. like doing things by hand :-)
<patdk-wk> I use shorewall
<jits1998> too many options for me in that :-P
<cloakable> I use pfsense >.>
<jits1998> i don't know if firewall has anything to do with it..
<jits1998> it = blocking/slowing down non-google sites .. some other sites partially load ..
<patdk-wk> do all your switchs say they support vlans and handle mtu of 1504?
<patdk-wk> normally they do
<RoyK> MTU 1500 or 1504 is the ethernet basis
<RoyK> anything supports that
<patdk-wk> well, some switchs wont do 1504
<jits1998> we have only 2 main switches where vlans are configured .. both connected via a fibre .. problem is same on both sides ..
<patdk-wk> and so won't pass vlans
<patdk-wk> but if the switch does vlans, shouldn't be the issue
<patdk-wk> well, to fix the masq rule, use iptables -A POSTROUTING -o eth1 -j MASQUERADE
<patdk-wk> but I don't see anything else to cause an issue
<patdk-wk> are you on dsl?
<jits1998> vlans are okay .. dhcps are distributed fine, the gateway sees the ips all fine...
<patdk-wk> dhcp would never send a packet >1500 bytes :)
<jits1998> the problematic one is a leased line..
<patdk-wk> what mtu is on it?
<jits1998> no idea.. how do i check ?
<patdk-wk> ifconfig
<patdk-wk> and after that, probably a tracepath
<jits1998> right now its configured on the router.. ..
<RoyK> probably 1500 unless it's changed
<patdk-wk> well, if it's dhcp configured :)
<patdk-wk> if it's static, ya 1500 will be default
<RoyK> 1514 is the ethernet default with headers and all
<jits1998> set to 1500 .. can change it if needed..
<patdk-wk> do a, tracepath 66.36.239.66
<patdk-wk> just kill it when it says no replay
<patdk-wk> reply
<jits1998> tracepath work fine from all systems .. :-)
<patdk-wk> yes, but what mtu does it say?
<jits1998> http://paste.ubuntu.com/663583/
<jits1998> its a field in router config.. set to 1500 currently..
<patdk-wk> hmm
<patdk-wk> dunno, doesn't seem to be a network or firewall issue
<patdk-wk> dns server?
<jits1998> everything is looked up fine.. browser keeps "waiting for xxx.com..." ..
<jits1998> funny thing .. once i installed proxy it worked fine.. then again went down .. :-|
<patdk-wk> can you load patdk.us?
<jits1998> i don't have access to any problematic system right now..
<patdk-wk> going be hard to find the issue then
<jits1998> another thing that might help .. if i have a system in 10.1.0.x range.. where vlan is not used.. this gateway works like a charm .. that makes me think its the vlan that is the issue ..
<patdk-wk> 90% of my systems use vlans, never had an issue
<patdk-wk> I have had a vlan switch that would leak broadcast traffic across vlans though, causing issues
<patdk-wk> firmware upgrade fixed it though
<jits1998> there are three gateways on the same vlan.. two work fine. this one cries all over :-| .. could the problem be with a particular port on switch ?
<patdk-wk> only if the vlan config is set wrong on it
<jits1998> the dhcp and this one are completely same config all over . except dhcp server doesn't act as internet gateway .. just default gateway and passes on the traffic to proxy server ..
<patdk-wk> that line makes no sense to me
<jits1998> all classrooms get the dhcp server ip (in their range) as default gateway .. .. the access to internet is via a squid proxy set on 10.1.0.x system ..
<jits1998> only difference in this problematic system which Acts as gateway configured manually on selected systems is that this has router instead of proxy acting as gateway ..
<patdk-wk> in my setups, I normally do isp -> server (with vlans, dhcp, dns) -> vlans for each user group
<patdk-wk> where I have a public vlan, secure vlan, and maybe a few dmz vlans
<patdk-wk> now I will say, dhcp acts funny on vlans, but seems to work ok though
<patdk-wk> but otherwise everything works like it should
<patdk-wk> dhcp sees dups cause it sees the vlan tagged packet and the untagged packet both, so it responds to both the raw interface and the vlan interface
<patdk-wk> doesn't cause a problem in real usage though
<jits1998> patdk-wk: dhcp works fine for me .. these problematic systems have static ips as their gateway is going to be different from the others
<patdk-wk> a different gateway wouldn't cause issues
<patdk-wk> and we can't even begin to guess what is going on without a problem workstation to test with
<patdk-wk> so far everything looks fine
<jits1998> where are you located ? i can get access to a system in about 10 hours from now . .
<jits1998> then i can share the access to any system you need ..
<jits1998> right now i can only access servers.. which all work fine.. :-|
<patdk-wk> heh, 10hours from now is 12am for me :)
<patdk-wk> I might be around
<jits1998> okay .. found one :-)
<jits1998> can you access via team-viewer ?
<patdk-wk> what is team-viewer?
<jits1998> its a windows system
<jits1998> www.teamviewer.com .. nice remote access app ..
<patdk-wk> I can do pcoip, rdp, vnc, nx, x, ...
<jits1998> i know only rdp and vnc .. both difficult behind firewall..
<jits1998> see if u can download teamviewer.. should be a quick install ..
<patdk-wk> well, I have no windows workstations
<patdk-wk> oh they do linux
<jits1998> yeah they do .. good guys ..:-)
<tcsadmin> even got an iphone app for teamviewer! :)
<jits1998> android as welll .. this thing just works... true german quality :-)
<patdk-wk> ok, seems to be installed
<jits1998> will msg u the id and password..
<patdk-wk> yep, you have an mtu issue
<patdk-wk> changed my server to 1400 mtu, and the page loads fine
<patdk-wk> using 1500 mtu, and I send packets but never get a response
<patdk-wk> someone is blocking icmp
<jits1998> icmp ?
<jits1998> i am able to ping the ip from outside ..
<patdk-wk> ping a 1460byte packet?
<jits1998> how do i do that ?
<jits1998> works ..
<patdk-wk> ping -M do -s 1472 xxxx
<patdk-wk> from windows, ping -f -l 1472 xxxx
<jits1998> "Packet needs to be fragmented but DF set."
<patdk-wk> yep
<jits1998> this is the error i get .. i am pinging from outside the network ..
<patdk-wk> your mtu goes <1500 somewhere
<patdk-wk> and at that point icmp is getting rejected
<patdk-wk> on outside you won't get the icmp too large reply, so you won't see that message
<jits1998> okay. should i ssh on the gateway and give you access .. will that help ?
<patdk-wk> I doubt the gateway is the issue
<patdk-wk> it has 1500 on both sides
<patdk-wk> it's whatever the gateway is using for internet, or the isp
<patdk-wk> let me see
<jits1998> it is connected ..thanks ..
<patdk-wk> ya, everything is getting blocked so I can't even do a proper test
<patdk-wk> http://paste.ubuntu.com/663629/
<jits1998> i can open the router as well .. if u need ..
<patdk-wk> what machine is that console at?
<jits1998> on the gateway ..
<jamespage> adam_g: still around?
<jits1998> thats another issue.. most commands would just hang like that :|
<patdk-wk> not good
<jits1998> yeah .. :-(
<patdk-wk> oh, then mtu issue is inside then
<patdk-wk> cause a command like that would generate a 1500byte packet, causing the issue
<jits1998> ok ..  is it network cable issue ?
<jits1998> from the switch to  system ?
<patdk-wk> don't do any commands
<jits1998> ok
<jits1998> :|
<wpl_> Hi, when I connect my server from inside the network i my login credentials are accepted, but when i connect from outside, i get a "password failure". Why?
<jits1998> if u are waiting for it then don't .. it will stay hung forever :| .. well almsot forever :-)
<patdk-wk> what ip address are we connecting to that server *from*
<jits1998> u mean the ip of the system we are connected to ?
<patdk-wk> ya
<jits1998> that shd be 10.1.23.9 gateway 10.1.23.1
<patdk-wk> so coming in on vlan23
<jits1998> yeah
<patdk-wk> open a new window, but don't type any commands
<jits1998> done
<patdk-wk> that says from 10.1.0.5?
<patdk-wk> oh last :)
<jits1998> yeah .. thats the standard gateway/dhcp server for all other systems ..
<patdk-wk> pass
<patdk-wk> stupid hell
<patdk-wk> that switch doesn't do vlans very good
<jits1998> :-|
<patdk-wk> it has a 1514 byte limit
<patdk-wk> for vlans it should have atleast 1518
<jits1998> :-o
<patdk-wk> so it can handle the extra 4 bytes for the vlan header
<patdk-wk> maybe check the switch config
<jits1998> i have the manual somewhere..
<patdk-wk> mtu might just need to be changed to 1518
<jits1998> let me look it up ..
<patdk-wk> ANY port that has tagged vlans will need to be atleast 1518
<jits1998> LINKSYS_26870
<Demosthenes> drop your mtu ;]
<patdk-wk> could do that, can be a royal pain sometimes :)
<patdk-wk> if anything doesn't use dhcp :)
<wpl_> Why does the ssh server refuses my passwords when i connect from outside, but accepts them when i connect from inside the network? Intrestingly connecting the iPhone ssh client works.
<jits1998> patdk-wk: dhcp works fine.. other networks work fine.. only this port/server has issue .
<jits1998> is mtu config port based ?
<patdk-wk> well, this is only one using vlans
<patdk-wk> and the switch doesn't support the extra bytes for vlan
<jits1998> nah . .there is one more .. 10.1.0.5 also has as many vlans..
<jits1998> see the new console.. .. all .254 are there.. its the gateway
<patdk-wk> well, that one is fine
<patdk-wk> both plugged into same switch?
<jits1998> yes .. side by side ports
<patdk-wk> hmm, probably network card then
<patdk-wk> been a long time since I saw a network card with that issue
<jits1998> :-|
<patdk-wk> one min
<patdk-wk> don't even know what that is
<patdk-wk> :)
<jits1998> hehe :-)
<patdk-wk> swap it :)
<jits1998> network card ?
<patdk-wk> ya
<patdk-wk> for a different model
<patdk-wk> or use mtu 1496 everywhere
<jits1998> i think this is inbuilt one .. have another one plugged in .. wish i could get it changed right now :|
<patdk-wk> but network card will be quicker and much more sane on yourself
<patdk-wk> well, lets test the other one
<jits1998> yeah .. thats easy to do ..
<jits1998> other one isn't plugged in i think ..
<jits1998> its installed but no network cable going in ..
<patdk-wk> ya, doesn't looks like it
<patdk-wk> must be the marvell
<Demosthenes> *sigh* i was so disappointed. i bought a set of new gigabit switches, but none will talk gig through my site wiring :P
<patdk-wk> heh?
<patdk-wk> only 2pair?
<jits1998> the other came back ?
<jits1998> it is working :|
<patdk-wk> since I told it not to transmit too large a packet anymore :)
<Demosthenes> no, 100meg full i can do, just not gig. its got all pairs.
<Demosthenes> just not shielded i suppose
<patdk-wk> by definition, pairs don't need shielding
<patdk-wk> why they are pair'd :)
<patdk-wk> must be cat3 then, instead of cat5e
<qman__> 10/100 only needs two pair
<qman__> gigabit uses all four
<patdk-wk> he just said it had all pairs :)
<qman__> and it's more sensitive to EMI
<qman__> I read that as 100 meg worked, implying all four pairs
<qman__> which would not be the case
<patdk-wk> ya, 100meg 2pair, 1000meg, 4pair
<qman__> I haven't run into that problem yet myself, but I've only done it with cat5 and better
<qman__> 5e is the requirement but 5 usually works too
<patdk-wk> I had some runs of cat3, from before cat5 existed
<patdk-wk> 100mbit mostly worked on them
<patdk-wk> but not gigabit at all
<RoyK> qman__: IIRC 5e _was_ the requirement, CAT 5 will do now
<RoyK> patdk-wk: with cat5, gigabit will work unless you strech the cable too long
<RoyK> meaning >50m or so
<patdk-wk> yes, but this was cat3 :)
<patdk-wk> at about 40'
<RoyK> cat3 belongs to the ninetees
<patdk-wk> it was the 90's :)
<RoyK> patdk-wk: and back then, we didn't worry about gigabit, we thought 100Mbps was cool
 * patdk-wk wonders if jits1998 died
<jits1998> nah here.. just restarted the system . . after cleaning up udev/rules/net.rules
<patdk-wk> wrong method :)
<patdk-wk> should of just edited interfaces, replace eth1 with eth0
<jits1998> that had some of old stuff when we used multiple nic .. now with 11 rooms thats impossible :-)
<patdk-wk> bunch of quad nic cards? :)
<patdk-wk> and ethernet->usb adaptors :)
<tcsadmin> jits1998 - so your problem is resolved?
<patdk-wk> well, it's *known* now :)
<jits1998> tcsadmin: we have nailed it down likely..
<jits1998> need physical access to fix it ..
<tcsadmin> awesome
<patdk-wk> nic doesn't support 1518 byte packets, only 1514
<jits1998> patdk-wk: that may be true.. coz in the other machine the config is different as in the in-built card is not used .. let me double check ..
<jits1998> doesn't seem to be the case..
<patdk-wk> hmm?
<jits1998> then network card fault it must be ..
<patdk-wk> oh, other one isn't using onboard?
<jits1998> it is using onboard one.. as far as i can tell ..
<patdk-wk> what is the lspci lines for it?
<patdk-wk> but it has to be nic or switch
<jits1998> one has marvell/intel .. other has marvel / hangzhou
<patdk-wk> ya, the hangzhou is the issue
<patdk-wk> intel should be excellent :)
<patdk-wk> onboard is probably the marvel
<patdk-wk> I think your not using the onboard o nthat gateway :)
<jits1998> yeah .. currently hangzhou is in use..
<jits1998> intel with same config is working fine.. marvell being common is likely onboard one..
<patdk-wk> intel's are excelent, normally supporting 16k packets
<patdk-wk> marvell are normally good
<patdk-wk> atleast recent ones, dunno how old those are
<jits1998> just over a year i think ..
<jits1998> thanks so much for all your help :-)
<patdk-wk> should be fine, if they didn't install the most crap marvell they could
<jits1998> which part of us are you from ?
<patdk-wk> d.c.
<jits1998> me in india
<patdk-wk> saw, when I was tracing the ip
<jits1998> patrickdk.com is just filler :-)
<patdk-wk> yep :)
<patdk-wk> hate webpages
<patdk-wk> I used to have the ie can't locate server page, as the home page there
<jits1998> hehe .. you know too much for them to excite you :-)
<jits1998> twitter ?
<patdk-wk> nope
<patdk-wk> no facebook, no google+
<jits1998> where can i "bookmark" you then :-)
<patdk-wk> use whois :)
<patdk-wk> well, irc 24/7 :)
<patdk-wk> aim/xmpp also
<jits1998> no friend list here.. is it ? ..
<jits1998> or a fan list .. if i may :-)
<patdk-wk> on irc? not really
<jits1998> what do u do .. i mean company, working, consulting ?
<patdk-wk> consulting mostly
<jits1998> ok .. in networking or general computing .. web i think is ruled out..
<patdk-wk> heh? everything
<patdk-wk> networking, routing, vmware, programming, ...
<shennyg> I'm on karmic and want to upgrade to php5.3 what sources do I need to add?
<patdk-wk> lucid
<shennyg> I tried http://www.robsearles.com/2010/03/17/installing-php5-3-on-ubuntu-karmic/ but I got 'failed to fetch' errors
<shennyg> patdk-wk: are you saying just to upgrade to lucid?
<patdk-wk> shennyg, no, but that is where the php 5.3 lives
<patdk-wk> but technically yes
<patdk-wk> as karmic has been unsupported for a while, and doesn't get any security updates
<shennyg> Yes, best case scenario I would create new servers...
<shennyg> but for a quick win I would add the sources that lucid has?
<patdk-wk> well, your best source right now would be to download the source form lucid, and recompile for karmic
<jits1998> patdk-wk: anything on windows ? or asterisk ? need a couple of things done on these ..
<patdk-wk> windows sure, asterisk I used to be heavy into, but haven't touched for a few years now
<shennyg> where/how do I find those sources?
<jits1998> i need windows task to be automated .. asterisk having serious trouble with echo cause of our hardware ..
<patdk-wk> shennyg, I just edit sources.list to lucid, and apt-get source ....
<patdk-wk> echo is not an issue of hardware, it's an issue of using analog and digital mixed lines
<jits1998> no lines.. all soft phones.. connected "differently" .. no echo in headphones.. only in my hardware :-)
<patdk-wk> how do you mean only in my hardware?
<patdk-wk> echo can only be *created* when using analog lines
<shennyg> patdk-wk: do I just replace all instances of karmic with lucid?
<patdk-wk> yep
<patdk-wk> get all sources you need
<patdk-wk> and recompile them
<patdk-wk> not much fun
<patdk-wk> or you could just attempt to upgrade just php using the lucid binaries
<patdk-wk> really ugly, but normally works
<shennyg> ok, the other option would be to upgrade ubuntu.
<patdk-wk> yep
<shennyg> and 9.10 to 10.4 should be straightforward?
 * shennyg doing on a dev server first :)
<jits1998> patdk-wk: there ?
<patdk-wk> ya
<jits1998> pinged you my id .. can you add me ?
<patdk-wk> I did
<jits1998> did not get it :-s .. give me yours ..
<patdk-wk> it tells me your offline
<uvirtbot> New bug: #824767 in rabbitmq-server (main) "package rabbitmq-server 2.3.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/824767
<shennyg> thanks for your help patdk-wk
<Psi-Jack> Anyone know if the QLogic 2562 FC-HBA is supported in Ubuntu 10.04 LTS?
<Psi-Jack> OKay. Looks like it is just fine. ;)
<patdk-wk> ya, it is :)
<josePhoenix> Hmm.. I'm trying to change the hostname of a server, and it doesn't seem to be sticking
<josePhoenix> I changed /etc/hosts and I thought I'd changed /etc/hostname.. but it's back to the old value
<josePhoenix> hmm I guess I'll know if it shows up again. survived this reboot.
<uvirtbot> New bug: #824790 in multipath-tools (main) "IBM DS3400 Will Not Bring Up Second Path" [Undecided,New] https://launchpad.net/bugs/824790
<uvirtbot> New bug: #824807 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/824807
<josePhoenix> Hello all
<josePhoenix> I have added some @reboot lines in a user crontab, but they don't seem to be running
<josePhoenix> How can I fix that?
<Demosthenes> ok, so i've got a remotely booting diskless workstation setup now, nice. root's read only, so i can run many workstations...
<Demosthenes> i've got home directories setup in samba shares, anyone know how i can mount those up (need a username/pass) for the CURRENT user logged in on them?
<RyanP> Demosthenes: I'm doing something similar, but am using NFS to export the home.. don't care for that idea?
<Demosthenes> export ALL home's via exporting /home?
<RyanP> Demosthenes: yes
<Demosthenes> i considered that, but then NFS doesn't do share security... i may have to
<Demosthenes> but i was hoping there was a way to limit it
<Demosthenes> otherwise i'd have to open /home to any IP on the local subnet.
<Demosthenes> and of course, you can lie about your UID if you control an NFS capable box...
<RyanP> Demosthenes: Yes there is a drawback there.
<Demosthenes> i was thinking maybe autofs had a way, but it looks like it wants to put the smb user/pass in a file, that doesn't help for per-user security
<patdk-lap> demosthenes, pam_mount :)
<Demosthenes> patdk-lap: NICE
<nutcase_> hi guys... 1 quick ? is it posible to read ufs formatted HHD in ubuntu
<patdk-lap> as in freebsd ufs?
<nutcase_> yes
<patdk-lap> sure
<nutcase_> do i need to install any app for that or could just mount the drives and read the files
<patdk-lap> don't need to install anything
<nutcase_> sweet
<nutcase_> thanks
<patdk-lap> now mounting it isn't easy though :(
<nutcase_> well i got my work cut out then
<patdk-lap> http://www.sysadmindiary.com/2008/03/mounting-freebsd-ufs2-file-system-on-ubuntu-linux/
<patdk-lap> well, you just have to specify what type of ufs manually
<nutcase_> well you read my mind
<nutcase_> thank you
<Corey> Hence the "U" in UFS. :-)
<KM0201> where can i find instructions on setting up a FTP server?
<Psi-Jack> KM0201, Why do you want to install an insecure FTP Server?
<KM0201> dunno really.. just thought it'd be handy to let people downlload stuff from my server
<KM0201> i can simply block its port in my router when i don't want people using it.
<KM0201> but security wasn't necessarily my concern anyway
<Psi-Jack> KM0201: Why not sftp?
<Psi-Jack> Most FTP clients these days also support SSH's SFTP
<patdk-lap> why not use ftps? :)
<KM0201> 1. if sftp will work, thats fine.. my main concern, would be that people who download from me, would be able to access it witht heir client (i'm guessing most use filezilla)
<KM0201> but that doesn't change the fact, i'm looking for info on it.
<patdk-lap> if it's just downloads, why not http/https?
<Psi-Jack> FileZilla supports sftp.
<KM0201> patdk-lap: if it's not.. why not.. we mcan do that all day.
<KM0201> why not.. just see if you can answer my question.
<Psi-Jack> KM0201: So basically, you already have sftp support likely right now. :)
<patdk-lap> I can't even understand your question
<KM0201> patdk-lap: you know what ftp is don't you?
<Psi-Jack> KM0201: If not, you just install openssh-server, or equivalent for your distro, add a user, if you don't want them with shell access, set their shell to /bin/true
<patdk-lap> yes, but why anyone uses it, is beyond me
<KM0201> hmm
<Psi-Jack> hehe
<Psi-Jack> I just switched to using Fedora 15 with Gnome 3 on my main desktop.
<KM0201> so how exactly would they download something from me....?
<patdk-lap> using http :)
<patdk-lap> http is good for downloads, not so much for uploads
<patdk-lap> and everyone has http support and knows how to use it :)
<KM0201> patdk-lap: thus my point, i want upload support as well.
<patdk-lap> you didn'tsay that at all :)
<KM0201> i think i'm just gonna put you on ignore.
<patdk-lap> :)
<patdk-lap> dunno, that is the first time you said upload support, everything else was download only
<KM0201> Psi-Jack: wouldn't they have to use putty to use ssh?
<Psi-Jack> Noi
<uvirtbot> New bug: #824874 in nova (universe) "nova-objectstore goes into a tight loop and becomes unresponsive" [Undecided,New] https://launchpad.net/bugs/824874
#ubuntu-server 2011-08-12
<Demosthenes> ok, so not to brag, but a squid proxy with 20GB of cache works GREAT while debootstrapping the same system over and over ;]
<patdk-lap> heh, I dunno, squid has been giving me issues
<patdk-lap> doesn't like apt-get at all
<patdk-lap> and now netflix won't work over it
<qman__> I've been using squid as an apt proxy for a while
<qman__> I know my configuration is less than ideal, but the key to making it work is exceptions for the package lists
<qman__> or was for me
<patdk-lap> qman, for about 2 years here
<patdk-lap> it's always corrupting something and I have to purge /var/lib/apt/lists/partial
<qman__> hmm
<patdk-lap> been using apt-cache-ng for my servers, and it works good
<qman__> been using it well over a year, never ran into that
<qman__> I chose this setup before the apt-specific solutions started popping up
<qman__> at that time it was squid, or a full on mirror
<patdk-lap> ya, I used to run a full mirror
<patdk-lap> I will again one my new server goes live
<patdk-lap> don't have the disk space currently
<qman__> I've only got about a dozen machines so it's not worth the overhead for me
<qman__> trying to remember if I implemented it when I built my new router on 9.04, or if I had it on the old one too
<patdk-lap> I was full mirror for 9.04
<patdk-lap> switched to squid on 10.04
<Demosthenes> patdk-lap: i just export http_proxy=http://dkjkdsjfhdskjfhds:3128/ and go, aptitude works fine
<Demosthenes> stupid question, how does one generate a dynamic hostname (ie: from system mac addy) at boot, OR accept a hostname give you by the DHCP server?
<patdk-lap> I would use the hostname given by the dhcp server
<patdk-lap> but I believe you need to adjust dhclient in order for it to use it
<Demosthenes> patdk-lap: the issue is that the kernel is doing the initial dhcp... i just set it to localhost :P
<patdk-lap> dunno about that
<patdk-lap> but when I do a netboot, the netcard does dhcp, kernel boots, then initrd get a second dhcp
<patdk-lap> but that second dhcp in initrd seemed to use udhclient, instead of the normal one
<twb> Demosthenes: squid can do the wrong thing if you're riced it up too much, tho
<twb> Demosthenes: one guy here had e.g. told squid not to cache files below 128kB or something, so the Release file was not cached but the Release.gpg was -- bork bork
<twb> patdk-lap: Ubuntu's dhclient is patched to send host-name by default.
<Demosthenes> twb: yeah, i set it to keep just about everything.... ;]
<twb> Personally, I use debmirror and it Works For Me, and makes building SOEs *much* faster
<Demosthenes> yep. but i use squid for everythign else anyway ;]
<twb> Shrug
<twb> I have squid here, too, but it doesn't understand how to treat apt repos optimally
<uvirtbot> New bug: #824947 in cloud-init (main) "EC2 apt repository DNS resolution on VPC instances" [Undecided,New] https://launchpad.net/bugs/824947
<Stevk> hi
<Stevk> Im relativley new to linux (ubuntu 10). I'm trying to run a svn update via php command line. However when the webserver runs the script, all files are owned by www-data. So I want www-data to run a sh script as user ABC that contains the svn update command so all permissions remain with ABC. I tried for a while with sudo but don't really get along without asking me for a password.
<lifeless> you need to set NOPASSWD in the sudoers file
<lifeless> or something like that
<Stevk> yes I tried: %svn      ALL=NOPASSWD: /usr/bin/sh
<Stevk> didn't really work out as expected
<Stevk> when I then login as ABC whos is member of group svn and run this: sudo ABC -c sh svnupdate.sh
<Stevk> I still get asked for a password
<twb> Stevk: sh is /bin/sh
<twb> if you're doing to run svnpdate.sh from sudo, that's what should be in sudoers.
<twb> Not sure what you think -c will do; sudo isn't su.
<Stevk> ok I might be totally wrong and start mixing uo commands...any hint?
<twb> Also test with sudo -L
<Stevk> changed in sudoers sh to : %svn      ALL=NOPASSWD: /bin/sh
<twb> Sorry, sudo -l
<twb> Here are two examples I have:
<twb>     (ALL : ALL) NOPASSWD: ALL
<twb>     ( : cdrom) NOEXEC: /usr/bin/wodim, /usr/bin/cdrecord
<twb> The former gives me privileges to run ANYTHING; the latter gives mr permission to do CD burning as the cdrom group (which has write access to the CD drive)
<twb> Both would have a user (e.g. "twb") or a group (e.g. %users) in front
<twb> Note that those are actually emitted by sudo -l from my LDAP sudoers objects, so they *might* be wrong, although they look OK from memory.
<twb> Here's what a raw sudo-ldap object looks like: http://paste.debian.net/125983/
<Stevk> ok, I try to come up with another sudoer entry. I also don't want to make it too open. Ideally I want users of group svn allow to run scripts within a certain directory only...
<twb> Stevk: the ldap object I pasted does basically that
<twb> Stevk: the ldapchsh and such scripts, are all symlinks to the /usr/sbin/ldapadduser script that I wrote
<twb> Stevk: the object allows managers to run it with root privileges, since my ldap server is locked down to prevent remote edits
<Stevk> thanks twb I'll have a look into LDAP...I've never used it...
<twb> Stevk: unless you have >>1 host, you don't need or want sudo-ldap
<twb> Stevk: I'm just explaining it because that's what I happen to have in front of me
<Stevk> it's a shared server with muliple vhosts ...
<twb> In that case it's more like what I've got :-)
<tuvok> morgens..
<tuvok> ich habe von nem user das passwort geÃ¤ndert jetzt mÃ¶chte der beim booten im Gnome immer das schlÃ¼sselbund passwort .. aber das alte..
<tuvok> kann ich das irgendwie beheben'
<jpds> !de | tuvok
<ubottu> tuvok: In den meisten Ubuntu-KanÃ¤len wird nur Englisch gesprochen. FÃ¼r deutschsprachige Hilfe besuche bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Einfach "/join #ubuntu-de" eingeben. Danke fÃ¼r Dein VerstÃ¤ndnis!
<tuvok> oh mist gar net gesehn .. sorry!!
<RoyK> anyone here that knows what's the fastest CPU cores around these days? I have a single-threaded app that needs more hourse power...
<uvirtbot> New bug: #825124 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/825124
<Ursinha> good morning, people of the sun
<RoyK> erm........
<RoyK> how does grub2 choose default kernel?
<RoyK> I have 2.6.32-33 and 2.6.35-25 installed, but even so, it runs 2.6.32-28
<RoyK> forget it...
<uvirtbot> New bug: #825139 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: Î· ÏÏÎ¿Î´Î¹ÎµÏÎ³Î±ÏÎ¯Î± installed post-installation script ÎµÏÎ­ÏÏÏÎµÏÎµ ÎºÎ±ÏÎ¬ÏÏÎ±ÏÎ· Î»Î¬Î¸Î¿ÏÏ 1" [Undecided,New] https://launchpad.net/bugs/825139
<Ursinha> omg more samba bugs
<lynxman> Ursinha: morning ;)
<amero> any idea how to fix this small error?
<amero> # dpkg-source -x libevent_2.0.12-stable-1.dsc
<amero> gpgv: Signature made Fri Jun 17 07:12:50 2011 PDT using DSA key ID 7ADF9466
<amero> gpgv: Can't check signature: public key not found
<amero> i need to recompile source package from oneiric repo on natty
<uvirtbot> New bug: #825290 in libvirt (main) "VirtMnager 0.9.0 doesn't provide access to "virbr0" during installation phase" [Undecided,New] https://launchpad.net/bugs/825290
<NetworkRenderer> hi, suche fuer SSH einen Systemmonitor
<dkn> i installed a desktop on 10.04LTS, vino was working great for weeks, then after a restart vino VNC server stopped working... can't connect from any local machine on the network
<NetworkRenderer> I realy search a Terminal Systemmonitor
<NetworkRenderer> i dont want to install the desktop because it will slows down the system
<Pici> NetworkRenderer: htop?
<Pici> NetworkRenderer: top is already installed, but htop has extra features.
<NetworkRenderer> thanks i will try it
<NetworkRenderer> i think htop is better for me
<NetworkRenderer> Thanks
<NetworkRenderer> have a nice da
<NetworkRenderer> y
<Ursinha> I'll run some errands for the sprint travel, bbl
<RoyK> anyone here using oprofile on ubuntu?
<RoyK> seems the vmlinux image is missing, and without that, oprofile isn't too fun
<fosterdv> RoyK: what does it do?
<fosterdv> If you don't mind me asking?
<RoyK> oprofile is used for benchmarking, finding in which system calls most cpu is used
<fosterdv> Ah, that's pretty cool. Thanks
<RoyK> and without vmlinux, oprofile can't find which part of the kernel is spending the time
<RoyK> vmlinux is the badass non-stripped, non-compressed version of vmlinuz from which linux boots
<fosterdv> That's pretty cool, I'm going to try to install it.
<fosterdv> is vmlinux something you have to install separately?
<RoyK> seems the only way is to build a kernel
<RoyK> but it'd be nice if it was available without thhat
<fosterdv> Yeah
<RoyK> does anyone know which of i5 and i7 processors would be the fastest for single-thread computing?
<patdk-wk> isn't that easy to figure out?
<patdk-wk> highest ghz cpu with turbo :)
<RoyK> patdk-wk: same core type?
<patdk-wk> hmm?
<patdk-wk> core type only affects cpu features, like onboard cache and stuff
<RoyK> does AMD have anything comparible to i[57] at all these days?
<RoyK> as for core speed
<patdk-wk> well, I know amd does 3.6ghz and maybe 3.8ghz
<patdk-wk> but I believe those are still pumped up values, not real core speeds
<RoyK> earlier AMD used to be quite a bit faster per GHz than Intel
<RoyK> but dunno if that's true anymore
<patdk-wk> well, amd used to market their speeds as intel equiv
<patdk-wk> saying their 2.4ghz cpu was equiv to an intel 3.0ghz
<patdk-wk> so they sold it as a 3.0ghz :)
<RoyK> that was some time ago...
<patdk-wk> yep
<patdk-wk> I haven't tracked amd cpu's since then, cause of that
<RoyK> but it seems AMD Opteron at 2.2GHz is quite good http://www.cpubenchmark.net/high_end_cpus.html
<patdk-wk> and their lack of onboard cache
<RoyK> erm... AMDs lack of cache?
<patdk-wk> normally have 1/2 the size cache intel has
<RoyK> doesn't seem to be the case anymore
<RoyK> anyway - we have some dual 12-core machines at work, and their 2.1GHz cores are a bit faster than our previous 3YO 3.6GHz Xeons
<RoyK> but still way slower than a new i7
<patdk-wk> guess we need to locate a bogomips chart :)
<RoyK> :)
<hallyn> kirkland: any objection to http://people.canonical.com/~serge/ipxe.debdiff ?
<kirkland> hallyn: +1
<kirkland> hallyn: only thing I might do differently is to symlink these into /usr/share/qemu
<bernhard1> 11.4 not cleanly unmounted.. giving errors what to do ?
<hallyn> kirkland: wasn't there a reason why we didn't use symlinks with kvm-pxe?
<hallyn> i can't recall what exactly...
<hallyn> ~>
<hallyn> kirkland: all right but that works.  lemme post a new debdiff to that same place
<hallyn> done.  i'll give that some testing next week, then ask you to push :)  THen hopefully qemu-kvm can depend on ipxe.
<otubo> nealmcb_, Hi, are you Neal McBurnett, libvirt mantainer on launchpad by any chance?
<bernhard1> this is the problem.. installed ubuntu server 11.4.. but when it is shut down it says it is not cleanly unmounted..  then.. when i boot i get this error. mountall: fsck /boot{344} terminated with status 1  then.. about 50 lines.. cannot write bytes: broken pipe  when i fix the errors with knoppix cd after one or two reboots i have the same error. This is my syslog anybody can help ?
<bernhard1> http://pastebin.com/4wRJdULM
<RoyK> first of all, why did you install 11.04? most servers will work well on the LTS releases (8.04/10.04)
<el_seano> does anybody know where linux writes its data when it goes into hibernate?
<el_seano> is it to swap?  Or does it just drop it somewhere on /?
<RoyK> el_seano: in the swap partition/file
<guntbert> bernhard1: how do you reboot?
<bernhard1> <guntbert> with reboot command
<bernhard1> <RoyK> since it install most apps normally.. for instance php5-fpm.. on 10.4 i have fiddle with debs etc..
<guntbert> bernhard1: ok,  I *had* to ask :-)
<uvirtbot> New bug: #825494 in libvirt (main) "/etc/init/libvirt-bin vs /etc/default/libvirt-bin" [Undecided,New] https://launchpad.net/bugs/825494
<guntbert> bernhard1: I don't see any errors in that file, ...
<kirkland> RoAkSoAx: ubuntu@ec2-50-17-40-5.compute-1.amazonaws.com
#ubuntu-server 2011-08-13
<squidly> I'm trying to bond two NIC's in a failover setup on 11.04, it does not seem to be working though...
<squidly> never mind.. I forgot to install the ifenslave package..
<lickalott> anyone in here also visit metasploit
<lickalott> the chan?
<uvirtbot> New bug: #819903 in swift (main) "[MIR] swift" [High,Fix released] https://launchpad.net/bugs/819903
<uvirtbot> New bug: #825697 in samba (main) "winbindd_cache clearing" [Undecided,New] https://launchpad.net/bugs/825697
<Demosthenes> i'm kinda miffed. it looks like ubuntu server is using first-available uid's for users created by packages instead of pre-assigned id's under 1000.
<Demosthenes> so no two systems will have compatible uids
<Demosthenes> i find this out the hard way trying to share passwd/group/shadow files between my master headless server and diskless clients.
<sponzor> is there any howto that works how to install ubuntu server 10.04 lts from usb?
<sponzor> anyone? :)
<uvirtbot> New bug: #825825 in openssh (main) "have DNS based verification occur by default" [Undecided,New] https://launchpad.net/bugs/825825
<Hackwar> hi folks, I already asked in #ubuntu, but they told me to ask here, too. I'm thinking about installing a server in our web-agency and wanted to use ubuntu-server. Now I'm not a newbie, but also not a professional either. I want to install subversion, a samba share, LAMP, redmine and phpmyadmin.
<Hackwar> The server is purely internal and I was so far successfull in installing all that in a virtual machine.
<Hackwar> my question is: Do I have to pay attention, especially in terms of security, for all of this?
<Hackwar> is there anything that I have to pay attention to in particular
<jmarsden> Hackwar: You need to decide what you think the likely threats are to this machine and the software it runs -- fraud? disgruntled insiders? automated attacks?  malware?  If it has absolutely NO Internet connection, so it really is purely internal, insiders and those with physical access may be your main threats.  If it has no Internet connectivity, how will it be updated?  In either case, how till it be backed up, and how will those backup
<jmarsden>  copies be secured?  Etc.  You have to "pay attention" to whatever you think the threats you need to protect against are.
<KM0201> is there a command i can run, to see file transfer speeds?
<KM0201> say, from the server to a desktop.
<jmarsden> KM0201: Disk i/o speeds?  or network traffic?
<jmarsden> iotop can show disk i/o, jnettop can show network traffic
<KM0201> jmarsden: thanks
<jmarsden> KM0201: You're welcome.
<KM0201> jmarsden: how do i quit iotop?..lol
<jmarsden> q
<jmarsden> q for quit
<KM0201> hmm, i thought i tried that, guess not.
<jmarsden> Like less and top and htop and many other similar programs :)
<KM0201> never really dealt w/ top, etc.
<jmarsden> You can also do   man iotop    and read all about it :)
<KM0201> man pages are often jibberish.
<KM0201> "often" not always
<jmarsden> No.  man pages are an excellent source of documentation,  you just have nto spent enough time learning how to read them.
<KM0201> dunno, i'e read a lot of them.. some are very good, most i don't find all that informative.
<uvirtbot> New bug: #825872 in cyrus-sasl2 (main) "FTBFS with newer versions of heimdal" [High,In progress] https://launchpad.net/bugs/825872
<jeeves_moss> is there a way to "tail" a log to a webpage?
<jj995> anybody know how to test APC PowerChute Network shutdown?  I want to make sure it can actually shutdown my server
<JoeCoder> I want to run a cron job that will update my server with all of the security fixes.  but I don't want to go to major new versions that may break conpatibility with my configuration files.  Is apt-get update the best choice?
<squidly> JoeCoder: check out unattended-updates
<squidly> that will apply security patches but not version upgrades unless it's required for the security fix
<JoeCoder> the /etc/cron.daily folder already has some scripts that look like they are performing updates.
<JoeCoder> but they're rather logn.
<JoeCoder> *long.
<JoeCoder> are these standard with an ubuntu server install or should I ask my host (rackspace) ?
<alamar> JoeCoder: which scripts do you mean
<alamar> apt & aptitude DO have some scripts there
<JoeCoder> that's them.
<alamar> they are there by default
<alamar> if you want to automatically install updates take a look at cron-apt
<JoeCoder> do they perform something similar to an aptitude safe-upgrade ?
<alamar> this might be what you are looking for
<alamar> no
<JoeCoder> I'm tring to figure out if I need to add my own script also.
<alamar> JoeCoder: cron-apt should suffice
<alamar> I just took a look at the script in /etc/cron.daily/apt it seems it CAN be configured to do autoupdates/upgrades
<JoeCoder> I was reading this page:  https://help.ubuntu.com/community/AutomaticSecurityUpdates and it mentions cron-apt as well.  But having my own cron job is the simplest for me to understand and change if necessary.
<JoeCoder> (That page also mentions the custom cron job)
<bernhard1> this is my problem.. installed ubuntu server 11.4.. but when it is shut down it says it is not cleanly unmounted..  then.. when i boot i get this error. mountall: fsck /boot{344} terminated with status 1  then.. about 50 lines.. cannot write bytes: broken pipe when i fix the errors with knoppix cd after one or two reboots i have the same error. This is my syslog anybody can help ?
<bernhard1> http://pastebin.com/4wRJdULM
<bernhard1> anybody ???
<JanC> bernhard1: the issues seem to be with a raid device?
<bernhard1> <JanC> i only use one disk.. wd velociraptor (new) 300gb
<JanC> hm, I'd think "dm-0" refers to a RAID or the like, but maybe I'm wrong
<JanC> also, I see only references to 1 disk, you're right  âº
<JanC> bernhard1: the filesystem errors are on a device named "dm-0", so do you know what it is?
<bernhard1> <JanC>  how could i found out what is the device device named "dm-0"
<JanC> I suppose 'mount' should show it?
<bernhard1> <JanC> mount /dev/mapper/duizend-root on / type ext4 (rw,errors=remount-ro) proc on /proc type proc (rw,noexec,nosuid,nodev) none on /sys type sysfs (rw,noexec,nosuid,nodev) fusectl on /sys/fs/fuse/connections type fusectl (rw) none on /sys/kernel/debug type debugfs (rw)
<bernhard1> none on /sys/kernel/security type securityfs (rw) none on /dev type devtmpfs (rw,mode=0755)
<bernhard1> none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620) none on /dev/shm type tmpfs (rw,nosuid,nodev) none on /var/run type tmpfs (rw,nosuid,mode=0755) none on /var/lock type tmpfs (rw,noexec,nosuid,nodev) /dev/sda1 on /boot type ext2 (rw)
<bernhard1> <JanC> dm-0 /dev/duizend/root
<JanC> bernhard1: do you use an encrypted disk/partition?
<bernhard1> <JanC> no
<bernhard1>  <JanC> dm-0 /dev/duizend/root
<bernhard1> dm-1 /dev/duizend/swap_1
<JanC> what does "ls -l /dev/mapper" say?
<JanC> it must be something that uses device mapper...
<JanC> encryption, RAID, ...
<JanC> LVM?
<bernhard1> what i notice is that when i set /boot to read only it does not give to these pipe errors (but still the dm-0 errors in logfile) ls -l /dev/mapper total 0
<bernhard1> crw------- 1 root root 10, 236 2011-08-14 00:40 control
<bernhard1> lrwxrwxrwx 1 root root       7 2011-08-14 00:40 duizend-root -> ../dm-0
<bernhard1> lrwxrwxrwx 1 root root       7 2011-08-14 00:40 duizend-swap_1 -> ../dm-1
<bernhard1> Yes the system is setup with LVM
<JanC> it looks like the filesystem is not properly synced before you reboot/shut down?
<bernhard1> <JanC> any way to fix this ?
<JanC> bernhard1: are you sure the disk is okay?
<JanC> did you check SMART data etc.?
<bernhard1> yes it is new.. i also bought a second one.. and get the same erros..
<bernhard1> errors
<JanC> ugh  â¹
<bernhard1> <JanC> SMART data ?
<JanC> bernhard1: a standard way to read self test results & statistics from the drive firmware
<JanC> e.g. it gives you a counter of hardware errors etc.
<JanC> (but also how often you spinned up the disk, etc.)
<JanC> but if you have this with 2 different disks, it's less likely the disk is at fault  ;)
<bernhard1> yes thats my guess also.. i think i also tried a third disk.. with same issue..
<JanC> might be something wrong with the motherboard/chipset/ACPI/etc. support...
<bernhard1> <JanC> ACPI: resource amd756_smbus [io  0x10e0-0x10ef] conflicts with ACPI region PMIO [io 0x1000-0x10fe] kernel: [    7.555003] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver kernel: [    7.559547] ACPI: resource 0000:00:07.2 [io  0xcc00-0xcc1f] conflicts with ACPI region ECIO [io 0xcc00-0xcc1f] kernel: [    7.559550] ACPI: If an
<bernhard1> ACPI driver is available for this device, you should use it instead of the native driver
<JanC> ACPI handles powerdown/reboot, so it was just a guess that it might maybe be involved, you'd need an ACPI guru to be sure if that is or can be the cause
<JanC> or maybe a google search for that phrase  ;)
 * JanC is going afk now
<bernhard1> <JanC> i did update the bios to latest version.. thanks
#ubuntu-server 2011-08-14
<rdegges> Hey guys, I've defined a crontab that does `/usr/bin/aptitude -y safe-upgrade`, however, it always fails when run via cron. I can run it on the CLI just fine. When I log it's stdout/stdin to a text file, I see that it hangs on "Writing extended state information..." and never finishes. Is there a fix for this?
<rdegges> Am I missing something?
<alamar> why don't you use the capabilities of the /etc/cron/apt cronjob or just cron-apt?
<rdegges> never heard of thhose before
<alamar> they do essentially the same
<alamar> https://help.ubuntu.com/community/AutoWeeklyUpdateHowTo
<rdegges> Hrm, thanks. I'm looking at that now.
<freakabcd> hi all
<freakabcd> is there a way to find out if my server has ECC memory onboard?
<freakabcd> i'm not physically present at the location of the server and hence i cannot shut it down and look within
<KM0201> hmm
<KM0201> freakabcd: sudo dmidecode --type 17      try that
<philipballew> is it a good idea to set up and enable the root account in my server?
<ke1ha> Hey guys, quick quesintion. I bult a 10.04 server, and after, I added a couple spare drives I had form another box, problem is, I forgot if they are ext3 or ext4, what's a quikx way to determine what they are as I dont want to reformat them before moving the data.
<ke1ha> NVM, I got it, wow, it must be getting late :-)
<RoyK> philipballew: depends if you're likely to need it
<philipballew> RoyK, what uses would i have to need it
<RoyK> philipballew: or if you want to add a little layer of security - anyone with physical access to an ubuntu machine may reboot it into single user mode and without a root password, there'll be no password prompt for that
<RoyK> however, anyone with physical access may boot the server from a cdrom or usb stick, and there's little to do about that
<philipballew> block that from bios maybe
<RoyK> still, anyone with physical access can open the machine and pull out the drive, or reset CMOS and then bypass whatever you added in the BIOS setup
<RoyK> or even take the machine
<philipballew> thats true, well im off to bed! thanks for the info to think about
<RoyK> so, adding a root password to stop people from booting into single will stop newbies/idiots, but it'll never stop the Bad guys so long they're allowed physical access
<philipballew> if they want it bad enough theyll take it
 * nancy-- things how to build a social networking site like facebook in easy way
<RoyK> dunno if there's an easy way to do that - perhaps some open framework can help, but I don't know any
<nancy--> USING WORDPRESS
<nancy--> buts it gives errors
<RoyK> wordpress ins't really made for social networking
<RoyK> should be usable for it, though, given enough tweaks :P
<nancy--> what are build for that purpose than?
<RoyK> no idea
<RoyK> I guess a CMS can do it
<RoyK> while wordpress is may be called a CMS, it's rather limited
<RoyK> http://en.wikipedia.org/wiki/List_of_content_management_systems gives a list of what's out there
<nancy--> hm
<RoyK> http://techcrunch.com/2007/07/24/9-ways-to-build-your-own-social-network/
<RoyK> old article, though
 * nancy-- things how to build a social networking site like facebook in easy way
<RoyK> I guess google for it
<SSX_1> can i ask a quick question - installed 11.04 on an old armada m300, install went ok, but it boots into black and white garbage??
<nancy--> in ftp how to cut a folder and past it inside another folder (i dont want to download and upload it again) ?
<nancy--> in ftp how to cut a folder and past it inside another folder (i dont want to download and upload it again) ?
<uvirtbot> New bug: #826022 in euca2ools (main) "euca-modify-image-attribute usage raises error" [High,Triaged] https://launchpad.net/bugs/826022
<uvirtbot> New bug: #826174 in bacula (main) "package bacula-director-sqlite3 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/826174
<SSX_1> how to connect a usb wifi ?
<jeeves_moss> anyone have a good reccomendation for a good "howto" for dovecot/postfix/spamass/clamav/tls/quota?
<RoyK> jeeves_moss: there's one in the guide
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<jeeves_moss> RoyK, thanks!
<maxagaz_> hi
<maxagaz_> on a virtual machine, is it better to install ubuntu  64 or 32 ?
<RoyK> maxagaz_: doesn't matter much, but if you don't need >1GB memory, there's no need for 64bit
<RoyK> 64bit pointers means 2x space for those, so a wee bit more memory usage
<RoyK> maxagaz_: >1GB for the guest, that is
<droobuntu> I have a dual nic mobo with ubuntu 11.04 server, I'm attempting to setup internet connection sharing >
<droobuntu> eth1 is the internet connection, eth0 is what the client machine will use to connect to the ubuntu server >
<droobuntu> rtfm'd and implemented several "how to guides" but I'm having trouble
<droobuntu> may I get some assistance? will post info that is required to help figure it out
<qman__> the general linux term for it is masquerading
<droobuntu> understood, I attempted some guides using dhcp3 w dnsmasq but couldn't get it working so I'm now trying static ip's on the server and the client machine
<qman__> the firewall portion is really simple
<qman__> did you set net.ipv4.ip_forward = 1?
<droobuntu> i did per a guide
<qman__> cat /proc/sys/net/ipv4/ip_forward to verify
<qman__> then you only need two iptables rules
<droobuntu> that responded with "1" via terminal (ssh)
<qman__> sudo iptables -t nat -A -o eth1 -j MASQUERADE
<qman__> whoops
<qman__> sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
<qman__> sudo iptables -A FORWARD -i eth1 -j ACCEPT
<qman__> er, in your case
<qman__> sudo iptables -A FORWARD -i eth0 -j ACCEPT
<qman__> all the instructions are based on eth0 being the internet
<droobuntu> yes it's backwards, the gigabit nic doesnt like crossover cable at all so I'm having to use eth1 as the internet nic
<droobuntu> =\
<qman__> but yeah
<qman__> those two rules are all it takes
<qman__> other than that it's networking configuration
<droobuntu> that's probably the problem, I've issued these commands before but I went through the process again just now as you directed
<droobuntu> usually something simple
<qman__> you can erase anything else that might have gotten in there with sudo iptables -F; sudo iptables -t nat -F
<qman__> also, those rules won't be persistent after a reboot, there's plenty of ways of saving them
<qman__> up to you which you want
<droobuntu> recommend?
<qman__> mine is a bit more complicated due to port forwarding, so I wrote a script and added it to if-up.d
<droobuntu> well my eth1 = static 192.168.0.200 with portfowarding set on the Modem/Router that it is behind
<droobuntu> setting that up was cake
<qman__> then what's this for?
<qman__> the router should be doing everything you need to just plug the second one in
<droobuntu> ports for apache/ssh/team fortress 2 dedi
<droobuntu> the router/modem is across the house and wireless in this back area is unacceptable
<qman__> bridge the interfaces
<qman__> way simpler and you'll keep everything on one network
<droobuntu> hmm
<droobuntu> quick query about the client machine.. the nic gateway should be set to the Modem/Router? or the Ubuntu eth1 ip address?
<droobuntu> eth0 btw is set up on a 10.x.x.x ip set
<qman__> ubuntu eth0 address
<qman__> the gateway is the next router hop, it has to be in a locally reachable subnet
<qman__> so if PC 2 is 10.0.0.100 and the routing ubuntu is 10.0.0.1, the gateway on PC 2 is 10.0.0.1
<droobuntu> just dbl checked, thats what i have
<qman__> then routing ubuntu also has 192.168.0.200, and its gateway is the modem/router, 192.168.0.1
<qman__> or whatever it is
<droobuntu> with the dns set for the isp of course
<droobuntu> i had this working with 11.04 desktop
<droobuntu> but i opted for server this time and its been a real headache
<qman__> with a bridge though, all that goes away
<qman__> you can go back to DHCP
<droobuntu> I'll rtfm on bridging net interfaces on *nix
<qman__> but really, you don't even need a masquerade if there's only one computer
<droobuntu> no?
<droobuntu> recommend?
<qman__> you could just simply route
<qman__> masquerading is to share one IP address, which you don't need to do
<qman__> flush the firewall, set to accept all
<qman__> long as ip_forward is set to 1 it should just work
<qman__> other computers on the network would need a route set though
<qman__> to know where 10.x.x.x is
<qman__> which is why bridging is better
<droobuntu> thats what I thought as well but something somewhere is holding me back.
<qman__> just install bridge-utils, set one up in interfaces
<droobuntu> I have a lan connection on the client to the server, but no internet access
<qman__> in that case, it's probably because the modem doesn't know where 10.x.x.x is
<qman__> if you can set a route there, that'd be the quickest fix
<qman__> otherwise you could static NAT, or go with the bridge
<droobuntu> now my eth0 and eth1 arent auto starting up
<droobuntu> lol
<droobuntu> I love a good challenge and learning experience
<droobuntu> thank you for your patience and time qman
<droobuntu> kudos
<qman__> no problem, just passing the time
<droobuntu> well if you are REALLY bored you can ssh into this monster and help me figure this crap out
<qman__> pretty sure you just want to have both interfaces come up without addresses, then DHCP (or static) the bridge
<tenchi21> for use in a server environment would you recommend an ATX or ATX12v PSU ?
<bernhard2>  Installed nginx and php5 php5-fpm the website is working with html not not php the info.php does not show php info. did install apt-get install php5 php5-fpm php-pear php5-common php5-mcrypt php5-mysql php5-cli php5-gd php5-curl php5-imap php5-memcache php-apc restart both nginx and php5-fpm The nginx config files can be found here.. http://pastebin.com/tH4RaYB0
<StevenR> bernhard2: is fastcgi server running? Does netstat -ntlp show it?
<bernhard2> yes its running see your pm
<StevenR> bernhard2: please use a pastebin for that in future.... does fastcgi show the php scripts being passed to it? Do the nginx logs show the php scripts passign to fastcgi?
<StevenR> bernhard2: stop using the pm. thanks. (you get the benefit of anyone else who might be listening here, rather than just me who has little experience with nginx and fastcgi)
<StevenR> bernhard2: what do the log files show (please use a pastebin)
<bernhard2> the nginx logfiles say nothing about fastcgi
<StevenR> ok, well what do they show when you attempt to access a php page?
<StevenR> and what do the fastcgi log file show?
<bernhard2> NOTICE: reloading: execvp("/usr/sbin/php5-fpm", {"/usr/sbin/php5-fpm", "--fpm-config", "/etc/php5/fpm/php-fpm.conf"})
<bernhard2> NOTICE: using inherited socket fd=6, "127.0.0.1:9000"
<bernhard2> NOTICE: fpm is running, pid 3453
<bernhard2> NOTICE: ready to handle connections
<StevenR> if that's all, then you need to increase the logging for both pieces of software
<Jeeves_> fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
<Jeeves_> Where are your scripts located?
<Jeeves_>  /var/www i asume?
<Jeeves_> I think it should be
<Jeeves_> fastcgi_param  SCRIPT_FILENAME  /var/www$fastcgi_script_name;
<Jeeves_> I do it (with perl) like this
<Jeeves_>   location ~ ^/otrs/(.*\.pl)(/.*)?$ {
<Jeeves_>     fastcgi_param SCRIPT_FILENAME   /home/tuxis_otrs/otrs/bin/fcgi-bin/$1;
<Jeeves_> That also catches the full URI instead of just the filename
<Jeeves_> So in your case that would be:
<Jeeves_> Hmm
<Jeeves_> fastcgi_param  SCRIPT_FILENAME  /var/www$fastcgi_script_name; should do, I guess
<bernhard2> when i try to use info.php then i get page can not be found. the i see this in my log "GET /info.php HTTP/1.1" 404 31 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2)"
<Jeeves_> bernhard2: Did you change what I said you should change?
<bernhard2> yes my php is in /var/www
<bernhard2> <Jeeves_>  not yet one moment
<bernhard2>  <Jeeves_>   fastcgi_param  SCRIPT_FILENAME  /var/www$fastcgi_script_name;
<bernhard2> <Jeeves_> this should be instead of .. ?
<Manu32> hi
<Jeeves_> bernhard2: Line 100 in your paste
<Jeeves_> Hi Manu32
<Manu32> I'm having trouble with visudo / running a script as a certain user. I set up the rule in sudoers but every time I try to run the .sh containing an svn update inclusive user it just tries to execute is as root?
<Jeeves_> Manu32: That depends on the sudo-command you're using
<Manu32> this is what's in my sudoer:
<Manu32> TESTUSER2 ALL=(TESTUSER1) NOPASSWD: /usr/bin/svn
<Manu32> this is the content of the .sh I run as TESTUSER2:
<Manu32> sudo svn --username TESTUSER1 --password '12345' update /www/dev/ 2>&1
<Jeeves_> that will run as root, yes
<Jeeves_> sudo -u testuser (try to avoid capitals)
<Manu32> syntax error? let me try
<bernhard2> <Jeeves_> changed the line and restarted nginx and php5-fpm  the line: fastcgi_param  SCRIPT_FILENAME  /var/www$scripts$fastcgi_script_name;   and it works.. great.. :)
<Jeeves_> bernhard2: Good
<Manu32> <Jeeves> it didn't change anything unless I need to change the --password attribut too? (haven't used capitals in the real file)
<Manu32> sudo svn -u TESTUSER1 --password '12345' update /www/dev/ 2>&1
<bernhard2> <Jeeves_> when i open a url it does not work when i do not put a / at the and of the path.. for instance http://domain/phpmyadmin does not start index.php but http://domain/phpmyadmin/ does start the index.php can this be fixed to work also without the / at the end ?
<Jeeves_> Nope
<Jeeves_> http://domain/phpmyadmin calls for a file
<Jeeves_> http://domain/phpmyadmin/ calls for a directory
<Jeeves_> Manu32: You need to tell sudo as which user the command svn must run
<Jeeves_> if you don't define a user with -u, sudo will try to run it as root
<Jeeves_> sudo -u <usertorunas> <command to run>
<Manu32> yes I just figrued the order of my command was mixed up...got it now. Cheers
<Jeeves_> np
#ubuntu-server 2012-08-06
<JoeCoder_> what's the best option for handling spam on my postfix+courier mail server these days?  spamassassin?
<uvirtbot> New bug: #1033412 in lxc (universe) "package lxc 0.7.5-3ubuntu60 failed to install/upgrade: unable to install new version of `/usr/lib/lxc/liblxc.so.0.7.5': Device or resource busy" [Undecided,New] https://launchpad.net/bugs/1033412
<AdvoWork> hi there, ive just installed 12.04 server, i've changed my /etc/network/interfaces to static, and am trying to edit /etc/resolv.conf but it just states: # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)  any suggestions where I can edit that then?
<mardraum> yes, the same file (interfaces0
<mardraum> (interfaces)
<mardraum> dns-nameservers 1.2.3.4
<mardraum> dns-search teh.world
<mardraum> (it even told you the manpage that explains it btw)
<AdvoWork> but won't that get overwritten?
<mardraum> what?
<mardraum> man resolvconf
<mardraum> why would your static entry in interfaces get overwritten?
<AdvoWork> i missed this off my paste, /etc/resolv.conf shows: DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN  but i changed etc/network/interfaces to have dns-nameservers ....  and rebooted, and now etc/resolv.conf shows the correct thing
<mardraum> then I don't understand your question
<AdvoWork> ive resolved it now, but i read that i needed to edit /etc/resolv.conf but then i saw that DO NOT edit thing, so i assumed I needed to change another file, which i did(i didn't get it at first, it makes sense now)
<RoyK> anyone here that knows a good place to start if I want open source video on demand?
<lifeless> vlc ?
<RoyK> lifeless: I somewhat doubt that will scale very well
<lifeless> RoyK: why do you say that ?
<lifeless> RoyK: You know what vlc was *written for*, right ?
<RoyK> lifeless: I just wonder how the I/O scheduling will be sorted out if 100 or 1000 concurrent viewers connect to vlc like that
<uvirtbot> New bug: #1033444 in nova (main) "Deleting an added floating IP just removes it from the server" [Undecided,New] https://launchpad.net/bugs/1033444
<lifeless> RoyK: well, you'd want enough IO bandwidth to handle however many concurrent streams you have going
<lifeless> allowing for some buffering to smooth the IO out
<AdvoWork> I installed postfix on 10.04 and i'm now trying to replicate this onto 12.04(new server). ive ran the installed on 12.04 and set no config(as I don't know what I did last time), and on my old server i had relaying (relayhost) setup in main.cf but that file doesn't exist on my 12.04. Any ideas please?
<AdvoWork> or, if i reconfigure it, can i find out if what option i would have selected on the old version(ie the configuration)?
<rbasak> AdvoWork: sounds like you want the "with smarthost" option.
<rbasak> AdvoWork: install debconf-utils and use "debconf-get-selections|grep ^postfix" to see what you set last time. look for grep again for postfix/main_mailer_type
<AdvoWork> i think its ok now, thanks for the tips rbasak . smarthost option seemed to work
<uvirtbot> New bug: #913809 in samba (main) "smbd crashed with SIGABRT in rep_strlcpy()" [High,New] https://launchpad.net/bugs/913809
<alex88> hi guys, i've created two software arrays, called md4 and md5, they was there after creation, i've also added the mdadm --details --scan on /etc/mdadm/mdadm.conf and it was fine, with /dev/md/[4,5] now after a reboot i get to /proc/mdstat this http://pastie.org/4399215
<alex88> and in /dev/md/ the devices has been renamed from 4,5 to fqdn:4 and fqdn:5 (fqdn is replaced by the real hostname)
<alex88> how can i get it back to md 4 and 5?
<RoyK> alex88: pastebin the mdadm.conf too, please
<alex88> RoyK, second, i'm rebooting again
<alex88> RoyK, actually it's http://pastie.org/4399258 but as the devices changed from /dev/md5 to /dev/md127 i need to change it right?
<alex88> RoyK, you think that using http://superuser.com/questions/346719/how-to-change-the-name-of-an-md-device-mdadm option #2 works?
<RoyK> alex88: looks right
<alex88> RoyK, i had problems using update super-minor, i used update-name and it worked
<alex88> now i've problems with drbd on those drives :/
<RoyK> can't help you there, sorry
<alex88> np, thank you anywaty
<alex88> *anyway
<alex88> on reboot they're back to m--update=name /dev/sd
<alex88> *md126 : active (auto-read-only) raid1 sda7[0] sdb7[1]
<alex88> wth
<V1ru5xd> :D
<V1ru5xd> who knows port 666 ?
<AdvoWork> i've just done and update and upgrade, but it says: linux-headers-server linux-image-server linux-server   were kept back. Why?
<Pici> AdvoWork: Likely because they require other packages, if you do a dist-upgrade they should be pulled in.
<Pici> !dist-upgrade
<ubottu> A dist-upgrade will install new dependencies for packages already installed and may remove packages if they are no longer needed. This will not bring you to a new release of Ubuntu, see !upgrade if that is your intention.
<AdvoWork> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<AdvoWork> Pici, but i already have: Ubuntu 12.04 LTS \n \l
<Pici> AdvoWork: A dist-upgrade is *not* for upgrading to a new release.
<Pici> AdvoWork: linux-headers-server, linux-image-server and linux-server now depend on newer packages, which fits the first part of the description of a dist-upgrade (see above)
<AdvoWork> Pici, ahh I see
<pellaeon> Hi, I'm having some problem with MAAS, when I access http://ip/MAAS , it replies an internal server error. The apache error log reads "FATAL:  password authentication failed for user "maas""
<pellaeon> looks like MAAS couldn't access postgresql
<pellaeon> but I'm not familiar with postgresql so I wish someone could help me here
<AdvoWork> anyone know, or know of a guide to reinstall apache on ubuntu 12.04 but the worker version? ie got the normal version but want the worker one
<melmoth> AdvoWork, not usre, but what about trying to install apache2-mpm-worker ?
<AdvoWork> melmoth, i've seen that you can only do that with > apache 2.2 and the ubuntu version is 2.2
<AdvoWork> if you get me
<hallyn> zul: bug 1030612, any opinion?
<uvirtbot> Launchpad bug 1030612 in libvirt "libvirt depends on undesirable additional packages" [Undecided,New] https://launchpad.net/bugs/1030612
<hallyn> there's the analogous bug for qemu-kvm.
<mdeslaur> hallyn: does libvirt even work without dnsmasq?
<Ormie> does anyone here installs Ubuntu Server on their laptop?
<hallyn> mdeslaur: it won't be able to set up virbr0
<hallyn> of course we've also had requests to disable that on server installs
<mdeslaur> meh
<hallyn> Perhaps all these bugs should be lumped into a feture requests for q+1 to have different defaults for server and desktop installs
<hallyn> that, or marked opinion
<hallyn> jjohansen: hey, apparmor doesn't seem to play nice with no_new_privs.  It refuses all execs (not just the ones with a domain transition) once nnp is set
<hallyn> i can email you a test case (using libseccomp, not nnp directly) if you like
<hallyn> not sure we care.  for lxc, we just don't use nnp
<hallyn> so, we'll care eventually :)  just not urgent
<roaksoax> smb: howdy! would it be possible for you to take a look at bug #1032724 when you have the chance? Thanks!
<uvirtbot> Launchpad bug 1032724 in linux "Cannot access IPMI card" [Undecided,Confirmed] https://launchpad.net/bugs/1032724
<smb> roaksoax, yes
<roaksoax> smb: thanks!
<smoser> zul, what is your home netwokr provider's dns server?
<RoyK> with zfs, one can use SSDs for caching - anyone that knows if something like that is in the works for ext4 and friends?
<patdk-wk> royk, flashcache
<patdk-wk> there are others also I believe
<patdk-wk> but flashcache has been used for years by facebook
<RoyK> hm....
<RoyK> I wonder how well that thing will work for video streaming :)
<RoyK> as in VoD
<patdk-wk> dunno, I have attempted to use it
<patdk-wk> but never seem to ever make it to trials, always get distracted, or find I really don't need it
 * RoyK may have to setup some streaming solution for his employer, HiOA.no
<RoyK> with potentially thousands of viewers of college lessons, I guess we'll need some pretty cool caching to offload the SAN
<RoyK> patdk-wk: looks like flashcache is pretty far from a merge - http://bcache.evilpiepirate.org/ might be closer
<patdk-wk> well, I never said what one is likely to end up in the kernel :)
<patdk-wk> I don't know of anyone using bcache
<patdk-wk> but do know flashcache is pretty proven
<RoyK> seems varnish supports caching streams these days - perhaps I'd better try that
<patdk-wk> ram, it fixs everything :)
<RoyK> patdk-wk: except it's a bit hard to fit 4TB of RAM into most systems :P
<AdvoWork> argh, i've got a problem, running XEN, with an ubuntu server VM. I think the etc/fstab on that VM has broken, and I can't get it to boot. I'm connected to it via a VPN (i press ESC and I can see the Ubtunu 12.04 loading screen) but going no further. at thetop it says fsck from util-linux, and it seems to be stuck on stopping userspace boot any idea what it could be doing? i think /etc/fstab may have broken it but i dont know
<AdvoWork> when i boot the server up, it says Ubunut, with linux 3.2.0-27-generic, and then the same with reovery mode, what will recovery mode do(obv recover, but what options, or automatic or?)
<RoyK> it will allow you to recover from unmontable drives etc
<RoyK> if you need to boot another kernel, choose another from the grub menu
<RoyK> but then - normally, the kernel is ok, but something else is wrong...
<AdvoWork> the thing is, i just dont know the problem, its hanging on a screen, it states staring load fallback graphics devices fail  but there is no graphics etc, I dont know if its a fstab problem within the VM, and it stuck on the line stopping userspace boot  just after it did starting
<AdvoWork> the other failure I see is: rcpbind: Cannot open '/run/rcpbind/rcpbind.xdr' file for reading, errno 2 (no such file or directory)
<jjohansen> hallyn: hrmm, it should be working, can you send me the test case and I'll poke
<RoyK> AdvoWork: sorry - no idea
<hallyn> jjohansen: sure, i'll fwd my email to libseccomp-devel, just a sec
<hallyn> kirkland: is manpages.ubuntu.com automatically updated?  Should quantal manpages be showing up there?
<zul> smoser: rogers
<smoser> zul, thats not a dns server :)
<smoser> you have the IP address?
<zul> smoser: oh you want a fully resolvable dns server?
<zul> smoser: gimme a sec
<smoser> i'd like the 1 or 2 IPs that they give you in your dhcp request
<smoser> so i can try them from here (assuming they allow access outside of their networks)
<zul> smoser: 64.71.246.28
<smoser> zul, this is curious
<smoser> what do you get when you do:
<smoser>  dig @64.71.246.28 +noall +answer nova.ec2.archive.ubuntu.com
<zul> smoser: nada
<smoser> it would surely seem that you *did* get something in the past, right?
<smoser> dude that is weird.
<zul> smoser, persumably
<zul> smoser: my isp does dns hijacks if it cant find a resolvable domain as well though
<smoser> well, what you're showing me now is that they're not doing that.
<smoser> but they presumably were.
<zul> smoser, they are doing it everytime i but a bad url in my web browser i get this crappy cant find the site use our search egninge branded by rogres
<zul> er...rogers
<smoser> right. i'm just wondering how.
<smoser> so does
<smoser> host nov.ec2.archive.ubuntu.com
<smoser> what does that show?
<smoser> in the bug you said it was resolving
<zul> smoser: http://pastebin.ubuntu.com/1132906/
<zul> smoser: which bug is this?
<smoser> i'm really confused.
<smoser> https://bugs.launchpad.net/ubuntu/precise/+source/cloud-init/+bug/974509
<uvirtbot> Launchpad bug 974509 in cloud-init "cloud-init selects wrong mirror with dns server redirection" [Undecided,Fix committed]
<smoser> i assumed that the dig command i gave you above and the host command you showed there were roughly equivalent.
<zul> smoser: oh right...that bug...we discussed this before, we said my dns is crap :)
<smoser> could you also pastebin the command you ran?
<smoser> ah. and also cat /etc/resolv.conf ?
<zul> http://pastebin.ubuntu.com/1132912/
<zul> http://pastebin.ubuntu.com/1132916/
<smoser> oh. awesome.
<smoser> could you pastebin one more thing?
<smoser> dig @64.71.246.28 +noall +answer nov.ec2.archive.ubuntu.com
<smoser> and
<smoser> dig @64.71.246.28 nov.ec2.archive.ubuntu.com
<smoser> its pretty awesome... they give empty results for all queries outside of their network to that server.
<smoser> oh, and explicitly give the dns server to 'host'
<smoser> please
<smoser> host nov.ec2.archive.ubuntu.com 64.71.246.28
<zul> http://pastebin.ubuntu.com/1132924/
<smoser> and the host with the server?
<zul> smoser: gets nothing aback
<smoser> chuck.
<smoser> why did you give me 64.71.246.28 above?
<zul> i thought that was the dns i was using
<smoser> and not 64.71.255.198
<zul> hmm...my laptop and my workstation seems to be using two different dnses
<zul> anyways back to my day off
<smoser> thank you zul
<hallyn> ahs3: hey, is there anything we need to chat about for netcf 0.2.0?
<hallyn> ahs3: otherwise, http://people.canonical.com/~serge/netcf5/netcf_0.2.0-1.dsc should imo be ready to upload
<ahs3> hallyn: ah, ok.  let me snag those and see if i can get them in today or tomorrow
<ahs3> hallyn: i don't think i had any comments so far, but i'll let you know if i do
<thesheff17> join #mtred
<hallyn> ahs3: thanks.  do you know when you might have time?  if it'll be awhile, i'll push a 0.2.0~ubuntu1 soon
<ahs3> hallyn: i'm planning on this afternoon, if at all possible
<MoleMan> what DNS server would you recommend? preferably with a ControlPanel of some sort?
<hallyn> ahs3: awesome, thanks, then i'll wait.  (I just want the ubuntu version soon so i can hopefully finish the MIR this cycle)
<ahs3> MoleMan: if i just want something lightweight, i use something like maradns.  if i want speed, i use NSD.  if i want all the bells and whistles, i use BIND.
<ScottK> MoleMan: If you feel you need a control panel to run a DNS server, my recommendation is that you sign up for a service provider and pay for it.  DNS is not really a thing for amateurs.
<ahs3> MoleMan: i admit to being Old Skool, tho.  the only control panel i use is vi :).
<ScottK> Personally, I like unbound.
<ahs3> for caching, yeah.  i guess i was thinking authoritative
<MoleMan> I don't NEED as such, I would just prefer, and I don't actually want to pay for a domain, just set up a local server for some internal network stuff
<ScottK> The Ubuntu Server Guide has decent information on how to set up bind9 for Ubuntu.  I'd suggest just use that and follow the documentation closely.
<MoleMan> okay, thanks
<ahs3> +1 on BIND for that case -- and there's tons of HOWTOs for BIND elsewhere, if you get stuck
<jcastro> smoser: is utlemming on holiday?
<GreenGoblin> katy perry baby girl i am only a crack in this castle of glass baby why dont you see me anymore i thought you loved me =(
<GreenGoblin> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis
<qhartman> Been using the ec2-api tools for some time with no problems. Something changed in the last week or so that causes them to exit with a "permission denied" message. Digging in, I'm finding a NoClassDefFoundError with  com/amazon/aes/webservices/client/cmd/. Any ideas?
<qhartman> It seems that the class path isn't getting set right, but as far as I can tell it is.
<TheLordOfTime> SpamapS:  around?
<SpamapS> TheLordOfTime: yes
<SpamapS> TheLordOfTime: re the php thing.. its been delayed until after 12.04.1 .. since php5-fpm is not part of the default install/lamp task
<SpamapS> TheLordOfTime: it should be one of the first things we upload too precise-proposed once 12.04.1 is released.
<TheLordOfTime> SpamapS:  check the bug(s) again, i uploaded a quantal debdiff
<TheLordOfTime> you might be able to process that one now.
<TheLordOfTime> (for the segv bug)
<SpamapS> TheLordOfTime: there's no point in doing a quantal debdiff.. 5.4.5 is coming in a merge from Debian soon.
<SpamapS> TheLordOfTime: http://anonscm.debian.org/gitweb/?p=pkg-php/php.git;a=commit;h=101511604791094f9f47450a84fe1179e467d226
<TheLordOfTime> SpamapS:  Debian's on freeze...
<TheLordOfTime> you sure it got in before the freeze?
<maxb> !info php squeeze
<ubottu> 'squeeze' is not a valid distribution: hardy, hardy-backports, hardy-proposed, kubuntu-backports, kubuntu-experimental, kubuntu-updates, lucid, lucid-backports, lucid-proposed, maverick, maverick-backports, maverick-proposed, medibuntu, natty, natty-backports, natty-proposed, oneiric, oneiric-backports, oneiric-proposed, partner, precise, precise-backports, precise-proposed, quantal, quantal-backports, quantal-proposed, stable, testing, unstable
<TheLordOfTime> (according to the other MOTUs, its on freeze)
<TheLordOfTime> !info php unstable
<ubottu> Package php does not exist in unstable
<TheLordOfTime> !info php5 unstable
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.4.2-1 (unstable), package size 0 kB, installed size 21 kB
<TheLordOfTime> ^
<TheLordOfTime> that's sid, but...
<TheLordOfTime> last i heard, Debian was already under a freeze
<TheLordOfTime> and that was earlier today
<TheLordOfTime> was geser who suggested merge-requesting a fix (or debdiffing one) would be a good idea in case it doesnt get into Debian immediately
<TheLordOfTime> damn mouse-lag, was setting it back to Triaged and the damn thing hit opinion
 * TheLordOfTime slaps his computer
<TheLordOfTime> !info php5 testing
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.4.0-3 (testing), package size 1 kB, installed size 21 kB
<TheLordOfTime> !info php5 stable
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.3.3-7+squeeze8 (stable), package size 1 kB, installed size 20 kB
<TheLordOfTime> SpamapS:  just confirmed, in #debian @ irc.oftc
<TheLordOfTime> Debian's under a freeze.
<Rawrbound> Hi. I am looking for some assistance with setting up DNS servers for use with a domain on a VPS box I got. OS is of course Ubuntu.
<TheLordOfTime> SpamapS:  and since that freeze / partial-freeze(sid) might not release for many months, well...
<TheLordOfTime> quite inconvenient that the debian freeze comes in approach of a beta 12.10 release, no?
<SpamapS> TheLordOfTime: Yes Debian unstable is frozen. But I imagine Ondrej will upload to experimental at some point
<TheLordOfTime> possibly, i didnt check there yet.
<SpamapS> TheLordOfTime: its not that inconvenient. Allows us to catch up and get more stable as well :)
<TheLordOfTime> indeed.
<SpamapS> TheLordOfTime: Also we can merge from Debian git
<TheLordOfTime> in any case, if an upload to $debian_release_of_choice doesn't happen by the milestone you've set, the debdiff exists
<TheLordOfTime> SpamapS:  indeed.
<SpamapS> TheLordOfTime: I don't think we even need an FFE for that one.. 5.4.5 is bugfix only. I think 5.4.6 is almost ready too
<TheLordOfTime> well, just keep me in the loop, i'm still pushing for the precise sru
<TheLordOfTime> you may want me to resubmit the precise debdiff, though,
<SpamapS> TheLordOfTime: the precise SRU will happen, no doubt
<TheLordOfTime> apparently patch filenames diverged :/
<SpamapS> TheLordOfTime: Oh, actually, can you add a test case to the segfault bug for the precise SRU?
<TheLordOfTime> SpamapS:  not entirely sure how to confirm, i dont run anything that would pass null to strstr (according to the bug)
<TheLordOfTime> bug the poster, have them give a test-case
<TheLordOfTime> and if you want, direct them to my SRU builds ppa for php, to test if it fixes it
<TheLordOfTime> i know it fixed the PHP error reporting thing
<TheLordOfTime> bleh, evil lag
 * TheLordOfTime slaps launchpad
<TheLordOfTime> apparently i cant access anything on LP :/
<SpamapS> TheLordOfTime: no, we need an actual repeatable test case, or a good assertion that its some kind of race condition or impossible to test reliably for.
<TheLordOfTime> i understand.  i was planning on separating the debdiffs anyways
<TheLordOfTime> or rather not apply one or the other
<TheLordOfTime> SpamapS:  i seriously don't have anything in which i can create a testcase from, at least not at the moment
<TheLordOfTime> and if i did i can't add it
<TheLordOfTime> (LP is timing out for me)
<SpamapS> TheLordOfTime: understand. The upstream report was pretty vague on details, and I understand why. The patch is simple and the reasons for hitting it not super well understood. I think with a segfault we can say "no test case, just test that php5-fpm works"
<TheLordOfTime> indeed.
<TheLordOfTime> you'll have to post on that, apparently my system is running into the highly-repeatable issue with comcast-random-timeouts-for-extended-periods
<SpamapS> TheLordOfTime: ugh
<ScottK> Well Comcast is nothing but repeatable errors and outages.
<TheLordOfTime> tell me about it
<TheLordOfTime> actually, the most recent ZNC disconnect was a weird issue with rfkill
<TheLordOfTime> where the only way to fix it was to  restart o.O
<TheLordOfTime> (apparently the hardware switch for wifi no longer works)
<pmatulis> kirkland: i'm reading your blog on overlayfs, fyi the dmcrypt.png does not render well
<pmatulis> (when clicked upon)
#ubuntu-server 2012-08-07
<uvirtbot> New bug: #1033712 in whois (main) "Sync whois 5.0.18 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1033712
<MoleMan> for internal purposes, is it possible to configure bind9 for DNS records that are just a single word? would you have to create each as a seperate zone or something? or is it not possible
<lifeless> you could make them all top level entries, but its -much- more common to set a local domain such as .local, or use split horizon on your company domain
<lifeless> less likely to run into odd things that way
<MoleMan> yeah, I came to the conclusion that I couldn't be bothered manually creating the zones for each one, so I resorted to making a domain to use... then moved back to considering buying a domain, and some cheap web-hosting... #fail
<MoleMan> would I be correct in presuming that in DNS records @ is the equivalent of a wildcard * / the value for the main domain?
<ScottK> No.
<ScottK> Wildcard and value for the main domain aren't the same thing.
<ScottK> @ is the main domain.
<MoleMan> okay,
<MoleMan> is there a way to set invalid/unspecified subdomains redirect to the main, in a wildcard type manner?
<ScottK> Yes.
<ScottK> But it requires reading documentation.
<nathwill> hey maskilpdx, you around?
 * MoleMan is about ready to just purge bind9
<erichammond> After many years of running bind8/9, I finally turned over my DNS work to Amazon Route53.  They served almost 50 million DNS hits for my personal servers last month.
<AdvoWork> I'm booting my VM of Ubuntu 12.04 Server and I think it's not booting due to mounts in /etc/fstab. Is there a way I can edit the /etc/fstab from the grub> menu? I get the option to boot into normal mode, recovery mode, any suggestions please? I've got access via a VPN.
<Jeeves_> AdvoWork: You can try booting with init=/bin/sh
<AdvoWork> Jeeves_, before I read that, ive booted into recovery mode, and got a root console up, im trying to change /etc/fstab but it says its read only. so i tried sudo vim /etc/fstab  same, any idea how I can change etc/fstab?
<Jeeves_> AdvoWork: mount -o remount,rw /
<Jeeves_> vi /etc/fstab
<Jeeves_> mount -o remount,ro /
<Jeeves_> reboot
<AdvoWork> Jeeves_, but when I did vim /etc/fstab it said it was readonly and wouldnt save my changes :S
<Jeeves_> AdvoWork: Thats because the filesystem is mounted read-only
<Jeeves_> That's why you need to remount,rw
<AdvoWork> ahh, so do:  mount -o remount,rw / first, or do i need to be in a certain location to do that?
<jpds_> AdvoWork: Yes, and no.
<AdvoWork> Jeeves_, jpds i've gotta say "Thanks" that solve my issue, and my server now boots up! Thanks loads
<koolhead17> hi all
<basil60> any chance of getting some advice re ubuntu 11.04 and a a web server that tests as working, but I can't see any pages? It worked fine till a week ago, when electricians turned off my power. Since then, I haven't been able to see any web pages. I've run tests, that show it's "up", but I can' t see anything. I admit to being a linux noob, but I have been able to configure and keep it running till the electrical shutdown. I'd like a
<AdvoWork> On my Ubuntu 12.04 I have mounts(that are like: //IP/share /home/whatever cifs exec) which I know work fine, but when I do sudo mount -a they ask for a password, if i press enter it accepts it, and the shares seem to work fine, but because of asking for those passwords, it stops the server booting up.Any ideas please?
<adac> trying to upgrade from 10.04 to 12.04 bit i do geht this:
<adac> sudo do-release-upgrade --proposed
<adac> Checking for a new ubuntu release
<adac> No new release found
<adac> any ideas?
<basil60> thanks guys..I'll try again later
<basil60> ciao
<jpds> adac: -d ?
<adac> jpds, ah I see the first point release has not been relesased yet
<rbasak> AdvoWork: see mount.cifs(8). I think you want the guest option.
<stiv2k> hello
<stiv2k> is there any utility to configure what the power buttons and stuff do on a headless ubuntu server
<stiv2k> i'd like to be able to suspend/wake my boinc cluster computers easily by pressing the button
<stiv2k> and eventually also on schedule via WOL
<rbasak> stiv2k: start from /etc/acpi/events/powerbtn
<stiv2k> rbasak eh
<stiv2k> rbasak i dont know how to edit those
<uvirtbot> New bug: #1033920 in horizon (main) "Dashboard raises a ServiceCatalogException when attempting to download juju settings" [Undecided,New] https://launchpad.net/bugs/1033920
<uvirtbot> New bug: #1033934 in horizon (main) "Attempting to change regions in the dashboard does not display correctly" [Undecided,New] https://launchpad.net/bugs/1033934
<Sprocks> !autoconf
<Sprocks> im looking for how to acquire and install autoconf so that i may install something from github can anyone help?
<soren> Wrong channel.
<RoyK> Sprocks: apt-get install autotools
<RoyK> !autotools
<Sprocks> !autotools
<patdk-wk> !autoanswer
<Sprocks> unable to find autotools is the message i got
<AdvoWork> can I somehow see what groups a user belongs to?
<Pici> AdvoWork: use 'groups $username'
<Pici> RoyK: does autotools-dev provide what Sprocks needs?
<Sprocks> !autotools-dev
<uvirtbot> New bug: #1033956 in maas (main) "DEFAULT_MAAS_URL should include the '/MAAS' part." [Undecided,New] https://launchpad.net/bugs/1033956
<Pici> !info autotools-dev
<ubottu> autotools-dev (source: autotools-dev): Update infrastructure for config.{guess,sub} files. In component main, is optional. Version 20120210.1ubuntu1 (precise), package size 41 kB, installed size 181 kB
<RoyK> Pici: guess so
<Sprocks> nope it doesnt seem to
<Sprocks> im really trying to get aclocal and i was told it is in autoconf
<Pici> !info autoconf
<ubottu> autoconf (source: autoconf): automatic configure script builder. In component main, is optional. Version 2.68-1ubuntu2 (precise), package size 546 kB, installed size 1858 kB
<Sprocks> think i found it, package automake
<Sprocks> that worked, thanks for help guys found what i needed
<Pici> great
<Sprocks> also needed build-essential package as well
<Lachezar> Hello all... I am fiddling with Ubuntu Server and Java. How come the OpenJDK-7 JDK have so humonstrous dependencies? Most have to do with Gnome...
<Lachezar> Can't I install OpenJDK-7 with OpenJDK-7-JRE-Headless only?
<Sprocks> how do i fix "error: possibly undefined macro: AC_CHECK_LIB" ?
<RoyK> anyone here tried to use a qlogic iscsi hba with ubuntu?
<jamespage> smoser, is utlemming around this week?  I've not managed to catch him either yesterday or today
<smoser> i dont know.  others have pinged me looking for him also.
<smoser> i dont recall that he was out.
<jamespage> smoser, calender says not - I'll see if arosales knows
<smoser> yeah
<rbasak> Sprocks: try looking into autoreconf
<smb> roaksoax, Would you have some time for some questions about the IPMI issue (and would you be ok talking here?)
<roaksoax> smb: yeah definitely
<roaksoax> smb: so I have been reading the manual (as I didn
<roaksoax> smb: so I have been reading the manual (as I didn't put the cards into the servers), and i should be able to access to it without doing anything special
<smb> roaksoax, If those follow the modes that my supermicro board does you only need the drivers to access it without net locally
<smb> roaksoax, There are also modes which connect via net to the bmc and those would not need the drivers at all
 * ppetraki o/
 * smb was just trying to find out whether net connections would work
<roaksoax> smb: yeah, so everything works like a charm
<roaksoax> smb: I can access the WebUI, the lan protocol is configured
<roaksoax> smb: everything works as expected but trying to access it locally
<roaksoax> smb: so my issue seems to be better explained here: http://bodgitandscarper.co.uk/centos/hp-microserver-remote-management-card/
<smb> roaksoax, Ok so that then might be some bios problem
<smb> roaksoax, Have you tried with the alternate address as well?
<roaksoax> smb: testing now
<cwesterfield> anyone know how to get past this configure error "configure: error: Package requirements (libcrypto) were not met:"
<roaksoax> smb: doesn't seem to be solved
<smb> roaksoax, and dmesg prints the alternate address? Second thing to check would be your manual (whether they have a different default address)
<roaksoax> smb: seems to be exactly this "IPMI KCS interface is at 0xCA2 in memory, not 0xCA8 that the kernel is trying to probe"
<roaksoax> smb: alright, so a reboot did it
<smb> roaksoax, Ah, maybe the module was still loaded with the wrong address
<roaksoax> smb: yeah, apparently so. So it would be a BIOS issue then? not the kernel for trying to probe a different address?
<smb> roaksoax, Right, as the blog said the address comes from the smbios
<roaksoax> smb: alright then. I'll try to update and see my findings. Thanks for the help :)
<smb> roaksoax, NP, one issue gone is a good issue... :)
<roaksoax> indeed :)
<RoyK> http://paste.ubuntu.com/1134307/ <-- anyone that can help me out with an iSCSI problem? Trying with software initiator now, after a rather large amount of problems with Qlogic HBA on Ubuntu, but still no luck - I can connect to the same target from a Centos 5.8 machine without problems
<thisismyname> hiu there, qestion: is it possible to assign multiple ethernet interfaces with vmbuilder? Or whats best practise for handling this?
<RoyK> !bug 1034015
<uvirtbot> Launchpad bug 1034015 in ubuntu "Fails to connect to iSCSI target" [Undecided,New] https://launchpad.net/bugs/1034015
<jamespage> zul: did bug 1025203 ever make it into the archive?
<uvirtbot> Launchpad bug 1025203 in quantum "Trying to overwrite '/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini', which is also in package quantum-server" [High,Triaged] https://launchpad.net/bugs/1025203
<zul> jamespage: not yet.
<jamespage> zul, are you in it? i.e. can I assign you the bug?
<jamespage> on it rather....
<zul> jamespage, sure
<jamespage> zul, ta
<uvirtbot> New bug: #1006671 in swift (main) "swift command has unhelpful manpage" [Low,Fix released] https://launchpad.net/bugs/1006671
<AdvoWork> How can I change a folder with permissions drwxrwsrwx to: drwxrwxrwx ?
<cwesterfield> Is there a webserver app or plugin that would allow you to traverse folders on a server and then download entire folders? (maybe auto zip them)
<ahs3> hallyn: dude.  netcf got uploaded last night.  go nuts :).
<hallyn> ahs3: saw that around midnight - thanks!
<jamespage> roaksoax, sorry - just realised that we agreed you would add that note to cobbler about unauth'ed calls
<jamespage> and I closed out your bug
 * jamespage reprimands himself for trying to be to tidy....
<roaksoax> JoeVLcek: no worries :)
<roaksoax> jamespage: i had forgettong it so closing it reminded me
<jamespage> roaksoax, lol
<jamespage> zul, I just merges openvswitch from Debian unstable as requested in MIR - lots of fixes
<jamespage> are we using it in the test lab for openstack yet?
<zul> jamespage, cool not yet
<zul> jamespage: im thinking we need juju charms for quantum first
<zul> jamespage: i would bug adam_g about it
<jamespage> zul, sure - I'll bug adam_g then :-)
<jamespage> I think it might co-exist with the nova-compute charm
<jamespage> but not sure...
<JoeVLcek> roaksoax: did you mean jamespage: no worries ;)
<roaksoax> JoeVLcek: yeah, sorry :)
<JoeVLcek> roaksoax: no worries ;)
<JoeVLcek> roaksoax: just wanted to make sure you didn't need me to pay attention to something. ;) back to sleep I go. ;)
<hallyn> ahs3: say, looking at the debian netcf-0.2.0, it seems you re-added some old patches from 0.1.9?  (or some tool did)
<hallyn> they're not applied, but they're in debian/patches/
<ahs3> hallyn: hrm.  probably did not specifically remove them from my branch; i shouldn't do these late at night :(....
<hallyn> ahs3: is updating the Standards-Version to 3.9.3. the only change you purposely made?
<ahs3> hallyn: yup
<hallyn> cool, thanks.  (then i can upload to q)
<ahs3> and only 'cause lintian whined about it
<hallyn> i'm always afraid of changing those bc i'm afraid i may be lying that i'm compatible with the new version :)
<ahs3> heh
<joe_Vitel> Does anyone have any experience setting up Ubuntu with MAAS? I'm having some weird time issues when trying to add nodes.
<hallyn> roaksoax: would you mind terribly pushing http://people.canonical.com/~serge/netcf6/netcf_0.2.0-1ubuntu1.dsc ?  I don't seem to have rights
<roaksoax> hallyn: sure
<rbasak> jamespage: why doesn't bug 850960 appear on your SRU list? What criteria is it missing?
<uvirtbot> Launchpad bug 850960 in open-iscsi "iscsid tries to reconnect existing session at startup, failing to do so and hanging the system" [Medium,In progress] https://launchpad.net/bugs/850960
<jamespage> rbasak, server team might not be subscribed to that package
<rbasak> Ah, I see.
<rbasak> Thanks
<roaksoax> hallyn: is this a sync+applying changes? cause all the previous ubuntu changelog is gone
<hallyn> roaksoax: yes, a sync with a single change, to switch the libnl desp from libnl1 to libnl3
<hallyn> no ubuntu changes remain
<roaksoax> hallyn: http://paste.ubuntu.com/1134531/
<roaksoax> hallyn: that's how changelogs should probably look like in this kind of case
<roaksoax> hallyn: I'll make that change and upload
<hallyn> roaksoax: oh right, sync not merge.  thx
<roaksoax> hallyn: :) done!
<hallyn> smb: so bug 1031090, is there any reason not to update precise kernel to set the bit?
<uvirtbot> Launchpad bug 1031090 in linux "kvm_intel not loadable in a quantal guest" [High,Confirmed] https://launchpad.net/bugs/1031090
<jimbaker> the tricks of memory, that would be the sun version of jdk 7 i was remembering, https://blogs.oracle.com/jtc/entry/comparing_jvms_on_arm_linux
<smb> hallyn, Mostly that I have not gotten a feedback on the final version of that. And the worry to break anything in case of setting the flag but not adding real support.
<smb> hallyn, I did some tests and I think it is ok now, but getting it into a precise update with cutoff on this thursday is rather hard now.
<hallyn> yeah
<smb> There is no upload planned beside of what was in verification testing.
<hallyn> well i guess a later kernel update is fine, this won't break server installs for ppl right?
<hallyn> so perhaps 12.04.1 isn't so important
<smb> No this is a sole problem of a nested installation
<hallyn> and hopefully after instll, ppl will first update before setting up vms
<smb> hallyn, Yo won't have problems running a first level vm
<zaitzev> hi all
<smb> Just to create another vm in your first vm is broken
<joe_Vitel> Can anyone figure why I would be getting the (Apache) error: "[Tue Aug 07 10:42:36 2012] [error] Expired timestamp: given 1344336205 and now 1344357756 has a greater difference than threshold 300"? NTP is running and the hardware clock is correct. I don't know where to look next...
<hallyn> smb: right, but so if someone installs from 12.04.1 cd and immediately tries to run a guest they'll fail to run kvm in guest.  not so bad.
<hallyn> smb: thanks
<zaitzev> perhaps one of you can help me out a little here? I'm looking for a way to add a user to my server that has ftp read/write access to another users' home directory
<hallyn> ok, resetting networking for tftp, hopefully i'm back in a min
<smb> hallyn, Right, yeah and also they can do precise-precise but not precise-quantal (quantal-quantal would work as well)
<hallyn> and worst case they just don't get nested acceleration
<hallyn> so i'll go focus onanother qemu bug :)
<smb> hallyn, :)
<joe_Vitel> zaitzev: you could add the new user to the existing user's group and grant that group read/write access. Don't know if that is the best solution, but it's a solution
<uvirtbot> New bug: #904014 in netcf (universe) "[MIR] netcf" [Medium,In progress] https://launchpad.net/bugs/904014
<zaitzev> joe_Vitel: Does the new user have to have a home directory on its own or something?
<joe_Vitel> I wouldn't think, though usually adding a new user will create a home for them
<zaitzev> I tried adduser with no home dir, and I think I did add him to the group of the first user
<zaitzev> but I couldn't do much..
<joe_Vitel> zaitzev: Of course, I'm not a big FTP person. I don't know if your FTP users are the same as system users
<zaitzev> truth be told, I only have myself and a close friend using this server
<zaitzev> however, I'm running a Counter-Strike server that my brother plays on a lot, and he wants to be able to edit, configure and mess around with the CS:S server files
<zaitzev> but I do not want to give him the user/pass to the account that runs the server
<zaitzev> and, I'm not very familiar with the whole user/group system..
<joe_Vitel> zaitzev: I would suggest creating a system user account, grant him permissions to modify the folders/files and then hand him the IP to SSH to, no FTP required
<zaitzev> joe_Vitel: what would the parameters be? Just add a normal user, and add him to the group the first user is in?
<joe_Vitel> zaitzev: Yes. The command you'll use is chmod to modify the permissions for the folder. I don't know the permissions off the top of my head, but Google should be able to help you.
<zaitzev> joe_Vitel: so far what I did was create the new user, added to the group of the first user (the default usergroup). However the new user cannot do anything in the directory.
<zaitzev> I would've thought it worked, but no
<joe_Vitel> ls -lh will show you the permissions (probably something along the lines of drwxr-xr-x). r means read, w means write, x means execute
<hallyn> stgraber: hey, i wouldn't do it today, but pls let me know if you have any objections to my putting seccomp into quantal's lxc (using my patch from two weeks ago)
<zaitzev> joe_Vitel: Yeah I know, and the folder containing the gameserver has these permissions: drwxrwxr-x
<zaitzev> so the new user SHOULD be able to do whatever within that folder, but that doesn't work
<joe_Vitel> for user/group your username? and you're sure new user is in group you username?
<stgraber> hallyn: no objection
<zaitzev> oh wait, never mind, I was in the user home directory which apparently doesn't allow the new user to do anything
<zaitzev> my bad :)
<zaitzev> next step would be to symlink that folder into the new users home dir
<zaitzev> since the ftp server is jailed to the user homedir, a symlink is needed.
<zaitzev> but when I make one it doesn't appear in the ftp :P
<joe_Vitel> There is probably a config option somewhere in your ftp server to follow symlinks
<zaitzev> I don't remember how it was done..I have a symlink on MY user in MY homedir, showing up in the ftp
<zaitzev> I thought it was ln -s target linkname
<plm> people, how I know when the ubunut was installed? are there a file where are indicate this, like as /etc/lsb-release?
<hallyn> stgraber: great
<plm> anyone?
<zaitzev> plm: try this:
<zaitzev> ls -al /var/log/installer/syslog
<zaitzev> the date of the file should reflect the date the system was installed
<plm> zaitzev: thanks
<zaitzev> maybe I should use mount instead of symlink
<joe_Vitel> Can anyone make sense of the apache error "Expired timestamp: given 1344340094 and now 1344361645 has a greater difference than threshold 300" when trying to add a node to Ubuntu MAAS? ntp is running and the hardware clock is correct.
<rbasak> joe_Vitel: it looks like one of the clocks is off by six hours. Do you have the hardware clock set to UTC?
<joe_Vitel> rbasak: Yes, and changing it doesn't seem to make a difference. It's always roughly 21k seconds difference
<rbasak> joe_Vitel: what about the maas server?
<rbasak> joe_Vitel: what time zone are you in?
<joe_Vitel> America/Denver
<joe_Vitel> MST, UTC - 7 I believe
<rbasak> it does sound suspiciously like a local time / UTC problem
<joe_Vitel> My thoughts as well, but I can't seem to narrow down where what is getting the wrong time zone
<rbasak> check "date --utc" on the maas server
<joe_Vitel> Tue Aug  7 18:11:42 UTC 2012
<joe_Vitel> +6 hours from local time
<rbasak> I'm stumped then, sorry. Try #maas
<joe_Vitel> Yeah, kind of where I'm sitting too. It SHOULD work, but... doesn't... Thanks for the help though.
<rbasak> Perhaps manually skew the hardware clock by six hours?
<joe_Vitel> Yeah, was thinking of giving that a try.
<uvirtbot> New bug: #1034098 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1034098
<shiman6> on ubuntu server 12.04 (x64), eth0 stops transmitting during a multicast session. I have to restart the server to use eth0 again
<shiman6> wow, this chat is dead
<shiman6> Anybody active?
<Pici> Yes, but I don't know the answer to your question.
<shiman6> Okay. Is there any known issues regarding clonezilla?
<shiman6> the clonezilla channel is completely empty, so i have to ask here
<druonysus> I am trying to set up nagiosgrapher on ubuntu 12.04 in aws. does the nagiosgrapher package do any basic configuration of nagiosgrapher?
<druonysus> I see there is a template directory but nothing is in it
<SpamapS> http://grza.net/GIS/Admiral%20Ackbar%20SNMP%20Notifications.jpg
<soren> SpamapS: SNMP does seem rather alien.
<SpamapS> yes, if aliens are lax about security and like multiple unnecessary layers of indirection :)
<soren> SpamapS: They love that stuff.
<SpamapS> soren: really if you think about it long enough that *totally* explains the turning-cows-inside-out obsession
<adam_g> zul: why'd you skip those failing keystone tests? what was causing the failure? was just about to lookat it
<zul> adam_g: i think it was do to keystone running in a chroot, if you want to take a crack at them without skipping them be my guyest
<zul> people still use net-snmp? how quaint
<adam_g> hmm
<uvirtbot> New bug: #1034125 in lxc (main) "containers can load a kernel to kexec" [High,Triaged] https://launchpad.net/bugs/1034125
<hallyn> zul: any opinion on bug 1030612 ?  moving those to recommends will still get them auto-installed unless user shouts, so maybe it's fine?
<uvirtbot> Launchpad bug 1030612 in libvirt "libvirt depends on undesirable additional packages" [Low,Triaged] https://launchpad.net/bugs/1030612
<zul> hallyn: i dont have a problem with dnsmasq but libavhi?
<hallyn> zul: i don't even know what libvirt uses that for
<zul> hallyn: neither do i
<zul> hallyn, must be for some name discovery destopy stuff..
<zul> smoser: do you have any problems with above? ^^^
<smoser> well, the bug description says they're undesirable.
<smoser> so i have a feeling i dont want them
<smoser> :)
<resno> question for you folks. if you had a small businness idea, would you start in a vps or host from home?
<smoser> resno, vps.
<smoser> (or ec2)
<smoser> hallyn, if it functions with those not isntalled, i think i see no objection.
<resno> just to much hassle to host at home or not cost effective? smoser
<resno> or is speed the issue?
<hallyn> smoser: well, depends on what 'functions' means.  virbr0 won't work (no dnsmasq-base)
<hallyn> so it'll end up with a different setup with and without those
<ScottK> resno: Reliablity.
<ScottK> Unless you have redundant power and network connections to your home.
<smoser> resno, what ScottK said mostly.
<smoser> hallyn, is virbr0 broken?
<smoser> or just no dnsmasq on it
<hallyn> smoser: actually not sure - i suspect libvirt might fail to start (with virbr0 set to autostart) bc of it
<hallyn> anyway if you didn' twant dnsmasq-base, you better not want virbr0
<hallyn> feh, i'll wait a bit on that one.  clearly i need to experiment.  thanks.
<hallyn> stgraber: do you have any lxc precise-proposed changes pending?
<stgraber> hallyn: nope
<stgraber> hallyn: at this point it's best to stack without uploading as precise is frozen for the point release
<stgraber> hallyn: unless it's a critical issue that should be fixed for the point release
<hallyn> stgraber: suggestsions where to stack?
<hallyn> nah, ,not critical, just a fix for the 'stop lxc-net breaks if LXC_USE_BRIDGE=false' bug
<hallyn> in fact i'll just put it off until next week
<stgraber> hallyn: either branch ubuntu:precise-proposed/lxc assuming it's valid and up to date or just attach some good old debdiffs to the bugs
<hallyn> i didn't think precise-proposed had a bzr tree. cool.
<ahs3> hallyn: just to make sure...there should be _no_ patches in netcf now, correct?
<hallyn> ahs3: incorrect.  there should be 3
<hallyn> fixpathsetp, add-tests-debian, and add-ncftool-manpage
<ahs3> hallyn: oic.  yup.  got it.
<hallyn> (all three forwarded upstream, should be droppec by 2.0.1 hopefully)
<ahs3> k.  i'm going to fix that up and re-upload
<hallyn> is that definately worth it?
<ahs3> dunno.  i'd rather have it done right
<hallyn> i guess it coudl be confusing not to.
<hallyn> ok
 * ahs3 is working on it now
<arrrghhh> hello.  is it possible to run ubuntu server behind a proxy server?
<rbasak> Yes.
<arrrghhh> i added my proxy info when i installed, and it seemed to work.  but now i apt-get update and it does not.
<jcastro> anyone know if hp cloud's storage thing provides simple http serving like s3/gcs do?
<arrrghhh> i googled it, and everyone tells me to add some likes to /etc/bash.bashrc.  but i don't see anything there from the installer - where does the installer put the proxy info?
<rbasak> Take a look around /etc/apt. There should be something setting Acquire::http::Proxy in there. If there's not, you need to add it. See the apt.conf manpage for details.
<arrrghhh> ok thx
<jcastro> ah, it seems HP storage does indeed do simple http serving
<arrrghhh> rbasak, /etc/apt/apt.conf.... now why isn't it working is the question :P.  what is the 'proper' way to add a proxy globally to the system?
<rbasak> On server, the best you can do is add set http_proxy in /etc/environment as far as I'm aware. But that doesn't necessarily cover everything
<arrrghhh> yea i'm getting 407 proxy auth required.  i placed a username/password in there, but it doesn't seem tow ork.
<arrrghhh> work*
<arrrghhh> hrm.
<rbasak> Not sure about proxy auth
<rbasak> (for apt)
<arrrghhh> i managed to get this working on ubuntu desktop
<arrrghhh> i was "scared" to install server for this reason.  i figured since i got it working on desktop, i can get it working on server.
<arrrghhh> but my solution isn't so elegant.  whenever apt would give me an error on the desktop version about proxy auth, i would fire up FF and it would ask me to auth.  then apt-get would work, for a period of time.
<haxxpop> Where must I get sandbox to run untrusted app?
<SpamapS> haxxpop: safest bet is true virtualization (kvm, xen, etc)
<rbasak> sounds like your proxy is being generous
<rbasak> Maybe you could wget to do something similar?
<rbasak> Might be better to tunnel out, run a mirror, or configure your proxy to allow your server though
<arrrghhh> rbasak, i'd like to get this working with the proxy, if possible.
<arrrghhh> otherwise i'll just have to allow net access for a short period, then close it down.  i'd rather not have to go that route.
<rbasak> looks like it apt does support proxy auth
<rbasak> eg. http://www.onlinehowto.net/apt-get-via-authentication-proxy/1388
<haxxpop> SpamapS: I don't want to use Virtual Machine because I just want to run only one app.
<arrrghhh> haxxpop, but that ENSURES a good sandbox environment.
<haxxpop> arrrghhh: I also want to get output from such app
<jpds> haxxpop: lxc?
<arrrghhh> haxxpop, so?
<jpds> haxxpop: Otherwise, stick AppArmor on top of the app.
<hallyn> arkose is also made for that
<hallyn> (sits on top of lxc and apparmor)
<arrrghhh> there's gotta be something else to this.  why does the proxy let me authenticate for firefox, but not for apt?  ugh.
<haxxpop> jpds: how can I do that
<arrrghhh> i don't understand what the difference is.  maybe i don't have an http proxy... i don't put http:// in front for the proxy on my workstation.
<arrrghhh> can i use a PAC file?
<jpds> haxxpop: cat one of the /etc/apparmor.d/usr.bin.* files.
<jpds> haxxpop: https://wiki.ubuntu.com/AppArmor
<jpds> arrrghhh: sudo apt-get update -o Acquire::http::Proxy="http://user:password@proxyaddress:port/" ?
<arrrghhh> jpds, hrm, let me try.
<arrrghhh> i have a feeling it'll give me the same thing.  it's hitting the proxy
<arrrghhh> for whatever reason it's not authenticating.
<jpds> Check the proxy logs then.
<arrrghhh> i don't have access to the proxy server.  oh well.
<arrrghhh> so strange that i could get this to work on ubuntu desktop...
<arrrghhh> is there another type of proxy server that i'm overlooking?
<arrrghhh> i have a PAC file and the server itself...
<arrrghhh> http://proxychains.sourceforge.net/ ?
<arrrghhh> OK, i have a feeling it's our proxy.
<arrrghhh> i ran into a thread where someone has the exact same problem, with the exact same proxy server.  i don't think i can solve it :/
<lifeless> squid?
<arrrghhh> lifeless, other direction.
<arrrghhh> i am running ubuntu-server and i need to go thru a proxy to get to the 'net.
<lifeless> arrrghhh: squid can run in both directions, which is why I asked.
<lifeless> so saying other direction, doesn't rule anything out.
<arrrghhh> oh i apologize.  usually when people mention squid they think i want to setup a proxy server :P
<arrrghhh> no it's an ironport proxy server
<lifeless> what auth scheme are you using ?
<arrrghhh> lifeless, i don't know exactly.  on ubuntu desktop i could run firefox and authenticate.  on ubuntu-server, i can't figure out how to authenticate.
<arrrghhh> in firefox, the user/pass window would just pop up.  i put in my username and password, then apt-get would work in the terminal.
<arrrghhh> http://openubuntu.com/index.php/topic.1952.30.html
<arrrghhh> er that didn't link to the thread, sorry.  1 sec
<arrrghhh> http://openubuntu.com/index.php/topic,1952.30.html
<arrrghhh> that does ^^
<lifeless> arrrghhh: so, if you're using kerberos or ntlm or negotiate with the proxy, apt won't work
<arrrghhh> lifeless, but firefox will?
<lifeless> as it only knows basic auth
<lifeless> right
<arrrghhh> poop.  so what can i do?
<arrrghhh> isn't there some package i can install to auth to the proxy?  crap, i had a tab open here...
<lifeless> reconfigure the ironport to support basic authentication, or configure it to allow access to the ubuntu mirror you are using w/out any authentication.
<lifeless> or use another intermediary proxy to do the authentication for you
<arrrghhh> hrm
<arrrghhh> i can't reconfigure the proxy server, unfortunately.  i don't have access to it.
<lifeless> something like http://ntlmaps.sourceforge.net/
<lifeless> (caveat: I haven't used that, just found it via a quick google search)
<arrrghhh> yea that was it.
<lifeless> you can validate that this is the problem by checking a tcpdump of your apt requests
<arrrghhh> OK
<arrrghhh> lifeless, bleh.  i'm having trouble with ntlmaps, but it still could be me.  can you tell me how to tcpdump apt so i can determine why it's failing?
<lifeless> something like
<lifeless> sudo tshark -i eth0 -X port 80 or port 8080
<lifeless> or whatever port your proxy is on
<lifeless> be sure you've configured apt to use the proxy
<arrrghhh> hrm
<arrrghhh> ok
<adam_g> zul: what do we do about https://review.openstack.org/#/c/10823/
<zul> adam_g: its on my list to update this week
<Salman> That ubuntu that help
<Salman> Si
<Salman> Someany helped me Ubuntu
<arrrghhh> Salman, do you have a question?
<Salman> arrrghhh: Help me
<Salman> arrrghhh: How to unbanned ubuntu
<arrrghhh> Salman, ask a question
<arrrghhh> uhm
<arrrghhh> i assume you mean #ubuntu?
<arrrghhh> perhaps you're banned from flooding or something?  i can't unban you.
<Salman> Ok :(
<zaitzev> when I do mount --bind /some/dir/to/mount /target/dir - how do I unmount it? Is it umount /target/dir ?
<zaitzev> I just want to make sure so I don't do something too wrong
<arrrghhh> umount /target/dir is correct.
<zaitzev> cool
<zaitzev> atleast I get it right sometimes. :p
<arrrghhh> lol
<arrrghhh> lifeless, not sure if you are interested or not but cntlm did the trick.
<arrrghhh> not sure why, but i couldn't get the other one to work.  cntlm did a great job tho, works great!!!
<lifeless> cool
<zaitzev> does usermod -l change the name of the home directory as well as the username itself?
<zaitzev> oh nvm, it's done with -d :)
<dolv> ubuntu server 12.04 (headless) how to change video mode?
<lifeless> if you're headless you have no video.
<dolv> i headlees but i need to change video mode for terminal.
<dolv> meaning 80x30 GVA and so on
<dolv> meaning 80x30 VGA and so on
 * zaitzev wonders what uses 80x30
<dolv> 80 columns by 30 rows
<zaitzev> I know what the numbers imply, but where? Do you mean putty?
<zaitzev> because that's the only place I can imagine those numbers being relevant, to its window size.
<zaitzev> or am I missing something?
<dolv> OK. The problem is as follows. During a boot process on some moment dispay starts wrongly display text. and I can only some how read whean i connect to server remotedly. I need to repare video. may be problem in some drive or something else. how to verify and cure&
<dolv> I see that some symbols are displayed but they can't be read. It is smashed
<dolv> video is on D815 intel integrated cheapset
<dolv> zaitzev: do you spaek russian or ukraininan&
<dolv> any ideas, guys?
<zaitzev> oh, hey
<zaitzev> no sorry
<zaitzev> someone else might tho, if you just hang around here for a while.
<dolv> i think it is vga/driver problems. Can someone consult, please?
<uvirtbot> New bug: #1021822 in python-quantumclient (universe) "[MIR] python-quantumclient" [High,Incomplete] https://launchpad.net/bugs/1021822
#ubuntu-server 2012-08-08
<zul> adam_g, eventlet uploaded
<ClientAlive> has anyone here worked with scm manager before?
<ClientAlive> what does a guy have to do to learn how to use scm manager?
<ClientAlive> I can find very little about it on the internet
<uvirtbot> New bug: #1034228 in maas-enlist "maas-enlist script hard codes the path to the maas server" [Undecided,New] https://launchpad.net/bugs/1034228
<hadees> i'm building a file server for home use, it'll have 18 terabytes using ZFS.  I have 8 gigs of ram and 2 30 gig SSD drives that i'm going to mirror as the boot disks.
<hadees> i'm wondering how much swap space I really need.
<hadees> since the SSD drives are so small, 16gigs of swap seems like a lot.
<ScottK> You probably won't need any.
<\sh> ScottK, swap space is always good
<ScottK> Sure.
<ScottK> I'd suggest a little, just in case, but 16GB is overkill.
<hadees> 4?
<hadees> thats what i'm planning on for now
<\sh> http://www.linuxjournal.com/article/10678 (good explanation)
<\sh> anyhow, 8 gigs I give at least 2G, when you do a lot of heavy memory consuming work, give more
<hadees> \sh: thanks
<hadees> i'm also mirroring my boot drive, does swap need to be mirrored too?
<ScottK> No.
<hadees> so i guess I only need 2gig on each drive if i want 4gigs of swap total right?
<ScottK> That'd be less efficient then one 4gig swap partition, but sure.
<ScottK> Odds are you won't need much if any of it.
<\sh> http://www.infoworld.com/t/linux/managing-swap-space-linux-systems-196068?page=0,0 also an interesting article
<hadees> ScottK: well considering I only have 2 30gig drives for my boot drive 1 4gig swap would waste space right?
<ScottK> Why are you mirroring the boot drive?
<ScottK> O/S reinstall isn't very hard to do if one dies and this isn't exactly a mission critical application where a bit of down time matters.
<hadees> ScottK: it was cheap and i figured why not, also I know I don't need it, honestly I don't need so much space but this is as much about building it as it is using it.
<stgraber> ScottK: I'd agree that in this case, mirroring is probably overkill, though if going down that road anyway, I'd strongly recommend mirroring the swap space too as it's really quite annoying to have a server that can continue working on drive faillure kernel panic on you because your swap wasn't mirrored
<ScottK> Good point.
<\sh> hadees: swap has nothing to do with your boot drives. swap is an addition to your real memory...to give the kernel the possibilty to 'swap' real memory to the disk...(see https://www.linux.com/news/software/applications/8208-all-about-linux-swap-space/  the 'How big should your swap space be' paragraph)
<hadees> \sh: sorry i'm using boot loosely, i'm talking about the drive that is going to hold the OS
<stgraber> though nowadays on machine with enough of RAM, I tend to go with no on-disk swap and zram-config to compress some RAM into SWAP. That still lets the kernel swap pages as usual but doesn't kill your disks.
<\sh> well, disks are replaceable ;) and not that expensive...on the other hand, memory is not expensive, too, so 32G or 64G for a 18TB fileserver sounds good...especially to hold a lot of filecache data ;)
<hadees> maybe i'll just use one drive for the OS and the other one to play around with some of ZFS's caching features
<ScottK> Reminds me it's about time to go buy hard drives for my file server again.  The ones I have in there now are nearing their 5th anniversary.
<hadees> ScottK: if you can hold off a year i would, the prices still haven't come down from the flood
<hadees> my old file server died 8 months ago and I got sick of waiting for prices to drop
<ScottK> Well.  5 years is about their nominal service life.
<ScottK> I might be able to wait another year, I might not.
<\sh> ScottK, for desktop work ;)
<ScottK> Capacitors get old and stuff.
<ScottK> Although the motherboard/cpu/ram/power supply they are with were made in 1999.
<\sh> ScottK, honestly we should go with the time, and use the klout  ;)
<ScottK> Hardy is the last Ubuntu release it can run, so it'll be gone in 9 months one way or another.
<\sh> .oO(until it explodes like the . com bubble in the beginning of the new century)
<ScottK> \sh: http://packages.ubuntu.com/precise/owncloud
<ScottK> Cloud is great, until it's not: http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/
<ScottK> Anyway ...
<ScottK> Bedtime for me.  Good night.
<Marcio> what do you all think of this graphic card: http://tinyurl.com/8jyv778 ?
<Nafallo> hey. does anyone know if omcmd (omapi client to do dhcp on-the-fly changes) is packaged yet?
<lifeless> Nafallo: yes.
<lifeless> Nafallo: or rather no, but that is itself a wrapper
<lifeless> Nafallo: there is a lower level omapi tool which iworks just fine
<Nafallo> lifeless: omshell? found that already
<lifeless> yah
<lifeless> you should be able to drive it via here input.
<feisar> hi, does dump work with ext4 on ubuntu 12.04?
<jamespage> utlemming, walinuxagent only has context on i386 and amd64 right?
<bhosmer> I'm looking for some resources and guides to get me started and point me in the right direction. I have a server with a wireless router connected to it. This server will only be used to connect users to http traffic, but not connect to the outside world. I want to redirect any port 80 traffic to a name, like my-server.name is this bind, DNS or a mixture of both? I know how to set up virtual hosts in apache, and it is listening on the ip address, but 
<bhosmer> like users to be able to at least enter a name in their browser instead of the ip for the machine. I also don't want to block access to the internet at large when I do connect it to a network so that I can run updates and install additional software. I guess my question is, where do I start?
<ikonia> bhosmer: you mean you want a web proxy server ?
<bhosmer> ikonia: I suppose, I am running my own web server, but it is entirely self-contained. I am using it for classes I am teaching when wifi is terrible.
<ikonia> bhosmer: so you just want users to be able to connect to your server ?
<ikonia> to see classes ?
<ikonia> is that what you are asking ?
<bhosmer> Yes, I have that now. The server doesn't talk to the outside world, because I am using a wireless access point that only connects the my server which isn't connected to anything else. It works now, but users need to enter the ip in their browser. I want to have a name instead.
<bhosmer> Does that make sense?
<ikonia> so either setup a dns server (overkill) or just put the hostname in the users hostfile
<ikonia> bhosmer: how many people are connecting to this ?
<bhosmer> Basically my own self-contained internet.
<bhosmer> I was trying to not edit the hosts file on each machine. I assume I need DNS for this. I have about 75 connecting reliably and downloading files over http. It worked well and was incredibly fast.
<bhosmer> The network I've solved. I am using three routers and letting the last one in the chain handle dhcp.
<ikonia> is there a reason you aren't happy with the IP ?
<ikonia> as setting up a DNS server for this seems overkill
<ikonia> especially if it's internal
<ikonia> and most likley getting IP's from the routers which point at other DNS servers
<bhosmer> My users aren't that savvy and a lot are windows users. That is one of the reasons I would rather not edit each host file as well.
<bhosmer> Yes, it is all internal and won't talk to the outside world at all.
<ikonia> bhosmer: why is it a problem just putting the IP in the browser
<bhosmer> For class efficiency and the users being fairly nooby, it would be nice to give them a name instead of an ip. The ip works, but I want to add the additional polish.
<bhosmer> Most of them won't remember the ip.
<ikonia> you need to setup a dns server then
<jacobw2> i'm looking at mysql.conf for upstart, how does upstart determine which user to run the process as?
<ikonia> but although this is a simple task, it's going to be a massive headache from the environment you've described
<ikonia> jacobw2: it's in the script it calls to start up
<bhosmer> Okay, that is what I was looking for ikonia thanks. What do I need to watch out for as far as headaches?
<ikonia> bhosmer: well you've got multiple access points/routers that I'm assuming are acting as a dhcp server and offering "their" dns servers
<jacobw2> ikonia: http://paste.ubuntu.com/1135994/
<ikonia> bhosmer: so yours will conflict with theirs and not contain the right dns servers
<jacobw2> ikonia: can you please tell me which line does that?
<bhosmer> I only have one acting as DHCP, the other two are bridged into the one so only one is acting as the dhcp server. I was thinking of actually letting my server do dhcp instead.
<jacobw2> ikonia: thanks for your very quick response :)
<ikonia> jacobw2: look at /usr/bin/mysqld
<ikonia>  /usr/sbin/mysqld sorry
<jacobw2> ikonia: setuid?
<ikonia> bhosmer: ok, well, it will cause a conflict with that one rotuer/access point
<ikonia> jacobw2: is it a binary or a script
<bhosmer> What if I turn dhcp off an all three then?
<ikonia> bhosmer: then no-one will get IP addresses
<bhosmer> I can't let the server assign ip's?
<jacobw2> ikonia: it's a binarz
<ikonia> bhosmer: the access points may not accept addresses from external devices
<ikonia> bhosmer: you'll need to research
<ikonia> jacobw2: that's interesting, so it's no longer calling mysqld-safe
<ikonia> jacobw2: (I don't have an ubuntu box to look myself)
<bhosmer> I'm fine with that. Thanks for the nudge in the right direction though. You've answered my question about where to start. I was a little confused whether I needed to use DNS for this.
<ikonia> bhosmer: dns is the only real option for name resolution
<bhosmer> Awesome, that was what I needed.
<bhosmer> jacobw2: I have a box I can peek at, what were you looking for?
<jacobw2> bhosmer: i'm looking for how the upstart script determines the user to run mysql as
<ikonia> jacobw2: can you look at the process list and grep for mysql and pastebin it please.
<bhosmer> If I remember right, doesn't upstart basically use shell scripts or something to start them? Let me look on mine.
<jacobw2> ikonia: http://paste.ubuntu.com/1136004/
<bhosmer> jacobw2: a ps of my mysql shows the process is owned by the mysql user. I looked in /etc/init.d and found a mysql entry, but I I haven't been able to see where the user is set yet.
<uvirtbot> New bug: #1031479 in python-django-openstack-auth (universe) "not lintian clean" [Medium,Fix released] https://launchpad.net/bugs/1031479
<jacobw2> how can this not be documented anywhere
<hallyn> ahs3: debian bug 684211 - it built fine in quantal, and locally on sid.  But I assume the patch is in fact really needed (to build in debian).
<uvirtbot> Debian bug 684211 in netcf "FTBFS: netcf (0.2.0-1)" [Normal,Open] http://bugs.debian.org/684211
<hallyn> jdstrand: so for netcf MIR, all the knobs have been twiddled and I can make libvirt build-dep on it?  (bug 904014)
<uvirtbot> Launchpad bug 904014 in netcf "[MIR] netcf" [Medium,Fix committed] https://launchpad.net/bugs/904014
<jdstrand> hallyn: yep
<jdstrand> hallyn: 'Fix Committed' means it is on you to seed it or to add it as a dependency of some sort of something already in main
<hallyn> \o/  thanks :)
<jdstrand> np
<ahs3> hallyn: :(.  yeah, it is.  it built fine in pbuilder, too.
<hallyn> ahs3: do you want to just push with that patch, or do you want me to send a debdiff?
<ahs3> hallyn: i can just use that patch.  that work for you?
<hallyn> ahs3: absolutely, thanks
<chmac> I have two 12.04 machines, both running apparmor 2.7.102-0ubuntu3.1, with identical mysql configs, and one machine is denying mysql access to /etc/mysql/certs/ while the other allows it.
<chmac> I could obviously modify the offending machine's /etc/apparmor.d/usr.sbin.mysqld, but I'd rather figure out what the underlying issue is.
<chmac> How do I debug what's causing the denial?
<chmac> Aha, simpler than I thought, apparmor simply isn't running on one of the servers!
<chmac> It won't start, but not sure why, and nothing I can find in the logs
<uvirtbot> New bug: #1033637 in nova (main) "VM reboot fails with EC 42 (natty)" [High,Incomplete] https://launchpad.net/bugs/1033637
<zul> hallyn: ping
<jamespage> utlemming, ping re walinuxagent when you start
<utlemming> jamespage: pong
<jdstrand> chmac: I recommend you update /etc/apaprmor.d/local/usr.sbin.mysqld-- that way you won't be prompted on upgrades
<jamespage> utlemming, hey - so I wanted to check something
<chmac> jdstrand: Ok, so that's like a local override of the default policy?
<jamespage> I'm assuming that walinuxagent only works on i386 & amd64 right? based of the dep which is arch restricted as well
<chmac> jdstrand: Very useful to know, I'll make that change into my puppet config.
<utlemming> jamespage: the agent will run on any arch, but I restricted it to x86 arches because that is all that will run HyperV
<jamespage> utlemming, OK - so reason is that it shows up in the problem report ATM
<jamespage> utlemming, http://people.canonical.com/~ubuntu-archive/testing/quantal_probs.html
<jamespage> its un-installable on non-x86 archs (its not restricted ATM)
<jamespage> utlemming, should we switch it to i386/amd64 only?
<utlemming> jamespage: I thought it was.....yes
<jamespage> utlemming, OK  - leave it with me then
<jdstrand> chmac: re policy overrides> yes. you might be interested in /etc/apparmor.d/local/README
<jamespage> utlemming, OK - I uploaded a new version
<utlemming> danke :)
<chmac> jdstrand: Ok, will check it out, thanks
<hallyn> zul: 'sup?
<zul> hallyn: for that libvirt bug you added for nova im going to mark it wont fix for nova since its at least 3 versions behind now
<hallyn> zul: do you figure it is in fact nova's doing?
<zul> hallyn: could be but they should be running at least precise
<hallyn> wondering whether libvirt bit should be marked wontfix or invalid
<hallyn> hm, landscape isnot treating me will this morning
<soren> hallyn, zul: Which bug is this?
<zul> soren: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1033637
<uvirtbot> Launchpad bug 1033637 in nova "VM reboot fails with EC 42 (natty)" [High,Incomplete]
<soren> zul: Ok, thanks. No idea what's going on there :)
<zul> soren: neither do i...and its quite low on my list of priorities
<addisonj> okay... is it normal behavior for mdadm to choose unused block devices and auto create arrays for me? because its realllly annoying
<xnox> addisonj: did the unused block device still has mdadm metadata stuck in the headers / not-wiped?
<rbasak> addisonj: sounds like it's picking up on the superblock and autostarting raid
<addisonj> this is on EC2, new EBS volumes
<addisonj> here is the relevant section of my user-data script: https://gist.github.com/3295661
<addisonj> just added the output of what mdadm gives me when trying to create the raid and /proc/mdstat
<addisonj> as you can see, I tried doing a stop of all arrays beforehand, but that didn't work... so confused!
<glebaron> I am getting two error messages that are filling up my syslog that I can't figure out. Hoping that y'all might be able to provide some insight.
<glebaron> avahi-daemon[919]: server.c: Packet too short or invalid while reading question key. (Maybe a UTF-8 problem?)
<rbasak> I think you need to run mkinitramfs -u at the end. Otherwise the next time you reboot your EBS volumes already have superblocks on them and are being autostarted to md127. Maybe.
<rbasak> err, update-initramfs
<rbasak> s/reboot/start a new instance
<glebaron> NetworkManager[1315]: <info> Unmanaged Device found; state CONNECTED forced. (see http://bugs.launchpad.net/bugs/191889)
<uvirtbot> Launchpad bug 191889 in firefox "[MASTER] [WORKAROUND] "Offline Mode" feature fails to detect proper online state for networks that are managed outside of network manager." [High,Fix released]
<addisonj> rbasak: this is on initial boot... using cloud-formation templates to being up the box with the 8 EBS volumes
<glebaron> I have read the bug, but I can't figure out what the fix is.
<rbasak> yeah but you're not giving it fresh EBS volumes, are you?
<med_> Is Ubuntu Server certified to run under kvm? Where is that certification listed. (Yes, I know it works, but certification is more about testing/agreements/etc.)
<med_> http://www.ubuntu.com/certification/server/ doesn't list KVM.
<addisonj> yep, new provisioned EBS volumes, not remounting old volumes
<patdk-wk> med, kvm isn't an external piece, it's part of ubuntu
<patdk-wk> you normally don't certify you work on yourself
<uvirtbot> New bug: #1034428 in samba (main) "package samba 2:3.6.3-2ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128 (dup-of: 1022385)" [Undecided,New] https://launchpad.net/bugs/1034428
<med_> patdk-wk, nod, but it turns out, other distros also ship kvm.
<patdk-wk> the, a certification for every single version of every single distro would be required
<arrrghhh> hey all, i'm trying to scp some files between two ubuntu boxes.  i get 'write failed: broken pipe' then 'lost connection'.  immediately... it doesn't even start to transfer anything.
<arrrghhh> i am able to copy stuff from my workstation to the server in question... but from ubuntu to ubuntu it's not workin.
<arrrghhh> rsync errors out similarly - write failed broken pipe, connection unexpectedly closed
<uvirtbot> New bug: #1034454 in php5 (main) "12.04 Dist-upgrade breaks PHP extensions > pdo_mysql.so symbols" [Undecided,New] https://launchpad.net/bugs/1034454
<arrrghhh> *crickets*
<hallyn> stgraber: ok, seccomp committed to ubuntu:lxc.  Did you have any other changes you wanted to stage?  (I saw the lxc-start-ephemeral one)
<stgraber> hallyn: nope, start-ephemeral was the only one
<hallyn> ok
<arrrghhh> i just disabled UFW on both the client and server
<arrrghhh> still no dice
<arrrghhh> i get asked for a password, so the network connectivity between the two boxes is there...
<arrrghhh> anyone?
<resno> funkyHat: !
<hallyn> arrrghhh: whacky thought, but check your .ssh/config,
<hallyn> it sounds to me like you might have an entry doing ssh forwarding, and the forward isn't working
<arrrghhh> hallyn, 1 sec thx
<arrrghhh> hallyn, neither box has a .ssh/config
<arrrghhh> ~/.ssh/config
<arrrghhh> ?
<hallyn> arrrghhh: weirdness.  i'd dry 'ssh -vvv to get debug info
<hallyn> yeah ~/.ssh/config would be it
<arrrghhh> ok
<arrrghhh> scp -vvv works?
<arrrghhh> i'm trying to sftp
<hallyn> oh, dunno
<arrrghhh> ssh is disabled, this user should only have sftp rights.
<hallyn> oh
<hallyn> how exactly did you accomplish that?
<hallyn> so did you say that 'sftp x user@host' also does not work?
<hallyn> i'm not sure you can do sftp without being able to ssh...
<arrrghhh> hallyn, 1 sec
<arrrghhh> hallyn, http://solderintheveins.co.uk/2011/03/ubuntu-sftp-only-account-how-to/
<arrrghhh> hallyn, i am able to connect via WinSCP and copy files using that limited user account
<arrrghhh> so i don't know why it would work from my workstation but not the server....:/
<hallyn> arrrghhh: perhaps you need to specify the ssh key to use (with -i)?  failing that, this is too config-specific - cool, but i'd have to try it myself to see where it would fail lik ethat.
<arrrghhh> no keys
<arrrghhh> just password auth
<arrrghhh> i'm trying to keep is simple lol
<arrrghhh> i guess i can remove all the sftp-only stuff
<arrrghhh> just odd that it works from my workstation...
<hallyn> arrrghhh: yeah, it is weird...
<ernetas> Hey guys.
<ernetas> I'm running Ubuntu Server 12.04 on Amazon EC2 with 2 NICs.
<ernetas> Currently the configuration is under DHCP.
<ernetas> I'm using ip command to make both NICs work. But I can't automate it for system boot, because the default network adapter (the one which has gateway in "route" output) is always randomized from eth0 to eth1 on boot.
<ernetas> How do I make eth0 or eth1 the default one?
<ernetas> Anyone?
<arrrghhh> ernetas, sorry that's way above my pay grade... this room is slow today as well.
<arrrghhh> might want to post in ze forums
<genii-around> ernetas: It's in the /etc/udev/rules.d/70-persistent-net.rules   ...change in there eth0 to eth1 and change eth1 to eth0, after a reboot they will be swapped
<guest1> I want to implement Ubuntu Server 12.04 as a hardware firewall with 2 hard nics, 1 wireless. Nic#1==WAN, NIC#1==LAN, WirelessNic=LANWireless.  I found tutorials for installing Squid Proxy (Web Cache), and a little about how to configure Ubuntu as a DHCP/DNS/Internet Server. My problem is that I have not found any info talking about how to implement Codel, the latest Active Que Management (AQM) system. Bufferbloat.net does have "Binary
<guest1> source: http://www.bufferbloat.net/projects/codel/wiki
<guest1> I found a tutorial for installing SQUID: https://help.ubuntu.com/community/Squid, yet can't find any info about if codel only uses its AQM for the local server's data, or if it can be used for the DHCP/DNS/Cache/Hardware Firewall portion as well?
<arrrghhh> hallyn, the plot thickens.  i undid everything, and now when i type my password in it just hangs on rsync... what have i done.
<hallyn> strace -f -ooutout rsync <...> - see where rsync is hanging
<hallyn> kees: have you done any code review of mosh.mit.edu?
<arrrghhh> hallyn, what am i supposed to see from that strace command?  i don't see anything different in the console.
<arrrghhh> i type in my password, goes to the next line... and stalls out.
<arrrghhh> let me see if straight up ssh works now
<arrrghhh> it deso
<arrrghhh> does*
<arrrghhh> lol but it hangs on login.
<rbasak> addisonj: is http://ubuntuforums.org/showpost.php?p=10907831&postcount=6 related to your problem?
<addisonj> rbasak: this, this was it, just found it a minute ago: http://dev.bizo.com/2012/07/mdadm-device-or-resource-busy.html
<addisonj> but yes, I do need to make that work for reboot as well, thanks for your help!
<rbasak> addisonj: thanks - sounds like an mdadm or kernel bug
<addisonj> yeah, not sure where the fault lies, looks like the underlying cause is udev scanning the devices deciding if it should do something with em, apparently, that is new behavior to 12.04
<rbasak> addisonj: would you mind searching for a bug report and filing one if there isn't one with your instructions to reproduce, please?
<rbasak> addisonj: it would be good to get the information into one place in case other people hit the same thing
<addisonj> yeah, sounds like a good idea, spare someone else the 12 hours to figure that one out
<rbasak> and also to help gauge how common this problem is
<rbasak> thanks!
<arrrghhh> hallyn, it's "working"
<arrrghhh> i had to blow out the user and recreate him
<arrrghhh> and i haven't locked him down yet.  not sure if that guide isn't accurate or what...
<addisonj> rbasak: https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1030354 one already exists
<uvirtbot> Launchpad bug 1030354 in mdadm ""device or resource busy" on mdadm create" [Undecided,Confirmed]
<addisonj> quite old, never triaged
<addisonj> err nm, getting it confused with another bug I saw while searching
<rbasak> addisonj: thank you!
<rbasak> adac: ?
<rbasak> sorry
<rbasak> addisonj: ?
<rbasak> addisonj: looks like the same problem to me
<rbasak> addisonj: am I missing something?
<addisonj> no, I mean it is, i said it was old, its not that old a report
<addisonj> looks like it just needs triaged
<addisonj> all is well
<rbasak> Ah OK
<rbasak> It's a foundations bug, so I don't think it's appropriate for me to mess with it. I can't see it realistically being bumped in priority unless it affects more people as a workaround is available. But at least it's there to track it.
<rbasak> Thanks for looking!
<roaksoax> Daviey: howdy!! any particular reason why delta was dropped for bug #1018001?
<uvirtbot> Launchpad bug 1018001 in rabbitmq-server "Please sync rabbitmq-server 2.8.4 from Debian" [Medium,Fix released] https://launchpad.net/bugs/1018001
<Altoms> anyone here got RHCE ?
<_ruben> might as well have a poll for MCSE and CCNA as well...
<Altoms> how long did you study for rhce ?
<Altoms> for a medioce sysadmin it says probably around 1month study time req
<arrrghhh> Altoms, this is a support channel...
<arrrghhh> #ubuntu-offtopic perhaps?
<_ruben> a rh-oriented channel would be better i'd say ;)
<arrrghhh> lol that too
<roaksoax> jamespage: still around?
<roaksoax> lynxman: ping
<jamespage> roaksoax, yep
<roaksoax> jamespage: any ideas if we still need rabbitmq-stop and rabbitmq-erlang-client
<roaksoax> ?
<jamespage> roaksoax, hmm
<jamespage> I asked about this the other day - apparently not
<roaksoax> jamespage: uhmmm how so?
<jamespage> although it does remove 'package configured' options from rabbitmq IMHO
<uvirtbot> New bug: #1000710 in nova (main) "Attaching volume during instance boot doesn't work" [Medium,Triaged] https://launchpad.net/bugs/1000710
<ChmEarl> wew - got sound playing using xmms2 and abraca with no X11 install
<halvors> Anyone knows a about a good domain hosting panel as the virtualadmin module for webmin?
<arrrghhh> hey.  i have samba setup JUST how i want it on one machine
<arrrghhh> can i just copy the smb.conf to another?
<arrrghhh> 12.04 desktop --> 12.04 server if it matters
<hallyn> grrr.  i think my bzr merge failed to merge debian/control
<RoyK> arrrghhh: no difference between desktop and server in that matter
<RoyK> arrrghhh: so just copy the smb.conf, and it should be fine, unless you have AD integration or similar setup
<arrrghhh> RoyK, i do not
<arrrghhh> i copied the smb.conf
<arrrghhh> and did a service smbd restart
<arrrghhh> and my shares aren't showing...
<arrrghhh> bleh.  i'm headed home, i'll bb when i get home.
<arrrghhh> thx
<arrrghhh> RoyK, there?
<arrrghhh> anyone else know where samba config is?  i thought /etc/smb.conf was it, evidently not.
<Exopaladin> arrrghhh: Should be /etc/samba/smb.conf
<arrrghhh> derp
<arrrghhh> that's what i meant.
<arrrghhh> Exopaladin, let me explain what i'm trying to achieve.
<arrrghhh> i setup ubuntu desktop because i thought the proxy would prevent me from getting ubuntu-server onlilne.
<arrrghhh> so i used the GUI 'sharing' tool in ubuntu desktop to setup these shares.
<arrrghhh> now i'd like to move that config to the ubuntu-server setup - i assume just copy /etc/samba/smb.conf, right?  well that file doesn't seem to contain any of the data required to setup the shares.
<arrrghhh> i guess i can just go set it up manually.  i was trying to be lazy, and i'm always curious when my laziness doesn't quite work out like i expect it to :P
<rbasak> arrrghhh: GUI shares are usershares. They sit in /var/lib/samba/somewhere. Copying that might work but I don't think it's a good idea
<funkyHat> resno: !
<rbasak> arrrghhh: use "net usershare" to manipulate usershares. There's a net manpage
<arrrghhh> rbasak, ahhh.  ok.  i'll just go and set them up manually then.
<arrrghhh> it would be better to configure the shares in smb.conf, right?
<arrrghhh> so it's not user-specific
<rbasak> I would
<arrrghhh> k
<arrrghhh> thx
<arrrghhh> rbasak, you can *kinda* use those files as a guide for smb.conf
<arrrghhh> but it certainly isn't something that can just drop into the smb.conf and work.
#ubuntu-server 2012-08-09
<hadees> a couple of my disks keep reading as "Device or resource busy" i can't figure out what is using them
<hadees> i need to free them up so I can add them to my zfs pool, any idea?
<OldOneEye> how do i install SDL
<qman__> apt-get install libsdl1.2-debian
<qman__> er
<qman__> apt-get install libsdl1.2debian
<OldOneEye> hmm
<OldOneEye> i cant make
<qman__> you need compilers to make
<qman__> and dev libs
<qman__> build-essential is where it starts, but you may need other -dev libraries
<OldOneEye> how i install
<OldOneEye> ok kewl
<OldOneEye> how i install?
<qman__> apt-get install build-essential
<OldOneEye> ok
<OldOneEye> thanx
<OldOneEye> E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
<OldOneEye> cant apt-get
<qman__> follow the instructions it gave you
<qman__> apt-get update
<qman__> also apt-get must be run as root, so prefix sudo or sudo -i to get a root console
<OldOneEye> i cant access internet
<OldOneEye> home network is fine
<OldOneEye> but internet not working
<qman__> make sure your gateway and DNS servers are set
<qman__> view the configured gateway with route -n
<OldOneEye> how i check dns servers
<qman__> also ping 8.8.8.8 to test internet connectivity
<OldOneEye> gateway is set
<qman__> if that works, but names don't, it's DNS
<OldOneEye> it works
<OldOneEye> how i configure dns
<qman__> DNS servers get set in /etc/resolv.conf, but with 12.04, they now use resolvconf
<qman__> so they must be set in /etc/network/interfaces
<OldOneEye> interfaces is set
<OldOneEye> correctly
<qman__> here's an example: http://www.fogproject.org/wiki/index.php/Ubuntu_12.04_static_ip_configuration
<qman__> that's for 12.04, for older releases you just set them in /etc/resolv.conf normally
<OldOneEye> got it working
<OldOneEye> thanx
<hallyn> stgraber: lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-config-includes works for me for config file includes (using 'lxc.include = somefile')
<hallyn> (i'd tell highvoltage as i think he'd be interestedin testing, but i don't see him around)
<hallyn> stgraber: also, are you considering pushing the api stuff into quantal before ff?
<rockets> One of the web apps a dev wants to deploy to our server depends on the server time being set to the timezone of times he wants to display in the app. E.g. the app is going to be used by people in the EST zone, so he needs me to set server time to EST. Is this reasonable? Is it unfair for me to expect his app to just account for the fact that the server time is UTC?
<qman__> rockets, that's not even a little bit reasonable
<qman__> tell him to fix his app to use time zones properly
<rockets> qman__: that's what I thought.
<qman__> there's an entire system in place for just this reasons
<rockets> apparently it's an issue with an api from twilio we need to use
<rockets> where things break when php sets a timezone
<rockets> which is HORRIBLE, but unfortunately twilio is a requirement for this project
<qman__> using UTC as the system time, and setting the time zone for the applications, is the standard way across everything except Windows
<rockets> qman__: I'm not arguing with you. But we do need the twilio API to work.
<rockets> i don't know the exact issue yet. once i get more info, i'll have to make a decisino
<qman__> it's possible to change it to use local time, but it's definitely not normal
<Skaag> why am I being offered /dev/mapper by the grub installer during an Ubuntu 12.04 Server installation, as the boot loader target?
<Skaag> is it valid?
<jacobw2> morning
<feisar> hi, I need a little advice on 12.04 and scsi tapes. I have a whole list of devices that could (and do) relate to the tape but I don't know which one I should be using eg. st0, st0a, st0l etc. then sg5 seems to be in the 'tape' group also. I can write to the tape fine using st0 but I'm not getting it's full compressed size.
<melmoth> feisar, have a look in man st(4)
<feisar> melmoth: thanks
<melmoth> i think it explain what the minor number means (like , do you want to rewind after a read or not, and is compression used or not and so on)
<feisar> ah ok so /dev/st0a is a minor number? It looks like writing to that might use compression
<melmoth> for st0a the minor is 96 http://www.mjmwired.net/kernel/Documentation/devices.txt (you can chekc it out with ls -l too)
<melmoth> i must admit i do not understand exactly how to know if compression is used or not.
<feisar> I *think (with your pointers) I have worked out that /dev/st0a, st0m, st0l will invoke different compression rates
<melmoth> feisar, apt-get install mt-st :-)
<feisar> yes, thanks, I have done that
<melmoth> you can then send an ioctl to the device you want telling it to enable compression
<melmoth> (or i guess you could send the ioctl with some bit of c compiled yourself but i bet using mt-st is more convenient)
<feisar> melmoth: I actually installed mtx which gives the package 'tapeinfo' and that confirms that compression is available and enabled
<feisar> the tape should hold 400G compressed and last night (after 8 hours) it gave a 'full' error before finishing writing 240G
<melmoth> first thing i would check was to double check you rewinded to the beginning before starting to write.
<feisar> thats a good point
<feisar> hmmm... I can't write to st0a 'no such device or address'
<melmoth> http://www.redhat.com/archives/redhat-list/2003-April/msg00242.html
<melmoth> as far as i understand, the minor number contain information about rewind + compression + mode
<melmoth> but i do not know, given a minor number, how to tell wich of those option are set
<melmoth> (all i know is, people tend to call non rewind device nstsomething, and that s about it :) )
<lynxman> roaksoax: pong
<feisar> melmoth: thanks for your help
<lynxman> melmoth: quite a nice breakfast you had ;)
<melmoth> hehe, that was yesterday dinner (just before a local lug gathering)
<lynxman> melmoth: aaah
<melmoth> they changed the hotdog size, they used to be wayyy smaller, was a bit surprised.
<lynxman> melmoth: certainly it looked yummy
<Anomie211> How do I update to the latest php on Ubuntu 11.10? I'm getting 'E: Broken Package' when following this guide -- http://askubuntu.com/questions/108929/easiest-way-to-upgrade-php-to-latest-version-on-11-10
<zaggynl> So I set up the following: http://pastebin.com/MKn6AA1q
<zaggynl> seems to work well until md3 starts giving ext4 errors, resulting in a read only mount until I fsck and remount
<zaggynl> should I just go back to 1 disk for os and rest for raid?
<AdvoWork> Hi there. i'm having a problem with some mounts on my servers. I'm moving files to a folder /mnt/documents on (server1) this works fine as it is, but the thing is, /mnt/documents is supposed to be a mounted share that i've done in /etc/fstab. When i do sudo mount -a this works too(it mounts and I can see the shared files). The problem is, as soon as I mount it, I get a permission denied problem and can no longer move files to /mnt/documen
<AdvoWork> ts. I've done various tests, i've chown'ed things such as ftp:ftp, ftp:wheel, root:root, i've set to 777 as a test. same problem. I'm mounting via: //192.168.0.2/new_documents /mnt/documents cifs exec,credentials=/home/credentials. Any ideas please?
<stanman246> hi is 12.04lts ready for production, or do you still use 10.04 lts?
<rbasak> stanman246: https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuServer#From_10.04_to_12.04 "It is generally recommended that users of Ubuntu 10.04 LTS wait until the first point release, due in July, before upgrading. "
<rbasak> Although the firist point release is expected at the end of August
<rbasak> Not sure why that says July
<stanman246> rbasak, right. hmm.. I think I'll upgrade to 12.04.1 when it hits the streets then
<stanman246> and go for 10.04 now
<samcoldham1> I Recently bought a server and wondered if i should run with ubuntu how hard it is to set up because im not that good with ubuntu yet or servers so how hard is it to do and is it worth doing
<jpds> samcoldham1: If it's a new deployment why not just do 12.04 for now, rather than have to upgrade later?
<jpds> samcoldham1: Not hard at all; what are you going to do on this server?
<jpds> stanman246: â That first was for you.
<rbasak> jpds: samcoldham1: yeah I was thinking about saying that. If it's a new deployment then presumably it'll be a few weeks before it goes into production anyway, so might as well get everything ready on 12.04 and then defer going live until 12.04.1 if you want
<samcoldham1> use it for storage for files and run a website on it
<jpds> samcoldham1: https://help.ubuntu.com/12.04/serverguide/index.html
<samcoldham1> is ubuntu making a new devlopment then
<samcoldham1> when is this coming out
<jpds> samcoldham1: Sorry, that first message wasn't aimed at you.
<samcoldham1> oh ok
<stanman246> jpds, true
<stanman246> samcoldham1, why not install proxmox if it's a new server?
<samcoldham1> could i run desktop enviroment like xfce or xorg i mean with ubuntu server
<samcoldham1> whats proxmox
<stanman246> http://www.proxmox.org
<stanman246> virtualization
<jpds> stanman246: KVM is the supported virtualization solution on Ubuntu Server.
<stanman246> jpds, i know, but i find the proxmox VE also very workable :)
<jpds> samcoldham1: https://help.ubuntu.com/community/ServerGUI
<jpds> samcoldham1: You could, but that page explains why you shouldn't.
<samcoldham1> yeah i understand now why you shouldnt ur pc would be more vunerable to security threats
<AdvoWork> I have a mount in /etc/fstab: //192.168.0.207/new_documents /mnt/documents cifs exec,credentials=/home/credentials and im trying to use it to move files, which fails. is it mounting as read only or something. As root i can touch file.txt no problem. doing the same with my web user(as i need todo this wil php files gives): cd /mnt/documents su www-data $ touch testing.txt touch: cannot touch `testing.txt': Permission denied
<samcoldham1> is it easy to use kvm
<jpds> samcoldham1: 'easy' is a relative term.
<jpds> samcoldham1: https://help.ubuntu.com/12.04/serverguide/virtualization.html - has some of the base documentation you need.
<samcoldham1> what can you do in kvm
<samcoldham1> like can you create documents or something or is it just to manage the server
<samcoldham1> how does kvm hold your documents
<samcoldham1> i guess the server does that
<stanman246> samcoldham1, first read some kvm wiki's. After that you'll understand virtualization
<stanman246> brb
<uvirtbot> New bug: #1034824 in bind9 (main) "oneiric to precise upgrade leaves obsolete configuration file: /etc/bind/named.conf.options " [Undecided,New] https://launchpad.net/bugs/1034824
<basil60> hi any chance of advice on troubleshooting a web server that doesn't appear to work?
<jamespage> zul: are you likely to upload a fix for bug 1006898 today?
<uvirtbot> Launchpad bug 1006898 in dnsmasq "[SRU] dnsmasq fails at leasing issues when using vlan mode" [Medium,Fix released] https://launchpad.net/bugs/1006898
<jamespage> if not I'll push it back to -updates
<basil60> thanks..i'll try again later
<zul> jamespage: nope adding that patch makes me nervous for desktop users
<zul> morning
<lynxman> zul: morning!
<uvirtbot> New bug: #1034869 in samba (main) "winbind normalize names = yes    disable  winbind cache mechanism and cause LDAP heavy load / poor performances" [Undecided,New] https://launchpad.net/bugs/1034869
<jamespage> zul, ack
<stgraber> hallyn: cool. I'll try to take a look at that branch later today. highvoltage is now jocarter on IRC, though he doesn't seem to be on this channel
<stgraber> hallyn: I'm indeed planning to push the API work before FF
<hallyn> stgraber: ok, i'll need to merge back in some new features presumably (like seccomp)
<hallyn> though i can do that after ff of course
<hallyn> stgraber: is that in for new lxc features?  (i think it is)
<stgraber> hallyn: yeah, I don't expect anything else major to land before FF
<stgraber> hallyn: I guess the best plan at the moment is to test the config include stuff, then push that to quantal, then I can rebase the API branch on quantal, have that one fixed and tested, then push that one to quantal
<hallyn> sounds good.  (and then i have some docs to write :)
<alex88> hi guys, ls --xml seems to be deprecated, another option to do that?
<zul> smoser: ping
<hallyn> can someone who has access pls accept the nominations for lucid..precise for bugs 629439 and 781411 ?
<uvirtbot> Launchpad bug 629439 in vde2 "Bug vde_plug input handling can cause ehter frame loss/corruption or buffer overread by 1" [High,Triaged] https://launchpad.net/bugs/629439
<uvirtbot> Launchpad bug 781411 in vde2 "slirpvde: Massive memory leak" [Unknown,Fix released] https://launchpad.net/bugs/781411
<rbasak> jibel: could you help me understand bug 1034824 please? I don't follow it, because /etc/bind/named.conf.options is a conffile that should exist in precise bind9 as well. What am I missing?
<uvirtbot> Launchpad bug 1034824 in bind9 "oneiric to precise upgrade leaves obsolete configuration file: /etc/bind/named.conf.options " [Undecided,New] https://launchpad.net/bugs/1034824
<trevjs> After installing postfix I'm trying to connect to it with telnet and I get "connection closed by foreign host" any ideas as to why this would be happening?
<Anomie211> My filesystem is mounting in readonly mode for some reason, not letting me umount it (not producing any errors either though)  : http://pastebin.com/vSYPbK1p
<trevjs> Anomie, not entirely sure Anomie, but maybe try umount -v and see if it gives you more info
<Anomie211> root@server1:~# umount -v /dev/xvda
<Anomie211> umount: /: not mounted
<Anomie211> I'm accessing via LISH btw since ssh isn't working if that is relevant
<Anomie211> trevjs: My server is very confused. http://pastebin.com/DhZHdn2n
<trevjs> is it your root?
<Anomie211> trevjs: Yeah
<Anomie211> It's stuck in read-only mode for some reason so I'm trying to unmount/remount it
<trevjs> Are you trying to unmount so you can check it?
<Anomie211> I'm trying to unmount because I had the same problem a few hours ago, someone told me to umount it and run fsck /dev/xvda;mount -o remount,rw /media/xvda
<Anomie211> which fixed it
<Anomie211> but it isnt working anymore
<trevjs> I can't fathom how you would unmount the root filesystem, unless you are in some sort of recovery mode.
<Anomie211> trevjs: I'm in via LISH
<Anomie211> It is a recovery mode for your server when nothing else is working
<Anomie211> Not sure if has the same rights as full recovery mode though - I'll try recovery mode
<trevjs> there is a -f flag for umount as well to force, but I'm uncomfortable giving my advice in this situation.  If you want to try it, it is at your own risk.
<Anomie211> trevjs: It's a backup server anyway
<Anomie211> I cloned my current server so I could work on it with 0 downtime
<trevjs> is there a way to see ufw rules before you enable?
<Anomie211> This is what comes up when I first login
<Anomie211> http://pastebin.com/81QiAPaR
<Anomie211> Any idea why my root file system isnt mounting?
<Anomie211> trevjs: Found the problem. 'Automount devtmpfs' was enabled (I didn't enable it - not sure how that happened). I disabled that and it's working again. Ta anyway :)
<smoser> zul, you rang?
<smoser> some time ago
<zul> smoser: found what i was looking for
<jibel> rbasak, there is a post upgrade test that checks files considered as obsolete by dpkg after upgrade by running dpkg-query -W -f '${Conffiles}'|grep obsolete
<axisys> so what is the recommended route to enable local dns caching? I see dnscache-run pkg available and my desktop has dnsmasq running..
<Anomie211> Got my server mounted, updated to 10.04  - presented with this problem - http://pastebin.com/DuF0vn2T
<uvirtbot> New bug: #1034962 in bacula (main) "bacula dependency on bacula-server fails with held broken packages" [Undecided,New] https://launchpad.net/bugs/1034962
<uvirtbot> New bug: #1034963 in python-boto (main) "shouldn't ship public module tests" [Undecided,New] https://launchpad.net/bugs/1034963
<Datz> Is this a new message that has been enabled?
<Datz> Your CPU appears to be lacking expected security protections. Please check your BIOS settings, or for more information, run: /usr/bin/check-bios-nx --verbose
<Datz> I hadn't seen it before, but I did recently make some changes in Bios. None that I would imagine disabled NX capabilities
<akls> how can I create a wireless access point in ubuntu server?
<hallyn> akls: access point you can't, but in ad-hoc mode isn't too hard
<hallyn> just use iptables to nat traffic from wlan0 to eth0, and run a dnsmasq on wlan0
<hallyn> (iwconfig it to ad-hoc mode first and ifconfig it to the addr you want)
<speciaLGuest> anybody can help me with my "last" command output ? http://pastebin.com/Hi5A1dBf
<speciaLGuest> it never looked like this with so many lines/rows
<jparker> Anyone got any tips for updating from 6.06 to 12.04?
<mdeslaur> jparker: wow...you'll likely have to do 6.06 -> 8.04 -> 10.04 -> 12.04
<mdeslaur> jparker: reinstall instead? :)
<patdk-wk> jparker, seriously? :)
<jparker> ha, yeah this is mostly me trying to get around doing more work
<patdk-wk> there will be alittle breakage upgrading 6.06 to 8.04, but I've done it for doh :)
<jparker> actually this is on a throw away dev box that I am testing things out on
<patdk-wk> basically, search/replace dapper with hardy in /etc/apt/
<patdk-wk> and apt-get update, apt-get dist-upgrade
<jparker> gotcha
<patdk-wk> reboot, and fix it
<patdk-wk> that will get you on stable
<patdk-wk> then normal lts upgrades from there
<patdk-wk> I can't remember what exactly broke, been awhile
<patdk-wk> once your on lucid though, upgrade to grub2, before upgrading to 12.04, or your hit another bug
<jparker> ahh okay
 * patdk-wk thinks your on the wrong irc net though :)
<samcoldham1> is it possible to install gnome to ubuntu server
<samcoldham1> would it be ok to install kde or gnome to ubuntu server
<genii-around> It is not recommended to have a graphical desktop on servers, since X uses a lot of resources.
<samcoldham1> how would upload images and files to the website then
<wedgie> why would you need a graphical environment to do that?
<genii-around> Usually with scp
<samcoldham1> oh ok thanks
<samcoldham1> can you change the directions and move the photos with scp
<samcoldham1> how would u manage the things u have on the website
<genii-around> !ebox
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<samcoldham1> is there a free alternative
<raubvogel> Does sshd in 10.04LTS support GSSAPIServerIdentity ?
<raubvogel> According to https://bugs.launchpad.net/ubuntu/+source/openssh/1:5.7p1-1ubuntu1, it should be there
<raubvogel> But I am not seeing that happen when I test it
<raubvogel> Oh, NVM. Looking at wrong machine. 10.04LTS has ssh 5.3.
<uvirtbot> New bug: #990945 in samba (main) "samba-common doesn't read workgroup from smb.conf" [Undecided,Incomplete] https://launchpad.net/bugs/990945
<jkyle> does apt-cacher-ng allow serving your own local packages?
<adam_g> zul: ping
<zastern> I have the following in my /etc/environment: NODE_PATH="/usr/lib/nodejs:/usr/share/javascript:/usr/lib/node_modules/"
<zastern> but if i logout and login, and do echo $NODE_PATH
<zastern> I just get /usr/lib/nodejs:/usr/share/javascript
<adam_g> SpamapS: anything you can see that would be blocking progress on bug #1021530?
<uvirtbot> Launchpad bug 1021530 in openvswitch "[SRU] update to include stable fixes for OVS 1.4" [Medium,Fix committed] https://launchpad.net/bugs/1021530
<Spazio> hi guys..i am trying to install wine on ubuntu server 12.04 but i get an error message that he grub boot loader wcannot install..it doesn't let me stop installation so dunno how to proceed
<smw> anyone know why tomcat on ubuntu 10.04 would hang at Adding specified lib dirs to ClassLoader? http://fpaste.org/bsFo/
#ubuntu-server 2012-08-10
<MagicFab_> Hi - is it possible to access the server filesystem from an LTSP client? I can't seem to find any docs about this.
<zul> adam_g: pong
<JonEdney> I'm having an issue with a server I just installed on a VPS - had all the services working without problem, and came back a few hours later to work on it, and I cant get services to start up.  Had to connect via serial web console.
<Gr3mlin> hay all, would i be shoot if i said i was using ubuntu server for a mincraft server?
<JonEdney> I checked all the logs I know of, nothing indicates a problem, yet I cant get anything to start.
<mardraum> JonEdney: can you even ping it?
<mardraum> Gr3mlin: no, it works fine
<JonEdney> mardraum, nope
<mardraum> then I suspect you have a networking issue?
<JonEdney> Only serial console access, even after reboot
<mardraum> check your network config and talk to your VPS provider I guess
<JonEdney> That was my next step, I'm browsing over logs again
<JonEdney> Thanks mardraum
<Gr3mlin> fine and great! :) only it wont allow me to use both thread of the CPU for the MC server. any pointers?
<JonEdney> wth, you're right.  There is no eth0 refernce in my interface config file
<mardraum> Gr3mlin: ubuntu isn't stopping you, that sounds like a minecraft question, this probably isn't the best forum.
<Gr3mlin_> sorry bout that guys. router issues now.. :S
<Gr3mlin_> so  think i said, i have an issue with mincraft server not using all the CPU cores. any one know a trick?
<JonEdney> Hmm, would failed networking config, cause apache, mysql, ssh, dovecot, etc to just not start?
<JonEdney> Tried starting apache, and i got disconnecte
<mardraum> JonEdney: most would start but depends how you have them configured
<mardraum> eg if you specifically told apache to bind to an IP that wasn't there it would be unhappy
<JonEdney> That would make sense.  This is something I've been working on as part of a learning process, I could have mistyped something.
<mardraum> how do you know they are not starting?
<mardraum> try eg service ssh status
<JonEdney> Well, I'm logged into the serial console
<JonEdney> They all say not running, I did find some info when I tried to toggle networking though.
<JonEdney> postconf: warning: /etc/postfix/master.cf: unused parameter: smtpd_bind_address=127.0.0.1
<JonEdney> Never seen that before, I must investigate.
<mardraum> I think your /etc/network/interfaces is boned
<mardraum> if you have lost localhost...
<JonEdney> I did see something weird in there, referencing something I've yet to hear of..
<JonEdney> "iface venet0 inet manual"
<JonEdney> http://pastebin.com/x5gyJ7iB
<JonEdney> Thats my interfaces
<JonEdney> Which is NOT what I set up, I wonder if another services changed it.
<mardraum> read the top of the file?
<mardraum> venet0 - openvz
<mardraum> btw I can ping both those public IPs
<JonEdney> Hmm.
<JonEdney> I've had this set up working before, but couldn't get the mail server working, so I reinstalled and tried again, got the mail working, and this happens, strange.
<JonEdney> I'll tinker some more.  Thanks for your input mardraum
<mardraum> that postfix warning won't stop postfix from running
<JonEdney> Hmm, and everything is coming back up, I wonder if there was a problem at my host..
<JonEdney> Ill have to keep investigating, now it cant be pinged.
<JonEdney> Thanks again for the input mardraum; take care.
<sarthor> Hi, I have a domain name, and I do not have static IP, but I have dyndns paid account, Can I host a website on my local machine? If yes, So what will be my DNS 1 and 2 to put in my registrar website against my domain. I am new in this world, my main goal is to learn and understand this stuff. the website is just for learning purpose. using ubuntu server 12.04 on my machine, Guide me please.
<mardraum> sarthor: if you wish to use dyndns, you will need to ask them (or maybe check their faq?) nothing to do with ubuntu
<trimeta> Something I've never entirely understood: if the changelog for linux-meta says that the only effect of the new kernel version is "Bump ABI", is there any reason whatsoever to reboot into the new kernel?
<SpamapS> adam_g: FYI, the reason bug 1021530 fell of the SRU team radar is because 1.4.0-1ubuntu1.2's changes file was generated incorrectly, it didn't list both updates, so bug 1021530 was not being tracked properly.
<uvirtbot> Launchpad bug 1021530 in openvswitch "[SRU] update to include stable fixes for OVS 1.4" [Medium,Fix committed] https://launchpad.net/bugs/1021530
<SpamapS> fell off rather
<ScottK> trimeta: It's not the linux-meta changelog that should interest you, but the changelog of the specific kernel you're installing.
<trimeta> ScottK: "aptitude changelog linux-image-3.2.0-29-generic" tells me there is no changelog.
<ScottK> Hmmm.  Not sure for kernels.
<ScottK> I mostly read the security notices and worry about kernel reboots when I see something scary from there.
<trimeta> Looks like nothing for 3.2.0.29, based on USN...oh well, I'll just stick with 3.2.0.27 until something happens.
<ScottK> There's a mailing list for the USNs.
<koolhead17> hi all
<Anomie211> http://pastebin.com/DuF0vn2T  -- Can anyone help with this error upon upgrading 9.04 -> 10.10
<trimeta> Anomie211: Do you have some weird disk setup? It looks like xvda may have had problems mounting the root filesystem read-write, which led to a problem with udevd...although, I've never tried upgrading across different versions, so I have no idea what's normal here.
<Anomie211> trimeta: I'm not sure? I'm with Linode and I cloned my original Linode so that I could upgrade it 9.04 -> 10.10 -> 12.04 and switch over  the IP (with 0 downtime). The clone straight away mounted in read-write. I fixed this buy eventually figuring out that 'Automount devtmpfs' had been set to 'yes' in my new Linode config (it wasn't in the original). Turned that off and it fixed the problem; updated to 10.10 and its giv
<Anomie211> *by
<trimeta> I don't even know what Linode is; I don't think I can provide much useful advice.
<Anomie211> Just a VPS provider
<Anomie211> I'll try #linode. Maybe it is problem on their end somehow
<Anomie211> trimeta: fixed by turning 'Automount devtmpfs' back on. it was an issue with 9, which apparently was fixed in 10+
<trimeta> Ah.
<AdvoWork> anyone else seen this error with 12.04? error: error accessing /var/log/squid: No such file or directory from cron.daily?
<_ruben> sounds like a flawed logrotate thingie
<Anomie21> Processing was halted because there were too many errors.
<Anomie21> Upgrade complete
<Anomie21> The upgrade has completed but there were errors during the upgrade process.
<Anomie21> Should I be worried?
<Lachezar> Hello. I am having trouble increasing the Open Files limit for a user. Please advise!
<Lachezar> I am using 'sudo -u <user> <command>', and then I look at the /proc/?????/limits.
<Lachezar> When I do 'sudo -u <user> -i' I can see the limit has increased.
<Lachezar> But when I do 'sudo -u <user> <command>' from an /etc/init.d script the limits stay default.
<_ruben> Lachezar: try with 'sudo -Hu ...'?
<Lachezar> _ruben: why would I need to change the HOME?
<_ruben> Lachezar: oh, right, it only sets $HOME. for me that pretty much works around all sudo related issues i've run into (like cvs and gpg), but they indeed store their settings in $HOME. so in your case, dunno
<_ruben> might need to use su in addition to sudo
<_ruben> 'su -' in particular
<Lachezar> ?!?
<_ruben> '
<Lachezar> sudo su - glassfish $GLASSFISH_HOME/bin/asadmin restart-domain?
<Lachezar> Is this what you're saying?
<_ruben> 'su -' does an actual login .. nah, but close, lemme see if i can figure the exact syntax
<Lachezar> _ruben: I need this in an /etc/init.d/glassfish
<_ruben> Lachezar: in that case i'd just try "su - glassfish -c $GLASSFISH_HOME/bin/asadmin restart-domain"
<Lachezar> _ruben: Do I need quoting or stuff? Because the restart-domain does not get sent...
<Lachezar> _ruben: Â«su - glassfish -c ".../asadmin restart-domain"Â» does not fix the limits.
 * Lachezar is rebooting...
 * Lachezar can't believe his eyes: restarting helped...
<Anomie21> Getting this error from my server
<Anomie21> PHP Deprecated: Â Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/mcrypt.ini on line 1 in Unknown on line 0
<Anomie21> Cannot load the ionCube PHP Loader - it was built with configuration 2.2.0, whereas running engine is API220090626,NTS
<Anomie21> I'm assuming its because I kept my existing mcrypt.ini when I updated - anyone know where I can find the current one?
<bhosmer> Anomie21: You can replace the # with // I think and that warning will go away.
<bhosmer> I'm sorry replace the # with ;
<Anomie21> bhosmer: Just got rid of that line, was expecting it to be a big file but there was only 2 lines of code in it
<Anomie21> and the one that was causing the issue was a comment
<bhosmer> Yeah, when you upgraded php your old ini file still had the old comment style from php 4. It really wouldn't have hurt anything if it was there, that warning was just telling you about the new comment style.
<DoomGuy> I have a weired problem.. I have configured a DNS  server for caching and doing Name Resolutions for some servers
<DoomGuy> the problem is that I can access that servers by name from windows station without problem but can't do the same from linux stations
<DoomGuy> like mine..
<DoomGuy> can someone helps me ?
<Anomie21> Getting this error too now : Any ideas? Cannot load the ionCube PHP Loader - it was built with configuration 2.2.0, whereas running engine is API220090626,NTS
<_ruben> Anomie21: you already had that error, you'll likely need to rebuild ioncube or so
<chmac> How do I monitor directory usage over time? My root partition is filling up, and I'd like to know where the extra space is being used.
<chmac> To be more explicit, I'm looking for something automated, short of writing a bash script to store du output via cron.
<imminentCucumber> good morning.  the colors in ls are really starting to drive me nuts.  I have tried to implement a bash alias for ls, but it doesn't seem to work.  I've created bash aliases before, so I'm not sure what's wrong.  Here's a screenshot:  http://imgbox.com/acrEWDQg  TIA...
<zul> morning
<koolhead11> hallyn: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/997978
<uvirtbot> Launchpad bug 997978 in qemu-kvm "KVM images lose connectivity with bridged network" [High,Confirmed]
<kodapa> hello, I'm investigating the same issue as koolhead11 just posted
<koolhead11> is it closed?
<kodapa> No
<kodapa> Confirmed
 * koolhead11 is off for weekend
<kodapa> We're running OpenStack Essex under Ubuntu 12.04 and having problems with VM networking dies after high net io. Using virtio network bridge
<kodapa> Seems to only affect 11.10 guests and up
<kodapa> ifdown and ifup inside the VM makes networking work again temporarily
<kodapa> The bug is reported since 2012-05-11 and it's pretty critical
<kodapa> It seems like a upstream fix in the kernel exists: https://bugzilla.kernel.org/show_bug.cgi?id=42829
<uvirtbot> bugzilla.kernel.org bug 42829 in kvm "KVM Guest with virtio network driver loses network connectivity" [Blocking,Resolved: code_fix]
<jacobw> hallo, is there a printable reference for byobu keys?
<pmatulis> did inetd always need to be installed or was it removed from the default install at one point?
<hallyn> kodapa: (koolhead11 has left the building) I've so far not reproduced that one (bug 997978).  I guess I'll try with nc from a different host and to two separate vms...  but i have a feeling there's another piece i'm missing
<uvirtbot> Launchpad bug 997978 in qemu-kvm "KVM images lose connectivity with bridged network" [High,Confirmed] https://launchpad.net/bugs/997978
<hallyn> the kernel patch mentioned in that bug is already in precise, and not having vhost_net has not helped me reproduce
<hallyn> hm, now admittedly i had a 'while [ 1 ]; do echo -n 1; sleep 5; done' loop going to show me if net was still up.  i suppose that could have kept the network up.  i'm trying now with that as well as nc from another host to two separate vms
<kodapa> hallyn: I'm trying to reproduce the bug in our lab too
<kodapa> hallyn: trying with nc, ping and iperf atm
<kodapa> hallyn: seems like we need to spawn lots of connections, not just traffic
<kodapa> hallyn: another theory is bonding, our production environment uses bonding, our lab does not
<kodapa> hallyn: when did the patch get into precise?
<hallyn> kodapa: not sure offhand
<hallyn> yeah i'm not using bonding, i don't remember if everyone in that report was
<hallyn> lemme add that to the mix here
<arrrghhh> hey all.  i have a VM of ubuntu server.  i want to SHRINK the disk.  is that possible, assuming the space OK?
<arrrghhh> or if i shrink the disk, will it freak out when i power it back up?
<escott> arrrghhh, you need to boot the vm with an iso image shrink and shrink the filesystem inside the vm image first
<arrrghhh> escott, sorry i didn't follow that
<escott> arrrghhh, the system installed in the vm has a filesystem tailored to the size of the virtual disk originally presented to that os. you have to shrink that filesystem first
<arrrghhh> so boot a livecd, shrink the guest file system, then shrink it in esxi?
<escott> arrrghhh, yes
<arrrghhh> yea, that makes sense.
<arrrghhh> cool
<hallyn> stgraber: looking at http://www.stgraber.org/2012/01/04/networking-in-ubuntu-12-04-lts/ - claims br0 shouldn't come up unti lbond0 is ready, but my precise box comes up with br0 not up, and when i dhclient br0 it immediately comes up
<uvirtbot> New bug: #1030316 in postfix (main) "evolution don't hadle IDN-Mail adresses" [Undecided,New] https://launchpad.net/bugs/1030316
<jparnell> is this thing active?
<arrrghhh> i was going to say define alive
<arrrghhh> but i guess not.
<fire_> it's dead :D
<zul> jdstrand: cinder should be ok now
<jdstrand> zul: ok
<jdstrand> I'll take another look
<zul> jdstrand: can you do me a favor, can you do a review of cliff-tablib and tablib please? they are needed for python-quantumclient
<jdstrand> zul: are there MIRs for them? I don't see them on the list
<zul> jdstrand: not yet they are stuck in binary-new
<jdstrand> zul: oh! sure
<zul> jdstrand: thanks
<Psi-Jack> Blah, now when I just try to activate them, soon as they do their interval, they re-mark it inactive.
<Psi-Jack> Yeah, there is NOTHING in the agent log at all about it the #3 or #4 log item processors besides the fact, it IS actually watching them, initially, then it just isn't anymore.
<zastern> If I create an upstart script for a daemon I've built, and I want it to run at boot, is it enough to just create a symlink for it in /etc/init/?
<arrrghhh> zastern, why not use the built-in update script?
<zastern> arrrghhh: I don't know about that - can you elaborate?
<arrrghhh> update-rc.d
<zastern> arrrghhh: what does that do exactly
<arrrghhh> sorry, i was looking it up.  forgot the command myself
<zastern> i dont want to run something that just makes any installed daemons run at aboot
<arrrghhh> it automatically populates rc.X depending on when you want it to start.
<arrrghhh> no no
<arrrghhh> you tell it what to update
<arrrghhh> check the manpage ;)
<zastern> arrrghhh: I don't want to create things in runlevels . . . isnt that init?
<zastern> im trying to do things in an upstarty-way
<arrrghhh> that is how you do it in an upstarty-way
<arrrghhh> it's the "official" way to add daemons to startup
<arrrghhh> you can also remove daemons from startup using the same tool
<uvirtbot> New bug: #1035441 in krb5 (main) "package libk5crypto3 1.10+dfsg~beta1-2ubuntu0.3 failed to install/upgrade: libk5crypto3:amd64 1.10+dfsg~beta1-2ubuntu0.3 cannot be configured because libk5crypto3" [Undecided,New] https://launchpad.net/bugs/1035441
<arrrghhh> zastern, does that make sense?
<arrrghhh> sorry i didn't explain real well, doing 5 things at once.
<arrrghhh> well i'll probably be on a bit later.  headed home now.
<pdtpatrick> interesting - i think postgresql's packaging needs some work. sysctl does not read the file it places in /etc/sysctl.d/30-postgres*
<kodapa> hallyn: any progress?
<hallyn> kodapa: i still can't reproduce
<hallyn> kodapa: given that you say you're using bonding and can only reproduce it in the production lab,
<hallyn> kodapa: can you post some info on your bond setup and the switches you're using?
<hallyn> most of the odd network issues i've seen have been due to bad switches, badly configured switches, or use of bond modes which don't work well with the network hardware
<kodapa> hallyn: we don't have this issue with any other servers, using the same bonding setup and switches
<kodapa> only with openstack essex under 12.04
<hallyn> kodapa: <frown>  so maybe i need to install essex
<hallyn> kodapa: that same setup in your dev lab has not reproduced it yet though right?
<hallyn> i'm really thinking bonding is to blame, only bc that seems to usuallyb e more fragile
<kodapa> hallyn: no, but I've not tried generating many connections yet
<hallyn> i tried pinging a set of about 20 hosts in parallel, but you're probably talking something more
<kodapa> yeah
<Vampy> hey guys.. im forgetting the package that allows pasting to pastebin from cli, can soeone remind me what it is
<patdk-wk> pastebinit
<Vampy> apt-get install pastbinit?
<patdk-wk> no
<Vampy> is it default install in ubuntuserver
<Vampy> basically i'm gettin a few error during an email server setup, and would rather pastebin then try and type it out..
<greppy> Vampy: apt-get install pastebinit
<Vampy> greppy, thanks
<arrrghhh> lol
<Vampy> now to use that i would run the command ie apt-get install pastebinit | pastebinit correct?
<greppy> something like that, double check the man page :)
<Vampy> kk will do
<hallyn> stgraber: I'm thinking we should spit out a warning if lxc gets called with a tight umask
<Vampy> ok so first proble here is im unable to telnet into the localhost via port 25 heres the PB url http://paste.ubuntu.com/1140160
<patdk-wk> vampy, we know it doesn't work, that is what you keep saying
<patdk-wk> the question is, how did you break it? :)
<patdk-wk> or what is your config look like
<Vampy> what config file would you like.. i'll pastte it
<patdk-wk> I dunno
<patdk-wk> what mta are you using?
<Vampy> postfix
<patdk-wk> it's your system, not mine :)
<patdk-wk> postconf -n | pastebinit
<arrrghhh> hah
<Vampy> paste.ubuntu.com/1140168
<Vampy> im also using Flurdy's mail server howto
<patdk-wk> no wonder
<patdk-wk> you don't know how to use smtpd_*_restrictions
<Vampy> patdk-wk, this is the howto i'm foloowig http://flurdy.com/docs/postfix/#test-common
<patdk-wk> and you did the whole thing without testing it as you went?
<patdk-wk> does postfix even start?
<patdk-wk> anything in mail.log?
<Vampy> thought i had tested, but i've been working on it over bout 3 days
<Vampy> lemme paste mail.log
<Vampy> that's in etc or var/log
<Vampy> mvmnd found it
<Vampy> paste.ubuntu.com/1140177
<patdk-wk> typo's everywhere it looks like
<patdk-wk> according to mail.log
<patdk-wk> plus your database doesn't match your postfix config
<patdk-wk> can't locate your certificate
<patdk-wk> note, read mail.log, fix errors, mail work :)
<patdk-wk> generally
<Vampy> kk i see /etc/postfix/msyql as an area to look in.. i should invest that spot first?
<patdk-wk> but you need to fix those three, then after that, I'm sure there will be other errors, as it can make more progress
<Vampy> kk headin to that file to see the error
<patdk-wk> I dunno, make it match however your database is setup
<patdk-wk> or make your database match how it's set
<Vampy> ok when i log in to mysql thru that db, i have no issues loggin in or editing, why is it not allowing postfix?
<patdk-wk> I didn't say it did
<patdk-wk> I said they don't match, fix your schema
<patdk-wk> read the error
<patdk-wk> it's very self explanatory
<patdk-wk> column email doesn't exist
<patdk-wk> it doesn't say anything about not being able to login
<Vampy> patdk-wk, the refering column is from "where_field= " correct?
<patdk-wk> dunno, likely
<patdk-wk> there is too many different ways you could make that file
<Vampy> and that was exactly the area i needed to fix.
<Vampy> and unused parameter isnt a bad error correct?
<patdk-wk> it's generally not good
<Vampy> ok 2 pastes for ya paste.ubuntu.com/1140194 and 1140195
<Vampy> those are master.cf and main.cf
<patdk-wk> like 138 is screwed
<patdk-wk> needs to be indented
<patdk-wk> and should uncomment lines 16-21
<Vampy> which file
<patdk-wk> master.cf
<Vampy> line 138
<Vampy> needs to line up with  L139?
<patdk-wk> well, with the others around it
<Vampy> ok
<Vampy> 16-21 needs uncommenting?
<patdk-wk> if you want email to work, when your not local to the server
<Vampy> ok done.. any other errors in master.cf?
<patdk-wk> not that I notice
<Vampy> ok main.cf?
<patdk-wk> really should use a proper certificate
<patdk-wk> you really want to relay via gmail?
<Vampy> is certificated.crt a default crt?
<patdk-wk> no
<Vampy> ok, please explain
<patdk-wk> that could take me a few days
<patdk-wk> do you not know anything about servers? and you want to run an email server?
<Vampy> i'm learning
<patdk-wk> email is the hardest thing to do, and it needs lots of maintance
<Vampy> which is why i picked it first
<patdk-wk> ya, wrong way
<patdk-wk> see, your doing email
<patdk-wk> but in order for that email setup you used to work
<patdk-wk> it depends on WEB, DATABASE, DNS, ...
<patdk-wk> all things you are suppost to understand well before doing
<Vampy> ok, this is one i've choosen as i do not have the money to buy hosting, or a server, to run my business
<Vampy> is there a better channel for new learning to server ?
<arrrghhh> Vampy, it honestly might be a good idea to pay for hosting
<arrrghhh> it would be much cheaper in the long run when you consider all the other setup things required
#ubuntu-server 2012-08-11
<RoyK>  
<disown> curious I am wondering is winbind and winbindd (the services) linux's service to make the linux samba software function as a domain controller. Essentially is all you need on your machine samba and windbind to make your computer into a linux domain controller ?
<disown> Or maybe that is the other way around allowing a linux computer to join a windows domain
<disown> Maybe I have them backwards
<disown> sinces I see in the nsswitch.conf examples of it used passwd files windbind so that means it checks first in the local password passwd file and then must check an AD on a windows machine . I am I correct
<disown> Am i correct
<disown> Let me put it another way is openldap services on a linux box the opposite of a winbind services on a linux box in that the first means linux is the DC and the latter means linux is joining a domain of a windows DC
<K3nn3th> Hi all :)
<K3nn3th> Im having an issue trying to install Ubuntu Server 12.04 - I start up the server with the CD in, it boots and everything is fine. After choosing how to format the disks i only have the purple screen, nothing more happens.. All my disks light up as busy, but has been standing like that the post 3 hours (as i thought it maybe was planned to have no partition status screen)
<K3nn3th> It is a Dell PowerEdgde 2850 server, 6 disks in RAID5 (standard raidcontroller, ubuntu recognize it just fine)
<yeats> K3nn3th: if you're still having the issue, you can do Alt-F4 to see the log messages to see what it's hanging on
<K3nn3th> yeats: ok thanks
<Gallomimia> hi. i've messed up my motd file somehow. It wasn't behaving so i removed some symlinks. Can anyone suggest a method of restoring the beautiful update/restart notifications and so on? Can I modify it to add more? A manual for this stuff would be great. it's a ubuntu server running 12.04
<patdk-lap> Gallomimia, there is a manual for it
<Gallomimia> i did find it in the #ubuntu channel thanks
<Gallomimia> sudo apt-get --reinstall install  update-notifier-common
<Gallomimia> and some googling for the last argument turned up some wiki pages on how to modify it
<Gallomimia> https://help.ubuntu.com/12.04/serverguide/pam_motd.html heh. i read the 10.04 page but it's the same text with a new stylesheet :P
<shenaniganz> hi, noob question plz, using ubuntu server 12.04, tried to remove the openjdk-7-jre and instead of removing it completely it also wants to install openjdk6, tried using purge, didnt help as well, anyone knows how to delete the java perm.?
<ClientAlive> I have a problem with my wireless connection and don't know how to solve it. I can't get any networking at all unless I plug the ethernet cable into the computer when I boot up. Being a laptop, I can't use it outside my own home because of this. Can someone help me fix this?
<disown> so really we have had a form of cloud computing in the begining with web based mail systems... And now they have service to do google doc ,...etc essentially the cloud was done a long time ago though improvements are always being made , hell the ubuntu one stuff was around awhile to that is or can be considered cloud
<disown> computing
<disown> nothing new
<disown> and I guess complaining about privacy issues in the cloud would fall back to privacy issues on a web based service as well. So nothing anymore is private which truely sucks.
<ClientAlive> I'm putting my problem up on ask ubuntu. My college classes start up on the 28th so I sure hope someone is able to help me before then (I take all online courses). Thanks.
<disown> it never was the government tries to control all this and there is a time and places. I agree some control is ok but most of today is to much control I would much rather have it less controlled and more problems then an invasion of privacy
<disown> in some aspects
<disown> but then of course it all get back to belief
<trentg> I've got a problem with a very long boot delay (112 seconds)
<trentg> Here is some context: http://pastebin.ca/2179291
<trentg> Any idea what's causing such a long delay and how to fix it?
<RoyK> [offtopic] can anyone help me find out if this SATA controller is connected to an 1x port by this lshw output? http://paste.ubuntu.com/1141634/
<jaaaaa> hello, i've been having a problem after updating via apt on precise
<jaaaaa> basically udev and resolvconf fail the install
<jaaaaa> this is what happens http://cl.ly/text/141Y2D0b171l
<RoyK> JanC: have you tried to apt-get dist-upgrade?
<RoyK> erm
<RoyK> http://www.techpowerup.com/forums/showthread.php?t=121432
<RoyK> how can I start this from the commandline?
<basil60> Hi wondering if anyone can provide advice on why my server (124.254.81.40) appears to work when I run tests across the web, but doesn't serve any pages? It's running on ubuntu 11.04
#ubuntu-server 2012-08-12
<jkyle> I've run up against the 12.04 lvm bug where volumes are not activated on reboot. is there a pathc or update I need to grab?
<pmatulis> jkyle: is the bug reported?
<Datz> hi, my crontab suddenly is missing all the sudden, and suggestions on where to look?
<uvirtbot> New bug: #1002398 in mysql-5.5 (main) "package mysql-server-5.5 (not installed) failed to install/: ErrorMessage: subprocess new pre-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1002398
<uvirtbot> New bug: #1004600 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1004600
<uvirtbot> New bug: #1008078 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1008078
<jacobw> hi, i'm interested in the mysql-cluster-server package in precise
<jacobw> the package was discontinued in precise, i'm looking for information about this
<jacobw> if it's within my abilities, i would be interested in helping out
<stgraber> hallyn: looks like half of our delta on lxc was merged upstream!
<RoyK> seems I didn't set autostart on degraded raid, and now I end up in initramfs / busybox - is there a way to do something useful in there, or is it just there to annoy people?
<RoyK> thing is, I boot with bootdegraded=1 and it goes directly to busybox. without bootdegraded=1, it prompts me if I want to boot with degraded raid, but doesn't take input from the usb keyboard, and after some seconds, it sends me to busybox
<RoyK> btw, this raid is not the root
<RoyK> seems to me the whole busybox thing is just a prank
<jml> perhaps the wrong channel. I'm getting back into Java development after taking a decade off
<jml> do I need to set JAVA_HOME in my environment on Ubuntu, or does the packaging take care of that?
<jkyle> pmatulis: there's a decent handful of bugs on lvm not coming up at boot, not sure which exact one applies yet
<jkyle> looks like update-initramfs wasn't run
<AlphaWolf> I have 2 drives, my boot drive and my media (external) drive. I get a fair bit of stuttering when streaming music/videos, and I was wondering if one of the HDD could be causing the slowing issues? The boot drive is very slow, but I thought it wouldn't be used since it's reading from the external drive? I used to have Windows Home Server installed on the same machine, but I never had any issues streaming. Any ideas?
<disown> curious can anybody tell me if I setup an http proxy server can I then just uses the proxy in my web browser on different machines to get internet thru the proxy server in though I don't have any dns server configured or any thing does the proxy take care of the dns and everything
<RoyK> wtf
<RoyK> seems ubuntu server fails totally if a raid is missing a drive
<RoyK> bootdegraded=1 set, it fails to busybox
<guntbert> RoyK: I seem to remember a bug where that option didn't make it into the kernel command line, you had to put it there yourself
<RoyK> guntbert: tried it
<RoyK> guntbert: still, the problem is any system should boot if a raid is missing a drive
<RoyK> guntbert: not booting a system with a missing drive is bullshit
<RoyK> and btw, this isn't even a boot device, it's a data set, raid-6 with a spare
<RoyK> should be able to allow for a dead drive
<guntbert> RoyK: I cannot completely agree (believing you do have a functional raid when you have not might be desastrous), but on servers I'd expect the admin to monitor closely anyway, so the default setting of false seems suboptimal :)
<RoyK> and btw, I'm a sysadmin
<RoyK> I know how these things work
<RoyK> I want a server to boot up properly even if a drive in a RAID-6 group has failed
<guntbert> RoyK: sure, I didn't imply anything else - https://help.ubuntu.com/community/Installation/SoftwareRAID suggests using /etc/initramfs-tools/conf.d/mdadm and setting BOOT_DEGRADED=true there
<RoyK> tried it - still fails - will try again
<RoyK> point is, that flag is ment to be for boot devices
<RoyK> I don't boot from a raid, I use that raid for data
<guntbert> RoyK: the kernel flag is meant for boot devices, yes, but the mdadm?
<RoyK> boot device is a single ssd
<RoyK> server still jumps into panic mode if the md device doesn't start correctly
<RoyK> that's wrong
<lifeless> How many impressions did that $18 yield to get that one sign up?
<RoyK> so utterly wrong I'll be reconsidering ubuntu for a server platform soon
<RoyK> as in, considering centos
<lifeless> hah, copy-paste-fail.
<RoyK> guntbert: please tell if you find a good reason for tossing the bootup into busybox for a single drive failure
<RoyK> in a raid-6
<RoyK> with a spare
<RoyK> or even a raid-5 without a spare
<guntbert> RoyK: no :-) - but this is no place for bug reports either
<guntbert> RoyK: please consider reporting a bug before moving :)
<RoyK> bug 1035958
<uvirtbot> Launchpad bug 1035958 in ubuntu "Ubuntu fails to boot with a dead drive in a RAID" [Undecided,New] https://launchpad.net/bugs/1035958
<RoyK> whatever they were smoking when they found out jumping into busybox if a drive fails
<RoyK> I need to test that stuff - it must be good
<guntbert> RoyK: what is a raid6?
<RoyK> http://en.wikipedia.org/wiki/Raid6#RAID_6
<PatrickDK> royk, much like this bug: https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/872220
<uvirtbot> Launchpad bug 872220 in mdadm "Fails to boot when there's problems with softraid" [High,Triaged]
<RoyK> PatrickDK: seems like the same thing
<RoyK> I can't beleive such a bug has been left unfixed for such a long time
<RoyK> they want people to run servers on this thing?
<PatrickDK> :)
<PatrickDK> why I test everything pretty closely
<PatrickDK> still a few show stopper bugs in precise stopping me from upgrading
<PatrickDK> I upgraded one of my desktop machines from lucid to precise yesterday, took me 8hours :(
<RoyK> perhaps reinstalling on lucid will fix it
<PatrickDK> and that was to do a reinstall only :(
<PatrickDK> cause upgrade kept failing
<PatrickDK> have to spend a few days this week, getting my stuff all sorted out
<RoyK> I hope the ubuntu guys or canonical will fix this
<PatrickDK> I have two clients thinking about payed ubuntu server support
<RoyK> it's rather disasterous to disallow a system with a broken drive in a raid set to boot
<PatrickDK> ubuntu really needs to add some other pricing models
<RoyK> seems to me ubuntu needs more QA before they release things
<PatrickDK> that isn't in a qa test set
<PatrickDK> only boot raid, not dataset raid
<RoyK> dataset raid shouldn't stop a bootup
<RoyK> even if it was broken
<RoyK> even single mode fails
<RoyK> meaning: someone in the ubuntu team was smoking something rather good
<hallyn> stgraber: oh really.  sigh, maybe i need to spend the next week on one bug humongous merge :)
<hallyn> unless you're already doing it!
<hallyn> jjohansen: are you around by chance?  Just wondering if you're still using your efika smarttop, and, if so, what image you're using
<hallyn> (if you're not, i'll go ask infinity over in an arm/linaro channel)
<jjohansen> hallyn: I haven't been using it, I have been meaning to try the linaro kernel on it since it has been reported to be working but I just haven't had the time
<hallyn> just wasted an hour trying to set it up headless (no hdmi sitting around) bc i didn't realize it was running network-manager.
<hallyn> jjohansen: ok, thanks
<hallyn> jjohansen: so the last thing you had on it was maverick?
<jjohansen> hallyn: no, I had natty or oneiric.  It was doable as along as you edited the apt/sources manually instead of using the graphical update manager, basically you needed to keep the older effika-mx kernel and flashkernel, and the ubuntu versions could brick your device
<hallyn> oh i'm using no gui...  purely headless.  was a bit of a pain until i realized network-manager was running and messing with me
<jjohansen> I ran into problems with the last upgrade though and needed to do a clean install, and just haven't yet
<jjohansen> hallyn: yeah I got to where I was running headless too
<jjohansen> at first I couldn't because their earlier kernels had a bug where they wouldn't boot unless a monitor was attached
<hallyn> jjohansen: i'm away from home and don't have any hdmi, so had no choice.  required bootstrapping from a gentoo sd card bc sshd wasn't running by default
<hallyn> oh yeah i heard about that
<hallyn> i was fjeered it would affect me, luckily didn't
<jjohansen> hallyn: they also have a debian hf image I have been meaning to try
<hallyn> yeah i saw that one (after i dd'd the gentoo one).  i'll fall back to that one if i need to.
<jjohansen> hallyn: I keep meaning to get it backup but my play time has been with my transformer tablet
<minashokry> Hello, while upgrading my server from ubuntu 10.04 to 12.04 I had problems and now many packages are left unconfigured. when I run "dpkg-reconfigure -a" I see a message from AddUser package asking about home directories privacy, whatever I answer yes or no, it appears again repeatedly. Anyone can help?
<hallyn> minashokry: what is the exact msg
<minashokry> it is a very long message appear on a blue background. It asks me about if I want to make home directories readable only by owners or by everyone, then says this will apply on newly created users. then do you want to do that? (yes, no)
<hallyn> minashokry: sorry, i don't recognize it.  might check /var/log/apt/term.log and /var/log/dpkg for some more info
<minashokry> hallyn: exact message is that "By default, users' home directories are readable by all users on the system. If you want to increase security and privacy, you might want home directories to be readable only for their owners. But if in doubt, leave this option enabled. This will only affect home directories of users added from now on with the adduser command. Do you want system-wide readable home directories?
<minashokry> hallyn: this is output of tail /var/log/apt/term.log
<minashokry>  icedtea-netx
<minashokry>  libgd-text-perl
<minashokry>  libgd-graph-perl
<minashokry>  libgd-graph3d-perl
<minashokry>  openjdk-6-jdk
<minashokry>  vim-gnome
<minashokry>  ghostscript
<minashokry>  gs-cjk-resource
<minashokry> Processing was halted because there were too many errors.
<minashokry> Log ended: 2012-08-12  06:38:18
<hallyn> minashokry: ah.  you wanted to run dpkg-configure -a, not dpkg-reconfigure -a
<minashokry> hallyn: oh.. let me try
<minashokry> hallyn: dpkg-configure: command not found
<hallyn> sorry, 'dpkg --configure -a'
<hallyn> minashokry: ^
 * hallyn out
<minashokry> hallyn: I get this output http://pastebin.com/d0bvp4DY
<minashokry> hallyn: thanks I passed the problem
<zaitzev> evening people
<zaitzev> anyone here happen to be running Cherokee?
#ubuntu-server 2013-08-05
<max64> if i have an IP address .. can i detect his geographical location percisely?  and how?  thanks
<virusuy_> max64: yes, with geoip
<jkitchen> I wouldn't call it "precisely" though.
<virusuy_> it's a program that you can install from repos
<jkitchen> not like you're gonna get his address.
<virusuy_> yeah, not 'that' precisely
<virusuy_> but at least you'll now the country
<virusuy_> or state
<jpds> max64: sudo apt-get install geoip-bin; geoiplookup $IP
<max64> no other method possible to detect his percise point location?
<jpds> max64: What are you trying to do to this poor IP?
<max64> i'm trying to learn only no other that it
<jpds> Uh-huh.
<virusuy_> max64: basically it's really hard to you know that information
<max64> :) thats ok
<ag763> anyone know why a wireless nic wouldn't start on boot?  its config is in the interface file and 'ifconfig wlan0 up' works fine.  working on setting up an AP
<ag763> take it no one has run into anything like that
<Matrix3000__> need some help with ldap, i've followed both https://help.ubuntu.com/community/ActiveDirectoryHowto and https://help.ubuntu.com/community/LDAPClientAuthentication?highlight=%28%28OpenLDAPServer%29%29
<Matrix3000__> I was able to get ldapsearch to work, but it keeps on saying it couldn't validate the password.
<Matrix3000__> I am going up against a windows server 2003 domain controller
<bkboggy> hi guys, I'm new to Linux/Servers... I just installed the "server" version of Ubuntu and I'm trying to install Apache 2 package... so I typed in    sudo apt-get install apache2   and got back information about the package and how much space it'll take to install, i confirmed it and then got a list of errors that say in essense that there is a failure resolving 'us.archive.ubuntu.com'
<bkboggy> and then a list of failures to fetch archives..... i tried sudo apt-get update and got failures messages as well
<bkboggy> any ideas how to fix it?
<jpds> bkboggy: Your DNS is broken.
<bkboggy> how do i fix it
<jpds> bkboggy: Found out when your proper DNS nameservers are, and set them correctly in /etc/network/interfaces
<bkboggy> jpds: so, I have the IP address for the DNS servers, I am a bit confused on the setting part... I'm not familiar with linux terminal commands
<bkboggy> do i just type /etc/network/interfaces and then type DNS servers... or?
<jpds> bkboggy: No.
<jpds> bkboggy: You type: sudo nano /etc/network/interfaces
<bkboggy> jpds: and then it'll have options for me?
<jpds> bkboggy: And somewhere in your interfaces definition, you need a "dns-nameservers IP.ADD.RH.ERE" line somewhere.
<bkboggy> oh, so it's like a text file?
<bkboggy> *configuration file
<jpds> bkboggy: Yes.
<bkboggy> i see, thank you very much
<bkboggy> i will be right back if i have more problems :)
<Matrix3000__> wish someone could be that helpful with ldap auth on a windows server 2003 domain haha libnss-ldap is not being friendly to me
<jpds> Matrix3000__: Well, you could always go for something like: https://shop.canonical.com/index.php?cPath=41_39
<Matrix3000__> haha, don't need that for a whole server haha
<Matrix3000__> already have it working with kerb
<Matrix3000__> why waste the money
<jpds> Why's it a waste of money if you get an answer from a expert? Anyway.
<Matrix3000__> It's not a necessity
<Matrix3000> ll
<Matrix3000> there we go
<Matrix3000> was wondering why I had the _
<DenBeiren> i'm planning on building a testing device based on some old (small) hdd's i have lying around,..
<DenBeiren> in the future, the hdd's would need to be swapped for bigger ones
<DenBeiren> can i put 6 hdd's in software raid, and have boot, root, home and data on lvm's?
<DenBeiren> or should i pick one disc for boot, root and swap and have home and data on raid and lvm?
<jpds> DenBeiren: It's a test machine, good and try it.
<jpds> s/good/go/
<DenBeiren> yes, ofc, but is it a good idea to spread boot root and swap over raid and lvm?
<jpds> DenBeiren: Everyone will tell you a different answer based on their experience. I don't see why not, you don't want your /boot not to not survive a disk failure.
<DenBeiren> uhu
<DenBeiren> and are there any tuts out there to migrate to bigger disks? cfr rebuild raid, expand lvm etc
<DenBeiren> I've been getting this message for quite a while now,.. should i be worried? *** /dev/mapper/samantha-data will be checked for errors at next reboot ***
<DenBeiren> seems like it is never checked
<jamespage> Madkiss, around? I'd like to pull ceph-deploy into the pkg-ceph team for Debian if thats OK with you.
<Madkiss> jamespage: i haven't touched the package in ages, but sure, please go ahead
<jamespage> Madkiss, ta
<jamespage> Madkiss, I should have spotted your ITP before I packaged it for Ubuntu - that was my bad :-(
<wiehan> Hi. I'm having some issues with my first ubuntu server install with a RAID setup. I have a Asus p8 H77 MLE mobo and it says it supports RAID (It doesn't specify whether it's actual physical or Fake RAID), but nonetheless the problem comes in when I start to setup the ubuntu server. Firstly I am unsure at this screen http://bayimg.com/GaOAHAAeC what to choose. These are some other pics of the RAID config http://bayimg.com/gAOAg
<wiehan> aaeC  and  http://bayimg.com/GAoafAAec
<wiehan> If I've set RAID at a hardware level, i.e. the mobo, what does it mean when ubuntu server asks me "One or more drives containing Serial ATA RAID configs have been found... Activate Serial ATA RAID devices"?
<Madkiss> jamespage: no need to apologize; you were the guy to spend time uselessly ;-)
<jamespage> Madkiss, not much tbh
<wiehan_> I Need some help with RAID setup in ubuntu server.
<wiehan_> What does it mean: "one or more drives containing Serial ATA RAID configs found... activate Serial ATA RAID devices?" I've setup a RAID1 in the mobo, I don't know what to choose at this screen
<Madkiss> jamespage: every second is too much. :P
<wiehan_> Anyone that can assist with RAID setup? Please.
<frojnd> Hm, anyone here OpenVPN server side experienced user? :) Trying to setup up in a way when client is using OpenVPN _ALL_ the data goes through OpenVPN, not just reaching the server...
<frojnd> Hm
<frojnd> I'm reading this doc: https://help.ubuntu.com/12.04/serverguide/openvpn.html correct me if I'm wrong, but when using Adcanced configuration -> Advanced router VPN configuration on server I should be able to browse the internet with server's ip while using OpenVPN?
<frojnd> Instead, I can't even ping 8.8.8.8 but only server with ping 10.8.0.1
<mic_> routing?
<mic_> tried mtr?
<frojnd> mic_: mtr?
<mic_> see where it stops.
<mic_> apt-cache search mtr
<mic_> and then apt-get install mtr
<mic_> it's a better traceroute
<mic_> and check your routing.
<frojnd> ko installed
<frojnd> mic_: simple configuration works..
<frojnd> https://help.ubuntu.com/12.04/serverguide/openvpn.html#openvpn-simple-server-configuration I can reach server on lan
<frojnd> now I'm trying to use internet as well
<frojnd> In documentation says: If you want to reach more servers or anything in other networks, push some routes to the clients. DONE: push "route 10.0.0.0 255.0.0.0"
<frojnd> And then it further says: If enabled, this directive will configure all clients to redirect their default network gateway through the VPN, causing all IP traffic such as web browsing and and DNS lookups to go through the VPN (the OpenVPN server machine or your central firewall may need to NAT the TUN/TAP interface to the internet in order for this to work properly).
<frojnd> mic_: this mtr is X11 package
<mic_> it can do x11
<mic_> but it's also console.
<mic_> so you have two issues - check if you have proper routes
<mic_> and then - since these people connect from private addressess - make sure you nat the stuff
<frojnd> mic_: 1194 port is opened with ufw
<frojnd> on server side
<frojnd> oh, btw, you mean I check routes while connected to OpenVPN with client?
<mic_> yes.
<mic_> and then try also experimenting with your firewall turned on and off
<frojnd> Hm.. when mtr 8.8.8.8 while connected to openvpn it gives me nothing
<aruna__> when Installing ubuntu server, and RAID 1 setup in Bios, What do I select when it asks me "SATA RAID devices found... activate them?"
<mic_> frojnd: then your stuff dies immediately on the machine
<mic_> frojnd: check routing & NAT.
<DenBeiren> thanks jpds
<frojnd> mic_: netstat -rn says: http://sprunge.us/XaJf
<DenBeiren> hmm,.. i must be overlooking something in the samba config
<frojnd> mic_: don't know exactly what am I looking at in order to find out what might go wrong
<DenBeiren> i set up the workgroup, the share and added a sambauser
<DenBeiren> anything i am missing? i can't connect to my share :s
<frojnd> mic_: where it say ext.e.r.nalIP it's server's IP
<mic_> frojnd: try to use ip r l
<mic_> frojnd: it shows the route information in a bit friendler mode
<mic_> frojnd: and from that it seems yuo have to default gws
<mic_> two default gateways.
<frojnd> mic_: netstat ip r l ?
<mic_> frojnd: ip route list
<mic_> ip is a command.
<frojnd> ah ok
<mic_> frojnd: what I told is pretty much all from the generic bag of pointers - because I am not an OpenVPN expert.
<frojnd> mic_: it's ok, I bet you know alot more about networking than me: http://sprunge.us/RdbW
<frojnd> and I appreciate your help
<frojnd> mic_: this is ip route list while I'm not using OpenVPN on a client: http://sprunge.us/hKjJ
<mic_> frojnd: can you ping things in the local network of the VPN server?
<frojnd> I can ping from client to server. I can ping 10.8.0.1 (server) from client and I can ping 10.8.0.5 (client) from server
<mic_> anything else on that remote network?
<frojnd> mic_: jst nginx and gitolite
<mic_> frojnd: in terms of machines ;)
<mic_> frojnd: did you setup the NAT as the manual was saying?
<frojnd> mic_: no :) It's somewhere it data centers..
<frojnd> mic_: I've added those commands
<frojnd> push "redirect-gateway def1 bypass-dhcp"
<frojnd> server 10.8.0.0 255.255.255.0
<frojnd> ifconfig-pool-persist ipp.txt
<frojnd> push "dhcp-option DNS 10.0.0.2"
<frojnd> push "dhcp-option DNS 10.1.0.2"
<frojnd> bah.. let me paste it, sorry for multiline
<frojnd> mic_: http://sprunge.us/ciDR
<frojnd> that's server.conf without empty lines and lines starting with '#'
<frojnd> I've explicitly followed rules and red the text so I understood what spesific command means but maybe I missed something
<mic_> I am just wondering about that NAT
<frojnd> mic_: the only thing I didn't do was: uncomment user nobody, group nogroup
<mic_> I am not sure OpenVPN does natting
<mic_> and you probably have to use iptables to set it up.
<frojnd> mic_: hm can you guide me thrugh? I was using ufw till now :) didn't have much ports to open
<mic_> frojnd: I am afraid you have also a bit of reading ahead
<mic_> frojnd: ufw, ok. Make sure you read about NAT and its purpose in this case (and how to set it up)
<mic_> frojnd: I can tell you that in iptables it's the MASQUERADE and SNAT targets
<mic_> frojnd: I am not trying to sound like a condescending bastard, but checking details about that will really pay off
<frojnd> mic_: what exactly would I have to do in iptables/ufw
<frojnd> probably everythinh that says here in docs? push routes to client
<mic_> push routes - one thing
<mic_> and you seem to be doing that. Second part
<mic_> is to setup the NAT, so that your VPN clients can in fact access the Internet
<mic_> and that's necessary, because their addresses are in the 10.0.0.0 network
<mic_> right? ;)
<frojnd> mic_: yeah, that's how I set it up in server.conf for OpenVPN, but before that there was no "LAN"
<frojnd> Maybe I found something relavant: https://wiki.archlinux.org/index.php/OpenVPN#Configure_ufw_for_routing
<Ennea> i have a problem: i have no idea where the "nologin" dummy shell is. it's not in /sbin/, as several guides suggest. it's there, though. i just don't know where. running 12.04. any ideas?
<ogra_> try /usr/sbin
<Ennea> there it is. thanks a bunch. do you have an explanation for why it's there?
<ogra_> i think its there since forever in debian/ubuntu ... not sure thugh
<indistylo> Folks I had installed Jboss AS 7 Server on ubuntu 12.04 following this link (https://www.digitalocean.com/community/articles/how-to-install-jboss-on-ubuntu-12-10-64bit ), I am having port conflict problem, not able to login at Jboss Admin console. Port 127.0.0.1:8080 tomcat6 is being used and by default Jboss also using localhost. Please suggest how to fix it
<indistylo> Folks I had installed Jboss AS 7 Server on ubuntu 12.04 following this link (https://www.digitalocean.com/community/articles/how-to-install-jboss-on-ubuntu-12-10-64bit ), I am having port conflict problem, not able to login at Jboss Admin console. Port 127.0.0.1:8080 tomcat6 is being used and by default Jboss also using localhost. Please suggest how to fix it
<pmatulis> ok
<pmatulis> ok
<indistylo_> Folks I had installed Jboss AS 7 Server on ubuntu 12.04 following this link (https://www.digitalocean.com/community/articles/how-to-install-jboss-on-ubuntu-12-10-64bit ), I am having port conflict problem, not able to login at Jboss Admin console. Port 127.0.0.1:8080 tomcat6 is being used and by default Jboss also using localhost. Please suggest how to fix it
<mollerup> indistylo_: change the listening port of one of the services ? your choice.
<indistylo_> mollerup, How?
<mollerup> cant remember which config file its in, sorry been ages since ive played with either jboss or tomcat
<jamespage> indistylo_, try uninstalling tomcat6
<indistylo_> jamespage, i need that too for development purpose
<jamespage> indistylo_, OK - /etc/tomcat6/server.xml should have the port definitions in it
<jamespage> OR
<jamespage> you could add an IP alias to the server the run JBoss on the alias
<jamespage> indistylo_, I think "-b <IP alias>" should do the trick when starting JBoss
<jamespage> you might need to restrict where tomcat6 runs as well
<indistylo_> trying to fix it
<indistylo_> jamespage, trying to fix it
<yolanda> hi, is there any charm that generates some ssh key and passes it into the relationship? i need to do something like that and i'd like to have some sample
<jamespage> yolanda, hmm - yes
<jamespage> yolanda, I think the nova-cloud-controller and nova-compute charms do that
<yolanda> ok, let me take a look
<jamespage> to setup live instance migrations over SSH
<yolanda> i need that for gerrit-zuul
<wiehan> I urgently need some help setting up  software raid on ubuntu server... I have read the guides (most of them are old). I need help with the ubuntu server 12.04 partitioning screen. I am at the stage where I can see SCSI1 (0,0,0) (sda) 3TB and SCSI2 (0,0,0) (sdb) 3TB. My goal is to have a software RAID1 for my home server
<xnox> wiehan: https://help.ubuntu.com/lts/serverguide/advanced-installation.html#software-raid
<yolanda> jamespage, is ok to setup that ssh keys on the joined hook? i'm finding that sometimes it's correctly grabbing the key, but other times isn't, and exactly with the same process all the time
<wiehan> How do I achieve the above?
<xnox> wiehan: the guide tells exact steps.
<msafi> How can I know if a server have SFTP installed and can listen in on connections?
<wiehan> xnox ty, this is the best guide so far
<wiehan> xnox, I am having trouble where the Bootable Flag: off can't be changed to on??
<wiehan> I can't make a partition bootable in the manual partitioning??
<Lcawte> Hi, I have a VPS running 12.04, and I was wondering if I can get some help with ip routes, at the moment I'm using a command everytime the server reboots to add the route (ip route add 10.33.252.0/24 via 10.33.252.76) but I need to add the route into whatever config so its permenant. I read somewhere it is something to do with /etc/network/interfaces, mine is http://pastebin.com/0usYa7WG ... any i
<dv81> can i update 13.04 to the next LTS when it comes out?
<resno> dv81: sure
<patdk-wk> dv81, no
<patdk-wk> 13.04 can only be upgraded to 13.10
<dv81> patdk-wk: how so?
<patdk-wk> 13.10 and 12.04 can be upgraded to 14.04 (likely the next lts)
<dv81> right ok, thanks :)
<Lcawte> Hmm, I see my client cut the end off my question, it was "any idea how I do that?" :)
<resno> patdk-wk: you cant upgrade none lts to lts?
<resno> or did i misunderstand the question
<patdk-wk> resno sure you can
<patdk-wk> you can only upgrade lts -> lts
<patdk-wk> or release to release
<patdk-wk> not release (skip next) to lts
<resno> ah
<resno> gotcha
<patdk-wk> so 13.10 -> 14.04 ok
<patdk-wk> 13.04 -> 14.04, bad
<patdk-wk> 13.04 -> 13.10 -> 14.04, ok
<resno> ok
<resno> i misunderstood the question then
<dv81> if my 13.04 gets updated to 13.10, and then to the 14.04 LTS, will the install be the same as an 14.04 LTS install?
<patdk-wk> no
<dv81> patdk-wk: what's the difference? :)
<patdk-wk> dunno, 14.04 isn't out
<dv81> i believe when using an LTS release, it only checks for a upgrade to the next LTS?
<patdk-wk> but there can be slight differences and compatability and packaging things
<patdk-wk> the big one was, for 12.04, grub wsa not updated, but kept the same
<ScottK> For all practical purposes it will be the same.  There are sometimes things it safe to do on install, but not on upgrade (migration from grub1 to grub2 is an example), but they are rare.
<ScottK> patdk-wk: Yes, because there's no sane way to do it.
<patdk-wk> yes, so it won't be the same, but should be functionally equiv and 99% the same
<patdk-wk> but this is why people spend time to create *release notes*
<patdk-wk> why do people not read these things?
<dv81> patdk-wk: i am now :)
<patdk-wk> well, 14.04 doesn't exist, so alittle hard to do that now :)
<dv81> so for a production server, i should really be using 12.04 and only be updating to the next LTS?
<patdk-wk> that is up to you
<dv81> i refer to 14.04 just as the next LTS :)
<patdk-wk> lts is good for 5 years
<patdk-wk> non-lts is 18months
<patdk-wk> how long do you want your server to function, without changes?
<resno> patdk-wk: how long do you stay on a version before jumping to the next?
<patdk-wk> resno, till, I prove the next version is stable
<patdk-wk> it took me 8months to get my issues with 12.04 solved
<patdk-wk> it took me a year to then upgrade everything
<resno> you have more then 50 servers?
<ScottK> Actually non-LTS is 9 months now (starting with 13.10)
<resno> im curious what stablity issues occur from version to version
<patdk-wk> resno, I start my testing long before release
<patdk-wk> resno, only like 40 or so linux servers at the moment
<patdk-wk> breaking 370 windows servers
<resno> patdk-wk: you moving from one to oter, or just as needed b clients?
<patdk-wk> heh?
<resno> are you dumping linux in favor of windows? or do your numbers represent client needs/requests
<patdk-wk> neither
<wiehan_> hi
<wiehan_> I really need assistance with Ubuntu Server software Raid setup. The following two guides https://help.ubuntu.com/lts/serverguide/advanced-installation.html#software-raid http://www.howtoforge.com/how-to-install-ubuntu8.04-with-software-raid1 has reference
<wiehan_> Both are outdated. And Both Fails.
<xnox> wiehan_: define outdated? server guides are published for each ubuntu release and are up to date.
<wiehan_> I cannot get a Grub2 bootloader 2 install with the ubuntu server installation promtps. It fails every time. I have tried to leave a bios-boot-partition. I have tried leaving a separate /boot on one drive, I have tried making a RAID boot partition. But nothing works. The guides are outdated. There are parts in the guides that says" Make this partition bootable, but unfortunately the installer doesn't allow that on occasions
<wiehan_> where you select use as raid-volume
<xnox> wiehan_: starting from https://help.ubuntu.com/ pick your version, and select appropriate server guide.
<wiehan_> I am using ubuntu 12.04 server
<xnox> wiehan_: "marking partition as bootable" is not necessary at all (grub doesn't need it)
<mollerup> wiehan_: which format did you choose on the partition table ?
<wiehan_> xnox ok, but the GRUB installer still fails, every time
<xnox> wiehan_: it's best to leave off the beginning of the partition (e.g. 4MB) such that grub for sure has enough space in the beginning to install its bootcode.
<xnox> wiehan_: swithc to TTY4 and tell us what the errors from grub are?
<wiehan_> xnox, I will leave a 10mb partition for Grub and try that too. But this solution offers its own problems, i.e. GRUB won't be mirrored like the other data - what's the point of having a RAID 1? Secondly, what filesystem and what mount point should be selected for this 4 (or 10mb) partition
<xnox> wiehan_: you should install grub on to both drives, into mbr. E.g. /dev/sda and /dev/sdb. Your /boot should be on the raid device and thus also mirrored on both drives.
<xnox> wiehan_: one only ever boots from one mbr, thus the fallback here is, that you can boot from either of the drives.
<xnox> (if one of the drive happens to fail for example)
<wiehan_> xnox, ok, So I should then create 3 partitions on each drive and software RAID them together. The new one being /boot.
<wiehan_> xnox, I am doing what you said now (I believe that I have tried exactly this earlier today - and it failed)
<wiehan_> xnox for creating the 3 Partitions Swap, / , /boot I am following this guide: https://help.ubuntu.com/12.04/serverguide/advanced-installation.html verbatim
<wiehan_> xnox I have two 3tb seagate drives just btw
<xnox> 3 partitions on each drive, creating 3 raid1 devices (one for each of the partitions) ?
<xnox> and it should be "_____ /boot, /, swap" since one should have /boot earlish on the disk (physically)
<wiehan_> xnox will 15mb for /boot suffice? And what does "______ /boot" imply
<xnox> wiehan_: no, 15mb is not enough. a single kernel is 50MB ....
<xnox> (with extra & optional modules)
<xnox> wiehan_: 300 MB is default, but I tend to use 500 MB for /boot
<wiehan_> xnox I will make /boot 500mb
<xnox> wiehan_: and ext2 without journal for /boot, otherwise you loose space for nothing.
<wiehan_> so on both drives I first make the three partitions and select use as "physical volume for RAID"
<mollerup> grub2 probably wont install because of the GPT partition table and lack of a partition marked with bios_grub: on
<wiehan_> or for /boot must I select ext2 straight away?
<wiehan_> mollerup, I have briefly seen a similar explanation somewhere else, could you please adumbrate ;)
<mollerup> http://velenux.wordpress.com/2012/07/12/grub-failing-to-install-on-debianubuntu-with-gpt-partitions/
<mollerup> i have experienced that when setting up partitions manually
<wiehan_> mollerup, Ok so what you are saying is install it, and let it fail, continue without grub, but how do you install this if you can't boot into anything?
<mollerup> and you could always just install default on a single disk and convert to raid1 after with this: http://raider.sourceforge.net/
<mollerup> livecd can fix the missing grub after install, but you could just setup the partitions correctly from the beginning.
<wiehan_> mollerup, I can't believe that one cannot install a software RAID 1 by default and that you have to use something like RAIDR
<mollerup> I must confess ive never done md-raid on any setups, never had to.
<wiehan_> mollerup, if you're willing to assist, I would like to do it right from the installer
<mollerup> wiehan_: you should be able to get it from the beginning, if you get the partition-table right.. that is a different problem, unrelated to md-raid
<wiehan_> mollerup, http://bayimg.com/KAOCNaAEC does this look right thus far?
<wiehan_> Now going into the "Configure Software RAID screen"
<xnox> mollerup: grub2 can handle gpt, and it really does not care about partitions marked for anything.
<wiehan_> xnox can you have a look at that link and see whether it looks good up to this point.. I've literally been pulling my hair out this whole day about this
<xnox> wiehan_: yeah, looks ok.
<wiehan_> xnox and mollerup now after the software RAID config it looks like: http://bayimg.com/mAoCgaaEc
<wiehan_> xnox and mollerup still on the right track?
<mollerup> wiehan_: looks ok, partition-wise
<mollerup> xnox: yes grub2 works fine on GPT if you set up partitions correctly, if you dont have the free space and boot_grub you will get the error in the blog that I linked earlier, been there done that ...
<wiehan_> mollerup, xnox here are the crucial partitioning specifics, is this all correct? http://bayimg.com/MaOcMaaec
<mollerup> looks ok to me
<msafi> How do I specify the initial path for the user when he logs in with sFTP? (I want to give him root access)
<wiehan_> When it ask: Do you want to boot your system if your RAID becomes degrade? What do I choose?
<mollerup> wiehan_: yes, else it wont boot if one of the disks are missing ...
<mollerup> msafi: define root access ? normal user with / as his homedir ? or real root with access all areas ?
<msafi> mollerup, normal user with / as his homedir :)
<mollerup> msafi: then just set that as the users homedir with usermod
<msafi> mollerup, I get "sftpuser is currently used by process 7420" Do you kow why that is?
<mollerup> msafi: is the user logged in ?
<msafi> mollerup, Maybe he was. I killed the process and it sorta shutdown the whole thing. I restarted and set the directory like you told me! :D
<wiehan_> mollerup, xnox all went well, grub2 said it installed without a hitch but now When I rebooted: Black screen: Reboot and select proper Boot device or Insert Boot Media in Selected Boot device and press a key... dope!!!!
<a|3x> hi
<a|3x> i am having issues mounting encrypted volume
<a|3x> i am 100% sure the password is right, i've used it before
<a|3x> i've set it up to mount at boot with /etc/crypttab
<a|3x> it tells me this error when i enter the password:
<a|3x> modprobe: FATAL: Error inserting padlock_sha (/lib/modules/2.6.32-38-server/kernel/drivers/crypto/padlock-sha.ko): No such device
<a|3x> if i enter the password again, it doesn't show me this error any more
<a|3x> my system partition is unencrypted and i can boot if i skip, but after boot, i can't mount it either
<sarnold> a|3x: do you have the corresponding VIA hardware for the packlock-sha?
<a|3x> its a virtual machine running on vmware esxi 5 / vsphere
<a|3x> this used to work a few months ago :(
<a|3x> when i last booted it
<sarnold> a|3x: eh, perhaps something just modprobes everything that says it can do sha sums.. does lsmod show anything that looks like it might also provide sha family of hashes?
<a|3x> also, one time i tried to mount from terminal after booting, it told me 'device is busy'
<a|3x> lsmod: http://pastebin.com/YQWXQhRE
<sarnold> a|3x: woo, sha256_generic. I think that first error message about padlock is not a problem in your environment.
<a|3x> its fatal
<a|3x> not a warning
<sarnold> a|3x: it is fatal to that specific invocation of modprobe, yes, but I don't think it is fatal to the larger operation
<a|3x> then why doesn't my password work
#ubuntu-server 2013-08-06
<shawn1> Could anyone help me?  I'm experiencing a problem similar to what is described here:
<shawn1> http://lists.freebsd.org/pipermail/freebsd-questions/2004-September/058852.html
<shawn1> But my ubuntu 12.04 LTS server doesn't seem to have an /etc/rc.conf file
<shawn1> So I don't know where to implement the answer given in that article or even if that answer is relevant on my version of Ubuntu Server
<sarnold> shawn1: you're getting "permission denied" when you're trying to ssh to a specific server?
<shawn1> yes.  Let me copy and paste my own outputs
<shawn1> Shawns-MacBook-Pro:~ shawnshipley$ ssh -vvv 192.168.1.255
<shawn1> OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
<shawn1> debug1: Reading configuration data /etc/ssh_config
<shawn1> debug1: Applying options for *
<shawn1> debug2: ssh_connect: needpriv 0
<shawn1> debug1: Connecting to 192.168.1.255 [192.168.1.255] port 22.
<shawn1> debug1: connect to address 192.168.1.255 port 22: Permission denied
<shawn1> ssh: connect to host 192.168.1.255 port 22: Permission denied
<sarnold> shawn1: I have a wild guess that your laptop and your server do not agree on netmask or their network address
<shawn1> how can I fix that?
<sarnold> shawn1: you'll have to find the correct settings to use, probably from your router, and then ensure that your server and your macbook both have the same settings for netmask, broadcast, and so forth
<sarnold> shawn1: (the 'permission denied' here is probably because you're trying to ssh to a broadcast address, for a network 192.168.1.0 and netmask 255.255.255.0 (a /24))
<sarnold> shawn1: if you manually assigned an IP address for your server, don't use .255. :)
<shawn1> I didn't manually do that.  Why would that present a problem, though? (just so that I understand for future reference).
<sarnold> shawn1: normally the 'last' address in a network range is a broadcast address that can be used to contact all hosts in a subnet. but it only works with UDP and ICMP, not TCP, and it requires superuser privileges, and most hosts don't respond to broadcast ping requests any more anyway :(
<sarnold> shawn1: so, if your network is 192.168.0.0 and the netmask is /16, the broadcast address would be 192.168.255.255; if the network is 192.168.0.0 and the netmask is /24, then the broadcast is 192.168.0.255.
<shawn1> .255 is the global address, .5 is the local address, but it won't ping to .5
<sarnold> shawn1: it's not always 255, that's just convenient with /8 or /16 or /24 netmasks -- but it does stand out clearly here :) hehe
<shawn1> This is an odd question, but is your name Sarah Arnold?
<sarnold> shawn1: indeed no, seth arnold. hehe. :)
<shawn1> I know a Sarah Arnold, so I was just wondering
<shawn1> My question:  Do you know a way that I can completely reset the router?
<shawn1> I configured it in windows and then later had to reinstall windows and it would only let me connect as a guest.
<sarnold> shawn1: depends on the router. often holden the power button for twentyseconds or something will zero the memory.
<shawn1> It'll completely reset everything and let me reconfigure?
<ag763> Any ideas on why wlan0 wouldn't start on boot when configured in interfaces file but does with 'ifconfig wlan0 up'
<sarnold> shawn1: quite often; it varies from vendor to vendor, but that's a good first shot. hehe. :)
<sarnold> ag763: pastebin your interfaces?
<ag7631> sarnold, http://pastebin.com/1CGSyeQK
<sarnold> ag7631: do you need a module loaded first? maybe add the module name to /etc/modules?
<sarnold> ag7631: hope that helps, it's time for me to bail :) have a good night, have fun
<sarnold> shawn1: any luck with 20-seconds? :)
<ag7631> sarnold, I would expect to see a dmesg or syslog error for that right?
<sarnold> ag7631: hrm. dunno. seems plausible though :)
<ag7631> sarnold, looking through both I don't see anything.  I can start it right after booting without any issues, seeing nothing in dmesg or syslog I'm at a loss.
<shawn1> Netgear can be frustrating....
<shawn1> Okay.  I think I found what I needed
<shawn1> the netmask address matches
<shawn1> I was making a very dumb mistake!
<shawn1> I was accidentally trying to ssh the broadcast address
<shawn1> I'm connected remotely
<shawn1> VICTORY!!
<shawn1> (you can tell that I'm new at working with servers)
<shawn1> Thanks, Sarnold
<anepanaliptos> how do we ceck the health of a filesystem?
<virusuy> anepanaliptos: fsck /filesystem
<virusuy> a good practice is umount that filesystem first
<virusuy> and you fsck the partition
<anepanaliptos> what can do you do over ssh
<anepanaliptos> ?
<anepanaliptos> is there anything just to show the health 'status' so to say?
<virusuy> well, fsck is the most secure way to see if a filesystem is health or not
<virusuy> do you have any kind of read/write errors or something?
<anepanaliptos> well i just ran the server too many times on/off the harsh way
<anepanaliptos> and i just want to make sure the disks are ok
<virusuy> anepanaliptos: uhmm, fsck all th way
<virusuy> but , yeah, its really importat unmount those filesystem first
<anepanaliptos> yeah i once did it mounted
<virusuy> and also there is a way to force fsck before boot in the next reboot / power on
<anepanaliptos> made everything brand new
<anepanaliptos> o yeah? how's that?
<virusuy> uhmm .. i didn't recall, but let me search for you
<anepanaliptos> oh no that's ok
<anepanaliptos> ill rtfm
<anepanaliptos> im not lazy, just unknowlegeable.
<virusuy> http://linux.aldeby.org/post/linux-ubuntu-force-fsck-filesystem-check-at-reboot.html
<virusuy> that web page was written in 2011, info could be old .. but i know there is a way to force that
<LLckfan> I am trying to reconnect a blu-ray player to my router wirelessly and keep get dhcp cannot be acquired. Is there a way to fix this?
<anepanaliptos> where is dhcp provided from?
<LLckfan> I do not knwo
<shawn1> can anyone help me?
<shawn1> I set up port forwarding and made my server IP static in order to connect through SSH to my server over the internet.
<shawn1> but I don't know what command to use from the client machine in order to access the server.
<qman__> ssh
<shawn1> well, yes
<shawn1> but to I just ssh my server login name and external ip
<qman__> yes
<shawn1> or do I need to specify port 80
<qman__> ssh youruser@1.2.3.4
<qman__> absolutely not, port 80 is for http
<shawn1> oh
<shawn1> well that's the point
<shawn1> I'm trying to connect over http
<shawn1> maybe I stated that incorrectly, sorry
<qman__> you can't ssh over http as far as I am aware
<qman__> I don't know why you would want to
<qman__> in fact, quite the opposite is a typical case, http tunneled over ssh
<shawn1> well
<shawn1> here's what I did
<shawn1> in my router settings, I clicked on the 'port forwarding' option
<qman__> if you want to SSH from the internet, you need to forward port 22
<shawn1> okay
<shawn1> let me change things here
<qman__> and I suggest that you either install fail2ban or configure a limiting firewall to defend against brute force attacks
<shawn1> well sweet
<shawn1> that was easy
<shawn1> okay.
<indistylo> Folks, Having problem starting Jboss server, it says Jboss home pointing to different installation , Output can be seen in the URL( http://paste.ubuntu.com/5953884/ ) please suggest some solutions
<shawn1> Thank you very much  :)
<indistylo> shawn1 Can you resolve my problem, any idea on Jboss server ?
<indistylo> shawn1: Can you resolve my problem, any idea on Jboss server ?
<indistylo> qman__: Can you suggest something about Jboss? any idea?
<qman__> sorry, I don't know anything about it, I try to stay as far away from java as possible
<shawn1> Sorry, indistylo
<shawn1> I just got your messages
<shawn1> and I'm one of those people who are on here for help
<indistylo> Shawn1: No issues
<shawn1> in questions related to server issues, qman_ will know much more than me  :)
<indistylo> shawn1: Its alright I am juggling with problem still, Ya i had already asked qman__  : waiting for his reply !
<foo357> Hm, I want to change my home directory but usermod complains about me being logged in (which is true), but I am the single logon-user available on the machine...
<anepanaliptos> foo357: root.
<foo357> anepanaliptos: I connect to the machien through ssh and login with my account
<foo357> anepanaliptos: I don't think it's possible to directly login as root that way
<ScottK> Use sudo -i
<indistylo> Folks, Eclipse not starting in ubuntu12.04, I installed in /usr/share/eclipse directory and created eclipsed.desktop but its not starting, Kindly suggest solutions
<ScottK> Ask for help on #ubuntu since that's not a server issue.
<ikonia> indistylo
<ikonia> oops
<shawn1> got it!
<shawn1> thanks!
<shawn1> =]=]
<_ruben> ugh .. why is Azure so limited .. they make it really hard to make linux clusters (no floating ips for HA services, etc)
<_ruben> need to find something decent to replicate/sync my data between nodes somehow
<geser> stgraber: Hi, can I ask you something about the isc-dhcp-server6 upstart job? I'm trying to figure out how to fix bug #1186662
<uvirtbot> Launchpad bug 1186662 in isc-dhcp "isc-dhcp-server fails to renew lease file" [Undecided,Confirmed] https://launchpad.net/bugs/1186662
<stgraber> geser: sure
<stgraber> sounds like a regression that would have happened when we switched from our own privilege dropping code to upstream's --paranoia option
<stgraber> it could be that in the past, dhcpd only dropped privileges after all the files were opened but now it happens a bit earlier, causing the -ENOPERM
<geser> the lease file itself get updated, but it can't get rotated as dhcpd is running as dhcpd but everything is owned by root
<geser> so no updates to leases~
<stgraber> ah right, so we probably should just give the dhcpd user ownership of the dir and be done with it?
<geser> almost, with chown dhcpd it gets a little bit farther till: dhcpd: Can't backup lease database /var/lib/dhcp/dhcpd6.leases to /var/lib/dhcp/dhcpd6.leases~: Operation not permitted
<geser> the apparmor profile needs an update too: kernel: [2773234.120934] type=1702 audit(1375788247.840:13): op=linkat action=denied pid=31888 comm="dhcpd" path="/var/lib/dhcp/dhcpd6.leases" dev="dm-0" ino=2757
<geser> do I need to specify that dhcpd can write (create new files) to /var/lib/dhcp into the apparmor profile?
<stgraber> I'm surprised the existing apparmor rule doesn't cover that
<geser> there is "/var/lib/dhcp/dhcpd{,6}.leases* lrw" but it seems it doesn't cover creating new files
<geser> looking at the code, dhcpd removes the old leases~ and renames leases to leases~ before it creates a new leases to write into
<BrixSat> Hello
<BrixSat> i need some info, i have 200 servers under my management. Is there any way i can have a key management system, say i want one key to all servers and i dont want to ssh them manualy or in a script, since a server can be now offline and later online
<BrixSat> i need to be able to generate keys and distribute them
<geser> jdstrand: can you help me to understand why the dhcpd apparmor profile issue? I've in syslog: "dhcpd: Can't backup lease database /var/lib/dhcp/dhcpd6.le
<geser> ases to /var/lib/dhcp/dhcpd6.leases~: Operation not permitted"
<geser> and later "kernel: [2773234.120934] type=1702 audit(1375788247.840:13): op=linkat action=denied pid=31888 comm="dhcpd" path="/var/lib/dhcp/dhcpd6.leases" dev="dm-0" ino=2757
<geser> isn't "/var/lib/dhcp/dhcpd{,6}.leases* lrw" enough to allow it?
<jamespage> zul, bah - ordering of package build in havana-proposed is creating installability issues
<zul> jamespage:  like what?
<jamespage> zul, "python-keystone : Depends: python-sqlalchemy (< 0.8) but 0.8.2-1~cloud0 is to be installed"
<zul> jamespage:  grr..
<zul> jamespage:  hmmmm
<jamespage> zul, if I rebuilt it now against staging it gets the correct versioned depends
<jdstrand> geser: what version of ubuntu are you seeing this?
<zul> jamespage:  right
<zul> jamespage:  so we need to rebuild things?
<jamespage> zul, yeah - I'm just pushing stuff with a ~cloud1 with 'No change rebuild for new version of SQLAlchemy."
<zul> jamespage:  ack
<zul> i just uploaded a new version of pbr for trunk packages (as of 5 minutes ago)
<geser> jdstrand: ubuntu server 13.04
<jamespage> zul, OK
<jdstrand> geser: /var/lib/dhcp/dhcpd{,6}.leases* lrw is not in the 13.04 profile. did you add it yourself?
<jdstrand> oh, dhcp*d*
<jdstrand> hold on
<StathisA> hello, i'm trying to get my head around Tar syntax...i got two folders.../mnt/source & /mnt/destination...how can i tar the contents of /mnt/source to a tar file in /mnt/destination without running the command from neither of them?
<geser> jdstrand: for the background: I'm trying to fix #1186662, and got this far after changing the owner of /var/lib/dhcp to dhcpd so that dhcpd can write to it again
<jdstrand> geser: see 'man apparmor.d'. do the source and target files meet the criteria for 'Link mode'?
<jdstrand> geser: it isn't clear to me if the apparmor.d man page is talking about the apparmor permissions or the apparmor+DAC permissions
<jdstrand> geser: I need to call in reinforcements
<jdstrand> jjohansen: I'm not sure what is going on with geser ^ and his quest to fix bug #1186662
<uvirtbot> Launchpad bug 1186662 in isc-dhcp "isc-dhcp-server fails to renew lease file" [Undecided,Confirmed] https://launchpad.net/bugs/1186662
<jdstrand> jjohansen: backscroll 24 minutes from this timestamp
<geser> jdstrand, jjohansen: does owner of the file matter when linking? dhcpd is run as dhcpd and dhcpd6.leases is owned by root currently
<jdstrand> that's the bit I'm not sure of
<jdstrand> I would think you would see a dac_override entry if that were the case
<jdstrand> geser, jjohansen: I wonder if it has anything to do with 4.2.4-1ubuntu4 and bug #1028526
<uvirtbot> Launchpad bug 1028526 in isc-dhcp "dhcpd failed to start with apparmor denied: capname="dac_override"" [High,Fix released] https://launchpad.net/bugs/1028526
<Madkiss> roaksoax: y0.
<hallyn> lifeless: are you still seeing the libvirt memory leak with virt-manager?  I was running under valgrind to inspect...  but now i can't reproduce it, even without valgrind
<Madkiss> roaksoax: i have afresh pcmk 1.1.10+git here that fixes some nasty bugs.
<zul> jamespage:  https://code.launchpad.net/~zulcss/cinder/babel/+merge/178747
<zul> jamespage:  ping i was thinking....shouldnt we building against the -proposed pocket in the openstack-ci lab since we would be catching stuff much sooner
<zul> like the sqlalchemy stuff
<roaksoax> Madkiss: perfect ill get that synced
<Madkiss> roaksoax: where is your stuff?
<hallyn> stgraber: http://people.canonical.com/~serge/lxc-resolve.debdiff
<hallyn> biab
<stgraber> hallyn: I think it's fine
<Techdude1011> I am looking for suggestions for snmp trap software. Currently I am using snmptrapd but I would like to add interface descriptions from switches
<roaksoax> Madkiss: ill put it in github in a bit
<Madkiss> ok
<hallyn> stgraber: cool
<jamespage> zul, sorry - was OTP
<jamespage> zul, thats a really good point
<zul> jamespage:  i could do that if you want
 * jamespage thinks
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/cinder/babel/+merge/178747
<zul> jamespage:  typo fixed
<jamespage> zul, someone synced over your python3 changes in stevedore btw (might have been Daviey)
<zul> jamespage:  grrr...
 * zul shakes his fist at Daviey
<zul> jamespage:  mind if i push this cinder branch i fixed the changelog entry
<jamespage> zul, +1
<zul> jamespage:  thnak
<zul> jamespage:  the sqlalchemy fix we had in nova got merged fyi
<jamespage> great
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/oslo.sphinx/+merge/178778
<zul> SpamapS:  pinger
<zul> jamespage:  what did you do to fix the autopkgtests with nova?
<smoser> mr hallyn
<smoser> are you around sir ?
<hallyn> smoser: yup
<hallyn> [ERROR] ./stack.sh:698 nova-api did not start
<hallyn> guess i'm really not meant to use this on saucy
<smoser> i have 2 [recurring] lxc questions.  a.) lxc-start-ephemeral minus the ephemeral . b.) lxc clone hooks.
<smoser> hallyn, i dont know. i think i used it last on raring fairly painlessly.
<smoser> i think my ud-devstack worked start to end last time i used it.
<zul> jamespage/roaksoax: this is really needed to get python-pbr through: https://code.launchpad.net/~zulcss/heat/sqile-fix/+merge/178786
<hallyn> smoser: what is ud-devstack?
<hallyn> stgraber: this is great, and i can also resolve c1.lxc from c2.lxc from there.  cool.  pushing.
<SpamapS> zul: pongitola
<smoser> https://gist.github.com/smoser/4795358
<zul> SpamapS:  any idea when heat is going to switch over to neutronclient?
<smoser> hallyn, ^
<smoser> hallyn, see my questions above ?
<smoser> i was poinged by juju team.
<smoser> they're interetsed in clone being faser
<smoser> and those are 2 things that they'd need.
 * hallyn reading up
<hallyn> smoser: what time, which chan?
<SpamapS> zul: got a bug? I'll grab it and submit a patch now.
<SpamapS> (or file the bug)
<hallyn> oh i see.  weird
<hallyn> my eyees just totally glazed over that
<smoser> hallyn, what?
<smoser> oh.
<smoser> questions above.
<smoser> i have 2 [recurring] lxc questions.  a.) lxc-start-ephemeral minus the ephemeral . b.) lxc clone hooks.
<smoser> and ud-devstack is : launch instance with --user-data of that 'ud-devstack.yaml' and then wait.
<zul> SpamapS:  https://bugs.launchpad.net/heat/+bug/1197208
<hallyn> smoser: so those things all work great using the ubuntu-lxc/daily ppa.
<uvirtbot> Launchpad bug 1197208 in heat "Migrate Quantum references to Neutron" [Undecided,In progress]
<hallyn> a. lxc-start-ephemeral minus the ephemral, becomes:
<hallyn> lxc-create -t ubuntu -n orig
<hallyn> lxc-clone -B overlayfs -o orig -s -n ephem1
<hallyn> b. lxc clone hooks - thye should be there (in ppa), lemme check
<hallyn> yup, lxc.hook.clone is there
<hallyn> note the saucy lxc should be merged from upstream git in (iirc) august.  stgraber is gonna strangle me soon because i can never remember the dates he has in mind
<smoser> hallyn, k. thank you.
<hallyn> smoser: np, shout if you need more
<geser> jdstrand: I did some more tries: after chowning both the directory and dhcpd6.leases back to dhcpd (after starting it), the leases rotated now without error in syslog. So it looks like it's related to that bug you fixed in the past. (testing is time-consuming as dhcpd rewrites the leases file once per hour (hardcoded))
<SpamapS> zul: is LP having issues right now?
<SpamapS> zul: can't seem to get to that bug report :p
<zul> SpamapS:  not that i know of
<zul> SpamapS:  meh...that patchset seemed to got abandoned
<SpamapS> zul: yeah will try to revive
<SpamapS> if launchpad will talk to me. :-P
<smoser> hallyn, because i'm that lazy...
<smoser> lxc ppa link ?
<hallyn> smoser: pad.lv/~ubuntu-lxc/daily
<hallyn> nope
<hallyn> not that
<hallyn> https://launchpad.net/~ubuntu-lxc/+archive/daily
<zul> SpamapS:  you have to talk to it nicely :)
<koolhead17> hi SpamapS
<SpamapS> zul: and s l o w l y ...
<SpamapS> [1235993.357149] systemd-hostnamed[17620]: Warning: nss-myhostname is not installed. Changing the local hostname might make it unresolveable. Please install nss-myhostname!
<SpamapS> wtf
<zul> stop using fedora ;)
<zul> jamespage:  before you go https://code.launchpad.net/~zulcss/heat/sqile-fix/+merge/178786
<jamespage> zul, +1
<zul> jamespage:  thanks
<jjohansen> jdstrand, geser: so yes file ownership matters. However the link rule unless you stick the owner conditional won't enforce that restriction.  Where you will see the restriction is apparmor's stacking with capabilities. Capabilities may require dac_override to access a file with different ownership
<jjohansen> you will see capability messages with an apparmor message, and this will require a capability dac_override, permission in the profile
<jdstrand> jjohansen: the weird thing is dac_override wasn't logged. maybe kernel logging is getting in the way...
<jdstrand> geser: can you do sudo sysctl -w kernel.printk_ratelimit=0
<SpamapS> smoser: I'm debugging a problem that has cropped up since we started building raring images....
<jdstrand> geser: and report back your denials?
<SpamapS> smoser: could you see a problem with having this: https://github.com/stackforge/diskimage-builder/blob/master/elements/cloud-init-nocloud/install.d/05-set-cloud-init-sources
<jdstrand> jjohansen: have I mentioned how annoying kernel logging is? :P (/me knows you've mentioned it to me)
<SpamapS> smoser: having trouble debugging because my console is local kvm vga and I can't see what was on it easily. :-/
<jjohansen> jdstrand, geser: possible, also note the linkat message is not an apparmor message. geser is that file on a different device? you can't hard link across devices
<TimR> can anybody tell me why my domain name keeps redirecting to my mail server for?
<jjohansen> jdstrand: kernel logging is an absolute mess
<jdstrand> jjohansen: re linkat> oh, duh-- it isn't :) I'm so used to seeing apparmor denials seeing another kernel denial was not even in my headspace :)
<jdstrand> note, that is not me blaming apparmor-- that is me doing far too much profiling ;)
<sarnold> something else in the kernel prints denials?
<jjohansen> jdstrand: heh, no its an easy mistake to make, I had to double check it
<jjohansen> sarnold: a few things
<jdstrand> sarnold: 07:11 < geser> and later "kernel: [2773234.120934] type=1702 audit(1375788247.840:13): op=linkat action=denied pid=31888 comm="dhcpd" path="/var/lib/dhcp/dhcpd6.leases" dev="dm-0" ino=2757
<geser> jjohansen: no, all files are in /var/lib/dhcp, dhcpd runs as dhcpd while the dhcpd6.leases is owned as root (I've chowned /var/lib/dhcp back to dhcpd so it can create the temporary file there again)
<sarnold> jdstrand: wow, cool, crazy :) never seen a 1702 before.
<jdstrand> sarnold: yeah, me either :) maybe I can be forgiven for thinking it was apparmor then :)
<sarnold> jdstrand: definitely :) I hope I'd wonder why it feels so short...
<jdstrand> I definitely thought it was a weird looking line
<jdstrand> I even looked around for it in the apparmor docs, then got distracted by my rememberance of dac_override and the previous bug
<TimR> anybody know the solution to my problem
<sarnold> TimR: sorry, you haven't described it in enough detail to even hazard guesses. can you pastebin commands that work, commands that don't work, and what you think those ocmmands ought to do differently? maybe then someone could help..
<geser> jdstrand: I can only see a dac-override message if I reproduce the state for the old bug (#1028526)
<geser> the next leases should rotate in around 30 min
<TimR> Ok I dont see how much more clear I can get with that issue I am having when domain name is redirecting to my mail server
<sarnold> TimR: maybe pastebin your host or dig output and your zone files?
<TimR> domain name and mail server is pointing at the same address
<jjohansen> geser, jdstrand: its the kernel link protections
<geser> jdstrand, jjohansen: when both the directory and the leases file is owned by dhcpd:dhcpd dhcpd doesn't start (old bug), with root:root dhcpd starts but can't rotate the leases file (current bug), when I change the owner back to dhcpd:dhcpd (both dir and file) *after* dhcpd started leases file rotating works (till restart)
<geser> would chowning to dhcpd:dhcpd in the upstart job and adding the dac_override cap to the apparmor profile fix both (old and current) bugs?
<jjohansen> geser: why would you chown the file in an upstart job? That is just papering over the problem
<jjohansen> geser: what is the bug # of the old problem? I want to make sure I am correct in my understanding of the old issue before I answer?
<geser> jjohansen: I guess it was done to ensure the right permissions, see http://launchpadlibrarian.net/111078972/isc-dhcp_4.2.4-1ubuntu3_4.2.4-1ubuntu4.diff.gz for the fix for the old bug
<geser> jjohansen: old bug: bug #1028526 ; current bug: bug #1186662
<uvirtbot> Launchpad bug 1028526 in isc-dhcp "dhcpd failed to start with apparmor denied: capname="dac_override"" [High,Fix released] https://launchpad.net/bugs/1028526
<uvirtbot> Launchpad bug 1186662 in isc-dhcp "isc-dhcp-server fails to renew lease file" [Undecided,Confirmed] https://launchpad.net/bugs/1186662
<jjohansen> jdstrand: ^ this is a problem, it runs foul of the kernels link restrictions
<jjohansen> geser: so adding capability dac_override to the profile will fix any apparmor induced problems. However that is not the problem here
<jjohansen> we have a conflict betwen dhcpd privilege sep, and kernel link restrictions
<geser> jjohansen: what about the owner of the leases files: dhcpd recreates it after it drops priv as user dhcpd, but dhcpd can't open if for append at startup as root (it happens before dhcpd drops priv). Who should own that file? root or dhcpd?
<sarnold> eww. sounds like dhcpd folks didn't design their privsep correctly?
<geser> I get slowly that impression too
<jjohansen> sarnold: I agree, they have a broken priv sep design, and the only solutions are
<jjohansen> 1. Fix dhcpd
<jjohansen> 2. turn off kernel link restrictions (which I would consider only a temporary solution)
<jjohansen> geser: you can temporarily fix this by setting /proc/sys/fs/protected_hardlinks to 0, please not this will globally disable kernel link restrictions
<jjohansen> unfortunately this is not something we can control on a per profile or task basis
<geser> jjohansen: my temporary fix for now is to remember to chown the leases file and dir back to dhcpd after I restart dhcpd or the whole server (shouldn't happen too often) till it gets fixed properly
<jjohansen> geser: yeah, that is a more localized fix
<jdstrand> jjohansen: you pointed me at backscroll, but I'm not sure what you were pointing to. are you saying what we did for quantal was wrong?
<jjohansen> jdstrand: I am saying that the dhcpd priv sep patch is in conflict with the kernel link restrictions
<jdstrand> jjohansen: yes, that seems clear now. at the time (quantal), Ubuntu dropped our privsep patch that had worked
<jdstrand> and the new one behaved differently-- and I didn't want to grant dac_override
<jdstrand> funny how this is only coming up now
<jjohansen> yeah
<jjohansen> jdstrand: its likely because of changes made to the kernel link restrictions during upstreaming vs what was in yama
<jjohansen> anyways that is a guess
<jdstrand> huh
<jjohansen> jdstrand: just a guess as to why its surfacing now instead of before
<jjohansen> jdstrand: there where some changes but I'd have to go back to the ml to figure out what they where
<jjohansen> s/where/were/
<geser> do you both have an idea how to fix it?
<jdstrand> am I interpreting that the current workaround is to chown root:root /var/lib/dhcp/dhcpd6.leases~ if it exists, start dhcpd, then chown dhcpd:dhcpd /var/lib/dhcp/dhcpd6.leases~ after it starts?
<jdstrand> (that would be insane)
<jjohansen> jdstrand: yes or disable kernel link restrictions
<geser> jdstrand: yes, that works for me
<jdstrand> yikes
<jdstrand> please file an upstream bug :P
<geser> jdstrand: I did 'sudo chown dhcpd /var/lib/dhcp{,/dhcpd6.leases}'
<jjohansen> jdstrand: that is because if the process has an open file handle to the file, the restrictions are applied differently
<jdstrand> interesting. I have not looked at the code at all, but it seems fairly obvious that if the lease files are going to be handled as the dhcpd user, oh, I don't know, open them as the dhcpd user
<jjohansen> hrmmm, actually no this one is just doing an ownership test on startup, and then ignoring that in the future
<jjohansen> jdstrand: yeah
<geser> jdstrand: dhcpd opens the leases file, drops priv to dhcpd and does later the leases file rotation as part of normal operation
 * jdstrand nods
<jjohansen> geser: it makes the very broken assumption that it can hard link a file it doesn't own as part of the rotation
<geser> I guess upstream assumes that dhcpd can write that file and create files in that dir
<geser> but this conflicts with trying to open the leases file for append as root during the startup phase
<jdstrand> well, it can-- but this is linking files and hardlink restrictions are now part of the linux kernel, so it needs to handle it correctly
<jdstrand> they either need to open as root and rotate as root, or open as dhcpd and rotate as dhcpd, aiui
<jdstrand> again, I've not looked at the code
<geser> http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/isc-dhcp/saucy/view/head:/server/db.c#L1083 new_lease_file() does the rotation
<jdstrand> geser: I think reporting the bug upstream and employing a short term workaround until they fix it is reasonable
<jdstrand> (we could then cherrypick the fix)
<sarnold> no O_EXCL in that open(2) call? hrm.
<geser> http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/isc-dhcp/saucy/view/head:/server/dhcpd.c#L703 is where the leases file is read during startup while the privs get dropped later in line 775
<jkew> Hi folks; I'm looking for information on some of the modifications required for running ubuntu on azure; we are trying to isolate the source of some intermittent io issues and our next step is looking at the distribution provided by microsoft.
<jkew> It looks like Ben Howard is the goto person for this; but I have no idea what channels or methods I would use to ask technical questions on this matter.
<geser> jdstrand: do you know if doing the chown to dhcpd call for those files in a post-startup stance in the upstart job would work? (as a ugly workaround till it can get properly fixed)
<rbasak> jkew: Ben Howard is utlemming on here, or try the ubuntu-cloud mailing list
<jkew> rbasak: thanks
<jdstrand> geser: I don't-- I only mentioned that based on your comments
<jdstrand> geser: it seems plausible and worth testing
<geser> jdstrand: I tested it, but it doesn't work (unless I made a mistake with the upstart job)
<geser> will file the problem upstream to get it fixed properly
<geser> stgraber: do you know if it's possible to use a post-start stance in an upstart job where the daemon get started in the foreground?
<mac_nibblet> Hmm, since when does ubuntu-server name it's network devices as nm ?
<mac_nibblet> this is a vanila install and i have not added network-manager
<stgraber> geser: I think so, though if it really starts in the foreground and doesn't send a signal back to upstart or fork at some point, I'd then expect post-start to happens immediately after the command is started, so quite possibly before the daemon is actually operational
<sarnold> mac_nibblet: /etc/udev/rules.d/70-persistent-net.rules is usually responsible for NIC names..
<mac_nibblet> sarnold: but is this really expected behavior ?
<guntbert> mac_nibblet: I've never seen that (and it has nothing to do with Network manager as someone  said)
<sarnold> mac_nibblet: maybe? :) what specifically are you seeing?
<mac_nibblet> file does not exist
<geser> stgraber: I tried to chown some files (the isc-dhcp-server issue) as a workround after dhcpd get started but they stayed root:root
<mac_nibblet> sarnold, guntbert: im wondering if i should try and just reinstall the server before i get more weird things
<mac_nibblet> takes like 8 minutes to reinstall so ..
<stgraber> geser: so I really think the right way is to switch the ownership of the directory and figure out exactly what's going on with apparmor that prevents isc-dhcp from doing the whole create/rename/destroy thing
<guntbert> mac_nibblet: I would not expect to see different results
<stgraber> geser: sarnold or jjohansen should be able to help you there
<jdstrand> stgraber: we know what the problem is (it was discussed in backscroll)
<jdstrand> stgraber: dhcpd is doing their priv separation wrong
<geser> stgraber: it's a combination of AppArmor, dhcpd's priv sep and Kernel Link Protection
<geser> during startup the file needs to belong root and during operation dhcpd :(
<stgraber> jdstrand: just read the backlog now, that'd indeed explain it...
<jdstrand> it really isn't apparmor, it is the kernel link protection
<stgraber> note that ISC isn't terribly good at fixing bugs or giving any feedback outside of security issues
<stgraber> getting an upstream priv dropping code took over 2-3 years so having it changed/fixed may take just as long
<stgraber> so we should either look into fixing that and carrying a patch until they eventually merge it or find a robust workaround (I don't want that bit to be racy in 14.04)
<geser> omg, perhaps we should add some chown calls before dhcpd calls setuid()
<geser> jdstrand: without AppArmor we could let dhcpd own those dir and files (AppArmor was the reason they got changed to root:root)
<jdstrand> I hope you aren't suggesting dropping apparmor :)
<jdstrand> it needs to either open and rotate the files as dhcpd, or open and rotate the files as root
<jdstrand> opening as root and rotating as dhcpd is the problem
<geser> jdstrand: certainly not suggesting it
<geser> jdstrand: what about changing the owner of those files before calling the setuid()/setgid()?
<jdstrand> they are probably opening as root and handing off the fd as a security protection
<jdstrand> geser: that should work-- sarnold ^
<stgraber> In an ideal world dhcpd should own /var/lib/dhcpd and not open any fd until after it's done dropping privileges
<sarnold> yeah, I like stgraber's ideal world :)
<stgraber> the main/only reason why it even needs to run as root is to open a raw network socket, so it really should do that and then drop privs like any proper daemon should
<jdstrand> that's what I was suggesting with opening as dhcpd
<stgraber> and I think that's the patch we should apply to Ubuntu, get into Debian and forward to ISC so maybe one day it'll be done properly upstream
<jdstrand> wfm
<stgraber> geser: if you want to have a try at doing this, feel free, if not, please comment in the bug report (I think you mentioned one earlier right?) and assign to me so I have it on my todo
<geser> jdstrand: dhcpd has an option to check the validity of the leases file and it does it before it does its deamonizing
<stgraber> (I'm on vacation until Thursday and at Debconf next week but I may find some quiet time to do that anyway or will look at it once I'm back home on the 20th)
<geser> stgraber: will add my findings to the bug tomorrow and see if I can code a workaround
<sarnold> stgraber: oh nice, enjoy your vacation and debconf :)
<jdstrand> seems like that check should definitely be done as non-root
<geser> I agree, so dhcpd can complain if it has access issues to the leases file when run as non-root
<SpamapS> smoser: need your opinion about a problem we're seeing...
<SpamapS> smoser: so the problem from earlier is that we don't have a serial console defined on some of the vms we boot..
<SpamapS> smoser: when that happens, anything that uses 'console output' fails because /dev/console is inoperable
<SpamapS> smoser: it is inoperable because cloud images specify console=tty1 console=ttyS0...
<SpamapS> smoser: is it reasonable to expect the cloud images to boot w/o a serial device? (I think.. yes)
<utlemming> SpamapS: this seems more like a bug for Ubuntu
<utlemming> but I would agree that that shouldn't trigger a failure
<smoser> https://bugs.launchpad.net/ubuntu/+source/cloud-initramfs-tools/+bug/1123220
<uvirtbot> Launchpad bug 1123220 in cloud-initramfs-tools "cloud-image VM causes kernel panic if image is resized" [Low,Triaged]
<smoser> thats the bug
<smoser> and you can read the email thread on it.
<smoser> SpamapS, ^ you see that ?
<smoser> the simplist solution is "well attach a serial device for petes sake!"
 * smoser has to go to bed, but there is a very complete email thread attached to that bug.
<smoser> it is very much less than trivial to accomplish what we want.
<smoser> and i'm open to any ideas.
<SpamapS> smoser: in the past we had a different kernel bug that required us to not have a serial device.. ;)
<SpamapS> smoser: thanks for the bug link. That is in fact the bug I was looking for.
<hadifarnoud> I followed this guide http://pleasefeedthegeek.wordpress.com/2012/04/21/l2tp-ubuntu-server-setup-for-ios-clients/ for L2TP vpn. it connects but I cannot access any website. I think step 3 is wrong. can anyone help?
#ubuntu-server 2013-08-07
<zeronezerone> hey guys! any suggested reading or websites for desireable network topologies
<zeronezerone> i am setting up a networked cluster
<zeronezerone> three local machines, one off site VPS running dns
<zeronezerone> i was thinking having one front facing server running ISCSI + reverse proxy via nginx. the other two servers, maybe set them up using some clustering + failover software?
<zeronezerone> *is looking for further and elaborated reading*
<trollwork> Howdy, need some help with postfix.  Someone here didn't like the postfix log files, so they symlinked them to /dev/null in /var/log/mail.err & .log.  I've since deleted those symlinks, but the files are not repopulating.
<trollwork> Can I change the log location? Or somehow re-enable them?
<sarnold> trollwork: check the postfix docs, perhaps you can get it to 'rotate' its logs with a kill -SIGHUP or something easy
<trollwork> sarnold, the postfix logs point to general linux distros.. case in point they recommend editing /etc/syslog.conf to change log settings, ubuntu has /etc/rsyslog.d/postfix.conf instead.. and it's only got one line in it which doesn't really help me much
<hadifarnoud> usr13: I followed the guide and changed wherever he said I should use my IP. the only place I had to use my IPs was /etc/ipsec.d/l2tp-psk.conf file in step 2
<hadifarnoud> usr13: my ip range for L2TP vpn is  192.168.1.231-192.168.1.239   when I connect to it, I get 192.168.1.233   considering that, is step 3 wrong? iptables does not redirect traffic to me.
<mikal> Anyone around?
<mikal> Would nova depending on conserver (from non-free) be a packaging problem for you guys?
<Brans> i need help with samba
<Brans> trying to setup a pdc ..
<Brans> http://paste.ubuntu.com/5957273/
<Brans> there's my config
<qman__> trollwork, touch the logfiles and set the permissions to default, which is syslog:adm 640
<trollwork> thanks qman__
<qman__> may need to restart rsyslog after doing that, not sure
<trollwork> There we go!
<trollwork> you're awesome!
<trollwork> Thanks!
<trollwork> so I'm trying to install postfix from a shell script in order to automate deployment (Chef & puppet have been banned from the office, don't ask) and the problem is even with a  >/dev/null 2>&1 you get the postfix menu.. is there way to default that?
<CarlThansk> I have apache, PHP, and mysql running on a clean install and my friend is getting quasi-randomly IP-banned. what could do this?
<jpds> How do you know the IP is 'banned'?
<jpds> Log files, etc?
<CarlThansk> I don't *know*, but he can access resources hosted elsewhere on my network and I can access the resource he can't from another external source
<jpds> As I said before, and will say again, you need to do some network debugging.
<CarlThansk> as I said before, and will say again, he can reach me and others can reach it. it is *only* the webserver he can't access
<jpds> You didn't mention that before.
<jpds> Checked the Apache logs?
<CarlThansk> yup. see nothing worthwhile
<jpds> Well, next step is tcpdump on his IP and seeing what happens when he tries to access the site.
<CarlThansk> no packets. guess it's time to move on to ddwrt. thanks jpds
<sobersabre> hi guys. is there a *working* document on how to set up ubuntu machine as active directory member box and authenticate AD users on that machine (i.e. via AD)
<sobersabre> ?
<qman__> sobersabre, looking to create a domain or join existing?
<qman__> oh, you just mean auth against AD, not a DC
<qman__> there's several ways to do that with varying downsides
<qman__> winbind is the method recommended by the samba guys
<qman__> this is a little old but still generally applies: https://help.ubuntu.com/community/ActiveDirectoryHowto
<phizes> Hi, I am using https://launchpad.net/~ondrej/+archive/mysql to get MySQL 5.5 for Precise, the problem is that 5.6 is also provided, I have managed to pin most of the packages at 5.5 (notably the ones with 5.5 in the package name) I can't work out how to pin libmysqlclient18 to 5.5 as well, here is my current apt preferences.d config http://paste.ubuntu.com/5957784/ Could any one point me in the right direction?
<phizes> (I am aware that the PPA's 5.5 is the same as what is in the Precise release, the difference is that the official build lacks the library for MySQL to have native_aio compiled into it, which this PPA does have.)
<qman__> based on what I see there, you shouldn't have to pin anything, as the packages are named differently
<qman__> the stock packages are mysql-client-5.5 and mysql-server-5.5, and the packages on that PPA are mysql-5.5 and mysql-5.6
<phizes> https://launchpad.net/~ondrej/+archive/mysql/+packages <- then click the corresponding title in the table, it lists the actual packages, and it is definitely trying to upgrade to 5.6, whereas I just need the 5.5 versions
<phizes> If I recall correctly, trying to apt-get install mysql-5.5 resulted in an error about package not found, and then I would still need to pin it to 5.5 to prevent it upgrading to 5.6 I think.
<qman__> ok, I see
<qman__> there is still another way, which is to not install "mysql-client" and "mysql-server", but only "mysql-client-5.5" and "mysql-server-5.5"
<qman__> if you do need those two metapackages, those are the ones you need to pin
<phizes> I have done that, but it still tries to upgrade libmysqlclient for some reason. (I did that to be able to pin to 5.5)
<qman__> hmm
<qman__> mysql-client-5.5 should depend on the correct version of that, but apparently doesn't
<phizes> Hmmk, I can't seem to find a way to differentiate the packages for pinning, I'm considering asking the package maintainer at this point, alternatively I may have to start my own PPA, though I have never done that before.
<qman__> yeah, I think there's an issue with the dependencies of his version, but you should be able to work around it with pinning
<qman__> I'm just not familiar enough with the syntax to fix it for you
<phizes> I thought that should be the case, but I can't find how to define it, pretty much anywhere. I'll have a look at it again, I may have missed something somewhere. Asking any maintainer or similar is always my last resort.
<phizes> Thank you very much for your help though. :)
<qman__> basically though, mysql-client-5.5 should depend on libmysqlclient18 > 5.5.0, < 5.6.0
<wiehan> Hi, I have samba shares installed via webmin. I have set up a folder on my server named Multimedia to be shared and have granted: Guest access. And the default permissions of 755. But when I try to write to that folder it gives an 'permission denied error'. I believe that it has to do with the fact the the folder, locally, doesn't grant the permissions. So what I did was chmod -R 755 /Multimedia.. But it still doesn't work.
<wiehan> Please help.
<qman__> wiehan, 755 means write for the owner but read-only for everyone else, you want 777 for a guest writable share
<qman__> keep in mind also,
<qman__> !webmin | wiehan
<ubottu> wiehan: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<wiehan> qman ty, I changed that now to 766, both with chmod and the namethatshallnotbementioned, still to no avail
<wiehan> ok, Now I have a question that is unrelated to webmin. When I try to access the share from my ubuntu laptop it says "permission denied" but whn I log in from my android phone, it works perfect!?
<qman__> make sure it's logging in as guest and not using a saved credential
<qman__> saved credentials are stored in keyring manager
<wiehan> qman__, how do I clear saved credentials as this seems like a buggy bug
 * maxb observes that 766 is quite different to 777
<qman__> first, ensure none are saved in your keyring using the keyring manager
<qman__> after doing that, log out, and log back in
<mac_nibblet> After setting upp isc-dhcp-server i keep getting "No subnet declaration for em1"
<mac_nibblet> even tho i have specified the only interface to listen on is em2
<jamespage> yolanda, any thoughts on why https://jenkins.qa.ubuntu.com/job/saucy-adt-squid3/35/ is failing on amd64?
<yolanda> jamespage, what does this mean? amd64,adt is still in the queue: Waiting for next available executor on adt
<jamespage> yolanda, where do you see that
<jamespage> ?
<yolanda> jamespage, in the console log
<yolanda> https://jenkins.qa.ubuntu.com/job/saucy-adt-squid3/35/console
<jamespage> yolanda, you need to look at the failing job specifically
<jamespage> https://jenkins.qa.ubuntu.com/job/saucy-adt-squid3/35/ARCH=amd64,label=adt/
<yolanda> jamespage, seems that ftp test isn't working properly, when did you see that failure, starting on today?
<jamespage> yolanda, its been failing a while now - https://jenkins.qa.ubuntu.com/job/saucy-adt-squid3/
<yolanda> jamespage, seems like some problem with vsftpd: The server responded with:
<yolanda>  OOPS: child died
<yolanda> and it works with i386 so it's quite strange, not sure what's happening
<jamespage> Daviey, some new binary pkgs for juju-core in the NEW queue if you have time
<Daviey> jamespage: done, thanks
<jamespage> Daviey, thanks
<geser> stgraber: I've assigned bug #1186662 to you as requested, I've commented what I know about the bug so far.
<uvirtbot> Launchpad bug 1186662 in isc-dhcp "isc-dhcp-server fails to renew lease file" [Undecided,Triaged] https://launchpad.net/bugs/1186662
<stgraber> geser: thanks
<geser> I tried to understand the code if it's safe to move the opening the lease file after dhcpd drops to the dhcpd user or if it needs some of the data that can be written to the leases file is needed at this stage but without much success yet
<geser> I'm not sure yet if doing a chown() on the leases file before it drops the privileges is the less risky fix (even if a little bit ugly)
<msafi> I ran a hello world node.js script yesterday, which acts as a web server. Then I turned it off, but when I visit my server, it still says "Hello World". I tried it on multiple browsers and in Private mode
<msafi> Where could this Hello World output be cached?
<yossarianuk> does anyone know if you can connect a Windows IIS server -> external Linux coldfusion server ?
<yossarianuk>  (as coldfusion on windows is bad....)  I know Linux java memory management is better
<adam_g> jamespage, if you have a sec, https://code.launchpad.net/~gandelman-a/ubuntu/saucy/cinder/paramiko_min
<jamespage> adam_g, upstream only require >= 1.8.0
<adam_g> jamespage, doh, was going by our version
<jamespage> adam_g, :-)
<adam_g> jamespage, updated
<adam_g> jamespage, is there anything special i need to do to get cloud-archive-backport to create a signed source package?
<jamespage> adam_g, just sign it afterwards
<jamespage> adam_g, putting a signed package up for review is less that ideal
<jamespage> debsign *_source.changes
<adam_g> jamespage, ah
<adam_g> jamespage, anyhow, http://people.canonical.com/~agandelman/ca/havana/paramiko-1.10.1-1~cloud0/
<catphish> i've set up a network install server based on an ubuntu 12.04 ISO, the installation works fine, but the resulting system seems to point to lots of non-existant repos on my install server (sources, multiverse)
<catphish> what is the best way to fix it?
<jamespage> adam_g, +1
<_ruben> catphish: make sure your install server is actually complete? :)
<_ruben> the install isos contain far from everything, obviously
<catphish> _ruben: that's what i thought, what is the best way to maintain a full copy?
<catphish> apt-mirror?
<catphish> looks like that works :)
<catphish> thanks
<_ruben> i use rsync ;)
<_ruben> or actually, i plan to use it. now i'm using debmirror, which is using rsync as well though
<_ruben> but since i use debmirror to mirror pretty much everything, i might as well use rsync directly
<catphish> _ruben: is it possible to configure the sources file, or should i just replace it with a post script?
<catphish> i will probably host a basic set of sources locally for an up-to-date base install then pull everything from an external mirror subsequently
<vila> hi all, how do I mount an iso inside an lxc container ? Said iso contains could-init data so it should be mounted early in the "boot" sequence
<_ruben> catphish: you want your fresh installed vms to have a modified sources.list? not sure if there's any preseeding directives for that (assuming you are using preseeding), else it should be a post-install script indeed
<catphish> that's fine, i've put a %post in my kickstart file which should do the job fine
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/heat/refresh/+merge/178989
<tdelam> hey, how do I upgrade apache from 2.2.22 to 2.2.25 via apt?
<RoyK> tdelam: I don't think that's possible. why?
<tdelam> RoyK: security issue, 2.2.25 addresses one that we specifically are required to resolve.
<RoyK> tdelam: are you sure the fix isn't backported? that's the usual way to fix things in debian/ubuntu land
<RoyK> tdelam: do you have docs on this issue?
<tdelam> RoyK: none that I am allowed to share. We're doing the typical PCI Compliance (sigh) process and one of the requirements was 2.2.25 on our proxy server but is currently 2.2.22
<tdelam> I normally prefer to do things the old fashioned compile from source way but this server is was already set up and they've used apt for everything, now I am having an issue upgrading to 2.2.25 and was hoping someone in here could lend a hand :)
<jamespage> tdelam, if you are using a version shipped in a supported Ubuntu release it should have the required security fixes irrespective of the actual apache version
<Pici> tdelam: If its a CVE that you need to guard  against, you should check the package status at http://people.canonical.com/~ubuntu-security/cve/
<jamespage> tdelam, I've done PCI compliance a few times now and this always gets raised
<Pici> IMO PCI compliance is flawed in regards to version number compliance.
<RoyK> tdelam: so an unknown security failure already fixed? doesn't sound like a day zero to me, so I'm rather curious why you can't point to which error this is
<tdelam> thanks Pici and jamespage
<RoyK> tdelam: like I said - fixes are usually backported
<tdelam> thanks RoyK
<RoyK> but it's quite impossible to verify that without knowing which security issue this is about :P
<tdelam> so that's what all these updates are then, patches to the existing packages
<tdelam> so they don't actually go by version numbers, just whatever is installed gets patched up daily?
<RoyK> that's what backporting means
<tdelam> that's an interesting way to go about it
<tdelam> awesome
<RoyK> someone release a fix for an issue in 2.2.25, along with some new features, someone at ubuntu or debian grabs the fix and patches up 2.2.22
<RoyK> recompiles and posts a new release after it's been through QA
<tdelam> that's better
<RoyK> tdelam: lookup the bug ID of the issue in question in the debian/ubuntu bug forums
<RoyK> it certainly should have one
<tdelam> I'll have to get it again but I see where you guys are coming from
<tdelam> i much prefer this.
<jamespage> rbasak, can I cry now>
<jamespage> https://launchpad.net/ubuntu/+source/mongodb/1:2.4.5-1ubuntu1/+build/4857783
<jamespage> grrraaargghhhhh!
<zul> jamespage:  im going to push this change for heat, i have tested it, it installs properly
<jamespage> zul, sorry - +1
<rbasak> jamespage: new upstream?
<jamespage> rbasak, kinda
<jamespage> rbasak, the debian maintainer had to switch to using the embedded libv8 as the standalone version is now to old and security buggy
<jamespage> BUT
<jamespage> the embedded version appears to dislike arm
<DWSR> Hey all, I have 5 SAS drives connected to an HBA, and I'm wondering if there's a way to get them to spindown?
<RoyK> DWSR: smartctl?
<RoyK> DWSR: no, wait, hdparm
<RoyK> DWSR: what ubuntu version?
<RoyK> and what filesystem(s)?
<hallyn> smb: hi - http://status.qa.ubuntu.com/reports/ubuntu-server/triage-report.html has quite a few xen bugs.  do you on occasion look at these?  I can aim to change my xen-virgin status, but there'll be some overhead so thought i'd check.
<jc> Straaaaange networking glitch, hoping someone can help
<jc> Short story: moved CUPS onto new Ubuntu Server with new hostname, created CNAME pointing old hostname to new
<jc> I telnet to new server IP on port 631, connected instantly. Same port but using new hostname, 2 second delay. Same port but old hostname, 10+ second delay. All three combinations from another server connect instantly.
<mdeslaur> rbasak: is anyone working to get squid3 out of saucy-proposed?
<sarnold> jc: check DNS on both client and server for both client and server forward / reverse lookups
<jc> sarnold: reverse lookup on new server IP goes to new hostname only, but I'm not sure I can have it resolve back to the old one as well for compatibility
<jc> lookup on old hostname returns the correct CNAME and corresponding server IP
<jc> Both client and server reading from the same internal DNS server
<sarnold> jc: darn, all that sounds about right. :)
<jc> sarnold: that's why this unexplained delay has me stumped, as it doesn't happen when connecting from other servers, just our Mac clients
<jc> Ran a tcpdump on both ends only to show no traffic between client and server until telnet on client kicks in with a prompt
<sarnold> jc: hrm, interesting. throw tcpdump / wireshark on good session and bad session and see if you can spot it?
<sarnold> hah
<jc> Ran dtruss (equivalent of strace) on the Mac client side to see if I could see anything holding up the request, but nothing between 1000us and the 10.0014 seconds required to generate a prompt :/
<sarnold> jc: is there an equivalent of 'ltrace'? something that would show library calls?
<sarnold> jc: actually, a quick step back: this _might_ be confined entirely to telnet. try netcat or socat or bash's /dev/tcp/... and see if anything else has trouble of it is just a cranky thirty-year-old program? :)
<jc> sarnold: will try netcat on the Mac client
<jc> sarnold: occasionally on the Mac client I'll see messages such as "getaddrinfo: nodename nor servname provided, or not known", suggesting it's forgotten the destination IP momentarily
<jc> sarnold: Ha. `nc -v oldhostname 631` takes exactly the same ten seconds to say "connection succeeded!"
<sarnold> jc: haha! :)
<jc> sarnold: Could it be something incorrectly configured in /proc/net on the server end?
<jc> Because if not, then I'd have to start suspecting the network, and the guy in control of the switches "doesn't know enough" about yesterday's server move to be bothered helping to diagnose the problem :/
<sarnold> jc: dunno :/ when I've seen these sorts of delays in the past, it was nearly always a server logging hostnames rather than IPs, and the reverse lookups were misconfigured or just darned slow. so when it's something else, it's a lot harder to pin down. :(
<jc> sarnold: Because if not, then I'd have to start suspecting the network, and the guy in control of the switches "doesn't know enough" about yesterday's server move to be bothered helping to diagnose the problem :/
<jc> Whoops, screen froze for a sec there
<sarnold> jc: hehe :)
<jc> sarnold: Meant to say that I can try changing the new server IP to the old server IP, if that eliminates the connection delay then I can be sure something's wrong with the core switch
<sarnold> jc: maybe poke around arp tables?
<jc> Nothing in there on the new server
<jc> Right, gonna try switching server IPs
<DWSR> RoyK: I tried using hdparm -S242 /dev/sdx and it doesn't work. Returns an error. Running 12.04 and they're part of a ZFS RAIDZ.
<DWSR> RoyK: Error is SG_IO: bad/missing sense data, sb[]:  70 00 05 00 00 00 00 0a 00 00 00 00 20 00 01 cf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
<RoyK> what sort of controller is this?
<DWSR> IBM M1015, so an LSI 9240
<DWSR> err 9280*
<RoyK> 92xx have the same chipset
<DWSR> yeah, I figured as much
<RoyK> some of those are somewhat hard to handle, and zfs is rather hard to handle for spindown as well, since it does background jobs frequently
<RoyK> I've tried to spindown on zfs and md and haven't figured out how to do that on either of them
<RoyK> btw, an idle drive draws maybe 1w, the rest of the machine draws significantly more, so why bother?
<DWSR> RoyK: Noise. The drives are 15k SAS drives, not 7.2k SATA.
<DWSR> They're not LOUD, but they're noticable.
<RoyK> all drives are
<RoyK> but I somewhat doubt you can make spindown work on zfs, even with a controller that supports those ATA commands
<RoyK> a SAS controller may not support those
<RoyK> (or probably won't)
<RoyK> I've used 92xx controllers with zfs on some 100TiB machines (two years ago), and smartctl didn't like those - neither did hdparm with spindown
<zul> roaksoax:  ping
<roaksoax> zul: tururu
<roaksoax> tururu
<roaksoax> zul lol whstd up?
<roaksoax> zul: ??
<zul> roaksoax:  ill need you to review a branch for me in a little bit
<zul> its heat again
<failmaster> hey guys, i assume that i will end up with "unusable" system, due to the fact that 13.04 server doesn't want to use a keyfile for luks authorization during boot process, https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone?
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,Invalid]
<jefgy> I'm using mdadm raid1. I have grub2 install on the MBR /dev/sda and /dev/sdb.  I recently had a failure and had to replace sdb.  I reinstalled grub and ran update-grub on sdb.  Can anyone tell me if I need to update the initramfs as well?
<_ruben> jefgy: why would that be needed? the initramfs is on the raid
<_ruben> whoop .. just built my first 2-node pacemaker/corosync/drbd/apache/mysql cluster .. a mere PoC though, but still :)
<_ruben> within azure no less, with all its crappy limitations and oddities
<jefgy> _ruben: Each time I swap a drive I seem to end up booting to busybox and initramfs tells me it is unable to find the uuid.  I didn't know if maybe the initramfs points to the uuid of the replaced drive in some way
<jefgy> _ruben: in which case maybe updating the initramfs could resolve the issue
<_ruben> I'd expect the initramfs to point to the (uuid of the) raid volume(s), and not the disks themselves, that shouldn't change .. could be wrong tho
<_ruben> been ages since i dealt with such a scenario
<failmaster> anyone?
<RoyK> !ask | failmaster
<ubottu> failmaster: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<failmaster> hey guys, i assume that i will end up with "unusable" system, due to the fact that 13.04 server doesn't want to use a keyfile for luks authorization during boot process, https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone?
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,Invalid]
<RoyK> no idea - I don't use non-LTS for servers
<failmaster> RoyK, fair enough, i already know it's a bad idea
<RoyK> failmaster: I don't understand - do you want to hardcode the encryption keys?
<failmaster> RoyK, the end goal is to have fully encrypted instance with key files on removable /boot media
<roaksoax> Wq
<RoyK> ok
<RoyK> failmaster: it still will be insecure, though, unless you bring that usb plug with you and it's not sitting in the machine permanently
<failmaster> RoyK, i know, that's why i do bring it
<failmaster> RoyK, it was working on 12.04 =) And strangely works on 13.04 with any media but / hdd
<RoyK> why did you upgrade the server?
<failmaster> RoyK, i had an adventure with destroying the media
<RoyK> what media?
<failmaster> with bootloader and keys
<RoyK> oopsie
<RoyK> can you spell "backup"?
<failmaster> RoyK, no, because in russia you may spell it to someone you don't know actually during rectal cryptoanalysis procedures which will make the whole idea useless
<RoyK> ok
 * RoyK isn't in russia and doesn't know the full length of the surveillance there
<RoyK> failmaster: is it that bad that you'll need full encryption everywhere?
<failmaster> RoyK, encryption is pretty much illusion because it will be as easy as that, no matter what you've done or not, your hdds will be formatted and some kind of cp will be dropped on it and u will be jailed for it
<RoyK> how nice :P
 * RoyK is from .no
<failmaster> RoyK, it's hard to draw a real picture, but to have one is a strong point
<RoyK> are you russian, or do you just live there?
<failmaster> if you'll reach public stats on corruption level you'll may be have a clue
<failmaster> RoyK, only insane ones, gerard depardieu and snowden will move to our desperate lands
<WG1337> Hi! Is there a way to get php 5.4 on 10.04 LTS?
<sarnold> WG1337: you could try to rebuild the raring packages yourself, or you could ask for a backport: https://wiki.ubuntu.com/UbuntuBackports
<WG1337> oh, ok, thanks!
<DWSR> RoyK: gnip
<Exio666> esta Exio4?
<failmaster> guys, i have a problem trying to switch passphrase to keyfile authorization for root partition, while it works flawlessly for others on 13.04, however, the end-goal scheme used to work fine on 12.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone?
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]
#ubuntu-server 2013-08-08
<failmaster> guys, i have a problem trying to switch passphrase to keyfile authorization for root partition, while it works flawlessly for others on 13.04, however, the end-goal scheme used to work fine on 12.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone?
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]
<freze> are there any vps guides?
<freze> like a frist-step guide on what to do after getting into the server
<freze> i.e. setting up ssh etc.
<freze> does apt-get have a user friendly package management
<anepanaliptos> it is user friendly.
<anepanaliptos> if you're running gnome 'software center' -- if you're on kde, 'package manager'
<anepanaliptos> or aptitude from the command line.
<freze> I meant like aptitude
<anepanaliptos> but most people just use apt-get install package
<anepanaliptos> or apt-cache search text | grep some nicer filter
<freze> apt-cache?
<failmaster> so as i expected i end up with unbootable system dropped into initramfs environment
<anepanaliptos> failmaster: oooo, i wish i could help you. but when it comes to that stuff, im clueless.
<anepanaliptos> post a little more info, what's up?
<failmaster> anepanaliptos, attention to the subject in more than i could expect
<failmaster> i have a problem trying to switch passphrase to keyfile authorization for root partition, while it works flawlessly for others on 13.04, however, the end-goal scheme used to work fine on 12.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]
<failmaster> i suspect this issue is the same one
<failmaster> pretty much similar setup with the only difference that in filed case he had a key on root fs and was mounting another non-root drive
<failmaster> but i see connection between things especially after i've read answers of maintainers https://answers.launchpad.net/ubuntu/+source/cryptsetup/+question/37176
<failmaster> most probably i'm wrong, but it's a bug, definitely, besides this debian wheezy and 13.04 server have a common issue not including usb drivers necessary to provide usb keyboard working at the stage when i'm craving for it in order to enter luks passphrase after first reboot =)
<failmaster> but that's an old story
<failmaster> no options but 12.04 actually
<failmaster> the most smooth setup of such configuration atm
<hanuman> hi
<hanuman> i am installed kvm lvm based virtualmachine with dhcp, how can i get that virtual machine console
<hanuman> i installed kvm lvm based virtualmachine with dhcp, how can i get that virtual machine console
<SpinningWheels> i keep getting a message of "E: Internal Error, No file name for libssl1.0.0" when i attempt to apt-get -f install
<freze> what kernel does 13.10 run?
<jc> sarnold: Just to follow up on last night, my plan worked!
<jc> sarnold: Renumbered new server from a 10.0.4.x/255.255.252.0 address to a 10.3.0.x/255.255.255.0 address, reconfigured the switch port and updated DNS, and it magically eliminated that ten-second connect delay
<jc> sarnold: I hate DNS :/
<freze> should I disable the root userr?
<andol> freze: Well, you definitely want to have the root user in one capacity or another, but it might be worth disabling root logins, at least remote ones.
<freze> andol by remote you mean ssh ones?
<andol> freze: That would be the most common yes, unless you have set something additional up.
<freze> andol: got it. sudo login root doesn't work by default right?
<andol> freze: Not sure I follow...
<freze> as in   "$sudo login root"
<andol> Not sure, have never tried using the login command that way. Still, if you have full sudo right you can always do something like "sudo -i", and get a full root shell
<freze> that works
<freze> ty
<freze> I did: sudo apt-get --purge remove apache2
<freze> then I checked ps -A and apache2 is still running? How's possible if I uninstalled it.
<andol> freze: I assume you still have a package apache2-mpm-something?
<andol> freze: I'd say the easiet way to delete all apache2-related packages would be removing the apache2.2-common package. Just double that apt then don't also removes more than you want it to.
<freze> hmm not sure. This ubuntu image game with apache2 preinstalled
<andol> freze: dpkg --list | grep -i apache
<freze> andol: that helps  I see a ton of apache packages
<freze> I'll uninstall them
<andol> freze: By the way, familiar with the | thingy? (Usually refered to as a pipe)
<freze> yep
<freze> I's this a good idea sudo apt-get remove apache2*
<Semor> how to install systemtap on ubuntu precise1 kernel ?
<bobz_zg> hi, anyone can help please. I have trouble with permissions on files i upload over FTP, i'm in group www-data, but when I upload filss over FTP they have have permissions 600, instead of 644 or 755. any advice?
<lotia> hello all. working on an upstart job for ubuntu 12.04 LTS and am using the setuid directive within the job. I need to make sure certain directories exist, and can use the pre-start section, but the user being set may not have privileges to create the directories.
<lotia> is the normal pattern to have another upstart task that creates directories and have that run as root?
<jodh> lotia: yes
<lotia> jodh: thanks
<freze> can I safely delete usr/games
<rbasak> jamespage, yolanda: are you aware of squid3's dep-wait on libecap2-dev in saucy-proposed?
<yolanda> rbasak, no, first notice
<yolanda> rbasak, no, sorry, yes, i forgot it
<yolanda> i filed a MIR for it
<yolanda> https://bugs.launchpad.net/ubuntu/+source/libecap/+bug/1200173
<uvirtbot> Launchpad bug 1200173 in libecap "[MIR] libecap" [Undecided,New]
<rbasak> thanks yolanda!
<rbasak> mdeslaur: ^^
<Rapid2214> Hello, Has anyone got experience with HP DL360p and Ubuntu 12.04 with bonding?
<rbasak> !anyone | Rapid2214
<ubottu> Rapid2214: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<Rapid2214> Ok thanks, When setting up a bond on this hardware, it does not come up, whereas on a G7, the bond is initialises correctly
<jamespage> Rapid2214, its possible that the G8 hardware works better with a newer kernel version that 3.2 as in 12.04
<jamespage> Rapid2214, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack on how to install later kernels on 12.04 in a supported manner
<mardraum> Rapid2214: you should also run the latest hp fimrware update dvd/usb on the hardware
<mardraum> firmware*
<Rapid2214> mardraum, I have updated all the firmware from HP - just did a test running: ifenslave bond0 eth0 - and it forces it in, normal ifup or boot doesn't seem to be adding the device - I will look at the kernels
<Rapid2214> jamespage, intended for use on x86 hardware at this time :/
<Rapid2214> Thinking the resolution to this bug will fix it, will let you know https://bugs.launchpad.net/ubuntu/+source/linux/+bug/996369
<uvirtbot> Launchpad bug 996369 in linux "bond slave interface sometimes does not come up on boot" [Medium,Confirmed]
<mdeslaur> rbasak: thanks
<pimpf> hello
<pimpf> someone alive? need bit help
<xerxas> Hi all
<xerxas> I would like apport / whoopsie to send me an email when a program has core dumped
<xerxas> is it possible ? if so , how ?
<rbasak> !ask | pimpf
<ubottu> pimpf: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<DenBeiren> is there a known working tut to enable bonding in 12.04?
<zul> jamespage:  hey half the sqlalchemy patch that we are carrying i pushed upstream
<smoser> hallyn, around ?
<Rapid2214> DenBeiren, I've been spending all morning on that - What do you need?
<smoser> hallyn, http://paste.ubuntu.com/5962517/ is my rework of lxc-ubuntu-cloud to support clone
<smoser> but i dont think clone is calling my lxc.clone.hook
<smoser> stgraber, maybe ?
<qman__> xerxas, I don't know if apport has that sort of feature, but you could write your own script which uses inotify to watch apport's log directory and sends you an email when a new file is created
<xerxas> qman__: right, thanks. I think apport or whoopsie (don't know which one) , should have this sort a feature ... ;)
<hplc> is it possible to get a more server-like interface?, somewhat a server console where i can control and configure common server software?
<Rapid2214> hplc, a command line, what do you have at the moment?
<hallyn> smoser: sorry, i'm here
<hplc> Rapid2214: a base ubuntu server install with gnome running on top of it
<Rapid2214> hplc, just open terminal or use SSHD to connect to a terminal session remotely
<Rapid2214> <3 CLI
<hplc> but kinda want the "classical" gui interface, where ftp cifs rsync and such is gatheresd
<smoser> hallyn, you see that ?
<smoser> it just doesn't seem to invoke me on clone
<hallyn> looking
<hplc> well CLI console would do too for that matter
<hallyn> smoser: I think it'd be better to just ship a standard clone hook in /usr/share/lxc/hooks
<hallyn> rather than have the template write it out
<Rapid2214> hplc, not sure what you mean about a classic gui, terminal is the best imo
<smoser> ok. i didn't know of /usr/share/lxc/hooks.
<smoser> i'm ok with that.
<smoser> but its not getting called anyway :)
<hallyn> :)
<hallyn> still looking
<hallyn> smoser: which lxc version are you running?
<stgraber> hallyn: not sure if you saw sarnold's comment on the MIR bug, anyway, I'll take care of getting LXC to build with the right hardening flags (not sure why it's not already the case ...)
<hallyn> stgraber: I did see it.  I won't be ENTIRELY surprised if something breaks with those flags
<hallyn> (i.e. some clone bits)
<hallyn> but hopefully it just works
<tomtom565> Hello>
 * hallyn wishes add-apt-repository were installed byd efault in containers
<hallyn> sick of guessing the source package based on release :)
<smoser> hallyn, ppa from yesterday
<smoser> lxc     0.9.0.0~staging~20130726-2106-0ubuntu1~ppa1~saucy1
<hallyn> thanks, setting that up
<hplc> hmm CLI it is then, what ftp server to go for? its on the inside, wont ever get in touch with external net, just need to be fast to setup
<hallyn> smoser: hm, ubuntu-cloud requires uuidgen, guess we should add that to Depends
<pimpf> have a question on how to install varnish on ubuntu
<pimpf> i follow a tutorial and in this he write up "Create the file http://repo.varnish-cache.org/ubuntu/ precise varnish-3.0 and put the following in it:"
<pimpf> what means this? and who i have to upload the "file" ???
<lotia> pimpf: that is a repo definition. It should be put in a file in /etc/apt/sources.list.d
<lotia> should be named something like varnish.list
<hallyn> smoser: it runs for me.  at least at lxc-clone -o c1 -n c2.
<hallyn> i cut-pasted your hookfile contents to /usr/share/lxc/hooks/cloud, and added lxc.hook.clone = /usr/share/lxc/hooks/cloud to c1's config
<hallyn> now you're also wanting to run the hook at lxc-create.  that's a semantic stretch that i don't really like...
<pimpf> thx lotia
<hallyn> smoser: doh!  you have 'lxc.hook.mount' , not 'lxc.hook.clone'
<rbasak> zul: http://www.theregister.co.uk/2013/08/08/google_backs_mariadb/ - how's the mysql alternatives blueprint going?
<zul> rbasak:  waiting for debian
<zul> SpamapS: ^^^
<DenBeiren> Rapid2214: it's been a while since i last played with bonding,.. i remember that i didn't get it to work :-)
<DenBeiren> i'd like the two nice to work together to double the throughput
<hplc> isnt it carp thats supposed to handle nic fallback/failover?
<rbasak> zul, SpamapS: do you think we'll have it done for Saucy? Assuming that Oracle don't address the pain points we summarised at the UDS, I don't want to see the door closed for switching to mariadb in main for T.
<zul> rbasak:  totally
<zul> rbasak:  im not sure done though since mysql mailing lists on debian are filled with spam
<jamespage> zul, https://code.launchpad.net/~james-page/heat/redux/+merge/179197
<Rapid2214> Quick question, if I have installed a package using dpkg -i package.deb, will aptitude upgrade it when it has an update? I am guessing so? (Needed to install some networking packages from virtual iLO floppy)
<jamespage> zul, we probably want to push a snapshot asap-ish so we can drop quantumclient in full
<jamespage> Rapid2214, yes
<zul> jamespage:  reading
<zul> jamespage:  +1 you have restored my faith in humanity and my sanity
<Rapid2214> Thanks James
<zul> jamespage:  if you want to upload a snapshot for heat that would be cool with me just make sure you do python setup.py sdist
<jamespage> zul, yeah - just done one
<jamespage> will upload shortly
<zul> ok
<zul> and then i can stop cursing
<koolhead17> alex88, hola
<alex88> koolhead17: oh hi man :)
<alex88> wassup?
<koolhead17> am gud you tell me?
<alex88> yeah I'm fine man, tons of work due some near milestones :D
<alex88> have to be fast  :D
<jamespage> zul, uploaded
<zul> jamespage:  cool dont forget about the CA
<jamespage> zul, yeah - I'll let it pass the autopkgtests first tho!
<zul> jamespage:  ack
<smoser> hallyn, ok. so that was me being wrong there.
<smoser> but it exposed and issue i think
<smoser> the clone hook is specified in the config as /var/lib/lxc/precise-amd64-source/config
<jamespage> zul, blimey - tests failed
 * jamespage sighs
<jamespage> zul, I'll limit the concurrency and try again
<zul> jamespage:  im not really surprised
<smoser> but when 'clone' happens, the replace of 'old-root' to 'new-root' has already occurred, so it says
<smoser> sh: 1: /var/lib/lxc/ephem2/ubuntu-cloud-clone-hook: not found
<jamespage> zul, I've seen similar issues with other projects
<jamespage> high levels of concurrency seem to bork things up
<zul> jamespage:  ah yes
<zul> rbasak:  ping
<smoser> hallyn, i think its reasonable for a hook to be in the directory for the container, and that seems impossible here.
<derrik> whats the best linux administrator book?
<hallyn> smoser: I put the hook in /var/lib/lxc/c1/ and called it from there, still works
<hallyn> smoser: does /var/lib/lxc/ephem2/ubuntu-cloud-clone-hook in fact exist?
<smoser> hallyn, http://paste.ubuntu.com/5962884/
<hallyn> will look in a bit, lemme <scribble> finish this other thing
<smoser> hallyn, other thing...
<smoser> name=ephem1 section=lxc hooktype=clone rootfs_mount=/usr/lib/x86_64-linux-gnu/lxc rootfs_path=overlayfs:/var/lib/lxc/precise-amd64-source/rootfs:/var/lib/lxc/ephem1/delta0
<smoser> those are the args i get passed to my clone hook
<smoser> err... args and environment variables
<smoser> i dont find 'rootfs_mount' or 'rootfs_path' terribly useful in that state.
<smoser> i can surely fiture out how to parse 'overlafs:....:' (which actually breaks if there is a ':' anywhere in the persons path), but it seems silly for me to do that.
<hallyn> smoser: oh, copying the hook is not done by default, you have to say '-H'.
<hallyn> maybe that's silly
<hallyn> but it doesn't try to guess based on pathanme what you wanted,
<hallyn> (which would get very complicated and fragile),
<hallyn> so if you're using /usr/share/lxc/hooks/cloud-clone, and you said lxc-cloen -H, then it would copy cloud-clone into your container dir
<jamespage> zul, OK - heat passed the dep8 tests now
<smoser> hallyn, i'm saying i can copy it.
<smoser> but it should'nt lie to me and change it.
<hallyn> ?
<smoser> the config i said to clone said that the hook was '/var/lib/lxc/precise-amd64-source/ubuntu-cloud-clone-hook'
<smoser> but lxc decided it should run a completely different program
<smoser>  /var/lib/lxc/ephem1/ubuntu-cloud-clone-hook:
<smoser> that seems arbitrary.
<hallyn> i thought i just got rid of that yesterday actually
<zul> jamespage:  just got the email
<zul> jamespage:  \o/
 * jamespage dances around a bit
<smoser> hallyn, ok. so for rootfs_path=overlayfs:/var/lib/lxc/precise-amd64-source/rootfs:/var/lib/lxc/ephem1/delta0
<smoser> could you give me something more useful as the 'LXC_ROOTFS_PATH'
<smoser> and what is LXC_ROOTFS_MOUNT
<hallyn> smoser: i do.  use rootfs-mount
<smoser> no
<hallyn> rootfs-mount is where the path gets mounted
<smoser> that is less useful
<smoser>  /usr/lib/x86_64-linux-gnu/lxc
<hallyn> it's where you can update your rootfs
<smoser> unlikely
<hallyn> ?
<hallyn> have the hook do an ls of that.  it certainly should be.
<hallyn> gets mounted at lxccontainer.c:1813
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/nova/nova-tests-refresh/+merge/179215
<smoser> hallyn,
<smoser> â­ sudo lxc-clone -B overlayfs -o precise-amd64-source -s -n ephem1
<smoser> LXC_CONFIG_FILE='/var/lib/lxc/ephem1/config'
<smoser> LXC_NAME='ephem1'
<smoser> LXC_ROOTFS_MOUNT='/usr/lib/x86_64-linux-gnu/lxc'
<smoser> LXC_ROOTFS_PATH='overlayfs:/var/lib/lxc/precise-amd64-source/rootfs:/var/lib/lxc/ephem1/delta0'
<smoser> LXC_SRC_NAME='precise-amd64-source'
<smoser> you're telling me that /usr/lib/x86_64-linux-gnu/lxc is my root directory ?
<jamespage> zul, I'm going to have to backport python-boto as well to support heat in the CA
<stgraber> hallyn: I fixed the lxc packaging branch (again) :)
<hallyn> smoser: whiel you're running the clone hook, yes
<hallyn> stgraber: ?
<stgraber> hallyn: ubuntu:lxc was 6 uploads behind the archive
<hallyn> how?  noone's been updating it by hand have they (we/me)?
<zul> jamespage:  ack
<zul> wasnt it already thre?
<smoser> hallyn, ok.  you were right.
<smoser> is that racy ? or am i in some alternative namespace
<jamespage> zul: http://people.canonical.com/~jamespage/ca/havana/
<jamespage> zul, no - I was slightly surprised as well!
<zul> jamespage:  +1
<zul> jamespage:  we should be ok for autopkgtests for openstack now should we? no surprises right
<hallyn> smoser: does that suffice then?
<smoser> hallyn, it would seem to, but is that racy ?
<hallyn> sounds like i'll need to update the lxc.conf manpage
<hallyn> no
<smoser> or am i in an alternative namespace
<hallyn> yes
<smoser> (and yes, those variable names are wierd too)
<hallyn> yo'ure in a separate namespace so that the mount will get cleaned up
<hallyn> i didn't come up with them :)
<smoser> since 'rootfs_path' is not the "root filesystem path"
<hallyn> it's the root filesystem src i suppose
<hallyn> can be a directory, blockdev, or now more complicated blobs
<hallyn> i'm not sure we can safely change that now without impacting existing users
<hallyn> 'lxc.rootfs' has menat what it means since 2007 or so
<smoser> i dont care. but at least you shooud update the man page to explain them better it hink
<smoser> exmamples would help also
<hallyn> agreed
<jamespage> yolanda, not sure I understand your question re emails+MIR?
<Daviey> jamespage: solved.. ~ubuntu-server needed to be added as a bug subscriber for a MIR package
<jamespage> Daviey, ack
<jamespage> does that mean squid3 is now unblocked?
<Daviey> jamespage: almost..
<hallyn> smoser: marked todo
<stgraber> hallyn: sure enough, turning on the hardening flags makes LXC ftbfs :)
<hallyn> shucks
<stgraber> hallyn: warning: the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'
<hallyn> stgraber: can you pb a list of all the warnings and i can address them this afternoon?
<stgraber> hallyn: well, actually that one warning is a false positive as we use mktemp to get a random name and not to get filename we'd then open
<stgraber> hallyn: so I need to figure out how to override this one :)
<hallyn> excellent then i can whip up the unprivileged nic use for lxc program instead!
<hallyn> though i really need to go through the coverity warnings at some point
<hallyn> some of the new ones were valid
<stgraber> hallyn: gah, there's apparently no way to override a linker warning? ...
<hallyn> kees: ^ what burnt offerings to we throw the linker's way to appease it?
<hallyn> iow we don't want mkstemp or mkdtemp bc we dont' want a file/dir created
<stgraber> hallyn: I think I'll just cheat and copy the gettemp function from bionic and use that instead of mktemp ;)
<hallyn> security misfire
<stgraber> well, I'l also drop anything that deals with files in there as we clearly don't care about that
<sarnold> stgraber: heh, thanks for silencing that mktemp warning, too. :)
<stgraber> sarnold: well, it looks like it's causing a FTBFS so I don't really have a choice ;) though it actually seems odd for that warning to be the cause of the ftbfs.
<stgraber> sarnold: https://launchpadlibrarian.net/147098836/buildlog_ubuntu-saucy-amd64.lxc_0.9.0-0ubuntu19~ppa1~saucy1_FAILEDTOBUILD.txt.gz thoughts?
<jamespage> rbasak, did you notice that there is a mysql-5.5 update stuck in proposed?
<sarnold> stgraber: ow! that seems needlessly draconian. :)
<sarnold> stgraber: granted, this may be the one safe use of mktemp() left :) but .. ouch.
<stgraber> so I'll take a look at this tomorrow (EOD here and got to leave), I think the right way to fix that is to create a mkifname function which essentially does the same as mktemp but for interface names, so takes a template, replaces X by a random char, then check that /sys/class/net/<name> doesn't exist
<roaksoax> Daviey: if you have the chance, could you review 'dlm' from the new queue? It is an entirely new package that I need in the archive. Debian doesn't have it yet cause I need to forward the packaging
<stgraber> it's going to be racy but there's no way around that and it's already going to be much better than our current mktemp (and won't trigger the warning)
<roaksoax> and till it hits the debian archives can take foreever
<sarnold> stgraber: have a good night :)
<Daviey> roaksoax: not right now.. but tomorrow i can.
<roaksoax> Daviey: works for me :). Thanks!
<rbasak> jamespage: no
 * rbasak looks
<rbasak> jamespage: I'm not sure what's going on there. I can't find the Jenkins failure log.
<jamespage> rbasak, I can even start mysql from proposed right now
<rbasak> jamespage: http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<rbasak> jamespage: it says one Jenkins job failed and another is running
<rbasak> jamespage: I'll look at it tomorrow if nobody else does by then.
<jamespage> rbasak, thanks much appreicated
<petey> would a 500 internal server error be from going through bandwidth?
<sarnold> unlikely
<patdk-wk> a 500 error is *very specific*
<patdk-wk> no responce from cgi
<petey> ah okay
<petey> server overload?
<petey> could it possibly be a server overload, not enough memory or CPU ?
<SpinningWheels> i tried this rm -R folder[1-10] intending to delete folders folder1 ... folder 10, it says cannot remove folder[1-10]
<sarnold> SpinningWheels: the shell won't turn [1-10] into 1, 2, 3, ...
<hggdh> hum. bug 1160490 seems to be interesting
<uvirtbot> Launchpad bug 1160490 in ifupdown "race condition updating statefile" [Undecided,Confirmed] https://launchpad.net/bugs/1160490
<SpinningWheels> http://www.codecoffee.com/tipsforlinux/articles/26-1.html ?
<sarnold> SpinningWheels: you could either run: for i in `seq 1 10` ; do rm -R folder${i} ; done   or you could run: rm -R folder10 folder[123456789]   -- at least I think that second one would work
<qman__> you could also do rm -R folder[1-9] folder10
<SpinningWheels> lol. my range isnt actually 1-10, that was for example. the for i in seq works fine :)
<qman__> the point is, the regex you selected is a character match, not a counter
<SpinningWheels> yeah i see what i did now.
<qman__> so it only applies to one digit at a time
<jefgy> my root device is /dev/md5.  it's defined in fstab as /dev/md5.  I'm receiving a warning when I run update-intiramfs "cryptsetup: WARNING: failed to detect canonical device of /dev/md5"  should I be referencing the uuid for md5 instead of the device itself? I.E.  $ blkid /dev/md5  /dev/md5: UUID="5d79c9fb-b720-4895-b48a-4404b1ec9358" TYPE="ext4"
<smoser> hallyn,
<smoser> https://github.com/smoser/lxc/tree/uc-clone-hook
<smoser> tell me what you think of that.
<smoser> i've not actually tested all the way though yet.
<SpamapS> rbasak, zul: Don't wait for _ME_ to do anything for MariaDB. Join the debian packaging team and review the packages Otto K has already produced and help us get them uploaded.
<SpamapS> rbasak, zul: I barely have time to upload security fixes.
<qman__> jefgy, yes, you should use UUIDs for all drives in fstab, as the device names change depending on order of disk detection and other conditions in udev
<qman__> you can't count on the device nodes being the same between boots
<SpamapS> qman__: another option is filesystem labels
<SpamapS> which gives you a way to move root filesystems without changing /etc/fstab
<hallyn> smoser: sorry, looking
<smoser> hallyn, great.
<smoser> i will try to build a ubuntu package and instlal and see how it goes.
<hallyn> smoser: you have 'return 1' from clone()...  that 1 doesn't actually do anything right?
<LargePrime> hi all
<LargePrime> I have an ssh user i want to give sudo to
<LargePrime> what do i need to know
 * hallyn going out for a walk, intend to be on a lot tonight - \o
<LargePrime> see ya
<LargePrime> o /
<LargePrime> ok was using visudo and lost connection
<LargePrime> now visudo is busy
<LargePrime> how do i kill it
<Rapid2214> killall <command>
<LargePrime> so "killall visudo" ?
<LargePrime> Rapid2214:  how do i know the process name
<qman__> LargePrime, lsof | grep /etc/sudoers
<qman__> unless it names it something else
<qman__> that works but you can also kill the editor process
<qman__> visudo copies /etc/sudoers to a sudoers.tmp file, and then opens that with editor (a symlink to your default editor)
<qman__> once that editor process ends, it determines what to do
<qman__> if you save and the file validates, it copies over sudoers
<qman__> if not, it just deletes the tmp file
<LargePrime> Thanks qman__  and Rapid2214
<LargePrime> I am doing this
<LargePrime> to enable sudo over ssh with keys
<LargePrime> http://siliconexus.com/blog/2012/11/sudo-authentication-via-ssh-agent/
<LargePrime> but it is not workig
<LargePrime> thoughts?
<qman__> seems a little too complicated, what's your use case?
<qman__> for example, I use backuppc to back up my systems, and it needs an unprivileged user with sudo access over SSH to cooy all files, so I add a line to sudoers that allows it to use the one specific command it needs without a password
<patdk-wk> god helps if someone gets qman's backuppc user account :)
<patdk-wk> in my case, I do the oppisite
<patdk-wk> user logs and sudo both require 2factor
<patdk-wk> publickey is ok to login, but not for sudo
<qman__> that's true, but that's why it has no password and a key
<qman__> I trust that key to be pretty strong and well guarded
<patdk-wk> I don't
<patdk-wk> I trust it is as well guarded as their password
<patdk-wk> not at all
<sarnold> a backup key is different than a human-controlled key
<sarnold> how does your bacula connect to other hosts? :)
<patdk-wk> sarnold, depends on how well the server that has the backup key is controlled
<patdk-wk> open access to the internet? or via proxy
<patdk-wk> just have habbits, and those habbits go as wide as possible, with rare exceptions
<blkperl> where can I find ubuntu cloud images in QCOW2 format>
<sarnold> blkperl: qemu-img convert  may be able to help you
<blkperl> the ubunto cloud image website is really good at redirecting to itself :S
<LargePrime> qman__: I just need to give a ssh user sudo
<LargePrime> And i have passwords disabled
<LargePrime> and I am a total noob
<LargePrime> Do i just need to give him the sudo password
<LargePrime> or can i have him auth vs his key
<LargePrime> or perhaps i should ask, WTF should i be doing?
<sarnold> hehe :)
<sarnold> LargePrime: sudo normally uses their user password, from /etc/shadow. you can configure sshd to require publickey for login and not allow passwords (no point to the brute-force ssh login attempts..)
<sarnold> LargePrime: but the user can still have a password that is used for sudo
<LargePrime> that is what i have.  no pass auth
<LargePrime> and how do i set that password for sudo
<blkperl> by giving the user a password
<blkperl> as long as password auth is disabled they won't be able to use to login
<LargePrime> ok then
<sarnold> if the user does not yet has a password, "sudo passwd <username>"
<LargePrime> but CAN i configure it to use a key
<LargePrime> and would that be a seperate key
<sarnold> LargePrime: hrm. I don't see any packages matching my keyword guesses for that, not quite like the webpage you found..
<LargePrime> ok so that worked
<LargePrime> thanks sarnold
<sarnold> LargePrime: cool :)
<LargePrime> dont have key auth
<LargePrime> but i can go forward
<LargePrime> I want you all to kow that I really appreciate your vollenterring
<LargePrime> and that you don't make fun of my spelling
<sarnold> LargePrime :D woot
<qman__> patdk-wk, it's my key, stored on my server, no one else has access to it
<qman__> except maybe NSA spooks, but you know
<freze> where do you all store your sites? /usr/share/nginx/site.com is that a good folder with rwxr-xr-x (751) permissions?
<qman__> point being, if they can manage to steal that key, they can manage to get in anyway
<qman__> I trust it to be strong enough that brute force is not feasible
<sarnold> freze: (a) use whatever works for you (b) i'd put them in /var/www/ or /srv/www ... I like /usr to be completely controlled by the distribution
<sarnold> freze: granted, /usr/local/ isn't under control of the distribution, but those are pretty rare for me anyway
<qman__> agree, I don't touch anything in /usr except /usr/local
<qman__> for servers with sites that are all managed by me, I put them in /var/www/sitename
<qman__> for servers with user-managed sites, I usually have a homedir based setup
<freze> qman_ every user gets a directory in /home/ for sites ?
<qman__> they can, depends on how you set it up
<freze> Got it. What do you mean by /usr is completely controlled by the distribution?
<qman__> if you start changing files around in /usr, you might get your changes overwritten by software packages / updates
<freze> ahh
<qman__> because the package manager assumes that (most) everything in there is part of a package
<qman__> with the notable exception of /usr/local which is generally left for you to mess with (but not always, some packages still do stuff there)
<zerick>  Is it possible to resize, create partitions on hot ?
<sarnold> zerick: investigate lvm, it may do what you want
<failmaster> zerick, define "on hot"
<zerick> failmaster, alive maybe ?
<failmaster> zerick, they become alive technically after they were recognized by bios
<freze> is 25MB memory for aplain system sound about right?
<zerick> failmaster, well, I was refering doing it while the system is UP
<zerick> not using a live-cd
<sarnold> freze: 25M feels awfully tiny. why so small?
<failmaster> zerick, btrfs is a nice suggestion for that case, but i'm not familiar with it mostly because i prefer the very stable things in general terms, like ext
<failmaster> broken fs is a bigger problem rather than unstable software from my subjective point of view
<freze> sarnold: I have nothing but the default installation running
<zerick> failmaster, isn't Ubuntu porting that on a future as the main fs ?
<failmaster> zerick, sometimes it is a good idea to "draw the whole picture" for community, maybe there are another ways to achieve the end goals, who knows
<failmaster> zerick, maybe, but again, i personally don't trust that much to such statements "it was ported as main == it's stable enough for sure"
<failmaster> that's just me anyways
<zerick> failmaster, well, I heard that a long time before, that Ubuntu, well, Canonical, was investing on it
<qman__> zerick, it's possible depending on the filesystem
<qman__> with ext[234] you can expand but not shrink while mounted
<failmaster> zerick, they also were investing in unity and all that stuff i consider totally pointless, but again, it's just me =)
<freze> does this make sense: * 10800 IN CNAME @    I want all the subdomains to point to my a record
<freze> @ 10800 IN A 192.168.1.1
<freze> example
<Patrickdk> freze, sure, but that won't do that
<freze> Patrickdk: the CNAME wont work? I'm following and that's how they have it setup which confused me, because I didn't think you could have at @ symbol for the address in * 10800 IN CNAME @
<Patrickdk> oh, no, the cname will *work*
<Patrickdk> but it will have other side effects
<freze> Will it point all subdomains to the domain, which will then route to the IP specified in the A record
<Patrickdk> depends on the dns server
<Patrickdk> a cname redirects ALL lookups, not just A
<Patrickdk> so it will also redirect NS, MX, ....
<qman__> wildcard DNS causes a lot of issues in general, and I recommend against it
<qman__> makes troubleshooting in particular rather difficult
<freze> I just want all subdomains to point to my domain. Is the better way to do it this:  * 10800 IN CNAME mydomain.com
<freze> would that prevent NS,MX redirection..
<qman__> no
<arooni-mobile__> how can i upgrade my ubuntu 10.04 LTS to 12.04 LTS?
<qman__> NS and MX records are defined in the SOA nameserver
<qman__> the only way to redirect or change them is to intercept DNS and specify changes, which you as the site owner have no control over regardless
<qman__> arooni-mobile__, sudo apt-get update; sudo apt-get dist-upgrade; sudo do-release-upgrade
<qman__> the latter does the actual release upgrade, but you should update your 10.04 first
<qman__> freze, a better question is, why do you want to do this? I can't think of any task or situation where wildcard DNS is a good idea
<arooni-mobile__> how long does that take
<arooni-mobile__> i'm having trouble with DNS resolution.  theres nothing in /etc/resolv.conf
<arooni-mobile__> i tried adding to /etc/network/interfaces '    dns-nameservers 8.8.8.8 8.8.4.4'  ... but i'm getting no name resolution
<freze> qman__ I guess that is a good point. Since the main website is: example.com I thought it would be good for users who type www.example.com or by accident wwww.example.com to be redirected to example.com
<sarnold> arooni-mobile__: that'll only change /etc/resolv.conf when interfaces come up or down. change /etc/resolv.conf directly ..
<qman__> freze, in my opinion it would be better to simply create a www cname, and set up your web server to redirect to the main site
<sarnold> freze: URL rewriting or redirects would be far better..
<freze> how about a permanent redirect fro www -> example.com
<freze> from www.example.com
<arooni-mobile__> sarnold, but on a restart or something wont that go away?
<sarnold> arooni-mobile__: sure, but you can fight that later :)
<arooni-mobile__> sarnold, ok i got it working now by editing resolv.conf;  should my addition to /network/interfaces work on restart?
<sarnold> freze: http://en.wikipedia.org/wiki/HTTP_301
<sarnold> arooni-mobile__: probably, yes
<freze> sarnold: yeah that looks like the best option instead of having the webserver handle the redirection. I'll do it from the dns page
#ubuntu-server 2013-08-09
<GH0> Hello, I seem to have run into an issue with two files not appearing in KDE's menu, however, when attempting to rescan and re-add these, I get the following errors.
<GH0> kbuildsycoca4(16401) KConfigGroup::readXdgListEntry: List entry Keywords in "/usr/share/applications/firefox.desktop" is not compliant with XDG standard (missing trailing semicolon).
<GH0> kbuildsycoca4(16401) KConfigGroup::readXdgListEntry: List entry Categories in "/usr/share/applications/kde4/k4dirstat.desktop" is not compliant with XDG standard (missing trailing semicolon).
<GH0> However, I noticed that not all files in the folder have a trailing semicolon, so I was wondering if anyone could either paste their files listed in that folder, or if they could show me a way to replace those files through a reinstall or something?
<GH0> Because purge doesn't remove the files.
<sarnold> GH0: you may wish to try #ubuntu, most servers don't have desktops installed :)
<GH0> Lol, well, I figured that because I was running a server build, the best thing to do was ask in here first before being told to bring it in this channel. Will do though.
<sarnold> GH0: the difference is more in package selection than anything else :)
<arooni-mobile__> i have a ubuntu VPS linode server running 10.04.  i want to upgrade to ubuntu 12.04.  its giving me a warning about doing it over SSH... any precautions i should take?
<sarnold> arooni-mobile__: make sure the linode console lets you request "reboots" or whatever it is you get to do there when things go wrong :)
<freze> my vps has the option for a reverse dns for all my ips. What is this used for?
<arooni-mobile__> for my ubuntu 12.04 server;  is there a way to run updates on it automatically?  or do i have to manually do upgrades for packages?  im thinking specifically for security issues
<sarnold> arooni-mobile__: install the unattended-upgrades package
<arooni-mobile__> sarnold, so that will auto download security updates and install them?
<arooni-mobile__> dont need to do antyhing else?
<freze> https://help.ubuntu.com/community/AutomaticSecurityUpdates
<sarnold> arooni-mobile__: I believe it can also be easily configured to get other updates, not just security updates, if you wish
<hallyn> sarnold: i'll have to reread it later, but i didn't quite get your dnsmasq proposal
<hallyn> maybe it'll make sense to me next time :)
<sarnold> hallyn, darn, I was afraid of that. I _knew_ waving my hands about would have helped..
<hallyn> sarnold: you talk about having containers put dnsmasq-libvirt into their resolv.conf.  but the whole point (istm) is that dnsmasq doesn't want to do secondary dns servers
<hallyn> i.e. every dns server should be a primary
<sarnold> hallyn: but I _think_ glibc's resolver is more forgiving
<hallyn> so if we're giogn that route, then it seems tome wejust need to teach people to put server=/lxc/10.0.3.1 and the like into their dnsmasq.conf
<hallyn> interesting
<hallyn> that would explain why the other guy wasn't having a problem when dnsmasq-lxc is not in strict-order
<sarnold> hallyn: and since the bug you pointed out has ~25 people affected, it might even be worth writing a forwarder that behaves as we'd like it...
<hallyn> my argumetn was that dnsmasq should still half the time be failing - but maybe glibc is "magically" making it work
<hallyn> sarnold: there is a patch shipped with the dnsmasq source to do it
<sarnold> hallyn: oh?
<hallyn> :)
<hallyn> but nto applied
<hallyn> and in face there are two versions,a nd both are again out of date
<sarnold> hallyn: I'll have to admit, after I spent two weeks trying to backport a security fix through all five versions of dnsmasq that we support, I kinda of grew some serious distaste for it. heh.
<hallyn> but there's that bug which i think i quoted in your bug, which poses and does nto answer the fundamental question: do we want dnsmasq to behave that way or not
<hallyn> you and i, i think, agree it should
<hallyn> but kelley, the dnsmasq author,d oes not
<sarnold> (I even spent two hours tring to smack a powerdns recursor in front of the whole thing, but got stymied by the lack of .lxc and .libvirt TLDs to forward to, as appropriate..)
<hallyn> and thood wants to respect the author i iiuc
<sarnold> and I'm even reasonably certain kelley's got very good reasons. at least when I read them, they make sense.
<hallyn> stgraber had mentinoed some other rsolver he had considered, but dnsmasq was already in main
<sarnold> but the sum total of what we've got is a very frustrating experience. :(
<hallyn> sarnold: well i can sum it up like this:
<hallyn> we can solve this problem pretty easily using server=/domain/resolver in dnsmasq.conf, but
<hallyn> that does NOT solve it generically, whereas resolv.conf did
<hallyn> so in that sens this is a regression
<sarnold> I have a feeling that dnsmasq is trying to do too many things at once. It feels like dhcp+authoritative should be one part. and forwarding+caching shuold be another part. and maybe even outright recursive a third part. but having all of them in one big blob is just .. a lot.
<hallyn> well, you might be right, but i don't think that really needs to affect this :)  this seems like just a question of teaste
<hallyn> taste
<hallyn> "all resolvers should be primary" vs "we should allow secondaries"
<arooni-mobile__> hey folks;  recently upgraded my ubuntu 10.04 box to 12.04 ... now the SSH is FUBARd... i cant ssh in on my port.  i'm logged in as rot; how can i fix?
<sarnold> yeah, that's just me redesigning the world to fit my preconcieved notions. :) But I _do_ think the problem might be more easily solved if we pretend it worked that way...
<hallyn> arooni-mobile__: is sshd running?  did you have a custmo config?
<hallyn> sarnold: I think "allowing secondaries allows more general solutions" is compelling
<sarnold> hallyn: or, at least, I thought it'd be worth floating past thood and you..
<hallyn> Any time that libvirt docs have to say "if you're running dnsmqsq, do this;  if you're running optimus, do that" we lose
<hallyn> sarnold: but i still didn't grok what you were saying in the email :)
<hallyn> i'll reread in the morning though
<arooni-mobile__> hallyn, sshd appears to be running; and yes my config file is custom; just changed the port; really
<sarnold> heh, libvirt "fixed" it by putting the whole configuration in C source anyway. damn near impossible to modify. :(
<hallyn> sarnold: yeah, that's a pain
<hallyn> taht's why i only mentioned lxc in my server=/lxc/10.0.3.1 example :)
<hallyn> arooni-mobile__: have you checked the config file to make sure it hasn't been overwritten?
<sarnold> arooni-mobile__: does netstat -lntp show sshd listening?
<sarnold> hallyn: please do let me know if it makes more sense in the morning. just go to bed thinking "flat dns" rather than "chained dns" and see if that helps... :)
<hallyn> sarnold: ok :)
<arooni-mobile__> hallyn, checked config file already; not overritten
<arooni-mobile__> tcp6       0      0 :::22222                :::*                    LISTEN      2247/sshd         ...its listening on the right port
<sarnold> arooni-mobile__: ipv6 okay? :)
<arooni-mobile__> ooh its because linode moved my IP address during the migration
<sarnold> o_O
<arooni-mobile__> and i was SSH'ing directly to the IP address
<arooni-mobile__> no wait
<arooni-mobile__> the IP address is the same
<arooni-mobile__> so im missing why i cant ssh from my box;  i just checked to make sure my keys are in ~/username/.ssh/authorized_keys
<arooni-mobile__> they are
<arooni-mobile__> on the connecting computer debug says: "debug1: Connecting to 70.87.XX.XX [70.87.XX.XX] port 22222."
<arooni-mobile__> dont' get past htat
<sarnold> arooni-mobile__: can netcat connect and collect a banner?
<sarnold> arooni-mobile__: (echo "" | netcat ip-address 22222)
<arooni-mobile__> netcat: getaddrinfo: Temporary failure in name resolution
<arooni-mobile__> ugh dns resolution again?
<arooni-mobile__> can someone help me getting DNS resolution fixed?  i'm seeing "/etc/network/interfaces:11: misplaced option"  on line: dns-nameservers 8.8.8.8 8.8.4.4
<GH0> sarnold, typical main channel. lol, no one answers.
<sarnold> GH0: sigh :)
<GH0> i can probably find the files online.l and fix it that way. Or just k owibg what would replacw the foles
<GH0> Oh dear god the misspellings
<sarnold> arooni-mobile__: I don't see it obviously.. can you pastebin the whole thing?
<arooni-mobile__> sarnold, one sec
<arooni-mobile__> sarnold, http://paste.ubuntu.com/5964666/
<arooni-mobile__> sorry
<arooni-mobile__> thats from my desktop
<arooni-mobile__> one sec
<sarnold> arooni-mobile__: hrm, is that comma supposed to be there? I don't see commas in the resolvconf(8) manpage..
<arooni-mobile__> https://gist.github.com/anonymous/6190558
<arooni-mobile__> sarnold, the second one is actual file
<sarnold> arooni-mobile__: looks like you're missing an 'iface eth0' line
<arooni-mobile__> sarnold, what should it look like ?  iface eth0  ... dhcp ?
<arooni-mobile__> i think ubuntu 12.04 overwrote whatever i had before that was working
<sarnold> GH0: try debsums -cs firefox
<sarnold> arooni-mobile__: try "inet eth0 inet dhcp"
<GH0> sarnold, will do, hold on
<arooni-mobile__> sarnold, cool, getting a different error on networking restart "ifup: couldn't read interfaces file "/etc/network/interfaces"
<arooni-mobile__> "
<sarnold> arooni-mobile__: woo. :) I'd put that 'auto eth0' line up near the other 'auto' line.
<arooni-mobile__> sarnold, cool; now it restarts; but i'm still not getting dns resolution
<GH0> sarnold, is it supposed to report anything back?
<GH0> It seems to newline after pressing enter
<sarnold> GH0: that means there were no corrupted files in the package
<sarnold> GH0: so your firefox.desktop is just as it should be.
<sarnold> well, just as it was delivered. :)
<sarnold> arooni-mobile__: any nameserver lines in /etc/resolv.conf?
<arooni-mobile__> sarnold, nope nothing there
<sarnold> arooni-mobile__: do you have a /etc/resolvconf/update.d/libc file?
<arooni-mobile__> sarnold, dont know if it matters but lrwxrwxrwx 1 root  root      31 May 16  2011 resolv.conf -> /etc/resolvconf/run/resolv.conf   ... its a symlink
<arooni-mobile__> sarnold, -rwxr-xr-x 1 root root 5093 Jul 18  2012 libc  ...
<sarnold> hrm, that should have written the new nameserver lines for you..
<arooni-mobile__> should i try rebooting?
<arooni-mobile__> haha
<sarnold> only if the vps makes it easy to get back without working networking on the system :) hehe
<arooni-mobile__> my ubuntu never wants to talk to the outside world
<arooni-mobile__> fixed it sarnold ;  thanks
<arooni-mobile__> htere was a bad symlink apparently in /etc/resolv.conf
<sarnold> arooni-mobile__: really? how odd. could you file a bug against resolvconf (ubuntu-bug resolvconf) and copy-and-paste some of your more enlightening commands and results?
<sarnold> arooni-mobile__: upgrades from 10.04 to 12.04 really ought to work :)
<sarnold> arooni-mobile__: thanks :)
<arooni-mobile__> sarnold, geez i wish i would have kept better track of what it linked to before
<sarnold> arooni-mobile__: this is what you pasted before.. lrwxrwxrwx 1 root  root      31 May 16 2011 resolv.conf -> /etc/resolvconf/run/resolv.conf
<arooni-mobile__> oh good;  cuz i straight up deleted that bad symlink
<arooni-mobile__> it wasnt pointing to anything
<sarnold> :)
<sarnold> I'm sorry I didn't recognize it at the time; I'm on 13.04, mostly, and I figured the path had changed from 12.04. :(
<arooni-mobile__> i should have noticed it as a bad symlink
<arooni-mobile__> i have color highligting on my terminal
<arooni-mobile__> ahhh i know
<arooni-mobile__> i was logged in as root
<arooni-mobile__> so i didnt have color highlighting
<arooni-mobile__> otherwise i would have noticed it was red
<arooni-mobile__> sarnold, correct me if im wrong but isnt this the same issue: https://bugs.launchpad.net/ubuntu/+source/resolvconf/+bug/1000244
<uvirtbot> Launchpad bug 1000244 in resolvconf "Symlink /etc/resolv.conf does not exist after installation or upgrade of resolvconf -- various causes" [Undecided,Confirmed]
<sarnold> arooni-mobile__: that looks like it. wow..
<sarnold> https://bugs.launchpad.net/ubuntu/+source/resolvconf/+bug/1000244/comments/66
<uvirtbot> Launchpad bug 1000244 in resolvconf "Symlink /etc/resolv.conf does not exist after installation or upgrade of resolvconf -- various causes" [Undecided,Confirmed]
<arooni-mobile__> sarnold, i guess checking the bugs on a package when im having troubles with it is a good idea
<failmaster> i have a problem switching luks passphrase authorization to key file for root fs on 13.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone? =)
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]
<brahmana> Hi. Is there a way for me to block access to a particular domain from my machine?
<brahmana> This is for my Ubuntu desktop. I was suggested to ask here when I asked the same in #ubuntu
<brahmana> Would adding an entry like ALL : my.domain.com to /etc/hosts.deny be the right approach?
<sarnold> cheap-and-kinda-busted is to put 127.0.0.1 domainname.com   into your /etc/hosts file. That will only screw up domain resolution for the specific hostnames you list: it won't kill the whole domain, and if someone resolves the IPs elsewhere, they'll be able to use the IPs to connect...
<brahmana> I tried that but I can still access that my.domain.com via telnet
<sarnold> you'd need to add in my.domain.com as well... it can get exhausting :)
<brahmana> It's just one domian.. so its ok.
<sarnold> if the domain is entirely hosted in one netblock, you could use iptables to block access to the network. that'll be far more reliable, right up until they change their IPs.
<brahmana> Furthermore this is not from a security standpoint. I just want to block access to that domain temporarily.
<unfailedagain> i have a problem switching luks passphrase authorization to key file for root fs on 13.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone? =)
<uvirtbot> Launchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]
<sarnold> unfailedagain: http://paste.ubuntu.com/5965290/
<unfailedagain> sarnold, it works without one for sdb1
<sarnold> unfailedagain: does that KEYSCRIPT look familiar?
<sarnold> unfailedagain: sdb1 isn't going to be used for root
<unfailedagain> sarnold, so what's the difference, it's being mounted during boot
<sarnold> unfailedagain: the difference is I found that string in this file in the source package: debian/initramfs/cryptroot-hook
<unfailedagain> as well as / was on 12.04 without keyscript=
<sarnold> unfailedagain: .. perhaps that hook doesn't care about the other targets?
<unfailedagain> i knwo about this hook, i even was able to find out the moment where it was suggested
<unfailedagain> but if i was that good enough - i would already fix it
<unfailedagain> sarnold, hm, the strange thing is that i somehow thought it should be grepable under /etc/ and appears there is none
<sarnold> unfailedagain: check /usr/share/initramfs-tools/hooks/  ?
<unfailedagain> sorry, my bad
<sarnold> good luck :) bed time here
<unfailedagain> sarnold, many thanks!
<unfailedagain> i'll investigate around hooks
<sarnold> unfailedagain: if you find it, let me know, I'm curious what it ought to be..
<unfailedagain> definitely i will
<sarnold> :) thanks
<unfailedagain> looking at cryptroot hook i really don't get it, how that thing "# If keyscript is set, the "key" is just an argument to the script" is related popping-up a warning
<unfailedagain> most probably because i'm too noob
<rtfmdude> is it necessary to have a keyscript option in order to use luks authorization based on a key file for drive with mount point on / (root fs)?
<adam_g> jdstrand, any security updates in the pipe for openstack? putting together a new SRU batch
<stemid> does ubuntu use vixie cron? I noticed crontab(5) says Vixie.
<stemid> not anacron then
<stemid> just wondering because I have a problem with a crontab file on two ubuntu 12.04 servers, but none of my debian servers (anacron). I always use /etc/cron.d and very basic format MAILTO=me PATH=/to/script 0 4 * * * root script.sh
<stemid> and it never runs
<stemid> but manually it works
<stemid> manually the script works
<stemid> and cron.allow does not exist
<rtfmdude> is it necessary to have a keyscript option in order to use luks authorization based on a key file for drive with mount point on / (root fs)?
<jamespage> adam_g, zul, Daviey, smoser: just flushed everything in havana proposed CA through to updates.
<adam_g> jamespage, nice
<jamespage> adam_g, there are a few deps that need a resync - I'll look at those later today
<adam_g> jamespage, non-neutron havana is deploying and testing good
<jamespage> adam_g, also looking to push in a rc for the next ceph LTS later as well
<jamespage> adam_g, yeah - I guess we need todo the charm work to deal with that upgrade now
<adam_g> jamespage, we need to have the quantum + nova charms be naming aware
<jamespage> lol - snap
<jamespage> anyway - back later
<jamespage> ttfn
<adam_g> jamespage, i think we can handle it easy enough in the new py redux, but maybe we can just temporarily fix in the qa charm branches
<rtfmdude> is it necessary to have a keyscript option in order to use luks authorization based on a key file for drive with mount point on / (root fs)?
<freze> How much memory will ubuntu server on average for a default setup?
<maswan> .5G or so, is my guesstimate. of course, then you want memory for your services too.
<freze> I'm gettin 125MB
<freze> anyone know what  sendmail: MTA:  is for?
<thumper> apw: ping
<rbasak> freze: mail transfer agent. That isn't on a default install, though.
<freze> do I need it?
<freze> it came with my vps ubuntu image
<freze> along with apache which I delted
<andol> freze: You might not need (or even want) sendmail specifically, but you probably want some kind of local MTA so that the server can send mail. If nothing else you might want your server to be able to send cron mail and stuff.
<andol> freze: Oh, and for extra fun, there is a bit confusion regarding the sendmail name. In addition to it being the name of mail server, it is also the name of a system binary, which also other mail servers use, for compability reasons.
<freze> Thanks andol. I guess my VPS by default included additional packages in the iso image.
<andol> freze: The default MTA for Ubuntu is Postfix, which (as hinted earlier) do provide a /usr/sbin/sendmail binary.
<freze> anyone here using fail2ban?
<freze> I'm following this guide: http://felipeferreira.net/?p=47. However I do not see a [ssh-iptables] block in my config file.
<ciss> hi, i'm running 12.04 server (upgraded from 10.04 server), and i've run into some dependency issues while installing samba that i am unable to resolve. apt output: http://pastebin.com/PHbAQ8wL, sources.list: http://pastebin.com/zdTbEJbq
<ciss> samba had been installed before the dist-upgrade, but seems to have been removed in the process (i assume - it's been a while, i can't remember)
<rbasak> ciss: please pastebin the output of "apt-cache policy samba".
<ciss> rbasak: http://pastebin.com/MJyLS6qz
<rbasak> ciss: looks like you're trying to install a different samba from the one in the archive.
<rbasak> ciss: the 9v-shaun-42 ppa that you have enabled there.
<ciss> rbasak: ah, i remember now. thanks a lot, now i have something to work with :)
<jdstrand> adam_g: yes, a whole slew of them just came through
<jdstrand> adam_g: they should be pushed out next week
<adam_g> jdstrand, affecting which packages? i guess i can just move forward and rebase as necessary
<thumper> apw: ping?
<jdstrand> adam_g: please give me a few minutes
<jdstrand> adam_g: looks like python-glanceclient, swift, cinder, nova, keystone and python-keystoneclient
<stgraber> hallyn, sarnold: uploaded lxc to saucy-proposed with hardening-wrapper enabled, so that should be all for that MIR.
<stgraber> sarnold: if you could confirm that you're fine with that change, I'll seed lxc and promote it
<jdstrand> adam_g: actually, keystone may not be on the list-- I need to deep dive into the python-keystoneclient one
<hallyn> stgraber: scary
<hallyn> stgraber: did you rip the mkifname source from mktemp in libc by chance?  or whip it up from scratch?
<stgraber> hallyn: mostly from scratch
<stgraber> hallyn: it was intiially roughly based on bionic's mktemp implementation but I don't think I really kept much as they were using some random number generation function that didn't exist in eglibc
<stgraber> (and extracting the equivalent function from eglibc was too painful thanks to all their generated code...)
<stgraber> however I did run a bunch of tests to confirm it does the right thing when getting a name conflict and that it's not racy (won't return the same thing twice, no matter how fast it runs), also ran it under valgrind to make sure I didn't forget to free anything
<hallyn> i've gotta go over a 20M of valgrind data at some point :(
<stgraber> hehe, it's much easier to deal with when adding single self contained functions than running against something like lxc-start ;)
<hallyn> stgraber: but how cna there not be a memory leak?
<hallyn> you strdup name ina loop but dno't free it
<hallyn> that i can see
<hallyn> i must be missing something (/me keeps looking)
<stgraber> hallyn: oh, yeah, I probably should free it when I don't break out of the loop
<hallyn> surprisedh valgrind didn't spot that
<stgraber> well, I'd have to go through that specific code path which I guess wasn't the case when run under valgrind
<stgraber> if the first name it comes up with doesn't already exist, then it's fine
<stgraber> it's only if it already exists and it needs to generate another one that the leak happens
<hallyn> stgraber: one more:
<stgraber> hallyn: http://paste.ubuntu.com/5966322/
<hallyn> i think you need to do padchar[random() % (strlen(padchar)-1)]
<hallyn> though really that number should probably be set with a #define :)
<hallyn> stgraber: lastly, really should check that strdup() didn't return null
<hallyn> stgraber: say, is it safe to install dnsmasq on a running precise server, or will precise hit some snafus and i'll lose network?
<hallyn> (istr it was phased in at or right after precise, so i worry)
<stgraber> hallyn: I "think" we backported all the needed bits
<stgraber> hallyn: http://paste.ubuntu.com/5966334/ ?
<hallyn> heh, i\'d only want it to do the server=/lxc/10.0.3.1, maybe i shouldn't risk it
<hallyn> stgraber: +1, you can just add my Acked-by too then
<stgraber> hallyn: ok, thanks
<hallyn> no no, thank you :)
<alex88> erm, i just dist-upgraded and apache 2.4 just broke everything :)
<alex88> is there a way to get back?
<hallyn> smoser: thanks, i agree i didn't like the clone() name there :)  reviewing, will push to staging soon.
<smoser> neat, thanks.
<hallyn> (in general we prefer patchsets sent to lxc-devel rather than pushed though github, but this is specific to lxc-ubuntu-cloud, which noone will comment on anyway :)
<smoser> ah.
<smoser> do you want me to squash it?
<smoser> to one commit
<hallyn> nah
<hallyn> i've already pulled it, just looking over the commits now
<hallyn> smoser: i also wonder if these commits fix any of the open bugs against lxc-ubuntu-cloud
<hallyn> smoser: oh, but you didn't sign off on your commits
<hallyn> smoser: so if you dno't mind signing them off - squash them or not - then i'll sign-off and push
<smoser> i can do that.
<smoser> thanks
<smoser> hallyn,
<smoser> ok. so i push --forced over
<smoser> https://github.com/smoser/lxc/tree/uc-clone-hook
<smoser> ok, and the pull request figured that out
<ciss> if a package install fails due to an exception during interactive configuration (and thus the package is in a broken state), how can i force another configuration dialog when reinstalling? (right now it seems to always use the last provided inputs)
<hallyn> smoser: how weird, git pull acted differently this time (asking for a merge msg).  oh - i see
<yolanda> jamespage :https://code.launchpad.net/~yolanda.robla/charms/precise/jenkins/fix_nogroup/+merge/179434
<hallyn> smoser: pushed
<hallyn> thanks
<smoser> hallyn, awesome. thank you.
<hallyn> wtf - containers don't have 'ed' by default?
<stgraber> hallyn: we've got vim, why would you want ed? ;)
<rbasak> alex88: in what way did it break everything?
<hallyn> stgraber: so i can edit a file while keeping the compiler errors on teh screen :)
<hallyn> stgraber: woohoo, i'm creating N, and no more than N, veths as unpriv user.  re-integrating into lxc will be uglier than i'd like though
<stgraber> hallyn: ah, I just background vim in such cases ;)
<stgraber> hallyn: nice!
<hallyn> might just post the standalone toy i'm testing with for comment first
<hallyn> cause boy does this have the potential for disaster :)
<alex88> rbasak: new modules, changed configuration
<bkfitz> I'm currently running proftpd on 10.04, but I'm concerned about passwords being passed in clear text... has anyone set up sftp for proftpd and/or have any recommendations for me?
<rbasak> alex88: please can you be more specific? Apache 2.2 -> 2.4 is a major change so it's expected that if you have a custom setup you will need to update it. So I'd like to understand whether your breakage is reasonable for the package, or if there are bugs that need to be fixed.
<alex88> rbasak: well first it doesn't support dav svn
<rbasak> alex88: which package is that, please?
<alex88> libapache2-svn
<alex88> and for some reason, it was installed but still apache2 and related upgraded to 2.4 breaking it
<psivaa> hallyn: connecting to mysql with today's precise images return "ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)"
<psivaa> with lamp server installations
<rbasak> psivaa: from -proposed?
<rbasak> psivaa: bug 1121874 - SRU verification failure.
<uvirtbot> Launchpad bug 1121874 in mysql-5.5 "MySQL launch fails silently if < 4MB of disk space is available" [Medium,Fix committed] https://launchpad.net/bugs/1121874
<rbasak> alex88: looks like the problem is that subversion doesn't support apache 2.4 yet.
<alex88> yeah
<alex88> but shouldn't it block apache upgrade?
<psivaa> rbasak: i dont think it's from proposed, the versions are of 5.5.32-0ubuntu0.12.04.2
<rbasak> alex88: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712004 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666794
<uvirtbot> Debian bug 712004 in libapache2-svn "/usr/lib/apache2/modules/mod_dav_svn.so: undefined symbol: ap_log_perror_" [Grave,Fixed]
<alex88> rbasak: uh ok thanks!
<ikonia> bkfitz: what information are you looking for ?
<rbasak> alex88: the solution was to disable the subversion module in Debian for now, so as not to block apache moving to 2.4
<psivaa> rbasak: those pkgs are in main
<alex88> rbasak: ok thanks for the info, btw I've now installed first libapache2-svn to it installed 2.2
<bkfitz> iknonia: well... I guess advise on using proftpd's sftp module vs openssh
<bkfitz> iknonia: and/or suggestions for allowing my dev to upload content to my wwwroot folder securely
<rbasak> psivaa: 5.5.32-0ubuntu0.12.04.2 was from -proposed, though it's been deleted now. AIUI, it's never been in -updates.
<Pici> !tab | bkfitz
<ubottu> bkfitz: You can use your <tab> key for autocompletion of nicknames in IRC, as well as for completion of filenames and programs on the command line.
<bkfitz> Pici, yeah... knew it just wasn't thinking
<psivaa> rbasak: ack, thanks
<bkfitz> ikonia, any advise?
<ikonia> bkfitz: what's wrong with just connecting to sshd via sftp ?
<ikonia> bkfitz: I'm assuming you've got ssh running, so any reason not to use it ?
<stgraber> hallyn: debugged and fixed the autopkgtest failure which prevented the past 3 lxc uploads from reaching the archive (it was adt-run messing with TMPDIR and confusing debootstrap, adding an unset TMPDIR did the trick)
<hallyn> and now all fixed?
<stgraber> I got a succesful run on my laptop and just uploaded to the archive, so hopefully Jenkins will succeed too
<mdeslaur> rbasak: d'oh, sorry for breaking apache2
<rbasak> mdeslaur: np, it wasn't you.
<bkfitz> ikonia, i do have ssh (openssh) running, but i need sftp to be run over port 21
<ikonia> bkfitz: ok, then setup an sftp server
<rbasak> I noticed the problem weeks ago, but wanted to write a dep8 test. Which involved writing adt-virt-lxc so that I could test my test. Took a while :)
<bkfitz> ikonia, proftpd with modsftp suggested?
<bkfitz> ikonia, or vsftpd
<ikonia> up to you
<ikonia> they all do the same thing really
<smoser> hallyn, suck.
<smoser> can you pull tip of my staging
<smoser> https://github.com/smoser/lxc/commit/5215d38b121076bf23960c87047c75047ea96a3b
<smoser> hold on. you want signed off by
<smoser> https://github.com/smoser/lxc/commit/384dc9c011422ab6ebc424d5f5571ee561104ce6
<bkfitz> ikonia, so will running proftpd with modsftp conflict with my openssh service?
<bkfitz> ikonia, i'd like to run ssh on 22 and sftp on 21
<ikonia> bkfitz: why would it conflict with open ssh ?
<andol> bkfitz: I assume you know that regular ssh usually also handles sftp? But no, running a separate sftp on port 21 wuldn't conflict, even it it might possibly confure.
<Pici> *confuse
<bkfitz> andol, yeah... but i need ssh to run on 22 and sftp to run on 21... so i'm assuming i need two daemons
<bkfitz> openssh -> ssh -> 22
<bkfitz> proftpd or some other sftp server -> sftp -> 21
<ikonia> they are two seperate services
<ikonia> openssh is nthing to do with proftp/vsftpd etc etc
<ikonia> why do you need it running on port 21 thought ?
<stgraber> hallyn: damn, lxc no longer builds on Android... I really need to add that to my build server so we catch those earlier.
<bkfitz> ikonia, because my devs are inside our lan which doesn't allow port 22 traffic outside... only 21
<bkfitz> i use my mifi to get out on 22
<bkfitz> ikonia, don't ask why the policy is to close 22
<ikonia> just run an sftp server then, nice and simple
<bkfitz> ikonia, yeah... just doing some reading on that now... thx
<hallyn> stgraber: is that bc of an alloca or somesuch that i threw in?
<stgraber> hallyn: nope, utils.h the __NR_* defines don't include the values for arm
<hallyn> smoser: trying to figure out how to get that with a git cmomand (git fetch isn't doing it).  maybe i'll just hand-apply :)
<hallyn> oh there we go
<hallyn> smoser: ok, pushed
 * hallyn biab
<hallyn> stgraber: nah i guess i'll pull the lxc-user-nic into lxc before i post it, which only means i need to think about how to port the tests.  bbl
<hallyn> hopefully will post something tonight
<medberry_> Daviey, smoser, et al: Is this where cloud-image contents are defined?  http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.saucy/files/ (wihin cloud-image). Is this where the default contents of a cloud-image are set?
<rtfmdude> is it necessary to have a keyscript option in order to use luks authorization based on a key file for drive with mount point on / (root fs)?
<xnox> rtfmdude: that, or modify the initramfs scripts that do so.
<xnox> rtfmdude: you may notice in the scripts that plymouth is prefered over keyscript, you may want to revert it locally.
<rtfmdude> xnox, is it defined somewhere across references?
<rtfmdude> because is that case i see the reason to file a bug report =)
<xnox> rtfmdude: what do you mean "across references"? Sorry, i don't understand.
<rtfmdude> xnox, man pages?
<rtfmdude> e.g.
<xnox> rtfmdude: i have no idea. I'm telling you what's in the code.
<rtfmdude> xnox, many thanks, mate!
<rtfmdude> but honestly i don't get it, why it works for non-root devices and can't work for /
<rtfmdude> and why it was working for all drives presented into system in 12.04 for me
<freze> Hi guys I  just setup a webserver to host sites using niginx on an ubuntu server in a VPS. what are the most important things that I should be aware of when running a server/what do you wish you knew when running your webserver
<rtfmdude> freze, basically until you really care looking through logs from time to time, it's already more than many others do lol
<blib>  on my ubuntu box: apt-get upgrade gave this error: Errors were encountered while processing:  /var/cache/apt/archives/nginx_1.4.2-1~lucid_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1)
<blib> any ideas how to fix this?
<freze> rtfmdude: yeah. what about security? I have  secured ssh and installed fail2ban
<freze> anything else I should look at?
<rtfmdude> i usually start removing login shells against users that don't need it, tuning things to keep only established connections, setting ssh auth over key files, setting up portsentry sometimes, if it's vds - ksplice, fail2ban too maybe, but consider also moving ssh default port somewhere else
<rtfmdude> freze, but not everyone finds it necessary
<rtfmdude> soz for my english btw
<freze> ssh auth over key files? what do you mean? Alsoo what is a VDS? virtual disk?
<rtfmdude> my bad, sorry for messing up with words, was meaning certificates, vds again oh gosh... i'd better shut up dedicated server lol
<rtfmdude> no, i definitely should talk less
<freze> lol
<stgraber> hallyn: wow, that's quite a few changes needed to get lxc to build with bionic again...
<rizuk> anyway to repair bootmanager grub was on 3.2 kernel i update to 3.5 never came back online via ssh. So in ovh set it to kernel network rescue that booted fine...But now I'm stuck on this kernel i was trying to go back to 3.2 but still wouldn't work i even changed the /boot/grub/grub.cfg to the 3.2 kernel
<hallyn> stgraber: do you have a diff up i can look at, or are you comfortable with it?
<rtfmdude> sarnold, i got rid of warning changing the order of devices in crypttab, which is total bs
<rtfmdude> initiatin reboot to see if it ate it, but i could mess editing the hook lol should check everything
<stgraber> hallyn: I'm fixing stuff slowly, we got some new strdupa calls in the code I need to get rid off. Also Android fixed a few things in recent bionic so I need to drop some of my hacks
<hallyn> stgraber: is strdupa just not posssible?
<jamespage> rbasak, any chance you can do a test build of my workaround for mongodb - lp:~james-page/ubuntu/saucy/mongodb/fixup-arm
<stgraber> hallyn: doesn't exist
<stgraber> hallyn: I guess we could re-implement it as I've been doing with getline and mntent_*
<ovidiu-florin> I'm trying to install ubuntu server on a virtual machine on my kubuntu desktop. My kubuntu desktop is x86_64, but the ubuntu server says that the CPU is i686. why?
<rbasak> jamespage: "
<rbasak> This branch has not been pushed to yet.
<rbasak> "
<rbasak> In progress?
<hallyn> stgraber: does alloca() exist?
<ovidiu-florin> and how can I resolve that?
<jamespage> rbasak, done now
<stgraber> hallyn: looks like it does
<hallyn> cool then strdupa should be trivial
<stgraber> crap, should have seen that one coming:
<stgraber> conf.c:34:21: fatal error: ifaddrs.h: No such file or directory
<stgraber> looks like Android already has a re-implementation of it in platform-external-dhcpd though, so I'll just steal that...
<rbasak> jamespage: just realised I'm not going to have time to do it now. I'll leave it on my TODO for Monday. BTW, I'm not sure about the status of mysql-server right now. Waiting for stokachu to get back to us about a regression that was uploaded to saucy + various proposed pockets.
<jamespage> rbasak, no problem - it can wait
<tomtom565> Rappid2214...
<tomtom565> Helllooo?
<sarnold> rtfmdude: crazy! please file a bug :)
<rtfmdude> sarnold, no, my bad
<hallyn> stgraber: is android just gonna keep diverging though?  is this sustainable?
<stgraber> hallyn: they seem happy with their own libc so yeah... I guess with time they'll re-implement more and more of the GNU extensions to the point where it'll be roughly equivalent to eglibc (but not GPL licensed)
<hallyn> stgraber: guess that'll become moot when we re-implement lxc in go :)
<sarnold> rtfmdude: I really wouldn't expect order to matter ..
<stgraber> sure because it'd all be staticly linked ;)
<stgraber> sarnold: hey there
<sarnold> stgraber: hey! :) nice work. thanks. :D
<stgraber> sarnold: are you happy with the current binaries? (if so, I'll promote LXC and EOW)
<sarnold> stgraber: yes, please do :)
<hallyn> \o/
<stgraber> and after almost 4 years, LXC is finally seeded in supported!
<rtfmdude> sarnold, yeah i was playing with it
<stgraber> hallyn: I just seeded it for now, will wait for component-mismatches to notice, then override it and we'll be done. Now time for dinner. ttyl
<hallyn> \o
<rtfmdude> sarnold, i'm getting deeper and deeper with the very simple configuration http://paste.ubuntu.com/5967000/, i'm just surprised how hordes of people which need only xfce/kde/gnome/unity desktop change distro maintaining priorities :D
<sarnold> rtfmdude: nice :)
<michele> hi there. I'm trying to install ncdu. http://packages.ubuntu.com/search?keywords=ncdu&searchon=names&suite=raring&section=all - however, apt-get does not find it. http://pastie.org/pastes/8222288/text . how come? thanks
<sarnold> michele: have you run an "apt-get update" lately?
<michele> just run.
<michele> nothing change
<axisys> do I need avahi-daemon running on ubuntu precise server? All IPs are static and DNS configs are static
<axisys> this server is running at work
<axisys> also do I need cups ?
<axisys> I know I am never going to use it.. but I dont want to break something by removing this pkg
<sarnold> axisys: both should be fine to remove if you know you won't care about .local name resolution or printing
<axisys> sarnold: yep, I don't .. thanks
<axisys> sarnold: how about plymouth.. not sure what all these doing on ubuntu server
<sarnold> axisys: plymouth does something during early boot. I'd leave it alone strictly because I don't know what it does. :)
<axisys> http://paste.ubuntu.com/5967171/ looks like mountall and udev has dependencies.
<axisys> although plymouth wiki https://wiki.ubuntu.com/Plymouth says
<axisys> "Plymouth is the application which provides the graphical "splash" screen when booting and shutting down an Ubuntu system."
<axisys> I do not use splash in my grub..
<rizuk> JakeMS?
<Richter> hi, today i have a strange surprise, the ubuntu server auto disconect the NFS mount (I dont have any idea why), i reboot the server and he works again, someone have this problem? how i can find when this happen in my giant log?
<ewook> Richter: perhaps in /var/log/messages
<Richter> syslog
<jkitchen> depends on system
<Richter> messages dont exist anymore
<Richter> ubuntu server 12.04
<Richter> i cant find the moment
<jkitchen> centos still uses messages
<Richter> because my log is huge
<jkitchen> oh
<jkitchen> I thought I was in a diff channel. ignore me.
<Richter> i want use my "little friend" grep
<Richter> np :P
<jkitchen> Richter: use 'less' and search is what I would do
<jkitchen> less handles really huge files just fine
<Richter> my syslog is giant man... i cant
<jkitchen> sure you can
<Richter> too much information
<jkitchen> I use less on 1GB+ files all the time
<Richter> its a web server
<Richter> i can see the log
<sarnold> your webserver logs to syslog? o_O
<Richter> but for what i must search
<jkitchen> sarnold: I was just thinking
<Richter> this is my question
<sarnold> Richter: check dmesg | grep -i nfs
<Richter> ps... sorry for my bad english
<sarnold> Richter: the kernel will complain, maybe it's still in the dmesg buffer.
<Richter> i reboot
<Richter> :x
<sarnold> Richter: ah. check /var/log/ker*  something?
<Richter> -rw-r----- 1 syslog adm 97061 Aug  9 15:19 kern.log
<Richter> -rw-r----- 1 syslog adm 90112 Aug  4 04:18 kern.log.1
<jkitchen> 12.04 I believe has a /var/log/dmesg too
<Richter> nothing usefull in kernel log
<sarnold> jkitchen: yeah but I've got a feeling it's just an early boot log. could be wrong.
<Richter> i will look at dmesg
<Richter> [   10.100369] FS-Cache: Netfs 'nfs' registered for caching
<Richter> [   16.360044] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
<Richter> just this
<Richter> :(
<Richter> Aug  9 14:29:47 gastao kernel: [   11.066902] FS-Cache: Netfs 'nfs' registered for caching
<Richter> Aug  9 14:29:47 gastao kernel: [   11.463457] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
<Richter> Aug  9 15:19:33 gastao kernel: [ 2998.466853] nfs_readdir_search_for_cookie: 9 callbacks suppressed
<Richter> syslog
<Richter> i just want know when he fails
<sarnold> is that an hour after you rebooted?
<Richter> nops
<Richter> wait
<Richter> lol
<Richter> i am stupid
<Richter> Aug  9 14:29:47 gastao kernel: [   11.463457] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
<Richter> maybe the ubuntu auto security update down the nfs
<Richter> maybe?
<ewook> dunno.. :S
<ewook> Never happened to me.
<sgran> it can do fun things, like restart one of the rpc services
<Richter> strange
<Richter> thx dudes
<Richter> you calm my mind
<Richter> sorry for my bad english
<Richter> : D
<patdk-wk> heh?
<sarnold> good luck Richter :)
<patdk-wk> took it down *11 seconds* after bootup?
<patdk-wk> sounds more like it *started on boot*
<sgran> yes, it did
<sgran> and then an hour later, it logged a complaint abou tit
<sgran> about it, even
<rizuk> grub sucks
<wmp> hello, anybody can help me? I create package, but apt-cache search droopy cant find them, but other packages form my repo work good: http://paste.kde.org/p2f84641f/
<wmp> apt-get update...
<hallyn> stgraber: hm, somehow container starts, inside a container, using daily ppa, breaks - works with saucy's lxc.
<stgraber> hallyn: related to the cgroup changes perhaps?
<hallyn> i think so
<hallyn> finishing up tests of the user-nic thing, will look at it after that
<stgraber> we really need to add more tests to our autopkgtest, then I can just hook that to the builds on my server so we run the same tests everywhere
<hallyn> maybe at plumbers we should whip up a list of things which should be tested at every build.  cause frankly the list seems intimidating
<stgraber> yeah, ideally every time we push to staging we should be getting a build on amd64, i386, armhf for Ubuntu and for Android, then run all our tests against all 4 builds
<stgraber> should be reasonably quick and between building for all targets and running on all of them, should be able to catch most obvious regressions
<|System|> Hey
<|System|> http://pastebin.com/XUkPtRHg
<rizuk> best command line tool to fix bootup repairs like bootloaders
<rizuk> would someone be able to give me a hand
<justizin> anybody know of a ppa for nginx with http_stub_status_module ?
<sarnold> TheLordOfTime: hey, justizin is curious if your nginx ppa has http_stub_status_module :)
<justizin> that would be siiii-iiiick!
<justizin> i mean i know how to gcc and all, i just, mleh.  and i hate doing it in chef recipes.
<sarnold> hehe :)
<justizin> i guess nginx cookbook will do it for me, there are worse fates in life..
 * justizin is pretty lazy about building packages
<justizin> probably one of those howtos i should finish after 15 years ;d
<aristeia> Hi, Ive got a question about using apache on an ubuntu web server. Im able to access the web server accross the network using the local ip address, but how can I access it globaly using the network ip address?
<sarnold> aristeia: does the machine know its globally routed IP? or is it done through some port forwarding on a router?
<aristeia> it knows its gloablly routed IP
<sarnold> aristeia: you could shove the globally routed IP into your /etc/hosts file while testing it out..
<sarnold> aristeia: or, just visit the thing http://ip.add.res.s/ .. if it isn't doing any virtual-host work.
<aristeia> alright, thanks
<rizuk> whats the best linux for websever
<failmaster> guys, i kinda afraid of reporting the bug, because the situation is not 100% clear for me, i suspect that i could miss something, what are my options to make sure it worth filing the bug report?
<blkperl> rizuk: doesn't matter, ubuntu, debian,centos all work fine at webserving
<rizuk> cheers
<failmaster> depends on your own subjective decision according to habits mostly =)
<rizuk> Ubuntu 12.04 vs latest much difference ? what would you go with
<failmaster> 12.04
<blkperl> rizuk: use 12.04 becuase LTS
<rizuk> I'm not sure whats going on here tbh my apache seems to timeout a lot with linux when its kinda busy but not that much any ideas
<rizuk> im in all sorts of problems one of my servers bootloaders are not working lol
<rizuk> in linux rescue mode re installed grub no luck
<rizuk> yes i have been on Google trying to fix it also lol
<rizuk> i can get into ssh easy with ovh kernel networkboot mode and rescue mode but  cant boot into the normal kernel
#ubuntu-server 2013-08-10
<frank_> hi
<frank_> I want to install ubuntu server 12.04 LTS on a VM. The homedir should be encrypted for every user, but the server should be able to boot without any interveniance (since it's a VM, vmware, ha, etc). What do I select in the installer?
<frank_> Encrypt the first user and add the second one from cli via adduser? How do I get the homedir of the second user to be encrypted?
<sarnold> frank_: probably "encrypted user home directories" -- that sets up ecryptfs to mount the user home directories with a stacked encrypted filesystem when users log in. it does complicate user crontabs, but it does boot without intervention
<frank_> I guess the installer doesn't provide support to create n user accounts during installation where the homedir is encrypted
<ScottK> No
<tyhicks> frank_: I'm not sure if the installer provides that
<tyhicks> frank_: but see the --encrypt-home option of adduser
<frank_> tyhicks: nice, thanks
<frank_> sarnold: what do i select during installation? Use entire vmdk and set up lvm?
<sarnold> frank_: I believe that would allow you to grow the image / filesystem later if you wish.
<frank_> sarnold: done
<frank_> my provider promised me only level 3 filtering, configuring apt tages ages but eventually will finish. On TTy3 I see failed to fetch http://de.archive.ubuntu.com/...
<frank_> i guess he's lying, isn't he?
<frank_> i guess during install I haven't got a links to verify
<sarnold> try also w3m, curl, wget, links, elinks, might be something..
<sarnold> or if all else fails, maybe bash's /dev/tcp
<frank_> last time I was behind a watchguard, which was pretty funny when I did am echo of seq(1,100) in a .txt and then wget'ted it. First got lines 51-100. Then 1 - 50
<centaur5> I have a NFS share that mounts and even though I specified rw in fstab whenever I try to write to the mount point it says read only. Any ideas?
<hallyn> stgraber: all right no worries, i see what's going wrong with nested lxc in ppa.  i *could* wokr around it in the mountcgroups script but am going to spend some time doing what i think is the right thing when creating containers
<hallyn> (which is keep curcgroup per cgroup mount, and check tasks file to figure out what cgroup we are in relative to the mounted one, not to the host's / cgroup)
<avis_> quite the large room, hello everyone
<avis_> I'm having a slight dependency problem when installing libapache2-mod-python: I recieve the following error: http://pxl.uni.cx/irc
<avis_> basically says I have have unmet dependencies
<avis_> Depends: python (< 2.7) but 2.7.3-0ubuntu2.2 is to be installed
<avis_> however this is my phython version output - Python 2.7.3 (default, Aug  9 2013, 22:08:36)
<avis_> sudo aptitude provides too many regressive dependencies to warrant going that route
<avis_> Any ideas?
<samba35> i have strange problem ,on my home system i am not able to boot with harddisk of vmware esxi 5.1 when i try to boot with harddisk  booting process goes in loop but if i boot with dvd and select boot from hardisk then system boot properly
<samba35> sorry
<samba35> is it possible to add other then ubunut iso image to create startup disk /using startup  disk creator
<progre55> Hi guys. Is logrotate's delaycompress option needed for apache2, if I have set postrotate to reload apache? It's just, I rotate the logs weekly, and the access-forward logs can be really huge uncompressed.
<andygraybeal> how do i transfer a KVM with an that lives in an LVM container to another machine?
<andygraybeal> LVM container/partition ... i don't know the words.
<yeats> andygraybeal: the fact that it's on LVM shouldn't matter - you should be able to move it
<yeats> at the userspace level, the details of the storage medium shouldn't matter
<andygraybeal> yeats, okay
<andygraybeal> i have no experience with this, so i'm not sure ;)
<andygraybeal> so... the over view is.. to copy the data out of the LVM partition into another LVM partion and then load up the KVM definition into libvirt?  is that basically what i need to accomplish?
<yeats> andygraybeal: I believe so, yes
<andygraybeal> okay thank you yeahpla
<andygraybeal> errrr yeats
<andygraybeal> i've never done snapshotting of LVM yet
<yeats> andygraybeal: the main point is, at the OS level, you can think of this as "directories" rather than worrying about which type of storage medium it is
<yeats> andygraybeal: very simple
<yeats> 'virsh snapshot-create <vmname>'
<andygraybeal> hmm.. with virsh?  it deals with LVM ?
<andygraybeal> i was thinking that i would need to do LVM snapshot of the partition
<andygraybeal> or.. i'm listening, i'm full of confusion :)
<yeats> oh LVM?
<andygraybeal> yes, i got a libvirt box on lvm
<andygraybeal> not a image file
<yeats> is your end goal that you want a snapshot of your VM?
<andygraybeal> well.. the goal is to move a virtual machine from one physical machine to another physical machine.
<yeats> andygraybeal: oh - I see - "snapshot" has a specific meaning in KVM, so I thought you meant that ;-)
<andygraybeal> yes, sorry, i meant LVM snapshot, i forgot it meant something in the KVM world for two seconds
<progre55> Hi guys. Is logrotate's delaycompress option needed for apache2, if I have set postrotate to reload apache? It's just, I rotate the logs weekly, and the access-forward logs can be really huge uncompressed.
<axisys> why does one precise server showing linux 3.2 and the other precise server showing linux 3.5
<axisys> ?
<sl8_slick> I'm having an issue with my ovh server, I just added an IP block and everything went fine, but it broke one of my ubuntu VMs. It refuses to connect to the internet or ping the gateway, and when I type ifconfig all the information is correct
<RoyK> axisys: probably because those that say 3.5 were installed with 12.04.2, which uses 3.5 by default. earlier 12.04 releases uses/used 3.2. you can install 3.5 on the older ones if you need to, but 3.2 will work as well. default kernel was changed to 3.5 to allow for better support for newer hardware
<axisys> RoyK: oh ok..
<axisys> I will just upgrade the kernel since these two servers will be failover for each other.
<axisys> RoyK: thanks
<RoyK> axisys: np
<ddsss> fresh ubuntu server 13.04 install. installed from usb key. doesn't boot.
<ddsss> simply flies thorugh intial output and then monitor says no signal.
<ddsss> I can't even see what erro is there - so fast it goes.
<axisys> ddsss: you get anything with shift-alt-F1 or F2 or F3 .. F7 ?
<ddsss> axisys, yes - bios works just fine.
<ddsss> axisys, then - ubuntu installs just fine.
<axisys> huh?
<axisys> shift-alt-F1 gives you anything?
<ddsss> axisys, ahh - no.
<axisys> its one of the vtys
<axisys> how about F2 .. to .. F7
<ddsss> axisys, Its a headless server install. so i didn't install gui.
<axisys> 15:21:46 < ddsss> simply flies thorugh intial output and then monitor says no  signal.
<ddsss> axisys, exactly!
<axisys> if it is headless why expecting something in the monitor?
<ddsss> axisys, I mean - server without gui.
<axisys> can you ssh to it?
<ddsss> axisys, but yes - there is  a monitor attached via vga cable.
<axisys> tty0 is vga and ttyS0 is console
<axisys> where are you redirecting the display in grub?
<ddsss> axisys, mmm. it was an automatica installl. how would I check?
<ddsss> e in grub menu?
<axisys> automatic install usually points to tty0.. but yes check in the grub
<ddsss> i'll start it again. hang on:)
<axisys> it should be something like console=tty0 and/or console=ttyS0,9600n8 or like
<axisys> i would remove the quiet after --
<axisys> and also remove the splash..
<axisys> for server you really dont want to use those crap
<ddsss> hmm. pressing e on ubuntu entry gives me some short script or a config or what not.
<ddsss> setparams 'Ubuntu '
<ddsss> recordfailt
<ddsss> etc
<ddsss> imhonestly not sure which one is video
<ddsss> it does ave load_video though
<ddsss> it does have load_video though
<ddsss> ahhh! GPU power managament timed out - what does that mean?
<ddsss> axisys, I've got the actual error  - I've had to record the whole thing on camera and then select the last part:)
<ddsss> gma500 GPU: power managament timed out.
<ddsss> axisys, ahh. it seems the new mobo I got for a nas has some completely unsupported graphics which require adding additional repos during install: gma500 on Launchpad.
<ddsss> axisys, ha. I was just been able to ssh in. SO I guess it worked ll along  - just video driver wasn't present.
<bananapie> Are hardware interrupts related to kernel frequency?
<failmaster> i have a problem with switching passphrase luks auth on boot to key file based, extra details: http://askubuntu.com/questions/330660/what-is-the-correct-way-to-use-key-file-luks-authorization anyone?
<RoyK> bananapie: no
<bananapie> how can I tell if I have a bottleneck from my IRQ interrupts?
<RoyK> can you pastebin /proc/interrupts?
<RoyK> or perhaps how much hi is reported from top?
<bananapie> http://pastebin.com/kWP0Vt9q
<RoyK> also - what sort of server is this?
<bananapie> HP Proliant I think.
<bananapie> DL360 or something like that I bought back in 2010
<RoyK> a router?
<bananapie> Nope. It has 4 networks cards bonded into bond0 and bond1. It has a Sangoma A108DE card that receives PRIs from my telco and I convert the calls into SIP/RTP on the server.
 * RoyK smells asterisk
<bananapie> Nope :P I stopped using asterisk, I am running freeswitch.
<bananapie> But close ;)
<RoyK> goodie
<bananapie> I can't tell if that is sarcastic
<RoyK> I guess the NICs don't support much buffering or may be need to get their buffers increased
<RoyK> no, it was not ;)
<bananapie> What makes you believe that I have buffer problems?
<RoyK> with higher buffers, you get lower interrupt rates
<bananapie> ok
<RoyK> check the module settings for the NIC driver(s)
<RoyK> no idea if those MSI NICs support much buffering, though
<RoyK> Intel cards are usually my best bet for such use
<bananapie> I'll check. Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet
<RoyK> ouch
<RoyK> those aren't too good
<RoyK> but may be tunable for something better
<bananapie> I like that the first page I found on google starts with "These cards are flawed".
<RoyK> I mean - the NIC may be good, but Broadcom doesn't release much info about their hardware so much of the driver development is about reverse engineering
<RoyK> hehe
<bananapie> could the badness of these ethernet card impact the performance of my sangoma card?
<RoyK> hardly, unless it's PCI
<RoyK> you should have enough CPU cores to handle it
<bananapie> the 4 ethernet cards are built into the motherboard and the sangoma is PCI express
<bananapie> ok.
<RoyK> then it should work well
<RoyK> on which interrupt is the sangoma?
<bananapie> 30
<RoyK> rather a few interrupts from that one as well :P
<bananapie> 916 million interrupts in 5 days, is that a lot?
<RoyK> bananapie: this says a bit about what I think about asterisk :P http://karlsbakk.net/fun/asterisk-installation.wav
<bananapie> That was brilliant!
<RoyK> or http://karlsbakk.net/fun/asterisk_architecture.jpg
<bananapie> Would it be a bad idea to allow 4 CPUs to the sangoma card?
<bananapie> I really need to learn more about Interrupts. Do you have any documents that you especially like that gives good info about interrupts in Linux?
<bananapie> what's odd about the card is the smp affinity was 00200020 instead of ffffffffff like I found in /proc/irq/default_snmp_affinity
<Patrickdk> how about we stop all this *guessing*
<Patrickdk> what is the *problem*?
<bananapie> I randomly get talk-off on my PRI and some faxes fail. I thought it was a sangoma/freeswitch problem, but yesterday
<RoyK> Patrickdk++
<RoyK> bananapie: talk-off?
<bananapie> I installed a Zabbix machine on the network to monitor my servers, all the servers generate  beautiful graphs.
 * RoyK doesn't quite understand
<bananapie> But for some reason, Zabbix can't get more than about 5% of the data it requests from the machine with the Sangoma in it.
<RoyK> bananapie: t.38 is always hard to work with, though
<bananapie> But I ping the machine and it responds fine.
<bananapie> So, I don't know what is going on, so I suspect there may be an evil spirit living in my PCIE bus.
<Patrickdk> seriously unlikely
<Patrickdk> a bad driver, sure
<RoyK> bananapie: have you tried to talk to coppice about the spandsp issues?
<bananapie> The Evil Spirit of Sys-admin-know-nothing-about-his-IRQs
<bananapie> Yes. I spoke with coppice, we talked about echo cancellation and stuff.
<Patrickdk> bananapie, how many pri's?
<bananapie> 8
<bananapie> but, I disconnected 2 to see what would happen
<bananapie> so the only 6 have been connected for the past few weeks
<bananapie> Because of the funky behaviour from Zabbix that is isolated to this machine, I think something else is going on on the server.
<Patrickdk> well, that should max you out around 17mbit
<bananapie> But only 2 of the PRIs see any serious use, it is rare that the other PRIs use more than 3-4 channels a tthe same time.
<Patrickdk> how did you monitor this, only 5% data?
<bananapie> the graphs on Zabbix have a few dots instead of full lines like all the other servers that have the exact same hardware and Ubuntu version ( excluding the sangoma card )
<Patrickdk> it is a pcie sangoma card?
<bananapie> Yes.
<Patrickdk> not the pci version?
<bananapie> PCIE
<bananapie> A108DE
<bananapie> d = hardware DTMF and E = PCI Express.
<bananapie> less -S makes /proc/interrupts readable on my screen :D
<bananapie> hello?
<failmaster> i have a problem with switching passphrase luks auth on boot to key file based, extra details: http://askubuntu.com/questions/330660/what-is-the-correct-way-to-use-key-file-luks-authorization anyone?
#ubuntu-server 2013-08-11
<DWSR> Hey all, having an issue booting into my 12.04 LTS server install. Used the server media to partition an LVM onto a boot drive, now booting from that drive gives me "Reboot and select proper boot media"
<eutheria> hello, can anyone suggest a dns server that has a java api to editing a zone?
<failmaster> eutheria, google knows some http://www.xbill.org/dnsjava/
<eutheria> i was after first hand experience ;)
<failmaster> sorry then =)
<Nicekiwi> so.. Ive broken the SSH server on my 'server'.. so i cant use SSH and I cant start it. Help?
<Nicekiwi> i can access the console, but i cant figure out why ssh wont start
<qman__> sudo start ssh; tail -n25 /var/log/syslog
<Nicekiwi> nvm, my sshd_config was currupted. Resinalled ssh server
<Nicekiwi> qman__, thanks anyway :)
<funkster> i have two servers. one is open to public, the other is behind a firewall/nat (ports cannot be opened) what is a way i can push notications to the firewall/nat server so it can trigger actions to take?
<RoyK> do it manually
<funkster> that wont scale for the project.
<qman__> depends on what sort of notifications
<qman__> you could have the firewalled server connect with SSH and read a file on a regular basis
<RoyK> outbound ports works by session handles if the iptables rueles are configured correctly
<qman__> or if you are syncing files, you could use btsync
<RoyK> return ports as well
<funkster> RoyK: i have no clue what you are talking about.
<RoyK> funkster: what are you trying to do_
<RoyK> ?
<funkster> qman__: someone would perform an action on the public server and that needs to instantly trigger an action on the firewalled server.
<qman__> what kind of action, at both ends?
<RoyK> funkster: if you don't know what I'm talking about, you might not know what *you* are talking about
<funkster> i need to run a shell script on the firewalled server once the public server tells it to. in a nut shell
<qman__> well, the first step is deciding on what method you want the action performed with, there are literally a million ways to do it
<RoyK> setup ssh keys and run thos jobs with ssh
<qman__> if it's management tasks, you might look into salt stack
<qman__> if it's a simple set of custom actions, reverse SSH or a cron job to check might be best
<funkster> cronjob isnt fast enough
<funkster> id have to loop a script every 1-2 seconds to check the public server.
<RoyK> then use a shellscript
<RoyK> make a loop in it
<RoyK> while true ; do something ; sleep 2 ; done
<funkster> didnt i just say that?
<qman__> you could set up autossh on the firewalled server providing a reverse SSH tunnel
<qman__> then have your script on the public server run an SSH command over that tunnel
<qman__> downtime can exist though, I find that in practice you might lose connection for as much as five minutes
<qman__> if you need something with higher reliability you might have to write it yourself
<qman__> openVPN is also a possibility, though probably overkill for this task
<funkster> right!
<fbdystang> Hi, I just installed an ubuntu zentyal email server. I am using afraid.org for dns. I can send emails just fine but cannot receive them. Please advise, and thanks in advance!
<qman__> a static IP is required to run an internet email server
<qman__> additionally, most residential internet connections and dynamic business connections block incoming SMTP traffic at the ISP level
<fbdystang> qman_: Really? If that is true then that is my issue. But I find that very hard to believe
<qman__> believe it, it's a fact
<qman__> while there is no technical reason you can't accept mail using a dynamic IP, no one will actually send it to you
<fbdystang> SMTP is open from my isp
<qman__> spam is a huge problem and in order to combat it, mail providers are extremely picky about who they will and will not accept mail from and send it to
<qman__> simply using a dynamic IP at all puts you in many RBLs
<qman__> you can check a lot of public ones yourself by going to mxtoolbox.com
<fbdystang> Wow, that is too bad. I am not understanding why other mail providers need be involved if I host my own email server
<qman__> in order for you to send email to other people, and for other people to send email to you
<qman__> if you only care about sending email to yourself, it doesn't matter
<fbdystang> OK, let me try sending email to myself and see if that goes through
<qman__> but I assume that you want to actually send email to other people on the internet
<qman__> as most do
<fbdystang> I can send just fine, it is receive that gets broke
<fbdystang> ah, it worked to myself
<qman__> what's your internet IP and domain name? I can check if it lines up from here and if the port is open
<fbdystang> So if I send an email from yahoo to my server, it won't go through because yahoo sees my server as too small and therefore a potential danger?
<fbdystang> Isn't there a better way to send you my IP and domain?
<qman__> not exactly, but if things aren't all set up the way they need to be, they might interpret it as virus activity or not be able to confirm your MX records match up
<qman__> what do you mean by a better way?
<fbdystang> I don't want the world to see it
<qman__> your DNS is published to the world already, and your IP is available to anyone who looks
<qman__> you're probably already getting hit by bots from china
<fbdystang> Is there a way to PM on here?
<qman__> my point is, the world already sees it, you're not protecting yourself in anyway by not posting it here
<qman__> I'm just not willing to go through the effort of port scanning you and doing reverse DNS lookups
<fbdystang> neither does anyone else, which is what protects me. There has to be a better way, as I would really like your help seeing if it is matched up correctly.
<fbdystang> I have issued a dig command and it appears correct
<qman__> did you run dig mx?
<fbdystang> yes
<qman__> did you ask anyone else's nameserver, such as dig ns @8.8.8.8 yoursite.com
<fbdystang> canyouseeme.org shows port 25 open so I assume I am good there
<fbdystang> nope let me try that
<qman__> err
<qman__> dig mx @8.8.8.8 yoursite.com
<qman__> not ns
<fbdystang> ok what am I lookin for?
<qman__> http://paste.ubuntu.com/5972253/
<qman__> look at ANSWER SECTION
<qman__> should look something like that
<qman__> and then, you should be able to dig the answer to an A record
<qman__> in this case, mail.deadface.org resolves to my server's IP
<fbdystang> ok, just going through it now. stand by
<fbdystang> yep, mine looks EXACTLY like that
<qman__> silly question, did you purchase a domain name or are you using one of their free subdomains?
<qman__> yahoo may automatically block sending to all their freebie subdomains to prevent abuse
<fbdystang> No, I purchase from godaddy, then pointed to afraid.org because I don't understand dns yet
<qman__> ok
<fbdystang> If I do a pastebin of my domain and give a small TTL do you think you could take a look?
<qman__> well, the basic requirements for other servers to send you email are having an A record that points to your server, and having an MX record for your domain which points to that A record
<qman__> sure
<fbdystang> ok stand by
<fbdystang> http://pastebin.com/DTBueKGE
<fbdystang> I think it is a setting in postfix or zentyal that isn't talking to that MX correctly
<qman__> ok, port 25 is not responding
<qman__> the DNS lines up correctly, assuming that IP is right
<qman__> do you have other ports open on the same server?
<qman__> just to make sure it matches
<fbdystang> yes
<fbdystang> 83
<qman__> when I GET on port 80 (http) I see a page like this: "Free domain sharing - Site not yet configured"
<fbdystang> Yes, I am blocking 80 on my router
<qman__> well, it's going to a site
<qman__> a site which says free domain sharing is not configured
<qman__> are you connected here on the same internet connection as your server?
<fbdystang> yes
<qman__> ok, then your A record is pointing to the wrong IP
<fbdystang> Really?
<qman__> yes
<fbdystang> try port 8084 and see if that comes up with a website
<qman__> nope, nothing
<qman__> your A record should be pointing to the internet IP of your server, which can be gathered by running "curl ifconfig.me" on the server
<fbdystang> OK, very interesting
<fbdystang> stand by, typing that in
<qman__> you might have to apt-get install curl
<fbdystang> yea, installing
<fbdystang> Ok, curl gives me exactly what I thought my IP was
<qman__> ok, the IP I get ends in 179
<fbdystang> OK, that is wrong
<qman__> how long ago did you set up your DNS?
<fbdystang> Is there a way to see exactly what you are seeing?
<qman__> http://pastebin.com/ADuPAtFc
<fbdystang> It was like a year ago, I am checking my account on afraid.org right now to verify the IP. But it has to be right because all other webtraffic comes in correctly
<qman__> I set it to 10 minutes
<fbdystang> I appreciate it
<fbdystang> I am getting different nameservers with the same command
<qman__> when I ask google I get the same IP but the NS is ns1.afraid.org.
<fbdystang> I am stumped :(
<fbdystang> But I am sure this is my problem
<qman__> well, it would definitely prevent mail from getting there
<qman__> log into your afraid.org and check what it's set to
<qman__> also, it's advisable to add more NS records to your domain, at least two is normal
<fbdystang> Do you mean more NS records from afraid.org? There are 4
<qman__> yes
<fbdystang> Ok, just typing in mail.mydomain.com into the browser gets to my webmail (A record), but it looks like the MX version doesn't make it. How is that possible?
<qman__> I get an SSL protocol error
<fbdystang> Is MX on a specific port that I need to forward?
<qman__> but it redirects to a different subdomain
<qman__> a.
<qman__> so unless your ubuntu server is doing that, you have something else in the way
<fbdystang> a.mydomain.com is masked to my ip
<fbdystang> afraid.org is doing that
<qman__> I see
<GH0> How would I go about changing the default group on a newly created file so that it is set for the parent folder, or for the users default group?
<qman__> in that case, your MX record is pointing to the wrong name
<qman__> the MX record _has_ to point _directly_ to your mail exchanger
<qman__> so it should point to a.yoursite.com
<fbdystang> ahhhh, you are right!!!
<fbdystang> Let me try that
<qman__> GH0, setgid on the parent directory, or change filesystem mount options
<GH0> Hey qman, I personally tried using ACL's, but for whatever reason the program I am using is not wanting to follow rules of the acl.
<GH0> Okay, and if that fails, what would be the easiest way for the file to inherit permissions of the parent folder?
<GH0> Because right now, every new file in the directory is created with rw------- which is not helping me.
<qman__> the umask of the application
<GH0> So... what if that application is firefox/chrome?
<GH0> Hold on, before you answer that let me google how to do that.
<qman__> firefox and chrome will abide your user's umask setting for downloaded files
<GH0> Isn't changing the default umask for a user somewhat risky?
<qman__> setting world read/write bits by default might be depending on your use case
<qman__> but the default umask is 0022
<qman__> which would have files created 644 and directories / executables 755
<GH0> Because while I would love for the ability of the newly created files to be read globally, I also don't want the home folder to be read by every single user in this case.
<GH0> Because the files are being downloaded to /home/user/Downloads, I am trying to make it so that only that folder is able to read, write, and execute versus /home/user/Documents.
<fbdystang> qman_ How long will it take to propagate that new ip on afraid .org?
<GH0> Which is what I was trying to do with the ACL thing, but that failed.
<qman__> fbdystang, depends on the TTL you set
<fbdystang> qman_: on my server or on afraid.org?
<qman__> it should only take a few minutes for your settings to apply in afraid.org's system, but for those settings to propogate to the servers, it can take up to the whole TTL length
<fbdystang> dang
<qman__> the TTL setting in your DNS zone on afraid.org
<GH0> qman, what is the third sticky bit? Is it o+s or something else?
<qman__> GH0, you could create a script which runs "umask 0022; chromium-browser" to start it with
<qman__> there isn't one
<qman__> or 0000 depending on what yo uwant
<fbdystang> OK, dig still lists the wrong ip, but I just received an email I sent to myself hours ago
<fbdystang> So I expect dig will straighten out with propagation time
<shauno> it's looking sane from here.  yourdomain still points to .179, but now has mx pointed to mx.yourdomain, which ends .231   (none of my business, but I thought I'd take a look since I don't have it cached)
<fbdystang> much appreciated shauno
<GH0> qman__, is there no other way then writing a script that initiates the function for the application?
<qman__> not unless the application has a feature to set file permissions upon download
<qman__> possibly a browser extension
<GH0> I don't understand this then. Why if I set a umask for the user of 0057 the program doesn't follow that umask in the first place? Why does the program follow it's own umask?
<fbdystang> qman_: shauno: It looks to be working perfect now. Thanks for the help, I really appreciate it. It is awesome people like you that promote open source and helping others that make a huge difference in the ubuntu community. Well done.
<fbdystang> MX records are now pointing to the right IP :)
<Halo1_> how do i enable ftp in my server , am am trying to put filles to it , ssh seems to work just fine after download openssh-server
<mardraum> ideally, use sftp, part of openssh
<mardraum> otherwise, install an ftp client like vsftp
<mardraum> er, ftp server, like vsftp.
<mardraum> you can also use scp if you have ssh working fine.
<mardraum> if you want a nice gui client that does sftp, try filezilla
<Halo1_> am trying to ftp from a windowss client
<mardraum> if you are not willing to use a client that supports sftp, then you have to install and configure an ftp server like vsftpd
<mardraum> (filezilla works on windows, btw)
<Halo1_> lol didnt think of that thanks
<QuackQuacker> Hi im trying to setup a local server which serves a welcome page with apache2. This is working fine. Now i have setup a AP and would like when connected to it and asking for any adress (etc. test.com ) go to my localhost instead. I have tried googling around and looked and iptables, but without success.
<Rapid2214> Just saw this in ubuntu, what is your AP (access point?) setup with?
<QuackQuacker> Atm it is just setup with the ubuntu create wireless. But i could set it up with airbase or etc.
<QuackQuacker> *airbase-ng
<Rapid2214> Ok, what IP range do your client receive? and what is the IP of the server?
<QuackQuacker> its 10.0.42.1
<Rapid2214> and clients?
<QuackQuacker> For the server IP. For the clients i am unsure, how do i check this?
<QuackQuacker> The assigned IP when connected to the AP?
<Rapid2214> Yeah
<QuackQuacker> Moment, i will just have to jump of the network and check.
<QuackQuacker> Hang on. bbiab
<QuackQuacker> Thanks for the help and effort btw
<Rapid2214> I assume it will be the DHCP of the same network, np
<QuackQuacker> Rapid2214, it was assigned 169.254.157.125
<Rapid2214> Ok, it's not getting a DHCP address then, can you do anything on that device?
<RoyK> QuackQuacker: that's a self-assigned address
<QuackQuacker> Ok
<QuackQuacker> No not really, it does not seem even to connect to the localhost via the ip
<QuackQuacker> Maybe i should use airmon-ng instead?
<QuackQuacker> wheps airbase
<RoyK> perhaps you should set a valid ip-address for that box first
<RoyK> I mean, on the same ip network as the other machines in that place
<Rapid2214> RoyK, that is a wireless device he is connecting to a AP created on his server of 10.0.42.1
<Rapid2214> Quack, that will be fine, we will just have to use IP tables to make it work nicely
<Rapid2214> Did you use the graphical network manager? or file based?
<QuackQuacker> I would love to use a gui network manager, so far ive tried different "sudo iptables ... "
<Rapid2214> What did you use to setup your wireless?
<QuackQuacker> atm it is set up via. ubuntu "create new wirelesss network"
<Rapid2214> Ok, not entirely sure how that works but I can give it an educated guess, do you have internet on that machine to give a pastebin output?
<RoyK> QuackQuacker: a server with a gui?
<QuackQuacker> RoyK, yes, i can just disconnect from the current connection, set it up, copy, and come back here again.
<RoyK> QuackQuacker: anyway - if you "create new wireless network" it'll be a peer-to-peer thing, and not part of your wireless network (if you have one)
<QuackQuacker> RoyK, i would like any peer connecting to my directed to my localhost nomatter what adress they put in...
<Rapid2214> RoyK, I have bridged to access the internet in the past, so it's possible
<QuackQuacker> Point being, i do not want anyone that connect to my AP to be connect with the net, just be redirected to my localhost page.
<Rapid2214> Quack, can you access your 42.1 from your current PC? does the svr has ssh installed?
<QuackQuacker> Im using this machine im at as access point, so i would have to switch off the current connection, start the ap, go to another computer, connect to app. Check. And yes i have ssh on this server.
<QuackQuacker> Let me just test. if you hold on.
<Rapid2214> I will only work in command line so if you can ssh to that machine it would make things quicker :)
<QuackQuacker> Back. Well no Rapid2214, it was no succes. I can connect to the AP fine. But when browsing to 10.42. it does not connect to that machine localhost
<QuackQuacker> Maybe i should use a proper program for the ap instead of the ubuntu gui
<Rapid2214> Yeah might as well
<Rapid2214> Im just creating a vid tutorial so might be slow to respond
<QuackQuacker> Yea, thanks for the effort. I will try something like hostapd and return when i know more
<mikeey> is there a way to view the packets which have been sent to the NIC for TCP checksum offloading like there is in Windows?
<mikeey> or do I have to rely on ethtool -K being correct?
<mardraum> how would it be incorrect?
<RoyK> mikeey: wireshark?
<mikeey> RoyK, I'll give that a go, thanks
<mikeey> mardraum, Windows likes enabling things but not really enabling it, I was under the assumption that Ubuntu could do that aswell
<mardraum> can you give me some evidence about this "windows fact"?
<mikeey> mardraum, what I ment was that I never get it to work properly in Windows, netsh int tcp show global tells me chimney offloading is enabled, while netstat -nt claims all connections are InHost
<mikeey> aka, not offloaded
<mikeey> hence I want to make sure they are actually getting offloaded in ubuntu
<Patrickdk> heh? tcp checksum is just one of many things windows chimney offload does
<Patrickdk> and the checksum only part won't show up in netstat
<Patrickdk> atleast according to microsoft
<Patrickdk> do you have a real server grade nic in that machine? that supports scatter-gather, tso, gso, gro?
<Patrickdk> probably lro also
<mikeey> it's an Intel Pro/1000MT PCIe Server adapter
<Patrickdk> ya, it only has sending optimizations, nthing for receive
<Patrickdk> it's just too old
<Patrickdk> not that linux or windows isn't using it, but windows can't push the whole thing into the nic to be handled, cause it doesn't support the whole thing
<mikeey> ah
<mikeey> so I'm out of luck?
<Patrickdk> dunno, what kind of luck did you want?
<Patrickdk> it supports tcp checksum offloading
<mikeey> that is what I want
<Patrickdk> and that is very very easy to test with wireshark, it will complain all outgoing packets have bad checksums
<RoyK> mikeey: is there a performance issue with your system, or are you just curious?
<mikeey> I'm just curious
<RoyK> ok
<RoyK> imho if there isn't an issue, why bother :P
<mikeey> because it's fun to fiddle with it haha
<RoyK> :)
<mikeey> Patrickdk, so if Wireshark complains about all the outgoing packets having bad checksums the tcp offloading part works?
<Patrickdk> if other computers receive the packets? yes
<Patrickdk> cause something outside of linux, is adding proper checksums
 * Patrickdk notes, this is a common xen issue
<mikeey> alright
<mikeey> thanks for the help/explanations
<mikeey> well, wireshark tells me that almost all my packets have invalid checksums - is that what I was looking for?
<RoyK> ouch
<RoyK> can you post a trace somewhere?
<RoyK> tshark -i ethX -w blah.pcap
<mikeey> it does say "May be caused by TCP checksum offloading"
<mikeey> http://wiki.wireshark.org/CaptureSetup/Offloading
<RoyK> then try to disable it and see if it works better
<ddsss> Why does my fstab: http://paste.ubuntu.com/5973972/  produces this dir layout:  http://paste.ubuntu.com/5973978/
<ddsss> ^ I mean -> why is junk_1tb is 755, while others are 777  with identical fstab entries?
<uvirtbot> ddsss: Error: "I" is not a valid command.
<ddsss> I mean -> why is junk_1tb is 755, while others are 777  with identical fstab entries?
<bekks> Because of the permissions set on the filesystems.
<ddsss> bekks, directories created automatically during boot. I don't create them manually.
<bekks> Thats not what I am talking about.
<bekks> In the past, you did set the permissions on A to 755 while you set them to 777 on B.
<ddsss> bekks, emm. im not sur if I'm following....
<ddsss> bekks, how would I go aboutt fixing it?
<ddsss> bekks, when I unmount them and remove /mnt/* adn reboot - they get recreated during boot with junk_1tb being 755 and others 777...
<ddsss> bekks, got it sorted. just chmodded 777 and it stays like that after reboot. thank!
<andol> ddsss: Also, are you sure that 777 is the right solution to whatever permission situation you are having?
<ddsss> andol, this is a nas server. those 3 drives should be visible and browserable by anyone on the network, ie guest access (it's a home nas).
<ddsss> andol, so I'm just mounting these 3 drievs to be used by samba  basically.
<QuackQuacker> Rapid2214, still around. Ive setup a new test box. Atm its running an AP with airbase. I can connect but do not get an proper IP.
<QuackQuacker> Im in doubt on how to couple the ap thats running "mon0" with a dhcp server.
<ironhalik> Hello
<ironhalik> it may be a stupid question, but how can I check if a system is ubuntu desktop or ubuntu server? :>
<ironhalik> I'm not sure if deployed image is gui-less ubuntu, or ubuntu server
<ironhalik> lsb_release -a says it's ubuntu 13.04
<Rapid2214> Do you only have SSH access atm then?
<ironhalik> yup
<Rapid2214> dpkg --get-selections | grep network-manager
<Rapid2214> that is a graphical package
<Rapid2214> not sure of another way, never come accross the need :)
<ironhalik> well, there's no output :>
<ironhalik> sources.list has just raring repos
<Rapid2214> dpkg --get-selections | less
<Rapid2214> then you can check what packages are installed, pastebin the pages if you are unsure
<ironhalik> well, no Xorg :>
<ironhalik> I'm new to Ubuntu as a server OS, not sure if Ubuntu is mostly a desktop 'remix' with GUI parts hacked out
<ironhalik> or more of a standalone project
<bekks> The GUI pats are no hack.
<DWSR> its neither, really.
<Rapid2214> I much prefer using ubuntu as a server, gui just pisses me off :P
<ironhalik> hmm, I do have alndscape installed :>
<ironhalik> landscape*
<Rapid2214> isnt that just an update webui management thing? What more does it do?
<ironhalik> kinda, allows for batch server management, etc
<ironhalik> AFAIK, ofcourse
<Rapid2214> humm, and it's pay for i think :( Puppet opensource ftw :P
<patdk-wk> heh? puppet isn't opensource
<Rapid2214> It has a opensource branch
<Rapid2214> https://puppetlabs.com/puppet/puppet-open-source/
<patdk-wk> oh, I wrote it off, since it's so limited in what I would want it to do
<Rapid2214> I really like it, just finished a class to setup to vm cluster nodes
<lifeless> hallyn: so is there some way to turn off the subvolume stuff for lxc w/btrfs?
<lifeless> hallyn: it interferes with --one-filesystem backups :<
<s0m3body> Hello, I have a server and I wanted to know what the best way to combine drives is? My host doesn
<s0m3body> doesn't offer RAID0, so I wanted to do something like that
<mramaria> hi. any known issue on 13.04 64 mini not recognizing kb and mouse?
<mramaria> itÂ«s a  TX200 S2 - XEON 3.2Ghz DUAL CORE. tested other OSs and do fine.
<mramaria> ... and i did try other kb & mouse...
<jkitchen> not recognizing, as in, they don't work? or?
<jkitchen> could be a usb thing.
<jkitchen> like it's not recognizing your usb hub
<jkitchen> which would be *really* weird.
<mramaria> I'm trying to do an installation and I can't pass installer boot menu due to kb and mouse not functioning
<mramaria> jkitchen: but it recognizes in debian, win server...
<jkitchen> no, I mean a driver issue with 13.04
<jkitchen> not blaming your hardware
<mramaria> oh :)
<mramaria> :(
<jkitchen> are you using usb or ps2 keyboard?
<mramaria> usb jkitchen
<jkitchen> is there a ps2 keyboard available you can use?
<jkitchen> assuming the machine has ps2 ports.
<jkitchen> not saying that's the solution. I mean, it's *a* solution, but we can use the ps2 keyboard to troubleshoot
<jkitchen> or if you have a ps2/usb adapter
<mramaria> i have to find one. yes i have but not near by. that's a sollution indeed
<mramaria> solution i men
<jkitchen> you can also look into your machine's bios to see if it has legacy usb keyboard support enabled
<jkitchen> I've had that cause wonkiness depending on how it was  set
<mramaria> tks jkitchen . i'll install tomorrow
<mramaria> tks a lot
<delinquentme> so weve got a two servers on is the web .. other the database.
<delinquentme> I'm just assuming that we've got some SSH keys for connections between the two ... and I'm root on the web server
<delinquentme> How can I 1) check to see what SSH permissions are between these machines 2) attempt to use that key for connection purposes
#ubuntu-server 2014-08-04
<z1haze> does anyone have any free time, and can help me understand how to setup virtual machines on my server? im really in need of help, and I cant find any anywhere
<TJ-> z1haze: what type of VMs?
<z1haze> kvm
<zartoosh> hi how could i download debian package without installing ? thx
<TJ-> Qemu then; what are you using to manage it? libvirt/virsh or native qemu/kvm ?
<z1haze> i TJ- i followed this tutorial: http://www.howtoforge.com/virtualization-with-kvm-on-ubuntu-12.04-lts and I completed it
<z1haze> i believe its libvirt/virsh
<z1haze> i went ahead and bought an additional IP from my server provider as well
<TJ-> zartoosh: "man apt-get" and see "--download-only"
<TJ-> z1haze: You have a dedicated bare metal server?
<z1haze> i dont know what you mean bare metal, but yes its a dedicated machine
<TJ-> z1haze: Well, many hosting providers supply virtual machines, so I was ensuring that you weren't trying a nested VM
<z1haze> no, its a dedicated box
<z1haze> full dedicated
<z1haze> that im certain of
<TJ-> You should be able to manage with the CLI virsh .... but I'd recommend starting out on a local PC getting used to it, where you can make mistakes easily
<z1haze> the only linux i have is on the server
<z1haze> Ive got it all installed correctly i THINK
<TJ-> z1haze: Ahhh :)
<z1haze> ive just not been able to get a lick of help and its so frustrating, iwant to created several vps on this machine because I need to let people use them
<TJ-> z1haze: Well, play about with virsh with VMs you can dispose of if you go wrong, don't try for your production VMs with your first usage of virsh/libvirt/qemu
<z1haze> thats fine by me, im just stuck i dont really know what to do next
<TJ-> There are several Ubuntu so-called 'cloud' tools but they are more targeted at larger multi-server installations that require orchestrated management
<z1haze> that probably would be best for me then.
<TJ-> z1haze: I generally start off with the man-pages
<z1haze> well I did create one vm
<TJ-> there's the "vm-builder" tool that may help
<z1haze> but im not sure how to assign the ip I bought to it, etc.. there isnt really instructions on that
<z1haze> yes thats what im using!
<z1haze> when i do virsh list --all it says my vm1 and state is shut off
<z1haze> but the ip i typed in when i ran the vm builder was not the correct ip.. i didnt know I had tobuy a new ip from my host
<z1haze> I think I just need help like tying in my new ip with the vm i created?
<TJ-> z1haze: Well that's more a networking issue, for routing. If that IP is being rooted to the bare-metal NIC, then you either need to add a route for that IP to the VM's interface, or create bridge so the host and VMs are all the same Ethernet domain
<z1haze> would you please help me with that?
<z1haze> i spent all evening last night getting this far
<TJ-> z1haze: That's really complicated stuff, it'll take time for you to figure it all, I'd figure on allowing at least a week to understand it all fully.
<z1haze> a week just to get a single vps up?
<z1haze> that link that I pasted a bit ago was the tutorial I followed did you look at it?
<TJ-> z1haze: have you seen https://help.ubuntu.com/community/KVM/Virsh
<z1haze> yes i have done all that
<z1haze> http://puu.sh/aDMy7/b15bba38e8.png
<TJ-> z1haze: No, not to get a single VPS up - to *learn* how to admin this kind of network and VM configuration
<z1haze> its technically there, i just dont know how to put the ip to it, and make it functional
<TJ-> z1haze: You're working with amazingly complicated software; it's not a click-and-forget type of thing, experimentation is the bets way to learn
<z1haze> i just dont know what to experiiment with, theres literally nothing ive found on the internet related to what im trying to do, or at least from my eyes
<TJ-> z1haze: That's why it helps to have a local machine you can play around/develop on
<z1haze> TJ- does that screen shot me i have setup a vm?
<z1haze> mean*
<TJ-> z1haze: Yes, it tell you it is shut off
<z1haze> yes, because I shut it off
<z1haze> because I dont know how to setup an ip to it from my host
<z1haze> can someone help me setup my kvm so to use with an external ip?
<z1haze> ive created a vm with vmbuilder but i dont know how to link it with a public ip that i purchased
<z1haze> ill pay someone to show me
<z1haze> fuck it
 * Abhijit raises hand!
<z1haze> k
<z1haze> really sad no one wants to help without getting paid but its cool w/e
<z1haze> how much
<Abhijit> err....was just joking ....
<Abhijit> sorry.
<z1haze> no ill pay
<z1haze> idc
<Abhijit> z1haze, meanwhile try in ##linux
<z1haze> ive been in here for 2 days asking, no one bats an eye
<z1haze> im doing it on ubuntu
<Abhijit> z1haze, in these 2 days you should have tried askubuntu.com server fault etc
<Abhijit> z1haze, ##linux is general linux channel
<z1haze> ive been following tutorials and such
<z1haze> i was able to create a vm
<z1haze> with vmbuilder and virsh w/e its called
<z1haze> it says its there and i can start it
<z1haze> but i dont know how to make it to where i can connect to it publicly
<Abhijit> i think the public ip is done throught switch?
<Abhijit> do you have kvm switch?
<z1haze> i dont know.
<z1haze> im far from being a linux sufficient user, i rent a dedicated server that has ubuntu and thats all i know
<z1haze> i follwed this tutorial http://www.howtoforge.com/virtualization-with-kvm-on-ubuntu-12.04-lts and was able to create a vm
<z1haze> from that ive got nothing.. no way to connect to it to use it, or no way to assign it a new ip
<Abhijit> talk to your hosting provider. he can connect it to public ip for you. under your regular support.
<z1haze> no, they dont
<z1haze> they dont do anything
<Abhijit> did they told so exclusively?
<z1haze> believe me ive called, cause i fucked the whole network a bit ago i called
<z1haze> i had to boot in rescue mode and fix the network interface file
<z1haze> and he told me, we dont offer any software support
<z1haze> so yes, exclusively
<Abhijit> time to go to elance.com for odesk. someone with good reputation and reviews.
<z1haze> what?
<z1haze> what are you talking about
<z1haze> oh you mean back to paying someone
<z1haze> gotcha
<Abhijit> time to hire someone. those website will help you hire good linux sys admins
<Abhijit> :-P
<z1haze> yep
<z1haze> i guess you dont have knowledge of doing what im trying to do?
<z1haze> i never imagined setting up a vps would be so diffilcult
<Abhijit> i dont have knowledge of troubleshooting kvm and its public ip. otherwise i am well knowledged with linux server related stuff. some info in pm
<Tazmain> hi all when I try mount my server's file system with sshfs I keep getting connection reset by peer how do I fix that ?
<sarnold> Tazmain: can you ssh to it from that same client?
<sarnold> Tazmain: if you can ssh to it, can you sftp to it?
<Tazmain> sarnold, I can ssh perfectly fine. I use to be able to sshfs not sure why I can't now
<Tazmain> sarnold, if I sftp to it and specify just a directory is it suppose to do anything or just sit there waiting for input ?
<Tazmain> I got  connection timed out
<sarnold> Tazmain: interesting. timed out on the one hand, connection reset by peer on the other.
<Tazmain> yea :(
<sarnold> Tazmain: are there any messages in the auth.log or syslog?
<Tazmain> is this an issue client or server side ?
<Tazmain> I will have a look now
<sarnold> Tazmain: probably server side, but you never know..
<Tazmain> both logs are clean
<Tazmain> nothing shows up when I try sshf. I was tailing the files.
<alex88> hi guys, I've a strange problem, df shows 13gb used in a partition, going into that mount point and doing a du instead, shows only 3gb used
<alex88> what could be the problem?
<peetaur2> alex88: lsof -Pn /mountpoint/ | grep deleted
<peetaur2> alex88: deleted files that are open (the o in lsof = open.... 'list open files') still take space
<alex88> peetaur2: none
<peetaur2> alex88: okay well maybe you just missed it with du... try cd / and then use ncdu instead of du
<alex88> peetaur2: mmhh dunno why, space dropped down to 900mb used :S
<alex88> dunno if after the lsof or ncdu on root point but that's strange
<peetaur2> why 900 MB and not 3GB used?
<alex88> because I removed also some old software releases
<peetaur2> ok
<alex88> so it's correct now
<alex88> maybe it was logstash using the access logs but the files were about 1-2gb in size, not 10
<alex88> (I also restarted logstash)
<Noskcaj> zul, jamespage: I've made the mistake of syncing python-wsme. This added depends on python-turbogears2 and python-transaction, which were meant to be added in 0.6-1. The code seems to needs these, so should i be dropping the depends or filing MIRs
<alex88> well let's consider this as solved, many other things to do, thanks anyway peetaur2!
<Tazmain> sarnold, got it fixed by using the server's ip
<rbasak> zul or hallyn: bug 1350727 sounds like it needs looking at.
<uvirtbot> Launchpad bug 1350727 in libvirt "Domains created and managed via libvirt/virsh do not autostart" [High,New] https://launchpad.net/bugs/1350727
<jak2000> hi all good morning
<jak2000> any advice? about this eth0 problem?
<jak2000> http://pastie.org/9439533
<jak2000> i changed auto lo by auto eth0 static  try again sudo ifup eth0 y get this error message:
<jak2000> ifup: interface eth0 already configured
<pmatulis> jak2000: what about 'sudo ifdown eth0' first?
<pmatulis> should bring interface down, make the change, then bring it back up
<jak2000> RTNETLINK answers: No such process
<fridaynext> I'm having trouble mounting my 'TV' NFS share - everything else works except for it (in OSX 10.9 client) http://pastebin.com/raw.php?i=ZWurZ4tt
<fridaynext> NFS share is on an Ubuntu 14.04.1 Server machine.
<fridaynext> it looks like my settings are exactly the same, so I can't figure out why it won't connect...
<fridaynext> and my OSX uid owns all the folders... http://pastebin.com/raw.php?i=JNW00ZuU
<fridaynext> so it should work - like 4 out of the 5 do, but the TV folder isn't working
<fridaynext> is there a minimum character length required for an NFS share folder?
<samba35> i want to start guest after some interval of host start   (have two guest  -want to start 1st guest after 50 sec  abd 2nd guest after 100 sec )  in redhat i think it can be achive with this method but could not find with ubunut can you  please tell me how it can be done
<samba35> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/sect-gracefully-shut-down-guests-libvirt.html
<pmatulis> samba35: start the guests using a script.  possibly triggered using the @reboot in cron
<hallyn> rbasak: yup, there are a few bugs in libvirt hta tneed looking at
<samba35> sorry i am very dull in script writing
<samba35> can you please give me some idea ,do you have any link for the same
<lordievader> samba35: sleep 50&&virsh start <vm1>&&sleep 100&&virsh start <vm2>; but then in a better readable form ;)
<samba35> lordievader: ok ,but i am using virt-manager to start guest ,then how this trick can be achive
<jak2000> pmatulis any other advice? thanks
<Nivex> virsh edit nameofvm
<Nivex> <on_reboot>restart</on_reboot>
<lordievader> samba35: Same way, virt-manager is the gui counterpart of virsh, virsh is the console part.
<samba35> ok thanks
<lordievader> samba35: So use virsh ;)
<samba35> it can be added to runlevel startup script ?
<Nivex> oh wait, that's the action to perform when the guest requests it. hang on, I know it's in there somewhere
<Nivex> virsh autostart nameofvm
<Nivex> even easier
<Nivex> and if you need to turn it off: virsh autostart nameofvm --disable
<Nivex> the libvirt init scripts already honor that flag. no further changes required.
<lordievader> Nivex: But does it do the delay?
<Nivex> oh, I missed that part. why the delay?
<samba35> what if all guest try to start at same time
<lordievader> Then your server is busy for a bit.
<samba35> i don't have good cpu and ram on machine ,when guest start it consume 100 % cpu for long time but after boot it remain steady 10-20 %
<samba35> ok i have another problem with virtualization ,i have 2 guest 1st gues is utm software ,and it give other guest and host ip from dhcp but every time i have to start this command then only i am able to start guest
<samba35> ifconfig eth0 0.0.0.0
<samba35> this i tryed to add with rc.local but it did not work for me but after guest start if i run ifconfig eth 0.0.0.0 the all things work finr
<samba35> fine
<samba35> delay start is good feature which is there in vmware esxi also i use that
<apb1963> I'm trying to login to a Lantronix Spider KVM console... the console comes up, but I'm unable to type in it.  Any ideas?  I get the same results with either chrome or firefox
<pmatulis> samba35: i agree that it's a neat feature.  open a wishlist libvirt bug
<pmatulis> dunno what 'Lantronix Spider KVM console' is but it sounds mighty kewl
<apb1963> It's a piece of hardware that lets you access a machine over IP, as if you were at the console.
<apb1963> Lantronix makes it. Spider is the model.
<hallyn> rbasak: (it's been in my inbox for awhile just haven't gotten around ot setting up a reproduction)
<rbasak> hallyn: no worries. Just thought I should draw attention to it.
<rbasak> hallyn: I failed to reproduce in the default case. The bridge might have something to do with it, but that seemed awkward to reproduce on canonistack.
<pmatulis> apb1963: ;)
<samba35> virt and virsh is part of kvm or libvirt ?
<hallyn> rbasak: yup, i'll try locally in a vm
<jak2001> arghh cant configure eth0
<jak2001> http://pastie.org/9444405
<jak2001> anyone can help
<lordievader> jak2001: Are your network settings correct? It complains the network is unreachable.
<jak2001> lordievader: http://pastie.org/9444462
<lordievader> jak2001: Your ip address is wrong, and I have my doubts about the netmask.
<jak2001> i am configure.... for test
<jak2001> you tell me (please) which change?
<lordievader> jak2001: I don't know how you've configured your network, or what you want the ip to be but it needs to be in the range of 192.168.0.1-255 and I'd change the netmask to 255.255.255.0, but that might be different for your network.
<lordievader> jak2001: Set it to dhcp and copy those settings, that is the easiest.
<jak2001> my ip adress is: 192.168.0.x and gw: 192.168.0.254 and netmask 255.255.255.0
<jak2001> how to check if i have the correct driver installed of my eth0
<lordievader> jak2001: Does it show up under ifconfig or ip?
<jak2001> my ip adress is: 192.168.0.x and gw: 192.168.0.254 and netmask 255.255.255.0
<jak2001> sorry: ifconfig
<punkgeek> File '/tmp/db_import.txt' not found (Errcode: 13)   why i get this error?
<punkgeek> perm is ok, but i dont know why i get this error wehn import mysql db
<punkgeek> MY123 (uid37100@gateway/web/irccloud.com/x-sxwwfcjvcsbevfck) has quit (Quit: Connection closed for inactivity)
<ahmadgbg> Hi, im currently installing ubuntu server with software raid. I have a question about swap area. Do i need it if i have 16GB Ram?
<xnox> ahmadgbg: yes.
<ahmadgbg> xnox: How much?
<xnox> ahmadgbg: 16GB =)
<ahmadgbg> xnox: Im going to have raid 6 with 5 drives. Should have a swap area on each drive?
<xnox> ahmadgbg: you should have swap on your raid device. that is raid arrays are partitionable, hence your swap will be on the partition of the raid array.
<xnox> ahmadgbg: you must has swap as reliable as your root fs.
<xnox> afterall, you are getting raid such that a random drive failure doesn't bring down your system.
<z1haze> will someone with experience please help me setup/configure a vps on my dedicated server?
<ahmadgbg> xnox, so should i make a partition on each drive for that swap area, like 3,2 GB on each drive
<xnox> ahmadgbg: no.
<xnox> ahmadgbg: run installer, create raid device, run autoparition and install.
<ahmadgbg> xnox, btw the raid 6 is going to be my storage. Im going to use a raid 1 for ubuntu with two 80 GB. Should the swap area be on both raids or just raid 1
<ahmadgbg> xnox, it will fix the swap area by itself
<ahmadgbg> ?
<xnox> yes.
<ahmadgbg> nice :D
<ahmadgbg> xnox: thanks
<xnox> assembled raid device, e.g. /dev/md127, is a block device which one can partition and e.g. have "/" ext4 on /dev/md127p1 and swap swapfs on /dev/md127p2 etc...
<xnox> thus you don't need to do on the drives themself (e.g. /dev/sdb, etc.)
<ahmadgbg> xnox, but i have to create partitions for the swap area?
<jak2000> lordievader:   http://pastie.org/9444502
<xnox> ahmadgbg: please see ubuntu-server installation guide, advanced installation, raid. It walks step by step, through correct way to create raid device and perform installation onto it.
<ahmadgbg> xnox, ok..
<coreycb> rbasak, have a sec for exim4 merge question? :)
<rbasak> coreycb: sure!
<z1haze> is it really that complicated to setup a vps on a dedicated server
<coreycb> rbasak, the new debian version of exim4 has removed some patches, but when I build the new ubuntu package, the removed patches are applied
<coreycb> rbasak, does that make any sense?
<ahmadgbg> xnox, i quick question, do i need a swap area only on the ubuntu installation raid (raid 1) or on the storage raid (raid 6)?
<ahmadgbg> xnox: 1 quick*
<xnox> ahmadgbg: what do you think?
<ahmadgbg> xnox: only on raid 1?
<rbasak> coreycb: are you using grab-merge? That seems to apply patches but not mark them as applied .pc.
<rbasak> Apparently it's a long standing bug
<coreycb> rbasak, yes I'm using grab-merge
<rbasak> coreycb: http://people.canonical.com/~cjwatson/dpkg-quilt-setup is a workaround for that
<coreycb> rbasak, great, thanks!
<ahmadgbg> xnox: was it right?
<weeb1e_> Does anyone know how I can make apt-get -y install block until the process ends?
<weeb1e_> If I try to do stuff after apt-get -y install in a bash script, it continues executing the bash script half way through the apt (after fetching apt data, before actually starting to install anything)
<weeb1e_> Which makes bash print out the rest of the script but never execute it (since apt is still running)
<zermanno> Hi, is it possible to install ubuntu server on a spare disk on a desktop and then move the hd to an headless server?
<coreycb> rbasak, for the exim4 issue, the patches aren't actually in debian/patches and they're not in the quilt queue, however I can see from looking at the source that it's been modified with the patch changes.  can I get away with manually updating the diff?
<samba35> how do i shutdown /suspent guest os when i shutdown  host (ubuntu server)
<smw> Hi all. Anyone know what I would put into a cloud config to ensure /dev/xvdb is used as swap?
<smw> I want it to be formatted (if not already) and then swapon'd
<jak2000> TJ-? are you there?
<TJ-> jak2000: That depends on whether you are planning on causing me a headache or not :p
<rbasak> coreycb: so this is an area where I've never figured out how to get there using grab-merge, save for fixing everything up manually.
<rbasak> coreycb: I do find the need to edit diffs sometimes
<rbasak> coreycb: or I do it without grab-merge entirely.
<rbasak> I'm just about to post my own workflow that I fall back to whenever I have issues. It's a bit complicated though :-/
<jak2000> TJ- i continue with my eth0 problem
<jak2000> can you see please: http://pastie.org/9444643
<coreycb> rbasak, :)  alright, thanks for the info. and having another workflow to reference would be useful.
<TJ-> jak2000: There's a syntax error in the 'interfaces' file, for eth0. Check "man resolvconf" for "nameserver"
<jak2000> TJ- need change nameserver -> dns-nameserver right?
<TJ-> jak2000: *read* the man-page and you'll see more than that
<patdk-wk> oh! status update on bug I filed 3 months ago :)
<patdk-wk> bug title has been renamed!
<patdk-wk> progress
<samba35> can i add 127.0.0.1 localhost and 127.0.0.1 somexxxname ?  in /etc/hosts
<sarnold> samba35: add 127.0.0.1 for localhost and 127.0.1.1 for your hostname
<samba35> i did that but puppet some functions works fine when i add 127.0.0.1 to puppet and remove localhost.localdomain
<samba35> but i lost fqdn  ---hostname -f
<^Lestat1> Im trying to install PDFlib lite on my server
<^Lestat1> I have downloaded the tarball to /usr/local/src
<^Lestat1> ran 'make' and 'makefile'.
<^Lestat1> What is it I need to do next?
<^Lestat1> <-- pretty new to cli/server stuffs
<sarnold> ^Lestat1: the usual incantation is ./configure --prefix... --otherstuff ; make ; make install
<sarnold> ^Lestat1: most folks like to build sources in their home directories so they don't run the build as root ..
<^Lestat1> I don't know what ./configure --prefix does?
<^Lestat1> The manual looks greek to me.
<^Lestat1> (figuratively speaking)
<^Lestat1> So for starters I should be doing this in /home
<sarnold> ^Lestat1: I think so, I've got a ~/Local/ where I do all my local software builds; ./configure is a common script from autotools packages, the --prefix lets you say where you want the software installed
<^Lestat1> './configure --some/location' ?
<sarnold> ^Lestat1: ./configure --prefix=/usr/local/bin  or something similar -- see if there is a ./configure --help  output :)
<^Lestat1> I have no-idea where I should put this??
<^Lestat1> So far I have just liked apt-get install whatever you want hehe
<sarnold> :)
<^Lestat1> At this point howeer, Im missing my MSI GUI
<^Lestat1> I managed to get this far http://pastebin.com/iHj3mzEa
<^Lestat1> no idea where to put it though. but even worse, I got this far following a blog post. Which just makes me dangerous.
<^Lestat1> I'd prefer to know what it is I'm doing
<sarnold> ^Lestat1: note that /home is just a directory (or filesystem) that contains your actual home directory, which appears to be /home/vagrant
<^Lestat1> yea but where should one install pdflib? Its not a program really. So where would one put a lib?
<^Lestat1> and secondly, how would I tell php where to find this lib?
<jkyle> anyone have a working preseed or kickstart with lvm volumes for 14.04?
<sarnold> ^Lestat1: I'd try /usr/local/lib or something similar; no idea on the php front, I avoid that like the plague.
<^Lestat1> hehe
<^Lestat1> Im actually liking all this sudo business. Makes me think twice.
<sarnold> that's a good fear to have :)
<^Lestat1> ok this is a first. Im seeing a -> in an ls
<^Lestat1> what the heck does that mean? http://pastebin.com/9sdHgeAx
<^Lestat1> is that an alias or something?
<sarnold> ^Lestat1: symbolic link; check out man 2 symlink and ln --help
<^Lestat1> It's not a dir thats for sure
<^Lestat1> man 2?
<sarnold> ^Lestat1: maybe man 7 symlink is more useful
<^Lestat1> I didn' t know there were several man's
<^Lestat1> (wouldn't that be 'men' ;P)
<sarnold> ^Lestat1: manpages are in different sections; 1 is user commands, 8 is admin commands, 2 is system calls, 3 is library calls, 5 is configuration files, 7 is overview, 4 is device files, and 6 is games (mostly unused)
<^Lestat1> ah so then I dont have to scroll through the whole thing.
<^Lestat1> Damn, all I wanted was a local dev server lol
<^Lestat1> Now I have to learn alla dis
<sarnold> it's fun :)
<^Lestat1> symlink is 'shortcut' in windows.
<sarnold> funny enough, windows also has symlink, a different thing from shortcuts :) the cygwin tools make it easy to create them with 'ln', same as on unix-ish systems
<sarnold> explorer.exe is not happy with them
<^Lestat1> uh boy. Im using cygwin
<^Lestat1> but Im using on my host to hit a vm
<^Lestat1> where can I find the reference to man 1, man 2 etc as you stated above?
<^Lestat1> because I REALLY like how man 7 reads.
<sarnold> ^Lestat1: man 1 intro, man 2 intro, man 3 intro, ... :)
<sarnold> ^Lestat1: and 'man man' to give you the man manpage
<^Lestat1> and you got all this memorized??
<sarnold> ^Lestat1: much of this, yes; but this is the good stuff, this is what lets you look up the rest of the information you need quickly :)
<^Lestat1> nixie pixie
<^Lestat1> I suppose Ill get used to it like I did with php
<digs> So, over the weekend my server crashed. I am trying to figure out exactly what happened. Here are a few iterations of what happened in the syslog ouput at the first sign of trouble. http://codepad.org/iay0alKK
<weeb1e_> So when did ubuntu ruin it's CPU "performance" governer?
<digs> As far as I can tell, apache started taking up too much memory. By the time I got to it, the CPU was pegged and I couldn't even ssh in. I had to shut it down and restart it forcefully.
<weeb1e_> Setting the governer to "performance" has always meant "no CPU scaling below base frequency", now it means not less than 1.6ghz
<digs> Now, _why_ apache started to take up too much memory I don't know.
<weeb1e_> digs: Change to nginx if possible, it will use 0.01% of the ram that apache would even if apache was using a "normal" amount
<weeb1e_> Apache is ancient, and terribly bloated, it's threaded architecture wastes a ton of ram
<weeb1e_> It really shouldn't be used at all anymore
<^Lestat1> so ...what do I do when sudo is failing? http://pastebin.com/DEcVQN9K
<kklimonda> sudo isn't really failing, it's not not working as you expect it to when you redirect streams
<weeb1e_> ^Lestat1: Sudo su
<sarnold> ^Lestat1: that one's complicated. either use echo foo | tee filename   or start a shell with 'sudo -s' and run the command in the shell
<^Lestat1> ok This is over my head
<weeb1e_> The easiest way to redirect streams is to become root first
<weeb1e_> So just "sudo su", do whatever without sudo, and then "exit"
<weeb1e_> I really don't feel ubuntus performance governer is working correctly
<^Lestat1> "redirect streams"?
<sarnold> ^Lestat1: using < or > or |
<weeb1e_> ^Lestat1: The ">" in that line redirects stdout to a file
<^Lestat1> oh. Thats just import/export right?
<^Lestat1> or append
<pmatulis> right, 'echo foo | sudo tee -a filename' is pretty standard
<^Lestat1> This all looks so foreign to me.
<^Lestat1> But I am really liking that my hands pretty much dont leave the leyboard.
<weeb1e_> Anyone know how I can override the performance governer to force ubuntu to use the max possible frequency, instead of underclocking some cores? I have the governer for all cores set to "performance", but ubuntu is ignoring it and underclocking anyway
<weeb1e_> This is very odd, I've never seen the governer ignored before
<weeb1e_> I think it may be related to the bios of this box giving software (ubuntu) full control of the CPU frequency
<weeb1e_> As that was the only way to make the governer load at all, before that was enabled, the governer always failed to load
<weeb1e_> But now that ubuntu has full control of the CPU, it is ignoring the governer and scaling the CPU anywa
<weeb1e_> *anyway
<sarnold> weeb1e_: that bit is usual as long as CPUs have had selectable speeds..
<weeb1e_> sarnold: Not if you set every cores governer to "performance"
<sarnold> weeb1e_: there's a huge pile of interacting things here -- I had expected just selecting performance would have turned off the more annoying ones..
<weeb1e_> The performance governer works as expected on all my other boxes
<sarnold> weeb1e_: heh, IRC collide; the bit that is usual is that the OS kernel has control over speeds, not so much the bios
<sarnold> weeb1e_: please file a bug; you might be the first to notice something is wrong :)
<weeb1e_> Let me check another box that has a recent ubuntu running
<weeb1e_> Just to be sure
<weeb1e_> Ah damn, the only other box I still have with a recent ubuntu, has an older CPU which doesn't support the i7 interface
<weeb1e_> sarnold: Know of a workaround, filing a bug is not going to solve this short term, and I cannot use the box until it is solved
<weeb1e_> I already had to wait since last week, to get someone with physical access to enable software control of the CPU in the bios
<sarnold> weeb1e_: you could try the userspace governor and then figure out what to write where to tell it to go full-tilt
<weeb1e_> I'll try that, thanks
<digs> weeb1e_ - That is not an answer to my question at all.
<kklimonda> don't new kernel use a different scaling governor instead of the old ones (one of which is performance)?
<kklimonda> intel_pstate or something like that
<weeb1e_> Unfortunately, CPU scaling has a terrible effect on realtime applications
<sarnold> weeb1e_: iirc installing a gnome cpu applet thingy does this (which came as a gigantic "WTF EWWWW" when I found it) -- perhaps it'd be an easy place to figure out the interface
<weeb1e_> sarnold: On a server without an xserver? :P
<sarnold> weeb1e_: just read hte source for it ;) odn't actually use it, heheh
<jak2000> TJ- now i can ping to other's pcs into my lan, but cant surff on internet. i do: (commented dns-nameserver on /etc/network/interfaces and added my nameservers on:
<weeb1e_> Ah right
<jak2000> this file /etc/resolvconf/resolv.conf.d/base
<z1haze> can someone tell me what might cause this issue with setting up a vm? http://pastebin.com/Rs1DnEqX
<jak2000> after added my nameserve i type:
<weeb1e_> kklimonda: The governer stuff has changed a bit, but performance is still what is supposed to work for "no scaling"
<jak2000> sudo resolvconf -u   but i try do: ping www.google.com and not answer
<TJ-> jak2000: The syntax error in the 'interfaces' was the "nameserver" line, which should be "dns-nameservers" - note the 's' on the end
<weeb1e_> digs: I didn't even read your question, I just saw you were using apache and felt I had to advise you to stop that
<jak2000> yes also i cahnged this and restarted the network service and continue cant ping to google :(
<weeb1e_> jak2000: You need to ifdown && ifup your interface
<weeb1e_> For that DNS change to take effect
<jak2000> ok
<zermanno> Hi, is it possible to install ubuntu server on a spare hard disk on a desktop and then move the hd to a headless server?
<TJ-> jak2000: does the system have a default route set that gets to the public Internet?
<jak2000> yes defautl gw: 192.168.0.254
<arrith> zermanno: that should work fine
<z1haze> will someone please help me with this error while trying to start a vm? http://pastebin.com/Rs1DnEqX
<jak2000> sudo ifdown eth0
<jak2000> ifdown: interface eth0 not configured
<zermanno> arrith, i mean without booting any install cd on the desktop
<arrith> zermanno: oh yes, look into installing debian over ssh
<sarnold> zermanno: check out debootstrap
<zermanno> ok thanks all
<weeb1e_> sarnold: It looks like even the userspace governer is ignored :(
<sarnold> z1haze: check 'dmesg' and 'lsmod | grep kvm' ..
<sarnold> weeb1e_: !!
<weeb1e_> I am starting to regret saying "no" earlier today, when I was asked if ubuntu 12.x should be installed rather
<z1haze> sarnold, sorry i dont understand
<sarnold> weeb1e_: I had expected that using the pstate thing kklimonda mentioned would have removed the old interfaces if they weren't going to be useful..
<sarnold> z1haze: try 'modprobe kvm' and see what happens
<z1haze> FATAL: Could not load /lib/modules/3.10.23-xxxx-std-ipv6-64/modules.dep: No such file or directory
<delinquentme> How often should I clean out the keys I've approved to server IPs which I'll probably never use again?? Per: Are you sure you want to continue connecting (yes/no)? yes // Warning: Permanently added '23.253.245.88' (ECDSA) to the list of known hosts.
<z1haze> sarnold: Could not load /lib/modules/3.10.23-xxxx-std-ipv6-64/modules.dep: No such file or directory
<sarnold> z1haze: aha :) go figure out why you don't have a kvm module :)
<z1haze> oh geez
<sarnold> .. or maybe a modules.dep? that might be easier -- try 'depmod -a'
<z1haze> i followed this! https://help.ubuntu.com/community/KVM/Installation
<weeb1e_> Well this is insanely annoying, after having nothing but problems with this new hardware, now I have to have nothing but problems with ubuntu too
<weeb1e_> I have no idea what my next step should be here
<kklimonda> z1haze: you are using a custom kernel, so this guide may not be enough
<z1haze> whats custom about it?
<z1haze> i just rented this machine from ovh
<kklimonda> well, ovh is going to load their own kernel by default
<kklimonda> although that error doesn't seem to be about kvm.ko missing, but modules.dep
<kklimonda> tbh I'm not sure what would happen if that file went missing
<z1haze> crap, i have no clue what im doing so im trying to follow these tutorials, they are already hard enough
<kklimonda> you can check permissions of /dev/kvm - maybe they are just too restrictive
<z1haze> its root:libvirtd
<weeb1e_> If anyone has any idea how I can completely disable ubuntus broken CPU governer and force a CPU frequency, please let me know
<z1haze> is that incorrect?
<kklimonda> and what are the permissions, and what groups is your user member of?
<z1haze> its running from root i guess
<kklimonda> ok, then permissions shouldn't matter
<z1haze> and its a member of root, kvm, and libvirtd
<kklimonda> weeb1e_: try disabling intel_pstate completely? maybe it is a cause after all
<weeb1e_> kklimonda: Won't that also disable Turbo?
<weeb1e_> I'm not sure how I would go about disabling it
<pmatulis> z1haze: what ubuntu release is this and what is the ouput of 'uname -a' ?
<weeb1e_> But if it disables turbo boost, then that is not an option
<weeb1e_> I need the CPUs to only ever scale up from their base frequency (turbo boost), and never below
<kklimonda> weeb1e_: good point, I'm not sure - try messing with intel_pstate config then? It has few settings you can tweak
<weeb1e_> I'll look for it now
<weeb1e_> kklimonda: `sudo find / -name intel_pstate` returns no results
<kklimonda> well, that's interesting - it should be in /sys/devices/system/cpu/ afair
<samba35> weeb1e_: which version of ubunut u r running
<weeb1e_> 14.04.1
<weeb1e_> Latest server LTS
<kklimonda> if it's not there, then you are not using the intel_pstate driver and the plot thickens
<weeb1e_> All I know is, the CPU scaling governer has always worked fine on other boxes without any changes. This box needed software cpu management enabled in the bios before the governer would load
<weeb1e_> But now I still have no idea what to try next, or why intel_pstate is not being used
<weeb1e_> I'll check if its used on another box
<patdk-wk> the bios always has to be set to software, or else the bios controls it
<z1haze> sorry i had to finish making lunch for my kids
<patdk-wk> atleast if your using a server
<z1haze> pmatulis: 3.10.23-xxxx-std-ipv6-64 #1 SMP Mon Dec 9 18:53:52 CET 2013 x86_64 x86_64 x86_64 GNU/Linux
<weeb1e_> kklimonda: It does not exist on a 11.10 box which has the performance governer set and working 100%
<weeb1e_> So that is probably not related to this issue
<kklimonda> weeb1e_: yeah, pstate is a pretty new driver
<pmatulis> z1haze: release? 'lsb_release -c'
<z1haze> precise
<pmatulis> z1haze: you may not have nested kvm.  this is a cloud instance?
<weeb1e_> patdk-wk: I understand that, but these are servers in data centers, in cities which I do not live, so I have no physical access and have never had bios settings changed other than hyperthreading disabled
<weeb1e_> So what I meant was, this is the first box where software cpu management was disabled by default
<z1haze> i probably installed in incorrectly
<sarnold> z1haze: could be ovh broke their kernels
<z1haze> i dont know what im doing.. dedicated server
<weeb1e_> kklimonda: Well it clearly isn't required to control CPU scaling, but I have no idea what is :(
<z1haze> 'bare metal' or what u call it
<z1haze> i guess my question is how much will someone charge me to fix it? i dont have a lot of money but i can pay some
<z1haze> this is day 3. and im no further than i was at the end of day 1
<weeb1e_> z1haze: Don't give up! Sometimes everything that can, does go wrong
<z1haze> i know that all too well
<sarnold> weeb1e_ :)
<weeb1e_> I am no further than I was a week ago
<z1haze> i wouldnt give up, i just dont really know what to do to progress. i dont know where to look or what research
<weeb1e_> Well ok, that is not quite true, I've solved plenty issues since a week ago
<weeb1e_> But the one issue I have still not solved, is this damn CPU scaling
<kklimonda> z1haze: well, i'd definitely start with changing the kernel to use stock ubuntu one
<sarnold> z1haze: heh, do you have a remote console access to the system? this looks useful: http://www.sysadminworld.com/2012/how-to-switch-to-the-standard-ubuntu-kernel-on-ovh/
<z1haze> can I do do that without losing all of my information on my server?
<kklimonda> (i've had some issues in the past where using custom kernel provided by the vps company was breaking stuff)
<sarnold> z1haze: .. but that's a step I'd only be comfortable making if there's remote console access
<weeb1e_> I'm just about ready to give up on ubuntu now, and get a technician to try disable software CPU management tomorrow, and force the max speed in the bios, if the bios even has such an ability
<kklimonda> z1haze: yeah, but it may take some reading and a cool head
<z1haze> but i mean ovh sells dedicated machines and vps al the time
<sarnold> weeb1e_: pleae don't forget that bug report before you do :)
<z1haze> how would they break it? its what people rent these for
<kklimonda> z1haze: ok, so what you have to do
<kklimonda> is figure out what's the cause
<z1haze> im willing to pay if someone can help me fix it
<kklimonda> virsh is a high level interface for interacting with kvm
<z1haze> i dont have that linux base knowledge though
<kklimonda> so you have to use a lower level tool to make sure that nothing else is messing up
<kklimonda> I'd definitely try using strace to figure out what's throing EPERM error
<z1haze> strace
<kklimonda> it probably won't work with virsh, because it's a client for a server
<weeb1e_> I'm also now very grateful that I have not upgraded any of my 10.x and 11.x ubuntu boxes, as organizing a technician with physical access to those would cost a lot more
<kklimonda> yeah, basically it's a tool that tells you what a program is trying to do, and it should show you what's throwing EPERM error
<patdk-wk> I haven't run any 10.x ubuntu's for a long time
<patdk-wk> over half my stuff is on 14.x now
<patdk-wk> I hven't had any issues with the cpu scaler
<weeb1e_> I'm unable to use perf on the 10.x box, because the newer apt repos I configured do not have a compatible linux-tools-common for 10.x
<weeb1e_> But that is still better than having a completely useless box
<patdk-wk> my laptop is suppost to last 6 hours, it's battery is 2years old, and on 12.04 I get 5hours out of it, and I just upgraded it like 2 weeks ago to 14.04, and still get 5hours form it
<kklimonda> well, 5 hours is pretty good
<kklimonda> I wonder how much will I get from my laptop when it arrives
<patdk-wk> I get 11hours now :)
<patdk-wk> I bought the extra battery pack for it :)
<weeb1e_> I'm now hesitant to continue installing and configuring software on this box
<weeb1e_> It is already the third time I've had to do so in the past week
<patdk-wk> hmm, I don't currently have ubuntu running anywhere, except on hardware I bought and setup
<weeb1e_> I assume the bios must have a feature to not scale the CPU when managing it itself, but considering the techies really struggled to find and disable hyperthreading and enable software CPU management, who knows how long that will take to get right
<weeb1e_> All my server hardware is either rented on contract (along with hosting), or sponsored
<kklimonda> patdk-wk: oh, 11 hours is sweet
<patdk-wk> it's heavy then though :(
<patdk-wk> weeble you know what model that server is?
<weeb1e_> patdk-wk: The CPU?
<weeb1e_> It's a Xeon E5540
<patdk-wk> no, the motherboard model number likely?
<patdk-wk> lshw hsould show it
<weeb1e_> I'll check, I just know it is a blade
<weeb1e_> patdk-wk: It's a PowerEdge M610
<patdk-wk> seems to be a common dell issue
<patdk-wk> maybe update it's bios :)
<patdk-wk> I know you can't do that though
<patdk-wk> I have had endless issues kindof like that with the dells I have
<ahmadgbg> Hi, Can i restart the server while it is creating a raid 6? will it continue after the restart?
<patdk-wk> sure, but hopefully you turn on bitmap support, or it could take awhile
<patdk-wk> https://raid.wiki.kernel.org/index.php/Write-intent_bitmap
<ahmadgbg> no idea :D.. but nothing breaks if i restart it?
<sarnold> patdk-wk: any thoughts about dell c2100? I found a vendor selling them for what feels cheap.. :)
<patdk-wk> shouldn't, not cause of mdadm itself
<patdk-wk> c2100's should be cheap :)
<patdk-wk> they old, but ok if you looking for that
<ahmadgbg> patdk-wk: is it too late to enable it now?
<patdk-wk> have you rebooted?
<ahmadgbg> no
<patdk-wk> then no
<ahmadgbg> so i use add this: "mdadm --grow --bitmap=internal /dev/mdX"
<patdk-wk> the c2100's are just too beefy for me
<patdk-wk> the c6220's are nicer for my vm's
<patdk-wk> oh, that is what I don't like about them
<patdk-wk> 2u server with very limited pcie slots
<weeb1e_> Interesting
<patdk-wk> if it had >2slots, I might have been in the running for the few 2u servers I have
<weeb1e_> I had no issues with my previous large dell box
<patdk-wk> I have a bunch of r410's
<weeb1e_> It has 2x CPUs each with 8 physical cores, and 128GB ram
<weeb1e_> *had
<patdk-wk> and every bios update on them, *changes things*
<sarnold> patdk-wk: ooh those look nice. but I'm not sure I'd benefit more from separate machines, hehe
<weeb1e_> The only issues I ever had, were due to a bugged linux kernel
<weeb1e_> Can't say I've ever updated ones bios though
<patdk-wk> sarnold,  Ifigure, 3 of them, 6 doing vm's, and 6 doing real servers :)
<ahmadgbg> patdk-wk, got an error, cannot add bitmap while array is resynicing...
<patdk-wk> ahmadgbg, :(
<patdk-wk> oh well
<patdk-wk> guess I will have to do a rescan then, after reboot
<jak2000> weeb1e_ any advice? about my name servers why not work? i add in /etc/network/interfaces the default dns name: 8.8.8.8 in dns-nameservers section
<weeb1e_> This box may just be temporary though, once the sponsorship has gone through all its corporate stuff and is official, I will hopefully get new higher end hardware
<weeb1e_> I'll definitely get multiple boxes
<weeb1e_> jak2000: Paste the line starting with dns-nameservers
<jak2000> dns-nameservers 8.8.8.8
<weeb1e_> jak2000: Did you ifdown eth0 && ifup eth0?
<weeb1e_> And can you ping 8.8.8.8
<jak2000> yes but i get an error
<weeb1e_> Well if you get an error, you need to fix the error first
<jak2000> sudo ifdown eth0
<jak2000> ifdown: interface eth0 not configured
<weeb1e_> You'll probably have to pastebin your whole /etc/network/interfaces file for someone to look at
<h1r3> hello. i have a problem with my server... i upgraded from 12.04. to 14.04. i get a forbidden 403 error on port 80 as well as (Error code: ssl_error_rx_record_too_long) on port 443. webmin works without problems... how can i solve this?
<patdk-wk> by reading the upgrade instructions!
<jak2000> http://pastie.org/9445212
<patdk-wk> !releasenotes
<ubottu> Ubuntu 14.04 (Trusty Thar) release notes can be found here: https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes
<jak2000> weeb1e_ can you see this paste?
<sarnold> jak2000: why did you comment out the network and the broadcast?
<jak2000> anyone here try help me, and tell me comment these 2 lines
 * jak2000 uncommenting and restart network sevices..
<weeb1e_> I don't see anything specific wrong with that file, other than maybe the commented out lines
<weeb1e_> It's rather weird seeing "iface lo inet loopback" after "auto eth0", but since sarnold didn't say anything about that, I assume order does not matter
<h1r3> patdk-wk did you mean me? i need more specific informations. it seems taht it has to do with permissions, but i am clueless...
<sarnold> h1r3: apache 2.4 changed access controls and authentication and authorization compared against 2.2: http://httpd.apache.org/docs/current/howto/access.html
<jak2000> ping 8.8.8.8
<jak2000> connect: Network is unreachable
<h1r3> sarnold thank you for the link, however i still don't understand... how can i solve this issue?
<jak2000> ping 8.8.8.8
<jak2000> connect: Network is unreachable
<sarnold> h1r3: you need to understand your old rules well enough to know what they do; you need to understand the new syntax well enough to translate your old rules to the new rules.
<h1r3> sarnold what rules? where do i find them and how am i supposed to change them?
<sarnold> h1r3: /etc/apache2/* and .htaccess files; use vi or emacs or whatever you like
<patdk-wk> sarnold, you need to hold his hand and tell him line by line what to do :)
<sarnold> patdk-wk: hehe, if only there were 48 hours in each day... :)
<patdk-wk> that would be 48 more poeple you could help per day?
<sarnold> patdk-wk: or at least the one :)
<sarnold> patdk-wk: plus it'd give me a few more hours to beg help from you, hehe :)
<h1r3> sarnold thank you, but i am still lost... i don't know what i have to change...
<weeb1e_> $ sudo modprobe -r acpi_cpufreq
<weeb1e_> modprobe: FATAL: Module acpi_cpufreq is builtin.
<weeb1e_> :(
<zartoosh> hi I got some corruption on my ubuntu 14.04 /etc/fstab file. I can boot to recovery mode and drop to shell as root, but I am not able to modify /etc/fstab since it is read only. How could I edit the /etc/fstab and recover? thx
<jak2000> sarnold any advice?
<sarnold> zartoosh: mount / -orw,remount
<sarnold> jak2000: sorry, no idea
<zartoosh> sarnold, thank you
<jak2000> ok, thx
<lordievader> jak2000: Have you fixed your network settings?
<hallyn> rbasak: probably a silly question, but, any plans for uvt-kvm to support debian releases?
<lordievader> jak2000: In case you've missed my message: Have you fixed your network settings?
<sarnold> lordievader: he might have thought he did? he commented out a few lines on the advice of one person and then uncommented them on the advice of other people :)
<zartoosh> hi on ubuntu 14.04 installation, I do not see any network interface. How could I start dhclient to get IP address and openssh-server to ssh into it? thx
<zartoosh> I figureed it out, thanks
<lordievader> sarnold: Last time he was here he tried to apply 127.0.0.1 on a 192.168.0.0 network, I told him how to fix that, wanted to know if it solved the problem.
<sarnold> lordievader: ah, I wonder if that's why he can't ifdown the eth0..
<lordievader> sarnold: It was the error then with ifup "Network can not be reached".
<sarnold> lordievader: aha :)
<sarnold> probably a reboot would fix it right up
<sarnold> maybe ifconfig eth0 down ; ifup eth0  might do it too
<lordievader> Not if the settings are incorrect ;) recommended him to pull the settings from a dhcp session.
<zartoosh> hi I see  /sys/firmware/efi/efivars/Boot000x-xxxx files, I know they are related to UEFI Does ubuntu have any document to describe these files? thx
<sarnold> lordievader: his interfaces looks much better now :) hehe
<asdsd> I have gdm installed on a server for some admin tasks, now how the f&)( do I prevent it from autostarting=?
<z1haze> anyone ever set up vps before and will help me?
<TJ-> zartoosh: The efivars are what the UEFI firmware stores in its NVRAM; the UEFI specification details how that works
<zartoosh> TJ- so those entries correspond to bios boot options?
<TJ-> zartoosh: correct
<TJ-> They are the EFI's environment variables
<TJ-> "efibootmgr" allows you to manage them
<rbasak> hallyn: I'd like it to. The first step would be for somewhere to publish Debian cloud images that use cloud-init, with image metadata available via simplestreams.
<hallyn> rbasak: have you looked into whether any do that?  I know there ar edebian cloud images, author was looking for a place to host them a week or two agao
<rbasak> hallyn: no, I haven't looked at all yet.
<hallyn> ok
<asdsd> TJ-: i found out why my lenovo was ignoring grub
<TJ-> asdsd: Was it fixable?
<asdsd> TJ-: yes
<asdsd> TJ-: lenovo UEFI/BIOS has no granular efi boot settings
<zartoosh> TJ- it seems the name of Boot000x-  keep changing I am not sure how to manage that in automated way in the field? any idea?
<TJ-> asdsd: Typical - a manufacturer that can't avoid removing core functionality!
<asdsd> TJ-: resetting bios to "os optimized defaults" and disabling intel rapid start made windows boot manager appear as its own efi boot option
<asdsd> TJ-: and reinstalling ubuntu/grub added grub to the efi boot list
<TJ-> asdsd: Ahh... "rapid boot" is know to cause issues
<asdsd> TJ-: they have hid that option away really well
<asdsd> TJ-: any chance you now how to retard GDM at boot?
<asdsd> they are discussing ponies or something in #ubuntu, noone seems to know
<TJ-> asdsd: I just posted the solution in #ubuntu, I was looking up some other bits so was delayed in replying
<asdsd> alright, ill try
<asdsd> but why Upstart? it is abandonware
<asdsd> and now cano is going to support it for five years? wohoo
<z1haze> can anyone tell me if this will cause to lose all of my data? http://www.sysadminworld.com/2012/how-to-switch-to-the-standard-ubuntu-kernel-on-ovh/
<z1haze> how can i backup from my server to a backup ftp server?
<arrrghhh> z1haze, I suppose with rsync would be best?
<z1haze> can you give me a link or provide an example? i see so many ways to use rsync
<arrrghhh> er wait nvm.
<zartoosh> hi I am using ubuntu 14.04, how can I configure the login page? thx
<arrrghhh> I'm derp... rsync works with sftp.  not plain ftp...
<arrrghhh> zartoosh, you're on the -server edition?  what do you mean "configure" the login page?
<z1haze> well i have a serve through ovh, and i have an ftp backup server
<arrrghhh> z1haze, is the only option ftp?
<z1haze> i just dont know how to backup from my server to the backup
<z1haze> im not sure, i just know the its called FTP server: ftpback-bhs1-32.ip-198-100-151.net
<arrrghhh> well you could automate it with cron/bash scripts... but ftp is not reliable
<arrrghhh> and rsync would ensure the backups are sent/received properly
<z1haze> how would it work to use rsync
<z1haze> can you like show me an example
<z1haze> or what flags to use
<arrrghhh> with ftp... not only is it transmitted in plain text, but it's not secure and you can't ensure it got there properly
<arrrghhh> z1haze, you can't use ftp, that's what I'm saying.  can you use sftp?
<z1haze> i have to use it from my server it was it says
<z1haze> like i login via ssh
<z1haze> and somehow back up from there
<zartoosh> arrrghhh, yes I know, I have two partition, one I have installed the official ubuntu 14.04 and the other partion I have used debootstrap to install ubuntu 14.04. the both partition have the same configuration and pkgs, but their login page is different. thx
<arrrghhh> zartoosh, I don't know what you mean, it's a -server.  there's really no login page other than a text prompt to login?
<arrrghhh> z1haze, if you can use ssh/sftp that would be best.
<arrrghhh> because then you can use rsync ;)
<z1haze> alright, well how might i do this
<arrrghhh> I just googled and found this
<arrrghhh> http://www.mikerubel.org/computers/rsync_snapshots/
<arrrghhh> or this
<arrrghhh> http://www.thegeekstuff.com/2010/09/rsync-command-examples/
<arrrghhh> it really depends on your setup, preferences, etc.
<arrrghhh> I can't just make up commands off the top of my head without knowing your setup...  gotta do a little legwork my friend ;)
<z1haze> it doesnt show how to connect to the other server tho i mean
<arrrghhh> Example 4. Synchronize Files From Local to Remote
<arrrghhh> it doesn't?
<z1haze> oh i was looking at example number 1
<arrrghhh> ya that's just a local server
<arrrghhh> you can use rsync in a ton of different ways
<z1haze> im not doing it right, damnit
<z1haze> i tried rsync -avz /home/ ftpback-bhs1-32.ip-198-100-151.net:/backups/
<phuh> Is Haproxy better than Nginx for reverse proxying and load balancing
<phuh> ?
<z1haze> if i want to change the kernel on my ovh server to the standard ubuntu kernel rather than their modifed one.. will it erase all my data? home /home?
<R0ckET_> hi
<R0ckET_> I have ubuntu server on amazon, this is not me recording the login log in auth.log, any idea where this is set?
<z1haze> i called my host they told me if i change the kernel version from their custom one to a standard one, i would have to reinstall, but someone here earlier told me i wouldnt lose any data?
<rbasak> z1haze: in theory you wouldn't lose your data. But I can't speak for the customisations they have done. They're the only experts here, not this channel.
<z1haze> they dont seem like experts to me, they dont offer ANY support
<rbasak> z1haze: if something doesn't go to plan though, then you're likely to not be able to get to your data until that's fixed.
<rbasak> z1haze: only they can be the experts in their own customisations that others don't know about.
<rbasak> z1haze: perhaps consider a different host, then? Try an Ubuntu certified one if you can find one.
<rbasak> Then you know they're doing standard things, such as shipping a standard kernel.
<Patrickdk> what is it your paying for?
<Patrickdk> if it's a real vm, it should be simple
<Patrickdk> if it's a vps, well, probably not possible
<TJ-> It's a dedi I think, at OVH
<Patrickdk> then just install any kernel you want
<TJ-> From what I've seen of z1haze's questions over the past few days on various channels, the aim is to install and operate several VMs on bare-metal with network routing, but with no experience of managing a server
<Patrickdk> what is network routing?
<TJ-> Patrickdk: there seemed to be a problem routing an additional IP address allocated by the Service Provider, into a VM. Basically, I think z1haze is out of their depth. I recommended playing around on local systems first to become familiar with the whole scenario of networking, bridges, VM management, and so on
<Patrickdk> :)
<teward> i think i found a bug in php5-fpm on 12.04...
#ubuntu-server 2014-08-05
<teward> i think the php5 changes that changed the chmod permissions for php5-fpm's socket/listener introduced a regression for some webserver compatibility - it runs as root:root instead of www-data:www-data, and without the 0666 permissions it breaks with nginx's default php5-fpm + nginx configuration file setup...
<teward> while it fixed a CVE, I think it might've introduced future issues...
<teward> ... should I be poking the security team on this or just file a new bug?
<teward> (this currently affects Precise, I have not tested later versions yet, as i'm still re-spinning my VMs)
<rbasak> teward: that rings a bell. Might be worth checking if there's a bug for that already.
<teward> rbasak, i didn't see one when i looked, but I'm testing Trusty right now
<teward> working on spinning up a Utopic VM to test and preempt the issue
<teward> rbasak, I found a solution, and it's literally a two-line change
<teward> which just forces php5-fpm to listen as www-data instead of root
<teward> (leaving 0660 as the perms)
<teward> works on my production server on Precise, gonna test shortly on Trusty
<teward> assuming the VM ever turns on >.<
<rbasak> teward: as long as the change doesn't introduce a regression in itself. That's always the worry :)
<teward> rbasak, exactly why i wouldn't mind looping the sec team on the consideration for the patch
<teward> noting, of course, the php5-fpm change that WAS made kinda introduced a regression into out-of-the-box usage for nginx at the very least...
<teward> rbasak, if Marc were around I'd poke them on this but meh
<teward> rbasak, i also don't immediately see any bug(s) on this on Launchpad
<rbasak> teward: I recall some kind of claimed regression in this area. It might be unrelated, or resolved.
<rbasak> teward: or I might be getting mixed up with something else.
<sarnold> I seem to remember there was a regression bug that got a second update..
<sarnold> teward,rbasak http://www.ubuntu.com/usn/usn-2254-2/
<teward> sarnold, if that's the case it didn't fix it in Precise
<teward> maybe Trusty but not Precise
<teward> sarnold, looks like it works in Trusty
<delinquentme> Im configuring a number of ubuntu servers to do number crunching ... and each of the nodes are using SSH to share resources ... is there some explicit reason to NOT use a single public key between all of the compute nodes??
<Sachiru> @delinquent: Are the nodes public (i.e. internet) facing or not?
<z1haze> heh, so TJ- just watched me the last few days in the various channels, enjoyed watching me sweat huh?
<z1haze> hope its been entertaining
<TJ-> z1haze: No, it's quite painful actually. As I advised, you need to spend some time learning the underlying concepts and command configurations or else you'll end up with something less than 100% correct or secure. These are complex issues, they take many months or years for professionals to master.
<z1haze> right which is why i obviusly am not going to be able to sit and read a ocuple pages and do it on my own
<z1haze> i was here i offered to pay sometone to do it with me
<teward> rbasak, sarnold:  since this isn't a security bug i'm not going to keep bugging you two on this issue in -hardened, but this is the bug for the observed issue in Precise:  https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1352617
<uvirtbot> Launchpad bug 1352617 in php5 "php5-fpm UNIX sockets do not listen as www-data:www-data, cause 502s with webservers trying to use socket" [Undecided,New]
<sarnold> teward: nice bug, thanks
<teward> sarnold, note I referenced the regression bug which prompted the second update on that bug, to make a note the bug is similar.  I'm not sure how you solved that in Trusty and don't have time to dissect the diffs, but my posted solution in the bug appears to force the socket to be made with www-data:www-data
<teward> s/on that bug/that USN/
<teward> sarnold, and you're welcome, I tried to be as detailed with the bug as I could without putting in unnecessary details :P
<sarnold> teward: heh yes, it's a tough balance isn't it? :) a good report is hard to write..
<teward> sarnold, indeed, and having done a bunch of SRUs, I'm pretty sure that, at least in this case, I know how to write a decent report :)
<teward> and of course with nobody for me to pay attention to today, I'm bored and don't mind doing bug hunting todayl
<sarnold> oh ho ho ho! :D
<teward> that, and this affected a production server, so bleh
<teward> sarnold, i'd make a diff, but at the moment I'm stuck on [CENSORED] [CENSORED] [CENSORED] Micro[CENSORED]t right now
<teward> sarnold, you can't approve series nominations can you?
<sarnold> teward: nope :/
<teward> meh
<teward> sarnold, i'll go make a debdiff either way
<teward> but meh
<teward> sarnold: question, do you know how to force quilt to put patches into debian/patches and refer to debian/patches instead of putting it in the source dir (and not the debian/ dir)
<teward> probably some devscripts syntax, but I dunno...
<sarnold> teward: I've got an alias 'dq' that helps with that: alias dq='export QUILT_PATCHES=debian/patches'
<teward> sarnold: should this be a security fix, or just a standard update...?  trying to figure where i should target my debdiff's changelog entry
<sarnold> teward: did this update break it? http://www.ubuntu.com/usn/usn-2254-1/
<teward> sarnold: got a diff for that update?
<teward> (it looks like it might've broken it because 5.3.10-1ubuntu3.12 was the version that changed the chmod permissions)
<teward> sarnold: there seems to be additional fixes in there though somewhere
<teward> because you have to FORCE php5-fpm to make the socket as www-data:www-data now in precise
<sarnold> teward: 346k :/  https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.12
<teward> whereas it works ootb in trusty
<teward> sarnold: yep that broke it
<teward> sarnold: i think it got missed in the regression fix due to Precise *not* having a socket created by default
<teward> (it listens by IP)
<teward> as i mentioned in the bug it's a custom FPM configuration case, but it's still going to create the socket as root:root with 0660
<sarnold> teward: ahhhh. that makes sense.
<teward> sarnold: there seems to have been some changes made or something to FIX that in trusty and others, but I don't know which changes fixed that issue
<teward> or whether it was fixed separately
<teward> sarnold: the workaround I do is basically this, but after the package is built:  http://paste.ubuntu.com/7957082/
<teward> since that's populated by www-data in Ubuntu right now, I'm not sure if this introduces any additional security issues
<teward> sarnold: but yes, that USN-2254-1 fix (5.3.19-1ubuntu3.12) introduced the issue.
<Sierra> Is there any need to reboot an ubuntu server after running an apt-get upgrade?
<Sierra> It never seems to prompt for a reboot, but ubuntu desktop seems to always want to reboot after updating
<teward> Sierra: at kernel updates, maybe.
<z1haze> im confused.. so i mounted my ftp backup server with nfs and backed up all my stuff on it.. and with i check the usage of my ftp server its a 0mb..
<z1haze> what would someone recommend to be able to use my dedicated server as 'normal' and also be able to created vps' on it? would you recommend proxmox? or is that like solely for use of vm's
<monokrome> Hey. Does anyone know why this has no results?    $ sudo virsh list --all
<monokrome> I installed libvirt-bin, and maas has downloaded 12 images.
<liquid-silence> hi all, looking to migrate our email from google to a VPS, imap and pop3 including smtp with multiple domains
<liquid-silence> anyone can suggest the packages I might require?
<liquid-silence> I am thinking postfix + dovecot + postgresql
<liquid-silence> but not sure yet (not really wanting the database dependency)
<liquid-silence> We need virtual domains
<liquid-silence> and virtual users
<Abhijit> !email
<Abhijit> :-(
<rbasak> teward: what was the ownership of the socket before the listen directive was customised, OOI?
<liquid-silence> gah I hate dovecot
<liquid-silence> ffs
<ashd> alice help
<weeb1e_> Has anyone ever successfully disabled power saving (CPU scaling) in a Dell PowerEdge bios?
<weeb1e_> I am being driven insane
<weeb1e_> Ubuntu was unable to stop CPU scaling even with software in full control of CPU managment, which I assumed to be an Ubuntu 14.04 bug
<weeb1e_> But now after trying everything imaginable, the technician has been unable to stop the CPU from scaling with software control disabled in the bios
<weeb1e_> System Profile is set to Max Performance and C States + C1E are disabled
<ogra_> just keep it on and force the performance governor (if you really want to waste power)
<weeb1e_> Yet the CPUs cores still enter C6 state and scale down
<weeb1e_> ogra_: That did not work, I tried for over a day
<ogra_> how did you try ?
<weeb1e_> Unlike every other one of my boxes, the performance governer, and even userspace governer had no effect
<weeb1e_> So now we are trying to use the bios to disable scaling, and that does not work either
<ogra_> what did you do to enforce its usage ?
<weeb1e_> ogra_: I used cpufrequtils and also /proc directly
<weeb1e_> Nothing worked
<cfhowlett> !flash
<ubottu> To install Flash see https://help.ubuntu.com/community/RestrictedFormats/Flash - See also  !Restricted and !Gnash
<weeb1e_> I had a few knowledgable people in here try and help too, with no success ogra_
<weeb1e_> Which is why I'm really hoping someone knows how to force no scaling from the bios
<ogra_> weeb1e_, well, make sure to "mv /etc/rc2.d/S99ondemand /etc/rc2.d/K99ondemand" to make sure the system does not forcefully load ondemand 1min after boot
<weeb1e_> ogra_: Using cpufreq-set, I was able to set each cores governer to performance or userspace, and cpufreq-info said the cores were at max frequency
<weeb1e_> Yet they continue to scale down to 1.6ghz
<weeb1e_> The same happens with software cpu control, C States and C1E disabled in the bios
<weeb1e_> So if both software and hardware based control cannot disable scaling, how the hell can it be disabled
<weeb1e_> The technician who has physical access is going to run out of time soon
<ogra_> heh, ask dell i guess :)
<weeb1e_> This has been going on for over a week now
<ogra_> you surely can hack around it somehow by forcing the min frequency up etc
<weeb1e_> How?
<weeb1e_> The bios apparently has no such option
<ogra_> same way you set the governor in /proc
<weeb1e_> and the userspace governer with a frequency had no effect
<ogra_> there are other proc nodes next to it
<weeb1e_> ogra_: That is the userspace governer
<weeb1e_> Which like I said, does not work any more than performance with software control enabled in the bios
<weeb1e_> It thinks it is working
<weeb1e_> But it has zero effect
<ogra_> cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_min_freq
<weeb1e_> I use the performance governer on all my other boxes
<ogra_> you should be able to set it there
<ogra_> (note this is super hackish but might work)
<weeb1e_> I doubt it'll work, considering the userspace governer didn't
<weeb1e_> But I'll try once I get the techie to enable software control in the bios again
<weeb1e_> They are going to phone dell now
 * ogra_ never used the userspace governor, so i cant tell 
<weeb1e_> Based on your advice
<ogra_> yeah, sounds very HW or BIOS/UEFI specific
<weeb1e_> Ok, they are going to enable software control and boot it up before phoning
<weeb1e_> So I'll try setting scaling itself
<ogra_> right ...
<ogra_> you should definitely talk to #ubuntu-kernel too ...
<weeb1e_> Alright, thanks
<weeb1e_> ogra_: Setting core 0's scaling value to 2.49ghz instead of 1.59 has no effect and all cores still scale down to 1.59
<ogra_> sounds like a bug (in either HW or SW)
<weeb1e_> Well considering hardware control is also bugged
<weeb1e_> It seems like hardware
<weeb1e_> Lets hope something comes out of phoning Dell
<weeb1e_> Because I'm now out of ideas
<weeb1e_> So dell is useless. Apparently they need to log a call to the warranty department so that they can send someone out to look at it
<weeb1e_> They cannot help at all over the phone
<weeb1e_> I recommended trying a BIOS update
<weeb1e_> Since I have literally no other ideas now
<weeb1e_> The company which spends around 100 million a year with dell is going to consider moving to HP based on their response to that phone call
<weeb1e_> ogra_: I found a software solution!
<weeb1e_> "To dynamically control C-states, open the file /dev/cpu_dma_latency and write the maximum allowable latency to it. This will prevent C-states with transition latencies higher than the specified value from being used, as long as the file /dev/cpu_dma_latency is kept open. Writing a maximum allowable latency of 0 will keep the processors in C0"
<ogra_> awesome
<weeb1e_> ogra_: It only applies to the second socket
<weeb1e_> So only half a solution
<Lunario> Is there a way to run a webbrowser or some other program on ubuntu server but view it on another pc? kinda like teamviewer or vnc but faster?
<weeb1e_> Nevermind, forcing c state 0 effectively disables Turbo Boost
<weeb1e_> Which means it is not a viable option
<peetaur2> Lunario: X11 forwarding
<peetaur2> Lunario: ssh -X user@host, then run some command
<Lunario> great, will check it out, thanks!
<weeb1e_> ogra_: So the final solution is to compromise by writing about 80 to that file and keeping the file open forever
<weeb1e_> That will limit the C states to between C0 and C3, stop scaling under minimal load and allow turbo to function correctly
<weeb1e_> I will just need to build a custom service which will keep that file open at all times
<toyotapie> Can I debootstrap a 64-bit OS from a 32-bit installation or visa versa?
<toyotapie> vice versa*
<rbasak> Vice versa only I thikn.
<rbasak> Though you might be able to use qemu-user-static or something to debootstrap 64 bit from 32. I'm not sure.
<rbasak> You might just want to use Ubuntu Core images instead.
<rbasak> They're pretty much a tarballed debootstrap.
<toyotapie> Nice, with or without kernel ?
<toyotapie> and grub*
<toyotapie> either way, I am downloading it now
<rbasak> toyotapie: no kernel or bootloader IIRC. You can install those yourself though, either in a chroot (on a 64-bit host for 32-bit system).
<rbasak> toyotapie: or by getting the debs and booting the system manually to get started.
<frobware> I have access to an APM Mustang board and wanted to know if it is possible to configure eth1 and eth2; eth0 seems to be detected fine.
<^Lestat> make: no tagert specified http://pastebin.com/vFD0FNqg
<^Lestat> what am I doing wrong?
<lordievader> ^Lestat: What are you trying to build? Have you configured it?
<foolhardy> I have an ubuntu 12.04 server vm and I'm finding that the nightly suspend (for backups) causes the clock to be off, making it slower and slower by each  night. How do I go about telling ubuntu to pull time daily from NTP?
<^Lestat> i typed ./configure
<^Lestat> Im trying to install pdflib
<^Lestat> following this http://linuxhelp-kavanathai.blogspot.com/2011/08/how-to-install-pdflib-lite-pdflib-on.html
<lordievader> ^Lestat: And it completed without error?
<^Lestat> I get all the way to step 9
<^Lestat> thus far yes
<^Lestat> just trying to get a local install on my dev box so Im not push/pulling all day
<^Lestat> I dont even understand what phpize does.
<Pici> A 2011 tutorial on how to install a library from source aimed at Centos installs?
<^Lestat> ah crap. I didnt even read that it was centos
<lordievader> ^Lestat: Could you pastebin the output of your last ./configure?
<^Lestat> sure...
<^Lestat> ohhh. ok I feel foolish
<^Lestat> http://pastebin.com/MMgp4RXw
<^Lestat> yea there are errors
<^Lestat> I dunno anything about makes
<Pici> There is php-fpdf (which appears to be a free alternative to pdflib) in the repositories, if you aren't tied to pdflib
<sbalneav> Hello all.  I'm getting bitten by https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1352876
<uvirtbot> Launchpad bug 1352876 in apt ""apt-get update" crashes" [Undecided,New]
<sbalneav> Looks like the latest glib has some problems, I'm down hard on several of my servers.  Anybody know of any fixes?
<^Lestat> Im using pdfib in my production server. So I'd rather not change my codebase on my local dev?
<lordievader> ^Lestat: ;) Fixing the errors will probably solve your problem.
<^Lestat> no idea how/where
<^Lestat> Im not a server dude.
<^Lestat> and that is for centOS not ubuntu
<lordievader> ^Lestat: Have you installed build-essential? Source code is source code, CentOS code should work here too. Unless the code is very specific... but then it is bad code.
<^Lestat> installing... ;-)
<sbalneav> I have updated the bug.  Looks like ubuntu has buggered up libc6 2.11.1-0ubuntu7.14
<^Lestat> ok that changed everything
<^Lestat> now how was a noob supposed to know that?
<sbalneav> If you back down to the 2.11.1-0ubuntu7.13 version of libc6 and libc-bin, it fixes the problem.
<lordievader> ^Lestat: The error tells you ;)
<^Lestat> That-> ? configure: error: in `/home/vagrant/Downloads/pdflib-3.0.4': configure: error: C++ preprocessor "/lib/cpp" fails sanity check
<lordievader> Yes.
 * ^Lestat scratches head
<lordievader> ^Lestat: Now if you had build-essential installed, that would've been interesting ;)
<^Lestat> heh now I messed up my php
<msx> hello everyone, do you know where i can find the script that produce this output? http://i.imgur.com/WNGS9nC.png   I already tried the usual places like /etc/issue, /etc/issue.net, /etc/sshd/, hushlogin, etc. to no avail :S
<msx> *produces
<msx> xD
<msx> oops wrong # sorry
<pmatulis> msx: seems server-related no?
<msx> pmatulis: hi, well, it is the standard ubuntu server notice when you login via a tty
<pmatulis> answer: update-notifier-common and landscape-common packages.  you can safely remove them
<msx> pmatulis: believe it or not i can't find it anywhere
<msx> okay, but i don't want to remove it, just modify it. Now i know it is related to the landscape suite i know where to look
<msx> pmatulis: tnx!
<pmatulis> msx: good deal
<msx> ahh, nice, it's a python script i see
<pmatulis> msx: it will be in danger of being overwritten during a package update
<Tzunamii> You can always flag it to be ignored, if you want
<pmatulis> true
<^Lestat> unreal
<^Lestat> the php manual had everything i needed, in someones comment
<^Lestat> But just looking at those command line instances looks daunting to a noob
<^Lestat> Anyone recall being a noob?
<msx> pmatulis: Tzunamii: yes, tnx :)
<csst0111> I'm using crontab to run a python script. This script is in  /home/user/foo/bar/script.py  and creates some files. When the cron job runs the files from the output are created in the /home/user and not /home/user/foo/bar
<csst0111> Is there something I can add to the crontab or I should change the script so it can create the files in the desired destination ?
<rbasak> csst0111: you could prefix the crontab command with "cd foo/bar &&"
<rbasak> csst0111: or have your python script change the pwd
<rbasak> csst0111: import os; os.chdir("...")
<csst0111> rbasak, oh yes the first one is great!!
<csst0111> thank you!
<rbasak> Yeah that keeps your script nice and generic
<rbasak> No problem
<Tzunamii> You really should let cron be and do it in the script
<rbasak> Tzunamii: but then the script ends up with the directory hardcoded. Move the script and it breaks or produces unusual behaviour.
<rbasak> Tzunamii: better to define the script as producing the output in the current directory.
<rbasak> Tzunamii: and then make sure it is called with the current directory correct. As an example, GNU make does exactly this.
<lordievader> ^Lestat: Sure we do, I remember my first time installing an nvidia driver like it was yesterday.
<rbasak> (as well as provide a -C option for convenience)
<^Lestat> I feellike a total moron. I don't even know the right terms to use.
<Tzunamii> The script is where everything should be at. In 6 months when he wants to do changes he will have forgot where that output fix were.
<lordievader> ^Lestat: As long as the other person understands what you are talking about, who cares.
<rbasak> Tzunamii: hardcoding path locations into scripts is usually a bad idea.
<rbasak> It generally ties the script to a particular path and thus a particular machine.
<rbasak> Makes it really inflexible to deploy, develop and test.
<Tzunamii> Depends on what kind of script it is. Usually scripts worth mentioning has a parameter where you set the script
<Tzunamii> If he wants to do your solution he really should comment the script with where the output solution is at
<rbasak> The output will be at "."
<^Lestat> well, I don't want ppl to think Im lazy either
<Tzunamii> rbasak: I think you're missing the point. Never spread out things when you don't have to. In order to have everything in the script you add the line:  BASEDIR=$(dirname $(readlink -f $0))   in the script and the script know where to cd to/use as it's basedir
<Tzunamii> That way the script can be moved around and/or used in cron and it always will know it's basedir
<Tzunamii> Sorry for the late reply. I'm working atm
<rbasak> Tzunamii: that still stops you testing the script with a different set of input and output files.
<rbasak> (without further support to override in the script)
<rbasak> I'm in favour of doing things the Unix way. Less surprise then.
<rbasak> Unix commands generally act on the current working directory.
<rbasak> The caller gets to decide that.
<Tzunamii> rbasak: So you're saying adding commands outside a scripted environment in cron is the solution?
<rbasak> It makes sense to separate the script from the data it operates on, just like any other command.
<Tzunamii> No, it doesn't
<rbasak> That makes testing and deployment easier.
<rbasak> It's consistent with everything else on the system.
<Tzunamii> I'm not going to argue coding practices here in this channel
<vedic> What is the fastest way of sending small size files to another server? For security I am looking to setup VPN between machines and transfer files on that
<vedic> small size means about 50kb to 100 kb each file
<lordievader> vedic: rsync + ssh?
<vedic> And if possible, I would prefer to automate it. i.e. as soon as the file comes to a directory, it should get transferred to another machine without waiting
<rbasak> tar + ssh might be slightly faster the first time.
<vedic> rbasak: You do you think tar is required as size is less than 100kb
<rbasak> tar doesn't have anything to do with size
<vedic> lordievader: I guess rsync first spends some time in calculating checksum etc
<RoyK> rbasak: not lot
<RoyK> vedic: vedic not if the files have the same size/timestamp
<rbasak> rsync introduces some more latency, since the file list has to be sent across first, etc.
<RoyK> rbasak: with ssh compression, that's not a lot
<lordievader> vedic: True, however it only send over new/changed stuff. And it can compress things.
<RoyK> vedic: unionfs, perhaps?
<RoyK> erm - not unionfs
<rbasak> RoyK: compression doesn't help latency
<RoyK> my bad
<RoyK> rbasak: obviously, but that depends on your original latency
<vedic> RoyK, rbasak: Files are not coming to machine 1 very quickly. Something like 100 files per minutes but they should get moved (not copied) to machine 2 as soon as possible
<rbasak> If there were a large pile of small files for a one-off transfer, I'd use tar over ssh. It'd be noticeably faster because there wouldn't be an initial delay while the disk seeks to find the entire file list to send over.
<RoyK> vedic: unison is what I meant
<rbasak> That's why I said tar initially.
<rbasak> But if it's a regular thing, you probably want rsync.
<vedic> rbasak: Its regular and all files are different for sure. The files moved before will never come again in the machine 1. They will remain on machine 2 so partial content transfer is not the case.
<RoyK> vedic: or perhaps FreeFileSync
<RoyK> vedic: even if they are changed on machine 1?
<RoyK> zfs send/receive :D - but that implies zfs :P
<vedic> RoyK: On machine 1, a file stays only till it is not moved and I am looking to move asap. File comes to Machine 1 because user is uploading via API or Web form. But they are processed on Machine 2
<RoyK> vedic: I'd write a little daemon using inotify to grab a file once it's uploaded and closed, send it over and remove the original
<RoyK> shouldn't be too hard in perl/python/whatever
<vedic> RoyK: I see
<rbasak> I'd consider re-engineering a little.
<rbasak> Rather than using files themselves, maybe use git-annex or something like that to better manage files between multiple machines.
<rbasak> It will track what machine has what, and handles sync on demand.
<vedic> I use Python so yea, that can be done. I was just thinking if there is something already ready to do such thing as a service
<rbasak> I hear that it has an automatic sync feature now, too.
<RoyK> no reason to setup mass synchronisation if you only want to move a file whenever it lands on your computer - inotify is quite simple
<rbasak> Then you don't get yourself into an odd state in failure caes.
<rbasak> cases
<RoyK> rbasak: seems like overkill to me, really. use inotify on the directory, wait for an incoming file, wait for it to close, rsync it over to the other machine and unlink it
<rbasak> RoyK: that's fine for the simple common case, yes.
<rbasak> RoyK: if there's a larger deployment that depends on it, then it's a maintenance nightmare.
<vedic> rbasak, RoyK: It see max 100 files coming per minutes on Machine 1
<RoyK> rbasak: well, he didn't say anything about deployment size other than that it's two machines
<rbasak> Suddenly what file exists where becomes part of your deployment state.
<rbasak> By larger deployment I probably should have said a complex deployment
<rbasak> A web app on one machine that sends files to another to be processed is complex, in my book.
<RoyK> vedic: ouch - what sort of files are these? what are you going to do with identical filenames?
<RoyK> vedic: you could use unison, though
<vedic> RoyK: File names are UUID so I don't think it can be identical. These are small music samples that I need to signal process and send the reply back to the user asap.
<RoyK> vedic: then I suppose something like the webapp receiving the file could use http post (or something) to the receiving server and get the answer quickly. shouldn't be much on an overhead if it's on a LAN, and it should be easy to make it quick
<rbasak> +1
<vedic> RoyK, rbasak: What if I setup TCP/IP server and client. When ever file lends on Machine 1, Machine 1's client connects to server and send the file to machine 2. Or connection is not terminated but the server is just waiting to get next file from the client?
<rbasak> Or stick them in a message queue, though admittedly that is one more component to manage in the deployment.
<RoyK> vedic: didn't you say the file was received by a webapp on server 1? if so, it should be simple to do the magic from there with a webservice on server 2
<vedic> RoyK: yea, Machine 1 is a web server where file comes. It can come via API or via Web form upload. Machine 2 is the place where I process these files. So I can run a TCP/IP server on Machine 2 which is waiting to listen from Machine 1. So machine 1 is actually will run Web server to get file from the user and a TCP/IP client to send it to Machine 2
<vedic> Roy:, rbasak: Do you think I am just repeating what the tools already provide? or it is just not a good solution
<RoyK> vedic: a TCP/IP server like a small webserver and then another webapp to do the dirty work is what I'd do
<TJ-> vedic: Does machine 1 do anything to the files except write them to a file-system?
<rbasak> vedic: it's important to consider the error states. That's what costs time and effort maintaining a deployment.
<vedic> TJ: Machine 1 just holds those files temporary and waiting to get them moved permanently
<rbasak> vedic: what you want to do is reduce the state space so that the system doesn't get stuck or broken.
<vedic> rbasak: I see
<rbasak> vedic: or that it self-corrects from an errant state.
<vedic> rbasak: yea, thats priority
<TJ-> vedic: So why not NFS mount a file-system from machine 2 onto machine 1? machine 1 writes into it, machine 2 sees the files arrive
<rbasak> I would avoid NFS since it makes handling errors harder.
<rbasak> What if machine 2 is down? Should the web app on machine 1 hang?
<vedic> TJ: What if Machine 1 and Machine 2 are on not on LAN but on cloud and may be hosted in different locations?
<vedic> "on not" => "not"
<rbasak> vedic: the issue with moving files about is that if there's a "confused" state possible, you'll inevitably end up in it eventually.
<RoyK> vedic: If I understand your application correctly, I'd use webservices - just that - it'll make error handling easy - far easier than nfs or other shared filesystems
<rbasak> vedic: eg. races like failures when shutting down for restart, and a file was half copied. Or old half copied temp files filling up all space.
<vedic> RoyK: I see
<rbasak> Or a file copied across but not removed at the sending end. The receiving ends processes it, deletes the file, and then it accidentally gets processed twice.
<vedic> rbasak: yea, I would surely prefer that this doesn't happen
<rbasak> A message queue basically solves this problem. But it is complex to deploy.
<vedic> rbasak: hmm
<RoyK> vedic: with webservices (or similar) it'll be stateful from end to end - keep it simple ;)
<vedic> rbasak: RabbitMQ?
<rbasak> RoyK's solution will also work cleanly I think, assuming that files can be processed immediately. Otherwise you'll want a queue.
<rbasak> Something like that, yes.
<rbasak> Amazon has SQS.
<vedic> rbasak: yea
<vedic> rbasak, RoyK: I think I will need something like message queue. Hope that doesn't adds its own latency to a large extent
<TJ-> I agree with RoyK, simple inotifywait + rsync, as in the example at https://github.com/rvoicilas/inotify-tools/wiki#info
<TJ-> I think you're over-engineering the solution
<vedic> TJ: hmm... I see pyinotify
<vedic> I use Python so I will surely check this along with message queue solution
<rbasak> I just remembered watershed
<rbasak> That might be even easier than inotify
<RoyK> TJ-: I thought so first, but as of now, I think it'd be better with just the receiving webapp to use a webservice with server 2, which may have some queueing if needed
<RoyK> (on server 2, that is)
<rbasak> Just call it with rsync every time after you finish writing a file. It will make sure that rsync only runs once, and one more final time.
<rbasak> Be careful with writing files though. You don't want to rsync half a file, so mv it in from another directory.
<rbasak> (this is one of the error states I was talking about)
<hallyn> smb: i'm thinking on thursday morning (my morning :) I may go through the debian.vs.ubuntu libvirt packages.
<hallyn> stgraber: I really wish '-F' was an option in download template.  I always mis-spell '--flushcache'.
<zartoosh> hi this might be a wrong place to ask but here it is:  we recently moved from 12.04,  to 14.04. One of our applications which is single thread, no forking and does floating point calculation is running 3 times slower on ubuntu 14.04 compare to 12.04. The floating point uses math library calls, tan, ceil, floor. Any hints greatly appreciated . thx
<sarnold> zartoosh: perhaps related: https://gcc.gnu.org/ml/gcc/2012-02/msg00469.html
<MavKen> with 1GB ram...any reason to use 64bit?  basic lamp setup with a few wordpress sites
<Guest20842> how to access my local machine from another machine ?
<KM0201> Guest12249: remote desktop?  vnc?
<bekks> !ssh | Guest20842
<ubottu> Guest20842: SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<MavKen> Guest20842, ssh
<KM0201> oh.. forgoti was in -server  :)
<qman__> MavKen: consistency, application support
<fridaynext> if i sudo update-rc.d sickbeard defaults - will that cause it to start up at system boot each time?
<arrrghhh> fridaynext, you have sickbeard installed and an entry in /etc/init.d for it?
<fridaynext> arrrghhh: yes
<arrrghhh> then yes, it iwll.
<arrrghhh> will*
<fridaynext> arrrghhh: gotcha - thanks
<arrrghhh> http://manpages.ubuntu.com/manpages/precise/man8/update-rc.d.8.html
<arrrghhh> if you want to know moar
<delinquentme> best way to get the internal network IP from a command like ifconfig ... but without needing to clean up the other stuff?
<sarnold> delinquentme: "the" IP? it's possible for a machine to have thousands, if not millions..
<delinquentme> so im making a number of cloned machines so all of the info returned should be fairly similar
<xibalba> anyone here work with pure-ftpd much?
<xibalba> trying to use pure-quotacheck -u ftpuser -d /home/some/user/directory. it runs, but returns nothing.
<delinquentme> ifconfig | perl -nle'/dr:(\S+)/ && print $1'
<sarnold> delinquentme: ip addr show  may be easier to parse
<xibalba> oh it only creates the file...doesn't check the quota
<monokrome> Does anyone here have experience running OpenStack on Ubuntu server?
<monokrome> I was going through the documentation for Ubuntu OpenStack Cloud and it says to use `virsh list --all` which doesn't list anything
<monokrome> So, I created 6 VMs with `virsh install` (hopefully that is what is expected) but don't know the appropriate way to get them to talk to MAAS
<monokrome> I figure that they need to be on a private network, but am not sure how to set one up. They are set up to use PXE.
<rbasak> monokrome: there's a ton of work in this area at the moment. Try the cloud installer: http://ubuntu-cloud-installer.readthedocs.org/en/latest/
<stokachu> http://askubuntu.com/questions/144531/how-do-i-install-openstack
<stokachu> rbasak, ^
<rbasak> monokrome: stokachu's link should help
<stokachu> http://ubuntu-cloud-installer.readthedocs.org/en/stable/single-installer.guide.html
<stokachu> monokrome, thats our guide for the cloud installer
<stokachu> monokrome, http://ubuntu-cloud-installer.readthedocs.org/en/latest/single-installer.guide.html
<stokachu> sorry you want that one instead
<qman__> I set it up once and found that its quite difficult and complex, it took me a few days to actually get things working and in the end I found that it didn't suit my needs, and replaced it with a normal KVM setup
<qman__> I also found that its changing a lot between versions, so old documentation is usually more harm than good
<rbasak> The Ubuntu cloud installer documentation linked above is current, AFAIK.
<stokachu> our installer guides are also autogenerated on each commit
<stokachu> so they'll be the most current
<qman__> Hopefully its much better now, I used 12.04 when I set it up
<rbasak> Things have progressed massively in the last two years.
<qman__> The main reason I decided not to use it was that I needed persistent VMs, and while possible, doing that was awkward and difficult, and regular KVM just made more sense
<z1haze> if i were to use a bare metal hypervisor, such as esxi on my server, would i still be able to like install say.. ubuntu or something on it so i can use the server itself as a regular server and just use the esxi to create the vm's? im confused as how that works
<z1haze> my host has a install hit basically replaces the o/s but they are telling me its not a full o/s
<qman__> z1haze: no, the bare metal hypervisor becomes the server's OS
<z1haze> how what would you recommend i use then?
<qman__> z1haze: you then create everything in VMs
<z1haze> just like create a large portioned vm for myself?
<z1haze> i guess i want the functionality of using the hypervisor and have ubuntu.
<z1haze> i suppose i could just create a vm for myself and install ubuntu on it huh?
<qman__> Yes
<qman__> That is the point of bare metal hypervisors
<z1haze> ok yea, im realy new to this. im sorry
<qman__> Only the minimum runs non-virtualized
<z1haze> ok well, what if i want my vm, the one ill be using for myself and to utilize basically whatever portion of the server i want.. how would i configre that as to not be restricted from cpu or RAM or w/e can it be like configured dynamically to where it takes whatever it needs?
<qman__> That way, the hardware layer is abstracted and marginalized
<qman__> Some hypervisors support dynamic hardware changes but generally you don't do that
<qman__> The concept is that you create a VM for each role or service you are performing
<qman__> with appropriate resources assigned to that role
<qman__> So instead of one bare metal server that does lots of things, you have lots of VMs that do one thing each, sharing hardware
<qman__> It simplifies upgrades and management, and allows you to reduce downtime when problems arise
<qman__> For example, I am able to upgrade my VMs to 12.04 and 14.04 one at a time, only taking down one service or role, even though they run on the same hardware
<qman__> I can also take snapshots and roll back if it fails
<qman__> Which for my mail server, it did
<qman__> All the while, my spam filter running as another VM on the same box, kept receiving my mail
<Lunario> when I ssh into my ubuntu server via ssh -X -t  and then start a program in the terminal, I would like that program to be accessible from other terminal windows created via ssh. I would also like to have access via ssh to particular programs running on my server and open them in the terminal (say an always connected irssi client). How do I do that?
<qman__> Lunario: not including the X11 forwards, you can use GNU screen
<fridaynext> so i've got files in /etc/init.d/ as well as /etc/defaults, and i've update-rc.d'd them and chmod +x'd them, but they still don't start at bootup. Ideas why?
<Wylley> Hi everyone
<Lunario> qman__: just searched for it and am checking it out, thanks for the hint!
<Lunario> seems to be able to do what I want to do, so great :)
<Wylley> having a weird issue trying to install Ubuntu Server (14) on to a machine that has FakeRAID built in to the motherboard. Installation goes normally, but on reboot, I just get an endless loop of "Incrementally started RAID arrays" and "mdadm: CREATE user root not found", etc.
<qman__> Wylley: rule of thumb, don't use fakeraid, just turn it off and use mdadm
<qman__> It will have more features, be more reliable, and be portable
<fridaynext> and Wylley, if you need a tutorial, I used this one to set up RAID5, and it helped me understand it immensely: http://zackreed.me/articles/38-software-raid-5-in-debian-with-mdadm
<fridaynext> Also has great tutorials on SMART drive status, UPS, email notifications, etc.
<Wylley> qman__, ok, killing the onboard "raid" controller, going to reinstall.
<Wylley> fridaynext, thanks. I'll go check it out.
<qman__> Wylley: the installer's raid option during disk setup is mdadm in case that wasn't clear
<Wylley> qman__, during the install, it says it found drives containing mdadm containers. Do I want to activate these?
<qman__> No, you want to delete them and start over
<Wylley> ok, and do I want "entire disk" or "entire disk with lvm"?
<qman__> I've found that sometimes you can get into a situation where you have to manually zero out the drives otherwise the installer keeps trying to assemble old stuff and never works
<qman__> You want custom
<qman__> https://help.ubuntu.com/14.04/serverguide/advanced-installation.html
<Wylley_> qman__ thanks for your help. I think I'm on my way to a working server now. :-)
<Lunario> qman__: coming back to gnu screen: is it also possible to keep a gtk process started via gnu screen running after detaching from the session?
<rbasak> Lunario: look into xpra to do screen-like things to graphical (X/GTK) programs
<Lunario> rbasak: thanks, will do
#ubuntu-server 2014-08-06
<ahmadgbg> Hi, what is the best way to backup a web server? (database and files, Daily+3days)
<z1haze> will rsync -a only backup files if they are newer than the ones already backed up?
<gambol> guys, any similar option in Ubuntu for "ksdevice=bootif" in rhel/centos ?
<WACOMalt> Hey guys. I apparently borked my sources.list file. http://i.imgur.com/12evAyA.png (at least I think so, what's the 3rd character? O_o  )  can anyone tell me whoch repos are enabled in a initial install of ubuntu-server 14.04 so I can select them on this page and generate a new one? http://repogen.simplylinux.ch/index.php
<WACOMalt> figured it out, thanks. Main, Restricted, Universe, Multiverse, Security, and updates. Are apparently what was originally in my sources. in case anyone else ever needs a stock list.
<smb> hallyn, Hm ok, Friday would be better for me as I am till then gate crashing the event in NÃ¼rnberg.
<Syria> Hi guys, I have hired a new VPS and I want to make a web server of, I have to install apache, phpmyadmin and mysql right?
<Sierra> Syria: You'll want PHP as well
<Sierra> phpmyadmin isnt really required, but I'd recommend it to make managing your mysql server easier.
<Syria> Sierra: Is this going to be "sudo apt-get install php" ?
<sarnold> blech, install php only if you really need it... install mysql only if you really need it.
<Syria> I think I need both since I will install osticketing system.
<Abhijit> anyone here successfully used cobbler for ubuntu/debian?
<KM0201> cobbler?
<Abhijit> cobblerd.org
<KM0201> well, it has a ubuntu version, so.. i don't see that it would be that difficult..
<Abhijit> KM0201, how about actually tring it in practice and then commenting?
<KM0201> boy, testy little asshole aren't you
<Abhijit> ??
<cfhowlett> KM0201, drop the attitude and cease the profanity
<KM0201> he gave the attitude... i never bother anybody here.
<cfhowlett> !guidelines | KM0201, this isn't high school..  follow the guidelines if you wish to use this resource
<ubottu> KM0201, this isn't high school..  follow the guidelines if you wish to use this resource: The guidelines for using the Ubuntu channels can be found here: http://wiki.ubuntu.com/IRC/Guidelines
<z1haze> anyone used esxi before and can help me?
<z1haze> hi, i have a fresh installation of esxi on my dedicated server, i created a vm and am installing debian on it, but im having network errors, it wont configure the network during installation, I think I just dont know how I'm supposed to set it up
<z1haze> i have 1 main ip that was issued with the dedicate server, and I just bought another one that says its a failover ip
<Noskcaj> Could someone please help me with some MIRs to make pytohn-wsme work>
<Noskcaj> ?
<cfhowlett> !python | Noskcaj,
<ubottu> Noskcaj,: python is a popular Object Oriented scripting language included in Ubuntu. For more on Python please see http://www.python.org/ or #python
<Noskcaj> cfhowlett, um, i know what pytohn is
<Noskcaj> *python
<Noskcaj> typing is hard
<Noskcaj> transaction and turbogears2 are the two packages needing a MIR
<Noskcaj> transaction is not actively maintained in debian, and turbogears use python-support and many universe depends
<Syria> Hello there, I have just installed mysql apache2 and php5 but when i try to navigate to folders in my webserver i can only go the it works page! any another folders "The requested URL /q was not found on this server. Apache/2.4.7 (Ubuntu) Server at 0"
<Syria> Restarting apache did not solve the problem
<Syria> I am sure that I am typing folder name of the installation script correctly!
<Syria> Sierra: Hello
<Syria> Guys would you please consider helping me.
<cfhowlett> Syria, might want to ask ##linux or #apache
<Syria> cfhowlett: I did it ! I changed the root directory for apache.
<Syria> cfhowlett: Thank you/
<cfhowlett> Syria, good work!  congratulations!
<z1haze> how can i mount an ftp servr as a partition using nfs?
<apw> did we break libvirt/qemu in utopic ?  seeing errors trying to create machines:
<apw> ((null):3909): Spice-ERROR **: reds.c:3213:do_spice_init: statistics shm_open failed, Permission denied
<hackeron> hey, I have a Ubuntu 14.04 machine that keeps running out of ram, I can't figure out where the ram is going, can anyone help? - details here: http://superuser.com/questions/793192/what-is-using-up-all-my-memory-ubuntu-14-04-lts-server
<apw> ok this is because libvirt is defaulting to "Spice" but that is not installed
<apw> hallyn, ^^ is this is a virt-manager bustness or a qemu bustness
<Aison> my ubuntu server is no longer booting after upgrade, that means, the kernel itself is booting, but then it stops
<Aison> looks like some initramfs or systemd or whatever problem
<Aison> is there a solution to boot with an usb linux, changeroot into the system and try to fix the problem? eg. updating grub or whatever?
<TJ-> Aison: Yes, if you can boot from another source, such as Live ISO. I wrote a script I can run once I'm in a recovery environment that auto-create and tears-down a chroot environment for the failed install, to make repair quicker: https://iam.tj/projects/misc/chroot-auto.bash
<Aison> TJ-, thx
<Aison> TJ-, is grml sufficient?
<TJ-> Aison: It should be, being Debian based it should have the expected tools
<Aison> fine
<zartoosh> Hi as i update my system, I get new entries on my grub.cfg due to newer version of kernel and on the next reboot my system boots to newer version of kernel. How could I make sure my system boots into specific kernel version and not the newer version? thx
<hackeron> hey, I have a Ubuntu 14.04 machine that keeps running out of ram, I can't figure out where the ram is going, can anyone help? - details here: http://superuser.com/questions/793192/what-is-using-up-all-my-memory-ubuntu-14-04-lts-server
<TJ-> zartoosh: set the default in "/etc/default/grub" "GRUB_DEFAULT="
<zartoosh> TJ- Thanks
<zartoosh> HI I have installed ubuntu 14.04 on two partitions of my disk. I boot into UEFI mode. The EFI partition is installed on a USB stick which gets mounted on each disks in this path /boot/efi/EFI. There are two entries in EFI directories ubuntu and ubuntu1 for each disk partition.  I have enabled grub so it can detect OS on different partition so I can boot to other partition if  I choose too. Using efibootmgr does not work for me to c
<zartoosh> hoose the next boot partition. Any idea greatly appreciated. Thx
<z1haze> what is the safest way to mount a ftp backup server? i only have cifs, nfs, and ftp
<TJ-> zartoosh: What efibootmgr command are you using?
<patdk-wk> well, considering it's an ftp backup server, only via ftp :)
<zartoosh> TJ-,  efibootmgr -n <boot order number>
<z1haze> ..
<z1haze> how can i mount it ?
<z1haze> in a directory
<TJ-> zartoosh: Assuming the boot entry pointed to is valid and active, that should work for the next boot
<TJ-> zartoosh: the UEFI itself might be flakey though, so you might have to use --bootorder
<zartoosh> TJ- sorry I am not familiar with --bootorder, is that an option to efibootmgr, I just checked the man page and I do not see that.
<zartoosh> TJ-,  it is an option I just saw it thx
<z1haze> im having such a hard time on how to mount a ftp server filesystem on my server.. acn anyone hint on what to search for?
<pmatulis> z1haze: explain what you want to actually get done, in simple terms
<hallyn> apw: what do you mean by spice is not installed?  'kvm-spice'?  spice libs?  Anywya I think it is a virt-manager bug, and I think we're waiting on the merge of new virt-manager to fix all manner of issues
<fridaynext> i have my spamassassin required score set to something like 3.2 - is there some sort of 'spam list' I can import into my spamassassin config to better filter spam?  I'm still getting way too much.
<pmatulis> http://www.spamhaus.org/zen/ was hot back in the day
<fridayne_> thanks pmatulis - i'll try that now
<apw> hallyn, in that it explodes with that error having selected spice by default
<patdk-wk> dbl.spamhaus.org does wonders though
<patdk-wk> helps blocks spammy domains on shared mail servers
<hallyn> apw: so perhaps virt-manager should Depend: on spice?
<hallyn> hm, it does
<hallyn> oh i see you opened a bug, very good - thanks
<^Lestat> Yesterday I had done a bunch of configure/make/mak install of a pdf lib. It turns out this is the light version and I would like to uninstall it so I can install the full version.
<^Lestat> Is tehre a proper way to uninsall and unregister all the .so files etc?
<^Lestat> uninstall even
<^Lestat> Im not even sure where all the parts went to really. I think some are in /usr/local/src
<rberg> ^Lestat: tip: in the future you should use 'checkinstall' instead of 'make install' this will create a basic deb that can be installed and uninstalled.
<^Lestat> Im bouncing about on the www reading about this
<^Lestat> basic 'deb'? Whats a deb?
<rberg> A deb is the package that apt and friends actually installs
<^Lestat> A source package right?
<^Lestat> meaning, requires compilation.
<rberg> not exactly... the source is usually a tarball that generates the .deb files
<^Lestat> so checkinstall compiles the source and includes an uninstaller?
<rberg> checkinstall replaces 'make install' and installs to a fakeroot then makes a deb package out of that
<^Lestat> fakeroot. Here I go again. Drinking water from a firehose.
<^Lestat> Im just reading through this
<^Lestat> https://help.ubuntu.com/community/CompilingEasyHowTo
<^Lestat> grasping terminology
<^Lestat> Now that my emergency is over I have time to learn more.
<rberg> that looks right to me.. re Resolving Dependencies you can often use 'apt-get build-dep package' to get build dependencies
<^Lestat> For the most part apt-get install whatever installs all dependencies I need.
<^Lestat> from what I can tell.
<rberg> yes it does install runtime deps but not build deps.. thats if you are trying to compile something
<^Lestat> Yea thats what Ive been doing lately. The PDFlib
<^Lestat> That was a freaking mess.
<rberg> heh compiling software on production servers usually is :)
<^Lestat> This is my local dev box so it's ok. I had my host install it on my production box
<^Lestat> This is why it's worth the extra $ to have someone handle the server for me.
<^Lestat> for now anyways.
<^Lestat> is /usr/local/src the typical area for "users messing around" area?
<rberg> yeah thats fine.. build in /usr/local/src anf install to /usr/local.. that will ensure that apt wont step on your toes
<rberg> expect breakage if you do a dist-upgrade in the future
<^Lestat> why the break?
<rberg> if you upgrade system libs that the self compiled software uses you should expect it not to work anymore.. and will have to recompile it
<^Lestat> why not compile in /tmp ?
<^Lestat> I guess for the most part, does it really matter where I do the compiling?
<rberg> tmp gets cleared on reboot.. you may want to keep it around.. other then that its fine too
<^Lestat> I haven't touched anything. Still reading up on it.
<^Lestat> Do you think there would be a better channel for my questions, or am I in the right place?
<rberg> dunno.. is there a #fullstack channel?
<Nivex> arrrghhhAWAY: doh! I forgot about the engineering hangout
<^Lestat> nixie pixel is nice.
<rberg> that is not at all what I thought it was
<rberg> I was expecting a vacuum tube or something
<arrrghhh> Nivex, that's today?
<Nivex> was, yes.
<arrrghhh> aw shoot
<dw1> any idea why PHP fsockopen() and some other program requests use a secondary serve rIP and not the primary?
<DarkStar1> Anyone around?
<DarkStar1> I logged into my machine and noticed this line at the end of /etc/passwd : sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
<DarkStar1> Now I
<DarkStar1> am no sysadmin, but given the fact that it is the last line this implies that it was created recently
<DarkStar1> should I be worried and am I right?
<FrankBlues> They will never be able to login, /usr/sbin/nologin prevents that...
<DarkStar1> FrankBlues: but I am correct that it was something that was recently created
<DarkStar1> ?
<DarkStar1> FrankBlues: am I correct in assuming that the user was created recently?
<FrankBlues> Possibly, but I would guess it was created by the sshd daemon.
<sarnold> DarkStar1: my sshd user is listed after my user account too. I wouldn't worry about it.
<DarkStar1> sarnold: thanks. It's just that this comes after having my provider reset ssh settings and so that I could gain access to the server again. after mysteriously loging access a few days back
<sarnold> DarkStar1: they may have done an apt-get purge openssh-server ; apt-get install openssh-server
<DarkStar1> sarnold: thanks
<patdk-wk> likely normal, unless you select, install openssh at install time
<patdk-wk> mine is the line RIGHT before my user
<sarnold> patdk-wk: heh, I just try to get through the installer as fast as possible, I didn't realize that was an option :)
<patdk-wk> I normally do it, cause it's too annoying to get console access :)
<sarnold> :)
<^Lestat> ok sweet. I found a binary of the pdf lib. Can I just plop a copy of the .so file into /usr/local/lib and add its extension=pdflib_php to my .ini?
<^Lestat> or is there some kind of voodoo I need to do?
<^Lestat> So I dropped the binary into /usr/lib/php5/20090626+lfs/pdflib_php.so and added extension="pdflib_php.so" to my /etc/php5/apache2/php.ini and reloaded the server
<rcaskey> hrmm, my hardy->intrepid upgrade isn't going so hot :P
<^Lestat> phpinfo has nothin
<Pici> rcaskey: Did you expect it to?
<rcaskey> nope :P
<Pici> good.
<rcaskey> trying to step through enough stuff to claw my way up the version treadmill
<rcaskey> ive got a cold spare in case I need to pull this off the rack and just rebuild it
<Pici> Hardy is an LTS, the best thing to do would have been to upgrade to 12.04 directly.
<rcaskey> tried that
<rcaskey> that's precise rihgt?
<Pici> er, not to 12.04.  I mean to 10.04
<Pici> But yes, 12 is precise. 10 is lucid.
<Pici> *.04
<rcaskey> bwhaaha, dep chains are comically b0rk, wans to remove e2fspros
<rcaskey> we'll do it
 * rcaskey rolls the dice
<RoyK> ^rcaskey: how did you try to upgrade?
<^rcaskey> RoyK, via dist-upgrade
<RoyK> ^rcaskey: that won't upgrade the distro release - try do-release-upgrade
<qman__> Why upgrading to intrepid? You should upgrade to lucid, then precise
<^rcaskey> yeah I think at this point it's probably easier just to do a fresh install
<RoyK> ^rcaskey: if you're on 10.04, the default will be to upgrade to the next lts
<^rcaskey> now I've got a foot in both worlds I think and I got a glibc error when doing do-release-upgrade
<RoyK> perhaps a fresh install, then :P
<^rcaskey> so anyway, I made a dumb mistake, on the other hand I have a spare machine :)
<RoyK> goodie
<jimi_> I am installing ubuntu server in a vm. It will be lamp stack and mail server. No X windowing at all. How much ram should I allocate for this given that it wont be using graphical?
<qman__> Depends on your expected load, but for a light one, you can start with 512mb
<RoyK> jimi_: start with 256MB
<RoyK> jimi_: monitor the system and give it more if it needs more
<jimi_> qman__, my laptop only has 4GB of ram (brand new) and can't be expanded. Its a light laptop from lenovo yoga series.
<RoyK> jimi_: and, preferably, move the database to a dedicated box if possible, that is, if performance is important - if it's just a wordpress thing or something like that - anything would do
<qman__> jimi_: if swapping is acceptable, 256mb is enough
<RoyK> jimi_: as qman__ said - half a gig should do, quarter a gig may also be good
<jimi_> this is just for developing in, offline site
<qman__> And it may even work on 128mb though that usually requires tweaking and has a risk of OOM conditions
<RoyK> jimi_: it all depends on the traffic - php can be rather heavy on the memory in large traffic scenarias
<jimi_> literally going from windows host -> vm  for web dev stuff when im not at ork or at my desktop. portable dev env
<RoyK> jimi_: then 256 should do
<RoyK> jimi_: and even 128 as qman__ said
<jimi_> ok perfect ty :)
<jimi_> i gave the install 2gb of ram and its hard to type in host LOL
<RoyK> jimi_: 2GB for a dev thing like that is overkill
<RoyK> jimi_: shooting sparrows with artillery
<jimi_> RoyK, it was just for installer lol im gonna tune it down.
<RoyK> :)
<jimi_> RoyK, just need a lamp stack + git so i can work from my windows laptop on the road, etc. I am in a graduate school program that resumes in 3 weeks and requires some Windows apps.. too many for this laptop to have host linux and windows guest
<RoyK> jimi_: 256 then
<RoyK> jimi_: it should do fine
<qman__> Yep
<jimi_> ty guys you rock
<RoyK> jimi_: you may want to monitor it to check how much memory it uses - apt-get install sysstat (and enable it) or install munin
<qman__> Yeah, with a more exact picture you can tweak it more accurately
<jimi_> /join #vbox
<jimi_> whoops
<RoyK> jimi_: we've all been young jerks trying to find out about things - some grow old and try to behave like gurus not liking the young ones - some try to help out
<RoyK> jimi_: use kvm instead
<RoyK> virtualbox is oracle-land
<RoyK> avoid it
<Gargoyle> Any cloud-init guru's around to help me get ephmeral0 storage setup as swap space... I'm kind of bumping from one google result to the next with a bit of trial and error - info seems to be a bit thin.
<jimi_> RoyK, 256mb is FLYING fast.,.. how crazy fast a system is when you remove the windowing :P
<Patrickdk> it's all relative
<Patrickdk> it depends on your working set
<Patrickdk> if you where using a 1tb db, it likely would be painful slow :)
<Patrickdk> had a webserver vm this week, that was set to 256megs, I just upgraded it to 4gigs cause they expanded it, running a bunch more stuff than it used to
<Gargoyle> Cloud-init is almost as much black magic voodoo as regex! :P
<liquid-silence> jimi_ why not look @ vagrant?
<liquid-silence> RoyK kvm might not work on a windows host IIRC
<liquid-silence> if it was a linux host that is virtualizing linux then kvm would have been fine
<liquid-silence> Microsoft actually had their own implimentation of virtual box called virtual pc, I dont know if it still exists
<Patrickdk> liquid-silence, virtualpc died long ago
<liquid-silence> Patrickdk yeah I have not used windows in a while :)
<Patrickdk> hyperv, and yes, it works just fine
<Patrickdk> but in order to do kvm, you MUST enable it like anything
<liquid-silence> hmmm
<liquid-silence> my brain is in a state of activity that will prohibit sleep
<liquid-silence> Patrickdk I think what I mean is, in windows (non server edititions) there is no way to create virtual machines without 3rd party software
<liquid-silence> or graphical interfaces
<Patrickdk> that is right
<Patrickdk> unless you count xp-mode
<liquid-silence> on linux one can use quemu which is great for a light weight vm's
<Patrickdk> heh?
<Patrickdk> kvm is as light weight as you can make a vm
<Patrickdk> otherwise it's not a vm, but openvz or linux container
<liquid-silence> yeah sure, but there are options :D
<Patrickdk> unless you mean, qemu 32bit mode without kvm support, that would be highly heavyweight though
<liquid-silence> nah I was mistaken
<liquid-silence> I have to be up @ 6am
<liquid-silence> but its now 12pm and I am not remotely tired
<liquid-silence> 11:41pm
 * Patrickdk offers a hammer
<arrrghhhAWAY> hey... I was playing around with bind mounts and I seem to have gotten my system into quite a debacle.
<arrrghhhAWAY> I can't sudo ...
<arrrghhhAWAY> 'sudo: must be setuid root' - I didn't put any entries in fstab, I thought rebooting would fix it.  But it seems bind mounting changed all the permissions?  :/
<arrrghhh> looking at ls -la of /usr/bin... everything is now 777.  I know I didn't chmod everything, could a bind mount muckup do this!?
<arrrghhh> it must have.  oh my... I suppose I need to prep for reinstalll.
<z1haze> does anyone know if there is a template file or something that determines in what order partitions are created for esxi?
<z1haze> afaik, all the default installation creates the swap partition after root, which is stupid imo because if the person wants to increase the size of their root they cant without risk of corruption moving partitions around
#ubuntu-server 2014-08-07
<d4c7> Anyone working on an OpenSSL package?
<sarnold> d4c7: we'll publish an update for it tomorrow
<d4c7> sarnold: cool, tomorrow what TZ?  :)
<sarnold> d4c7: hehe :) probably less than twenty four hours from now anyway..
<d4c7> sarnold: got it, thanks!
<sarnold> thanks d4c7 :)
<MavKen> anyway to prevent port scans? using ubuntu 14.04
<MavKen> and any recommendation of fail2ban vs denyhosts?
<monokrome> Does anyone here have experience with MaaS and VMs?
<monokrome> I've been trying to run Ubuntu's OpenStack for the last week to no avail
<Mallot1> Hello
<Mallot1> How would I go about creating a public SQL server with ubuntu?
<cfhowlett> Mallot1, https://www.digitalocean.com/community/tutorials/how-to-migrate-a-mysql-database-to-a-new-server-on-ubuntu-14-04                      <<this?<<
<Mallot1> cfhowlett: I'm learning MySql for my iOS app ao i new to make new server
<cfhowlett> Mallot1, ah.  OK.
<Mallot1> ")
<Mallot1> :)
<cfhowlett> Mallot1, https://duckduckgo.com/?q=public+mysql+server+ubuntu&t=canonical
<cfhowlett> Mallot1, 12.04 but should be about the same for 14.04    >>>   https://help.ubuntu.com/12.04/serverguide/mysql.html
<Mallot1> wow! great help thanks thats just what I needed
<arrrghhh> hello, anyone mind helping with some dpkg/apt issues?  Tried to install some packages for setting up a build environment, and seemingly have broken apt...
<arrrghhh> this is what happens when I try to run dpkg --configure -a
<arrrghhh> http://hastebin.com/pukoloniyi.vhdl
<R0ckET> hola
<cfhowlett> !es | R0ckET
<ubottu> R0ckET: En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba " /join #ubuntu-es " (sin comillas) y presione intro.
<Abhijit> he went to #ubuntu
<R0ckET> sorry cfhowlett
<cfhowlett> R0ckET, no worries
<cfhowlett> R0ckET, please state your issue
<R0ckET> my issue is with bash, can you help me?
<cfhowlett> R0ckET, choose ONE channel.  no crossposting please
<R0ckET> ok
<Sierra> Unless there's a rule about it somewhere I missed... What's wrong with asking in multiple channels? One might have the answer where another might now
<Abhijit> exactly.
<cfhowlett> !crossposting
<ubottu> Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<monokrome> I do "sudo apt-get install docker" and it says it's already installed
<monokrome> I do: docker
<monokrome> and it says "The program 'docker' is currently not installed."
<arrrghhh> it dilutes the community effort, crossposting - similar to forums.
<monokrome> wat?
<R0ckET> there is a security certification for servers?
<lordievader> Good morning.
<phuh> Is it a good idea to put ssl pem file in /etc/ssl/certs?
<phuh> or /etc/ssl/private?
<six86> Hello. Is there a way to see "behind the progress bar" in an ubuntu server installation? Problem is that I have a problem with my preseed, but I can't see what's going wrong because it just is stuck on the progress bar.
<kklimonda> try different consoles
<kklimonda> one of the should be displaying progress
<maxb> This is the purple text mode installer? (d-i)
<maxb> You want to look at tty4
<maxb> And, if you're debugging preseed, you probably want the DEBCONF_DEBUG=5 kernel boot param
<six86> Thanks.
<six86> I could see that it is stuck when I do apt-get install xubuntu desktop in a shell script I call with late_command
<six86> I have no idea why it's stuck there...
<six86> It worked before, when I had everything in the preeseed file itself
<six86> maybe it is not good to use /bin/bash in a late_command script?!
<six86> maxb: Is there a way to automatically switch to tty4 during installation?
<maxb> Alt+F4
<six86> I mean to switch to this view automatically in an unattended installation
<six86> Is there a way to see the output of a shell script started in late_command?
<jpds_> six86: Log it to a syslog server?
<six86> no local quick way?
<jpds_> six86: It's probably in /var/log/installer/
<six86> Hm my late_command preseed script just hangs without any indication why....
<six86> Is something deprecated in this howto: https://fak3r.com/2011/08/18/howto-automate-debian-installs-with-preseed/  ?
<six86> I am doing almos the same and it gets stuck when i want do install a apckage
<mwhudson> i'm too tired to read the details but i think it's more or less right
<mwhudson> i've certainly done fully preseeded installs of trusty a bunch of times
<mwhudson> six86: what are you doing and what happens?
<Gargoyle> Is there a way to delete a filesystem from a disk (no partitions)?
<six86> I think only the bottom part with late_command is relevant. I'm trying to install xubuntu-desktop in the script called by late-command but it never ends. I put some outputs in the script and I see them in a log file, but "apt-get -y --force-yes install xubuntu-desktop" just hangs.
<mwhudson> ah
<mwhudson> maybe something is asking a question via debconf?
<six86> Before i just installed it in the preseed file directyl without chroot to /target, and it worked fine
<mwhudson> hm
<mwhudson> six86: is there some reason to not d-i pkgsel/include string xubuntu-desktop?
<mwhudson> in any case, it's bed time here, good luck
<six86> mwhudson: Yes. I'm also isntalling some other packages that are not authenticated, so it would just move my problem
<mwhudson> ah
<six86> mwhudson: good n8.
<mwhudson> yes that would do it
<hallyn> sarnold: jdstrand: so, last night my kvm vm with qcow2 snapshot rootfs woulnd't boot.  i shut down my thinkpad.  just booted now.  the vm starts!
<hallyn> jdstrand: sarnold: is it possible that your qcow corruptions would have disappeared after a reboot, or have you tried that?
<hallyn> I know it makes no sense...
<hallyn> I'm going to disable KSM, for starters
<jdstrand> hallyn: I never tried that
<Yevgeny> Hello
<Yevgeny> i get a PXE error
<Yevgeny> when I try to boot with PXE image boot
<Abhijit> what error?
<Yevgeny> I get an error with DHCP: "No dhcp or proxy dhcp offers recieved"
<progre55> Hi guys. I need to aggregate some logs (java application logs) from multiple servers into a single server. Using logstash could be an overkill (just for aggregating, no analysis or even filtering). Any suggestions?
<progre55> Could rsyslog be right in this scenario?
<jpds_> progre55: Yep.
<progre55> jpds_: thanks! Never used rsyslog before, but will dive into the documentation (although so far, the documentations seems a bit too difficult to digest)
<jpds_> progre55: $ cat /etc/rsyslog.conf
<jpds_> progre55: A quarter of the way down are the settings to enable the UDP server.
<progre55> jpds_: UDP? As far as I understand it, rsyslog supports TCP and TLS? These logs could be a little too sensitive to be sent over UDP
<progre55> but Iâll look into it
<jpds_> progre55: And to send traffic, you just do; "*.* @IP.ADD.HOS.T" on the sender.
<jpds_> progre55: Oh, right, *that's* the complicated bit.
<mdeslaur> If anyone is feeling adventurous, I just uploaded untested openssl packages here: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
<RoyK> mdeslaur: what sort of fixes are there in this?
<mdeslaur> RoyK: https://www.openssl.org/news/secadv_20140806.txt
<RoyK> mdeslaur: ouch - I hope the libressl progress is good...
<mdeslaur> I gather most of those issues also apply to libressl
<mdeslaur> cleaning up code doesn't necessarily fix security issues...it just makes them marginally easier to spot
<RoyK> "marginally"?
<hallyn> sarnold: jdstrand: I've also gotten quite a few hangs (only of utopic, not precise, vm) over a laptop suspend.  I have to virsh destroy and virsh restart.  but in this case it restarts fine, dn't have to reboot host.
<jdstrand> hallyn: see that even with old saucy kvm
<jdstrand> hallyn: not everytime, but every now and again
<mdeslaur> RoyK: it depends what the security issues are, if they are traditional C coding errors, sure, you'll uncover a few of them...but a lot of the crypto security issues are because of packet ordering or related to the complexities of ssl negotiation...those types of issues won't typically be spotted by cleaning up code
 * mdeslaur shrugs
<hallyn> jdstrand: I really get the feeling something about suspend/resume just doesn't get along with kvm on thinkpads.  anyway disabling ksm didn't help that particualr problem, let's se eif i get the disk corruption (which apparently was really page table corruption) again over the course of the day
<RoyK> mdeslaur: agreed
<alexrussell> I have Ubuntu 12.04 with fully up-to-date packages, and on login thereâs a message about the HWE being no longer supported. It suggests doing an LTS update and to be honest I wanted to anyway, so itâs all good. I do a `sudo do-release-upgrade` and get back âNo new release foundâ. A cursory Google search suggests I have to wait for the .1 point release, but then looking at http://www.ubuntu.com/download/server 14.04.1 is out, so is there
<alexrussell> something Iâm doing wrong? I know I can install update-manager and run `update-manager -d` to kinda force it to update anyway, but before I go down that route is there something Iâm not considering?
<rbasak> alexrussell: sorry, that is confusing. I'll raise it.
<rbasak> alexrussell: you can do an upgrade to 14.04 now if you wish - it's just not automatically recommended. That's coming soon.
<rbasak> alexrussell: alternatively, you can just upgrade to the latest HWE kernel.
<dasjoe> rbasak: that's because http://changelogs.ubuntu.com/meta-release-lts doesn't refer to 14.04.1 yet
<Nivex> dasjoe: do we have any idea why that hasn't been updated yet?
<rbasak> dasjoe: right. Nivex: I think it's just final QA etc. on flipping the switch. Not sure of the exact reasons.
<dasjoe> Nivex: it's coming "soon", according to 14.04.1's release notes
<Nivex> rbasak: FWIW arrrghhhAWAY and I have been tracking this for the last two weeks: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/1344762
<uvirtbot> Launchpad bug 1344762 in update-notifier "update-notifier tells me to upgrade from 12.04.4 LTS to 14.04 LTS (because of HWE), but that release is not found" [Undecided,Confirmed]
<rbasak> Nivex: ah, that'll be the same bug here then - thanks.
<alexrussell> Sorry got pulled away form my desk right after asking that. Thanks guys for getting back to me. Iâll hang on till it can be done automatically then.
<Nivex> I've been tempted to pull the trigger on the do-release-upgrade -p, but I've been desparately trying to find out what the blocker is so I can know what problems I'll run into.
<Nivex> There seems to be a black hole between me and whoever is making that decision.
<alexrussell> Interesting...
<Nivex> I'd recommend to whoever is writing those release announcements to define "soon" as a tangible time range (eg: X days, weeks, months). I parsed "soon" as a few days and we're up to two weeks.
<alexrussell> yeah that seems a bit odd
<Nivex> at this point it's less about not having the bits on time and more about the lack of transparency for me
<alexrussell> And/or, as you say, get an idea of if thereâs a reaosn itâs not released for upgrade yet (maybe someone forgot to update something, maybe itâs a big blocker)
<rbasak> I understand the concern that there's some reason for holding it back that you don't know about, and thus don't want to do it yet.
<rbasak> I will ask.
<rbasak> I suspect it's just that 12.04.5 is being worked on first, and the same devs are working on both, so it's easier to do one after the other.
<TJ-> I emailed Adam Conrad about this issue after his release announcement but got no reply, and the ubuntu-release team mailing list had an RFC back in February about the 12.04.5 release, and there's an email from yesterday saying 14.04.1 is going to be available from "Thursday"
<TJ-> The key issue is here that support for current HWEs goes out of support today and with no 12.04.5/14.04.1 upgrade its as if everyone is expected to upgrade on the same day... there needs to be a month of overlap from availability of the upgrade until the previous HWE goes EOL
<zereraz> Hello, I have a question , What are the lower level working of a web servers? If this is not the right channel please direct us.
<arrrghhh> Nivex, I hate to say it... but I had to install 14.04 :/
<arrrghhh> I got a little trigger happy with some bind mounts and managed to hose the entire 12.04 install.
<user123321> What is the setting I need to set in interfaces file to enable networking between my VM's without a router?
<monokrome> user123321: I think that you need to masquerade on that network with iptables
<user123321> Aha
<pmatulis> user123321: by default KVM guests are on the same network, so nothing to do
<user123321> pmatulis, But VM's get different IP's if I use bridged adapter in VM settings (with router, ofc), no chance with this method too?
<sarnold> hallyn: I never tried rebooting my laptop to see if that would allow my VMs to boot when they were corrupted beyond booting
<sarnold> hallyn: I did see two or three times different VMs refusing to restart after laptop suspend/resume but never investigated those. I figured it was a miracle they worked at all after suspend/resume of the host. :)
<sarnold> s/refusing to restart/hanging and not responding and requiring a VM reboot/
<pmatulis> user123321: do you want your guests to be contacted from outside the host? if so, use a bridge.  if not, use the default NAT
<user123321> pmatulis, Even with a bridge, I must need a router for assigning IP's for VM's, right?
<user123321> I mean, including networking between VM's.
<hallyn> sarnold: the next time you find corruption, please do try reboot and see if it works after that
<hallyn> not only did my vm boot, the disk image was fsck-clean
<hallyn> so this seems like some page cache badness
<pmatulis> user123321: with a bridge you effectively put your guest on the same lan as the host
<user123321> pmatulis, Even if I don't have a router connected to my ethernet port?
<pmatulis> user123321: yep
<user123321> pmatulis, Oh, so I shouldn't be having a problem for networking between my VM's, right?
<user123321> without a router*
<pmatulis> user123321: well, do they get an IP from a DHCP server on the lan?
<sarnold> hallyn: wow. leaping right to conclusions, I wonder if it was that KSM bug...
<hallyn> sarnold: does your laptop have numa?
<hallyn> i've disabled ksm here this morning, will have to see if i end up with corruption in the next two days
<sarnold> hallyn: unlikely, just dual-core i7
<user123321> pmatulis, It didn't work the last time I checked without a router. Well, if I set 2 static IP's to 2 VM's, say, 192.168.1.3 and 192.168.1.4, is there a way to ping from the 1st VM (192.168.1.3) to the second VM (192.168.1.4).
<hallyn> sarnold: i've only got i5.  aren't you cool
<hallyn> arges: hi, i just pushed a new 1.2.2-0ubuntu13.1.4 libvirt to trusty-proposed, bc the 1.2.2-0ubuntu13.1.3 fix was incomplete.  Could you please accept into trusty-proposed (deleting the 1.2.2-0ubuntu13.1.3 currently there)?
<arges> hallyn: sure i'll review it
<pmatulis> user123321: are those addresses part of the lan?
<hallyn> thanks arges
<user123321> pmatulis, I would like to create a LAN.
<user123321> without a router.
<user123321> Wondering if it's possible.
<sarnold> hallyn: hehe, when my laptop refresh comes around I might be looking at eurocom.com :)
<pmatulis> user123321: the host must be on a lan already
<arges> hallyn: ok done
<hallyn> sarnold: i've got two years to my next one, but the toshiba rharper pointed to looked sweet
<hallyn> trackpoint, trackpad, and real mouse buttons.  sign me up!
<sarnold> hallyn: oh right, I meant to go look that one up..
<hallyn> hm, eurocom gaming laptop perhaps
<user123321> pmatulis, Aha. By the way, here's the scenario. I have 4 VM's running at the moment, each assigned with a unique IP address by the router. And I could ping my VM's from my host. I'm wondering if I'm able to achieve the same functionality without a router connected to the ethernet port.
<sarnold> hallyn: nine pounds? what could go wrong? :)
<hallyn> shoulder injury? :)
<pmatulis> user123321: i have a feeling by 'router' you mean DHCP
<sarnold> hallyn: lol
<user123321> pmatulis, Ah, I have connected my ADSL router to my machine.
<pmatulis> hallyn: i'm always on the lookout for a decent lappy.  what toshiba is it?  can't find in scrollback
<user123321> pmatulis, Yes, the router has DHCP.
<hallyn> pmatulis: check warthogs list
<pmatulis> hallyn: ah ok
<hallyn> he couldn't find the i7 in the us.  but that's ok, my week-old tp is i5, does fine
<hallyn> all right, back to libvirt and systemd-shim.  \o
<sarnold> good luck
<Rug> I have squid3 running on one of my servers and it is working as a proxy. BUT as soon as I enable 'transparent' it fails to operate.  any suggestions?
<Rug> http_port 8888  <- works      http_port 8888 transparent  <- does not work
<Rug> I have also tried these variations (none work): 192.168.0.241:8888 transparent   http_port 192.168.0.241:8888 intercept   http_port 8888 intercept
<TJ-> Rug: how does it "fail to operate" ?
<TJ-> Rug: Is it accompanied by a netfilter rule that redirects port 80 traffic to port 8888, with an exception if the source is the IP or process ID of squid?
<Rug> TJ-: the access.log fail shows no activity.  The web-browsers don't fetch any pages
<Rug> TJ-: no (about the netfilter rules
<TJ-> Rug: transparent proxy intercepts non-proxy requests and forwards them if needed. That requires netfilter rules to redirect transparently as far as the clients are concerned.
<Rug> TJ-: ok I'll look into that.  Thanks.
<TJ-> Rug: Or, do you mean squid is in transparent mode and the clients have the proxy port 888 configured and the proxy fails to return
<Rug> TJ-: When in transparent mode, the proxy server (as evidenced by the access.log) shows no activity.
<pmatulis> user123321: if they're on the same subnet and use the host's bridge then they should be able to see each other
<TJ-> Rug: Are the clients configured to use the proxy on port 8888 or are they sending requests directly to the target?
<Rug> TJ-: port 8888
<TJ-> Rug: For transparent read: http://www.tldp.org/HOWTO/TransparentProxy-6.html
<user123321> pmatulis, Aha, so if I set static IP's and same subnets for VM's, I'm good to go?
<TJ-> Rug: read also http://wiki.squid-cache.org/SquidFaq/InterceptionProxy
<pmatulis> user123321: and the bridge, yeah
<Rug> ok thanks.
<user123321> pmatulis, Cool, thanks.
<dw1> how can i change the default interface to the main ip? everything (php, sendmail) seems to be sending out with a secondary ip (added/used for SSL on a specific web site)
<dw1> i think i prob set up my secondary IP wrong https://pastee.org/44agb
<dw1> i want the first one as default for outgoing connections
<sarnold> dw1: can you configure your services to bind to eth0 instead of wildcard binds?
<dw1> i can configure each individual program/outgoing PHP socket to use the IP i want, yes
<dw1> but id rather it use the eth0 ip by default
<sarnold> I know of no mechanism to ask the kernel to prefer one IP over another when a wildcard bind is used
<dw1> wildcard bind.. thats the 0.0.0.0 i see in route -n i guess
<dw1> https://pastee.org/pfbxh
<sarnold> dw1: that's a default route; slightly different ;) hehe
<dw1> what makes it a wildcard bind in /etc/network/interfaces ?
<sarnold> dw1: nothing; applications will just use int fd = socket(AF_INET, SOCK_STREAM, 0); connect(fd, ...);  without using bind(fd, ...) first
<dw1> ahh hmm
<dw1> so its normal then.
<dw1> thanks for input
<sarnold> dw1: actually... if you're up for some research, this might be promising: http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.simple.html
<stetho> Hi. Does any have any recommendations for a directory server for home use? I'm tempted to just go with OpenLDAP but I'm nervous of its fragility and my inexperience. Locking my kids out of their computers wouldn't go down well. I've looked at other things like FusionDirectory and FreeIPA but I am wondering if there's other options that I haven't found yet before I choose one of them.
<sarnold> stetho: 389ds? sssd? (never tried either one, just trying to give more choics :)
<stetho> SSSD is an authentication daemon. I had forgotten about 389DS - I'll go and have a look.
<sarnold> no directory component? thanks :)
<zartoosh__> HI I am using ubuntu 14.04. The system harddisk is GPT partition.  I need a tool to label the disk partition. I used to use e2label before but it seems e2label does not work with GPT partition disks? thx
<gorelative> im using nginx to rev proxy in front of my blog (Ghost), it uses SSL, but i cant figure out why gzip isnt working for static assets. I've included my nginx config files here: https://gist.github.com/mikedevita/75b130119c2251154fe1
<Forex> hey folks
<Forex> who here used ovh us cloud ubuntu servers?
<delinquentme> so I've got a build script which ... oddly enough .. .is not running a single $ apt-get install salt-master   ... its seems like q very pecular thing to be failing
<rberg> I am a little confused about the Ubuntu 12.04 hardware enablement situation.. will the 3.2 kernel series still be patched? or do I need to consider going to 3.13?
<rberg> the wiki talks about Ubuntu versions 12.04.5 (3.13) wile I have 12.04.5 with 3.2 still
<zartoosh__> hi on ubuntu 14.04, in the file /etc/fstab could I use actual partitions rather than uuid, and if so do I need to modify my grub.cfg? thx
<chriys> hi guys, I just installed openssh-server but for some reason I get connection refused when to connect (ftp and ssh)
<chriys> hi guys, I just installed openssh-server but for some reason I get connection refused when to connect (ftp and ssh)
<guntbert> chriys: did you try locally?
<arrrghhh> chriys, ftp would be something different
<chriys> nope I installed it on a vps
<guntbert> chriys: well, "locally" from that vps :)
<chriys> Yeah I also tried that same issue
<guntbert> chriys: what does      ssh -vv localhost  result in?
<chriys> guntbert: I remove some line in the config file now ssh works but I can't make work the ftp
<guntbert> chriys: I am about to go to bed: what ftp server did you install?
<chriys> well openssh-server
<chriys> guntbert: what do you advised.
<guntbert> chriys: that is no ftp server, you need something like pureftp, or vsftpd,...
<guntbert> chriys: type    aptitude search ftp
<guntbert> to get a list of packages
<chriys> what's the best
<arrrghhh> chriys, both the ones mentioned are fine
<arrrghhh> ftp is inherently insecure and should not be used, if it can be avoided
<guntbert> !best | chriys
<guntbert> sorry, ubottu failed me :-(
<arrrghhh> lol
<chriys> Then what protocol can I use to transfer files to the vps
<chriys> arrrghhh
<arrrghhh> chriys, sftp/scp is my preference
<arrrghhh> and you already have openssh installed, so you can use that right now.  just depends on the client machines you're working with
<chriys> well I'll use filezilla. How can I set up the ftp of openssh-server
<arrrghhh> sigh.  as mentioned previously, ftp != openssh
<arrrghhh> as for filezilla, it has the ability to connect to sftp servers, just choose that from the protocol dropdown when adding the site
<arrrghhh> (sftp = ssh file transfer protocol)
<chriys> ok I see
<arrrghhh> or you can think of it as 'secure' ftp.  just like ssh is secure telnet.
<chriys> Got it
<chriys> guntbert: thx for help
<arrrghhh> since you already have openssh, you should be able to just use sftp :)
<sarnold> best not to -- there is also an ftps, which is ftp over ssl or tls. (I'd avoid that though, combining two horrible protocols doesn't make one good protocol..)
<sarnold> so best to just think of sftp as sftp and be content :)
<chriys> arrrghhh: how ?
<arrrghhh> chriys, I explained it above on how to use it in filezilla
<arrrghhh> what's the issue?
<arrrghhh> if you're just using a username/password it's really easy.  if you're using keys, it's a bit trickier but still do-able.
<chriys> arrrghhh: I can now connect throught sftp
<arrrghhh> cool.  much more secure than plain FTP, and it's already setup :)
<chriys> cool
<chriys> arrrghhh: I heard that it's not a good idea to create a symlink to /var/www
<chriys> is there an alternative
<arrrghhh> what are you creating symlinks for?  what are you trying to achieve?
<chriys> create a folder called html inside /home/user/ so that all the file related to the website will go there
<arrrghhh> you can bind mount
<arrrghhh> but I'm not sure either option is more/less secure than the other
<sarnold> or set the docroot to /home/user/www or whatever
<chriys> Since I disabled access for root no one will be able to access /var/www
<arrrghhh> /var/www is owned by www-data on my box
<arrrghhh> but resetting the docroot would probably be a better idea ^^
<chriys> ok let me do that
<chriys> arrrghhh: is it normal that I can create ftp and I can see what's inside home/user
<arrrghhh> you'll have to elaborate on "create ftp"
<arrrghhh> but you're connecting with the same rights as the user you ssh with
<arrrghhh> so you'll have the same permissions/rights that user has
<chriys> arrrghhh: directories*
<arrrghhh> see above ^^
<chriys> inside ssh I can create directories
<arrrghhh> you're connecting with the same perms as your user
<arrrghhh> so whatever rights that user has, you will have via sftp
<arrrghhh> chriys, if you want to limit rights, you can setup a 'chroot jail' and login as a different user
<arrrghhh> that setup is a bit more complex, just depends on what your needs are.
<idefine> hi, I'd like to have my upstart scripts log to one of the ephemeral drives on my boxes. How can I specify this?
<chriys> sorry arrrghhh I had to handle an emergency
#ubuntu-server 2014-08-08
<arrrghhh> chriys, that's fine.  did you still have a question?
<teward> i have an application that needs to run from /var/lib/ in its own folder and apache needs to be able to access it since it's a perl application
<teward> how do i get that to work without a "Permission Denied" 403 error?
<PryMar56> teward, somehow link it to /usr/lib/cgi-bin ?
<PryMar56> teward apache has a pre-existing cgi config, take a look at it first
<teward> PryMar56: i'm not an apache user, so meh
<teward> this app requires it though :/
 * teward pokes the configs
<PryMar56>   grep -ir cgi /etc/apache2/sites-enabled/*
<PryMar56> teward, I have enabled folders in /usr/share/* for cgi, but never /var/lib.. its no big deal
<PryMar56> I don't see a reason why it won't work, except for some apparmour thing
<teward> PryMar56: http://paste.ubuntu.com/7984963/ is the output.  (this is the foswiki program, it apparently is all perl... :/)
<teward> s/program/wiki software/
<PryMar56>  /var/lib/foswiki is already setup for cgi?
<PryMar56> maybe all you need is: apache2ctl graceful
<PryMar56> a restart
<PryMar56> perms on the perl app -> 755
<teward> bah i'll go look at this in the morning >.<
<R0ckET> hi
<R0ckET> I'm trying to run a command with cron as root, I get in the log but do not run anything, you have to configure something else?
<R0ckET> $ sudo crontab -e
<runfromnowhere> I'm having a really tough time with KVM guests on Ubuntu 14.04 - under load, processes in the guests aren't being scheduled for multiple seconds.  I even got a message saying an interrupt took 7s.  Has anyone else seen issues like this using Ubuntu 14.04 server as the base for a virtual environment?
<lordievader> Good morning.
<runfromnowhere> Morning :)
<lordievader> Hey runfromnowhere, how are you?
<runfromnowhere> Not so well, unfortunately
<grendal_prime> anyone any good with maas yet?
<grendal_prime> i want to set it up and have the virtual machines running on the same server.  for now..i will add a second node later on.
<grendal_prime> its just werid...ive tried several different howtos..but its...like im just not getting what is going on here
<grendal_prime> maas is installed the web gui is working as it should i got the boot images to download.
<grendal_prime> just seems like...something is missing..or..im just not understanding what the point of it is i guess
<sarnold> grendal_prime: maas on its own is kinda neat but that's about as far as it goes. maas with juju is where things get interesting.
<grendal_prime> ya...but so really what i want to set up ...is this..i host several vms for various people...for various reasons...
<grendal_prime> but right now i just kvm virtmanager ...and basically i just set it up so that they can rdp (via a vpn ) into those machines
<grendal_prime> its getting to be sort of an issue to manage them.  I would prefer to have them http-vnc into the machines but setting that up has been..well not fun.  I was hoping i could use  a mas server to set up user accounts that people  could log into...fire up their own vm and run it through a web-vnc interface.
<sarnold> grendal_prime: hrmm, from what I know of maas, I don't think the admin console is intended to be used by different 'adminstrative' users; if you're all pals, maybe it'd work okay, but I sure wouldn't build a business on that specific feature...
<sarnold> grendal_prime: you could probably provide your own cloud-init data source on the maas server and get some specific install steps done easily enough though -- installing packages, creating a standard user for them to start with, something like that
<grendal_prime> I guess i just dont understand what i would use it for then....i was under the impression it was for setting up just that sort of thing
<sarnold> grendal_prime: as I understand maas, it's really intended to be used in one "adminstrative domain" -- say, an IT group of a company -- and developers could use juju to deploy new services to the physical machines -- turn them on, install an OS, configure some local settings, install services, run the services -- and at some point grow services or shrink services or tear the whole thing back down again when the job is over
<sarnold> grendal_prime: sort of like ec2, but without virtualization overhead -- and without the extensive ec2 access control mechanisms. heh.
<grendal_prime> wow..i was way off base then.  I thought it was for manageing virtual infrastructure
<sarnold> grendal_prime: you may be thinking of openstack?
<grendal_prime> ya
<sarnold> openstack aims at providing all the ec2-style infrastructure .. but with more interchangable pieces, depending upon local needs. I think.
<grendal_prime> it was totally connected with openstack so i thought it was sort of the same thing
<grendal_prime> hmm...i need to build an openstack server then i guess.
<grendal_prime> and that looks a bit more complicated than i orginally wanted to go
<sarnold> grendal_prime: well, they -can- be connected. say, you've got some storage nodes and image nodes up all the time, but your compute nodes come and go as you need them, and you could use maas to turn them on and off...
<sarnold> grendal_prime: but that's getting pretty far out of my experience
<sarnold> my favorite line ever is about setting up a high-availability OpenStack cluster needing 28 machines...
<grendal_prime> ya this is starting to make a lot more sence now..basically maas is just that..it manages bring up resources and shutting them down.
<grendal_prime> but not the actual client to the end machine connection part.
<sarnold> it'd be nice to see some documentation of _small_ openstack clusters, too. I'm curious just how fe wmachines you could use an dstill get something useful out of it.
<sarnold> grendal_prime: sounds right
<grendal_prime> more like..."hey this guy needs a mysql database"  mass fires it up and makes it available.
<sarnold> right; and depending upon the hardware available, it could be "this needs to be a huge machine with 16 cores and 144 gigabytes of memory" or "this is a small service, one core and 512 megs is fine"
<grendal_prime> i have a nice little kvm setup here. I use to have 4 machines runing core duos in them 2 each. I had them all set up to do live migration it was sweet.
<sarnold> niiice
<sarnold> I've wanted to try live migration, but, uh, between the laptop and the pandaboard, it's just not going to happen. :)
<grendal_prime> ya but man they ate up a tone of power.  i replaced them all with a poweredge that uses 1/5th the power.
<grendal_prime> but..see i could have used maas for some stuff on that
<sarnold> oooo
<grendal_prime> hmm found a openstact virtual apliance for kvm
<grendal_prime> maybe ill give that a shot
<sarnold> grendal_prime: vmaas thing?
<grendal_prime> no its just openstack
<sarnold> ah okay
<sarnold> what'd you find? :) I'm curious ..
<grendal_prime> http://docs.openstack.org/image-guide/content/ch_obtaining_images.html
<grendal_prime> i can just upload that to my kvm server and run it as a vm
<sarnold> grendal_prime: ahhhh. I think those are just boring OS images. you've already got to have an openstack or ec2 or whatever already up and running to use those.
<sarnold> smoser: ha! I hadn't seen that "The password is cubswin:)" before. awesome. :)
<smoser> sarnold, next year is our year!
<sarnold> smoser :D
<sarnold> welcome back xnox :)
<sarnold> grendal_prime: bedtime; have fun!
<grendal_prime> you to
<sarnold> thanks
<xnox> sarnold: you'd think in 2014 xchat could synchronise settings across desktop and laptop =)
<F1skr> How do I check wheter a service is based on upstart or sysV?
<kklimonda> upstart services live in /etc/init/
<glcheetham> Hi guys, I have a postfix server that can send but not receive, emails sent to it get returned to sender with "Recipient not found", can anyone help?
<rbasak> jamespage: have you seen bug 1353923?
<uvirtbot> Launchpad bug 1353923 in docker.io "Installing Docker Breaks KVM" [Undecided,New] https://launchpad.net/bugs/1353923
<rbasak> (as I've seen Docker activity from you today...)
<thys_> so the security has been breached on my commercial webserver found a bunch of scriptkiddy stuff in a old joomla site which had to liberal permission. He uploaded the stuff two days ago and seemed to aim for elevating privileges. They files are deleted and the permissions are set lower @644. What else should I look for?
<jamespage> rbasak, I'd not seen that
<zartoosh__> HI I am using ubuntu 14.04, boot into uefi mode. I am using eifbootmgr to change the boot order. The efibootmgr takes boot number as argument , i.e. Boot000x. I like to know could I use boot label ID, e.g "ubuntu" ? thx
<coreycb> zul, jamespage : here's the bug for openstack icehouse 2014.1.2 -- bug 1354159
<uvirtbot> Launchpad bug 1354159 in openstack-trove "[SRU] icehouse 2014.1.2 point release" [Undecided,New] https://launchpad.net/bugs/1354159
<zul> coreycb:  awesome-o
<SP33D> can some one tell me how to set server hostnames realy right? i think i do something wrong sometimes it works but i now whant to fix that! when a server runs for example on go.com and responds on that host whats its hostname its go? for example if i have 3 servers go.com s1.go.com s2.go.com s3.go.com
<pmatulis> SP33D: the hostnames are go, s1, s2, and s3.  the fully qualified domain names (FQDN) are go.com, s1.go.com, s2.go.com, and s3.go.com .  does that help?
<rbasak> zul, coreycb, matsubara, jamespage, gnuoy, gaughen, kickinz1, bei
<rbasak> sner-afk, rharper, lutostag-away, smoser, hallyn: ready for another merge sprint
<rbasak> ?
<rbasak> beisner: ^^
<matsubara> hi rbasak
<rbasak> lutostag: ^^
<rbasak> Copy and paste fail :-/
<coreycb> jamespage, zul:  horizon is ready for review:  https://code.launchpad.net/~corey.bryant/horizon/2014.1.2/+merge/230113
<rbasak> I think smoser, jamespage and gaughen will probably not be able to make it.
 * patdk-wk merges the above
<rbasak> Everyone else: my team are going to do some virtual sprinting for the next couple of hours to get a bunch of server packages merged and sponsored.
<rbasak> Feel free to watch, or join in, etc. There are sponsors here to try and help and get packages and other server fixes landed.
<rbasak> http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html is a list of ~ubuntu-server subscribed packages that may need a merge
<rbasak> https://merges.ubuntu.com/ has the full list
<coreycb> rbasak, I'm working on icehouse so might skip today or pick one up to merge later - I did get exim4 done last week though
<rbasak> https://wiki.ubuntu.com/UbuntuDevelopment/Merging is a helpful guide
<patdk-wk> ah, :)
<patdk-wk> sounds like catching up to me :)
<rbasak> We're tracking work in progress at http://pad.ubuntu.com/server-team-merges
<rbasak> coreycb: no problem. Thank you for doing exim4!
<zul> ill be around in about half hour
<hallyn> yeah same here
<coreycb> zul, can you review this?  https://code.launchpad.net/~corey.bryant/trove/fix-for-1347567/+merge/230110
<rbasak> I'm fully available today. Normal service is restored :)
<zul> coreycb: its on my todo list
<coreycb> zul, thanks
<beisner> o/  hi, had to bounce the box
<darksider> hi all
<darksider> I have a riddle for you guys: when I boot ubuntu server, screen goes blank (system still works). If I disable ACPI support in BIOS, everything works fine. But if I use ACPI=off kernel option, screen still goes blank
<patdk-wk> !ebox
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<TJ-> darksider: broken BIOS, probably the DSDT
<darksider> TJ-: can I do anything about it?
<TJ-> darksider: There may be kernel ACPI module options that will affect it, but figuring out *which* might be complex. The best thing is to make a bug report on Launchpad and attach two "/var/log/dmesg", one from a good-screen boot (without ACPI) and one from a lost-screen boot (with ACPI)
<TJ-> darksider: once you've done that, let us know the bug number and we can see if there's anything obvious that can be done
<darksider> TJ-: I'll get right to it. One question tho, if I disable ACPI kernel functionality (ACPI=off), how can it be possible to still have this problem?
<TJ-> darksider: It could be something the BIOS is (is not) doing when it enables ACPI that upsets things later... such as not fully programming the VGA device or PCI bus registers
<TJ-> darksider: as always, check for BIOS updates too :)
<coreycb> jamespage, zul: trove is ready for review - https://code.launchpad.net/~corey.bryant/trove/2014.1.2/+merge/230119
<patdk-wk> tj, actually sounds like an old intel video chipset
<patdk-wk> maybe add the no??? what was it called option?
<darksider> TJ-: Tried that, the machine is an embedded PC (by Advantech) with an Atom CPU, Intel Graphics (right coreycb)
<patdk-wk> nomodeset kernel option
<darksider> there are no new updates for the bios, patdk-wk: tried nomodeset, same result
<patdk-wk> ah
<TJ-> darksider: It may be as simple as needing "acpi_backlight=vendor" on the kernel command line
<TJ-> darksider: Depends on what kind of PC it is - integrated display or separate
<darksider> TJ-: to be more specific, what i get is "no video input" on my screen
<darksider> TJ-: 00:02.0 VGA compatible controller: Intel Corporation System Controller Hub (SCH Poulsbo) Graphics Controller (rev 07)
<lutostag> rbasak: taking a look at vsftpd, looks like the Vcs-Git is wrong; should I try to track down the correct one, remove it, or leave it as is?
<lutostag> ah looks like it was orphaned with the latest debian release of that pkg
<darksider> TJ-: tried "acpi_backlight=vendor" option, same result
<TJ-> darksider: It was a vague hope :) ... the log files will hopefully provide some clues
<darksider> TJ-: excuse my ignorance (new at this), can I report the bug tru web?
<cfhowlett> !bug | darksider
<ubottu> darksider: If you find a bug in Ubuntu or any of its derivatives, please file a bug using the command Â« ubuntu-bug <package> Â» - See https://help.ubuntu.com/community/ReportingBugs for other ways to report bugs.
<coreycb> jamespage, zul:  ceilometer is ready for review - https://code.launchpad.net/~corey.bryant/ceilometer/2014.1.2/+merge/230120
<zul> coreycb: cool starting to look
<coreycb> zul, thanks
<darksider> cfhowlett: Thank, the bug-report app seems to have a GUI interface and I dont have X installed
<runfromnowhere> Hey - I'm having some major KVM resource contention issues on Ubuntu Server 14.04, Is there anyone around with experience working with this who could give me some pointers?
<patdk-wk> not really
<patdk-wk> we don't even know your problem
<patdk-wk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<runfromnowhere> I'm having a really tough time with KVM guests on Ubuntu 14.04 - When either the host or the guests are under load, processes in the guests aren't being scheduled for multiple seconds.  I've even seen an interrupt take 7s.  The host is large (24 cores, 128GB RAM) and very undercommitted so I don't believe it's actually running out of resources.  Are there any tools or methods I could use to start to determine what is ...
<runfromnowhere> ... causing this behavior?  Is this just "normal" for running KVM guests?
<patdk-wk> I would look straight at your disks, likely first
<patdk-wk> what is iostat showing?
<runfromnowhere> Unfortunately it's not currently a time of duress for the server, but during those times iostat was showing pretty heavy disk usage.  However I'm not 100% sure if it's related for a few reasons - the disk activity was on 6 drives that are not the OS drives, the VMs in question are mounted via network-backed storage (Ceph RBD), and the processes on the VM in question aren't I/O based, should be mostly memory resident and ...
<runfromnowhere> ... are complaining about not being scheduled as opposed to blocking on I/O.  I could be totally wrong, of course, but this is what's led me to think it might be something other than a disk issue :)
<hallyn> gnuoy: the pad still shows you blocked on https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1351331 , but it looks like it's now fix released
<uvirtbot> Launchpad bug 1351331 in moin "Please merge moin 1.9.7-2  (main) from Debian unstable (main)" [Undecided,Fix released]
<hallyn> barry has apparently sponsored it?
<hallyn> (in other words, pls update the pad if you are in fact done :)
<zul> hallyn:  i was going to package granite and python2-lxc if you dont have a problem with it
<hallyn> zul: stgraber might object to python2-lxc being packaged, but it sounds good to me
<zul> stgraber: ^^^
<stgraber> I'm not opposed to it and was sort of expecting this to come up since it's the only way we can get the openstack support working for now
<hallyn> cool
<zul> stgraber:  cool
<beisner> hi runfromnowhere - i've not seen such contention issues with kvm on trusty 14.04. it's difficult to advise with so many physical and logical variations possible.
<beisner> runfromnowhere, as mentioned i'd start with disk io and network performance testing -- phys to phys, virt to phys, and virt to virt.  iostat, atop, htop, bonnie, stress & iperf are probably what I'd use to test and watch in real time.
<runfromnowhere> beisner: Yeah part of what has me so agitated about this problem is how many variables there are - it's really tough to pin one down and test it!
<runfromnowhere> I was mostly wondering if the answer was "Yep that's just broken right now" or "You fool - everyone knows you set X or do Y before running VMs!"...heh you never know what you don't know :).  But I'll see if I can get more detailed information with those performance testing tools!
<patdk-wk> iostat -x, and likely 10 or 1 second intervals
<patdk-wk> 10 is better for general
<patdk-wk> but 1 second is needed sometimes to notice stalls like your describing
<patdk-wk> but produces so much info it's alittle annoying :)
<runfromnowhere> Hmm looks like a day of vigilance for me :)
<runfromnowhere> I've come up with a few ideas for causes too, so I guess it's time to experiment and monitor!
<runfromnowhere> Thanks for the advice :)
<arrrghhh> Nivex, seems we're getting some answers in -devel
<Nivex> arrrghhh: cool! What's the Reader's Digest version?
<arrrghhh> Nivex, I never saw a link to the offending bugs, but there was a few blockers
<arrrghhh> <infinity> rbasak: There were a few update-manager bugs that made the upgrade explode.  Those should be fixed.
<arrrghhh> sounds like Monday they'll flip it on, assuming nothing else is discovered between now & then :)
<Nivex> Probably the ones I found on that wiki page.
<arrrghhh> sounds likely
<arrrghhh> I'm already on 14.04... managed to muck up my old 12.04 installation with some bind mount madness.
<arrrghhh> I haven't broken a system that bad in years :/
<smoser> hallyn, around ?
<hallyn> smoser: yeah, though i'm about to go for a walk after i push some patches.  what's up
<smoser> i was thinking about a container without a network namespace
<smoser> but doc says that that causes issues if host+guest==upstart
<hallyn> yes
<smoser> so that pretty much makes that a non-possibility
<smoser> is that right?
<hallyn> yup
<coreycb> zul, jamespage: nova is ready for review -  https://code.launchpad.net/~corey.bryant/nova/2014.1.2/+merge/230128
<smoser> bah.
<smoser> that stinks.
<hallyn> smoser: there's no way to segregate the abstract unix domain sockets unfortunately
<hallyn> now with unprivileged you shoudl be fine
<smoser> well, yeah, but i'm guessing with unpriviled you can't access the network devices
<smoser> which kind of defeats me
<smoser> as thats why i wanted the no-network-namespacd
<hallyn> you might be able to use apparmor these days
<hallyn> sarnold: ^ can apparmor now filter out access to abstract unix domain paths?
<hallyn> oh, well,
<tyhicks> hallyn: very soon
<hallyn> haha, that won't work, your container wont 'start
<hallyn> nm
<tyhicks> hallyn: hopefully it'll be in the utopic kernel by the end of next week
<hallyn> tyhicks: that's nice
<hallyn> not useful for smoser, but a good thing
<sarnold> hallyn: soon...
 * tyhicks nods
<smoser> hallyn, so any other tricks?
<smoser> the basic thing pushing me here was wanting to put maas in a container, but not have to deal with bridging the real nic
<hallyn> smoser: what has to be in the container?  Can you simply use it as an application container, without upstart?
<hallyn> i.e. lxc-execute -n $container maas-server
<hallyn> then it should be fine without its own netns
<sarnold> heh, maas has webserver bits and pxeboot bits and dhcp bits and .. it's not just one simple daemon
<smoser> right.
<smoser> we might be able to get something up that way. but definitely would be work.
<sarnold> you might be able to get away without an init, but it might take a ton of work..
<smoser> probably more work then just using the bridge
<hallyn> sarnold: well it does *have* an init :)  just not upstart
<sarnold> :)
<hallyn> can upstart be started with a custom socket path?
<coreycb> zul, jamespage :  neutron is ready for review -- https://code.launchpad.net/~corey.bryant/neutron/2014.1.2/+merge/230116
<Nivex> arrrghhh: I think I'll pull the trigger on my main home server before then now that I know what's up and wait to upgrade my friend's machine until later.
<arrrghhh> Nivex, should be Monday, if you want to wait till then on your home rig.
<Nivex> I've been antsy for two weeks now.
<arrrghhh> lol
<arrrghhh> I'm still not sure how I blew up mine.  A bit baffled to be honest, but reinstall was the easiest workaround
<coreycb> zul, jamespage :  cinder is ready for review -- https://code.launchpad.net/~corey.bryant/cinder/2014.1.2/+merge/230123
<SCHAAP137> anyone have an idea when openssl-1.0.1i will be in the apt-get repositories for 14.04 ?
<ahmadgbg> hi, im having a very weird problem. Im currently installing Ubuntu Server 14.04. While partitioning and choosing "physical volume for RAID" im not able to change the bootflag to "on". i cant even choose "primary" or "logical" partition. help?
<pmatulis> SCHAAP137: does it corrent something noteworthy?
<pmatulis> *correct
<Takyoji> Curious question: what would be the "ideal" networked setup for a small private school? LDAP/NFSv4 (as it is now), or Kerberos/SAMBA?
<Takyoji> It's currently just Ubuntu desktops and server that are part of the network. And also some Macs now, which aren't part of the networked setup
<Takyoji> if there's any value to using Kerberos and/or SAMBA instead of LDAP directly and NFS, or if it's just more stress
<KLVTZ> A question of best practice: I currently have a web applications projects with multiple sub-domains --about three. Earlier in this project, an unnamed bastard decided to keep our sub domain apps in seperate locations in our linux environment. Now after planning on unifying the application into one master folder, it left me with a bit of wonder..
<KLVTZ> is the most coherent way in organizing a web application with multiple sub-domains lie only within folder organization
<KLVTZ> or is there another method of handling sub-domains. Perhaps using application files that are the same among domains but only differ in some logic
<KLVTZ> I should be clear that I want to know if there is a means of using files within an application that share commonality but only differ within their specific settings
<KLVTZ> there's so much repetition in copying multiple sub-domains in folders that essentially share about 80% the same files
<coreycb> jamespage, zul:  glance is ready for review -- https://code.launchpad.net/~corey.bryant/glance/2014.1.2/+merge/230184
<arrrghhh> How do I adjust a script to run later in the machine's startup?  I used update-rc.d defaults to add it to the startup... it added these K20blah S20blah scripts - do I just change that number to 99?
<sarnold> yes
<arrrghhh> sarnold, is one the startup and one the shutdown script?
<sarnold> arrrghhh: yes, S for starting, K for killing
<arrrghhh> cool thx
<ahmadgbg> Hi, im trying to connect two ubuntu pc crossover. They cant ping eachother
<Patrickdk> ahmadgbg, why would you do that?
<Patrickdk> just use a normal network cable, and gigabit
<ahmadgbg> Patrickdk, got it to work now :D did what you said
<Patrickdk> crossover is only needed for 100mbit or slower
<urda> Question: Why does `do-release-upgrade` still show "no new release found" on 12.04.5 servers? Shouldn't the point release be available for upgrade at this time?
<sarnold> urda: I believe it'll be repointed on monday
<urda> sarnold: Is there a feed or list I could be watching so I can learn to determine this myself without bugging you lovely folks :p
<sarnold> urda: I saw the discussion on #ubuntu-devel a few hours ago, hehe
<urda> sarnold: oh my lol
<sarnold> yeah :) hehe
<urda> sarnold: so go poke them :p ?
<urda> sarnold: lol
<sarnold> urda: well, no one wants to make a change that large on a friday
<urda> sarnold: oh god no! I'm just trying to make sure I'm not missing something... as I couldn't find any news / documentation on it :\
<sarnold> urda: there were some annoying-enough bugs in the precise versions of the tools that needed to be addressed first, but it should be good to go for wider upgrades next week :)
<urda> sarnold: I think a really nasty GRUB bug was one of them
<sarnold> urda: eww.
<urda> sarnold: but don't quote me on it :x
<ahmadgbg> I have a backup server with ubuntu. I dont want to run it throught the router but directly to the server. What is the best way to backup the server? BackupPC?
#ubuntu-server 2014-08-09
<Bozza> i need a linux server OS, talk to me
<pmatulis> Bozza: ?
<bitfury> hello, any known problems with gre tunnels in ubuntu server 14.04?
<bitfury> I've set up a gre tunnel between an ubuntu server and router, the tunnel comes up but can't ping either end point :\
<sarnold> bitfury: I don't recall any complaints recently
<bitfury> when I ping the remote end point from the ubuntu box, they show up as errors on the tun1 interface
<sarnold> can you pastebin 'ip link' or 'ip addr' output on both endpoints? perhaps there's something one of could spot
<bitfury> sure thing, I have a cradlepoint router on one end so I'll try to enable logging.
<Bozza> selinux is developed by the nsa. while app armour is made by canonical. which is more secure?
<sarnold> Bozza: you should pick the tool that is better suited for your needs.
<sarnold> Bozza: if you need a labeled security mechanism then selinux is a better fit. if you want to confine some services or some users or specific programs, you might prefer apparmor.
<sarnold> Bozza: selinux has had confinement of more resources for longer; apparmor is just now growing confinement for e.g. abstract and unnamed unix sockets. if you need a more comprehensive containment mechanism, selinux may be a better fit.
<Bozza> is it not kind of sketchy that selinux is developed by the nsa?
<sarnold> Bozza: I may be biased towards apparmor because I've been working on it for fourteen years :) but I think more users would see more benefit to using apparmor despite the reduced mediation interfaces. I believe apparmor policy is easier to author and easier to understand.
<Patrickdk> it is
<Patrickdk> selinux is based on the acl design
<Patrickdk> and while that is nice
<Patrickdk> it's not easy to maintain
<sarnold> Bozza: no. the guys from the NSA who worked on SELinux are charming individuals who honestly believe in information security. they wrote it in part so that the US government would have tools to use for classified information storage and to make other vendors put in some effort to take security seriously.
<sarnold> Bozza: and of course since the full source of both systems is peer-reviewed before being integrated into the linux kernel, there's enough oversight that backdoors would be immensely difficult to build into either system.
<Bozza> yea, this sounds like the most reasonable explanation
<Bozza> this is if you have enough knowledge to read complex kernel code
<Bozza> surely there are enough people who do review it though
<sarnold> thankfully the kernel portions of both are overall easier to read than e.g. networking or block storage layers :)
<Bozza> you actually know the guys at the nsa who wrote it? what are you, gchq? :3 . do you guys get together for tea and discuss security? :)
<Bozza> selinux by nsa. app armour by gchq .. large range of solutions to choose from
<sarnold> Bozza: hehe, I don't work for gchq; we worked with them to help define the linux security module interface a dozen years back, so we'd get together at Ottawa Linux Symposium to discuss features, designs, etc.
<Bozza> just joking :)
<sarnold> Bozza: rofl
<Bozza> :D
<Patrickdk> sarnold is mi5 :)
<sarnold> Patrickdk: you know people confuse me for daniel craig all the time..
<Bozza> hehe
<sarnold> Bozza: poke around in your /etc/apparmor.d/ directory and see if you find the policy understandable or not; then poke around in the selinux policy on a fedora system... pick whichever one is easier for you to understand and whichever feels like it'd be easier to write your own policy
<Bozza> thanks for your help sarnold
<Bozza> yes i will take a look
<sarnold> Bozza: have fun :)
<Bozza> hehe
<Bozza> XD
<Bozza> i just stumbled upon some articles about people wondering if selinux was an nsa backdoor
<Bozza> so thought i would ask someone more experienced
<sarnold> well, I'm just some jerk on the internet :) but selinux was designed by committed people who have a sincere interest in improving security.
<sarnold> apparmor and selinux may 'compete' in many areas but in that area we are in firm agreement :)
<Bozza> what does freebsd use?
<Bozza> just out of interest
<Bozza> apparmor?
<Patrickdk> none of them
<sarnold> the trustedbsd framework is apparently slightly similar to the lsm framework; they have an selinux-workalike, but I do not know if it is used much or not. they don't have apparmor, though it could probably be ported with a month's effort or two...
<sarnold> as far as I know the only real consumer of the freebsd security framework is apple's "seatbelt" mechanism, which tags downloaded files with the site they were downloaded from, so when they are run, a dialog box can be popped up saying "this was downloaded over the internet"
<sarnold> .. and apple's ios confinement thing, which looks a lot like apparmor did fourteen years ago...
<Bozza> yea that dial box can be annoying
<Bozza> wow you really do know your security code..
<Bozza> iOS confinement . one would have thought it would be a bit more modern
<bitfury> sarnold: sorry I took so long, my computer was acting up.. here's a pastebin: http://pastebin.com/g3yZekfL
<bitfury> ubuntu server and router as GRE end points
<sarnold> bitfury: dang, I can't spot anything. I don't know gre well enough :(
<bitfury> :(
<bitfury> not sure where or what to look for on the ubuntu box
<bitfury> tried tcpdump but doesn't work on tun ifaces
<hallyn> sarnold: isn't it freebsd that has capsicum implemented?
<sarnold> hallyn: yeah, but I haven't read enough about capsicum :(
<hallyn> sarnold: there'll be a talk at lss in 1.5 wks :)
<sarnold> hallyn: hehe :) I'm not headed there though..
<Bozza> selinux looks like a PITA to set up properly. might have to go with ubuntu-server when i deploy
<Bozza> ubuntu has much better support anyway
<lordievader> Good morning.
<abhishek___> hello everyone can anyone help ! I want to setup ldap authentication server for 5 lac users.please help me on storage calcultions
<bekks> abhishek___: You wont need much, you have 5 users only.
<abhishek___> actually I was planning to have 500000 users
<abhishek___> bekks ar u there ??
<bekks> 500k users? :)
<bekks> Which kind of FC storage are you using, which kind of database, how many cluster servers, etc.?
<abhishek___> we are using mdb and two culster will be there
<bekks> Whats "mdb"?
<abhishek___> bdb is default in openldap we are using mdb for greater performance
<bekks> And what about my other questions? And how do you connect the network - 10GbE, fibre or copper, which backbone switches?
<cfhowlett> bekks, 1 question at a time!?  Please  :)
<abhishek___> 10GbE
<abhishek___> fiber
<bekks> abhishek___: What about my other questions? :)
<noob2014> Good morning from Indiana - I have a noob question - hoping sombody willing to help?
<lordievader> !ask | noob2014
<ubottu> noob2014: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<noob2014> ok ty
<noob2014> I installed Ubuntu LTS on a virtual machine, and then installed XFCE4, but when I try to start I get an error. "No command 'xinit:' found, did you mean:  Command 'xinit' from package 'xinit' (main)" was unsure if I needed to install some kind of virtual video driver but i done a search and said to ~$ sudo lspci | grep -e VGA -e 3D 00:02.0 VGA compatible controller: Cirrus Logic GD 5446
<noob2014> so i'm searching and all i keep getting is but reports
<noob2014> on google
<cfhowlett> noob2014, when you try to start ... what?
<noob2014> startxfce4
<lordievader> noob2014: How did you install xfce?
<cfhowlett> noob2014, logout.  choose xfce session.  login
<noob2014> sudo apt-get install xfce4
<noob2014> I am using putty to login remote
<cfhowlett> noob2014, you've got a running unity DE.  logout.  choose the alternate DE.  login
<noob2014> i'm not sure how to do that because it's on a virtual machine i'm on windows and login through putty. and i'm noob
<cfhowlett> noob2014, use the ubuntu machine.  Log out.  click the ubuntu gear icon.  choose xfce session.  login
<noob2014> no physical access i am trying amazon EC2 - it's free
<noob2014> only option is putty
<lordievader> noob2014: If putty is the only option then why are you trying to install a gui?
<noob2014> well i thought it works with gui too
 * cfhowlett ...
<cfhowlett> noob2014, "real servers don't have gui's" or so I've read
<lordievader> noob2014: No, you can do nasty things like X forwarding. But nasty things are nasty.
<Patrickdk> if putty is the only option, your just dense
<Patrickdk> I have used rdp, vnc, nx, and X forwarding, all from ec2
<Patrickdk> not cause I needed a server with gui, but because I needed a desktop at amazon
<wligtenberg> previously, I installed ubuntu server on 12.04 using the procedure listed here: http://askubuntu.com/questions/87241/how-to-install-using-btrfs-in-raid10-mode
<wligtenberg> I am now trying to follow the same steps, but installation fails at trying to install the grub boot loader. I have tried it even with 5M of free disk space at the front of the disk, but it still fails. Is this grub2, which behaves differently from grub?
<Patrickdk> defently
<Patrickdk> but did you actually install grub2?
<Patrickdk> or is the mbr still installed with grub?
<Patrickdk> plus, 12.04 has grub2
<wligtenberg> 11.10 did that also have grub2?
<Patrickdk> I don't know
<wligtenberg> ok
<wligtenberg> Patrickdk: installation failed, so nothing was installed really...
<Patrickdk> heh?
<Patrickdk> you ran grub-install /dev/sd???
<Patrickdk> and it failed?
<Patrickdk> did you format your disks using gpt?
<wligtenberg> the step in the installation which tries to install the bootloader failed
<wligtenberg> I tried with partition table MSDOS and GPT, both fail
<wligtenberg> Maybe I should try what some other guy did, install using ext4 on one disk. Then convert that to btrfs using a live cd and then later add disks and convert to raid1... (using dconvert)
<TJ-> wligtenberg: when the grub install fails, open a terminal shell and look at the installer logs, they output all the commands run and capture errors reports so you can discover exactly why it failed
<wligtenberg> Thanks TJ- I will try again and report back with the listed errors
<FrankBlues> Is there a way to force all users to use the same windowmanager (Ubuntu LTS 14.04.1 with LTSP clients)
<wligtenberg> @FrankBlues, just don't install any other window managers...
<wligtenberg> (and prevent user from installing others)
 * Patrickdk uses xterm for his wm :)
<wligtenberg> @TJ- It mentions unable to connect to upstart
<wligtenberg> and something like Wrong number of args: mapdevfs <path>
<wligtenberg> seems I have issues similar to: https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/912431
<uvirtbot> Launchpad bug 912431 in debian-installer-utils "Preseeded 12.04 grub-install failed: Wrong number of args: mapdevfs <path>" [High,Fix released]
<VectorX> hi, i need to create a secure wb server running nginx and the well LNMP stack so to speak, which would include ssh, ftp, stuff like selinux or apparmour, mail etc, where would i find a good guide with detail explanation ?
<wligtenberg> I ended up filing a new bug report as requested: https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/1354730
<uvirtbot> Launchpad bug 1354730 in grub-installer "14.04 grub-install failed: Wrong number of args: mapdevfs <path>" [Undecided,New]
<darksider> hi all
<darksider> can someone please point me to a program that allows network traffic logging?
<wligtenberg> wireshark
<wligtenberg> @darksider: wireshark
<darksider> thanks guys, taking a look now
<darksider> wligtenberg: is this a GUI app?
<wligtenberg> @darksider: yes it is
<darksider> no good then, its for a server :)
<wligtenberg> @darksider: http://www.wireshark.org/docs/wsug_html_chunked/ChCustCommandLine.html
<wligtenberg> :)
<wligtenberg> @darksider: Seriously, I just googled that...
<darksider> wligtenberg: me too and saw that link, but having command line options doesnt take away the GUI part
<darksider> wligtenberg: for your future reference http://www.wireshark.org/docs/wsug_html_chunked/AppToolstshark.html
<wligtenberg> I was just going to mention that :)
<wligtenberg> (googled some more)
<wligtenberg> so tshark should be your friend
<darksider> let's see - while my server is idle, i get lag spikes
<Forex> hi folks
<Forex> who here used those folks http://www.server4you.net/vps/
<Patrickdk> !best
<Patrickdk> most likely, no one
<Forex> lol
<Forex> prices seems good
<darksider> hi guys
#ubuntu-server 2014-08-10
<darksider> question, I have a NAS that gets mounted at boot time, however sometimes its not ready at boot. Is there a way to automount it when the system tries to access it?
<Patrickdk> !autofs
<ubottu> Automount is the modern way to mount directories over a network. It is much easier to manage and  more economic in bandwidth than static mounts via fstab. For more info - https://help.ubuntu.com/community/Autofs
<darksider> thanks
<darksider> Patrickdk: do you have experience with autofs? I set it up but it fails when i start the service
<darksider> or anyone else for that matter
<darksider> :)
<Patrickdk> I haven't used it for like 4 years
<Patrickdk> but it just worked, never had issues with it
<darksider> maybe im doing something wrong
<darksider> i have a network share at 192.168.0.10/DSTCND that i want to mount in /mnt/DSTCND
<Patrickdk> last I looked, autofs doesn't do that
<darksider> in auto.master i added: /mnt   /etc/auto.DSTCND
<Patrickdk> but you just set a symlink
<darksider> and in auto.DSTCND: DSTCND -fstype=cifs,rw,username=user,password=pass ://192.168.0.11/DSTCND
<Patrickdk> oh, cifs, no idea :)
<darksider> i just wonder if the sintax is right
<mikedep333> Hi, where can I submit a bug against the Ubuntu cloud images?
<mikedep333> specifically, the vagrant ones still have the raring HWE stack
<mikedep333> https://cloud-images.ubuntu.com/vagrant/precise/current/
<dino822_> quick question -- what is the best way to find out when a specific package was updated via apt/dpkg?
<quantibility> help
<quantibility> geting fustrated
<quantibility> im not doing anything hard i just wanna be able to link just one folder and ALL of its contents to be accessed from the net
<quantibility> thats it
<quantibility> i just can't any futher
<quantibility> please
<quantibility> anyone
<quantibility> anyone?
<quantibility> help
<pmatulis> quantibility: webserver?  ftp server?  sshd server?  all these things can do it for you
<quantibility> ftp server
<quantibility> thats it
<chriys> hey guys
<chriys> I'm trying to open some port on my iptables but for some reasons it does really work
<chriys> this the command I used: sudo iptables -A INPUT -p tcp --dport 1936 -j ACCEPT
<dino822_> do you get an error, or does 'sudo iptables -L' show it
<chriys> dino822_: iptables shows it I can telnet to it
<chriys> but I installed Red5 and it doesn't bind to the port I opened
<lordievader> Good morning.
<darksider> hi guys, i'm facing a very strange issue. I'm mounting a network share using cifs in fstab and it works, but when I try to do the same thing using the mount command (with the same options) I get access denied
<TJ-> wligtenberg: I've updated bug 1354730 with how-to instructions
<uvirtbot> Launchpad bug 1354730 in grub-installer "14.04 grub-install failed: Wrong number of args: mapdevfs <path>" [High,Triaged] https://launchpad.net/bugs/1354730
<wligtenberg> @TJ- Do you want me to confirm if the patch works? I would have to reinstall the system again. I eventually went ahead with just one btrfs disk and then added the other and converted to raid1. But software installation is scripted with fabric. (and not done yet)
<wligtenberg> @TJ- I'll just try the patch :)
<TJ-> wligtenberg: I confirmed it myself in developing the fix
<wligtenberg> TJ- ok, in that case, I will just proceed with my install
<zagaza> hi guys.. what's the correct way to go about permissions? should I set permissions on a folder, or on all the files? if i want them to be readable by web users
<SP33D> zagaza the most importent is that the files arent write able
<zagaza> or better yet, I set permissions 755 on my web folder but still I in my browser I get You don't have permission to access /index.html on this server
<SP33D> who can read em is not importent only when they are run able scripts
<SP33D> configuration.php is a run able script that contains configuration data from your mysql host often for example
<SP33D> this file should not be read able public if something with the php cluster happens its enought when the php cluster can read it
<TJ-> zagaza: the directory/files need to be owned/accessible to the user ID of the web-server process, usually using "www-data"
<SP33D> but when you use mod php or suexec or anything else it depends on who shall read and execute the files permissions are always set right if you self can't read importent files via calling em over www
<chriys> hey guys does someone has a good link to lock user in their home directories for sftp (openssh-server) on ubuntu 12.04
<chriys> ?
<SP33D> general folde rpermissions are 755 and file permissions are good with 0600
<zagaza> guys thanks but that sounds incredibly advanced
<zagaza> SP33D yes, thats what I have
<zagaza> but 600 makes my files unreadable
<TJ-> zagaza: advanced? No, it is the default installation configuration of any web-server
<SP33D> then you got the files under the wrong owner for your setup
<SP33D> TJ help me a bit i whant to create ssh tunnels on a per use base or per host base
<zagaza> SP33D no really I have them under the owner they are intended to be
<zagaza> it worked when I changed permission to 666 for index.html though
<SP33D> zagaza join #apache for that
<SP33D> they will help you
<SP33D> TJ  ssh -L 10175:localhost:80
<SP33D> creates a tunnel from port 10* to 80 i am wondering if there is a method to do that on per host or per user
<zagaza> SP33D apache for what? I already got directed here from #ubuntu
<zagaza> it works when I changed file permission to 666, but is that safe though?
<TJ-> zagaza: As we already said, files served by a web-server should be owned by www-data user/group, or maybe use the mod_user module to server them out of /home/$USER/public_html/
<TJ-> SP33D: I have no idea, I rarely use tunnels
<SP33D> TJ ok then i need to do it with my old shell concept :D
<SP33D> i create a user for ssh login and then restrict it to only do the one command ssh into real machine
<TJ-> SP33D: Last time I did anything like that I used the ssh_config ProxyCommand
<TJ-> SP33D: The user account on the SSH server in its authorized_keys, for the client, the line beginning with: "command="sleep 172800" ..." in order to prevent any other command being run effectively, since it delays for so long
<SP33D> i simply attach them to rbash
<SP33D> a restricted bash shell becaus i don't like this sleep method but thx for the nice proxy tip don't found it else where
<SP33D> and looks realy nice
<SP33D> but i don't need t o authorize on the targets becaus they are not reachable only from the host ssh
<SP33D> and if some one breaks the security on the host ssh then all os over becaus it run's the virtual machines where the client should ssh too so no extra security layer needed
<TJ-> rbash is just as good, its a means to an end
<SP33D> sure i know but it will stop him fro executing files if i set path to "" and he got no bin's in his dir and make his home dir notwrite able to him
<SP33D> then its over
<SP33D> without path and write access to his dir and rbash all is over for him
<SP33D> he can login butnot more
<chriys> when I try to change my system hostname I keep getting this error sudo: unable to resolve host myhostname
<lordievader> chriys: Have you changed the hostname in /etc/hosts too?
<chriys> that's I'm doing :p
<blaaa> I want to route strongswan ikev2 client connections to the internet, do I need to modify the updown script to add a 'iptables -t nat -A POSTROUTING -s 10.16.0.0/24 -o eth0 -j MASQUERADE
<chriys> lordievader: I fixed that issue but here is another issue
<chriys> my phpmyadmin can't connect to mysql
<chriys> when I hit connect to log in it stops loading at halfway. And another app that is using mysql shows this error
<draxxy_> Hello, could somebody help me?
<draxxy_> When I first log on to Ubuntu, I have internet for a few seconds, but then after that time I have no connection at all.
<gospod> hello anyone here?
<gospod> i need urgent help, im kinda crying inside :(
<lordievader> !ask| gospod
<ubottu> gospod: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<gospod> I have this server: USB KEY: EFI+/boot, ISCSI: /root ------- with nothing changed in /etc/network/interfaces it works flawlessly for months, now I want to go KVM route and add br0 in /etc/network/interfaces. As soon as I add those lines to add br0, it doesnt boot (waiting for network configuration, booting without networking.... and it stops.) I tried multiple changes in /etc/network/interfaces but I'm no expert in any way to sa
<gospod> I need br0 for qemu quests :-(
<gospod> It is 100% something wrong in /etc/network/interfaces because as soon as I change it back to only "auto eth0; iface eth0 inet dhcp" it boots again.
<Patrickdk> that sounds like it will not be fun
<Patrickdk> your doing iscsi root?
<gospod> yeah
<Patrickdk> I'm not sure you can move that interface to br0
<Patrickdk> without messing it up
<gospod> no? seriously?
<Patrickdk> dunno, but you would have to move it
<Patrickdk> and I can see that having serious issues
<Patrickdk> but I have never bothered to test it
<Patrickdk> as I don't run servers with iscsi root, only workstations
<gospod> could something be done when installing ubuntu?
<Patrickdk> easy solution, use a second nic :)
<gospod> it is not an option
<Patrickdk> it has nothing to do with installing ubuntu
<gospod> really
<Patrickdk> use a iscsi nic
<Patrickdk> or a second nic
<Patrickdk> would be easy solutions
<gospod> I realyl cannot
<gospod> it must be done like this
<gospod> few other servers waiting to do the same
<gospod> i have few servers and all booting iscsi root. now I want to redo everything and go with virtualization
<gospod> am I the only one on the planet doing this? :S cant find absolutely nothing on google...
<Patrickdk> most poeple doing vm's use 4 to 10 nics
<Patrickdk> so it's not a problem :)
<Patrickdk> using 1 nic, is insane
<gospod> I understand that, but I have nothing network-heavy
<gospod> 1 NIC is really more then enough
<gospod> it's not even possible to put more NICs, no PCIE slots left
<bekks> Using the same nic for network and iscsi traffic is the worst of all solutions.
<gospod> dont think to go more NICs route, I really know thats a solution, but really it is not in my situation
<gospod> it must be a software solution
<gospod> on how to add a br0 with iscsi root
<gospod> could someone atleast point me where to search for clues? a link atleast?
<gospod> one of possible solutions would also be how to start qemu with
<Patrickdk> I just did :)
<gospod> physical connection to outside network
<Patrickdk> it's a problem, that your using the nic, then attempt to *redo it*
<Patrickdk> so to fix it, your going have lots of fun :)
<gospod> the network command part
<Patrickdk> no
<bekks> gospod: you dont need a bridge at all.
<Patrickdk> you need to learn about initramfs :)
<gospod> hehe I need to learn ALOT of stuff :P
<gospod> bekks: do you know the command line to do that in qemu without br0?
<bekks> To do what in qemu?
<gospod> so that the qemu VM has the outside IP (192.168.1.x) and not the regular 10.x.x.x
<bekks> I'd just use virtualbox instead of qemu.
<gospod> i need qemu because of vfio-passthrough
<Patrickdk> virtualbox does all kinds of bastard things with the networking
<Patrickdk> it's never worked correctly for me
<gospod> please stay with qemu and bridging :-(
<Patrickdk> it works *ok* if you only use it for *normal* ipv4 only tcp stuff
<bekks> Patrickdk: It works perfectly for me since years.
<bekks> Using the official vbox packages, not the ubuntu stuff.
<gospod> bekks: why have you said that I dont need a bridge at all and got me happy that we got a solution? :(
<Patrickdk> bekks, it has serious issues with ipv6 and when using wireless cards and multicast
<Patrickdk> instead of passing stuff through to the nic, it *converts* everything
<Patrickdk> so it only works with what it knows
<Patrickdk> you don't *need* a bridge, but a bridge is much simpler
<Patrickdk> you could just *route* everything
<gospod> route?
<Patrickdk> you don't know anything about l3?
<Patrickdk> back to networking class!
<gospod> give me a break please, im doing my best... I refuse to go to a networking class when all I need is 192.168.1.x in qemu without br0 :S
<Patrickdk> heh?
<Patrickdk> you are dealing with PURE networking issues
<Patrickdk> and you refuse to learn about it?
<gospod> I understand its not possible *yet* what I'm doing
<gospod> but in the near future Im possitive someones gonna develop what I would like to do :S
<gospod> youre throwing bad light on a lower educated person like me at the moment and Im the one needing help
<gospod> :\
<Patrickdk> lower educated person?
<Patrickdk> you just said I refuse to go to a networking class
<Patrickdk> therefor I refuse to help you, I won't help someone that refuses to learn
<Patrickdk> and you don't get much more *uneducated* than me :)
<Patrickdk> as I personally haven't finished highschool yet :)
<gospod> look, no offense to you, I clearly don't understand alot you're saying here and I'm pulling the information from you and others and deeply analyzing with my all brain cells and everything I need is a link to few lines I need to add to my 100+ lines .txt to do something I need and everything youre doing is running in circles around me so I dont get any help from you and others.
<Patrickdk> yes, there isn't really much I'm willing to do to explain it
<Patrickdk> the amount of knowledge you need to know, to solve this problem
<Patrickdk> is going take you weeks to gain
<gospod> to read whole qemu documentation is insane in the situation I am at the moment
<Patrickdk> and I personally, don't care to spend a few hours writing a blog about how to do it, as I don't need to do it
<gospod> even though there are maybe 10 lines at the most you refuse?
<Patrickdk> 10 lines at most?
<Patrickdk> you really think so?
<gospod> I think that to bridge a qemu VM to physical networking should not take something like develop new ubuntu version, yes?
<Patrickdk> is that what your asking?
<Patrickdk> that is so NOT what you wanted
<Patrickdk> you wanted to bridge a qemu to a physical interface WITHOUT screwing up iscsi
<gospod> :\
<TJ-> gospod: You would have to create custom hook scripts that install into the initrd.img, and include the bridge-utils there, so you can have the script create the bridge in pre-mount, and assign an IP address to it. That has to kick off before the ISCSI scripts. Secondly, you *cannot* re-assign the primary IP of the bare-metal host to a VM when the bare-metal host uses that IP address to maintain a connection to the root file-system on the ISCSI target
<gospod> iscsi root + br0 (need it because of qemu) = does not work because you said it isnt designed to go hand in hand. all I need br0 is because of qemu, if br0 is not needed to bridge a qemu guest, then a possible solution would be to bridge somehow differently
<Patrickdk> solution is to not BRIDGE at all
<Patrickdk> but if you don't even know how to route
<Patrickdk> that is the first thing you learn about in networking
<Patrickdk> this discussion is way too far along
<gospod> just point me in the right command in qemu and i will assure i will study and make it till tommorow if thats the only way without developing scripts and doing something brutally out of my brain cells at the moment to do a simple thing
<TJ-> gospod: You only need bridging when all the VMs are required to be in the same bordcast domain.
<TJ-> s/bordcast/broadcast/
<gospod> TJ-: if you mean the outside network then yes
<gospod> :s
<TJ-> gospod: No, I mean a Broadcast Domain
<gospod> 192.168.1.x?
<TJ-> gospod: As Patrickdk has said, the best solution is to use layer 3 IP routing via netfilter rules set through iptables
<gospod> TJ-: could you please post a few links to read?
<TJ-> gospod: I don't have any to hand; I do this kind of thing directly from what is in my head.
<gospod> so for a newbie like me, I got no help here... :\
<TJ-> gospod: Support channels are for technical problems, not basic education (although that comes about indirectly at times). Everyone here is an unpaid volunteer who chooses to contribute to the open source community
<Patrickdk> we have told you all you needed to know, and more
<Patrickdk> the fact you want us to hold your hand, and drag you along, is repusive though
<gospod> TJ- I understand all that technical problems + open source community, but is it easier to send a newbie (in your eyes) like me to desert then quickly help him and have peace of the day infront ?
<chriys> is there something wrong with my hosts file http://pastebin.com/5FdxErmu
<gospod> Patrickdk: i still do not understand where all these negatives are coming from
<Patrickdk> I told you where
<Patrickdk> it's personally offensive when someone says, I refuse to learn
<TJ-> gospod: You've been recommended to investigate routing instead of bridging... from that and other comments you should be able to use Internet searches to bring you to authoritative articles that meet your requirements.
<lordievader> chriys: It looks a bit strange that vietransformee points to localhost and vietransformee.org to some ip address. However I suppose it is fine. What is the problem?
<chriys> my website goes down as soon as I try to access phpmyadmin
<Patrickdk> define, goes down?
<Patrickdk> and did you check your website logs?
<chriys> phpmyadmin just loads halfway and can't connect and it doesn't show any error
<Patrickdk> most likely it's a php issue
<lordievader> chriys: Use the commandline mysql client ;)
<chriys> lordievader: mysql command line works fine
<lordievader> chriys: So the issue lies with phpmyadmin or the server that supplies the page.
<gospod> how much GB does ubuntu+kvm need to work flawlessly? 4GB enough?
<Patrickdk> 128megs :)
<kklimonda> oh? you can install ubuntu in vm with just 128mb of memory?
<chriys> lordievader: agree but I can't manage to identify the issue
<gospod> i ment drive space and not RAM
<lordievader> chriys: Look at the web server logs, mainly the error logs.
<lordievader> gospod: 4Gb is a bit conservative, I usually use 8Gb as a start for my VMs.
<chriys> lordievader: do you have an idea where phpmyadmin keeps it logs. In apache I haven't found anything related to phpmyadmin
<lordievader> chriys: Errors should still go to /var/log/apache2/error.log
<chriys> yeah there's nothing showing up for phpmyadmin
<lordievader> chriys: Run tcpdump on the server? Analysing that will definetly give you an answer ;)
<Patrickdk> not likely an answer, but a pointer to one
<lordievader> Meh, a clue at least.
<Patrickdk> cd down
<Patrickdk> opps :)
<sudormrf> hey guys.  I am having an issue with nagios not sending emails as it should be.  I can send test notifications and they deliver fine, however nagios is not sending notifications automatically.  is anyone around that can help me figure out what is going on?
<chriys> lordievader: it's getting worst now I get this NameVirtualHost *:80 has no VirtualHosts
<chriys> when I restart apache
<lordievader> chriys: Have you made any recent changes to the Apache config?
<chriys> yeah I'm trying to get them back
<chriys> my main site is down for some reason
<thomaschaaf> hello how do i increase the number of tcp connections that can be opened? net.ipv4.ip_conntrack_max seems to be deprecated
<lordievader> chriys: Apache fails to start since you ahve a config error ;)
<lordievader> have*
<Patrickdk> hmm, conntrack_max has nothing to do with how many tcp connections can be opened
<chriys> I got this error NameVirtualHost *:80 has no VirtualHosts
<thomaschaaf> Patrickdk: is there an error log I could look at to see if the tcp connection limit has been hit? /var/log/messages is not there in 14.04
<Patrickdk> that will depend on the program that hit the limit
<thomaschaaf> I'm using swift and if I have a couple clients connect to it I can not open ssh connections and it will stop accepting http requests.
<thomaschaaf> pings however work
<thomaschaaf> this gives me the impression that tcp connection limit has been hit
<thomaschaaf> my open ssh connection works fine
<thomaschaaf> and cpu, mem and load is not hitting any limits
<Patrickdk> are you running a firewall?
<thomaschaaf> just fail2ban
<Patrickdk> fail2ban isn't a firewall
<thomaschaaf> iptables
<Patrickdk> your using iptables by *hand*?
<thomaschaaf> but there are no rules in there except for the ones fail2ban is creating
<Patrickdk> then it would be extreemly off your having a conntrack issue
<Patrickdk> odd
<Patrickdk> are you positive your not running out of cpu/memory or disk i/o?
<chriys> guys I can't access my site anymore it shows this inside of logs File does not exist: /etc/apache2/htdocs
<Patrickdk> that is nice :)
<Patrickdk> so what did you do to cause that? cause ubuntu doesn't do anything like that
<lordievader> chriys: Did you upgrade apache to 2.4?
<lordievader> Without telling your config, that is.
<chriys> nope
<chriys> I don't think so
<chriys> let me check it
<lordievader> chriys: Could you pastebin your config?
<chriys> ok
<chriys> do you know a command to copy the whole file
<bekks> "cp oldname newname"
<bekks> Or do you want to pastebin the entire file?
<lordievader> chriys: Install pastebinit, then it is a simple matter of pipeing to pastebinit.
<chriys> ok
<chriys> is it normal that nano /etc/apache2/apache2.con | pastebinit returns nothing ?
<bekks> Yes-
<bekks> Just use: pastebinit filename
<chriys> lordievader: here is the config http://paste.ubuntu.com/8009978/
<lordievader> chriys: Well the header is already different from mine, could you pastebin the output of "apt-cache policy apache2"?
<lordievader> chriys: Further more it seems to be okay.
<chriys> ok let me do that
<chriys> http://pastebin.com/uESJEhdB
<lordievader> Ah that explains it, you are still running 2.2 ;)
<Patrickdk> I don't think he is runnign ubuntu
<Patrickdk> he is running a kaltura image
<bekks> kalwhat?
<bekks> nvm, I'll google it :)
<Patrickdk> it's a video management software
<lordievader> chriys: http://www.cyberciti.biz/faq/apache2-namevirtualhost-80-has-no-virtualhosts/
<Patrickdk> they packaged ubuntu to make their own applience, killing *all ways ubuntu/debian* does things
<lordievader> That could explain the different config too ;)
<Patrickdk> I have one I manage, but I haven't touched it for almost 2 years :)
<Patrickdk> someone, attempted to bring centos to ubuntu :)
<lordievader> Bleg Centos...
<bekks> Patrickdk: Their site looks down as well.
<Patrickdk> works fine here
<Patrickdk> corp.kaltura.com
<chriys> lordievader: same issue
<lordievader> chriys: Do you know how much Kaltura changes the Apache config?
<chriys> now the Virtual issue is resolved
<chriys> but I think it's a good to put the kaltura and red5 server on a different vps
<sudormrf> anyone around that can help me figure out why nagios is not generating alert emails?
<sudormrf> anyone around that can help me figure out why nagios is not generating alert emails?
<Shutterstrom> Any idea when it is possible to upgrade Ubunto Server from 12 LTS to 14 LTS using:
<Shutterstrom> $ do-release-upgrade
<Shutterstrom> Checking for a new Ubuntu release
<Shutterstrom> No new release found
<Nivex> rumor has it that will be activated tomorrow
<Shutterstrom> Nivex: Ahh, nice.
<sudormrf> perhaps it is a permissions thing?
<Nivex> sudormrf: what do the logs say?
<sudormrf> Nivex, the logs do not indicate any errors
<sudormrf> Nivex, if I send a test notification using the force checkbox the notification is sent.
<sudormrf> Nivex, I am looking at a different nagios setup now for the permissions that should be applied to the config files
<fridaynext> is anyone having trouble with upstarts in 14.04 vs 12.04?
<fridaynext> I was fine with 12.04, but now programs are not starting on boot when I've added them properly.
<Patrickdk> nope
<fridaynext> Patrickdk: I wonder what's wrong with my system.
<fridaynext> Fresh install last week, used git to install sickbeard and sabnzbd, added them in etc/init.d, update-rc.d'd them, chmod +x'd them, but they still won't start on boot
<Patrickdk> well, if they are UPSTART
<Patrickdk> they don't go into /etc/init.d :)
<fridaynext> what's the process for creating UPSTART processes?
<Patrickdk> you make one
<Patrickdk> and you put it into /etc/init
<Patrickdk> and I guess you link the dummy upstart script in /etc/init.d
<fridaynext> and then remove the init.d script?
<Patrickdk> heh?
<Patrickdk> you said it was an upstart script
<Patrickdk> if it is, there is no init.d script
<fridaynext> but you said 'link the dummy upstart script in /etc/init.d'
<Patrickdk> yes
<fridaynext> so after I do that, I delete the one in init.d, right?
<Patrickdk> do what?
<Patrickdk> why would you link it, then delete it?
<Patrickdk> I said nothing about deleting
<fridaynext> i know
<fridaynext> I asked you about it.
<Patrickdk> if I didn't say it, don't do it
<fridaynext> And I'm sensing the answer is no.
<Patrickdk> ln -s /lib/init/upstart-job /etc/init.d/xxxxxx
<fridaynext> you're making it sound like upstart is the exact same thing as init.d
<Patrickdk> how?
<fridaynext> OH!
<Patrickdk> upstart scripts go in /etc/init
<fridaynext> i think I get it now.
<fridaynext> so I just touch /etc/init/sabnzb.conf, and then ln-s /etc/init/sabnzb.conf /etc/init.d/sabnzbd
<Patrickdk> touch?
<fridaynext> or vim
<Patrickdk> no
<Patrickdk> no
<Patrickdk> no
<Patrickdk> I didn't say anything about touching/ or linking /etc/init/x
<Patrickdk> put the upstart script in /etc/init
<Patrickdk> not TOUCH
<Patrickdk> then, ln -s /lib/init/upstart-job /etc/init.d/xxxxxx
<Patrickdk> where xxxxx is the name of the upstart script
<fridaynext> is 'the upstart script' something I have to write myself?
<Patrickdk> yes
<Patrickdk> you said you did that
<fridaynext> so where do i go to find out how to write that?
<fridaynext> no i didn't
<fridaynext> 15:27 fridaynext: what's the process for creating UPSTART processes?
<Patrickdk> <fridaynext> Fresh install last week, used git to install sickbeard and sabnzbd, added them in etc/init.d, update-rc.d'd them, chmod +x'd them, but they still won't start on boot
<Patrickdk> but you said you had a problem with *upstart*
<Patrickdk> so like I said
<Patrickdk> what are these scripts you *added*
<Patrickdk> are they init.d scripts, or upstart scripts?
<fridaynext> I added the scripts that came with the programs in the git folders.
<Patrickdk> like I said, WHAT ARE THEY
<Patrickdk> init.d or upstart?
<fridaynext> here's the sickbeard one - http://pastebin.com/raw.php?i=1nBnuLCL
<fridaynext> i don't know if that's upstart or init.d
<Patrickdk> that is init.d
<fridaynext> or if there's even a difference between the two.
<fridaynext> so my question is, this worked in 12.04.  Does init.d no longer work in 14.04?
<fridaynext> Because it's not working for me.
<Patrickdk> well, it's now system.d
<Patrickdk> it should work just fine though
<fridaynext> clear
 * fridaynext wrong screen
<fridaynext> http://pastebin.com/raw.php?i=F3KFDn3E
<fridaynext> If that's my plex etc/init.d/ file, is it likely I should do the same thing for sab and sickbeard? (linking to /lib/init/upstart-job)
<Patrickdk> no, they aren't upstart scripts
<Patrickdk> so why would you link them?
<fridayne_> Patrickdk: I'm asking you because I don't know.
<Patrickdk> your asking me, after I already told you they aren't upstart, so nothing we have discussed matters
<fridayne_> great. no solution to my problems.
<fridayne_> perhaps someone in another channel is willing to help, and won't expect me to be a *nix genius while asking questions.
<jakesyl> hey guys been trying to pysftp into my ubuntu server using this script http://git.io/-o_IBw and been getting this error http://git.io/lxIvLA
#ubuntu-server 2015-08-03
<cluelessperson> hey guys, I want to make sure my server is really secure
<cluelessperson> how can I go about doing this?
<teward> cluelessperson: disconnect it from the internet and put it in a Faraday cage
<teward> inside a lead-lined bunker
<teward> cluelessperson: 'really secure' is a vague, ambiguous phrase
<teward> because 'really secure' is based off use case and acceptable risk levels
<cluelessperson> teward,  I run owncloud+deluge+apache my personal server with TLS 1.2.  I want to make sure it's impossible for an unknown to penetrate it.
<teward> basics: SSH key auth only, 2FactorAuth where possible, only open ports you need opened, and only open them for 'sources' that you trust
<teward> cluelessperson: you can't guarantee that
<teward> there is no such thing as a "100% secure" system
<teward> unless it's non-networked and put in a bunker with no wifi capabilities
<cluelessperson> teward, only certain ports are open, connections are by default blocked.  I'm using... I forget what it's called to shut down ports on repeated connection attempts.
<teward> fail2ban?
<cluelessperson> teward, yes.  and I need to switch SSH back to key
<teward> fail2ban helps a little. SSH Key Auth Only helps too.
<teward> putting 2FA on is also helpful
<cluelessperson> sentences for passwords,   I might just go with a client certificate requirement to connect to certain applications.
<teward> (all my offsite servers have 2FA with Duo Security)
<teward> cluelessperson: that can help too
<cluelessperson> teward, Also, my GPG+owncloud data is stored on another backend server
<teward> cluelessperson: security is also a 24/7 thing
<teward> putting a IDS/IPS (like Snort in front of things) can help a little more
<teward> but...
<cluelessperson> teward, the web facing server has credentials for an owncloud sftp account only, and mysql for various applications.
<cluelessperson> teward, Do you know how I might hide internally credentials?
<cluelessperson> teward, I'm also wondering if there's a way to setup traps, when access to shut off the secure server's access.
<cluelessperson> Anyone know anything about creating client certificates?
<cluelessperson> Hey guys I'm trying to run this command
<cluelessperson> openssl ca -in cpwr.csr -cert cpwr-ca.crt -keyfile cpwr-ca.key -out cpwr.crt
<cluelessperson> but it errors Using configuration from /usr/lib/ssl/openssl.cnf
<cluelessperson> I am unable to access the ./demoCA/newcerts directory
<cluelessperson> wtf
<ikonia> you're going to need to provide more info than that if you want help
<cluelessperson> ikonia, like?
<lordievader> Waddup: Does fsck detect errors?
<lordievader> Good morning, by the by.
<nils13_> Hi,
<RoyK> ho
<lordievader> ha
<phre4k> I have 2 NICs in my samba server and when I ping the domain from a client, it always uses the wrong one. How do I fix this?
<lordievader> phre4k: How are the two nics set up?
<phre4k> lordievader, forgot to say it's an LXC container
<phre4k> one is bridged with the host system and the other is bridged with the internal LXC network
<phre4k> they show up as eth0 and eth1 inside the container
<lordievader> What is the default gatway for the container?
<phre4k> the bridged connection
<phre4k> or rather, the local DNS
<phre4k> *router, sry
<lordievader> Is the th nic you want it to use when you ping it?
<phre4k> I set the local IP as DNS in a client and then I ping the AD Domain (ad.company.org), which gives me back the virtual IP of the server instead of the local IP
<lordievader> The virtual ip? The lxc internal?
<phre4k> yes, that one
<phre4k> I am 192.168.20.149, my DNS is 192.168.20.11, I ping ad.company.org and should get 192.168.20.11, but get 10.3.1.2
<lordievader> Do you get the correct address when you resolv ad.c.o on the lxc box?
<phre4k> w8
<phre4k> I get "unknown host", wtf
<lordievader> Do you get the correct ip when you resolve ad.c.o on 20.149 (don't forget to expend the c.o part ;) )
<phre4k> yeah, of course, I understood what you mean ;)
<phre4k> 20.149 is the client I have problems on
<phre4k> my own laptop is a different IP, but I try it now
<phre4k> unknown host
<lordievader> How do you ping it when you cannot resolve it?
<phre4k> I entered ad.c.o in the hosts file and can now ping from the samba server, I'll try the clients
<lordievader> That is a bad way of resolving ips.
<phre4k> of course, but if the samba way doesn't work... ;)
<phre4k> the client doesn't get it though, but it was worth the try
<lordievader> Of course not, /etc/hosts is host only, That is why is a bad method.
<yossarianuk> Hi - is it possible to use unattended updates - e.g ->> https://help.ubuntu.com/lts/serverguide/automatic-updates.html, but only updating specified packages ?
<yossarianuk> I know you can prevent certain packages being installed...  Just wondering if you can make it so only specified packages are automatically updated.
<yossarianuk> i.e I can see how to blacklist packages from updating from https://help.ubuntu.com/lts/serverguide/automatic-updates.html but I want to blacklist all but one package.?
<lordievader> Make a script that just installs those packages? If there are updates it will install those if not nothing happends.
<yossarianuk> lordievader: sure that was the alternative way I was thinking, just wondering if unattended upgrades could also do it...
<yossarianuk> cheer
<yossarianuk> *cheers*
<PatBateman> hi
<PatBateman> i have a 14.04.02 server with raid 1 ssds, and after an update and reboot, the machine stopped at grub cli
<PatBateman> what should i do?
<PatBateman> i found some info starting the system manually, but what about my raid array ?
<RoyK> PatBateman: the array is hopefully ok
<PatBateman> yes I can list it
<RoyK> PatBateman: boot on a usb live thing and check /proc/mdstat
<PatBateman> the folder structure
<PatBateman> RoyK: I can do it only tomorrow, can you tell me what to do in steps in short?
<RoyK> then - if things work - try to mount the root fs on /mnt, mount proc on /mnt/proc and sys on /mnt/sys and boot on /mnt/boot - chroot /mnt and reinstall grub (update-grub)
<PatBateman> RoyK: thanks
<RoyK> perhaps grub-install /dev/sda ; grub-install /dev/sdb
<PatBateman> what do you think about boot-repair, could it repair out of the box?
<RoyK> but update-grub should do
<RoyK> boot-repair should work - it just does the same without you knowing
<PatBateman> i see
<RoyK> I'm just used to the old way :)
<RoyK> linux mdraid is very robust, so having a whole RAID die on you isn't something that happens often
<RoyK> BUT! Keep a backup anyway - bad things DO happen!
<RoyK> RAID != backup
<PatBateman> yeah currently i am copying raw data to a hdd (which have my old ubuntu on hdd)
<RoyK> I use a cloud service
<PatBateman> even from here i see the raid array and all folders which gives hope
<RoyK> crashplan works ok, although it's very slow on big data (VERY slow, because of the dedup things in there designed by a one-armed monkey)
<RoyK> I use a Norwegian reseller of crashplan - they've turned all those dedup things off, so it works well (albeit more expensive). You can turn those dedup things off yourself, but my experience with crashplan.com is still that it's very slow
<PatBateman> hm
<RoyK> doesn't help much with 'unlimited' backup if it takes a year to restore from a crash
<PatBateman> haha yes
<PatBateman> so, have to go, thanks for the help!
<RoyK> np
<sarnold> don't they offer to ship you your data on a hard drive when you need it back?
<AndChat59136> I have an issue with two ip's on one machine, with one nic. The second ip is seemingly coming out of nowhere. I know this isn't right, but I don't know where to look apparently. I have set a static ip via the interfaces file. I have removed the second ip using the ip del command, but it comes back eventually. I am running server version 14 and a dd-wrt firmware router. Any ideas?  Wrong irc channel to ask?
<RoyK> AndChat59136: IPv4?
<AndChat59136> Yes
<RoyK> what's this other IP that comes out of nowhere?
<AndChat59136> 192.168.1.100 is the static, .134 is the one that keeps appearing
<sarnold> AndChat59136: ps auxw | grep dhc  -- I wonder if you've got a dhcp client of some sort goofing around
<sarnold> there's lots of ways that it could be added, of course, bootp, dhcp, a script, some other program..
<RoyK> AndChat59136: pastebin /etc/network/interfaces
<RoyK> AndChat59136: or as sarnold said
<AndChat59136> grep: I: No such file or directory
<RoyK> AndChat59136: 'ps auxw | grep dhc'
<AndChat59136> Haha, duh
<AndChat59136> paste.ubuntu.com/11994498/
<RoyK> and ps output?
<AndChat59136> paste.ubuntu.com/11994514
<RoyK> dhclient eth0
<RoyK> kill that - have you restarted lately?
<RoyK> also - which ubuntu version is this?
<AndChat59136> 14.04, I should be able to remove dhclient correct?
<RoyK> not sure what depends on it - but again - with that interfaces file it shouldn't be started
<RoyK> 19:27 <            RoyK > kill that - have you restarted lately?
<AndChat59136> I will kill it, and yes, had a restart just today
<RoyK> and dhclient started again after restart?
<AndChat59136> Yes
<AndChat59136> I dont have dhclient in my kill list
<AndChat59136> So maybe not
<AndChat59136> I know that I don't start it
<RoyK> hm... http://ubuntuforums.org/showthread.php?t=1391829&page=2
<RoyK> looks like dhclient may start if the /var/lib/dhcp3/dhclient.leases file exists
<RoyK> seems like a dumb bug
<AndChat59136> I googled a bunch and never found anything like that. Must be the 'override' keyword. I will rename the file and see if that helps. I will report back.
<RoyK> AndChat59136: the secret about googling is always "use as few and as exact words as possible" - it was on my first search ;)
<AndChat59136> I kept using some variation of two ip's on one nic, that just kept bringing up how to set it up.
<AndChat59136> Sometimes that's the hardest part of using google
<AndChat59136> No luck so far. Thanks for your help anyway.
<RoyK> AndChat59136: chmod -x /sbin/dhclient # should do it, albeit a bit rednecky
<sarnold> AndChat59136: you aren't using networkmanager on this system by chance, ar eyou?
<AndChat59136> Not to networkmanager
<RoyK> AndChat59136: is networkmanager installed?
<AndChat59136> Let me check
<RoyK> dpkg -l | grep -i networkma
<RoyK> or perhaps dpkg -l | grep network-man
<AndChat59136> Apparently it is paste.ubuntu.com/11994845/
<RoyK> remove it
<AndChat59136> 10-4
<RoyK> 14-4 :D
<sarnold> hehe
<AndChat59136> I see what you did there
<AndChat59136> Shows what I know. I thought I removed that a while ago. When reading about static ips they say to remove it.
<RoyK> AndChat59136: did it help?
<AndChat59136> Does not appear to have. I renamed the dchp leases file and my .134  ip has changed to .140
<AndChat59136> That was before removing network manager. After removing network manager I can't tell any difference.
<AndChat59136> Still have the .140 ip
<sarnold> did you kill the processes, too?
<AndChat59136> I removed network manager and restarted
<AndChat59136> networking service restart never seems to work, so I reboot the machine
<sarnold> ah yes, ifup and ifdown are the intended interfaces there
<AndChat59136> Ok, bear with me.  If i wanted two ips it would look like eth0 and eth0:1. As far as what to bring up and down. I only have eth0, with the two ips. If I am ssh in, make changes and ifdown eth0 i will loses my connection and have to reboot anyway, correct?
<teward> run `ifdown eth0; ifup eth0`
<teward> it first down's eth0, then brings it back up
<teward> the semicolon will make it run those in sequence
<teward> (it's how I take down and instantly bring back up an interface on my servers when I mess with its settings xD)
<AndChat59136> Ok, thanks for that bit of info. I really do appreciate everyones input
<a1fa> is it just me, or did 14.04.02 installer fail to provision partitions
<a1fa> 300GB RAID1; use entire disk + lvm turned into a cluster mess
<a1fa> so root got 23GB
<a1fa> and /dev got.. wait for it
<a1fa> udev                        126G  4.0K  126G   1% /dev
<a1fa> ^ i lolled ; twice
<a1fa> did i miss a README that said don't use lvm with hardware raid?
<sarnold> a1fa: isn't /dev a devtmpfs, which defaults to half your ram or something similar?
<a1fa> i guess.. but still does not explain where my 300GB drive went to
<sarnold> indeed, no :)
<a1fa>  23G  875M   21G   4% /
<a1fa> i am going to try resizing it
<sarnold> any chance there's a /home or /opt or something similar that's just not currently mounted/
<a1fa> no just checked with cfdisk
<a1fa>         sda5                       NC                         Logical               LVM2_member                                                          299709.77               *
<a1fa> 299.9GB LVM2
<a1fa> there is this thing
<a1fa> none                        126G     0  126G   0% /run/shm
<a1fa> i wonder if swap took all of it ;)
<a1fa>                                                                         Size: 274840158208 bytes, 274.8 GB
<a1fa> punk
<a1fa> there it is
<ReScO> ugh
<ReScO> Sky2 driver is making my network a living hell
<ReScO> DNS requests failing etc...
<sarnold> a1fa: 274 gigs of swap? makes sense, you want to suspend your 256 gigabyte RAM machine, right? right? :)
<a1fa> heh
<a1fa> i twont let me remove it
<a1fa> it thinks its busy
<a1fa> swapoff -a; lvremove ..
<RoyK> a1fa: 128 gigs of memory?
<a1fa>   275G  895M  263G   1% /
<a1fa> back in business, sarnold
<a1fa> RoyK: 256
<a1fa> all is well now
<a1fa> for some reason it would not disable swap with swapoff -a
<a1fa> so reboot fixed it, and i was able to extend my partition to 100%
<a1fa> thanks
<cluelessperson> https://letsencrypt.org/
<cluelessperson> thoughts?
<ReScO> here's my dmesg output: http://pastie.org/private/l2tia3nuotd8zvxier1zw
<ReScO> sky2 is crashing for my ethernet adapter: http://pastie.org/private/l2tia3nuotd8zvxier1zw
<patdk-wk> !poll
<sarnold> a1fa: great! :) if you've got the time/inclination to try to repeat it, I think it'd be worth a bug report
<AndChat59136> RoyK: thanks for all your help earlier. The chmod command seems to have worked.
#ubuntu-server 2015-08-04
<lordievader> Good morning.
<Waddup> morning lordievader
<lordievader> Hey Waddup
<Waddup> hey whats up
<lordievader> Not much, having coffee. How are you?
<Waddup> im good
<Waddup> i just removed the raid fs im having and put on a 4tb wd red on it.
<Waddup> i needed it to run while i test the drives one by one and see whats wrong
<teward> no server team meeting this week?
<teethplus> hello
<teethplus> I was wondering if someone can point me in the right direction of finding the different subnets that a establishment may be using?
<teward> teethplus: you'd do that at whatever handles DHCP or cross-subnet routing... what exactly are you trying to find
<teethplus> I'm trying to find the network printers.
<tonyyarusso> By far the easiest way would be to ask humans who ought to know.  Did someone get fired without leaving documentation?
<teethplus> yeah
<tonyyarusso> Oof.
<tonyyarusso> Do you have physical access to the printers?  Most will let you either show the IP information on an LCD or print out their configuration.
<teethplus> I'm not sure if that is an acronym or if its an automatopia
<teethplus> yeah I can do that for the ones in the office but we have some remote and I guess I can ask someone to run through the menu for me
<teethplus> I was just wondering if there was some way I could look it up without having to do any leg work
<teward> you should use a print server in the future
<tonyyarusso> DHCP = Dynamic Host Configuration Protocol, IP = Internet Protocol (information in this case being address), LCD = Liquid Crystal Display
<teward> teethplus: not really, not without nmap scanning the universe.
<tonyyarusso> Oof = just an exclamation
<teward> i.e. 10.0.0.0/8, 127.16.0.0/18 (i think?), 192.168.0.0/16
<teethplus> thanks for clearing that up tony
<tonyyarusso> teward: Pretty sure the middle one is 172.16, not 127.
<tonyyarusso> But, uh, Wikipedia.
<tonyyarusso> It might be /17 too
<tonyyarusso> Now I'm going to have to look it up or it will bother me.
<teethplus> well thanks guys, I guess I will have to check all the printers manually
<tonyyarusso> Right on the numbers, wrong on the mask.  10.0.0.0/8, 172.16.0.0/*12*, and 192.168.0.0/16.
<tonyyarusso> Obviously it had to be between /8 and /16.  We're idiots.  :)
<tonyyarusso> teethplus: Scanning the entire RFC1918 ranges might work for you, but poring through the results is probably more work than phoning someone up at each remote site and having them look at the device.  (And will only work if your firewalls allow it.)
<teethplus> Its never easy is it.
<teethplus> Thanks again for your help
<tonyyarusso> Of course not - that's why we get paid ;)
<teethplus> Wait what? that changes everything jk
<sarnold> tonyyarusso: avahi-browse -alr might get you there
<fishcooker> how to negate routing in case on vpn i want all connection to certain network will use this routing rule, others will use default route/gateway?
<TJ-> Use a separate routing table for the VPN
<fishcooker> on which file TJ-
<TJ-> fishcooker: See "man ip-route" and the section of "Route tables"
<TJ-> fishcooker: the concept you need is "policy routing". The iproute2-doc package might contain more info. There are also many web resources
<sarnold> see also http://lartc.org/howto/lartc.rpdb.html
<fishcooker> thankyou TJ- + sarnold
<fishcooker> if we have default password for root then we want to make it pronounceable for easy remembrance.. how to do that?
<TJ-> !root | fishcooker
<ubottu> fishcooker: Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo
<sarnold> fishcooker: diceware is popular; you can also use passwdqc's pwqgen program, screenshot here http://openwall.com/passwdqc/screenshots
#ubuntu-server 2015-08-05
<user___1> Hi, I need help with setting up openvpn on ubuntu server. I've tried alot, getting help from others is my one last hope... can anybody help me?
<sarnold> user___1: have you seen this yet? https://help.ubuntu.com/14.04/serverguide/openvpn.html
<user___1> I've googled ALOT. I still have a problem that I cant solve
<sarnold> do you get any error messages?
<sarnold> check both endpoints
<user___1> openvpn itself doesn't have an accounting system, I used a software called softether that supports openvpn too, I can create an account, and connect to it, no problem here, but I want to limit connections of an account to 1, so user can't user his/her account to use openvpn from more than one place at a time
<user___1> softether has an opetion for it, but it doesn't work for openvpn, its reported, several times, but no answer
<user___1> I want to use openvpn to bypass internet censorship, because it can't be blocked easily by government
<user___1> I know I should talk to someone from sofether support, but they're not so active, my problem was asked on their froum by other people. but they got no answer from them
<sarnold> do they have an irc channel? forums are my absolute last choice..
<user___1> I don't think so... they are not so active, and im not limited to use their software if I can reach what I want by an other way
<sarnold> can you specify a specific IP address for each client? that might be sufficient to limit them to one connection at a time
<user___1> user IPs here are dynamic, they always change
<sarnold> don't you have to create an rfc1918 network for the clients once they've connected?
<user___1> what is it...?
<sarnold> one of the 10.x.x.x or 192.168.x.x or .. 176something?
<Starcraftmazter> hi
<Starcraftmazter> how would i upgrade from ubuntu server 12.04
<Starcraftmazter> to latest
<Starcraftmazter> can i skip everything in between?
<sarnold> Starcraftmazter: yes, you should be able to upgrade with do-release-upgrade
<Lurchy> anyone awake?
<lordievader> Good morning.
<arcsky> hello all, does anyone know how i can do my ssh login to use the windows 2008 radius/nps ?
<samba35> how do i fix the banner name on server  for postfix
<samba35> when i run telnet my public ip 25 it show mail.abcd.com is that is my banner name ?
<dasjoe> Yes
<samba35> then when i run mxtoolbox.com its same as the my rdns still its say banner is not correct
<samba35> Reverse DNS does not match SMTP Banner
<JaguarDown> Hi all, newbie here. I have a home server on a LAN connected to ther outer via cat5 cable. Is there a quick answer as to why my router doesn't know the "device name" (host name) of my server? In other words is this a usual ubuntu server problem or is it my router's problem?
<JaguarDown> ther outer= the router***
<RoyK> JaguarDown: hostnames are usually looked up with DNS. If you don't have your own DNS server and haven't added the hostname, it won't understand it as a hostname. Linux doesn't use broadcasts of hostnames the way windows/netbios does it
<JaguarDown> Ok
<Tazmain> hi all, is it acceptable to place a environment varaible in /etc/environment? Doesn't see that when I sudo su I can echo that variable, but as a normal user I can
<jvwjgames> Hi I need help
<jvwjgames> My server has unstable networking
<jvwjgames> Pingdom the remote server monitoring station keeps on emailing me every few minutes saying your server is down no wait it is back up no it's down no wait it is backup
<jvwjgames> And if you want you can do a continuous ping on its static IP if you want
<Sling> if you want hundreds of people pinging you, sure :P
<Sling> but give some details, what kind of server, how is it hooked to the internet
<Sling> are you also noticing packetloss or is it just pingdom?
<jvwjgames> Here is the public static page
<jvwjgames> http://stats.pingdom.com/g5d44jvdauff
<teward> I.. don't think that was what's asked...?
<teward> oh
<teward> you pinged out
<teward> [2015-08-05 13:26:33] <Sling> if you want hundreds of people pinging you, sure :P
<teward> [2015-08-05 13:26:47] <Sling> but give some details, what kind of server, how is it hooked to the internet
<teward> [2015-08-05 13:26:55] <Sling> are you also noticing packetloss or is it just pingdom?
<teward> jvwjgames: ^
<jvwjgames> Packet loss
<teward> what about the other requested data, such as what kind of server (VPS, virtual, physical box, etc.), and how it's connected to the 'net
<teward> or do you not know that
<jvwjgames> I do
<Sling> jvwjgames: feel free to query me the IP and I could run some mtr from a few spots on the internet
<Sling> also, how long has this been an issue?
<jvwjgames> It is a poweredge 1950 with 2 GB NIC's I have a block of 13 statics witch two are allocated to the server
<aditya> i'm not able to run my sh script through cron
<Sling> aditya: is it chmod +x'ed ?
<aditya> yes
<aditya> script is working fine manually
<Sling> so how did you add it to cron and what is happening?
<aditya> i added it to run every 15 min to backup my gitlab repos
<aditya> but its not working
<Sling> added it where
<Sling> how
<Sling> [ moar details plz ]
<aditya> i added it via crontab -e
<Sling> as root?
<aditya> yes
<Sling> okay and what does your crontab -l look like now/
<aditya> like this
<aditya> 15	3	*	*	*	cd /root/; ./backup.sh > /tmp/repobackup
<Sling> use /root/backup.sh > /tmp/repobackup instead
<aditya> i used that also but not worked
<aditya> in my other server its working fine
<aditya> in same pattern
<Sling> it looks a bit weird, you can just use the full path :)
<Sling> but anyway, what do you mean with 'not working'
<Sling> do you know if its trying to run it?
<Sling> ie. did you check the logs
<aditya> yes i checked
<aditya> there is noting in logs
<Sling> so its not trying to run it
<aditya> no
<Sling> is crond or another cron daemon running?
<aditya> no there is only one c
<aditya> cron
<Sling> so is it running? what is the output of ps faux | grep cron ?
<aditya> yes running
<Sling> then it should be logging, what logs did you check?
<aditya> ps -aux | grep cron
<aditya> root     13273  0.0  0.0  23652   940 ?        Ss   Aug03   0:00 cron
<aditya> if i want to run it daily
<aditya> can i put it in cron.daily folder
<Sling> stop trying to randomly change things when you still don't know what the issue is
<Sling> thats not how you learn or troubleshoot
<Sling> also, are there any mails for root on your account? cron will generate mails when something goes wrong
<Sling> (check with 'mail')
<Sling> the > /tmp/repobackup will just redirect stdout but not stderr
<jvwjgames> I pm'd you sling
<Sling> yeah I noticed ;)
<jvwjgames> By now you are experiencing packet loss on last hop
<Sling> nope
<jvwjgames> Really the 210
<jvwjgames> No packet loss
<Sling> well i cant ping your own router, doesn't respond to icmp it seems
<Sling> but the last hop before it, still no loss since our pm
<jvwjgames> The 210 is the server it is directly connected to the modem
<Sling> ok
<jvwjgames> The reason that you can't ping it is cause I accidently unplugged the power to the server
<jvwjgames> So it is rebooting
<jvwjgames> I am surprised that there is no packet loss
<Sling> again, I was seeing packet loss to the comcast router
<Sling> not to your own router or server
<jvwjgames> Oh
<jvwjgames> Sorry i misunderstood you
<jvwjgames> This is good news
<jvwjgames> When I logged in to my server
<jvwjgames> It is now showing the ip's of the interfaces
<jvwjgames> Before it didnt
<Sling> :/
<Sling> that doesn't really make sense :)
<jvwjgames> Told you unstable networking
<Sling> ...
<Sling> you lack some understanding of networking, sorry to say :)
<jvwjgames> What I mean to say about unstable networking is sometimes I can't reach my server
<Sling> if your interface would be unconfigured, without an IP, it would not have packet loss, it would simply have no connection at all
<Sling> and IP's don't just disappear from your server
<jvwjgames> And during that time it also doesn't let me ping
<Sling> anyway, enough said about your issue
<jvwjgames> Also if they are static ip's doesn't it need gateways for both interfaces
<jvwjgames> Cause when I put in the gateways for both ip's it freaks out
<Sling> stop changing stuff you don't understand :(
<sarnold> strictly speaking, you don't need gateways at all.. that's just if you want it to talk to machines beyond the subnets that it's on..
<Sling> all you need are the proper routes in your routing table
<jvwjgames> Ok
<Sling> again, this is not related to your issue
<jvwjgames> Sorry
<jvwjgames> And I didn't change anything
<jvwjgames> That's what happened in the past
<jvwjgames> Anyway past that
<jvwjgames> Pingdom just reported my server is offline again
<jvwjgames> OK sling I found the problem
<jvwjgames2> OK this is just odd
<jvwjgames2> 210 is no longer reachable
<jvwjgames2> But 211 is it is like my server is rotating the ips
<jvwjgames2> Sling: any idea
<Sling> about?
<jvwjgames2> 210 is no longer reachable but 211 is it is like my server is rotating the two ips
<jvwjgames2> So it is causing Pingdom to think my server is down
<sarnold> i haven't got a clue what you're doing here..
<sarnold> .. but it sounds kind of like you've got two ips on one NIC?
<Sling> which should work perfectly fine if configured properly
<Sling> jvwjgames2: how is your networking configured on your server|
<jvwjgames2> http://picpaste.com/pics/IMAG0006-XpPLDPj1.1438800960.jpg
<Sling> jvwjgames2: and are both eth1 and eth0 physically connected to your router?
<Sling> what does 'ip a' show
<jvwjgames2> Yes
<sarnold> jvwjgames2: probably only one of those interfaces should have a gateway line
<jvwjgames2> http://picpaste.com/pics/Screenshot_2015-08-05-12-59-46-0FbXP4wO.1438801259.png
<Sling> and 'ip r' finally, for the routes
<Sling> then we have sort of a complete picture
<jvwjgames2> http://picpaste.com/pics/Screenshot_2015-08-05-13-04-58-Zn2IuAbL.1438801544.png
<jvwjgames2> Sorry I didn't provide this earlier
<Sling> well this is not related to the packetloss to comcast's router, but there might be multiple issues
<Sling> you also seem to have split routing on your own server
<Sling> remove one of the gateway lines in your interfaces file
<jvwjgames2> Did that
<jvwjgames2> Anything else you need me to provide
<Sling> are you still experiencing network issues?
<jvwjgames2> 210 still unreachable
<Sling> you might need to reset your server and router, or manually clear some arp tables
<Sling> so the new routing is in effect
<Sling> anyway, i gotta go, good luck
<jvwjgames2> Ok
<jvwjgames2> Thanks
<jvwjgames2> Now 211 is unreachable
<jvwjgames2> I want to get this issue resolved
<jvwjgames> Can anyone help
<patdk-lap> you have two nics, it won't work
<patdk-lap> you cannot put two nics on the same l2 network and expect it to work, without a LOT of pain and knowledge
<jvwjgames> So how do I configure my two statics from Comcast to work then
<patdk-lap> on one interface
<patdk-lap> why would you use two?
<jvwjgames> For dns load balancing and for failover
<patdk-lap> I have 12 statics on one interface
<patdk-lap> heh?
<jvwjgames> How did you do that
<patdk-lap> what do you mean dns load balancing?
<patdk-lap> your doing >1gigabit of dns?
<patdk-lap> not sure how failover will help, your issue is spof of the modem itself
<patdk-lap> don't see how two tables will help, vs one
<jvwjgames> Ok
<patdk-lap> two cables
<jvwjgames> What do you mean by that
<patdk-lap> modem going down, is atleast 50x more likely than a nic or cable having an issue
<jvwjgames> Ok
<jvwjgames> How did you do the 12 statics on one line
<patdk-lap> the normal way in ubuntu using the interfaces file
<jvwjgames> Oh ok
<patdk-lap> http://askubuntu.com/questions/313877/how-do-i-add-an-additional-ip-address-to-etc-network-interfaces
<patdk-lap> one such method
<jvwjgames> Also is it possible to have multiple statics on a different network
<patdk-lap> I use this method, up ip addr add fff.fff.fff.fff/prefixlen dev eth0
<patdk-lap> that question makes no sense
<jvwjgames> So basically so I can have a traceroute like 1. 96.92.80.209 2. 96.92.80.210 3. 96.92.80.211 trace route complete
<patdk-lap> what?
<jvwjgames> Basically have multiple static IP across multiple routers
<patdk-lap> ok, everything your doing is wrong
<patdk-lap> scrape it
<patdk-lap> this is pointless to start from the ground up, like your doing
<patdk-lap> when you doin't know where your going
<patdk-lap> if you use all your ip's on *routers*, sure, but then you won't have any usable ip's
<patdk-lap> and they won't chain together ever to produce a traceroute result like that
<jvwjgames> I am not going to use all my 13 just 3
<patdk-lap> why use any?
<patdk-lap> none of this makes so since, with no goal
<patdk-lap> how do you even think a traceroute like that could exist?
<patdk-lap> and why would you want it to exist at all?
<jvwjgames> Cause right now my server is directly connected to the modem
<patdk-lap> and?
<patdk-lap> there is a problem with that?
<jvwjgames> iSP do it
<jvwjgames> Security
<patdk-lap> what security?
<patdk-lap> routers don't provide security
<patdk-lap> isp
<patdk-lap> isp's don't provide ANY security
<jvwjgames> Traceroute
<patdk-lap> ok, just saying random words doesn't mean anything
<jvwjgames> ISP does traceroute like that
<jvwjgames> Sorry I am typing on a phone
<patdk-lap> so me ONE isp that does? and I will believe you
<patdk-lap> even one ISP that is clueless and has no idea what they are doing, couldn't even do that if they wanted to
<patdk-lap> just think about what you said some
<patdk-lap> 1. 96.92.80.209 2. 96.92.80.210 3. 96.92.80.211
<patdk-lap> if you had a traceroute result like that
<patdk-lap> that means ANY one of those systems failed, OR your modem, your offline
<patdk-lap> no one, not even isp's would dream of doing that
<jvwjgames> http://picpaste.com/pics/Screenshot_2015-08-05-14-37-40-kRIAG2yI.1438807092.png
<jvwjgames> How 8 9 10 and 11
<patdk-lap> that doesn't match what you requested
<patdk-lap> I don't see any ip's that are in a row at all
<jvwjgames> Hop*
<jvwjgames> Sorry let me rephrase
<patdk-lap> you see 3+ ip's in the same subnet?
<patdk-lap> I don't
<jvwjgames> Hop 8 and 9 are
<jvwjgames> seeDed you see the pic
<patdk-lap> yes, and you will ahve that too
<jvwjgames> Did*
<patdk-lap> your modem + your static
<patdk-lap> I don't seewhy you want a 3rd and 4th
<patdk-lap> that is just extreemly hard to do, and will give you lots of problems
<jvwjgames> OK I won't do it
<jvwjgames> I am just wanting it cause that will tell me where the issue is in the network
<jvwjgames> If any
<shauno> it won't tell you anymore than you already have; it'll just add more things to go wrong
<jvwjgames> OK thanks for the info
<jvwjgames> Back to the other issue at hand
<jvwjgames> Fixed my other network issue thanks to your post
<jvwjgames> patdk-lap: thanks
<jvwjgames> I can confirm that all networking is backup and working correctly
<holms> anybody got problem with upstart, that it never daemonize an application, it just stucks in there..?
<bitcoinassassin> Ubuntu headless server 14 upon log in states: "=> / is using 95.4% of 47.57GB" where the install takes less than 2 GB at most. $df-h yields a line that says "/dev/mapper/mediamagnate--vg-root   [size]48G  [used] 46G     0 100% /"
<bitcoinassassin> Am trying to find what is occupying the hard drive .... because it's not the OS -- at least not as configured
<bekks> bitcoinassassin: Narrow it down using du -sh on every directory besides dev, sys, proc, etc. in your /
#ubuntu-server 2015-08-06
<nox_42> I am trying to use nginx to load balance two nginx web servers and I am getting a 502 error. I also don't see anything out of the ordinary in the error/access logs on the nginx web servers.
<nox_42> Any ideas?
<sarnold> check logs on all three systems? nginx error logs, access logs, syslog, firewall logs, etc?
<nox_42> Everything but firewall logs.
<nox_42> Haproxy logs look like  104.183.250.151:55964 [06/Aug/2015:02:38:01.225] appname appname/resonategroup 308/0/1/-1/309 502 204 - - SH-- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
<nox_42> I could be overlooking something but I couldn't find anything that stuck out.
<patdk-lap>  heh?
<patdk-lap> your using nginx to load balance? where does haproxy come into it?
<nox_42> Oh my bad. I've actually tried both.
<nox_42> I got a 502 error with both of them.
<patdk-lap> that means your proxy can't talk to the backends
<patdk-lap> so basically the configs from ALL of them will have to be posted
<patdk-lap> in order for anyone to know what is going on
<nox_42> Do you mind taking a look if I post the configs?
<patdk-lap> if not in a few more seconds, I will be gone
<nox_42> Ok here is my nginx web server config http://pastebin.com/rzscrXzW
<nox_42> Here is my load balancer config http://pastebin.com/5jRfJFjp
<nox_42> Do you need my nginx.conf file for the web servers?
<patdk-lap> heh?
<patdk-lap> wasn't that the first one?
<patdk-lap> if it wasn't, what was that first one?
<nox_42> The first one was the site config file.
<sarnold> 1.1.1.1? o_O
<nox_42> Drop in IP. I'm removed the actual IPs.
<patdk-lap> ip's should not be in there at all
<patdk-lap> but since there is only one server section, it becomes the default and will work around that mistake
<patdk-lap> what does the logs in the webservers look like?
<nox_42> They aren't showing any errors. I'm also not seeing any access logs from the actual load balancer though.
<patdk-lap> ping works between them all?
<patdk-lap> telnet works from the load balancer to the web servers on port 80?
<neonixcoder> How can I run "dpkg --configure -a" non interactively?
<nox_42> Yep they both work.
<nox_42> They are Linode VPS but all in the same data center. Could it be something on linode's end?
<patdk-lap> no
<sarnold> nox_42: if they can ping each other, and ssh from one to the other works, it's probably not linode's issue..
<sarnold> neonixcoder: look for debconf noninteractive frontend
<neonixcoder> Sarnold: Let me have a look..
<nox_42> Yeah, at this point i am just trying to throw anything out there that might be an issue.
<patdk-lap> only so much we could help with
<patdk-lap> the configs look fine
<nox_42> It looks like I am getting this error in the error.log file on the nginx load balancer upstream prematurely closed connection while reading response header from upstream,
<patdk-lap> need logs, need unmunged configs
<nox_42> Hmm could it have anything to do with php-fpm?
<lordievader> Good morning.
<fishcooker> morning lordievader
<Waddup> how do i unmount a drive? ubuntu server 14.04 does not have unmount command as per what i see on web
<mwhudson> uh
<mwhudson> the command is umount ?
<Waddup> ah
<Waddup> lemme give it a try
<Waddup> oh it worked lol
<mybalzitch> lol
<mybalzitch> umount also secretly destroys all the data
<mybalzitch> so jokes on you, sucker!
<Waddup> its a new drive so no data.
<Waddup> no joke
<Waddup> lol
<mybalzitch> ahha
<jerto> Hi all
<jerto> I need some help regarding file permissions. Each time I create a file in my home, its permissions are 0600 and for a folder it is 0700. How can I set 0644 and 0755 as default chmod ?
<RoyK> !umask
<RoyK> jerto: man umask
<jerto> RoyK: umask is OK (0022)
<RoyK> and if you run 'touch newfile' what permissions does that get?
<jerto> 644
<RoyK> then it works... :)
<jerto> Hmmm
<jerto> OK, so it only happens when I push files in ftp
<jerto> I'm going to check my ftp parameters
<RoyK> then it's the umask in the ftp server
<RoyK> and btw, don't use FTP
<RoyK> just don't
<mybalzitch> sftp ftws
<mybalzitch> -s
<RoyK> use sftp/scp/rsync/somethingoverssh - don't use ftp
<jerto> OK, I'll go for sftp then
<RoyK> nothing to install - it just works
<jerto> RoyK: Nothing to install for sftp ?
<RoyK> jerto: it's part of openssh
<jerto> OK Cool
<jerto> RoyK: OK FTP server removed, SFTP OK and CHMOD OK. Thanks for the help
<RoyK> :)
<thegoat> i have a text file with roughly 1.05 million lines in it.  is there a way in linux to tell me which line is the longest?
<Sling> thegoat: cat filename | awk '{print length, $0}'|sort -nr|head -1
<mybalzitch> Sling: nice.
<Sling> unless this file is so big that this might cause memory issues, then you will need to find some other solution that only reads it in line by line
<jelly> possibly, add the line number ($NR) into the print as well
<TJ-> thegoat: "wc --max-line-length /path/to/file"
<TJ-> thegoat: ahh, that only shows the length of the line, but which line
<thegoat> right, i need the actual string
<Sling> yea wc -L is just the length
<TJ-> thegoat: "awk 'length>LEN{LEN=length;LINE=NR;TEXT=$0}ENDFILE{print LINE, LEN, TEXT}' /path/to/file"
<DammitJim> has anyone set up hp's insight manager to monitor a ubuntu server?
<DammitJim> in Windows I know one just sets up the SNMP community string, but everywhere I read, it says to install an hp agent on Linux?
<thegoat> TJ-: thanks...that last command did the trick
<kpettit> anybody know of a simple way to block countries?  I'm getting plagued with hack attempts through HTTP, SSH, SIP, etc.  It's becoming a huge time burder and I'd rather just blacklist countries known to cause me problems.  But can't find a easy way to do it
<patdk-wk> xtables geoip block
<patdk-wk> it takes some work to setup though
<kpettit> never even heard of it.
<kpettit> is it easy to duplicate effort on multiple servers?  I've got like 20 I have to take care of
<patdk-wk> the issue is compiling the geoip tables into kernel modules to be used
<patdk-wk> it's very picky about how that is done
<kpettit> web servers are ubuntu, phone servers are centos
<patdk-wk> once you do that, it's simple
<kpettit> bummer, so it's not a apt-get sort of install?
<patdk-wk> it is
<patdk-wk> for the kernel module
<patdk-wk> but the geoip tables are licensed
<patdk-wk> use the licensed tables, pay for the tables, use the public tables, make your own
<patdk-wk> doesn't matter, but have to compile them into a usable format to be used
<kpettit> I'd pay for easy.  Right now i just need to lower the admin hours I spend on blocking attackers
<RoyK> kpettit: ansible, perhaps? or puppet? or chef? or cfengine?
<kpettit> I use ansible.  So if I can get something I can duplicate that would be wonderful.  It's just madining how crazy agressive these guys get.
<kpettit> I have one server that had 1million SSH login attemtps in 1 month.  Freaking crazy
<RoyK> ssh throttling in iptables should be easy - or fail2ban, perhaps
<kpettit> I require SSH keys, use fail2ban, etc
<RoyK> fail2ban should be usable for most services given a little config
<RoyK> ok
<kpettit> password auth is turned off, etc
<RoyK> wise
<kpettit> that doesn't help me for web or sip though
<RoyK> sip what? asterisk?
<kpettit> yeah.  I do alot of phone systems.
<RoyK> fail2ban just reads logs - it can be used for anything, really
<kpettit> On the ones I can I have a whitelist, but some I can't get away with that.
<kpettit> fail2ban works great with SIP
<kpettit> but it's still alot of volume and I'd rather just have a iptbales rule that blocks places that don't need access on every system I have
<RoyK> I'd block everything and open where's needed and then have fail2ban to use iptables to block after attacks
<RoyK> there are configs for apache/nginx etc in fail2ban
<patdk-wk> I know some people that just setup a crapload of astrisk sip fail2ban rules a few weeks ago
<patdk-wk> I don't see why building the geoip tables is that hard
<patdk-wk> you only have to do it once a month
<patdk-wk> then push it out to all your servers using ansible
<patdk-wk> and it could be fully automated very easily
<RoyK> patdk-wk: perhaps overkill to block whole countries_
<RoyK> ?
<patdk-wk> that wasn't my option
<patdk-wk> that was his request
<patdk-wk> so just attempting to give him the only real answer to his question
<kpettit> patdk-wk: I'll look at it and give it at ry
<patdk-wk> if he asked the wrong question, well :)
<patdk-wk> but yes, there is no turnkey solution in any linux install, to do it
<kpettit> patdk-wk: I've just never tried it so was curious how hard it will be.  Anything that works from a central list like that is great I think.  and if I can script with ansible that's even better.  So thanks for the suggestion
<patdk-wk> it's not hard
<patdk-wk> just doing it the first time is alittle tricky, and causes most people to have an issue or two
<patdk-wk> but once that is solved, it's simple
<kpettit> Yeah I just mainly wanted to make sure I didn't re-invent the wheel and script something that's easier done another way
<RoyK> looks like the standard asterisk rules in debian8 (which is what I'm running now) handles SIP
<RoyK> patdk-wk: do you have that truckload of asterisk fail2ban rules?
<patdk-wk> I don't
<patdk-wk> could probably get it
<patdk-wk> not sure if it's company property or not
<RoyK> ask if (s)he could share it - guess a lot of people would like that
<RoyK> I have made sure that my emplyer knows that everything I write is GPLed :P
<kpettit> fail2ban is great, but alot of the defaults don't work.
<kpettit> but if you hunt and peck and test them out it does great.
<RoyK> kpettit: shouldn't be so hard to fix - it's just regex
<RoyK> kpettit: and please post fixes when you make them :)
<kpettit> yeah it's just hunting them down and testing.  I'm awful with regex so usually end up doing the google and trial/error
<RoyK> kpettit: we all started that way
<kpettit> haha, I just old and have always had a hard time learning it
<RoyK> :)
#ubuntu-server 2015-08-07
<anthonym>  Alrighty, I have a question.  I have a company with two locations.  I'm trying to figure out the best way to have all my worker computers connect to a ubuntu server for terminal services.  I've looked at LTSP, but it seems as though over WAN it will be dreadfully slow and hog a lot of bandwidth.  I've looked at xrdp but it seems extremely clunky.  I've looked at NoMachine (FreeNX) but
<anthonym> it seems out of date.  I've looked at x2go but it doesn't look too nice.   I just want to turn a ubuntu/linux server into a terminal services server (like a windows terminal services server), where clients can login (via rdp or whatever) and get their own session.
<anthonym> and I don't want to use a windows terminal services server due to cost and licencing.
<tarpman> anthonym: what didn't you like about x2go?
<tarpman> anthonym: my (former) $dayjob uses freenx server with the x2go libs underneath, and nomachine's client (nxplayer aka enterprise client) since it has a slick gui. took a bit of doing to get it to work, though, including a few SRUs
<sarnold> what does something like that offer that ssh -X doesn't do?
<tarpman> sarnold: NX does some neat compression (of the X protocol) to get much efficiency (mainly in terms of round-trips AIUI), so actually usable over WAN
<sarnold> tarpman: oh, that does sound nice :)
<tarpman> sarnold: it also implements an X server, so you get a whole desktop + session rather than a particular program (yes, I know you can forward gnome-session, IME it isn't so much fun)
<tarpman> the bad news is the X server it implements is from 2004
<tarpman> but the x2go guys are doing excellent work on fixing that, biggest of hugs to them
<sarnold> tarpman: oh .. so you'd have to have a window manager and all that jazz?
<tarpman> yes
<sarnold> well, I guess if you really wanted the gui to run somewhere else, that might be worth the tradeoff
<sarnold> thanks tarpman :)
<tarpman> :)
<neonixcoder> Good day sarnold
<neonixcoder> sarnold: I have a quick question for you.
<neonixcoder> I am upgrading 10.04 to 12.04 by using do-release-upgrade command..
<neonixcoder> Some how middle of upgrade my system is rebooting with out any conformation..
<neonixcoder> and after that it will not boot at all
<neonixcoder> any suggestions?
<neonixcoder> I dont see any logs in /var/log/dist-upgrade, /var/log/syslog, /var/log/messages..
<lordievader> Good morning.
<moss> hello, can anyone point me to a guide on installing/configuring Corosync2+Pacemaker on Ubuntu 14.04-LTS? I've looked but can't find any reliable documentation.  Thanks in advance.
<jvwjgames> Hi
<jvwjgames> I am having problems with my server
<jvwjgames> For some reason I can't access the internet
<ogra_> that at least makes your server very very safe against attacks from there :)
<jvwjgames> Yup
<jvwjgames> My server has a static IP set but for some reason the interfaces are trying to get a dhcp lease
<jvwjgames> So it is cause dhcp to timeout
<jvwjgames> So basically my static is getting ignored and dhcp is running to try and obtain an IP from no where
<_ruben> kill dhclient3
<qman__> If you already set the static config in /etc/network/interfaces, dhclient -r eth0; ifdown eth0; ifup eth0
<_ruben> then again, a running dhcp client shouldn't interfere, if there's no dhcp server that is
<jvwjgames> Pingdom witch is a remote monitoring station for my server just received an icmp ping reply from my server and now reports it as online
<jvwjgames> Thanks
<rbasak> matsubara: would you mind seeing if you can finish off SRU verification for https://bugs.launchpad.net/ubuntu/trusty/+source/squid3/+bug/1336742 for me please? The reporter cannot reproduce, but Oleg had posted a test case that reproduced for him.
<ubottu> Launchpad bug 1336742 in squid3 (Ubuntu Trusty) "Caching responses with "Vary" header" [Medium,Fix committed]
<matsubara> rbasak, don't mind at all. I'll take a look.
<rbasak> Thanks!
<matsubara> np
<ginkobin> Hey I have a question. I'm trying to teach a friend how to setup Ubuntu as a server for the first time
<ginkobin> hey said he needs to make sure it is updog compatible, does anyone know if updog is supported?
<Pici> ginkobin: you should ask him what updog is.
<spicypixel> I heard it's been depreciated since it's now using systemd
<ginkobin> All he said is that it was a legacy driver
<fixxxermet> Hey everyone.  I installed ubuntu via a usb drive, onto a sata disk.  Unfortunatly the usb drive messed up the hard disk ordering and I screwed up and installed grub to the USB drive (and Ubuntu to the hard disk drive).  Computer boots fine if I boot from the USB drive.
<ginkobin> I have no idea what for
<fixxxermet> Can I just install grub to the hard disk drive from the cli?
<jelly> fixxxermet: sure, something like "sudo grub-install /dev/sda" or wherever your disk is
<jelly> assuming grub-pc and not the EFI thing
<ginkobin> fixxxermet: you probably should be sure to use grub2 as well
<ginkobin> not legacy
<OerHeks> !grub2
<ubottu> GRUB2 is the default Ubuntu boot manager. Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - For more information and troubleshooting for GRUB2 please refer to https://help.ubuntu.com/community/Grub2
<RoyK> !grub1
<ubottu> grub 1 is the default boot manager for Ubuntu releases before 9.10 (Karmic). Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - GRUB how-tos: https://help.ubuntu.com/community/GrubHowto - See !grub for Karmic onwards
<RoyK> !lilo
<ubottu> lilo is an alternative [Li]nux Boot[Lo]ader. Note: it is recommended that you use GRUB on Ubuntu instead.
<RoyK> :)
 * jelly would be impressed if there was also an !extlinux
<DammitJim> what do you guys read daily to know if there is a critical update for which one needs to reboot the servers?
<RoyK> DammitJim: well, you can just login to the server to check
<DammitJim> I'm thinking as a systems administrator
<OerHeks> http://www.ubuntu.com/usn/
<DammitJim> OerHeks, that's what you read daily?
<RoyK> DammitJim: you could make a cron job checking for the existence of /var/run/reboot-required and post and email about it if it's there
<OerHeks> maybe there has been someone that puts those messages in a conkyrc. yes, i check a few pages daily.
<RoyK> or even autoreboot if it's there (if you dare)
<DammitJim> no, I can't auto-reboot
<RoyK> DammitJim: most won't do that :)
<OerHeks> RoyK +1 automatic updates
<DammitJim> what I probably really need to do is have the ability to apply critical updates w/o having to reboot
<DammitJim> I have automatic critical updates, but no automatic reboots
<RoyK> OerHeks: obviously, yes
<OerHeks> as of kernel 4.x you would not need to reboot anymore.
<DammitJim> i know!
<DammitJim> too bad, we are still on 3.X
<RoyK> OerHeks: erm... what did they do?
<DammitJim> still on 3.16.0-45
<RoyK> OerHeks: did ksplice get in?
<OerHeks> live kernel patching http://www.omgubuntu.co.uk/2015/04/linux-kernel-4-0-new-features
<OerHeks>  âHurr durr Iâm a sheepâ
<OerHeks> But that does not solve current issue, watching /var/run/reboot-required is the easiest way i guess
<enleeten> can't wait for that on my servers :)
<DammitJim> OerHeks, I know I need to reboot my servers (they've been waiting for days)
<DammitJim> but I don't consider those fixes critical for our environment
<DammitJim> I just need to come up with a system that tells me if I need to schedule a reboot or not
<DammitJim> a reboot in my environment is a pain in the butt
<RoyK> OerHeks: something like: if [ -f /var/run/reboot-required ]; then echo 'I (`hostname`) need a reboot, sir!' | mail -s 'reboot required' someone@somewhere'
<DammitJim> I would get that email every day :D
<RoyK> s/$/ ; fi/
<DammitJim> ok, so just going to the website should do http://www.ubuntu.com/usn/
<RoyK> DammitJim: then just touch a file like 'warning_sent' and remove it later
<DammitJim> thanks
<OerHeks> Still wonder how you would determin why you don't need to reboot, if that request is set.
<OerHeks> is there no timeframe where you have no users? like 2:am-5:am
<DammitJim> OerHeks, no
<DammitJim> and yes, I know... we need to create some kind of load balancing (that's not the right word)
<DammitJim> so that we can put a server offline and let another one pick up the work
<DammitJim> I mean... USN-2701-1... it sounds critical
<DammitJim> but at this time, I haven't considered it critical enough for me to have to reboot the server for it to take place
<DammitJim> I don't know... I'm still learning what is a good balance
<DammitJim> there have been kernel fixes almost every 4 days in the last 2 weeks
<blizzow> I have a machine I'm trying to install ubuntu cloud-installer openstack on.  It's a fresh 15.04 installation and I made sure to add the virtual machine host and openssh server roles during installation.  I am trying the single installer guide from here:  http://ubuntu-cloud-installer.readthedocs.org/en/latest/single-installer.guide.html
<blizzow> The install hangs after bootstrapping juju.
<blizzow> At the bottom of the installer screen, I see this:  "[INFO] -> Waiting for machines to start: 3 unknown (error: kvm container creation failed: exit status 1) ...
<blizzow> kvm-ok returns  INFO: /dev/kvm exists KVM accerleration can be used.
<blizzow> I made sure virtinst, qemu-kvm and uvtool-libvirt are installed.
<blizzow> Still no joy.
<blizzow> Anyone know how to get the ubuntu openstack installer running on 15.04?
<sarnold> blizzow: is there any more detailed information in any log files?
<blizzow> sarnold: I don't see any errors in the log that would point at something.
<blizzow> checked /home/ubuntu/.cloud-install/commands.log
<sarnold> blizzow: how about /var/log/libvirt/ ?
<blizzow> sarnold: I checked there and not a single log file exists in it.
<blizzow> just a couple .placeholder files.
<sarnold> hah :(
<blizzow> I also did an: lxc-console -n openstack-single-ubuntu and looked in /var/log/cloud-init.log and /var/log/cloud-init-output.log and don't see any errors.
<blizzow> I looks like juju is running on the lxc container.  but I've never used it, so I don't know what I should be expecting.
<sarnold> you may have more success in #juju; I don't know if they're familiar with that tool, but they will be better able to help debug juju there
<blizzow> I don't think it's a juju problem... I think it's an ubuntu cloud-installer problem.  I just found in the lxc container /var/log/libvirt/qemu/ubuntu-local-machine-1.log "libvirt: error : libvirtd quit during handshake: Input/output error.
#ubuntu-server 2015-08-08
<ahmadgbg> Hi, i have a very strange problem in my ubuntu server
<ahmadgbg> after testing some mysqldump codes
<ahmadgbg> mysql stopped working
<ahmadgbg> so i restarted the server and i got the following error: Serious errors were found while checking the disk for /
<mybalzitch> uhoh
<Voyage> Hi
<Voyage> How to know what disk space is left?
<mybalzitch> df -h
<Voyage> hm. its 14% userd. I wonder why I am getting this http://pastie.org/10336602
<mybalzitch> error number 12 is out of memory
<Voyage> hm
<Voyage> will adding swap space help?
<mybalzitch> how much physical memory does the machine have
<Voyage> 1g
<Voyage> ubuntu amazon ec2 server
<sarnold> man, amazon ec2 systems have such slow block storage, unless you've sprung for an ssd, that doubling the ram would probably make a bigger improvement than adding more swap
<sarnold> it's hard to tell from one error message if you're out of physical memory or if you've just gone beyond what linux will let you overcommit -- it's quite possible that adding swap wouldn't help at all, if the kernel's datastructures require too much memory
<_N1X_> ubuntu server failed to write bootloader in /dev/sda , HP z840 workstation with Integrated LSI SAS 2308 Controller
<Voyage> sarnold,  thanks
<Voyage> mybalzitch,  thanks
<Voyage> adding swap helped momentarily though
<skylite> im looking for effective and fast remote backup solutions for 1-2TB of data (small files) with easy restorability and non-duplicated storage. Any suggestions?
<skylite> I tried attic but it seems to be really slow with the amount of data I have
<OerHeks> compress or just tar those small files, one large file is faster, independent from what method you use
<skylite> a tar would be impossible to handle when restoring something
<skylite> OerHeks If i have my backups I want to be able to restore a small file from them in just seconds. Dont want to wait hours for a tar
<Stewi> My server is hanging at "minissdpd[<pid>]: received signal 15, good-bye" on shutdown. Has anyone seen this before?
<Stewi> I'll do some more in-depth debugging later, just wondering if anyone's seen this before and know what it is.
<Stewi> knows*
#ubuntu-server 2015-08-09
<atralheaven_> Â /msg NickServ VERIFY REGISTER atralheaven_ toslcuzgsacx
<atralheaven_> oh sorry
<Cinos> so I installed Ubuntu Server on a PC with two hard drives (I used gdisk to delete the old partitions from both hard drives). The installation apparently completed successfully, but when I try to boot, it just shows a flashing underscore/cursor on the left side of the screen
<mybalzitch> Cinos: you're proablby trying to boot from the wrong drive
<Cinos> turns out I somehow installed grub on the USB drive
<Cinos> when I plugged it back in, it worked fine
<Cinos> I'm working on fixing that now
<mybalzitch> Keetonic_: fix yer intertubes
<lordievader> Good morning.
<mybalzitch> hi
<YamakasY> why is ubuntu samba version build against heimdal ?
<Village> Hello Guys, I faced with problem: when i try run VLC at Ubuntu 14.04 - "vlc -I telnet --telnet-password admin" i got errors - http://pastebin.com/cQ3r6KT3 Please help me
<Sling> meh, seems like openvpn-server is quite outdated in the 14.04 repo's
<Sling> 2.3.2, released >2 years ago, and no features like tls-cipher-min
<Sling> tls-version-min*
<patdk-lap> sling, I dunno why you are complaining
<patdk-lap> ubuntu never said they will only use the newest software when release, and update all version of their os's with it
<Sling> patdk-lap: seems like one of those packages that should be kept at least a bit up to date :)
<patdk-lap> why?
<patdk-lap> that is totally against policy
<Sling> since people rely on it for security
<patdk-lap> policy says packages should NOT be updated
<patdk-lap> what does updated have to do with security?
<Sling> ..
<patdk-lap> now if there is a security issue, ok
<patdk-lap> but please name ONE security issue with the version in ubuntu
<Sling> well I can't specify a minimal tls version meaning I can't mitigate downgrade attacks on my connection
<Sling> also it seems that I can't specify ciphers that my openssl supports, but that might be some other issue
<patdk-lap> downgrade has nothing to do with min tls version
<Sling> why not?
<patdk-lap> https://launchpad.net/ubuntu/trusty/+source/openssl/+changelog
<patdk-lap> please locate the security issue that is missing from that list
<patdk-lap> or, if you have the CVe, just look for that
<patdk-lap> if you don't have a cve, then someone with openvpn should be creating one
<host127> anyone seen this > https://www.youtube.com/watch?v=AR6BR_ydi8U or this >https://www.youtube.com/watch?v=5LVFkw9Y4B0 if yes why they still don't done sudo -su?
<host127> the google operators are doing this?
<host127> if yes why android is the most popular? if ubuntu wants get back theirselves property why ubuntu operators won't attack to crash the most popular phones
<host127> why ubuntu dont attacks the most popular people phones using this method to all the world's phones to kill google forever?
<host127> i discovered that the ubuntu@host: $ is present now on android 4.4.2 so is ubuntu or fake ubuntu:
<host127> ?
<host127> why these cowards dont have sudo su?
<host127> much people to read nothing
<host127> it sounds like ubuntu are being paid by google zombies.
<host127> if yes, stay in silence and ignore me
<host127> if i have ubuntu@host:$ in my phone I WILL HAVE THE OBLIGATION TO BE ROOT OR IS NOT MY PHONE OR PC, why still they don't have sudo su?
<bekks> host127: because sudo su is nonsense, either use sudo -s or sudo -i
<host127> the english is correct, you are reading and you are ignoring, i downloaded these videos (because is capable that gogle will remove soon) and i will publish to all people around me to EXPLOIT YOUR IGNORANCE and enjoy the results
<host127> sudo requires a passwd
<bekks> The password of the user. As does sudo su.
<host127> third exploits is not possible with sudo
<host127> why google don't have passworded sudo still?
<bekks> Ask google.
<host127> google is using your property
<host127> YOU WILL ANSWER OR IGNORE
<host127> i preffer you aswer
<bekks> Correct. I will ignore you.
<host127> ok ASK GOOGLE TO IGNORE LIKE YOU. VERY INTERESTING
<host127> I am right when i say that ubuntu is a BIGGEST IGNORANCE
<host127> bekks: su in ubuntu is to get ride and fix repetitive sudo typiing
<host127> su is the stay on air of sudo.
<host127> sudo is the first key to enter su
<host127> when we have su enabled without sudo they destroy like this https://www.youtube.com/watch?v=5LVFkw9Y4B0
<host127> why ubuntu don't colaborate to do sudo for android (they are using your property son)
<host127> or ubuntu destroy all most popular phones using metasploit, or ubuntu is being paid by these shittes to do not do sudo
<host127> when linux will WAKE UP AND STOP THESE SHITTES FOREVER?
<patdk-lap> first, what does ubuntu have to do with any of this?
<patdk-lap> second, what does linux have anything to do with this?
<patdk-lap> linux is a kernel, it could care less about userland stuff, like sudo and libc
<host127> bekks: say to damned gogle shittes to EXPLOIT my ubuntu in my pendrive. if they can
<lordievader> Couldn't*
<JanC> also, whether or not sudo needs a password, and which one, is really up to how you configure it  :)
<host127> why they can in my phone?
<bekks> JanC: I have an opinion, please dont spoil it with facts ;)
<host127> patdk-lap: android haves libc in /system/lib and was compiled in gcc 4.7
<patdk-lap> facts are overrated
<patdk-lap> host127, so? this is #ubuntu, not #android
<patdk-lap> and what does libc have to do with linux?
<patdk-lap> or gcc
<host127> patdk-lap: android 4.4.2 is EQUAL OF UBUNTU and haves ubuntu@host: configured
<JanC> also, this is #ubuntu-server , not sure what that has to do with a phone
<host127> android is coming like ubuntu-server
<patdk-lap> did the ubuntu username get copyrighted?
<host127> ubuntu without sudo is a damage to the people
<patdk-lap> host127, 4.4.2 is really rather old though
<patdk-lap> still don't see what android ubuntu linux and sudo have to do with each other at all
<host127> padtk-lap: i know the uypdates and no much diffrences around 2.2 and latest
<host127> is like linux no much time for "updates"
<patdk-lap> heh?
<patdk-lap> every android device I own is running 5.1, lots of time for updates
<host127> patdk: android is being attacked via metasploit because still have not real sudo
<host127> patdk-lap: android is being attacked via metasploit because still have not real sudo
<patdk-lap> so?
<host127> patdk-lap: see this> https://www.youtube.com/watch?v=5LVFkw9Y4B0
<patdk-lap> take that to #android
<patdk-lap> why are you discussing it here?
<OerHeks>  !fud
<ubottu> Please do not fall prey to, or spread FUD (fear, uncertainty, and doubt) - it is not welcome here!  Please see http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
<patdk-lap> !offtopic
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<host127> patdk-lap: the motorola"s ceo (scutage from android chat irc) is a terrorist and ignorant
<patdk-lap> still offtopic
 * lordievader grabs popcorn
<OerHeks> host127, please keep this channel clear for server support, thanks. ( and we want popcorn too )
<host127> patdk-lap: sudo is ubuntu topic ok? patdk-lap: suppose that i purge sudo from my ubuntu, what will happen?
 * lordievader hands OerHeks popcorn
<lordievader> host127: sudo is a program that is available under ubuntu... If you purge it you wont be able to perform anything with root rights.
<lordievader> At least not through sudo :P
<host127> lordievader: correct, ubuntu servers will take control. say and prove the opposite
<lordievader> Take control of what?
<lordievader> Having sudo is a good thing. It means your root account doesn't need a password.
<host127> lordievader: of my pc because i will still have danger su
<host127> with venom su enabled, my ubuntu will be controlled by me and by the ubuntu servers
<host127> someday my ubuntu will die!
<lordievader> As if it would be different with sudo...
<lordievader> If it does it is through mismanagement by the administrator, likely you.
<host127> now compare the situation of any android without sudo
<host127> mismanagement by gogle interests?
<JanC> you don't need sudo or su at all, using them are your personal choice
<lordievader> Android is a completely different platform... This is not the channel for Android.
<host127> lordievader: please you did never have any rooted android like linux EQUAL IN EVERYTHING? the only problem i want to show is why UBUNTU OF GREENROBOT still have not sudo
<host127> lordievader: watch this please: https://www.youtube.com/watch?v=5LVFkw9Y4B0
<lordievader> host127: It is based on the Linux kernel, but that doesn't make it equal.
<lordievader> Every OS it vunerable at one point or another.
<host127> lordievader: dd hostname ifconfig su chmod busybox is what?
<host127> etc...
<host127> mount chown
<host127> what more?
<host127> want more?
<lordievader> host127: What are you talking about...?
<host127> ?
<host127> linux of greenrobot logo
<host127> LINUX
<JanC> (stock) android doesn't use busybox
<host127> JanC by god! you never knew what the greenrobot is capable?
<JanC> and other UNIX/BSD distros use a lot of those tools too
<JanC> maybe even iOS has them, dunno
<host127> JanC my problem is to explain why unix of greenrobot still don't have sudo
<host127> JanC the same google metaexploits all rooted android
<lordievader> Still don't? I guess Android simply chose not to have it.
<JanC> host127: you will have to ask Google really, and Google isn't here
<lordievader> Anyhow, Android is really offtopic here ;)
<OerHeks> Yeah, we are simply ubuntu robots
<host127> lordievader: allright i don"t want android i want debian but these pigs of motorola locked the power button to nevermore enter into setup to reinstall new rom
<lordievader> Beep, boop
<lordievader> host127: That is still offtopic, anything that doesn't have to do with Ubuntu server is offtopic.
<host127> lordivader: how to install linux in locked hardware? :O
<JanC> host127: bip bip bop meep meeep
<host127> JanC please go watch this: https://www.youtube.com/watch?v=5LVFkw9Y4B0 and say to all ubuntu"s world to begin strike the most popular phones ok?
<JanC> mip mip bleeeeeep
<host127> JanC :D is serious crash them all and get back all your furthered property ok?
<host127> furthed
<host127> quit
<JanC> \o/
<mybalzitch> what on earth was that about
<lordievader> Probably someone who discovered metasploit for the first time...
#ubuntu-server 2016-08-08
<WhoAmi00> hello ,
<WhoAmi00> How to redirect requests for a resource that are not on the server ? ,
<WhoAmi00> i have a website hosted on ubuntu 14.04 - apache 2.4 i want my website to accept only requests for files on the server and the others redirect them to another website , can that done ?!
<Xhuin> hey all
<Xhuin> can anyone recommend an irc server?
<gvandeweyer> hi, I'm trying to install linux kernel 4.7.0 on an ubuntu 14 LTS server. So far all attemts result into booting into busybox, with the message that the hard drive (/dev/dis/by-uuid/....) cannot be found. the xenial kernel (4.4) boots fine. Any idea what I'd be missing?
<gvandeweyer> It was a mainline deb that I installed. I'd like to try it to check if a bug is resoved (mentioned that it should in 4.7).
<gvandeweyer> the issue is present on both physical server (dell poweredge) and on kvm/qemu virtual machine.
<KpuCko> hello i'm trying to install ubuntu 14.04.5 LTS from USB pen drive to software raid & lvm, the problem is that on the 4 console (the log) im seeing errors like that: main-menu: operation not supported, and my installation fails
<KpuCko> the errors are seen after disk setup, root & swap partition and starting installing the system
<lordievader> Good morning.
<xperia> hi all. i have executed "apt-get dist-upgrade" and now after reboot i get the error message "init line 277 readlink not found" My server is not booting now! Can somebody tell me how to fix this problem so my ubuntu server start to boot again pleas?
<ikonia> xperia: what version of ubuntu
<ikonia> xperia: it also should give you a bit more info than that
<xperia> ikonia: last line is /bin/sh/ can't access tty job control turned off
<xperia> its 16.04.1 now
<xperia> it looks like filesystem is mounted in read only modus
<xperia> there is nothing else beside the cusor blinking
<RoyK> xperia: try to reboot into single user mode
<RoyK> xperia: once up with that, run an fsck on the root fs
<xperia> RoyK: i rebooted with usb and i chroted the rootfs partition. if i try to do apt-get update i get the error message that command can not be found even i have access to all of my rootfs
<xperia> i guess i need to mount usr too like it said to get access to my commands
<xperia> on my rootfs
<ikonia> apt-get update won't do anything
<ikonia> we need more info about what part of the boot process is failure
<ikonia> rather than little snippets
<ikonia> an fsck as RoyK suggested wouldn't hurt
<RoyK> xperia: umount your old root and run fsck on it - if it came up mounted ro, something is usually messed up
<RoyK> xperia: and hopefully that 'something' is just some hichup in your fs and not your drive
<RoyK> xperia: you may want to run a smartctl -H against the disk first
<xperia> well it looks like the installation and upgrade from the last lts version to the new one 16.04.01 was aborted in half.
<xperia> i chrooted now in my roofs and did again apt-get dist-upgrade
<xperia> and got the eeror message that packages need to be reconfigured
<xperia> doing it right now so installation can be completed
<xperia> RoyK: will do this fsck too but now too late. wil wait till upgrade is finished
<RoyK> xperia: you should never write to a filesystem with errors
<xperia> LOOKS like i am back. i see again root login screen
<RoyK> xperia: just for safety, run touch /forcefsck and reboot to give it a fsck
<mdeslaur> rbasak: hrm, bug 1610765 may be related to the new migration stuff...
<ubottu> bug 1610765 in mysql-5.7 (Ubuntu) "mysql server fails to start due to faulty apparmor profile" [Undecided,New] https://launchpad.net/bugs/1610765
<jonah> is it possible for two servers to share dns, so both have different websites on them but use the same two nameservers of the master server? so on the second server the domains just use the fist servers ns1 and ns2 and the sites are still routed through the first server from the second and load up properly?
<bekks> jonah: what are you trying to achieve? With a weird dns setup :)
<jonah> bekks: haha - well basically I have a server running and orignally wanted to add failover with an identical second server. I can't find a good solution for this though, so wondered if I can just run them in parallel. Both providing mail and different sites. I don't have any spare IPs so hoped the second server could somehow route through the first
<bekks> two server, serving the same sites, and a dns loadbalancer.
<bekks> And basically you dant do that with just one IP.
<tuor> Hi, I want to use a ubuntu-cloud image but not with a qcow2 format, I need it in the raw format.
<tuor> How can I convert it?
<jamespage> tuor, qemu-img can do that for you
<jamespage> ddellav, coreycb: as I managed not todo my ci tidy last week, did some catchup today
<jamespage> backported some new revs for client packages for heat; rebased some patches, misc other bits
<coreycb> jamespage, awesome, thanks :)
<jamespage> ddellav, coreycb: I suspect the need todo another oslo ++ run
<coreycb> jamespage, ok
<jamespage> keystone needs new oslo.db I think
<jamespage> thedac, hey - I should have something approximating vmware-nsx packages for newton as well
<jamespage> tap-as-a-service and networking-sfc packaged, but not uploaded just yet
<jamespage> ppa:james-page/yakkety
<jonah> bekks: well the dilemma is I've got a block of 8 ip on order which isn't ready for a month. so I wondered how to use both servers in the meantime...
<rbasak> mdeslaur: I think that happens because the user has a locally modified apparmor profile and so it doesn't get updated with the new paths.
<rbasak> I'm not sure what to do about that.
<mdeslaur> rbasak: oh! I see
<mdeslaur> rbasak: meh, he gets to keep both pieces
<tuor> jamespage, thx. worked well. :)
<coreycb> jamespage, do you have an opinion on bug 1607095 ?
<ubottu> bug 1607095 in Ubuntu Cloud Archive "ubuntu cloud archive repo includes python-setuptools package that breaks with trusty version of python-pip" [Undecided,New] https://launchpad.net/bugs/1607095
<jamespage> coreycb, hmm yeah I saw that one
<jamespage> coreycb, does that not break dfs?
<tuor> When my cloud-image VM boots up, I cant login. I have configured a user and a password in the user-data file.
<coreycb> jamespage, good question, I've not hit it
<coreycb> jamespage, oh.. we pip install setuptools for dfs
<tuor> I have run the image in a KVM VM.
<coreycb> jamespage, so no it doesn't affect it
<tuor> Hmms seems like, there is no user created in the VM.
<tuor> I have to check my yaml file.
<coreycb> jamespage, yeah we pip upgrade pip and setuptools from what the default virtualenv gives us prior to installing anything with pip
<jonah> bekks: is mod_proxy any good?
<coreycb> tuor, ubuntu cloud images require ssh key authentication by default. can you just generate a keypair and use it?
<bekks> jonah: Depends on what you want to do. Questions without any contexts are pointless, usually.
<coreycb> tuor, might be useful: https://help.ubuntu.com/lts/serverguide/cloud-images-and-uvtool.html
<tuor> coreycb, can't I login with tty?
<tuor> coreycb, thx.
<tuor> I'm using kvm and want to manage the VMs with libivrt. I can start the VM and I see it's screen, the only thing is, I can't login on it. With SSH, I need to know it's IP first...
<coreycb> tuor, uvt-kvm might be nice for that, I'm not sure that virsh has the capability to find the IP, but arp might work.
<tuor> coreycb, ok.
<coreycb> tuor, uvt-kvm has a --password option too, but of course it's not as secure as using keys
<tuor> To login with SSH I need a user to. The user didn't get created. I mounted the VMs partition and check /etc/passwd, but there is no user called "user" or "ubuntu" in it. No user with uid 1000
<coreycb> tuor, hmm not sure, there should be an ubuntu user by default
<tuor> coreycb, there wasn't. Maybe I have an error in my userdata file...
<tuor> At booting up, after systemd started the journal service, there is no output on the "screen" for minutes...
<dannf> jgrimm: do you know what version of libvirt will ship in yakkety? (2.1.0 is in sid, 1.3.4 is currently in y)
<jgrimm> dannf, equivalent with sid would be the goal
<dannf> jgrimm: cool - yeah, there's some arm stuff in 2.1.0 we're interested in - looking at whether or not to try a backport, will wait on that :)
<jayjo> I have a crontab that I wrote years go that uses 'env - PYTHONPATH= ...' . What does the '-' do in this command?
<Pici> jayjo: the manpage says that - implies -i
<Pici> i.e. ignore environment
<jayjo> ok got it - i'm going to switch it to -i to be more verbose
<coreycb> ddellav, jamespage: oslo.db uploaded and a few other fixes.  CI should be back to blue now.
<xperia> hi all. i am trying since hours to get fail2ban to run on a new ubuntu server but for some strange reason everytime i do "sudo service fail2ban start" it just start with the only one ssh jail and nothing else despite the fact that more jails exist in the conf file. what is the problem why is fail2ban not really working in ubuntu?
<patdk-wk> did you enable them?
<xperia> patdk-wk: OOHH looks like i need to enable them additional yes.
<xperia> one second
<MASM> Hello old my friends
<MASM> Some one want to help me with my problem of raid1
<MASM> error on md1 and md3
<MASM> http://paste.ubuntu.com/22741284/
<MASM> and this is an information about devices...
<MASM> fdisk -l                       http://paste.ubuntu.com/22741359/
<MASM> and information about md1 and md3 http://paste.ubuntu.com/22741501/
<MASM> i saw that one device is not sincronized, in mails that i get some time mentioned md1 and other mentioned md3
<MASM> http://askubuntu.com/questions/809823/error-raid1-not-unsynchronized-a-degradedarray-event-had-been-detected-on-md-d
<sarnold> MASM: there's an <hr> in one of the code blocks
<tomreyn> MASM: disk sda has been (or, more precisely, partitions sda1 and sda3 have been) removed off your two md RAIDs (md1, md3)
<tomreyn> your system log should hint on why this happend.
<tomreyn> if it happened while you did not change the configuration (MBR, grub, partitions) it is often caused by a broken disk (i.e. phyically damaged). check its S.M.A.R.T. attributes using smartmon-tools.
<tomreyn> smartctl -a /dev/sda
<MASM> sarnold: Thanks i re-edit it
<tomreyn> smartctl -t long /dev/sda
<tomreyn> smartctl -a long /dev/sda
<MASM> tomreyn:  and what i need to do with that?
<tomreyn> sorry the last line was wrong, should be just "smartctl -a /dev/sda" again
<tomreyn> *IF* your disk is physically defect (use smartmontools to get a better idea about it, and review your system logs at /car/log/syslog* ), you need to replace it.
<MASM> i got this message from `smartctl -t long /dev/sda` Please wait 118 minutes for test to complete.
<MASM> if i undestand the command line show information about disk  this : smartctl -a /dev/sda
<tomreyn> if it's broken: use hdparm to get the broken disks' serial number, power down the computer,  identify the physical location of the drive to be removed (using the serial number), remove it, place a new disk there instead (can be later).
<MASM> this is for testing? : smartctl -t long /dev/sda
<tomreyn> yes -t for testing
<MASM> and when the test finish i need to run this : smartctl -t long /dev/sda
<tomreyn> you should not start a self test until you have examined your system logs and the -a output
<MASM> sorry, this for check results?: smartctl -a /dev/sda
<tomreyn> yes, state, and test results, and how much longer for the test to run
<tomreyn> any I/O on any disk makes the disk deteriorate. this is especially true for a disk which is already half broken.
<tomreyn> look for a websiote which explains how to interpret the output of smartctl -a /dev/sda
<MASM> i need to wait 116 minutes,  xD
<tomreyn> only a few of these values actually matter, and their meaning can vary between models and vendors.
<tomreyn> that's enough time to do what you should have done in the first place - review the -a output, interpret it, and moreover, review your system logs.
<tomreyn> good luck, i'm off to bed
<MASM> good bye men thanks for you help
#ubuntu-server 2016-08-09
<Xin> MASM; im a woman
<RoyK> Xin: most people in here are men, so please excuse MASM
<sarnold> _especially_ the women
<sarnold> usual irc rules
<trippeh_> the old non-snappy ubuntu core is now ubuntu base?
<mmehra> Hi.. I am trying to install Ubuntu server using USB and preseed files. I am facing issue where USB is mounted as /dev/sda1 on one server and /dev/sdb1 on another. Is there a way where we can instruct Ubuntu to always mount USB as /dev/sdb during installation?
<lordievader> Good morning.
<cpaelzer> since nobody replied, late but good morning to you as well lordievader :-)
<tuor> Good Morning. :)
<cpaelzer> now they come :-)
<lordievader> cpaelzer: Thanks :D
<lordievader> How are you doing?
<cpaelzer> lordievader: great as always (to shy to admit to be stressed) :-)
<cpaelzer> but vacation is incoming, so it is the usual run-to-completion mode
<lordievader> Nice
<jak2000> my eth0 not turned on at bootup, always, always, i typed: sudo ifdown eth0 and then sudo ifup eth0   and then can we working fine, how to fix it?
<ogra_> do you have "auto eth0" in your /etc/network/interfaces file ?
<lordievader> jak2000: Could you pastebin what is in the interfaces file and the output of 'ip l'?
<jak2000> ok
<ronator> I upgraded (testing) from 14.04.5 to 16.04.1 - expecting trouble with network interface. None occured. Am I right to say, that systemd uses some "drop-in" action to enable "networking" as a systemd process? I mean I have systemd now but still eth0 and so on.
<ronator> systemctl status networking
<ronator> â networking.service - Raise network interfaces
<ronator> Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
<ronator> Drop-In: /run/systemd/generator/networking.service.d
<ronator>            ââ50-insserv.conf-$network.conf
<ronator> so I do not need to switch to systemd-networking or what is that?
<lordievader> ronator: No, the normal networking service works as it allways did. Concerning the eth0, I think you still have udev rules to that effect.
<ronator> okay, because when I freshly installed an ubuntu 16.04 I ahd these new systemd network interface names - so there seems to be a different with system-networkign when upgrading compared to new install ...#
<lordievader> A new install doesn't have existing udev rules ;)
<ronator> /etc/udev/rules.d/ has two files onubuntu 16.04.1 after upgrade - I do not see anything related to local network interfaces. could someone help me out with a path to look for?
<lordievader> ronator: Please paste the contents of those files along with the output of 'ip l'.
<ronator>  /etc/udev/rules.d/80-net-setup-link.rules - only comments...
<ronator> # This machine is most likely a virtualized guest, where the old persistent
<ronator> # network interface mechanism (75-persistent-net-generator.rules) did not work.
<ronator> # This file disables /lib/udev/rules.d/80-net-setup-link.rules to avoid
<ronator> # changing network interface names on upgrade. Please read
<ronator> # /usr/share/doc/udev/README.Debian.gz about how to migrate to the currently
<ronator> # supported mechanism.
<ronator> yes, it is a vm
<lordievader> !paste | ronator
<ubottu> ronator: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<ronator> oupsy
<ronator> there you go: http://paste.ubuntu.com/22797468/
<lordievader> There is no 70-net-persistent.rule file in there?
<ronator> nope only these two in rules.d
<ronator> I could search the disk for it ..
<lordievader> No, I guess it is set in some other way...
<lordievader> Not sure.
<ronator> well okay, but does this : http://paste.ubuntu.com/22797697/
<ronator> mean that systemd is used as a drop-in replacement for old networking init style?
<lordievader> Well it is not systemd's networkind, think it is a compatibility wrapper.
<ronator> yeah, that's why I am asking in #ubuntu-server not in #systemd ;-)
<ronator> I only see this drop-in line with networking.service - but thanks or your time, I will see if I can find out more
<ronator> before the release-up I can see rules in this path: /lib/udev/rules.d/
<Pinkamena_D> Any kind of PAM plugin available to send SOAP/POST/GET requests to a web API to autneiticate?
<tuor> Hi, I have a ubuntu-cloud image running. when it starts up (the first time at least), it prints this error message: "Failed to start Execute cloud user/final scripts"
<tuor> I can't login on the VM because the user ubuntu does not exist. I have this in my cloud-init: users: default
<ronator> @lordievader: <ronator> all is working fine, just trying to understand the difference
<ronator> @lordievader: <dreisner> ronator: yes, it was a decision in the ubuntu camp not to force old installs onto the new namin
<ronator> thats's what the systemd gyus say ...
<macskay_> hi guys, got a question regarding logrotate. I've setup a logrotate cronjob for a user called zimbra some time back, however since a change of infrastructure zimbra is not longer available and the user and group have been deleted. however logrotate still tries to execute the cronjob leading to cron errors. I've double-checked with "cat /var/lib/logrotate/status  | grep 'zimbra'" and it confirms my initial thought,
<macskay_>  since three jobs are still in there. How can I disable these three jobs, so the error in my logs disappear?
<macskay_> oh would I just delete the zimbra file within "/etc/logrotate.d/"?
<MASM> macskay_: you mean that a crontrab job??, in ubuntu edit this file, nano /etc/crontab
<Pici> you'd need sudo for that
<yancho> hi. https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-openldap-and-phpldapadmin-on-an-ubuntu-14-04-server <- i'm following this tutorial but am a bit lost on the apache virtual host section. I'm getting this error. any tips pls? http://hastebin.com/ihogutaceg.rb  - http://paste.ubuntu.com/22825074/
<coreycb> beisner, qemu 1:2.3+dfsg-5ubuntu9.4~cloud1 is ready to promote to liberty-proposed when you have a chance
<cncr04s> alias doesnt go in your virtual host conf
<coreycb> beisner, one more for you, python-keystonemiddleware 4.4.1-0ubuntu1 is ready to promote to mitaka-updates
<jaredbiel> Is anyone else experiencing issues with Ubuntu's APT servers in AWS us-east-1?
<jaredbiel> Connecting to us-east-1.ec2.archive.ubuntu.com (us-east-1.ec2.archive.ubuntu.com)|54.166.227.222|:80...
<sarnold> jaredbiel: it loaded immediately for me, i'm outside aws network space though
<jaredbiel> thanks @sarnold; try this a few times: wget http://us-east-1.ec2.archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/Packages.bz2
<jaredbiel> it will timeout most of the time (tested on external network too)
<sarnold> jaredbiel: well now that's -interesting-
<jaredbiel> just had 20 successful downloads though; maybe something's getting fixed/fixing itself?
<jaredbiel> @sarnold one of the IPs is 54.166.227.222; that one doesn't respond at all
<sarnold> oy that's a lot of ips
<jaredbiel> haha, yes
<sarnold> jaredbiel: thanks :) it's now being investigated
<jaredbiel> @sarnold - thank you :) I've worked around it with a static hosts entry for the moment
#ubuntu-server 2016-08-10
<cpaelzer> good morning
<jcputter> hi, i have a question regarding package version in LTS releases of ubuntu.
<jcputter> i need to install a specific version of openjdk-7-jdk that i need to install, if i browse the repo i find the package however doing apt-cache policy the package is not available
<jcputter> also when trying to install that version apt complains that it cannot find that package
<jcputter> any help
<cpaelzer> jcputter: apt-get policy will get you what currently is most recent and should be used
<cpaelzer> jcputter: how did you try to install the old version
<cpaelzer> jcputter: as long as it is in the archive you should be able to try with apt-get install package=version
<cpaelzer> note that you might have to take care of dependency resoltion on your own in that case
<cpaelzer> you can list mulitple packages with their versions in the install commandline to do so
<cpaelzer> jcputter: on trusty e.g. you should still have those three in archive http://paste.ubuntu.com/22891459/
<ronator> hi. what would be the best way on ubuntu to switch to systemd-networking after upgrading from ubuntu 14 to 16.04.1? I heard the ubuntu camp decided not to force old installations to switch to new interface naming scheme. I would like to switch and I am looking for a reliable howto.
<jcputter> i've tried installing the package with apt-get install package=version however apt complains it cannot find the package however i do see it in the repo
<cpaelzer> jcputter: which release are you on?
<cpaelzer> jcputter: and what version are you trying to install?
<jcputter> 12.04
<cpaelzer> jcputter: and what jdk are you trying to install?
<jcputter> openjdk-7-jdk-u79-2.5.5
<cpaelzer> jcputter: so you want this https://launchpad.net/ubuntu/+source/openjdk-7/7u79-2.5.5-0ubuntu0.12.04.1
<cpaelzer> that is no more published - as you usually only have the last one in release/updates/security
<cpaelzer> see at the top of https://launchpad.net/ubuntu/precise/+source/openjdk-7
<cpaelzer> jcputter: you can rebuild it from the dsc listed at the first link if you need "just this"
<cpaelzer> I don't know if there is a "somewhere" to get the old formerly publsihed package (there might be but I don't know)
<cpaelzer> you find a verson closer than what you want in debian oldstable 7u79-2.5.5-1~deb7u1 - but in general installing forced versionsn and very old things is the start to break your system either by dependenceis or security risks IMHO
<cpaelzer> smoser: philroche: please take a look at https://code.launchpad.net/~paelzer/cloud-init/fix-mcollect-for-checkers/+merge/302516
<jamespage> cpaelzer, hey - depending on the feedback we get from the ovs team today, I'd quite like to upload a snapshot of ovs to yakkety
<jamespage> cpaelzer, my thinking being we can add skip list for know test failures based on arch for the unit test rechecks
<jamespage> coreycb, ddellav: fixed that xenial keystone/newton failure - we needed to bump freezegun
<ronator> what would be the best way on ubuntu to switch to systemd-networking after upgrading from ubuntu 14 to 16.04.1?
<ktt9> Hello. I have a problem with preseeding ubuntu-server installation. I use repacked installation .iso, but I don't modify squashfs image, instead I choose to store my preseed.cfg on separate image. So the problem is that preseed/early_command in kernel cmdline seem to work AFTER preseed/file since 16.04 server, and not BEFORE, as in earlier versions of Ubuntu. And I use early_command to mount separate medium with preseed.cfg.
<ktt9> Am I right about order of preseed/-operations? And if I am, what are my options now?
<bekks> preseed/early_command is run right before the partitioning.
<ktt9> Hmm... I tried to pass preseed/early_command without passing preseed/file and it worked, but of course installation proceeded in manual mode.
<bekks> what does your preseed/file do actually?
<ktt9> preseed/file specifies path to preseed.cfg. And it does all the things. Package installation, language, timezone, keyboard layout. Install is fully automated.
<bekks> So you could use the preseed/early_command in your preseed/file, right?
<ktt9> No, I can't. preseed.cfg is on separate medium, and I used early_command passed to kernel to mount that medium.
<bekks> ah, I see. ok, maybe you could use another method of deploying it then, like not requiring a mount, but serving it using http, e.g.?
<bekks> Thats what I do for my preseed/kickstart install, I'm serving all files required using http.
<ktt9> That may be an option. I now trying to tell the kernel to mount all media somehow, or to bypass init without repacking squashfs image. Repacking is also an option, btw.
<ktt9> Thanks.
<coreycb> jamespage, qemu 1:2.3+dfsg-5ubuntu9.4~cloud1 is ready to promote to liberty-proposed please
<coreycb> ddellav, are you working on os-vif?
<ddellav> coreycb yes
<coreycb> ddellav, great, thanks.  jamespage should be able to upload that to debian for you when it's done.
<smoser> cpaelzer, bzr is dead
<cpaelzer> smoser: just found that
<cpaelzer> smoser: alsready dropped the MP after testing the git
<smoser> cpaelzer, i'm going to push a "delete everything commit"
<smoser> with a README that says moved to git.
<cpaelzer> will surely help to avoid accidents
<smoser> sorry for the noise, cpaelzer
<cpaelzer> smoser: I didn#t know you have opened up the git already til the mail
<smoser> i just sent an email to ubuntu-server and cloud-init mailing list that says 0.7.7 is released.
<cpaelzer> smoser: I'll move over my bzr branch for the apt things then
<cpaelzer> smoser: yeah that is the mail that got me going with the MP delete
<ikonia> brz is dead ?
<ikonia> so has launchpad stopped using it ?
<smoser> no, ikonia i meant only in the context of cloud-init
<smoser> bzr is still alive and fully supported on launchpad, but we've moved cloud-init over to git.
<ikonia> ah
<Xin> hey all
<Xin> I want to do some thinclient style stuff - but I want to do it more like citrix than vnc
<Braven> hello
<Xin> Essentially what I was thinking was to use many x11 sessions with a predefined resolution for each virtualized app instance
<Xin> and then I remotely connect to all the x11's from a remote x11
<Xin> but I have no idea if that's right
<Xin> or if there's an easier way
<Xin> lol
<Braven> Has anyone been answering?
<Braven> hello
<MASM> some one want to help me with my problem of RAID 1 (mirror) http://askubuntu.com/questions/809823/error-raid1-not-unsynchronized-a-degradedarray-event-had-been-detected-on-md-d
<MASM> Some one want to help me with my problem of RAID 1 (mirror) http://askubuntu.com/questions/809823/error-raid1-not-unsynchronized-a-degradedarray-event-had-been-detected-on-md-d
<ivoks> MASM: are md1 and md3 mounted?
<MASM> I don't know, i think md1 is mounted
<MASM> sorry for last a lot, I was looking for information
<MASM> ivoks: I think md1 is mounted, http://paste.ubuntu.com/22922653/
<ivoks> MASM: so, in your comment you say you installed on sda
<ivoks> MASM: but mount shows that your / is on md1
<ivoks> MASM: and i can assume that md3 is a PV used by vg00 VG
<MASM> I think i'm in md1 that has /dev/sda
<MASM> and i installed all programs in it
<MASM> and raid are not sincronized
<MASM> and /dev/sda has some read failure
<MASM> that show in the test
<MASM> 20 % ~
<cpaelzer> jamespage: are coming to host the HO?
<cpaelzer> jamespage: since I joined first it passed all the "authoenticate others" to me
<ivoks> MASM: output at http://askubuntu.com/questions/809823/error-raid1-not-unsynchronized-a-degradedarray-event-had-been-detected-on-md-d shows that sda is not part of raids
<ivoks> md1 : active raid1 sdb1[1]
<ivoks> md3 : active raid1 sdb3[0]
<ivoks> no sda there
<MASM> it means
<MASM> that i'm in sdb?
<ivoks> it means you are in md1
<ivoks> and md1 currently only has sdb1 in it
<ivoks> you have two raids; md1 (sdb1 and something that's missing) and md3 (sdb3 and something that's missing)
<MASM> And what i need to do?
<MASM> renplace sda ? and config raid software?
<MASM> mdadm?
<ivoks> MASM: judging by your smart tests, your sda might die at some point
<ivoks> MASM: you can still add it back to raids, but expect to be buying a new disk at some point
<ivoks> MASM: mdadm --manage /dev/md1 --add /dev/sda1
<ivoks> MASM: mdadm --manage /dev/md3 --add /dev/sda3
<ivoks> that will add those two partitions to those two raids
<ivoks> MASM: and then you can check /proc/mdstat to see progress of syncronization
<ivoks> note; whatever you have on sda1 and sda3 will be deleted
<ivoks> but judging by your /etc/mdadm/mdadm.conf, this is what your raids were like before sda got kicked out
<ivoks> (and it will get kicked out again)
<ivoks> so, start buying a new disk :)
<MASM> ivoks: i will not lost information with this commands?, what is the reference to copie information, what is the reference to copie information?
<ivoks> lost information?
<ivoks> you had raid1 (md1), made of sad1 and sdb1
<ivoks> those partitions (sda1 and sdb1) were identical
<ivoks> linux kicked sda1 out of md1 because the disk is dying
<ivoks> it did the same with md3 and sda3 (for the same reason)
<ivoks> you can re-add sda1 and sda3 to their raids, but if the disk is bad, it will get kicked out of the raid again
<MASM> ivoks: ok, thank, i will send a mail to server support to specify that sda is dying
<MASM> and when i they change the disk, the server automatic sincronized the disks?
<ivoks> no
<ivoks> because new disk will have no partitions
<MASM> ivoks: or i need to copy the partitions, and sincronize it?
<ivoks> you will have to create partitions
<ivoks> and then re-add those partitions in md1 and md3
<MASM> ivoks: Thanks for your help ivoks, I really appreciate your help
<ivoks> np
<MASM> ivoks: just one more question
<ivoks> MASM: keep in mind that support probably won't be able to do anything with 'replace sda' information. they will prefer serial number of the disk (see your smartctl output)
<ivoks> S1D9YP5D
<MASM> ivoks: for resuming, i'm in md3 that has sdb, that the server is using, sda is kickout, all my information is on sdb, right?
<ivoks> MASM: right
<MASM> ivoks:  and when they replace it i need to copie the partition, and sincronized it again adding the disk, but beffore i need to delete the sda and add the new disk?
<MASM> and RAID1 will mirror sdb to the new dev?
<ivoks> MASM: https://www.howtoforge.com/replacing_hard_disks_in_a_raid1_array#-adding-the-new-hard-disk (just notice that they replaced sdb)
<ivoks> so, don't just copy-paste
<ivoks> you would do:
<ivoks> sfdisk -d /dev/sdb | sfdisk /dev/sda
<ivoks> mdadm --manage /dev/md1 --add /dev/sda1
<ivoks> mdadm --manage /dev/md3 --add /dev/sda3
<ivoks> mkswap /dev/sda2
<ivoks> swapon -a
<ivoks> *after you replace sda with new disk*
<sarnold> ivoks: coool, thanks :) I haven't taken the time yet to learn how to feed, care for, and nurture my mdadm raid, hehe
<MASM> ivoks: Thanks a lot men, I really appreciate your help
<MASM> ivoks:  really !!
<ivoks> np guys :)
<rbasak> soren: would you mind handing over ~ubuntu-server-qa ownership and admin to ~ubuntu-server-dev please? We'd like to reuse this team.
<solarce> I am hoping to get in contact with someone who's involved in building and release the official GCE ubuntu images. we (travisci) base our build environment GCE images off the official Ubuntu ones, we do a packer + chef build process to customize it. it seems like the setting to disable ipv6 by default in the GCE VMs was lost in an update to the images, at least for Trusty. But I'm not sure where because
<solarce> we just went from a 2015 release toa 2016 release yesterday, we were based on ubuntu-1404-trusty-v20150909a before and now we're based on ubuntu-1404-trusty-v20160627
<solarce> rcj: Odd_Bloke: from what i can gather, you two may be some of the folks i'd want to talk to?
<xnox> gaughen, i think you want to talk to solarce ^
<xnox> "<solarce> I am hoping to get in contact with someone who's involved in building and release the official GCE ubuntu images. we (travisci) base our build environment GCE images off the official Ubuntu ones, we do a packer + chef build process to customize it. it seems like the setting to disable ipv6 by default in the GCE VMs was lost in an update to the images, at least for Trusty. But I'm not sure where because"
<xnox> "<solarce> we just went from a 2015 release toa 2016 release yesterday, we were based on ubuntu-1404-trusty-v20150909a before and now we're based on ubuntu-1404-trusty-v20160627"
<gaughen> solarce, that was changed due to support for lxd. Odd_Bloke here can probably do a better job giving details, and advising on a path fwd
<Odd_Bloke> solarce: Yeah, we were disabling it on GCE per their recommendations.
<Odd_Bloke> solarce: However, lxd uses link-local IPv6 to provide networking to containers.
<Odd_Bloke> solarce: So once we had a piece of software that was being broken by that default, we made the decision to back that particular modification out.
<Odd_Bloke> solarce: It sounds like you've worked out how to replace it for your specific use case though. :)
<dr4c4n> hey everyone, some help here, say you have a full ubuntu server setup installed as a hypervisor running kvm, which are the important files besides fstab and /etc/networking that you would move to an alternate installation?
<solarce> Odd_Bloke: we do have a fix we're rolling out
<solarce> Odd_Bloke: are the tools you use to build the GCE images available for me to look at?
<sarnold> dr4c4n: libvirt configurations, if you're using that to manage qemu/kvm..
<dr4c4n> sarnold: when I did the installation, I just ran default install, and added virtualization on the menu
<dr4c4n> it installed correctly, I think I added virt-manager to the management box which is external to the hypervisor server
<arooni> hey folks;  i'm running ubuntu 14.04 LTS server on a VPS.  i'd like to upgrade it to 16.04; any considerations i must make before doing so?  i'm running a few wordpress/woocommerce sites off it.
<sarnold> arooni: there's no php5 on 16.04 LTS, be sure your applications can cope
<arooni> ah ha.
<arooni> so no way to put php5 on it?
<solarce> arooni: if you can swing some downtime, stopping the VPS and making a snapshot before you upgrade is a good path
<OerHeks> arooni, vps-vendors tweak their images heavily, ask them for a fresh 16.04
<sarnold> I understand ondrej's got a ppa with it, but that's probably it
<arooni> hmm.... cool
<arooni> so you would NOT reccommend the upgrade?
<OerHeks> arooni, indeed. ask your vendor too
<sarnold> there's no rush, 14.04 LTS will be supported for a few more years, and maybe you deploy the new one when apps are prepared to handle it
<arooni> is there a compelling reason to be on 16.04 over 14.04?
<arooni> besides the longer window of support ?
<OerHeks> you can answer that yourself with these releasenotes https://wiki.ubuntu.com/XenialXerus/ReleaseNotes
<OerHeks> LXD 2.0/ libvirt 1.3.1 or perhaps php7.0/mysql5.7
<solarce> Odd_Bloke: thanks for the info
<beisner> coreycb, are you able to access https://bugs.launchpad.net/bugs/1611123 ?
<ubottu> Error: launchpad bug 1611123 not found
<beisner> ha!  that's why i ask.  it's the bug in the commit msg for qemu liberty, and our tooling refuses to promote it to proposed since it can't do bug foo.
<seeeb> Hi guys, I have a couple of scripts in /etc/init/ to start/stop something and I need that to start on boot. Currently is not doing it and there is nothing about them in /etc/init.d  what technique should I use to make them autostart? Thanks
<sarnold> seeeb: what release are you using?
<seeeb> 14
<sarnold> seeeb: /etc/init/ is for upstart configurations; /etc/init.d/ is for older sysv-init style initscripts. If you've got _scripts_, then it's probably best to put them into the /etc/init.d/ directory and use update-rc.d to create all the symlinks that are used for the sysv-compatibility mode
<sarnold> seeeb: if it's an upstart configuration instead, then you get to debug why it isn't working :) hehe
<seeeb> hehe
<seeeb> I think is upstart yeah, so they should already be starting up you think?
<sarnold> probably; can you pastebin the file? someone might be able to spot a problem
<seeeb> sarnold: they start (and even restart alone if killed)  but they don't do that on boot
<seeeb> ok let me do that..
<sarnold> what's the filename? I think the /etc/init/ directory requires files to be named with .conf at the end..
<seeeb> they are
<seeeb> Here is /etc/init/staging-app-admin.conf for example https://gist.github.com/sebastianconcept/abbe9d7720224ff17e47434a0888038b
<seeeb> sarnold: |
<sarnold> seeeb: hmm all seems fine; does this work as expected?
<sarnold> start on started mongodb and runlevel [2345]
<sarnold> seeeb: .. e.g. does mongodb start? :)
<seeeb> mongo starts alone by itself on boot
<seeeb> but the ones that are like this one does not
<sarnold> seeeb: hrm, I never made 'complicated' upstart configurations.. that surely looks normal enough though
<sarnold> seeeb: flailing around, I think maybe try removing the "and runlevel [2345]" bit
<seeeb> right, trying that
<sarnold> seeeb: ah, I forgot my #1 debugging step -- is there anything in the logs? /var/log/upstart/* or /var/log/syslog or ... ?
<seeeb> cool, will check but now need to wait the reboot heh
<jge_> Hey all, good afternoon. I'm trying to extend a VG using LVM but when I try creating a logical partition it says "No free sectors available"
<jge_> any ida?
<jge_> idea*
<jge_> :\
<seeeb> lots of logs sarnold! there is an exception about failing to connect to mongo, maybe it needs to start a bit delayed. Do you know if that's doable with upstart?
<sarnold> seeeb: I -think- the solution to that is along these lines: http://upstart.ubuntu.com/cookbook/#signals
<sarnold> seeeb: .. you'd have the mongo configuration emit something like mongo-started and have this one 'start on mongo-started'
<seeeb> giving it a try to that idea..
<arooni> is it a huge security hazard to be running passwordless sudo on my VPS server?
<sarnold> arooni: it does mean that your user account is equivalent to root
<sarnold> arooni: if you treat it that way, that's fine; if you don't show it the proper respect it could be Big Trouble
<teward> arooni: instinctively: yes, it's a huge security risk, for the reasons sarnold said
<teward> but if your VPS server can only be reached through a VNC / Serial Console perpetually, and you don't need SSH on it, then maybe.  That said, you run a lot of risks still either way
<solarce> arooni: only use key authentication for ssh is important, adding two-factor authentication to ssh is a good idea
<teward> ^ that
<solarce> i am a big fan of https://duo.com/docs/duounix
<solarce> use it protect anything that exposes ssh to the internet
<teward> ^ also that, I use Duo on all my servers' SSH, key auth or not
#ubuntu-server 2016-08-11
<sarek> I know there is a slim chance someone here will help me with this, but I might as well try. I used this guide to setup rutorrent/rtorrent on my server, but i cant seem to access it remotely. Its almost as if something is intentionally redirecting or stopping outside traffic, regardless of what ports i forward, ufw allow,  or nginx config i use
<sarek> http://www.torrent-invites.com/seedbox-tutorials/272986-ubuntu-12-14-16-debian-7-8-seedbox-guide-script.html Any help would be greatly appreciated. Thanks in advance
<linuxperia> Hi All. I have upgraded my Ubuntu Server to 16.04.01 and since then my Postfix Mailserver refuses to accecp email becouse of a non existent PHP7 extension see => "PHP Fatal error:  Uncaught Error: Call to undefined function mailparse_msg_create"
<linuxperia> i am trying since several hours to install this extension but nothing works on ubuntu even the extnesion exist. Have found other people having also the same problem! =>
<bekks> your postfix isnt even related at that point, your php7 is.
<linuxperia> yeah. the latest php 7 extension is missing => I need that one here => https://launchpad.net/~ondrej/+archive/ubuntu/php/+build/9666000
<linuxperia> the command "sudo pecl install mailparse" fails on ubuntu server with => "error: #error The mailparse extension requires the mbstring extension!" even the extension exist and works. other people with ubuntu have the same problem see here => http://stackoverflow.com/questions/35793216/installing-mailparse-php7-mbstring-error/36636332
<bekks> linuxperia: And whats not working on the answer in your link?
<linuxperia> bekks: i will have to recomplie it from sources and install it as a external package on my server. i rather would use the recommended way with pecl and the repositorys  this however is not availbe in ubuntu even it should. not sure why it is not possible to install php-mailparse on ubuntu server like other packages. really pitty!
<linuxperia> have to go see you all next time.
<bekks> He didnt even try...
<jamespage> cpaelzer, that's alot of bin new
<cpaelzer> jamespage: hi
<cpaelzer> jamespage: sorry but what do you mean with "bin new" - the explosion of packages due to the libraries being split now?
<jamespage> cpaelzer, yeah
<bekks> libraries split from what?
<jamespage> thats a bit of Debian-izn
<jamespage> bekks, libdpdk split out into component libs
<bekks> Hmm, and? :D
<cpaelzer> jamespage: that is the way I was guided to package that when  discussing that back in Austin with infinity and pitti
<jamespage> cpaelzer, its fine - just alot!
<cpaelzer> :-)
<cpaelzer> jamespage: if everything on auto-dependencies works correctly you might end up with OVS only depending on some of them
<jamespage> cpaelzer, Depends: dpdk, openvswitch-switch (= 2.6.0~git20160810.7f5f2bd-0ubuntu1~ubuntu16.10.1~ppa201608101524), libc6 (>= 2.14), libcap-ng0, libethdev4 (>= 16.07-1ubuntu1~dev1), librte-eal2 (>= 16.04), librte-mbuf2 (>= 16.04), librte-mempool2 (>= 16.07-1ubuntu1~dev1), librte-meter1 (>= 16.04), librte-pmd-ring2 (>= 16.04), librte-ring1 (>= 16.04), librte-vhost3 (>= 16.07-1ubuntu1~dev1), libssl1.0.0 (>= 1.0.0)
<cpaelzer> that is only 7 yeah
<cpaelzer> worked
<cpaelzer> jamespage: I think we should add a recommends to "dpdk" as well to get the runtime bits (like dpdk.conf)
<cpaelzer> to OVS I mean
<cpaelzer> jamespage: uh - there is one that is odd in your list  librte-mbuf2 (>= 16.04)
<cpaelzer> and there are actually more
<cpaelzer> they should all be 16.07-0ubuntu1 if you built against the latest ppa or the git repo I sent you
<cpaelzer> I see the dpdk dep is already in (the first one)
<jamespage> cpaelzer, that was built againt things a few days ago
<cpaelzer> jamespage: what do you think of the 16.04 deps in there - an artifact or an issue
<cpaelzer> ah ok
<cpaelzer> jamespage: on the real upload there will only be the new stuff around - so it will complain loud if it misses something
<jamespage> cpaelzer, going todo another rebuild against your latests and will upload later today
<yancho>  hi. isn't the /etc/hosts file to be read before the nameservers? i did 127.0.1.1 seminary.local and 127.0.0.1 localhost but nslookup 127.0.0.1 is going to the router and is giving me the translation to the localhost of the router
<ogra_> yancho, the prder is defined in /etc/host.conf
<ogra_> *order
<yancho> order hosts,bind <- ogra_ hosts is hosts file no?
<ogra_> yes
<yancho> http://paste.ubuntu.com/23014592/ my hosts
<yancho> ogra_: anything strange ur seeing there?
<ogra_> yancho, not sure you can actually assign the same IP twice (line 3)
<yancho> ogra_: even in the same line using space it didn't work
<ogra_> and line 2 will most likely break any avahi/bonjour setups on that machine
<yancho> y is that ogra_ ? line 2 and 3 i joined them
<yancho> http://paste.ubuntu.com/23015086/ this is how it is at the moment
<patdk-lap> ogra_, you can
<patdk-lap> this isn't a reverse lookup table
<ogra_> patdk-lap, ah, thanks
<patdk-lap> your assigning 127.0.1.1 to whatever
<yancho> so any bug ur seeing in my hosts patdk-lap ?
<patdk-lap> what is the question?
<patdk-lap> I don't see any issues, it is kindof impossible to have issues in /etc/hosts
<patdk-lap> I totally don't understand what nslookup has to do with anything
<yancho> patdk-lap: nslookup is not giving me the ip for 127.0.0.1 when I search for seminary.local (this is the openldap which resides on this server)
<yancho> 127.0.1.1*
<patdk-lap> well? did you put seminary.local in your dns server?
<patdk-lap> nslookup, read the manual, looks up dns entries
<patdk-lap> it doesn't EVER use the hosts file, as that is NOT dns
<maswan> "getent hosts" is what you want to test resolving
<maswan> not nslookup or host
 * patdk-lap just uses dig
<maswan> which also doesn't care about nsswitch.conf, just DNS
<patdk-lap> :)
<cpaelzer> isn't that the abbreviation ? - DNS - "Do" - "Not" - "Safely return the same"
<maswan> (dig is far more useful for debugging DNS servers though, but won't necessarily point you in the right direction for local resolving issues)
<dr4c4n> hi
<dr4c4n> does anyone have any experience with re-installing ubuntu server overtop of an existing (but older version) installation and knowing what to backup?
<dr4c4n> I mean, I have saved fstab and /etc/network/interfaces as well as the sshd config, and key files
<dr4c4n> and /home are installed to a 16 gb sd card, and everything else is mounted from separate disks.
<dr4c4n> can you re-install, and remount them, and it should be okay?
<Braven2> I have done it on oracle linux.
<dr4c4n> I'm wondering as it is a system for the place I work for
<dr4c4n> and am wondering if it's possible to do
<dr4c4n> as I have to minimize the time the system is down for, as there are developers counting on being able to access what I've recently configured in virtual machines on that system.
<cpaelzer> dr4c4n: you might want to restore "more or less" the packages you had
<cpaelzer> dr4c4n: https://kura.io/2010/07/02/using-dpkg-selections-to-backup-and-install-packages/
<cpaelzer> I did the opposite, a normal upgrade but then cleaning up massivle via http://askubuntu.com/questions/66988/how-do-i-clean-up-old-packages-and-apps-after-upgrading/771873#771873
<coreycb> jamespage, beisner: nova 2:12.0.4-0ubuntu1~cloud1 is ready to promote to liberty-updates when you get a chance please
<jamespage> cpaelzer, dpdk uploading now
<ddellav> beisner can you promote https://bugs.launchpad.net/ubuntu/+source/neutron-lbaas/+bug/1460228 to kilo-updates? verification is done.
<ubottu> Launchpad bug 1460228 in Ubuntu Cloud Archive kilo "neutron-lbaas-agent package does not provide neutron_lbaas.conf file" [Undecided,Fix committed]
<maxagaz> hi
<maxagaz> I just installed the last ubuntu server, I get a black screen at boot unless I remove the gfxmode line in the grub config
<maxagaz> why do I have such problem, and how is it better to fix it ?
<Walex> maxagaz: maybe you are using hardware that is not supported yet. You are engaging in the difficult task of system integration.
<maxagaz> Walex, it was installed on an old machine
<maxagaz> the server works fine though, it's not so important
<jayjo> what's the best way to test a cronjob?
<jayjo> to test if a cronjab is working (like using the cron user)? Should I just set it for * * * * * ?
<sarnold> if you can stand it running every minute when testing, sure, that's convenient enough
<jayjo> it doesn't appear to be working - but I don't have a dead.letter either. weird
<sarnold> fwiw I normally do something like > /var/log/whatever 2>&1   on cronjobs, I don't like the "mail" behaviour.. mail is hard and annoying to set up these days
<jayjo> if I run the script outright it runs, but if it's in the crontab (even * * * * * ) doesn't run
<jayjo> ownership the same, same group, executable
<jayjo> don't know how to diagnose this
<jayjo> no output, either
<jayjo> oddly
<jayjo> fixed it - my error
<sarnold> jayjo: was a PATH assumption? :)
<jayjo> sarnold: haha! yes it was!
<sarnold> sorry I missed your earlier bits, but at least now you're going to think of this first next time someone reports problems with a cron job :)
<sarnold> you've -earned- this one..
<rbasak> Odd_Bloke or rcj: could you take bug 1596265 please? Looks legit. I wonder if we can have dep8 tests against DKMS packages to catch failures before the kernel migrates from proposed?
<ubottu> bug 1596265 in open-vm-tools (Ubuntu) "open-vm-tools-dkms 2:10.0.7-3227872-2ubuntu2: open-vm-tools kernel module failed to build" [Undecided,Confirmed] https://launchpad.net/bugs/1596265
<jamespage> ddellav, coreycb: requested promotions to updates completed
<coreycb> jamespage, thanks!
<jamespage> np
#ubuntu-server 2016-08-12
<fermulator> hey all, I am familiar with ubuntu server. However for the first time, I have installed ubuntu serveer 16.04 64-bit. I am noticing that SSH terminal sessions to this server are preventing user scrollback in gnome-terminal. What's up with this? Is there a change to default terminal configurations which would cause this?
<fermulator> (neither the wheel mouse, PGUP/PGDOWN, CTRL+PGUP, etc. work ...)
<sarnold> fermulator: are you bychance using screen or tmux in the thing? those 'scroll' entirely in their own logical window
<fermulator> sarnold, good thought, but no. If I run screen, the typical CTRL+A functionality works.
<cryptodan_mobile> sounds like a client issue
<fermulator> local terminals, and SSH sessions to other servers work fine
<fermulator> oh weird ... it's working now, what the heck!
<cryptodan_mobile> lol ai
<fermulator> (I was AFK for a few hours, and its working, wow)
<cryptodan_mobile> slow connection maybe
<_shaun_> hi guys i get the error message ive run out of space when i try pip install, is my /usr/local taking up space and what can i free up?
<iliv> _shaun_, df -Th
<iliv> and see how much free disk space is left on your partition where /usr/local resides
<iliv> du -sh /usr/local to get an estimate of how muf disk space /usr/local currently takes up
<_shaun_> thanks iliv
<SlimG_> How do I send traffic (ping) from ubuntuserver1 through a running strongswan ipsec tunnel configured on the same machine? I don't understand how ipsec works without using the routing table
<mumuti> hi, I've problems getting mysqld running, issue seems to be that /var/run/mysqld does not exist...; I already purged all mysql packages and removed /etc/mysql manually and reinstalled; I've followed https://bugs.launchpad.net/ubuntu/+source/mysql-5.6/+bug/1435823 and http://askubuntu.com/questions/760724/16-04-upgrade-broke-mysql-server;  nothings helps; running "cat /var/log/syslog | grep -i mysql && cat /var/log/mysql/error.log
<ubottu> Launchpad bug 1435823 in mysql-5.6 (Ubuntu) "Disappearing /var/run/mysqld causes mysqld to fail after reboot" [High,Fix released]
<mumuti> [ERROR] Could not create unix socket lock file /var/run/mysqld/mysqld.sock.lock.
<mumuti> any hint?
<mumuti> some process seems to remove /var/log/mysqld and its not recreated
<iliv> SlimG_,  just ping IP address on the IPSec network. If your routes are missing add IP address of your IPSec ethernet interface as a source address in the ping command. You can configure your IPSec client to request routing from the IPSec node you're connecting to, and if it is also configured to do this, the routing happens automatically. If not, you need to set it up manually.
<SlimG_> iliv: I don't have a IPSec interface, it's apparently because I'm using policy based IPSec
<SlimG_> Can someone help me getting a host-part of a running policy based host<->net ipsec tunnel working? Here is a ascii-drawing with description of the challenge -> http://pastebin.com/vJdh5u2z
<patdk-lap> heh?
<patdk-lap> ipsec always uses the routing table
<patdk-lap> the problem is your config does not
<SlimG_> patdk-lap: How do I set strongswan to use the routing table?
<degorenko> coreycb: hey, is here any way to update some package and automatically update dependencies, if they are already satisfied to control file?
<coreycb> degorenko, so you do an apt upgrade and the new deps in d/control should be higher than they are, so they don't get upgraded?  is that what's happening?
<degorenko> coreycb: i need to update dependencies only for some package
<degorenko> i have package X-0, new version is X-1. Some dependencies have also new minor version, like Y-1.
<degorenko> old dependency version Y is satisfied by X-1, because main version is not changed
<coreycb> degorenko, ok so you want to upgrade the deps but not the core package itself.  I'm not sure of a way to do that other than manually upgrading the deps.
<degorenko> coreycb: i want to update some package with dependencies
<degorenko> upgrade will update all packages on node, not only for my package
<coreycb> degorenko, sorry I don't know if I'm following. are you looking to have different versions of oslo.utils, for example, on the same node?
<degorenko> coreycb: i have package X installed with 2.0.0-0 version, it depends on package Y >=1.0.0 version (Y 1.0.0-0 is installed). I add resposiroty where I have package X 2.0.0-1 (which still depends on Y >= 1.0.0) and Y 1.0.0-2.
<degorenko> how i can get Y 1.0.0-2 with new X package?
<coreycb> degorenko, that may require the d/control file to correctly specify that it needs >= 1.0.0-2
<degorenko> coreycb: so if there is just => 1.0.0 i should install new Y manually ?
<coreycb> degorenko, yes I think so.  if 1.0.0 is satisfied in d/control I don't think it will upgrade it.
<degorenko> coreycb: hm, sad, ok, thanks
<ciccio> ciao
<ciccio> !list
<ubottu> ciccio: No warez here! This is not a file sharing channel (or network); read the channel topic. If you're looking for information about me, type Â« /msg ubottu !bot Â». If you're looking for a channel, see Â« /msg ubottu !alis Â».
<ciccio> http://kodi.tv | http://kodi.wiki
<ciccio> http://kodi.wiki
<bekks> ciccio: Wrong network.
<rbasak> magicalChicken: https://wiki.debian.org/UpstreamGuide#SCons
<rbasak> rharper: https://bugs.launchpad.net/ubuntu/+source/iscsitarget/+bug/1612627
<ubottu> Launchpad bug 1612627 in iscsitarget (Ubuntu) "iscsitarget-dkms 1.4.20.3+svn499-0ubuntu2.1 fails to build on linux-generic-lts-xenial kernel " [Undecided,New]
<coreycb> beisner, keystone 2:9.0.2-0ubuntu2~cloud0 is ready to promote to mitaka-proposed when you get a chance
<OerHeks>  
<v1k0d3n> have a question re: bridging in ubuntu. does it typically take a long time for a bridged interface to come up? when i don't have a bridged interface defined (14.04) the server comes up quickly. when i do...always takes a while.
<v1k0d3n> is there a workaround for this by chance?
<v1k0d3n> i'm also trying to figure out if i'm troubleshooting something that doesn't really need troubleshooting :)
<beisner> hi coreycb, keystone promoted to mitaka-proposed re: bug 1578102
<ubottu> bug 1578102 in keystone (Ubuntu Xenial) "[SRU] Error: No such file or directory: '/etc/keystone/sso_callback_template.html'" [High,Fix committed] https://launchpad.net/bugs/1578102
<rbasak> stgraber: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1581310
<ubottu> Launchpad bug 1581310 in snapd (Ubuntu) "ubuntu-core doesn't allow sed -i (fchown syscall)" [Medium,Triaged]
#ubuntu-server 2016-08-13
<JediNix> Hello
<blackflow> Hello. I see systemd-timesyncd is running (16.04 server) but time is 2 seconds off
<blackflow> and Status says "idle". what does that mean?
<blackflow> http://termbin.com/vigb
<Seveas> how do you know time is 2 seconds off?
<blackflow> Seveas: because running "date" at two machines at once, once 100% synced, and this one
<blackflow> *one 100% (one machine),  this one (16.04 another machine)
<blackflow> sorry I don't know what's up with my engrish today. I mean I ran "date" on two different machines at once.
<SinaMaleki> hi , does conjure-up is stable for openstack installation ?
<Seveas> blackflow: maybe the other one is 2 seconds off :-)
<blackflow> Seveas: nope :) checked with yet another one
<blackflow> Seveas: my point is, that Status: Idle makes me think it's not syncing at all, despite "Running".
<blackflow> Seveas: because there's no usual log entries about peers etc
<blackflow> another ubuntu machine shows Status "Synchroized to time server .... "
<Seveas> blackflow: journalctl -x --identifier=systemd-timesyncd
<Seveas> msybe that can provide some clues
<blackflow> Timed out waiting for reply from <ip address> (ntp.ubuntu.com)
<blackflow> ONICE!
<blackflow> Seveas: thanks for pointers
<conrmahr> Can any one help me re-mount a disk after upgrading to 16.04?
<_KaszpiR_> hm running docker within lxc...
<_KaszpiR_> yo dawg i head u liek containers
#ubuntu-server 2016-08-14
<wolflarson> hello I seem to have some issues updating my ubuntu 16.04 home server
<wolflarson> I get 404 for every package I try to download
<wolflarson> they seem to try to pull down 16.04.1 packages and only 16.04.2 are in the repo?
<wolflarson> anyone have thoughts?
<wolflarson> http://pastebin.com/LfMj77T2
<tarpman> wolflarson: since 'apt update' isn't completing successfully, it
<tarpman> wolflarson: might not be updating your sources properly... I'd disable the ppa it's complaining about and try to get a clean 'apt update' run
<tarpman> wolflarson: any chance there is a cache or proxy in between you and us.archive.ubuntu.com right now that might return stale package lists? spot checking a couple of the packages from your paste, that server does seem to have the correct package lists and contents right now
<sinamaleki> Hi all .
<sinamaleki>  have 8 HP DL380 G9 servers with a cisco 2960X switch for deploying ubuntu openstack .  I had install the MAAS via this command " Code:  sudo apt install maas
<sinamaleki> and allthings goes fine . then I add images from images section and I change the private network in cluster to manage DHCP and DNS . the gateway of the private network is the MAAS IP . then I add sshkey to maas and i power on 7 servers . MAAS detected the hardware and networks . So i do a commision . after that in every node I add bond .  the bond modes are balance-alb which there isnt any requirements at switch .
<sinamaleki> each server have 1 bond that the interfaces are eth0 eth1 eth2 and these 3 physical nodes are the same VLAN in switch . and eth3 is the public network .  after that I use openstack-install command and allthing goes fine and landscape installed successfuly . after logging in to landscape I do an openstack install .  But some servers stucks at Bootstrap juju environment on .
<sinamaleki> I do openstack install from landscape severals and all times servers hangs on bootsrap juju environment . so there isnt server problem and hardware issues cause installing cloud will be stucks on servers randomly .
<sinamaleki> So I do a login to console of servers that hangs and all of them hangs at "DHCPRELEASe" that I put the screenshot here .  I will attach the logs here too . so if anyone can help me to solve this issue its will be perfect .  here is the logs that landscape generated : http://87.247.175.1/landscape-openst..._11_08Z.tar.gz  Thanks
<sinamaleki> anyone can help ?
<geeker> hey everyone
<geeker> I have a question about openstack, anyone here with knowledge about that >?
<geeker> hello repox
<friendlyguy> hi there! i am currently trying to figure out what the equivalents of this: libfontconfig, libSM, libICE, libXrender, libXext, libXinerama are on ubuntu
<guillaume____> hello, i have a permission problem, i'm sure it will seem easy but i can't figure it out
<guillaume____> user alloxrinfo and server www-data, added alloxrinfo to group www-data so that it can have write access on www-data created files except the www-data script i'm using is creating www-data:www-data files with 0644 so only the owner has write access
<temmi_hoo> umask is 022, try setting umask to 002
<guillaume____> on the whole directory you mean ?
<guillaume____> i just want new files in that folder to be 775, even when created by www-data to be 777
<temmi_hoo> umask sets the mode for new files and isn't really related to the folder mode
<temmi_hoo> also, unless you wish to execute the files, setting the x-bit makes little sense
<temmi_hoo> in the script there's a way to set umask depending on the language, you might need to set it for each time you open() a file for writing
<temmi_hoo> http://perldoc.perl.org/functions/umask.html
<temmi_hoo> https://en.wikipedia.org/wiki/Umask  <-- this article has discussion on the subject
<temmi_hoo> so anyway the umask might possibly be set in the running environment of the script, before the script is fired up (this depends highly on how the script is started but may be the easiest way as does not require script modification)
<temmi_hoo> http://stackoverflow.com/questions/34720794/create-directory-with-permission-in-node-js
<tomreyn> Hi
<tomreyn> I'm trying to pinpoint a networking issue on a newly setup 16.04.1 server
<tomreyn> http://paste.ubuntu.com/23055851/
<tomreyn> whenever i try to restart networking, ifup fails with "RTNETLINK answers: File exists"
<tomreyn> i assume this is not normally to be expected?
<tomreyn> xx and yy are manual redaction i made before posting iot to the pastebin.
<RoyK> tomreyn: there's a 'gateway' keyword for that
<RoyK> tomreyn: and the gateway you seem to specify looks more like a broadcast address
<tomreyn> RoyK: the configuration is special, but pretty much 'copied' from: http://docs.ovh.ca/en/guides-network-ipv6.html#synopsis
<tomreyn> (that's where the server is hosted)
<RoyK> someone should steal whatever they put in their tobacco
<tomreyn> :)
<wolflarson> tarpman: I removed all of the ppas and still have the issue. I do have a squid proxy on the network but I disabled that and still have the issue.
<teward> wolflarson: did you run `apt-get update` still?
<teward> with the PPAs and such disabled
<wolflarson> yes
<wolflarson> also cleared apt chache
<wolflarson> no effect
<conrmahr> Is anyone here to chat ZFS?
<dasjoe> conrmahr: we're in #zfsonlinux and #zfs and #openzfs and #illumos and so on
#ubuntu-server 2017-08-07
<ddellav> jak2020 sudo -i
<jak2020> done
<jak2020> ddellav thanks
<jak2020> ddellav why amazon not offer debian servers? or other distros?
<ddellav> jak2020 amazon will let you install almost any operating system provided you have a valid AMI. In their official library they only offer a handful of supported operating system, but you can look in the community aMI library and find almost anything
<jak2020> oo market place..
<jak2020> know about tunkey?
<jak2020> can i pm you?
<ddellav> you can but anything you ask might be helpful to others in this channel
<ddellav> yes, i know about turn key
<ddellav> be careful when choosing options from the marketplace, they often have costs associated
<jak2020> by sample: Kali linux:  $0.00/hr for software + AWS usage fees
<jak2020> no cost right?
<jak2020>  $0.004 to $3.33/hr for software + AWS usage fees     smartAmi Linux  this have cost
<jak2020> i talk about pm you because is general the conversation (not ubuntu)...
<ddellav> yes, if it says 0.00/hr then you're good
<ddellav> and if you use the AWS free tier, then it's 0 total
<jak2020> ddellav please talk about tier please
<ddellav> jak2020 for new AWS accounts you get 1 year of free tier access which grants you a bunch of stuff for free, you'll have to google for specifics
<ddellav> but you get like 1 micro instance for free for a year
<jak2020> ahh ok, other question give me only 8gb of storage?
<ddellav> i think it's 30gb of instance storage but like i said, you'll want to google for specific
<ddellav> i haven't been in the free tier for a long time
<jak2020> ok. thanks
<jak2020> is expensive after 1 year?
<ddellav> depends on what you pick :)
<ddellav> it could be $12 a month or $1239109210941904041 a month
<jak2020> mmmm depend of traffic?
<jak2020> or?
<ddellav> well that yes, but also depends on what kind of instances you pick
<ddellav> they have many and they all cost different amounts
<ddellav> as well as how drive space you use, everything is monetized
<jak2020> ok reading more specifications.
<jak2020> thanks for you advices and time
<ddellav> np
<jak2020> oo other dude:
<jak2020> for point my domain: www.mydomain.com to my ec2 instance? (need install a DNS) ?
<jak2020> and how to enable for my server ec2 answer ping
<jak2020> done the ping...
<jak2020> ddellav?
<cpaelzer> good morning
<lordievader> Good morning
<cpaelzer> hi lordievader
<lordievader> Hey cpaelzer, how are you doing?
<cpaelzer> lordievader: I can only tell you after I'm through all my mails and that seems to need a while today
<cpaelzer> so I feel "undefined" for now :-)
<lordievader> Check
<lordievader> Good luck
 * lordievader slides cpaelzer a cup of coffee
<cpaelzer> thanks, I hope you are fine too
<Aison> how can I disable MIR? I tried to do some X forwarding but I always get the message "Failed to connect to Mir: Failed to connect to server socket". But I don't want to use MIR
<rbasak> Aison: that doesn't sound like a server question, so it seems less likely that people in this channel will know. Try #ubuntu.
<Aison> rbasak, I connected from my desktop (gentoo) with ssh -X to my ubuntu server and started an x-application on my server. Then I get this error.
<rbasak> cpaelzer: welcome back!
<rbasak> cpaelzer: bug 1706818 might be one you're interested in
<ubottu> bug 1706818 in ntp (Ubuntu Xenial) "mismatched file locking since 1:4.2.8p4+dfsg-3ubuntu1 causes race leaving ntp dead on reboot" [Undecided,Triaged] https://launchpad.net/bugs/1706818
<cpaelzer> rbasak: I'm on that already
<cpaelzer> and good to see you again
<cpaelzer> rbasak: reading details to be sure
<cpaelzer> yeah synchronizing those locks was part of my uploads
<cpaelzer> but I'm not enough through my pile of mails to be at those uploads
<rbasak> nacc: should --expected-distribution also influence pull_orig()? Right now it doesn't.
<rbasak> I suspect it should?
<rbasak> But right now pull_orig() uses --for-merge to decide where to look first, whereas pristine_tar_orig() uses --expected-distribution AFAICT.
<rbasak> Maybe --for-merge should be an alias for --expected-distribution=debian?
<cpaelzer> rbasak: I discussed with Paul in the past, he will use ntpdate as "remote ntp scanner" (if that is a good name)
<cpaelzer> rbasak: I'll update the bug to make it clear
<cpaelzer> I'll also ask the bug reporter to check his scenario with the most recent SRU
<cpaelzer> I'd hope that he is good as well, but want to be sure
<rbasak> cpaelzer: thanks!
<cpaelzer> jamespage: does bug 1626972 miss an "released to mitaka" update?
<ubottu> bug 1626972 in Ubuntu Cloud Archive mitaka "QEMU memfd_create fallback mechanism change for security drivers" [Undecided,Fix committed] https://launchpad.net/bugs/1626972
<cpaelzer> It is still on fix committed, but you referred to it as released in bug 1706875
<ubottu> bug 1706875 in libvirt (Ubuntu) "libvirt's apparmor profile denies access to /tmp and snapshots failed" [Undecided,Invalid] https://launchpad.net/bugs/1706875
<jamespage> cpaelzer: yeah oddity of how we do updates - the promotion of that fix to -updates was bundled with a later change so the bugref was missing
<jamespage> done manually
<cpaelzer> jamespage: perfect, just wanted to be sure as I closed another one with "just fixed see here"
<cpaelzer> jamespage: lucky with OVS 2-8 ?
<jamespage> cpaelzer: getting there - dpdk unit tests are failing on some archs, the the libopenvswitch stuff is a mess (so dropping that)
<cpaelzer> hmm the tests worked in the past IIRC
<cpaelzer> too bad they fail now, generally not working or only specific subtests?
<cpaelzer> meaning are these the unit tests or already full grown tests later on like the dep8 mininet thing?
<jamespage> just digging into that now
<jamespage> cpaelzer: no unit tests as part of package build
<cpaelzer> ok, leaving you to that
<jamespage> cpaelzer: http://paste.ubuntu.com/25263463/
<jamespage> amd64 failures (one passed on recheck)
<nacc> rbasak: yeah that's a good idea
<nacc> rbasak: could you hop back into HO?
<rbasak> ack
<rbasak> nacc: not needed right now, but we'll need better names for --source and --mechanism.
<rbasak> "Authority" and "Provenance" come to mind for --source.
<jamespage> coreycb: https://launchpad.net/ubuntu/+source/ceph/12.1.2-0ubuntu1 32 bit failures
<jamespage> I need to look yet
<jamespage> 64 bit will be ok
<coreycb> jamespage: ack
<runelind_q> if I use livepatch, how can I get apt to stop bugging me about kernel updates?
<sarnold> runelind_q: note that the livepatches only address a few issues; you still want to install and reboot into new kernels from time to time
<runelind_q> got it.
<nacc> rbasak: yeah, i like 'authority' -- provenance is pretty fancy :)
<nacc> smoser: around?
<nacc> teward: fyi, just uploaded jgrimm's fix to xenial for postfix
<these00> What are you up to?
<these00> I am checking the charset code out.
<these00> Can you post a screenshot?
<nacc> these00: wrong channel?
<these00> Screenshot of another channel, asking here.
<these00> There were more irc nets with specific character sets.
<these00> Freenode has it's.
<nacc> these00: still don't know what you're asking about, or why you're asking in the Ubuntu server channel?
<these00> it looks like there are a couple or more characters misshowing.
<these00> the machine used to look is ubuntu, hence asking here nacc
<these00> terminal character encoding can be tedious
<these00> nacc is there a dvd encoding package?
<these00> not something usually free
<these00> yet nearly ubiquitouos
#ubuntu-server 2017-08-08
<braziercustoms> hello. I'm back again :D I am still having problems with conjure-up on 16.04.  can anyone tell me why I keep getting this error? 2017-08-07 21:29:26,447 [DEBUG] conjure-up/openstack-novalxd - __init__.py:21 - Showing dialog for exception: cannot retrieve charm "cs:glance-258": cannot get archive: Get https://api.jujucharms.com/charmstore/v5/glance-258/archive: dial tcp: lookup api.jujucharms.com on 10.228.217.1:53: re
<sarnold> braziercustoms: you're3 cut off at ":53: re"
<braziercustoms>  read udp 10.228.217.50:38257->10.228.217.1:53: i/o timeout
<braziercustoms> @sarnold that is the last of it
<braziercustoms> 16 machines are running but cannot access horizon of course
<braziercustoms> @sarnold I just noticed that one is different than the last one.
<sarnold> braziercustoms: is that a go-implemented dns lookup that's failing?
<braziercustoms> im not sure what you mean "go-Implemented"
<braziercustoms> sarnold: it is hitting a DNS forwarder but its never been a problem, you think thats the problem? it works if I put the URL in the web browser it tries to download a file.
<sarnold> braziercustoms: i'm guessing here.. try something for "for i in `seq 1 100` ; do dig api.jujucharms.com @10.228.217.1 ; done  ... see if you get any errors or all successes
<braziercustoms> sarnold: dont see a failure
<braziercustoms> answers each in 0ms
<sarnold> braziercustoms: hrm. is the conjure-up error repeatable?
<braziercustoms> well, last time seems like I got a different one but it was same type of failure
<braziercustoms> sarnold: I'm trying to find it. give me a sec
<braziercustoms> sarnold: here is a previous one https://pastebin.com/aHpjDAMP
<braziercustoms> sarnold:  so far every time I try to conjure-up, it fails at something "not retreivable"
<braziercustoms> sarnold: that is every time in the last week or so.
<sarnold> braziercustoms: I -think- file a bug against juju with ubuntu-bug juju-core   .. unless you can track down if there is something wrong with the dns forwarder on 10.228.217.1 or the firewalls in between..
<braziercustoms> sarnold: I conjure-down, I will remove the controller (again) and start over see if there are any new errors.
<braziercustoms> sarnold:  :D you made me realize that my dns forwarder for my home network is replying on both interfaces.. its always been this way and didnt cause a problem before, but would it cause a delay?
<braziercustoms> as I get ;; reply from unexpected source: 192.168.1.3#53, expected 192.168.1.2#53
<cpaelzer> jamespage: the OVS change we had was applied to master, I asked for branch-2.8 as well
<cpaelzer> jamespage: but that said we could also just carry the patch on 2.8 as we know it is accepted
<cpaelzer> jamespage: were you able to complete your check on OVS 2.8 and if so what is the summary and expected timeline?
<cpaelzer> jamespage: instead of writing more walls of text I'll wait until you are around
<cpaelzer> good morning everybody btw
<dshap> Hey everyone -- all of a sudden today my production web server (running Ubuntu 14.04) started going down, and I'm trying to figure out why. By "going down" I mean I couldn't SSH into it, and when I rebooted the server (on EC2), I checked syslog and the first time I had this problem earlier today it showed memory issues, but then a few hours later it went down again and syslog didn't seem to show the same memory issues. What else should I l
<dshap> into to diagnose what could be causing this?
<ranjan> hi all, I have a Linux box whose / partition is 100% utilised when using df command, but then when using du -shx /, show there is a lot of free space.
<cpaelzer> dshap: what do you mean by memory issues - out of memory kills?
<dshap> cpaelzer: a couple lines like this: "dhclient: fork: Cannot allocate memory"
<cpaelzer> and even being away as documentation @ranjan: this is a known thing and not "wrong" https://unix.stackexchange.com/questions/45771/df-vs-du-why-so-much-difference
<cpaelzer> dshap: you seem not to be the first one https://forums.aws.amazon.com/thread.jspa?messageID=674000
<cpaelzer> dshap: but in general you'd need to track what is consuming your memory - assuming that really is the issue
<cpaelzer> dshap: while usually next to useless/counterprodictive on a cloud you could set up some swap space to not die so immediately
<cpaelzer> dshap: with that in place you could regularly track memory consumption
<dshap> cpaelzer: That was my first thought when this happened the first time today. After it happened, I rebooted the server and my website came back online, but then 2 hours later it went down again -- that time, it didn't have any "Cannot allocate memory" messages in syslog
<cpaelzer> dshap: either with basic "ps --sort -rss -eo rss,pid,command | head" or (my preference) with the tool smem
<cpaelzer> dshap: what did it have in that second case - it must have had "something" I hope
<cpaelzer> it doesn't shut down but loosing network connection right?
<dshap> cpaelzer: According to the log, it doesn't appear to be shutting down, because I just see the reboot logs at the time that I initiate the reboot (from the AWS management console)
 * kickinz1 back online
<dshap> cpaelzer: the last 2 things I see from sys log are: "dhclient: bound to <some_IP> -- renewal in 1701 seconds." and "CRON[1505]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)"
<dshap> cpaelzer: the last 2 things before it went down the 2nd time*
<cpaelzer> dshap: hmm - I might not have the best hints so other feel free to chime in, but if you really have not more after one of these reboots you need to set up some things to log more to disk
<cpaelzer> dshap: you could also have auto-restarts if the HW under the cloud has issues, like https://forums.aws.amazon.com/message.jspa?messageID=275616 but I'd consider this unlikely to happen two times
<cpaelzer> I tihnk you could find in the service health dashboard if such a case happened
<cpaelzer> otherwise set up monitoring to close in on what issue you system in particular might run into
<dshap> cpaelzer: got it. thank you for your suggestions!
<lordievader> Good morning
<cpaelzer> hi lordievader, good morning to you as well
<lordievader> ranjan: That is quite possible. Probably some application which still has a reference to a deleted file.
<lordievader> Du doesn't see those, df does.
<lordievader> How are you doing cpaelzer?
<cpaelzer> jamespage: I see the latest OVS upload still has the 15 errors in the self-tests
<cpaelzer> lordievader: fighting the tide :-) how are you?
<jamespage> cpaelzer: yes - looking at those now
<cpaelzer> jamespage: I'll sync what we upload to Debian on Thursday afternoon - now that te patch with the pkg-config is accepted in OVS it will likely be the one with the multi-arch changes
<cpaelzer> jamespage: but once I sync that from Debian it will fail to migrate until we have also uploaded a new OVS working with it
<cpaelzer> jamespage: so ping me once your exploitation of OVS 2.8 makes and progress (or you are giving up for a reason)
<cpaelzer> so we can coordinate those syncs/uploads as needed
<lordievader> Doing allright here :)
<jamespage> cpaelzer: picked your patch for ovs pkg-config/dpdk
<jamespage> cpaelzer: having to skip some tests on the dpdk build which I've reported upstream
<jamespage> cpaelzer: I've also been able to re-enable s390x testing which is nice
<cpaelzer> wow, that is great jamespage
<cpaelzer> did you have to skip all 15 tests or were some fixable?
<cpaelzer> jamespage: thanks for integrating my patch, as I said it is upstream now so it should be safe and not a maintenance burden
<cpaelzer> jamespage: I sent you an optinal invite for the DPDK meeting, you certanily have enough but if you ever want to attend you now know time&date
<cpaelzer> jamespage: so with the pkg-config applied we can upload the 17.05.1 including this change to Debian and sync from there
<cpaelzer> jamespage: what is the timing on the OVS 2.8 release - do you know?
<jamespage> cpaelzer: this month
<jamespage> ~(timing of release)
<cpaelzer> ok, so I'd then try to coordinate the upload to Debian and sync from there
<jamespage> cpaelzer: re the tests - I've just deferred that to upstream tbh
<cpaelzer> once the 17.05.1 is in Artful proposed I can ping you to upload the OVS 2.8 then
<jamespage> cpaelzer: I'm a little time short this week as off from end of thursday for a couple of weeks :-)
<cpaelzer> a couple you say
<cpaelzer> I hope for vacation
<cpaelzer> jamespage: so what shall we do about OVS then, should I try to get it to Debian and sync to Ubuntu earlier?
<cpaelzer> jamespage: would that help you to close out the OVS upload before you leave?
<jamespage> cpaelzer: it would but I'm happy to upload prior to that actually arriving in Ubuntu; it will dep-wait until 17.05.1 appears :-)
<cpaelzer> and then fail on me while you are unavailable :-P
<cpaelzer> but ok, sounds like a plan for now
<cpaelzer> I can still whine about it when it happens
<cpaelzer> jamespage: ok, I have asked my co-maintainer to upload to Debian whenever he is ready
<jamespage> ta
<cpaelzer> jamespage: I'll sync from there into artful once available, feel free to make a dep-waiting one being around in a-p if you want
<jamespage> cpaelzer: I'll hold for as long as possible
<cpaelzer> ok
<jamespage> cpaelzer: good smell test at least - https://bileto.ubuntu.com/excuses/2889/artful.html
<cpaelzer> jamespage: yeah doesnÃt seem too bad
<ahasenack> ubuntu-server meeting in #ubuntu-meeting if anyone is interested
<madLyfe> this was the iso i installed: ubuntu-16.04.2-server-amd64 but im still showing kernel 4.4.0-89-generic.
<sdeziel> madLyfe: that seems OK to me. Unless you expected the HWE kernel?
<nacc> madLyfe: can you show `apt policy linux-generic-hwe-16.04` ?
<nacc> madLyfe: yeah, so I'm thinking now the server ISO *doesn't* use the HWE kernel by default (not seeing it in the seeds)
<nacc> madLyfe: which is a distinction from the desktop ISO I didn't realize
<madLyfe> so run this command? 'apt policy linux-generic-hwe-16.04`'
<nacc> madLyfe: that will just say if the hwe kernel is installed
<nacc> madLyfe: if it's not, you can install it
<nacc> (if you want)
<nacc> madLyfe: but as we were discussing on #ubuntu, why do you want the hwe stack on your server?
<madLyfe> that command didnt do anything
<nacc> madLyfe: it should output something
<madLyfe> my servers are miners, just trying to squeeze the most performance out of the CPUs as possible.
<nacc> madLyfe: ok, and you've measured that the newer kernel is more performant?
<nacc> madLyfe: in any case, back to taht command. It hsould either have outputted "Unable to locate package" or it would have outputted lines that show what versions are available/installed
<madLyfe> i have no idea. havent tested it. thats why i was seeing if i had it installed or not
<madLyfe> nacc: http://i.imgur.com/1RMDu1Z.png
<oerheks> drop t ' at the end
<oerheks> apt policy linux-generic-hwe-16.04` <<
<madLyfe> i did on the next two lines
<madLyfe> where nothing happened
<oerheks> those next lines are within your previous command, try fresh
<madLyfe> manually typed it in again and same
<madLyfe> even the clear command is doing it
<madLyfe> wth
<oerheks> apt policy gives a search, nothing gets installed or changed
<madLyfe> no i mean clear isnt doing anything either: http://i.imgur.com/ZVGr7MB.png
<oerheks> again, you are within your previous command, stop this with ctrl + c
<sdeziel> madLyfe: type: ctrl-c
<madLyfe> ah yes. still new. sorry
<oerheks> :-)
<oerheks> you will remember this next time, no worry
<madLyfe> https://gist.github.com/5f60456c093419cd708b6f08faf98526
<oerheks> your prompt should give a name @ machine + $ ( as user ) or + # as root
<oerheks> good, HWE not installed
<oerheks> sudo apt install linux-generic-hwe-16.04 # if you *need* a newer kernel and such
<madLyfe> well it says 4.10, but i dont have it?
<madLyfe> "Installed: (none)" mean its not?
<madLyfe> sudo apt install âinstall-recommends linux-generic-hwe-16.04 ?
<nacc> madLyfe: right (none) means not installed
<nacc> madLyfe: i'm not sure if you need install-recommends or not, but yes, that's the package you want
<madLyfe> thanks. whats the worst that could happen by upgrading?
<nacc> madLyfe: your system doesn't boot?
<nacc> madLyfe: note, you're not upgrading, you're installing a differnet package
<nacc> *a second package
<madLyfe> its a pretty standard supermicro board. nothing proprietary on it. should be good.
<Epx998> Is there a good command to get the status of a netapp share thats mounted?
<Epx998> hmm
<nacc> mwhudson: there's a few golang packages that are showing up in the 'out of date' from Debian list for server. Am I right to assume you've got a handle on them all? :)
<mwhudson> nacc: er no but i can
<mwhudson> nacc: where's the list?
<nacc> mwhudson: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html
<nacc> mwhudson: there are ~11 for golang
<nacc> mwhudson: it's ok if they are understood to be behind for a reason, I just want to make sure that we have a reason for each :)
<mwhudson> the reason is that i haven't ripped out the shared library stuff yet i think :(
<nacc> teward: are you planning on updating nginx to 1.13.3 this cycle?
<hehehe> could be good
<hehehe> teward: you going to do it
<hehehe> -
<hehehe> ?
<nacc> hehehe: why would you ask the exact question I just did?
#ubuntu-server 2017-08-09
<nacc> rbasak: fyi, drbd8 is falsely reported at http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html
<adlaistevenson> On a server with an SSD drive (so writes a worry because they count against lifespan), what size should I make the swap if I have 10 GB of RAM? Server is running Postgresql RDBMS.
<sarnold> I don't think people are too worried about ssd drives wearing thin these days except for really high sustained write loads; one hopes for swap that it wouldn't be used too much
<sarnold> one or two gigs is probably good enough to give the kernel some space to shove data it doesn't need often
<ubuntu16t> can an old unsupported ubuntu 12 upgrade to 16 using a cdrom?
<ubuntu16t> or does the cdrom require overwrite of the old ubuntu?
<sarnold> you should be able to use do-release-upgrade  to upgrade to 14.04 LTS and then apt-get update, apt-get -u dist-upgrade, and then another do-release-upgrade to get to 16.04 LTS
<madLyfe> so does 17.04 get moved to LTS eventually? not sure how that works
<sarnold> no; the next LTS is almost certainly going to be 18.04 but I don't know if that's set in stone or not
<sarnold> the usual pattern is an lts release every two years, in april
<madLyfe> ok, ty
<sarnold> looks like that pattern has held since 8.04 LTS https://wiki.ubuntu.com/Releases
<madLyfe> so what will 18 have that 17 doesnt?
<sarnold> 17.10 will be the first ubuntu release with gnome as default desktop environment in many years.. I expect it to be a bit rough. hopefully 18.04 LTS will be a bit smoother.
<sarnold> otherwise i expect mostly the same; slight improvements across the board.
<madLyfe> why not just do LTS to LTS?
<madLyfe> skipping the middle?
<sarnold> some people prefer to have newer software on a more frequent basis
<sarnold> and it's nice to get bugreports on those newer features before a new LTS
<madLyfe> so its like a beta
<sarnold> in many ways, yes
<madLyfe> does this work for anyone? https://instant.io/
<madLyfe> like the actual download. supposed to work but ive never been able to get it to download anything
<madLyfe> trying to get the most recent ISO
<madLyfe> https://instant.io/#145b85116626651912298f9400805254fb1192ae
<sarnold> I can't even resolve it
<madLyfe> s
<madLyfe> http://i.imgur.com/3OrelbN.png
<sarnold> hah, interesting. .io is publishing an nsec3 record for instant.io to prove that it doesn't exist http://dnsviz.net/d/instant.io/dnssec/
<madLyfe> not sure what that means
<madLyfe> site loads fine for me just doesnt work.
<sarnold> i've heard before that .io is terrible at running a domain
<JaguarDown> Any idea why internet works (update/upgrade, SSH, VPN, etc) DNS resolution "appears" to resolve names but I can't ping any servers? Wondering because I'm setting up mail and the server can't resolve the recipient's email domain
<madLyfe> same with this one: https://btorrent.xyz/
<sarnold> JaguarDown: it's common for overzealous firewall admins to block ICMP and thus break ping
<JaguarDown> Okay I am the firewall admin but I'm a newbie/intermediate (home server) I shall look
<sarnold> JaguarDown: qemu "user" networking also breaks ICMP in this fashion; so a VM running with just the right config could do it :/
<JaguarDown> Not on a VM
<JaguarDown> Sarnold would be correct, I can now ping. Firewall had been set on high security while I went back and opened ports I needed, turns out I forgot to open up ICMP :-)
<JaguarDown> Thank you sarnold
<sarnold> JaguarDown: great :)
<madLyfe> sarnold: sudo apt install linux-generic-hwe-16.04 or sudo apt install âinstall-recommends linux-generic-hwe-16.04
<sarnold> madLyfe: probably the one with install-recommends
<madLyfe> sarnold: https://gist.github.com/986a2c95ab12e029938ff8f6db2949b2
<madLyfe> "If you fall into the latter category but want the new HWE stack, then you can install it with a single command (server users should omit the xorg package): sudo apt install âinstall-recommends linux-generic-hwe-16.04 xserver-xorg-hwe-16.04"
<sarnold> madLyfe: I never use 'apt' bare so I don't know what command line options it takes. the manpage doesn't document any. try apt-get install --install-recommends
<madLyfe> you put two dashes in front?
<sarnold> most decent tools use two dashes for long options and one dash for short options
<madLyfe> https://gist.github.com/f1ddd7088fcf129c9efdb9fb014d4695
<sarnold> looks good. interesting I wouldn't have expected thermald.
<madLyfe> here is the full output: https://gist.github.com/11619c37f334005d1681295aa940d8dd
<madLyfe> did i bork something there at the end?
<sarnold> eww
<madLyfe> eww what?
<sarnold> that's really gross. I wonder how that even happened.
<sarnold> re-run the command and see what happens.
<madLyfe> sudo apt-get install --install-recommends linux-generic-hwe-16.04
<madLyfe> that one?
<sarnold> yeah
<madLyfe> looks better, maybe? https://gist.github.com/ff6bff79437980c648b29057d835d039
<sarnold> yes, much better
<madLyfe> what not? reboot?
<madLyfe> now*
<sarnold> yeah I think so
<madLyfe> i dont need to be physically there do i? im just SSHing in.
<sarnold> if it works out fine you don't :) but if something goes wrong it's always nice to have remote console access to fix things up
<madLyfe> remote console access = ?
<sarnold> a remove vnc or ipmi or serial access so that you can control grub
<madLyfe> ah. ya i was worried about grub. these boards dont have ipmi
<madLyfe> looks like its all good: https://gist.github.com/344df2892f195ef40e85d167eece6bf1
<sarnold> excellent
<madLyfe> ty for the hand holding
<madLyfe> sudo reboot
<madLyfe> lol whoops
<JaguarDown> I tried to set up email before and failed. Trying again now with new tutorial, just successfully sent an email by entering commands locally via telnet connection. I guess the real test will come later, sorry but this is exciting! :-)
<sarnold> \o/
<sarnold> when you see how simple it is to send email with netcat but how hard it is to configure working mail servers it's enough to make you throw the stupid computer out the window :)
<sarnold> "just type what I type! do that!"
<adlaistevenson> Or if you ever have a job where you have to know what DKIM is and answer fucking questions about why the e-mail went to spam, or worse, never arrived at all. I hate email.
<adlaistevenson> And of course, you can't say you don't know why the recipient server gave a 250 OK and then discarded the message.
<sarnold> yeah. I'm glad to let google handle my email :(
<sarnold> it got hard.
<sarnold> you get to have the same conversation over and over again.. "yes you can't send email to amail list from a gmail account to other people with gmail accounts. yes they know about it. no they don't care. because they can't sell advertising on email that's why."
<adlaistevenson> I occasionally get dragged into email guessing games, and did today. There goes days of getting anything useful done.
<sarnold> "email guessing games", heh
<adlaistevenson> Now I will be spending days applying voodoo magic I don't understand like whitelabeling and IP warm-up and crossing my fingers.
<adlaistevenson> And pray I can get back to actually developing software sometime this week (the only thing I am marginally competent at).
<sarnold> good luck :)
<adlaistevenson> Thanks
<JaguarDown> lol well we shall see. I am making an attempt to run my own email just as a hobby for now, with the intent of using it primarily, but I guess we'll find out if it's worth the trouble. Surprisingly it's going a lot smoother now than before.
<JaguarDown> Well postfix, dovecot, and mysql works, at least sending email over the internet, receiving it locally, and IMAP. That's enough for tonight. I'll wait to figure out why mysql log time is 4 hours in the future later...
<JaguarDown> oh apparently I can also receive mail from the Internet too, nice. Anyway, thanks for the help sarnold, until next time, bye.
<cpaelzer> good morning
<cpaelzer> jamespage: the openvswitch pkg-config patch is now on the 2.8 branch as well - so on your next sync from git you can drop the custom patch
<jamespage> cpaelzer: \o/
<jamespage> I'll snapshot again today
<cpaelzer> nacc: FYI bug 1709573 kills git ubutnu submit for me - but it is not a git-ubuntu bug, but my system or launchpadlib
<ubottu> bug 1709573 in launchpadlib "no encode method on password as it is bytes in py3" [Undecided,New] https://launchpad.net/bugs/1709573
<rbasak> cpaelzer: for bug 1709573, does your password contain non-ASCII characters?
<ubottu> bug 1709573 in launchpadlib "no encode method on password as it is bytes in py3" [Undecided,New] https://launchpad.net/bugs/1709573
<cpaelzer> rbasak: hmm I don't enter my pw anywhere
<cpaelzer> rbasak: it is still fetching launchpad content - you men the LP PW then ?
<cpaelzer> all asci chars I think
<cpaelzer> in the worst case not on some weird codepages, but not that I'd use cyrillic or any german special like Ã¤Ã¼Ã¶
<rbasak> cpaelzer: I wondered that, but if you're not actually entering anything, it seems far less likely.
<cpaelzer> rbasak: it is fetching something, then wants to encode but the type is wrong
<cpaelzer> I didn't check where it fetches it, but it might be the LP auth token itself
<cpaelzer> I've seen the issue on ustriage sometimes, but could get around just by retrying
<cpaelzer> on git ubuntu submit it seems persistent
<cpaelzer> SO I thought it is about to file a proper bug
<rbasak> Beret, dpb1: FYI, I've filed bug 1709603.
<ubottu> bug 1709603 in apt (Ubuntu) "apt {upgrade,install} require an update call first" [Wishlist,New] https://launchpad.net/bugs/1709603
<Beret> rbasak, sweet, thanks
<cpaelzer> jamespage: dpdk 17.05.1-2 uploaded to Debian - if fortune is with us I can sync that later today
<cpaelzer> jamespage: tonight/tomorrow you can then check to pass ovs 2.8 along that
<cpaelzer> jamespage: I'll keep you updated
<cpaelzer> jamespage: beisner: two questions
<cpaelzer> a) do we (you) care about UCA on Desktops
<cpaelzer> b) is virt-manager part of UCA (I don't think so, but you might have plans)
<jamespage> cpaelzer: a) no; b) also no
<cpaelzer> perfect - that makes me drop some patches
<cpaelzer> just wanted to ensure there is no UCA back to Xenial
<cpaelzer> (unitey patches)
<cpaelzer> or rather Unity
<xpistos> Hey guys. I am writing an automation script to install our software at work and want to make it more aesthetically pleasing. How can I combine the output of echo "the quick" and echo "brown fox" so it appears on one line with a return so it looks like "the quick brown fox"
<mdeslaur> xpistos: echo -n
<xpistos> so lets say the command is one line, the output is another and the new prompt is on the third
<xpistos> mdeslaur: How do I get it to add a space after the first string?
<xpistos> mdeslaur: without adding an additional " " string
<ogra_> note, not all echos are the same ... (depends if you use /bin/echo or the shell builtin echo)
<ogra_> (though i guess -n is supported on most of them ... -e is definitely not )
<xpistos> ogra_: The -n works like this echo -n "the quick" && echo -n " " && echo "brown fox"
<ogra_> yes ...
<ogra_> -n should work mostly evereywhere ... but not all echos have the same options available
<ogra_> (the echo built into dash only supports -n ... which the echo built into bash supports -n -e and -E ... and /bin/echo supports -n -e -E too)
<ogra_> s/which/while/
<TJ-> You could use printf(1), or the shell's built-in printf
<ogra_> yeah
<TJ-> printf(1) is part of core-utils so should be available (almost) everywhere, except possibly the initrd
<nacc> mdeslaur: sorry for being dense, but just to follow-up on php7.0 -- you'll upload to -security and I should be able to request a pocket copy to -updates (well -proposed first) by the SRU team?
<mdeslaur> nacc: I take care of it from here. Everything that goes to -security automatically gets copied to -updates
<nacc> mdeslaur: ack, just wanted to close the loop on that, thanks!
<mdeslaur> nacc: I will directly release them as security updates, no processing by the SRU team or wait necessary
<mdeslaur> nacc: thanks!
<nacc> mdeslaur: the orig tarball is exactly what is in debian, if you need it
<mdeslaur> I downloaded it from upstream directly, I should have checked debian
<mdeslaur> anyway, building now here: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
<nacc> mdeslaur: yeah, i don't think there is any munging -- you should be able to check with uscan and see if the hashes match. I think you're fine.
<mdeslaur> for some reason I thought debian was using 7.1
<mdeslaur> oh well, next time
<nacc> mdeslaur: they have both
<nacc> mdeslaur: we have only one in each release :)
<xpistos> Hey guys I got another question for you the following command shows the changes I want but doesn't write them to the file : sed -e "/server 3.centos.pool.ntp.org\ iburst/a\\server\ $ntpserverip iburst" < /etc/ntp.conf
<xpistos> Any ideas how to get it to write those changes
<dpb1> xpistos: well, sed -i modified files in place
<dpb1> so like, sed -ie "/server 3.centos.pool.ntp.org\ iburst/a\\server\ $ntpserverip iburst" /etc/ntp.conf
<dpb1> (untested)
<xpistos> dpb1: LOL. I thougth I did that but I guess not
<xpistos> Thank!
<coreycb> jamespage: zero tempest smoke failures on pike b3 including the latest ceph
<cpaelzer> jamespage: upload to Debian done, if it would build faster I could sync earlier
<cpaelzer> jamespage: I'll check back before going to bed if it is reachable for the syncpackage call
<nacc> rharper: is LP: #1671951 actually ready to sponsor?
<ubottu> Launchpad bug 1671951 in systemd (Ubuntu) "networkd should allow configuring IPV6 MTU" [Medium,New] https://launchpad.net/bugs/1671951
<rharper> nacc: it was, but not sure of the status now;  the debdiff likely needs refreshed against systemd in artful;  I'm not sure of xnox or anyone else attempted to re-work the issue upstream;
<nacc> rharper: ok, can i unsub sponsors for now?
<rharper> sure
<nacc> rharper: thanks (i'm piloting)
<ahasenack> nacc: wrt git workflow, there is a "no-change rebuild" change, which only changed d/changelog and bumped the version
<ahasenack> nacc: http://pastebin.ubuntu.com/25278327/
<nacc> ahasenack: yeah, so that'd be an empty commit (for the purpose of documenting it) with the same commit message as the changelog version
<nacc> ahasenack: and then a contentful change to only d/changelog
<ahasenack> nacc: should I record it as a normal "git commit debian/changelog -m changelog" commit?
<ahasenack> hm
<nacc> that would only show up in the deconstruct/
<nacc> then in the logical you can drop both
<ahasenack> ok, so git commit d/changelog -m "<same as d/changelog>"?
<ahasenack> ah, empty commit
<nacc> ahasenack: your way also works, but is a little less obvious
 * ahasenack reads for a change
<ahasenack> so empty commit with the d/changelog mesage,
<nacc> ahasenack: i like my method, only because you have the same logical separation between what was changed (in this case nothing) and what documents the change (the changelog commit)
<ahasenack> then d/changelog commit with -m changelog?
<nacc> ahasenack: yeah
<nacc> ahasenack: yep
<nacc> ahasenack: i like that consistency, but as you noted, it's not really different than just a changelog commit
<nacc> ahasenack: as long as the results match and is understandable, i think it's fine either way
<ahasenack> but then we lose this bit of info
<ahasenack> that it was a rebuild
<nacc> ahasenack: right, at least in the git-log
<ahasenack> so yours keeps that info
<nacc> ahasenack: yeah, it's more self-documenting in my flow
<nacc> ahasenack: and it's obvious to a reviewer that it should be dropped between deconstruct and logical
<nacc> ahasenack: LP: #1677329, sponsors can be unsubbed, right?
<ubottu> Launchpad bug 1677329 in samba (Ubuntu Zesty) "libpam-winbind: unable to dlopen" [High,Fix committed] https://launchpad.net/bugs/1677329
 * ahasenack checks
<ahasenack> nacc: yes
<nacc> ahasenack: thanks
<ahasenack> man
<ahasenack> bitten again by git's "let's comment empty commits by default during rebase" :/
<nacc> ahasenack: are you doing an interact rebase? git rebase --abort
<ahasenack> it's gone already
<ahasenack> I noticed just now in the logical phase
<ahasenack> "where is that empty commit that I was supposed to drop?"
<nacc> ahasenack: well if they were empty, you don't need them in the logical phase?
<nacc> ahasenack: they aren't logically part of the delta if they are empty
<ahasenack> yeah, but it was dropped in the deconstruct one, in a last rebase I did to check I didn't miss anything
<nacc> ah
<nacc> ahasenack: you may want to alias `git-rebase` to `git-rebase --keep-empty` :)
<ahasenack> yeah
<ahasenack> cpaelzer: all libvirt tests passed in xenial, and trusty has an "always failed" one for armhf in nova
<cpaelzer> ok ahasenack, thanks for the info so we are good on dep8 then
<cpaelzer> ahasenack: since verification was also good it is down to staying in proposed a while
<ahasenack> funny, interactive rebase can't reword empty commits on its own
<ahasenack> nacc: I got this in debian's samba: https://anonscm.debian.org/cgit/pkg-samba/samba.git/commit/?id=e22e6b8bcae9b3fdf059d8878811c82b14585b65
<ahasenack> nacc: seems to be debian specific
<ahasenack> how do we deal with that? We don't care?
<ahasenack> I've seen that the samba panic script has an "if ubuntu do this; if debian do that" check
<ahasenack> I don't know what calls those bug-presubj and bug-script scripts, maybe debian's reportbug?
<ahasenack> duh, it's what the commit msg says, "reportbug script" :)
<ahasenack> but still, do we carry that?
 * ahasenack sees that his ubuntu system has reportbug(1) and /usr/share/bugs full of stuff
<sarnold> so you can report bugs to debian if you wish? :)
<hehehe> hiu sarnold
<hehehe> LOL
<sarnold> hey hehehe
<hehehe> whats the safest way to resize boot partition
<hehehe> simply resize it and reboot?
<hehehe> its full of old kernels
<sarnold> I haven't resized a partition in 15 years
<ahasenack> safest is to remove old kernerls
<ahasenack> kernels*
<hehehe> seems so
<ahasenack> try apt autoremove
<ahasenack> it should do the right thing. But double check
<nacc> ahasenack: right, it seems like we either need to update that script to dtrt in ubuntu's samba
<nacc> ahasenack: because we don't want to send ubuntu bugs to debian's bts
<rose_> can anyone tell me if I need to reboot after doing apt-get upgrade
<rose_> also what packages can I remove if i plan only using this xubuntu as console
<nacc> rbasak: around (i hope not)?
#ubuntu-server 2017-08-10
<nacc> rbasak: remind me after/before standup to ask about mocking
<hehehe> https://www.wired.com/story/james-damore-google-memo-harvard/
<hehehe> http://www.telegraph.co.uk/news/2017/01/29/dont-call-pregnant-women-expectant-mothers-might-offend-transgender/
<hehehe> I recommend buying a shotgun
<hehehe> mass insanity is around the corner lol
<cpaelzer> jamespage: dpdk is in a-p likely to fail on tests soon, but ready for you to put the OVS-2.8 you have to its side
<lordievader> Good morning
<jamespage> cpaelzer: ack - I'll do a snapshot upload today
<cpaelzer> jamespage: with the.1 in 17.05.1 it seems that the OVS dep8 tests also successfully run against the current OVS 2.7
<cpaelzer> jamespage: I didn't expect that, but more likely it still finds the OLD libs that it was built against
<cpaelzer> jamespage: yeah it does, once your new OVS 2.8 is in we want to drop the old 16.xx DPDK binaries that are left
<cpaelzer> we now use version named libs - so all new ones will have 17.05 and such in their names
<cpaelzer> jamespage: anyway that makes the new one a valid candidate in a-p, and as discussed is waiting for your snapshot upload
<cpaelzer> I'm scheduling myself a check next week if we need/want to remove old binaries then or if all clears automatically
<sdeziel> mdeslaur: good morning! If you have a couple of minutes, I'd appreciate if you could guide me a little in getting https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1709193 fixed
<ubottu> Launchpad bug 1709193 in gnutls28 (Ubuntu) "Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer" [Undecided,New]
<mdeslaur> hi sdeziel
<sdeziel> hey
<mdeslaur> sdeziel: hrm, looks like an SRU....is there no patch pilot today that can upload it?
<mdeslaur> let me see if we have gnutls updates pending, one sec
<sdeziel> mdeslaur: yes, SRU'ing this to Xenial/Trusty is my end goal
<sdeziel> mdeslaur: thanks fro letting me know about patch pilot, I didn't know that, joining ubuntu-devel now
<mdeslaur> sdeziel: I'm on patch piloting duty tomorrow, I can look at it then
<mdeslaur> just realized tomorrow is my turn :)
<sdeziel> mdeslaur: that would be awesome. Until then, should I provide you more debdiffs and attach them to the bug?
<mdeslaur> zesty would be nice
<sdeziel> mdeslaur: OK, I'll have zesty and trusty done then, thanks again!
<mdeslaur> gnutls28 in trusty is in universe and is missing a crapload of security updates...adding this may be a bit futile
<sdeziel> oh, I would have hope to drop support for TLSv1.0 all around but still have some Trusty boxes...
<sdeziel> sSMTP has always annoyed me for only supporting TLSv1.0 max ;)
<mdeslaur> ssmtp in trusty is probably linked to gnutls26
<sdeziel> you are right
<mdeslaur> looks like the same patch would apply to libextra/gnutls_openssl.c in gnutls26
<sdeziel> alright, thanks for looking
<sammyg> how to tell if a web server is installed?
<dlloyd> any or a specific one
<sammyg> any
<sammyg> made a fresh vps install with ubuntu
<sammyg> apache is not installed because /usr/share/httpd is missing?
<sammyg> same goes for all?
<lordievader> sammyg: Check if there is a program listening to port 80/443.
<sammyg> port listener? what command?
<sammyg> nmap?
<dlloyd> netstat -natu |grep 80
<sammyg> dlloyd, returned something starting with fe80: with 80 colored red
<lordievader> Or the more recent `ss`: `ss -pln|grep '80\|443'`
<sammyg> not a lot to list there, if i only use netstat -natu
<dlloyd> dpkg -l |grep 'nginx\|apache'
<sammyg> lordievader, command not found
<sammyg> ubuntu 16.04
<dlloyd> if you are root, netstat -natupd |grep 80
<dlloyd> will give you the process
<dlloyd> or sudo that
<lordievader> O.o
<sammyg> lordievader, yup not found
<sammyg> what's the output supposed to look like?
<sammyg> ports are not listed
<sammyg> proto, rec, send, local, foreign, state
<lordievader> Custom image install, I suppose?
<sammyg> probably, it's from vultr
<sammyg> 0.0.0.0:22 so this would be the port? 22?
<sammyg> of course this is the ssh
<sammyg> nmap not installed but suggest installing it
<sammyg> so what commands can i use for port listening?
<sammyg> nmap? dpkg? ss-pln? netstat?
<sammyg> spkg is a package manager?
<sammyg> where do linux boxes put their web root?
<sammyg> "/usr/share/httpd"?
<sammyg> perhaps this is the safest way? for noobs?
<sammyg> to make sure
<hateball> literally what
<lordievader> sammyg: Ubuntu puts the webroot, by default, at `/var/www`.
<nacc> rbasak: around?
<rbasak> nacc: o/
<rbasak> Sorry was otp
<nacc> rbasak: cool, give me one sec
<nacc> rbasak: so i'm trying to add a unit test for lint::derive_target_branch (new function)
<nacc> it currently takes a list of branch of objects
<rbasak> OK
<nacc> what's the best way to mock that?
<nacc> as my parameterized unit test just has a list of strings (e.g., 'pkg/ubuntu/devel'
<rbasak> Does the implementation call many methods on the branch objects?
<nacc> only two of them
<nacc> b.branch_name
<nacc> b.peel().id
<rbasak> I think you could do something like:
<rbasak> b.branch_name = unittest.mock.Sentinel
<rbasak> b.peel().id = unittest.mock.Sentinel
<rbasak> Oh, b = unittest.Mock() first, sorry.
<rbasak> You might need branch_name to be a string, actually, if derive_target_branch relies on that.
<nacc> yeah, it needs to be astring
<rbasak> Do you not also need to mock a debian/changelog inside there? Or does derive_target_branch not need to look?
<nacc> so that will create a singleton for each value?
<nacc> nope
<nacc> (at least not in the current implementation)
<rbasak> Yeah each time you use unittest.mock.Sentinel, it gives you a new value, for comparison purposes later.
<jamespage> cpaelzer: done - https://launchpad.net/ubuntu/+source/openvswitch/2.8.0~git20170809.7aa47a19d-0ubuntu1
<nacc> what if i want two of them to have the same b.peel().id ?
<rbasak> Then point them to the same object.
<nacc> e.g. for the test of xenial-devel and xenial-updates being the same treeish
<jamespage> thatnks for your help on expediting the dpdk uploads for 17.05.1
<rbasak> Either b2.peel().id = b1.peel().id
<nacc> rbasak: right, but then i need to change my parameterization?
<rbasak> Or same_id = unittest.mock.Sentinel
<rbasak> b1.peel().id = same_id
<rbasak> b2.peel().id = same_id
<nacc> rbasak: i mean, the test-runner currently doesn't know which case i'm testing :)
<rbasak> I see.
<nacc> rbasak: which *type of test-case
<nacc> rbasak: i mean, i can put that in as a parameter
<nacc> but that seems a bit kludge-y?
<nacc> [list of branch-names], same_hash
<rbasak> I can't think of a better way to fix this except by using real strings (bytes?) that are different, or by representing that you need them to be the same somehow in the data structure and then creating the mocks appropriately in the test function.
<rbasak> Another way might be to make a function that creates the structure, and make the parameters calls to that function. That's essentially the same thing though.
<nacc> yeah, i think that's where i was getting stuck
<rbasak> HO if you like, and we can try it in a pad?
<nacc> rbasak: joining standup early
<rbasak> omw
<nacc> cpaelzer: can you think of a reason that http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#php-crypt-gpg is only failing on s390x?
<rbasak> nacc: I'm there but brb.
<nacc> rbasak: ack
<cpaelzer> nacc: looking
<mdeslaur> nacc: https://usn.ubuntu.com/usn/usn-3382-1/
<mdeslaur> nacc: thanks!
<sdeziel> mdeslaur: nacc: thank you both!
<nacc> mdeslaur: nice, thanks!
<rbasak> nacc_: would you expect me to get the mapping from series codename to distribution from distro-info or from Launchpad?
<rbasak> distro-info has the advantage that it is faster, but gets blocked on a distro-info-data SRU when a new series is opened.
<rbasak> (including in Debian)
<rbasak> I suppose falling back to Launchpad might be an idea.
<nacc_> rbasak: where distribution is an object? or the xx.yy ?
<nacc_> rbasak: i would expect we would not add a new dependency on distro-info unless we had an explicit reason to do so (i don't believe we use it at all currently)
<nacc> rbasak: i feel like sentinel is not behaving like i expected
<nacc> rbasak: if you're around, i'd like to clarify
<rbasak> nacc: o/
<nacc> rbasak: i think i figured it out, but i'd like to clarify -- standup HO?
<rbasak> omw
<ahasenack> nacc: need some help here, I can't figure out what git ubuntu lint is complaining about
<ahasenack> it just says
<ahasenack> ((0855986...))andreas@nsn7:~/git/merges/samba$ git ubuntu lint
<ahasenack> Some lint checks failed. Please investigate.
<ahasenack> let me paste a -v output
<ahasenack> nacc: http://pastebin.ubuntu.com/25285660/
<Epx998> I think I need a new way to clean a puppet cert at netboot provisioning, sigh.
<nacc> ahasenack: have you pushed your branch anywhere?
<nacc> ahasenack: i can try and debug locally
<ahasenack> nacc: yes
<ahasenack> nacc: https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+ref/merge-samba-take2-1700644
<nacc> ahasenack: ok, one sec
<ahasenack> thx
<nacc> ahasenack: and that's with the snap?
<ahasenack> yes
<ahasenack> r115
<nacc> ahasenack: ok, reproduced with the snap but not with master, checking still
<ahasenack> nacc: ok
<nacc> ahasenack: ok, reproduced with master on my bastion, i can debug it now
<ahasenack> thx
<ahasenack> and good luck :)
<nacc> ahasenack: can you file a bug? i have the fix, but i need to figure out why it fixes it
<ahasenack> ok, will do
<ahasenack> nacc: done, https://bugs.launchpad.net/usd-importer/+bug/1710015
<ubottu> Launchpad bug 1710015 in usd-importer "Unknown lint error" [Undecided,New]
<nacc> ahasenack: thank you
<nacc> ahasenack: ok, i think i see what's up
<nacc> ahasenack: the linter is missing a check
<ahasenack> yes?
<nacc> ahasenack: there's a debian/rules change dropped from your deconstruct to your logical
<ahasenack> yes, that famous one
<ahasenack> winbind static buld?
<ahasenack> build*
<nacc> right, but that is not how our workflow works
<ahasenack> I keep hitting edge cases
<nacc> deconstruct should match logical exactly except for d/changelog and d/control
<nacc> i think you just dropped it in the wrong place
<nacc> the logical delta should be exactly what was uploaded before?
<ahasenack> then I will have "add fix/drop fix" both under "remaining changes"
<nacc> and then you would drop that bit on the rebase to new/debian
<nacc> ahasenack: logical is unrelated to the remaining
<nacc> ahasenack: it's not part of the new delta, it's all about hte old delta
<nacc> ahasenack: that is, there was a bit of delta (afaict), which was this extra d/rules bit
<ahasenack> ok, will try that way
<nacc> ahasenack: it's not correct for that bit to not be in the logical delta
<nacc> ahasenack: but it might be correct to drop it on the rebase to new/debian
<nacc> does that make sense?
<ahasenack> we'll see :)
<nacc> i mean, just thoughts-wise, the above idea :)
<ahasenack> I don't recall what we did last time
<ahasenack> just that it was a drop with an empty commit
<ahasenack> which felt very odd to me, because the empty commit was talking about removing that line from d/rules
<nacc> right, i think that was on the rebase to new/debian
<ahasenack> but was, you know, empty
<ahasenack> so it was lying a bit
<nacc> no, a drop should always be an empty commit (the way I do it)
<nacc> as it's a removal of delta that used to exist
<nacc> what you're dropping is the delta, which since you're rebasing onto debian means it's now an empty change
<nacc> it's a 'documentation' commit :)
<ahasenack> the edge case is that dropping this delta required two drops, in essence
<ahasenack> in different points in time
<ahasenack> I wonder if just uploading this simple fix to artful right now, removing that line from d/rules, and *then* doing this merge, wouldn't be clearer
<nacc> ahasenack: right, the point is you can't do that in a merge in the 'old state'
<nacc> ahasenack: you do it as part of the merge, in the new state
<nacc> ahasenack: right, now, you're changing the delta in the old state
<nacc> ahasenack: you absolutely can do what you're suggesting, but what i've been suggesting the whole time was to do it as part of the merge. You had that correct in your old merge. The only mistake (if you want to call it that) in the new merge is you did the change too 'early' :)
<ahasenack> in another revision of the merge I did it later, but that got stale and I had no idea anymore about what was going on
<ahasenack> (today)
<ahasenack> I'll go back to deconstruct and don't drop the two commits, then get logical, and rebase on new/debian
<nacc> ahasenack: yeah -- i mean, technically, your merge itself is fine :)
<ahasenack> the end result
<nacc> ahasenack: it's the workflow that got borked, which is what the linter is checking
<nacc> yeah
<ahasenack> I did check the cmocka builddep today, it's fine for us to keep it
<ahasenack> and I'll explain in the MP what I checked and why it's fine
<ahasenack> nacc: so this still warrants a linter fix?
<nacc> ahasenack: yeah, i'm fixing the linter -- basically it hsould have detected a d/rules diff between logical and deconstruct
<nacc> it actually was detecting it, just not telling you (becuase of an implicit return)
<ahasenack> nacc: what I keep finding confusing is that by dropping both the commit that added that patch and d/rules, and the one that removed it partially,
<ahasenack> I'm essentially stopping the bug from being introduced
<ahasenack> so there is never a commit that drops just the d/rules bit
<ahasenack> so I keep thinking "hm, let's see the commit that dropped the d/rules change. Oh my, it's emtpy, why?"
<nacc> ahasenack: right, there wouldn't be, because you'd either be introducing a 'new' change to old ubuntu or not dropping something that doesn't exist on new debian
<nacc> ahasenack: i think it's important to keep those two states distinct in your head (the old and new states)
<nacc> ahasenack: old is essentially never changed, it might be refactored/reordered, etc., but the contentful changes are static
<nacc> ahasenack: new can be whatever it needs to be to be correct :)
<nacc> rbasak: ok, i pushed my branch of bug fixes and refreshed the MP to be ready-to-review, so i think you have 3 pending reviews from me
<nacc> ahasenack: --^ that branch (bug-fixes-2 in my namespace) has the fix for your linter issue
<nacc> rbasak: also, if you do need  achangelog object, then i think we want to land https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/328607 before your branch, at least, so you can use git_repository::Changelog.from_treeish
<nacc> rbasak: istr you mentioning that in our HO
<ahasenack> nacc: ok
<nacc> sarnold: who should I talk to on security about potential removal of nagios3 (already not in debian) but also promotion of icinga2 so we have a monitoring package in main?
<nacc> sarnold: i can file the MIR, but just curious how security feels about nagios3 being in ubuntu and not in debian at this point
<sarnold> nacc: file a bug against nagios3 in launchpad asking for it to be removed, subscribe the ubuntu archive administrators
<sarnold> nacc: might not hurt to run it past IS first
<nacc> sarnold: yes, that's already done :)
<nacc> sarnold: but it's seeded
<nacc> sarnold: so i probably will need to replace the seed with icinga2
<nacc> which will end up requiring a MIR, etc.
<nacc> so might not happen til 18.04
<nacc> given where we are in the cycle?
<nacc> tyhicks: --^ you may have an opinion here too
<sarnold> could be .. I've lost track of the backlog
<nacc> sarnold: yeah, and it's rather late to add another one, i realize
<nacc> sarnold: just trying to get my thoughts in order, so, at least, it can get done ASAP in 18.04
<nacc> (well, in that cycle, i mean)
<ahasenack> nacc: still here?
<nacc> ahasenack: yes
<ahasenack> nacc: my rebase on new/debian: http://pastebin.ubuntu.com/25286639/ the troublesome commits are 3558c58 and 4b54cdb which I already ordered nicely one after the other
<ahasenack> nacc: so the plan is to drop those two (d), then add an empty commit saying something like http://pastebin.ubuntu.com/25286633/
<ahasenack> nacc: or maybe change 4b54cdb to include the d/rules bit, and then both really cancel out, and then drop
<nacc> reading
<nacc> ahasenack: to be clear, both lines 11 and 12 are in the old delta?
<ahasenack> yes, they are in the deconstruct tag
<ahasenack> and logical
<ahasenack> I can push it as it is now
<tyhicks> nacc: I don't have any strong opinions here
<nacc> ahasenack: that's ok, i'm just trying to understand
<ahasenack> so say we all :)
<nacc> ahasenack: it seems like they should be in the deconstruct but not the logical
<nacc> ahasenack: oh but now i remember, they don't actually cancel themselves out all the way?
<ahasenack> no, that's where I dropped them before
<tyhicks> nacc: there's some benefit from focusing on the same system monitoring daemon as Debian but I wouldn't consider it to be a huge benefit from the security team's POV
<ahasenack> nacc: correct
<ahasenack> they don't cancel each other out
<ahasenack> they should, but they don't
<tyhicks> nacc: if icinga makes sense from a market share perspective, it is probably a good move
<achiang> does anyone know how to really prevent apt-daily.service from running when booting a cloud-init image?
<achiang> the answer here does not work - https://unix.stackexchange.com/questions/315502/how-to-disable-apt-daily-service-on-ubuntu-cloud-vm-image
<nacc> tyhicks: well, there hasn't been a release of nagios3 in ... 4 years
<achiang> i passed the script as user-data to my ec2 instance and i still see evidence that the unit ran (by examining syslog)
<nacc> tyhicks: that sort of feels ... not great for currency purposes
<nacc> tyhicks: but yeah, we should figure that part out
<nacc> tyhicks: ok, i'll defer to 18.04 on this, will probably re-engage your team at some point
<tyhicks> nacc: right - Ubuntu would need to move to nagios4 (and maintain it all ourselves) or something else entirely
<tyhicks> nacc: thanks for bringing it up early
<nacc> tyhicks: yeah, i think the debian monitoring folks were basically orphaning it, so they let it die (and icinga2 is still maintained)
<nacc> tyhicks: np, thanks for responding!
<nacc> ahasenack: so this is my initial impression (or what I would expect). I would see in the logical tag's history (but not the deconstruct) a commit that replaces liness 11 and 12 with a commit containing just the change corresponding to http://pastebin.ubuntu.com/25286633/ except it would read "d/rules: compile windbind statically..."
<nacc> ahasenack: then in the rebase to new/debian, i woudl expect to see that commit be transformed to an empty commit and dropped
<nacc> ahasenack: oftentimes, i put in the [] in my logical something liek [previously undocumented] which is equivalent to your textual explanation
<nacc> ahasenack: that way, the logical log still has a line per logical delta
<nacc> and i can track each of those bits to commits (empty or not) in the new delta
<ahasenack> nacc: but the removal of the d/rules line is not even in artful now
<ahasenack> I can't put that in the logical
<nacc> ahasenack: right, that's why mine doesn't have it as a Drop or anthing else
<nacc> ahasenack: it is a literal " d/rules: compile statically"
<nacc> ahasenack: which is is in the logical delta, as a difference from debian, in artful as it is now
<ahasenack> isn't logical == deconstruct - changelog - metadata - duplicates?
<ahasenack> duplicate == add and remove
<nacc> contentfully (logical == deconstruct - changelog - metadata)
<nacc> - duplicates would be a no-op if they are the sum of adds and removes
<ahasenack> there is no add and remove in this case, so I left them in logical
<ahasenack> this rule:
<ahasenack> "An additional goal in this step is to consolidate the delta, e.g. sometimes a change is added in one Ubuntu release and then removed in a subsequent Ubuntu release. The changes, in this case, should simply be dropped.
<ahasenack> "
<ahasenack> doesn't apply
<nacc> ahasenack: wait, i thought you just said there was?
<ahasenack> it's an incomplete remove, it didn't remove the "add" fully
<nacc> ahasenack: maybe a HO is in order? or we can talk tmrw if you'd rather
<nacc> ahasenack: right, so it's still an add and remove
<nacc> it just may not fit into the above sentence completely
<rbasak> Yeah we never figured out good wording for what we mean there.
<ahasenack> logical is the "old state", right
<ahasenack> it's just the delta trimmed down
<ahasenack> it represents an existing state in that package in ubuntu at that version/release
<nacc> logical is a description of the logical delta
<nacc> yeah
<ahasenack> I can only change that once I apply it to new/debian
<nacc> no
<ahasenack> then it becomes a new delta
<nacc> well, sort of
<nacc> you can change the *wording* as much as makes snese
<rbasak> Logical should be the previous delta made concise.
<nacc> like in this case, where you have an incmpolete revert
<ahasenack> this:
<ahasenack> <nacc> ahasenack: yeah, i'm fixing the linter -- basically it hsould have detected a d/rules diff between logical and deconstruct
<nacc> your'e not changing the patch, just the description
<ahasenack> that's what broke the linter before
<ahasenack> if you are saying now that I should change the logical to drop those "fake dupes", then it will happen again
<nacc> ahasenack: well "broke" :) it just didn't tell you why you had incorrect logical :)
<ahasenack> still, incorrect
<ahasenack> something I should fix
<nacc> ahasenack: no, it won't happen again
<nacc> i'm not telling yout to *drop* anything
<ahasenack> but now you are saying I should indeed drop those two commits at the logical step?
<nacc> ahasenack: i'm saying if you combine your two commits into one, there will be a change leftover!
<nacc> not drop, combine
<rbasak> squash :)
<nacc> if they were correct, the combine would be a drop
<nacc> but they are not
<nacc> yeah :)
<nacc> so you squash them together, and notice hey, it didn't go empty -- so document what was missed
<nacc> in this case, exactly that d/rules still says to compile winbind statically
<ahasenack> not just document
<ahasenack> fix
<nacc> no
<nacc> just document
<nacc> you don't fix anything in the logical
<ahasenack> but then the diff is still there,
<nacc> yes
<nacc> no
<nacc> wait
<nacc> what diff?
<nacc> the diff *shoudl* be there in logical
<ahasenack> the result of applying the fix and incompletely removing it
<ahasenack> there is a remainder when you do that
<nacc> logical == deconstruct - changelog - metadata
<nacc> the remainder is in deconstruct
<nacc> but not in your currnt logical
<nacc> that's the reason the lint failed
<ahasenack> yes, in deconstruct we are applying the fix and not fully removing it
<nacc> right
<ahasenack> then in logical I dropped (in the take2 branch) both, and that left a remainder that was unexpected
<nacc> which emans you must do the same in logical
<nacc> logical can't have different net contents than deconstruct
<nacc> that violates the above equality we've said a few times
<ahasenack> ok, with you so far
<ahasenack> so what about this squashing?
<nacc> if you had squashed the two commits together rather than dropping them
<nacc> then your logical would have been correct
<nacc> it would have been described wrong (as it would have a commit message talking about d/p/fix-1584485.patch when in fact the content of the commit was about d/rules
<nacc> but it would have been contentfully correct
<ahasenack> I shouldn't change the squashed commit message?
<nacc> no you should :)
<nacc> i was doing one thing at a time
<ahasenack> ok, so I change it
<ahasenack> do... *? -?
<blackboxsw> achiang: I'm playing around w/ ec2 this week (but making dinner right now) will check it tomorrow and see if disabling is possible. we'd had a couple of internal discussions about the viability of disabling it
<ahasenack> but the remainder will still be there, the incorrect d/rules lines will be there
<nacc> ahasenack: right, which si good, it's part of the delta currently
<nacc> ahasenack: you're going to drop it *in* the merge, not before the merge
<nacc> ahasenack: basically, the "old" stuff never changes (this is what i was trying to say before)
<ahasenack> we just changed the commit message of the old stuff
<nacc> contentfully never changes
<nacc> metadata (like commit messages) can change
<nacc> the order thigns are committed in, can change
<nacc> but the endpoints should match (a la the equality we expressed above)
<rbasak> The logical is supposed to be exactly the previous delta, re-described.
<rbasak> If there was a mistake in the previous delta, the logical will still have the same mistake, but described as one.
<nacc> contentfully: reconstruct = deconstruct = logical + changelog + metadata
<nacc> what the actual commits look like in each is a separate point, but the above is what the linter is checking for
<ahasenack> see, I'm an elecrtrical engineer, when someone says "exactly the same", that has a strong meaning to me :)
<nacc> "actual commits look like in each" == `git log old/debian..<each>`
<nacc> ahasenack: exactly the same git-tree
<nacc> (meaning filesystem  contents)
<rbasak> Exactly how you choose to describe the logical (in terms of commits and commit messages) is subjective. But the diff of "git diff old/debian old/ubuntu" must be exactly the same as "git diff old/debian logical/..." except for metadata (update-maintainer etc) and debian/changelog
<rbasak> If the diffs aren't the same (except those exceptions), the logical is always incorrect.
<nacc> right, that's what the linter was trying to express here, it just didn't spit out the message saying that (fixed in my branch)
<ahasenack> well, now I have the diff the same
<ahasenack> but the commits are not squashed
<nacc> ahasenack: yeah, so i was trying to save you a step in your rebase :)
<nacc> ahasenack: it's not strictly necessary, but i think makes it easier to review (given that i'll probably be reviewing, it's even less necessary :)
<achiang> blackboxsw: from one developer's opinion, it is really unfriendly -- the service reaches out to the network and takes locks on your system with very little user visibility
<nacc> ahasenack: do you want to push your logical as it is now?
<ahasenack> I don't know
<achiang> blackboxsw: i agree there is some utility there, but it feels more like an opt-in thing, rather than an opt-out
<ahasenack> to me squashing the logical as you described "changes" it
<achiang> or at the very least, make it possible to disable easily, somehow. the ec2 way would be to pass in a user-data script
<ahasenack> but, the normal case where two commits really cancel each other out is a change fit for the logical step
<nacc> ahasenack: it can't change it, afaict
<nacc> ahasenack: if what "it" is is the diff between old/debian and the tag
<ahasenack> ok, trying again
<blackboxsw> achiang: yeah I expect we'd minimally be able to pass a runcmd that does the trick
#ubuntu-server 2017-08-11
<blackboxsw> in user-data
<ahasenack> nacc: ok, this is where I am now: http://pastebin.ubuntu.com/25286917/
<ahasenack> 3f6c0c2 is what was left over from the combination of the add and incomplete remove. I squashed both into that one and changed the commit message in the logical
<ahasenack> and right now it's a "remaining change"
<hehehe> hi
<ahasenack> hehehe: hi
<hehehe> ahasenack:  I am moving keepass db between two pc i- it says invalid signature
<hehehe> like wtf
<hehehe> how do I fix it
<ahasenack> don't know what keepass is
<hehehe> I tried both csv import
<hehehe> its a very popular soft to store passwords
<ahasenack> have you checked that the clock is correct on both machines?
<hehehe> well no
<hehehe> how its related?
<hehehe> they do show same time
<ahasenack> sometimes that's the culprit when cryptographic operations fail misteriously
<hehehe> hehe
<hehehe> I see
<hehehe> so much hassle just to move pc
<hehehe> some linux programs dont think things from user view
<hehehe> also ahasenack  have you notices less and less people speak on freenode
<hehehe> its kinda like ....
<ahasenack> it's all about timezones
<ahasenack> for example, it's 22:25 here now, and I'm usually in bed already by that time
<ahasenack> because I get up at 05:40
<hehehe> yes but usa folks
<hehehe> hmm
<ahasenack> west coast is about to have dinner I suppose
<ahasenack> or happy hour at least
<hehehe> well some channel are barely active at all
<hehehe> at any time
<hehehe> such as mongodb and some more
<hehehe> I have been using freenode for last 2,3 years and activity across all main coding channels droped a lot
<hehehe> dropped
<karstensrage> i cant boot 12.04, it says kernel panic - not syncing: Attempted to kill init!
<karstensrage> is there something i do in grub to remove some files that accidentally got in /lib
<hateball> karstensrage: liveboot the system and fix it if you need
<hateball> 12.04 is EOL also
<karstensrage> how do you liveboot the system
<cpaelzer> good morning
<hateball> karstensrage: is this a VM, physical, what?
<karstensrage> VM
<hateball> karstensrage: just put in an ubuntu desktop CD and start from that, mount the installed partitions and clean whatever you need to
<hateball> chroot if needed
<karstensrage> OK
<lordievader> Good morning
<cpaelzer> hi lordievader
<lordievader> Hey cpaelzer, how are you doing?
<cpaelzer> good actually
<cpaelzer> I haven't checked my nightly tests yet :-)
<cpaelzer> I hope the week is closing out fine for you as well
<lordievader> It has been doing quite all right :)
<lordievader> Set up a Windows vm yesterday to which I can plugin a drawing tablet via Spice. Quite fancy, imo.
<PCatinean> hey guys, I use duplicity in a docker container and after recreating the container and make backups I cannot restore anymore
<PCatinean> I always get: https://hastebin.com/cotepiyiha.sql
<PCatinean> does anyone have a clue why this happens?
<lordievader> Different versions of the tool?
<ahasenack> rbasak: hi, do you know that whis means:
<ahasenack> (bind9-merge-1701687)andreas@nsn7:~/git/packages/bind9$ git ubuntu lint
<ahasenack> 08/11/2017 10:05:48 - ERROR:Unable to automatically determine importer branch: No candidate branches found.
<coreycb> beisner: good morning, python-cinderclient 1:1.6.0-2ubuntu1~cloud0 and python-openstackclient 2.3.1-0ubuntu1~cloud0 are ready to promote to mitaka-updates
<rbasak> nacc: I'd like to sync with you on the progress of git ubuntu build please
<nacc> rbasak: ack
<nacc> rbasak: after standup?
<rbasak> yes please
<nacc> rbasak: ok
<nacc> ahasenack: is that branch pushed?
<ahasenack> nacc: it was bind9, but since then I pushed --force over it
<nacc> ahasenack: i mean, is the branch which is uanble to find a candidate branch available somewhere else?
<ahasenack> that's the one
<nacc> ahasenack: 'the one'? your branch ref above is a local branch
<ahasenack> after my push (for unrelated reason) I don't think it happens again
<nacc> ah ok
<ahasenack> https://code.launchpad.net/~ahasenack/ubuntu/+source/bind9/+git/bind9/+ref/bind9-merge-1701687
<ahasenack> don't know if it happens anymore
<PCatinean> lordievader, could be possible?
<PCatinean> How can I check?
<PCatinean> btw older backups with the same tool work
<rbasak> cpaelzer: "Depend on gir1.2-appindicator3-0.1 for appindicator support" - I wonder if this still applies with the switch to GNOME? I don't know the answer - just asking.
<cpaelzer> rbasak:  I kept what I wan't able to ensure being droppable
<cpaelzer> rbasak: but yeah it could be optional now with unity being gone
<cpaelzer> but I considerd such deep dives more appropriate when it is not so late before FF
<cpaelzer> and since it wasn't anything that seems to cause issues - nor the last bit that prevented it to beocme a sync I left it
<cpaelzer> rbasak: the problem on verifying that is that the old description is rather unclear what part of the appindicator support was the reason
<cpaelzer> rbasak: didn't it woak at all, was there a detail being not perfect?
<cpaelzer> rbasak: that un-verifiability is the reason I left it for now
<rbasak> cpaelzer: +1
<rbasak> nacc: https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+ref/lp1698402
<ahasenack> what's the name of that console tool again that shows bandwith usage by each connection
<ahasenack> not iptraf
<ahasenack> not nethogs
<ahasenack> there's another one
<ahasenack> iftop
<ahasenack> that's the one
<mason> iftop is lovely
<mason> iftop can also filter things, filtering only a particular system, everything *but* a system, etc., so you can limit observer effect.
<jge> hey drab you around?
<dpb1> ahasenack: what was the one we used for the demos
<ahasenack> dpb1: about what?
<dpb1> network monitoring with the graphs
<ScottE> You can do some neat stuff with BPF these days too - https://github.com/iovisor/bcc is a collection which includes a number of network tracing and histogram tools
<ahasenack> I don't remember
<drab> jge: what's up?
<jge> nvm drab found the convo we had last time
<dpb1> ah yes
<dpb1> bmon
<dpb1> ScottE: the 'b' in bpf reminded me
<ScottE> :-)
<drab> dpb1: if you mean in console, there's also nload
<drab> which makes nice ascii graphs, my fav for that kind of thing
<dpb1> ah cool
<dpb1> nacc: I shouldn't need to do anything to keep up with the git-ubuntu snap, right?  it should just always be up to date
<dpb1> ?
<braziercustoms> How far do I need to go when starting over from failed conjure-up attempts? Is just destroying the controller enough?
<dpb1> braziercustoms: I think just removing the model it created is enough, stokachu amirite?
<stokachu> braziercustoms: where did it fail
<stokachu> braziercustoms: does `juju controllers` list your controller?
<stokachu> dpb1: yes re: git-ubuntu snap
<braziercustoms> I keep getting a failure getting charms during glance install
<dpb1> stokachu: thx
<stokachu> braziercustoms: head back over to #juju im in there
<nacc> dpb1: with master, yes
<dpb1> nacc: thx
<ahasenack> dpb1: yes, the snap will be kept up-to-date
<ahasenack> r115 currently
<troy1> do any of you use ubuntu server as router/firewall. any recommendations in applications that make it easier to manage?
<sdeziel> troy1: I use iptables-persistent
<dpb1> oh wow
<dpb1> til
<sdeziel> not sure if that qualifies as easy to manage but you get your ip{,6}tables ruleset load at boot without fluff :)
<troy1> yea was wondering because I have used pfsense quite a bit and they do it pretty well
<sdeziel> if you are coming from pf you might find iptables a tad different
<sdeziel> I don't know much about pfsense but I think you drive pf through a WebUI isn't it?
<drab> troy1: might wanna take a look at "firehol"
<drab> ime it's the closeset thing
<drab> oh, pfsense, not just pf
<drab> pfsense != pf , if you're looking for something mroe familiar to pf than iptables then look at firehol
<drab> if you want something similar to pfsense in linux land, then look at ipcop
<sdeziel> isn't IPcop long abandonned?
<drab> altho ime nothing really matches pfsense
<drab> sdeziel: yeah, well, that's as good as it gets if you don't want to get stuck with paid-upgrades
<drab> if community version + paid upgrades is of interest then probably the winner is clearos
<drab> and then smoothwall
<sdeziel> ipfire looks ~nice and seems to be maintained
<sdeziel> never tried it myself though
<sdeziel> I'm too attached to iptables-save format to move to a WebUI
<drab> lol, same here
<drab> I looked through about a dozen of them and then just stuck with plain nix + firehol
<drab> i guess the most widespread one is dd-wrt actually, since most ppl have a modem/router and put that on it
<drab> but it won't go on your pc so maybe not an option
<troy1> Ill look into firehol then.
<troy1> This is just a home project anyways. Wanted a router/firewall and server
<sdeziel> troy1: for a linux distro with a WebUI to configure the firewall, you may try OpenWRT
<drab> https://xkcd.com/1875/ too good to not share :D
<sarnold> troy1: I have friends who swear by ferm
<drab> I have friends who swear "ferm" - it's a 4 letters word after all :P
<sarnold> hehe
<troy1> drab: was looking through the firehol documentation seems to be well put together.
<drab> troy1: docs are good, community is good albeit small, but the main devs always got back to me in a day at the latest and they really know what they are talking about ime
<drab> plus I was looking to balance a few lines and firehol comes with link-balancer which did the job really well
<dpb1> funny, ferm is a popular brand of power tools, also makes routers, I have one!
<drab> need to customize the script now so that instead of just detecting line downs actually measures latency
<sarnold> dpb1: haha
#ubuntu-server 2017-08-12
<EpicCyndaquil> hey everyone, apt-get keeps grabbing packages that dpkg claims are corrupted. How do I start troubleshooting this? simply removing the package from /var/cache/apt/archives and trying again seems to fix it all the time, but it's happening too often to just be an odd occurrence.
<lordievader> Good morning
<wolflarson> EpicCyndaquil, I used to have that issue when I ran a squid server on the network until I whiltelisted my mirrors
<EpicCyndaquil> wolflarson: I'm not running squid, but I do have a virtualized pfsense, and I'm wondering if something between there and VirtIO is causing issues. got some "unexpected end of data stream" issues, so potentially a timeout setting somewhere?
<wolflarson> you might expect that every time not just intermittenlty
<EpicCyndaquil> I'm at a point where I can't download something after repeated attempts, it's happening that frequently.
<EpicCyndaquil> and I'm still having the issue this morning, so I doubt I can blame the internet.
<drab> EpicCyndaquil: but apt-get update doesn't complain?
<drab> EpicCyndaquil: what happens if you wget that samne link and then try to dpkg -i it ?
<drab> does it also complain that ti's corrupt?
<tafa2> when editiing cron with "crontab -e" where is that actual file save on ubuntu 16? I cannot for the life of me seem to find it?
<tomreyn> tafa2: /var/spool/cron/$USERNAME
<drab> tafa2: /var/spool/cron/crontabs/$username
<oerheks> It is stored in the directory: /var/spool/cron/crontabs  ( per user)
<drab> lol
<tomreyn> okok i was slightly wrong ;)
<tafa2> I love IRC sometimes :)
<tafa2> Thanks guys got it!
<oerheks> is it $user or $username, tom ?
<oerheks> i usually use $USER
<oerheks> hmm found it myself, echo $USER gives the name, $USERNAME blanc
<tomreyn> right, so two mistakes there ;)
<oerheks> no no, i learned something today \0/
<tomreyn> :)
<drab> I know it's a bit far fetched as a question, but anybody around with ubiquiti hw?
<drab> they shorten their than to ubnt so close enough maybe :P
<tafa2> so I've got a folder: /data/backups/ - Inside I've got folders: /user1/ /user2/ /user3/
<tafa2> I'm having a hell of a time dissalowing users1-3 from listing contents of /data/backups/ whilst still having access to /data/backups/user1-3/
<tafa2> currently /data/backups/ belongs to root:root
<tafa2> and /data/backups/user1/ <- chown user1:user1 /user1/ && chmod 0750 /user1/
<drab> tafa2: chmod 751 /data/backups/
<drab> that gives x (execute) to all, (ie your users). x on a directory means able to cd into it
<drab> but no "r", read, which is what you need to list files in a directory
<tafa2> ah i see
<drab> try this for yourself: cd /tmp
<tafa2> that was the missing element...
<drab> mkdir a ; mkdir a/b ; mkdir a/c
<drab> sudo chown root:root a ; sudo chmod 750 a ; ls -l a/ -> error
<drab> sudo chmod 755 a -> works and can list
<drab> sudo chmod 751 a -> cannot list, but ls -l a/b works
<tafa2> 0o
<tafa2> works a treat
<tafa2> thanks man
<tafa2> anyone use borgbackup?
#ubuntu-server 2017-08-13
<EpicCyndaquil> drab: I found out it's an issue with Ubuntu somehow, as I don't have this issue with debian. Really weird.
<darksifer> Hi everyone. I am using samba as Domain Controller. Everything works but I cannot deploy printers using the Print Management from Administrative Tools. I get the error "failed to query for the list of group policy objects linked to this container." It worked only once. No changes were made. I have been looking for a solution since yesterday. Kindly help please. Thank you.
<arunpyasi> Hello everyone, what may be the reason that I can send the mail to local email address which are hosted in same server but cannot send to the internet ? I have 25 port open too, I can telnet
<tomreyn> arunpyasi: your mail servers' logs should tell.
<arunpyasi> tomreyn, it says its not resolving..
<arunpyasi> tomreyn, this is what I see : 2017-08-13 10:04:57 1dgmWC-0000Wp-5P == info@domain.com R=dnslookup T=remote_smtp defer (-53): retry time not reached for any host
<arunpyasi> in the log
<tomreyn> arunpyasi: sorry, i missed your reply. looks like it's either that your mail server has dns lookup issues or there just is no dns record on the internet for the given destination addresses' domain part.
<tomreyn> i assume "info@domain.com" is not the actual destination address, but the one it said there is the one you need to examine.
<arunpyasi> tomreyn, naa, they are valid emails..
<tomreyn> arunpyasi: well domain.com does have an MX address. your mailserver apparently fails to determine this, which hints at a local DNS configuration issue.
<tomreyn> *DNS lookup
<arunpyasi> tomreyn, the thing is, I tested on multiple email addresses.
<arunpyasi> tomreyn, @gmail.com, @domain1.com, etc..
<tomreyn> and the result was?
<arunpyasi> but emails are sent only to @domain.com
<tomreyn> are you saying that you submitted, through your local mail server, e-mail addressed to users at gmail.com and at domain1.com, and that your mail server rerouted these to users at domain.com?
<tomreyn> arunpyasi: ^ to clarify: by "users" i mean user parts of email addresses
<arunpyasi> tomreyn, no, I said that.. mail from @domain.com goes to @domain.com but doesn't go to @gmail.com or @domain1.com
<arunpyasi> I mean, internal mails work, but internal mails doesn't
<arunpyasi> hope I am clear
<tomreyn> i'm afraid not so.
<oerheks> port 25? long time not used for mail
<tomreyn> not for outbound mail at least
<Vladimirski> issues installing proxmox-ve getting "cannot find dependencies..."
<Vladimirski> Anyone had any issues with proxmox?
<tomreyn> Vladimirski: no polls please. provide details if you are looking for a solution ot a specific issue.
<tomreyn> proxmox is not in ubuntu (so not officially suppoorted here)
<Vladimirski> alright
<Vladimirski> thanks
<tomreyn> btw i sent lutostag an e-mail about this yesterday...
<sammyg> unable to locate package apache-utils
<sammyg> how to resolve this?
<tomreyn> sammyg: what makes you think it shoudl exist?
<sammyg> was using apt-get to install
<sammyg> sudo apt-get
<sammyg> sudo apt-get install apache2 apache2-doc apache2-utils
<sammyg> E: unable to bla bla
<sammyg> tomreyn, what is this prefix E?
<tomreyn> E as in Error
<tomreyn> the bla bla is probably important
<sammyg> E: unable to locate package apache-utils
<sammyg> but it found apache2
<tomreyn> the above command cannot have produced this message
<sammyg> what makes you say that?
<sammyg> oh wait a second
<sammyg> i mistyped it :p
<sammyg> sudo apt-get install apache2 apache2-doc apache-utils
<sammyg> lol
<sammyg> why set keepalive to off?
<sammyg> allow persistent connection or not to?
<tomreyn> which open source CMDB and ITAM software would you recommend? i'm looking for something less technically experienced users can use to create a hardware + software / (proprietary software) license inventory
<drab> tomreyn: welcome to one of my personal hells
<tomreyn> not the type of reply i was hoping for ;)(
<tomreyn> u should probably have asked in offtopic, too.
<drab> ime that's ok, I have a hard time finding any channel with ppl with a clue about server related stuff so I often just abuse here and hope for the best :)
<drab> tomreyn: I've spent more nights than I care to admit trying and testin FLOSS CMDBs and ITAM stuff and all I can have to show for it is a 5 gallon bucket of tears
<drab> however I'm also in a sort of unique situation, so it may be easier for you
<drab> first off, you mentioned CMDB, but then it seemed more about inventory stuff
<drab> tomreyn: could you elaborate on what you're after? just listing hw you own and sw installed on it?
<drab> what OSs does it have to work on? do you need appliances to be integrated with it too? how important is outodiscovery for you?
<tomreyn> drab: i'm trying to help a small organization (35 people) get a little bit of a clue about their hardware, software and their dependencies.
<tomreyn> next stage would be to add a little risk assessment on top.
<tomreyn> it's really a plain field, nothing has been done yet, it's tabula rasa, copmeplete chaos. so nothing to migrate. i'm even considering to start with a spread sheet
<Ergo> hello, im trying to disable PredictableNetworkInterfaceNames on ubuntu 16.04.3, passing net.ifnames=0 to kernel doesnt seem to help, eth0 is not created i get no network , doing "ln -s /dev/null /etc/systemd/network/99-default.link" doesnt seem to be work for me either
<Ergo> any hints?
<Ergo> i was reading https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<tomreyn> drab: of course they have no budget so i'm just thinking about how to help them create that inventory themselves.
<drab> tomreyn: ok, I'm actually in a very similar situation, NGO work, no budget, no clue, etc
<tomreyn> drab: okay and what's your current plan there?
<Ussat> tomreyn, You may or may not like this answer, but when I was at a small org, we used MS Access for that
<drab> tomreyn: first thing I did was indeed a google doc ssheet, and made up some tabs for them to fill out. It actually worked okish, main problem was place is a little bigger with a lot more turnout and things didn't get updated
<Ussat> ok, I mean drab
<tomreyn> Ergo: https://askubuntu.com/questions/689070/network-interface-name-changes-after-update-to-15-10-udev-changes
<drab> tomreyn: the next thing I looked at, which I liked quite a bit, was yourcmdb.org
<drab> the reason for that is that I also wanted some api to query the data to run ansible and stuff
<tomreyn> Ussat: i don't dislike it, there's also LibreOffice Calc, could use that as well. Or just the spreadsheet, not much of a difference to me.
<drab> for me things like cmdbuild were completely out of the door, it's stuff for large enterprises
<Ergo> tomreyn: can  you be more specific? I googled a bit - I need this for VM images, so I don
<drab> tomreyn: yourcmdb has a nice frontend and works pretty nicely yet it's simple and the codebase small enough that it's ok to fiddle with
<Ergo> so i dont think i should check mac adresses and assign them in files
<Ussat> Ergo, why are you wanting to disable that ? What issue are you trying to solve ?
<drab> tomreyn: the other part of the puzzle is if you want sort of autoupdate with a client agent, for that there's https://www.ocsinventory-ng.org/en/
<drab> but for me that was too much/not needed and it doesn't account for other bits and bobs so I decided against it, at least for the time being
<Ergo> Ussat: im creating VM's that will work with various providers, there are some scripts there (and iptables rules) that depend on eth0 being present by default
<tomreyn> drab: thanks. ocsinventory-ng is indeed on my list. i didn't know yourcmdb, thanks for the hint.
<drab> for yourcmdb, the main issue is how much you hate xml and/or php
<Ergo> i remember passing net.ifnames=0 to kernel fixed this to me in 16.04 but 16.04.3 seems to boot with no network at all
<tomreyn> drab: but for now i really think just a simple spread sheet their staff should fill is a good thing to start with.
<Ergo> only lo is present
<tomreyn> Ergo: i'm sorry, i have no details, i never did it, am happy with the new naming scheme.
<drab> tomreyn: if you're a ruby person you may want to take a look at http://cartoque.org/ , that also came up in my search
<oerheks> Ergo, maybe you need the 2nd part too GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 biosdevname=0"
<drab> Ergo: net.ifnames=0 works for me, I do that in several places, but I also have biosdevname=0
<tomreyn> drab: do you know this, i just found it and it looks ok, if more of a helpdesk self-management tool https://snipeitapp.com/
<drab> I forgot if both were needed
<Ergo> oerheks: yeah that worked before, im trying to see when it stopped working
<Ergo> right now if i pass that the VM boots only with "lo" interface, and im sure it worked before
<drab> what's in /etc/network/interfaces ? if it's still listing the predictable name that's why
<Ergo> moving down from 16.04.3 to 16.04.1 to see if there is difference
<drab> Ergo: do you see anythihg with ifconfig -a ?
<Ergo> drab: (already killed the vm), i did change enc3 to eth0 in interfaces
<drab> tomreyn: that's new to me, looks nice
<oerheks> or with systemd, see the last part: https://askubuntu.com/a/628504
<Ergo> ifup -a just printed a message that it cant bring it up :(
<drab> tomreyn: the other thing lots of ppl recommended me is spiceworks
<drab> to also avoid managing another service on premise
<tomreyn> drab: i heard of it. these very folks are looking for on premise, though, do not have a cloud mind set. more of birkc + mortar folks. ;)
<tomreyn> *brick
<drab> tomreyn: another couple on my radar I didn't get to try: https://github.com/bugcy013/Inventory
<tomreyn> oh wait i mixed that up, spiceworks is not cloud based apparently
<drab> tomreyn: it can be
<tomreyn> https://github.com/bugcy013/Inventory looks dead
<tomreyn> i know + like device42, however
<drab> so one of my fav tools in the space is this: http://ralph.allegro.tech/
<drab> the only thing is, it's very DC oriented
<sammyg> what kind of file is libapache2-mod-php? is it binary?
<drab> tomreyn: and people just had too much trouble with it mentally
<tomreyn> yes that's what i just thought. for DC foklks this is possibly a fine choice
<drab> sammyg: not sure what you mean with that
<drab> it's a .so apache loads
<drab> it's binary like the apache binary...
<drab> tomreyn: snapit actually looks pretty neat...
<sammyg> don't want to crash if i try to open it in nano
<tomreyn> drab: i think so. it look a bit similar to ralph, but less DC'ish, more suited for the generic office with plenty of workstations.
<sammyg> just want to know what version this php mod is
<sammyg> i got one *php, *php7.0, and *php7.0-fpm
<sammyg> can nano open .so files? binary files?
<drab> I don't think opening is the way to answer that question
<drab> but if anything you can try to use the "head" command
<drab> dpkg -S libapache2-mod-php.so or whatever it's called, and it should tell you which pkg it came from
<drab> dpkg -L libapache2-mod-php might help too
<drab> looks like 7.0+35ubuntu6
<drab> depending on php7
<drab> anyway, brb
<tomreyn> drab: would you be able to share the table column heading for the spreadsheet you used initially?
<tomreyn> s/column heading/column names/
<drab> of course, but I suspect you're not gonna like it :P
<drab> I have a table for interfaces linked from the devices table, because laptops for example have wifi + wired and I needed to track that
<tomreyn> drab: because? too many?
<drab> manual input to that isn't the prettiest, I had some seriously trained monkeys doing that
<tomreyn> oh, ok
<tomreyn> i wont have too much time to train monkeys, sadly
<drab> still, happy to share what I have if you'd like
<tomreyn> happily!
<drab> how would you like to receive the pkg?
<drab> shall I put a .csv column export somewhere?
<tomreyn> you could upload somewhere, or send mail to my irc nick @megaglest.org
<drab> ok
<tomreyn> yes, just a csv would be great. thank you.
<drab> tomreyn: will do, mind if it takes me a while? haven't eaten yet and have something scheduled for most of the afternoon
<tomreyn> drab: take your time! :)
<drab> cool, off I go then, ttyl
<tomreyn> i wont work more on this tonight
<tomreyn> thanks again, ttyl
<Ergo> drab, tomreyn i fixed my problem, i needed to do it like this: https://paste.ofcode.org/KyEryTRRrA2tuM2ft6WGhN
<tomreyn> glad you solved it!
#ubuntu-server 2018-08-06
<cpaelzer> good morning
<simulant> Hi does anyone know an easier way to pull up a list of ip addresses that successfully logged into an email account on ubuntu server within the last day or two? Mail log has 1000s of entires to try look through with login failures and various other messages in there... Any easier way?
<rbasak> simulant: grep?
<rbasak> simulant: most admins would use a combination of things like grep/egrep, sed, awk, cut, sort, uniq, etc.
<simulant> rbasak: ok thanks
<RoyK> rbasak: or just perl or python ;)
<rbasak> "Just"
<tafa2> does anyone run their own hypervisor (promox/vmware/similar) in the cloud on a dedicated server? I've got several VPS's now and have done some quick maths and it'll basically be cheaper for me to get a dedi and just portion it out the way I want
<tafa2> was wondering if anyone did this and woudl advise against doing so?
<rbasak> tafa2: you might try lxd
 * tafa2 googles lxd
<rbasak> You can run it on a single VPS
<ahasenack> that's a pro tip
<_KaszpiR_> tafa2 in general it is possible but usually you are responsible for the whole automation process, and usually it's not worth it unless you already have it
<tafa2> yeah I figured as much :)I'm running a few locally at home and at $dayjob (hyper-v, and prox) just wondering if anyone
<tafa2> has done and would just recommend to sticking to regular VPS's
<tafa2> for example, I forget I'd have to order (and justify) additional IP's
<tafa2> rbasak is lxd basically containerised OS's?
<tafa2> so... docker but for an OS?
<rbasak> tafa2: right
<tafa2> Interesting... what's the benefit over KVM for example?
<rbasak> Higher density is the main reason
<rbasak> You don't have to dedicate RAM on a per-contaner basis
<rbasak> (though you can apply limits)
<tafa2> 0o
<rbasak> Faster starts/clones/etc, easier to manage.
<tafa2> so the each lxd image gets it's own root shell, seperate environment but no allocated RAM?
<rbasak> eg. usually you'd set up containers on the same filesystem so no messing with loopback mounts for management.
<tafa2> just uses it from a "pool"
<rbasak> Each container sees its own stuff only, as if it's the only OS on the system.
<rbasak> However a container process is just a process like any other
<rbasak> That you can see from the host if you "ps".
<rbasak> Try it: on Ubuntu, "lxc launch ubuntu:bionic my-first-container" and "lxc exec my-first-container bash"
<tafa2> I'm on the online tutorial now
<tafa2> pretty cool
<rbasak> It's what Docker was originally based on. Your description of "like Docker but for OSs" seems backwards to me because I was using lxc before Docker existed :)
<tafa2> lol
<tafa2> I get you
<tafa2> I've spun it up
<tafa2> It's interesting, but a faff - although everything is separate I don't feel like its a truly independent OS/environment in terms of access
<tafa2> looks like there'd be a lot of messing around with internal network assignements
<rbasak> You can arrange the network how you like - much like a VM.
<rbasak> Bridge host NICs through, or apply through NAT, etc.
<rbasak> Networking is essentially no different to using VMs.
<rbasak> It's also possible for containers to share the same network namespace as the host, though I'm not sure if lxd supports that.
<rbasak> cpaelzer: if you're taking the samba reviews, shall I take apache2?
 * rbasak claims it
<ahasenack> \o/
<cpaelzer> rbasak: yes that is ok
<cpaelzer> I'm juts now able to start on the samba MPs
<rbasak> cpaelzer: nice job figuring out the race in the dovecot test. That one had defeated me when I looked a few years ago.
<cpaelzer> it is ugly++
<cpaelzer> and I'm not entirely sure it is "the same" as the arm one you hunted
<tobasco> jamespage: just got this issue in production https://bugs.launchpad.net/neutron/+bug/1667756
<ubottu> Launchpad bug 1667756 in neutron "Backup HA router sending traffic, traffic from switch interrupted " [High,Fix released]
<tobasco> do you still support xenial mitaka? is these two allegable for backport to xenial/mitaka
<tobasco> https://review.openstack.org/#/c/460924/ https://review.openstack.org/#/c/482847/
<tobasco> coreycb: ^
<coreycb> tobasco: assuming they backport fairly cleanly then it shouldn't be a problem
<coreycb> tobasco: yes we do support xenial/mitaka
<tobasco> want me to add the distro to that bug and add a comment?
<coreycb> tobasco: i can do that. if you happen to be able to provide mitaka versions of those patches that would help speed up the process. they can be attached to the bug.
<tobasco> i haven't tried applying those newton patches on mitaka
 * rbasak takes the open-vm-tools review
<ahasenack> rbasak: I prepared the SRU paperwork for pmdk and ndctl (#1781269 and #1781268), it needs sponsorship
<ahasenack> is that something you could card and do?
<rbasak> ahasenack: yes. Carded.
<ahasenack> thanks
<setra> anybody knows about a decent CEFS Cluster setup guide, which really works?
<tobasco> coreycb: tried looking through a cherry-pick but it seems a lot of stuff changed
<coreycb> tobasco: that might make it tough to do
<tomreyn> setra: my guess you mean CEPH
<tomreyn> *is
<rbasak> ahasenack: may I have comment permission on your git-ubuntu FAQ document please
<rbasak> ?
<setra> tomreyn, yes that is what I meant... :-)
<teward> bleh, can an ubuntu-server list moderator approve my message?  Apparently, since my email change over, my @ubuntu.com address is auto-stuck in the moderation queues >.>
<ahasenack> rbasak: done
<teward> shoutout to powersj for once again helping me with the nginx bug triage.  I probably need to update the duplicate detection triggers
<teward> your help is always appreciated powersj  :)
<powersj> :) had one come up today so figured I'd go through your list
<powersj> having those templates makes it real easy
<teward> indeed.  i'm finding more and more though that these're 'delayed' bug submissions so I need to sniff through the logs,
<teward> powersj: you might be interested in a feature proposal i wrote
<teward> https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1782226
<ubottu> Launchpad bug 1782226 in nginx (Ubuntu) "Allow NGINX to install but not start during postinst if another process is bound to port 80" [Wishlist,Triaged]
<teward> so I can get rid of those stupid "err: bound to port" bugs **once and for all** lol
<powersj> nice!
<teward> i'm working on getting that working, but i've had https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1781971 as a more important "this should be done first" thing from Andreas
<ubottu> Launchpad bug 1781971 in nginx (Ubuntu) "nginx daemon should be provided in a package that doesn't have dependencies to systemd (or nginx-common)" [Wishlist,Triaged]
<powersj> ah yeah I read that one as well today
<teward> that one's got an interesting headache fixing though
<teward> nginx-daemon in my test builds doesn't have a depend on nginx-common in the debian/control...
<teward> ... but it gets an nginx-common dependency anyway when built
<ahasenack> you mean andres
<teward> oops yes
<teward> sorry i'm fast-reading over four screens today :|
<teward> anyways, IDK why it's adding nginx-common when I don't declare it in its dependencies, so blah.
<ahasenack> I'm used to tha tparticular confusion :)
<teward> hashtag HelpWanted :P
<TJ-> teward: through one of the declared dependencies?
<teward> didn't see any.  the only thing it depends on are the libnginx-* dynamic modules that aren't third party modules that nginx-core would have otherwise depended on, otherwise it has no declaration of any other dependencies that I'm aware of which would pull in nginx-common
<teward> i'll have to dig deeper
<teward> it's probable I'm just missing something :p
<TJ-> teward: as in ${misc:Depends} ?
<teward> that... might be why, hmm.
<TJ-> teward: is nginx-daemon a new binary package ?
<teward> TJ-: it replaces the binary component of the nginx-core package, yes, and doesn't depend on nginx-common directly (which was requested by andres)
<teward> nginx-core therefore is more or less a package that has some configuraiton and tests in it, but otherwise doesn't contain a binary nginx executable, that is provided by nginx-daemon in this 'test' build to get it done
<teward> any way to see what misc:Depends expands into?
<teward> TJ-: if this works I owe you a beer.
<teward> i had a feeling it might be something stupid so :P
<TJ-> dh_gencontrol deal with it, so maybe look at the build log in detail
<teward> well that just happened (my hardline dropped o.o)
<dlloyd> did you make it out of the matrix in time
<teward> lol
<teward> I **am** the matrix!  *evil laughter*
<philaneous> hi guys im having issues with SSL certificates via letsencrypt. i cant get the the redirection to work. HTTPS works locally but when i run an ssl checker the certificate is not found. It's also not accessible outside of the LAN on 443.
<teward> TJ-: confirmed it was the misc:Depends
<teward> not sure how to alter that so it doesn't add nginx-common to everything...
<TJ-> teward: is there something in debian/rules adding it statically?
<TJ-> teward: debian/dh_nginx:234:                addsubstvar($package, "misc:Depends", nginx_depends());
<teward> yep that'd be it there
<teward> TJ-: it adds it to all the packages o.O
<teward> that's... not good?
<teward> might have to trim that for this to work properly, and that'd not be nice to do
<teward> TJ-: though I might be able to adjust that to avoid certain packages and strings... such as for the modules and the nginx-daemon binary package
<teward> TBH I stared at this for eight hours on Saturday before saying "I need a break" o.O
<teward> guess I missed lots of these things
<TJ-> teward: it only looks to be included if the package being built contains a module. Is that the case with nginx-daemon?
<TJ-> teward: if so, you can edit the line "if ($package !~ m/libnginx-mod-\w+?/)" to include a match for nginx-daemon
<teward> TJ-: actually the way it's doing that is it adds everything
<teward> TJ-: the dep add is *after* that check
<TJ-> teward: oh yeah... my indentation was confusing me
<teward> this sounds like a bug in the code, because that line adds nginx-common to all the modules
<teward> TJ-: i can adjust this to make it have a secondary conditional that it needs to not match that regex and also not match nginx-daemon
<TJ-> teward: the commit log talks about soemthing dynamic
<teward> but this also sounds like a bug in the package and that i need to poke that upstream
<teward> TJ-: libnginx-mod-* includes compiled .so module binaries, yes.
<teward> but they don't depend on nginx-common, they just have a requirement on one of the nginx binaries being installed
<powersj> ahasenack, the 1404 name is not related to 14.04 ;)
<teward> TJ: so `nginx-daemon | nginx-full | nginx-light | nginx-extras` makes sense, but you could technically install just the .so without any additional configs
<teward> *except* for the fact that it would then fail to load that module unless you have an nginx.conf built to do it
<teward> TJ-: so i'm starting to think that this might not be doable within the confines of what's needed because of those dynamic modules...
<TJ-> teward: right. This in the commit log suggests why "Not all modules are ready for dynamic building"
<teward> TJ-: i think we're talking two separate 'issues' here
<teward> (1) Binary moduels that're dynamic
<teward> (2) Modules compiled inot the code
<teward> the problem with (1) is that you need nginx-common because it creates the config struct that the modules then install into
<teward> which includes the modules-available
<TJ-> teward: that sounds about correct
<teward> which means that what andres wants is not doable
<ahasenack> powersj: go figure :)
<teward> TJ-: if that's the case, then I'll have to reply as such on the bug, because it's not able to be done in a way that would work for what andres and their team needs
<teward> ... actually...
<teward> ... we may be able to just install nginx-daemon without the third party modules
<teward> s/third party modules/dynamic modules/
<teward> it'd strip a good portion of nginx functionality out
<teward> (at least, the functionality those modules provide)
<teward> but it'd work...
<TJ-> teward: you've defined nginx-daemon as a flavour ? if so can't you just statically link the popular/common  modules into it? or is that not what is wanted?
<teward> TJ-: this is an 'in the works' package.
<teward> not the final
<teward> once i figured out the deps issue I was going to fix it
<teward> however the original request was the binary that nginx-core provides without nginx-common
<teward> hence the original 'scope' discussion I had with andres as to what exactly was being requested
<teward> i'll have to think about how to approach this
<teward> but I won't be able to do that while these coworkers of mine are rude noisy [CENSORED] right next to my cube and they aren't even discussing work
<teward> this is a wishlisted feature, of course, of more importance before FeatureFreeze of this cycle is which NGINX branch to track
<teward> and i'm still waiting for that email to be released from the mod queue on the mailing list so I can get everyone's input :P
<TJ-> teward: the only noise I have is birds tweeting, and tapping on the roof of my inside-out room :)
<teward> TJ-: heheh.  You're lucky then :P
<teward> I'm stuck with noisy inconsiderate coworkers WHO I HOPE ARE READING THIS HUGE PRINT OVER MY SHOULDERS.
<teward> (it's been one of those days...)
<teward> *pops in earbuds and blasts metal music to drown them out*
<TJ-> ha! and now a Husky come to howl at me for her dinner :)
<teward> TJ-: I think what I'll do is strip nginx-daemon to a separate package excluding the dynamic modules, and leave that in nginx-core.  Once that's done the daemon can be installed separately minus the featuresets that were in the dynamic modules
<teward> that should settle andres' request as well as solve nginx-core.
<teward> but that's a problem for tomorrow ;P
<leftyfb> davidlopez: while you CAN install a GUI onto your server, it will in no way make properly configuring your server easier. In fact, it will slow you down in many ways including adding unnecessary resources to your server. If you have any interest in learning, the terminal is where it's at.
<tomreyn> so this channel is +z, bu thtere are no ops
<tomreyn> *but there
<leftyfb> wait, can you see this?
<tomreyn> yes
<tomreyn> you're registered
<leftyfb> and philip___ isn't?
<tomreyn> i guess not
<tomreyn> -NickServ- philip___ is not registered.
<tomreyn> so unregistered users can type here, and assume they've been read. but in fact only ops would get to see them. and there are no users with mode +o here (currently)
<tomreyn> meaning unregistered users just speak to /dev/null without being aware of it
<leftyfb> kinda sad that there's no +o's here
<powersj> There are ops and if you need something I believe you can ask in #ubuntu-irc
<powersj> They turned on registering after a lot of spam
<rbasak> Unit193: ^
<Unit193> rbasak: What's up?
<rbasak> See backscroll please?
<rbasak> Do we need to do something about that?
<Unit193> rbasak: I'd think for this channel +r would be best, personally.  I'm not a named op here though.
<Unit193> rbasak: Poked somewhere else, hopefully it's solved soon.
<rbasak> Unit193: thanks!
#ubuntu-server 2018-08-07
<cryptodan> TJ-: I found a stable version of Ubuntu Server that doesnt present the aacraid error
<TJ-> cryptodan: a different release?
<cryptodan> the kernel is Linux capricorn 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:31:42 UTC 2014 i686 i686 i686 GNU/Linux
<cryptodan> Linux capricorn 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:31:42 UTC 2014 i686 i686 i686 GNU/Linux
<cryptodan> DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
<cryptodan> I also found that the bug goes all the back to CentOS 5 on kernel 2.6
<TJ-> ouch!
<TJ-> this is what happens when devs mess with code for newer devices and don't ensure older devices aren't upset
<TJ-> There's been a lot of that in the kernel in recent years
<cryptodan> also found a validated version of Red Hat for the server doesnt boot from the CD
<TJ-> DevOps contagion
<cryptodan> it stalls at loading kernel
<cryptodan> let it sit over night and no boot
<TJ-> "loading kernel" is a boot loader message, if that's what you mean
<TJ-> so the kernel doesn't start executing?
<TJ-> it should go "loading kernel" ... "loading initrd" then kernel starts and you see its messages
<cryptodan> no dmesg
<TJ-> right, so hand-over failed. that can happen if the firmware e820 memory map confuses the boot loader
<cryptodan> id expect a validated and supported OS per Dell would boot up
<cryptodan> but I posted my system specs on that one bug report https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1777586 that I found a stable system setup for people to try
<ubottu> Launchpad bug 1777586 in linux (Ubuntu Bionic) "Ubuntu Server 18.04 LTS aacraid error" [High,Confirmed]
<neell> HI
<neell> need some help on package installation that in failing on my ubuntu server 18.04.1. i suspect its because of repository
<neell> Err:1 http://archive.ubuntu.com/ubuntu bionic/main amd64 cpp-7 amd64 7.3.0-16ubuntu3
<neell>   Connection failed [IP: 91.189.88.149 80]
<neell> Err:2 http://archive.ubuntu.com/ubuntu bionic/main amd64 gcc-7 amd64 7.3.0-16ubuntu3
<neell>   Connection failed [IP: 91.189.88.152 80]
<neell> E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/g/gcc-7/cpp-7_7.3.0-16ubuntu3_amd64.deb  Connection failed [IP: 91.189.88.149 80]
<neell> E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/g/gcc-7/gcc-7_7.3.0-16ubuntu3_amd64.deb  Connection failed [IP: 91.189.88.152 80]
<neell> E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
<neell> any idea folks?
<TJ-> neell: no route to host? firewall?
<TJ-> neell: can you connec to those URLs with curl/wget/w3m/lynx ?
<neell> some packages were installed successfully, after 4/5 tries
<neell> for this one, its showing 63% completed and then failing
<TJ-> Connection Failed means the TCP connection broke
<TJ-> could be a MITM and/or proxy
<neell> ok, i am running the same my command again. its showing now 63% waiting for header
<neell> got this now:
<neell> Err:1 http://archive.ubuntu.com/ubuntu bionic/main amd64 cpp-7 amd64 7.3.0-16ubuntu3
<neell>   Connection failed [IP: 91.189.88.161 80]
<neell> 63% [Waiting for headers]
<neell> and the same error as above
<TJ-> I can connect to those IP addresses fine
<TJ-> check the route with "tracepath 91.189.88.149", try a ping , see if there's any packet loss or variable latency
<neell> something wrong from my end. i am kind of newbee on Ubuntu commands
<neell> i am giving u tracert result
<neell> http://paste.ubuntu.com/p/q3GjsG28WG/
<TJ-> You're on Guam? you ought to set a mirror in Hong Kong
<neell> ok
<neell> so u want me to connect to hk mirror instead and install package from there?
<neell> how do i change repo to my closest one and install package from there?
<TJ-> neell: well, it'd likely be more reliable, you'd avoid the level-3 HK>London link which causes a lot of latency
<TJ-> The best mirror would be https://launchpad.net/ubuntu/+mirror/mirror.xtom.com.hk-archive
<neell> ok
<neell> how do i change it to that?
<TJ-> You'd edit /etc/apt/sources.list and match the info given on that web page
<neell> any command to do that?
<TJ-> use the "Display sources.list entries for" choose Bionic and it shows you what should be in sources.list
<TJ-> neell: any text editor, using sudo because the file is owned by root
<TJ-> neell: if you use vim, it'd be "sudo vim /etc/apt/sources.list"
<neell> yes, i can see the repo list
<neell> so i need to create the hk mirror at the beginning of the file?
<TJ-> replace every archive.ubuntu.com with mirror.xtom.com.hk
<neell> ok
<TJ-> I noticed apt allows editing now, you can do "sudo apt edit-sources"
<neell> deb http://mirror.xtom.com.hk/ubuntu bionic main
<neell> deb http://mirror.xtom.com.hk/ubuntu bionic-security main
<neell> deb [arch=arm64,ppc64el,amd64] http://mariadb.mirror.digitalpacific.com.au/repo/10.3/ubuntu bionic main
<neell> deb [arch=ppc64el,arm64,amd64] http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu bionic main
<neell> deb http://mirror.xtom.com.hk/ubuntu bionic-updates main
<neell> this is now the list
<neell> is it ok?
<TJ-> neell: I don't think they mirror security, usually we set that to security.ubuntu.com so you get updates immediately
<neell> so only the "bionic main" will be updated to HK mirror?
<TJ-> neell: oh, they do mirror it... just the mirror is delayed a few hours compared to security.ubuntu.com
<TJ-> neell: try the HK server out for those you've just shown
<neell> ok
<TJ-> neell: you can always change back if there's no improvement
<TJ-> neell: "sudo apt update"
<neell> Get:5 http://mirror.xtom.com.hk/ubuntu bionic/main amd64 Packages [1,019 kB]
<neell> Get:5 http://mirror.xtom.com.hk/ubuntu bionic/main amd64 Packages [1,019 kB]
<neell> Get:5 http://mirror.xtom.com.hk/ubuntu bionic/main amd64 Packages [1,019 kB]
<neell> Get:5 http://mirror.xtom.com.hk/ubuntu bionic/main amd64 Packages [1,019 kB]
<neell> Get:5 http://mirror.xtom.com.hk/ubuntu bionic/main amd64 Packages [1,019 kB]
<neell> Get:5 http://mirror.xtom.com.hk/ubuntu bionic/main amd64 Packages [1,019 kB]
<neell> 30% [5 Packages 0 B/1,101 B 0%]
<neell> and lots of these lines
<TJ-> !paste | nell
<ubottu> nell: For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<neell> ok, sure.
<cpaelzer> good morning
<neell> seems like its downloading...
<neell> but still 30%
<TJ-> neell: neell it could point to problem with your connection
<TJ-> between you and HK at least
<neell> ok. any idea how can i solve it
<TJ-> neell: unless it's on your network, complain to your ISP :)
<neell> before, it would take few seconds to finish command sudo apt update
<TJ-> neell: what have you changed on the server, or on the network, recently?
<neell> no
<neell> i was able to install maria-db from au mirroe, it was i guess 183MB
<neell> now, while installing packages of 140MB, it was giving error
<TJ-> neell: I wonder if your ISP has deployed a transparent proxy
<neell> ok, i got an error at last
<neell> https://paste.ubuntu.com/p/xk43GW7YdR/
<TJ-> neell: you might get a clue looking at the HTTP headers with "wget -S -O /dev/null http://mirror.xtom.com.hk/ubuntu"
<neell> https://paste.ubuntu.com/p/7sKQ6ch4dB/
<TJ-> neell: hahah "X-Custom-Job: If you see this header, please contact hello@xtom.com for a job"
<neell> hmm
<neell> ok, so it looks good?
<TJ-> neell: no tell-tale signs of an HTTP proxy, but there could be a transparent proxy
<neell> can I try to switch to an US mirror?
<TJ-> neell: but we say it only got about 1100 bytes when it should have been much more, so I think the connections are being broken on the link between you and HK
<neell> ok, got it. may be I can try some other mirrors?
<TJ-> you could but I doubt it'll help, looks like all your traffic goes via HK
<neell> where can I get mirror list?
<TJ-> neell: https://launchpad.net/ubuntu/+archivemirrors
<neell> ok, thanks. i will check
<neell> looking for help here.... I am trying to install Webmin
<neell> getting below error
<neell> on Ubuntu Server 18.04.1
<neell> https://paste.ubuntu.com/p/D873FM5BXJ/
<neell> it gives me this
<neell> The following packages have unmet dependencies:
<neell>  webmin : Depends: libauthen-pam-perl but it is not installable
<neell>           Depends: apt-show-versions but it is not installable
<neell> E: Unable to correct problems, you have held broken packages.
<neell> and when I am trying to install the package "sudo apt-get -f install libauthen-pam-perl
<neell> "
<neell> it gives me this:
<neell> Package libauthen-pam-perl is not available, but is referred to by another package.
<neell> This may mean that the package is missing, has been obsoleted, or
<neell> is only available from another source
<neell> E: Package 'libauthen-pam-perl' has no installation candidate
<neell> anyone can help on this?
<tafa2> So I'm getting started on my first production deployment - there's going to be around ~27 production servers and I was looking into some sort of server management tool like SaltStack
<tafa2> Anyone using it and love it? Would anyone recommend anything else?
<RoyK> I use ansible
<RoyK> there's quite a few different tools to choose from, though - chef, puppet, ansible, cfengine, ansible, saltstack etc etc
<RoyK> ansible twice in that list - oh well - I like ansible :D
<tafa2> thanks RoyK I'm looking at them all - trying to see which one has the best free offering :)
<RoyK> "free offering"?
<RoyK> iirc they're all open source
<tafa2> indeed - I mean which one has the best open source option/easiest to use
<RoyK> that mostly depends on your own preferences ;)
<thegoat_> so i seem to have an issue with slow dns query response. when i try to ping something like www.google.com it'll take like 6 seconds for it to do the dns lookup, then it'll start pinging.  but if i do a dns query with nslookup it finishes quickly.  i had read some stuff about disabling tx and rx offloading or something like that, but disabling it as per the sugestions,it didn't work.  not sure where to look
<compdoc> its a vm?
<thegoat_> yes
<compdoc> kvm?
<thegoat_> esxi 6.5
<TJ-> thegoat_: I've seen that when there's an IPv6 record being returned for the hostname too. Try "dig www.google.com" see what is returned
<thegoat_> n/m fixed it. it was an id10t error
<teward> rbasak: powersj: either of you around so I can bounce a question off of you?
<teward> probably rbasak moreso since he's been around throughout nginx becoming a main package :P
<teward> rbasak: i think this was discussed, but would there be a problem with the non-LTS interim releases tracking NGINX Mainline instead of NGINX Stable so the interim releases can work with newer features/etc. that won't be available until next LTS in the Stable NGINX branches?
<teward> I think we had said there wouldn't be, but I forget the original conversation and what came from it.  (It's also why I emailed the list, but apparently I'm still stuck in the moderation queue, so someone needs to poke the mailing list admins)
<teward> TJ-: thanks for the assist yesterday, I've done some revisions to the package I was working on, and I think I am almost at the point where this can be tested for that LP bug requesting a daemon-only package.  Just gotta wait for the PPA builders to finish uploading to run some tests myself...
<teward> without the assist and guidance I'm not sure I'd have gotten this all solved.
<TJ-> teward: :) it often helps to have a pair of unrelated eyes
<axisys> replaced the bad disk with a new disk and smartctl does not recognize it
<axisys> https://dpaste.de/iThm/raw
<axisys> any suggestion?
<axisys> the corrupted disk that were replaced were visible by smartctl.. so backend is fine. so possibly the new disk is bad?
<tomreyn> this disk was hot swapped?
<tomreyn> i assume it is not 600 peta bytes?
<tomreyn> is /dev/sdb a proper device node still?
<TJ-> looks like the hot-swap... didn't :)
<tomreyn> yes, this looks like live transplant without sedation
<tomreyn> maybe you can:  for host in /sys/class/scsi_host/host*; do echo "[ Rescanning ${host##*/} ]"; echo "- - -" | sudo tee -a $host/scan 1>/dev/null; sleep 1; echo; done
<tomreyn> but a reboot seems a good idea.
<tomreyn> axisys: ^ still with us?
<axisys> TJ-: yes, hot swap
<axisys> ok .. let me scan
<TJ-> axisys: are the disk in a chassis? the messages look like there is some intermediary hardware/firmware between PC and disk
<axisys> cool.. scan did the trick
<tomreyn> be sure to find out how to hot swap properly for the future. this was not a healthy operation.
<TJ-> !cookie | tomreyn
<ubottu> tomreyn: Wow! You're such a great helper, you deserve a cookie!
<tomreyn> wow, now i get cookies for blaming people, sweet. ;-)
<tomreyn> axisys: dont take me too serious, good luck there. i'd still wnat to reboot it soon.
<axisys> tomreyn: why reboot? (learning)
<axisys> tomreyn: curious on hot swap properly ..
<tomreyn> axisys: well you ripped this disk out while the controller was still accessing it, or thinking it was still there all the time. your dmesg will be full of errors., and a couple things may still be in an unsane state.
<axisys> how do I tell controller to stop accessing the disk? thanks for your help!
<tomreyn> axisys: how to hot swap properly will be documented in your server operators manual. but i'd always announce removal via software before the fact.
<tomreyn> don't do this now: echo 1 > /sys/block/sda/device/delete
<axisys> tomreyn: right.. documenting ..
<tomreyn> obviously you want to unomunt everything from there beforehand
<axisys> ok /dev/sdb is not in use anywhere
<tomreyn> i'd "eject", too, just in case
<tomreyn> also not now
<axisys> eject would eject cdrom.. no?
<axisys> understand...
<axisys> system is running off of /dev/sda .. right now.. so no harm either way.. but understood
<axisys> tomreyn: so once I swap the disk just scan it, right?
<tomreyn> axisys: yes, that's usually enough afterwards. the important thing is to prepare for removal properly
<tomreyn> axisys: and most of all not all hardware has hot swap capability
<axisys> right
<tomreyn> axisys: you need the controller, firmware, and OS to support it. and whatever else might sit between controller and storage.
<tomreyn> so start by reading your controller / mainboard / server manual
<axisys> ok.. I tested on another system exact same hardware sun fire x2250 .. and it worked.. first stop accessing, swap out and then scan.. awesome! saving a steps in my wiki.. thank you!
<tomreyn> another computer museum?
<tomreyn> :)
<tomreyn> you'll pay a lot of power for those. might be worth replacing them by half as many current systems some day.
<tomreyn> or actually a third
<axisys> yes.. those are from part.. recently most of our servers hp dl360 or dl380s
<axisys> from past*
<tomreyn> current gen hp is fine, as long as you have a support contract.
<tomreyn> and dont need to stack up fast...
<tomreyn> ^ personal opinion / experience, i'm not affiliated with canonical
<rbasak> teward: what would happen if we tracked mainline before LTS-1 and we didn't get a stable release by LTS?
<teward> rbasak: NGINX stable releases are always cut from mainline around the time we release
<teward> for 16.04 it was cut same-day as release and we did a version-string-only SRU with the Release team's approval post release
<teward> for 18.04 it came out same week as FinalFreeze but I was able to get that in right before the freeze went into effect (same-day)
<teward> rbasak: if we track Mainline up to release date, then the delta between Mainline and Stable when it's cut is extremely minimal, and the past several cases we've run into this we really didn't have to do any feature changes, etc. just the version string revisions
<teward> by the time of NGINX Stable cut which is about when we release LTS, it would be most likely a trivial post-release version-string-only change SRU with no new 'features' by the release date
<teward> rbasak: basically it'd mirror what we had for 16.04, or this past time for 18.04.
<teward> the other problem we're going to face though rbasak...
<teward> if we don't give the 'newer versions' people are going to become 100% dependent on the PPA for the "new features"
<teward> at which point the question is "why do we bother updating nginx in the repos then?" (to the non-informed user, that is)
<rbasak> teward: what I mean is: we should bump to mainline unless the following stable is already scheduled to be release before freeze for Ubuntu's following LTS.
<rbasak> we *shouldn't*
<teward> rbasak: and that's the 'problem'
<teward> rbasak: it's always just before or just after our release date
<teward> consistently falls around the same week or two, and they don't give firm date releases
<teward> rbasak: i have no issues keeping it at 'stable'
<teward> but people are going to complain heavily, I guarantee it.
<rbasak> It's generally OK to bump to final stable, even in an SRU, if the changes are minimal (eg. just a version string bump, or a few bugfixes), since those changes qualify for SRU anyway.
<rbasak> However, it risks pain.
<rbasak> So it depends on you I think. By Ubuntu policies we can do it.
<teward> it's actually less pain to bump to latest Mainline and switch it to nginx stable, because a large portion of the 'fixes' and changes to spec of HTTP/2 and such ahppen in Mainline
<rbasak> But, as I don't particularly want to commit Canonical's time to back that up, I'd prefer to stick to nginx stable consistently.
<teward> this is why i posted to the ML
<teward> but unless you can release that, it's stuck in limbo for eternity
<teward> (read: mod queue)
<rbasak> Oh
 * rbasak looks at the mod queue
<rbasak> Accepted
<teward> rbasak: To be fair, I tell people to use the PPA if they want the "latest and greatest" anyways, but the reason I'd like more feedback is because MaaS people or other departments might want to see whether their stuff works in the newer releases, etc.
<teward> rbasak: as for *my* workload it doesn't change
<teward> i have to keep both NGINX Stable and NGINX Mainline uptodate and working in two PPAs anyways, so
<teward> the other problem is Debian
<teward> because they track Mainline usually most of the time
<teward> ... though they are far behind at this point, last thing they did was in april
<rbasak> It's the risk of work, I think. If nginx stable releases late and with feature changes, leaving us in a pickle if we've released our LTS pre-stable-release.
<teward> (E:UnmaintainedInDebian?)
<rbasak> Since we need to decide on that in advance, I think it depends on our relationship with upstream.
<rbasak> (and on how much we need it)
<teward> where 'upstream' means nginx in this context?
<teward> and not Debian
<rbasak> Yes
<teward> rbasak: the only reason I am hesitant to track only Stable is because Stable is only supported officially upstream for a year
<teward> that is, until the next Stable cut from Mainline
<teward> and we're going to have that problem with Mainline either way, because that's only good for a year before they drop official support for it
<teward> the remaining 'bug fixes' are either nitpicked or microreleased as needed for substantial ones
<teward> and security patches need backported either way (but Security Team takes care of that for the most part)
<rbasak> Stable is a better fit for stable distribution releases I think?
<teward> do we consider the interim releases "stable distribution releases" though as we only support them for 9 months?
<rbasak> I don't see how mainline would be better to have in the distribution from a length of support perspective.
<teward> rbasak: wait until TLS1.3 is a thing?
<rbasak> Yes. The SRU policy applies equally on non-LTS releases.
<rbasak> And our stability promise is roughly the same.
<rbasak> If anything, LTS is less stable, because we do HWE and occasionally feature enhancements in them.
<rbasak> (because they have an extended life it's more necessary to do that)
<teward> y'know it sucks I can't search the mailing list archives easily
<teward> rbasak: i found a thread in the list about this, back from 2015...
<teward> sarnold: you were the last to reply to it heh
<teward> and it establishes the precedent that was used for 14.10 through 15.10 and then established the 16.04 changes.  https://lists.ubuntu.com/archives/ubuntu-server/2015-June/007075.html https://lists.ubuntu.com/archives/ubuntu-server/2015-June/007076.html
<teward> not sure if that opinion still stands
<teward> not sure this has to be determined today, we could wait for replies to my message to the list you just released, rbasak
<teward> I ultimately don't care either way, but you still have to realize that every x.04 release is going to run into the same problem with the current 'release schedule' that NGINX has.
<teward> even if we stick to stable.
<axisys> before rsync completes .. sda disappeared ..
<axisys> sdb is the new disk as part of md0 (sda1,sdb1) and md1(sda2,sdb2)
<axisys> # ls -al fstab
<axisys> -rw-r--r-- 1 root root 1113 Jul  2  2012 fstab
<axisys> # cat fstab
<axisys> cat: fstab: Input/output error
<axisys> yikes!
<ahasenack> was that a striped raid?
<axisys> ahasenack: raid1
<ahasenack> so why did the raid fail if sdb was still there?
<axisys> sdb is the new disk to replace bad sdb
<axisys> smartctl was saying FAILING and replace it now ..
<ahasenack> you had a failure during the raid rebuild?
<rangergord> Hiya. What would happen if I create a Virtualbox VM with Ubuntu Server on it, including the ubuntu-desktop package for GUI, then copy this VM to a headless server? Would Ubuntu still start and run the background services?
<axisys> ahasenack: yes :-(
<rangergord> I don't yet have a headless server to try it out for myself
<ahasenack> axisys: yep, I heard that can happen
<ahasenack> rangergord: it will still have a video card, right?
<rangergord> ahasenack: condolences
<rangergord> ahasenack: I'm not sure. Let's say it doesn't. What happens then?
<ahasenack> rangergord: I don't think a PC boots without a video card
<ahasenack> but could be wrong
<rangergord> pretend it's a typical 1U server. if it needs a gpu to boot, then sure, there's one.
<ahasenack> rangergord: anyway, I would expect it to try to start X as usual and present the login greeter. If X failed (no driver), that would be ok. What wouldn't be running is services that run after a desktop user logins
<ahasenack> all that UI stuff
<rangergord> ahasenack: good enough for me! thanks.
<ahasenack> axisys: that's why I hear that two disk redundancy is advised. If possible ($$), of course
<ahasenack> the rebuild stress can make the last disk fail
<ahasenack> s/last/remaining/
<rangergord> also never forget backup :)
 * ahasenack ponders about adding a 3rd disk to his 2-disk mirror
<ahasenack> I actually have one, but was considering it a spare
<rangergord> could make it a differential backup of the mirror
<rangergord> *mirrored disks
<rangergord> I got myself a Synology recently for home server use. Didn't want to invest the time to learn everything.
<rangergord> Synology is just Linux with a GUI slapped on it
<ahasenack> I have a synology
<ahasenack> what I disliked about it is that they have their own patches on top of btrfs
<ahasenack> I can't btrfs send/recv to/from it
<ahasenack> from a linux box
<ahasenack> so now I have an old desktop with zfs to backup that nas and other stuff
<ahasenack> almost headless :)
<axisys> it is possible raid build completed before sda giving up.. but I am not 100%
<axisys> ahasenack: not sure how to confirm
<ahasenack> is it still rebuilding?
<ahasenack> check /proc/mdstat
<axisys> ahasenack: no
<axisys> ahasenack: yep
<ahasenack> and you still hav the error?
<axisys> sda is missing
<ahasenack> anything useful in the last lines of dmesg?
<axisys> ahasenack: https://dpaste.de/Ayvu/raw
<ahasenack> and, is sda really dead?
<axisys> ahasenack: yes
<axisys> file-system is readonly
<axisys> readonly now*
<ahasenack> what fs is on top of that?
<axisys> ext4
<axisys> so md0 completed .. but md1 is the large disk and not sure if completed
<ahasenack> I don't know
<ironpillow> hi all, I have a ubuntu 18.04 LTS server box (quad core, 8GB memory) as a router and have two access points. I am running dnsmasq as dhcp and dns server. I have around 30 wifi devices connecting to the network. For some reason, the ubuntu box randomly looses internet. I can't ping 8.8.8.8 or google.com. But as soon as I reboot the ubuntu box, it works. I don't change anything. Any advice? really apprec
<ironpillow> iate it
<ahasenack> ironpillow: that's very generic, sorry. It could be a million things
<ironpillow> ahasenack: yeah. I am not able to figure it out. syslog is not showing anything in particular. dmseg only shows one error perf: EDAC pnd2: Failed to register device with error -22.
<ironpillow> ahasenack: do you know if /etc/resolv.conf is automatically rewritten. I ask because, there is a bug in 18.04 and I have to re-write resolov.conf manually every time system is rebooted.
<ahasenack> it's a generated file, yes. Changes will be lost
<ahasenack> networks coming and going could trigger an update to resolv.conf
<axisys> added a disk on same slot where sda was.. it came up as sdc .. server still up ..
<axisys> sdc1 is added to md0 fine, no complain.. but failing to add sdc2
<axisys> # mdadm /dev/md1 --add /dev/sdc2
<axisys> mdadm: cannot load array metadata from /dev/md1
<tomreyn> well md1 thinks it's active device is sda2. but you removed this, apparently uncleanly.
<ironpillow> ahasenack: so it might be re-written on a running system?
<tomreyn> you'll need to mdadm --fail /dev/sda2, just telling mdadm about the facts, i guess. and probably delete the sda scsi device, too
<tomreyn> (or sata)
<axisys> tomreyn: no .. it was failing and removed itself while  rebuilding
<ahasenack> ironpillow: nowadays, actually, I think it will stay put, with just the entry to 127.0.0.53. It's the resolver at 127.0.0.53 that gets reconfigured
<tomreyn> axisys: so those dmesg records are old?
<axisys>  mdadm --fail /dev/sda2
<axisys> mdadm: error opening /dev/sda2: No such file or directory
<tomreyn> sorry, wrong usage
<axisys> tomreyn: that triggered I think during raid1 rebuild with sdb
<axisys> let me paste current /proc/mdstat
<ironpillow> ahasenack: I have to change the entry to 127.0.0.1 for internet to work.
<ahasenack> from 127.0.0.53?
<ironpillow> yes
<mike-zal2> have someone already updated 16.04 to 18.04?
<axisys> https://dpaste.de/OHfb/raw
<tomreyn> axisys: actually it was the correct usage
<tomreyn> sorry abotu my confusion
<axisys> yes /dev/sda seems disappeared
<tomreyn> axisys: well it's still in mdstat
<axisys> is there a way I can force in sdc2 into md1
<ironpillow> ahasenack: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320
<ubottu> Launchpad bug 1624320 in systemd (Ubuntu) "systemd-resolved appends 127.0.0.53 to resolv.conf alongside existing entries" [Low,Confirmed]
<tomreyn> you can "mdadm --remove /dev/sda2" now
<ironpillow> so does systemd-resolved append 127.0.0.53 at random times on a running system?
<ahasenack> no
<ahasenack> I don't know what happens in an upgrade from < 18.04
<tomreyn> axisys: and you can "mdadm --add /dev/md1 /dev/sdc2"
<ahasenack> but a fresh 18.04 will use just 127.0.0.53
<axisys> tomreyn: # mdadm /dev/md1 --add /dev/sdc2
<axisys> mdadm: cannot load array metadata from /dev/md1
<ironpillow> ahasenack: yes, I am not able to ping or access internet. I have dnsmasq installed.
<ironpillow> and my dns server is at 192.168.2.2
<ironpillow> sorry: my dns server dnsmasq is listening on 192.168.2.2
<ironpillow> but forgetting about dns, ping 8.8.8.8 also is not working when resolv.conf has 127.0.0.53. it only works after changing it to 127.0.0.1
<teward> `ping 8.8.8.8` doesn't use DNS at all
<tomreyn> axisys: hmm that's quite unfortunate. the array metadata explains how the data is aligned on the raid devices. if this is missing... there's no way to interpret it.
<teward> so if `ping 8.8.8.8` just doesn't work that's probably a different issue
<ironpillow> teward: yeah, that's what confusing. ubuntu just stops working. I have to reboot in order for ping 8.8.8.8 to work
<ahasenack> ironpillow: does ping get stuck?
<ahasenack> or what does it complain about?
<tomreyn> axisys: you can try to --grow --raid-devices=2 /dev/md1   (but i assume it will fail with the same error)
<ironpillow> ahasenack: it gets stuck
<ironpillow> doesn't complain or anything.
<axisys> let me check
<axisys> # mdadm --grow --raid-devices=2 /dev/md1 --add /dev/sdc2                             mdadm: /dev/md1: no change requested
<axisys> tomreyn: ^
<tomreyn> axisys: can you show a current paste of the same info as before?
<axisys> tomreyn: https://dpaste.de/6L5P/raw
<tomreyn> axisys: so do you still have file systems mounted on top of md1?
<axisys> system is still up .. but readonly and sometimes even worse like here
<tomreyn> you should not, so be sure to go to single user mode and unmount / disable anything that's on top of md1
<axisys> # ls -al fstab
<axisys> -rw-r--r-- 1 root root 1113 Jul  2  2012 fstab
<axisys> # cat fstab
<axisys> cat: fstab: Input/output error
<tomreyn> i assume your OS is on md0?
<axisys> md0 is /boot
<tomreyn> so the Os is on md1?
<tomreyn> right md0 is too small to be /
<axisys> https://dpaste.de/YrWm/raw
<tomreyn> lsblk would maybe answer my question
<axisys> haha ..
<tomreyn> but i think this is a lost cause, rebuild system, restore backups
<axisys> # lsblk
<axisys> bash: /bin/lsblk: Input/output error
<teward> assuming there are backups, of course.
<tomreyn> well, we always assume that ,right?
<teward> after dealing with users on Ask Ubuntu for a couple years I lost hope that there're backups held by [Insert User Looking for Help Here]
<teward> but you're not wrong
<teward> we should always assume there's backups :P
<tomreyn> axisys: so in the hopefully very unlikely case that there are NO backups: you could dd sdb2 to some other device, then boot to some recovery system and run mdadm against sdb2, creating a new RAID-1 array with a single active device
<tomreyn> and then see if there is data on there that you can recover.
<tomreyn> how to recover this data will depend on which block device layers you had on top of md1, you would need to recreate those there as well
<axisys> ah.. so dd if=/dev/sdb2 of=/dev/sdc2; (no backup)
<tomreyn> yes, if sdc2 is not in use
<tomreyn> i thought we had added that to md1
<axisys> this is one of the 6 servers to access the network.. so it is not an outage.. but I am taking this opportunity to learn to rebuild it graciously (if possible)
<axisys> tomreyn: failing to add sdc2 to md1
<tomreyn> oh right there was no metadata, so it couldnt add it
<tomreyn> axisys: also worth a try while you're still running: mdadm --grow --raid-devices=3 /dev/md1
<tomreyn> but this would also fail, i guess
<axisys> # mdadm --grow --raid-devices=3 /dev/md1
<axisys> raid_disks for /dev/md1 set to 3
<tomreyn> axisys: any news on mdstat?
<axisys> md1 : active raid1 sdb2[2](S) sda2[0]
<axisys>       243801976 blocks super 1.2 [3/1] [U__]
<axisys> 3/1
<axisys> I could try adding it again
<tomreyn> yes
<tomreyn> but the metadata is still missing ;)
<axisys> does not like it.. if I could just get metadata from where :-)
<axisys> # mdadm /dev/md1 --add /dev/sdc2
<axisys> mdadm: cannot load array metadata from /dev/md1
<axisys> a good server with similar build
<axisys> built*
<tomreyn> what do yuo mean?
<axisys> I wonder if I could take its metadata and place it in /boot dir since md0 is good and point to it
<axisys> i have another good server with similar built
<tomreyn> how far in was the resync from sda2 to sdb2 when it failed, do yuo know?
<axisys> no ..
<tomreyn> the other server wont help you
<axisys> k
<tomreyn> your only hope now is to try to carve off sdb2 what was copied there.
<tomreyn> or to have soemone recover data off your failed disk drives
<axisys> yeah.. if that is the case we will just rebuild.. but using this opportunity to indulge all ideas..
<axisys> different topic => is it possible to convert from RAID1 to RAID10 without data loss with HP raid controller?
<axisys> yes I am working on another set of hp servers when one of the server, whoever intern built, did not use LVM .. so trying to find a way to expand sda .. application vendor says it has to be all in sda ..
<axisys> s/when/where/
<axisys> all the other servers has LVM.. so had no issue on expanding
<tomreyn> so you have hardware raid 1 (which controller?) and the capacity it provides is insufficient, but you have more spare disks?
<tomreyn> downtime is an issue?
<axisys> tomreyn: downtime is not an issue
<axisys> tomreyn: raid1 (800G,800G) .. need to expand and bought 2 2TB ..
<axisys> so thinking another raid1 and then strip the two raid1s
<axisys> stripe*
<tomreyn> if downtime is not an issue i'd just backup and rebuild from scratch.
<tomreyn> if downtime is an issue, it seems to be possible to migrate https://serverfault.com/questions/545809/how-to-move-raid-1-to-raid-10
<tomreyn> hmm this is really old, better make sure it's still valid
<axisys> k
<axisys> thanks for the link tho..
<tomreyn> https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c03510253
<axisys> cool.. online resizing .. nice
<tomreyn> but then i dont know what hardware you have there
<axisys> Smart Array P440ar
<tomreyn> you apparently operate as a company or larger organization, and dont have backups for everything. i really recommend you take some time to make sure your processes are in good shape.
<tomreyn> if this can happen now, it will only get worse in the future unless you re-evaluate how you do what you do.
<tomreyn> P440ar - that#s a common one.
<axisys> these HP servers have backup .. that old SUN FIRE was just bashtion server one of 6 which do not have backup
<tomreyn> it still semed mimportant enough thtat you spent time on evaluating whether the data on raid can be restored, if partially.
<tomreyn> *seemed
<tomreyn> i don't mean to criticise you, it's none of my business, i'm just trying to provide suggestions
<axisys> hey.. taking all as suggestions.. appreciate the help
<tomreyn> :)
<tomreyn> HPE SSA user guide https://support.hpe.com/hpsc/doc/public/display?docId=c03909334
<tomreyn> HPE P440ar controller quickspecs https://www.scalcom.de/ftp-import/datasheets/726736-B21.pdf
<tomreyn> actually this one https://h20195.www2.hpe.com/v2/getdocument.aspx?docname=c04346299
#ubuntu-server 2018-08-08
<adrian_1908> Hello. "Cannot join #ubuntu (You are banned)." Do they ban by IP? Otherwise I cannot make sense of how this happened, maybe a mistake in light of the recent spam attacks?
<TJ-> adrian_1908: can you join #ubuntu-ops ?
<adrian_1908> TJ-: done
<adrian_1908> should i ask there again?
<TJ-> adrian_1908: yes, that's the channel operators channel
<adrian_1908> ok, will do. thanks for the tip!
<coreycb> jamespage: if you get a chance can you sponsor python-blazarclient and python-qinlingclient uploads to debian for me?
<jamespage> coreycb: ack - I'm pushing proposed->updates for rocky so we can flush staging->proposed
<coreycb> jamespage: +1
<ahasenack> rbasak: can you check if the script that generates http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html is still running and not failing?
<ahasenack> it's still listing apache2 as needing a merge, but that has been in cosmic for ~2 days now
<ahasenack> rbasak: hm, g-u also seems outdated regarding apache2
<ahasenack> rbasak: same for bind9, wrt report merges
<rbasak> ahasenack: looks like it last ran a week ago
<ahasenack> rbasak: the merge script?
<rbasak> Yeah
<rbasak> I can't remember if I have shell access.
<rbasak> I think I might do.
 * rbasak looks
<ahasenack> ah yeah, I missed the timestamp
<ahasenack> Delta generated at: 2018-07-30 11:37 UTC
<ahasenack> rbasak: any progress
<ahasenack> ?
<coreycb> cpaelzer: hi, is this on your radar? https://paste.ubuntu.com/p/J3DwGQRNGG/
<coreycb> cpaelzer: i think there's a fix upstream for that
<rbasak> Sorry I got distracted
 * rbasak finds it
<ahasenack> rbasak: it's still failing?
<rbasak> Yeah.
<rbasak> I suspect a firewall change by IS.
<rbasak> (debugging)
<ahasenack> maybe point at the internal squid
<cpaelzer> coreycb: haven't seen this - is this cosmic nly?
<cpaelzer> only
<coreycb> cpaelzer: yes
<cpaelzer> I'm working on libvirt 4.6 right now - so if you'd hand me the most simple test case then I can verify it is good with that
<cpaelzer> coreycb: ^^
<cpaelzer> Setting up sounds like package install
<cpaelzer> is that package install coreycb?
<coreycb> cpaelzer: let me double check. i think it is package install.
<cpaelzer> because I just installed
<cpaelzer> Setting up python-libvirt (4.0.0-1build1) ...
<cpaelzer> no error in a new lxd of cosmic
<cpaelzer> well with the libvirt 4.6 ppa enabled I should say
<cpaelzer> oh wait I had not the py3 version
<cpaelzer> working as well with ppa
<cpaelzer> both work as well without ppa
<cpaelzer> coreycb: sorry, I will need a testcase working in all combinations for me
<cpaelzer> I'm about to go to bed, but will pickup what you write tmrw
<coreycb> cpaelzer: np, i'll post details here once i figure it out.
<ahasenack> hm, I forgot how long squid takes to build
<ahasenack> I also don't see it using make -j
<coreycb> cpaelzer: python3.7 -c 'import libvirtaio'
<coreycb> cpaelzer: here's the patch: https://paste.ubuntu.com/p/P37YZQTj3p/
<jak2000> i type these command: ln -s /backups/ /home/jak/ftp/backups    but hen the server restart loose the link, how to do perrmanently? thanks
<sarnold> jak2000: that should be permanent; if it isn't permanent, then you need to figure out *why* it wasn't permanent.
<rbasak> ahasenack: pinned it down to a Debian infrastructure change that needs a firewall change in Canonical infrastructure. I've submitted a firewall change - now awaiting CI and review. It should work again after that lands.
<ahasenack> rbasak: the submitted fw change, was that via that firewall that takes git branches?
<rbasak> Yep
<ahasenack> ok
<ahasenack> and git-ubuntu?
<rbasak> Oh, I missed that. Guess I'll look at that next :-/
<ahasenack> apache2 and bind9 are behind, or were when I checked
 * rbasak turns into a sysadmin for the rest of the day
<wilhil> Hi guys, feeling a little silly - haven't updated/used server for a couple of versions... is something wrong on my fresh install? "npm" "..isn't here, type apt install npm"... both nodejs and npm are missing from apt install... is there anything more I need to do?
<ahasenack> wilhil: check if you have universe enabled
<ahasenack> wilhil: if you installed 18.04 server with the new server iso (new installer), then there is a bug where it won't enable universe
<wilhil> ahh... that will be it... Thanks... I was going to ask how do I check (I know the command to enable, just not how to check), but if it is a bug, I may as well just enable
<ahasenack> wilhil: it's https://bugs.launchpad.net/subiquity/+bug/1783129
<ubottu> Launchpad bug 1783129 in subiquity "Only "main" component enabled after install" [High,Confirmed]
<wilhil> is there anything else I should enable?
<tomreyn> file system checks
<ahasenack> I usually have all 4 enabled, but that's just me: main, restricted, universe, multiverse
<ahasenack> you enable what you need
<wilhil> ok, universe should be enough for me for now - thank you so much
<ahasenack> you are welcome
<rbasak> ahasenack: importer restarted. Looks like it was a Launchpad API failure (network timeout or something) that caused the master monitor to die. It's vulnerable to that type of thing and needs a rewrite before we leave experimental status.
<ahasenack> ok
<ahasenack> we should add a watcher at least
<rbasak> It just runs in a screen right now.
<ahasenack> is that a systemd service?
<ahasenack> ok
<rbasak> Maybe a systemd...
<rbasak> snap :)
<cryptodan_mobile> for any running a dell pe4600 and has the aacraid issue this is a stable setup http://termbin.com/1uzt
#ubuntu-server 2018-08-09
<ruben23> hi guys i have two user on my ubuntu server nick and vincent, nick has a default ssh keys setup already and i wanted to add for new user vincent also, how do i do that two user with there respective ssh keys.? any idea guys
<ruben23> coz im confused either i put the public key on authorized_key or i will create a separate file for vincent also.? any idea.?
<ruben23> anyone can help please
<cpaelzer> coreycb: that is a change to python libvirt
<cpaelzer> I added to my todo that I need to re-sync the new version after the new libvirt is in
<olivier[m]7> Good morning
<tobasco> coreycb: was something just changed in bionic-rocky packages
<tobasco> Failed to start sahara-api.service: Unit sahara-api.service not found.
<tobasco> was eventlet sahara-api removed?
<tobasco> if so, would be good with a heads up if something like this changes since all deployment tools usually break
<yossarianuk> hi - just trying out ubuntu server 18.04.1 - I was unable to use a KVM bridge with netplan - so I installed ifupdown and configured /etc/network/interfaces - config is here : https://pastebin.com/smQYsvgu
<yossarianuk> However on boot I have no networking
<yossarianuk> unless I use the command
<yossarianuk> ifup br0
<yossarianuk> Can anyone suggest how to get br0 to start on boot ?
<yossarianuk> also
<yossarianuk> if I use
<yossarianuk> # systemctl restart networking
<yossarianuk> That also removes br0
<yossarianuk> 18.04 + KVM don't seem to mix very well...
<yossarianuk> It works 100% fine if I just use # ifup br0 thouh - thinking about removing 18.04 and using debain/centos...
<tobasco> coreycb: assume this caused it https://launchpad.net/ubuntu/+source/sahara/1:9.0.0~b2-0ubuntu1
<tobasco> is sahara-api systemd unit file not supplied anymore? is wsgi in for example apache forced?
<tobasco> oh and there is a 9.0.0~b3 available btw
<tobasco> saw it now on releases.openstack.org
<yossarianuk> is anyone able to make ubuntu 18.04 work with a kvm bridge (and the bridge starts on boot)
<rbasak> yossarianuk: you've not said "auto br0".
<yossarianuk> basak: i.e I should add the line before the iface line ?
<tobasco> coreycb: https://bugs.launchpad.net/ubuntu/+source/sahara/+bug/1786214
<ubottu> Launchpad bug 1786214 in sahara (Ubuntu) "Unit sahara-api.service not found on bionic/rocky" [Undecided,New]
<coreycb> tobasco: yes it's switched to run under apache as of b2
<coreycb> tobasco: sorry will include that in the release notes
<coreycb> tobasco: i'm working through b3/rc1 this week
<tobasco> coreycb: aight, pretty close to rocky release, it's impossible to add it back in?
<tobasco> we need to build in wsgi support asap otherwise for puppet stuff
<coreycb> tobasco: i believe it had something to do with eventlet and py3. we've been adding py3 support this cycle.
<tobasco> so we cant? :(
<coreycb> tobasco: i think it would be a move backwards to switch it back anyway
<cpaelzer> hi coreycb, did you catch the bug I opened and subscribed you to?
<cpaelzer> TL;DR - hit rebuild after my libvirt merge is complete
<cpaelzer> I'll do that then
<coreycb> cpaelzer: i did not but i'll look
<coreycb> cpaelzer: ok so it'll be fixed soon is what it sounds like :)
<cpaelzer> yeah, libvirt keeps on giving issues on testing as usual on a merge
<cpaelzer> but once that is resolved it will start to move
<coreycb> cpaelzer: great, thanks
<cpaelzer> also there is no other fix than getting a new libvirt in, so the build dependency is fulfilled
<cpaelzer> so there would be no alternative fast-path to this
<coreycb> ok
<cpaelzer> other than pushing a broken libvirt faster - no that won't make it better :-)
<coreycb> cpaelzer: fyi we have 3 weeks until rocky releases
<ahasenack> I connceted to an autopkgtest vm with "socat - UNIX-CONNECT:/tmp/autopkgtest-qemu.fmuv1ubd/ttyS0",
<ahasenack> and inside that I did a tail -f on a log file
<ahasenack> problem is that I can't ctrl-c that, because that will kill the socat, not the tail
<ahasenack> so I'm stuck
<ahasenack> any ideas?
<cpaelzer> ahasenack: it has also ssh up
<ahasenack> cpaelzer: any ideas? ^
<ahasenack> well, that's the reason I used socat
<cpaelzer> connect via that and kill the cat process
<ahasenack> ssh wasn't letting me in
<cpaelzer> arr
<ahasenack> Aug  9 10:32:14 autopkgtest sshd[3315]: error: maximum authentication attempts exceeded for ubuntu from 10.0.2.2 port 53548 ssh2 [preauth]
<ahasenack> I don't know what failed in the ssh setup
<ahasenack> with socat I was able to login with ubuntu/ubuntu
<cpaelzer> does it has a ttyS1 as well
<cpaelzer> ?
<ahasenack> oh, it does, and immediate root
<cpaelzer> I think on autpkgtest S0 is supposed be normal and S1 is auto-root
<ahasenack> thanks :)
<ahasenack> interesting, this doesn't fail:
<ahasenack> $ sudo aa-enforce /etc/apparmor.d/usr.sbin.squid3
<ahasenack> when the file doesn't exist, I mean
<ahasenack> Profile for /etc/apparmor.d/usr.sbin.squid3 not found, skipping
<ahasenack> $ echo $?
<ahasenack> 0
<ahasenack>         # Verify it loads ok
<ahasenack>         ret, report = cmd(['aa-enforce', self.aa_abs_profile])
<ahasenack>         expected = 0
<ahasenack> heh
<ahasenack> "you were fooled!"
<ahasenack> Ran 7 tests in 267.713s
<ahasenack> allright, progress
<wendico> hello there. Im trying to install my first ubuntu server. i donwloaded and want to install on a motherboard with an array of disk in raid1.  i downloaded the last ubuntu server, burnt to my pendrive, i boot i go install i walla, my ubuntu server detects my drives alone an not my raid groups, why? what i must do so i can install on my array and not on just an alone disk
<teward> wendico: how did you create the RAID groups to begin with?  does your system have a standalone RAID card for the array, or does the BIOS see individual drives rather than a disk array?
<wendico> i set up my arrays on my BIOS, i have an integrated Intel Matrix Storage Manager (rom v5.6.2.1002 ich7r) wich i access with a set of commands on boot. There i set up 2 arrays
<wendico> I have 2 disk in raid1 where i want to install my server and 2 disk in raid0 for nas storage
<wendico> i dont know how to boot my ubuntu server to see those arrays and then install on the first one
<ChmEarl> wendico, append `dmraid` to the cmdline
<wendico> just for example "live dmraid" ?
<ChmEarl> https://help.ubuntu.com/community/FakeRaidHowto
<ChmEarl> dmraid=fakeraid
<ChmEarl> wendico, that howto above will give you an idea of how the Intel raid devices might be named... its not obvious
<wendico> i am reading and so far assuming i dont even need to use that since anyways is a "fakeraid"
<wendico> they faked me
<wendico> if is not real hardware raid, should not just disable it and use ubuntu software raid?
<ChmEarl> wendico, it might be fun to launch the installer, drop to the shell, run `dmraid -ay`, then look for the devices
<ChmEarl> isw_aabbcc
<wendico> im on it
<wendico> ChmEarl: ty, getting closer, dmraid was not in live, i sudo installed, then sudo dmraid -ay shows my 2 arrays not activated
<wendico> how can activate them to proceed installation on my array?
<ChmEarl> wendico, not sure what to tell you, but from shell: `ls /dev/mapper/isw_*` might be of interest
<ChmEarl> whatever the prefix is nv_ or pdc_
<ChmEarl> looks like Intel isw* raid uses this driver: dm_raid45
<wendico> puf, this ubuntu thing is frustrating
<wendico> im about to give up
<tomreyn> wendico: yes you should dsable the fakeraid and install with software raid
<wendico> tomreyn: thank you, going on
<wendico> one last question, since im so tired of probing today, may i install server in one disk disabling all others and enable the raid functions later so i can have my server running soon, all day and still not have a server running
<wendico> i pretend to disconnect all drives, disable sata fake raid, and install ubuntu server on my only drive, afterwards and after playing with the sever, may i add the second disk to mirror my server for tolerance?
<sarnold> I've never tried converting but I have to imagine that's a lot more work than doing the install with raid from the start
<sarnold> just skip the "I want to boot to either drive when the array is degraded" work until later
<wendico> ok, so is better to use both disk and define the software raid group on the instalation menus
<wendico> ok i go ahead, see if i finally got my server running in some minutes
<wendico> stuck again with the mesage if i use all my disk in arrays there is no place to put the boot partition
<wendico> lol
<wendico> i really dont understand, the boot partition cannot be mirrored?
<wendico> this raid thing is getting on my nerves
<wendico> Ok, i have 2 identical disk 128gb and another 2 identical 250. i Want raid mirrored on my  128 disk to install server and raid stripped on the other two disk, how the heck do i do this on ubuntu. My set up is ready, my machine boots server live, im on the define software raid but i cant define those 2 arrays because says then i dont have a partition to install my boot. but if i dont even defined partitions im only setting arra
<tomreyn> wendico: your message was cut off after "but if i dont even defined partitions im only setting arra" due to the maximum line length on this IRC network.
<tomreyn> wendico: what you need to know about setting up software raid is that depending on how you'll boot (uefi vs csm / legacy bios) you may need a separate ESP partition (you need this with any OS if you use uefi)
<tomreyn> ESP can't be on a software raid, OS independant.
<wendico> tomrey, i understand, so in what boot mode do i not need a separate partition?
<tomreyn> wendico: also, it is recommended to have /boot on nothing but software raid (no further intermediate block device layers, such as LVM or full disk encryption), since it complicates the setup + booting.
<tomreyn> for 128 GB disks you, can boot in legacy mode without ESP partitions, and with everything on msdos / MBR partitoned disks (instead of GPT, so you don't require a biosgrub partition)
<tomreyn> is this what you want to do? probably not
<wendico> yes i think i want that to start,
<wendico> if not is to complex to learn
<tomreyn> there should be an option for automatic partitioning with RAID and LVM. that's the easiest option really.
<wendico> so im gonna set my sata on "ide" mode, set all to legacy, disable anything about uefi
<wendico> and see if ubuntu dont complaint for not having a partition outside a raid group
<tomreyn> you most likely want ahci, not ide
<tomreyn> that's if you're refrring to the bios setting
<tomreyn> note that ths is hardware specific configuration, it has nothing to do with ubuntu
<wendico> ok, so im there, no uefi and set to ahci
<wendico> booted ubuntu server live install
<wendico> im on the disk setup
<wendico> so now you sugest to use auto LVM and install on my first 128 disk?
<tomreyn> wendico: what does the option say exactly?
<wendico> tomreyn, give me a min since i clicked install anyways, but it only ommited the word RAID. i had 4 options: use entire disk, use auto lvm, manual and someting else
<wendico> clicked auto lvm on my first 128 disk and parted for /boot and / (leaving bunch of free space)
<tomreyn> wendico: this installer is pretty new and i'm not so much into it, yet, so i'm not certain what the LVM option actually does. if it doesn't say "RAID" my guess is it doesn't do RAID.
<tomreyn> wendico: but i'm doing it in a VM now, so i see the options you discussed
<tomreyn> no mention of RAID there, so i dont think you're getting any
<tomreyn> so with the server-live-installer i think you need to use manual partitioning indeed
<tomreyn> if you want to go back to this point, i can guide you
<tomreyn> this is shown as installation step 7 of 11 here
<wendico> yes please
<wendico> let me start over so u can guide me
<tomreyn> ok
<tomreyn> keep hilighting me since i keep switching channels
<wendico> my server is booting on hd, need few seconds to reboot live
<wendico> tomreyn:ok
<tomreyn> sure, np
<wendico> tomreyn: ok, im there on step 7
<tomreyn> wendico: okay, do manual, then take a screen shot
<wendico> tomreyn: wherever u are ready to guide me i wait with patience
<wendico> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<tomreyn> here's mine http://i.imgur.com/QRr24LF.png
<tomreyn> !screenshots | wendico
<ubottu> wendico: Screenshots can be made with the [PrtScr] button. Want to show us a screenshot of your problem? Upload an image to http://imgur.com/ and link the created page here.
<tomreyn> i guess prtscr does not apply during the server installer
<tomreyn> so use some smartphone if you have one
<wendico> https://imgur.com/a/TFOis66
<tomreyn> alternatively some form of out of band management from another computer can help, too
<wendico> mobile and webwthatsapp is my faster trick hehe
<tomreyn> okay, we only care bout your first two disks for now, right?
<wendico> yes the others is for a stripped nas
<wendico> the first two for raid ubuntu server
<tomreyn> i think you mean 'striped', so RAID0
<wendico> no, for first two i mean tolerance, mirrored
<wendico> i want my server failsave
<wendico> for the second 2 disk i want my data stripped
<tomreyn> okay, i understood so much. just saying that it's correctly spelled (and spoken) striPed. but this doesn't matter now.
<wendico> ah ok sorry, english bad for me hehe
<wendico> the problem i encounter if use create software raid, i define raid1 on my first 2 disk but cannot define raid0 on the other 2 disk coz i get the error nowhere to install boot loader
<tomreyn> we need to partition before we create the md raid
<tomreyn> let me try this here quickly to make sure this can work
<wendico> can be, even i probably have partitions and grubs and windows, and ubuntus on all those disks
<wendico> they were used on machines that now is garbage
<wendico> havent format or parted yet, i though it would do installing
<tomreyn> hmm okay this installer insists on creating a bios_brub parttion, so i guess we can't get around this
<tomreyn> it's only 1 MB, though, so you're not loosing too much.
<tomreyn> so move the cursor to the upportmost disk
<tomreyn> press enter, then add partition
<wendico> done
<wendico> size, file format?
<tomreyn> full size, leave unformatted
<tomreyn> this new partiton is now listed on top, and on the bottom you have a partiton 1: bios_grub
<tomreyn> correct?
<wendico> correct
<tomreyn> now move to the second disk, make a parittion, 1 MB, leave unformatted
<wendico> going
<tomreyn> "1M"
<wendico> tomreyn: done
<tomreyn> then another partition on the second drive, ignore 'size', set formatting to leave unformatted
<tomreyn> then take another screenie please
<tomreyn> i forgot to ask: you don't want LVM there, or do you?
<tomreyn> here's what it looks like for me now: http://i.imgur.com/NNyWo5s.png
<wendico> https://imgur.com/a/YISDm8r
<wendico> perfect, same for me
<tomreyn> looks good, unless you want LVM
<wendico> no i dont
<wendico> i will plug a usb3 nas to my server
<wendico> i dont care lvm
<tomreyn> now select 'create software raid"
<tomreyn> tick 'partition 2' on top and on bottom. to tick press space bar
<tomreyn> on top is should say md0 for name and raid elevel 1
<tomreyn> then go on and 'create'
<tomreyn> http://i.imgur.com/HUGuNrn.png
<tomreyn> http://i.imgur.com/bDjVRgu.png
<tomreyn> wendico: still with me?
<wendico> tomreyn: yes
<tomreyn> wendico: okay, where are you now?
<wendico> i did something wrong, repeating steps, give me a second
<tomreyn> wendico: we didnt write any changes to disk, yet, so you can just "reset" on the bottom
<wendico> that i did, i went over, i did all correcttly but
<wendico> Done at the botton is grey out, let me screen shot where am i
<tomreyn> it should be greyed out.
<tomreyn> but a screen shot would be good, yes
<wendico> https://imgur.com/a/0aVSUsa
<wendico> here i am tomreyn: ^
<tomreyn> lets see
<tomreyn> looks good
<wendico> seems correct, and seems i could follow ahead and set my second array
<wendico> but why cant i continue?
<wendico> guess should i define mount points
<tomreyn> for some reason it says "md/server" for you when it says "md0" for me. but i dont care too much
<tomreyn> oh did you name this md?
<tomreyn> wendico: it seems like you set "md/server" as a name
<wendico> ses
<wendico> yes tomreyn, i used "server" as a name
<wendico> is it wrong?
<tomreyn> wendico: this may work, but i'm not sure it will. we can try
<tomreyn> okay, that's probably fine
<tomreyn> it will be /dev/md/server in the final system
<tomreyn> let me change this here quickly
<wendico> okey, np
<tomreyn> now , under AVAILABLE DEVICES, select md/server, then Format, then ext4
<tomreyn> mount should remain /
<tomreyn> okay, i failed
<tomreyn> lets reset, we must have a separate /boot
<tomreyn> wendico: ^ sorry about that
<wendico> perfect no problem
<wendico> reset
<tomreyn> okay, on the first disk, create partition, 2G, leave unformatted
<tomreyn> on the first disk, create partition, do not set size, leave unformatted
<tomreyn> on the second disk, create partition, 2G, leave unformatted
<tomreyn> on the second disk, create partition, so not set size, leave unformatted
<tomreyn> and wrong again
<tomreyn> wendico: did you create partitons on the 2nd disk, yet?
<wendico> nope
<wendico> just first finished
<wendico> need 2g+1m partition?
<tomreyn> yes 1M, 2G, (blank) for sizes, all unformatted
<tomreyn> in this order ^
<wendico> okeys going
<tomreyn> http://i.imgur.com/UDHsez7.png
<wendico> perfect done
<wendico> went ahead also and created my raid0
<wendico> now im ready to set mount points
<wendico> i think
<wendico> let me screenshot in case
<tomreyn> san i see it?
<tomreyn> *can
<tomreyn> thanks
<wendico> https://imgur.com/a/rB5N5CN
<wendico> note that my md0 is called server
<wendico> and md0 is actually my data stripped array
<wendico> i forgot to change name to my second array
<wendico> im goona create again to name DataNAS
<wendico> more clear for me
<tomreyn> you can edit
<tomreyn> you can select the 'md' device on top and select 'edit' to change the name
<wendico> done
<tomreyn> but you need to also create a raid-1 across theose partition 2
<wendico> so now i format ext4 my first array
<wendico> ok
<wendico> for the /boot?
<tomreyn> correct
<wendico> ok going on
<tomreyn> what you call md/Server is md/os_slash here and will be mounted at /. what you are just creating now is called os_boot here and will be mounted at /boot
<tomreyn> but let me know what you named it so i can use the same names
<wendico> ok all done, here is the final screen shot:
<tomreyn> ah great, i didnt want to ask ;)
<wendico> https://imgur.com/a/SYcewpE
<tomreyn> great, i now have md/Boot and md/Server, too
<tomreyn> so lets assign mount points
<tomreyn> select md/Boot
<tomreyn> format ext4, mount /boot
<tomreyn> geez it doesnt allow that
<wendico> lol
<wendico> yeap, same problem
<tomreyn> this installer is unfortunatley full of bugs
<wendico> i can see
<wendico> i guess it doesnt like a boot on a striped raid
<tomreyn> it's mirror raid
<wendico> yes sorry
<tomreyn> but it doesn't seem to like it on raid at all
<tomreyn> software raid
<wendico> yep, i clicked other and writed /boot and get error, bott must be on a partition
<tomreyn> well, i'm sorry. i think with this installer we may only have a non redundant /boot partition
<mwhudson> https://bugs.launchpad.net/subiquity/+bug/1785332
<ubottu> Launchpad bug 1785332 in subiquity "18.04.1 can't put /boot on SW RAID" [High,Triaged]
<tomreyn> the proper installer, i mean the legacy installer, would have accepted this setup
<mwhudson> yeah, use d-i if you need this for now
<tomreyn> mwhudson: thanks for the link
<tomreyn> something tells me i should use debian in the future
<tomreyn> wendico: now, i think our options are clear? you can downlaod the other installer and we can redo it there or we can have a non raid-1 /boot
<tomreyn> wendico: what we can do is to install with boot on just one device now and fix it after installation
<wendico> yes that last option i prefer
<tomreyn> s/device/storage device/
<tomreyn> i think it's the best, too
<wendico> so i delete boot array
<tomreyn> correct, delete md/Boot
<wendico> done
<tomreyn> on disk 1, partitoon 2, format as ext4
<tomreyn> mount at /boot
<wendico> done
<tomreyn> wendico: so on top we now have two file systems:
<tomreyn>  /, a software raid 1, ext4 format
<tomreyn>  /boot, partition of local disk, ext4 format
<tomreyn> maybe you have a 3rd across your nas
<tomreyn> correct?
<tomreyn> admit it, you're doing a screenie
<wendico> yep hehe
<wendico> https://imgur.com/a/yTQoyrS
<wendico> now my "Done" is not grey out
<wendico> is it all correct?
<tomreyn> wendico: looks good
<wendico> i mounted /home on my data raid0, /boot on primary ext4 first disk second partition and leaved 1m free space for grub
<tomreyn> we're DONE with this
<wendico> THANK YOU VERY MUCH!
<tomreyn> well we're not done installing
<wendico> I OWE YOU A BEER
<tomreyn> let's hope it works out ;)
<tomreyn> we also need to fix the /boot raid, yet
<wendico> goonna click done lets see hehe
<wendico> should i install the sugested popular snapsinÂ¿
<wendico> dont bother i just install all and later remove what not need
<tomreyn> up to you, i would not
<wendico> oh ok, then i uncheck all lol
<tomreyn> installing snaps is quick later on, too
<tomreyn> and i'm not a huge fan of snaps, but that's personal preference, i guess
<wendico> i just want a firewall, proxy and nas
<wendico> i dont think i need all that
<wendico> i unchecked all
<tomreyn> right, you dont
<wendico> installing going on
<tomreyn> mine's done ;)
<wendico> hehe i got old machine
<tomreyn> sweet - "fatal, no bootable medium found! System halted."
<wendico> lol
<tomreyn> i dont think i made a mistake, but i'll try again quickly
<wendico> mines still on installing kernel
<wendico> done installing, rebooting
<wendico> so far i only see a blinking cursor hehe, gonna check if booting from proper hd
<wendico> ok
<wendico> try to boot from the second drive, seems thats our mistake
<wendico> i switched to boot from drive 2 and ubuntu runned
<tomreyn> maybe you had grub installed there already?
<wendico> could be
<tomreyn> like before we did th einstallation. or did you say these are new disks
<wendico> no all used
<wendico> used with ubuntu desktop and windows all them
<wendico> nevertheless is taking ages to boot, seems is encountering problems, maybe arranging software raids for first time or something
<tomreyn> yes, it's to the initial raid sync in the background
<tomreyn> if these are old / slow disks, this can take a while
<wendico> oh ok, i let it time then
<wendico> no, ssd new
<tomreyn> once it's booted and oyu're logged in you can see the progress with cat /proc/mdstat
<wendico> is the only uptodate thing on this machine hehe
<tomreyn> hehe, well ssds ought to be faster
<wendico> i cant log in yet is halted on post
<tomreyn> "fatal, no bootable medium found! System halted."
<wendico> but i can hear hds work crazy
<tomreyn> on post?
<wendico> let me take screen shot
<tomreyn> did it say loading kernel yet
<tomreyn> oh maybe it wont says that. yes, screenie is good
<wendico> https://imgur.com/a/LMnbKsT     The last line character is because i tiped a key to see if it was frozen
<wendico> ok my bad
<wendico> im logged on
<tomreyn> omg, yes it installs grub to the wrong disk
<tomreyn> aaaaaaaaaaaaaaaaah
<wendico> haha
<wendico> that did yes
<wendico> installed grub to my second disk
<tomreyn> i just booted off the second disk, tooo, and it boots up fine
<wendico> so what would u do?
<wendico> would u leave it like that
<tomreyn> just the first, default diosk, which was also listed first in the installer, got no grub at all, at leats not anywhere where it'S triny gto boot it.
<tomreyn> we can fix this quickly
<wendico> i follow you if you are in the mood
<tomreyn> but this is a results of insufficient QA, or almost none
<wendico> what is QA?
<tomreyn> which is inacceptable for minor release one of an LTS relase
<tomreyn> quality assurance
<wendico> lol yes you are right
<tomreyn> anyways, we got them both booted, and are loggedin, right?
<wendico> yep
<tomreyn> first, install pending updates: become root or use sudo: apt update && apt dist-upgrade
<wendico> go for
<wendico> updating,
<tomreyn> here's my partition tables http://i.imgur.com/ojDxgOT.png
<tomreyn> ...
<tomreyn> at leats it did write grub to the bios_grub partition
<tomreyn> tell me when you're done
<wendico> done
<wendico> looks the same
<tomreyn> so updating worked, you have internet access, right?
<wendico> yep
<wendico> updated working
<wendico> but my devices not same as yours
<wendico> i have sda, sdb, sdc
<tomreyn> of course, you have sda, sdb, sdc, sdd
<tomreyn> 4 physical disks
<tomreyn> those remain visible to linux, since we'Re doing software raid, not hardware raid
<wendico> ahhh of course
<tomreyn> also we do software raid on partitions, not whole disks
<tomreyn> please : apt install pastebinit
<tomreyn> oh thats already installed
<wendico> yep
<tomreyn> are you still physically working on the server?
<wendico> yep
<wendico> got the server online on a pc and a laptop beside with ubuntu desktop talking to u
<tomreyn> shall we install ssh there first so you can connect form a different computer and do easier copy and paste and screenies?
<wendico> ok
<wendico> please show me how
<tomreyn> oh i got ssh already installe,d ok
<tomreyn> so you just ssh to it form the other computer
<tomreyn> do you know its ip address?
<tomreyn> if not, ip a
<tomreyn> it is also listed when you log out and login again
<wendico> got it
<tomreyn> so you ssh to it form the other computer, where you should also chat from
<tomreyn> i guess you're doing this already
<tomreyn> you ssh using the user you created during installation and its password
<wendico> i try but only ask me password, not user
<tomreyn> you specify the username when connecting
<wendico> lol ok
<tomreyn> either using -l username
<tomreyn> or user@serverip
<wendico> conected
<tomreyn> pastebint /proc/mdstat
<tomreyn> pastebinit /proc/mdstat
<tomreyn> the latter
<tomreyn> and tell me the http address, please
<wendico> http://paste.ubuntu.com/p/3sVm5mzn5V/
<tomreyn> okay, thats weird. i need to see your disks
<tomreyn> are you working as your standard user or as root?
<wendico> i think standar coz i always have to tipe sudo
<tomreyn> ok, i mean what you prefer foir now: working as your restricted user using sudo, or as root?
<wendico> for now better as root
<tomreyn> i think sudo is good, especially for beginners
<wendico> oh then sudo
<tomreyn> but its your choice
<wendico> im very begginer
<wendico> hehe
<tomreyn> ok, we do sudo
<tomreyn> sudo parted -ls | pastebinit
<wendico> http://paste.ubuntu.com/p/rgQft7dNyH/
<tomreyn> and mine is http://paste.ubuntu.com/p/c4Gn8c7hdD/
<tomreyn> so that is interesting in that your disks now show up in a different order than they used to. look at the capacities
<tomreyn>  /dev/sda is the first disk, its 120 GB, that's fine, just ntfs is wrong of course.
<wendico> thats coz i had to change order in bios to boot
<tomreyn> oh you changed that permanently there, ok
<wendico> coz grub wasnt on first disk
<tomreyn> right
<sarnold> Partition Table: unknown
<tomreyn> that's actually correct since you created the NAS md across the entire disks
<tomreyn> so on the raw disks, like hardware raid, so therE's no partition tables there
<wendico> yes i did and i did not format or created partitions yet there
<wendico> just set it them as array
<wendico> o yes i did
<tomreyn> you did create an ext4 file system on top
<wendico> coz /home is mounted there
<tomreyn> but we can change this if you want to, np
<wendico> right
<tomreyn> but first lets concentrate on fixing the installer bugs
<wendico> yes
<tomreyn> we want to create a /boot raid1 across what is currently /dev/sda2 and /dev/sdc2
<wendico> yes
<tomreyn> to do so, we need to umommunt /boot first, which is /dev/sdc2, since we want to reuse it
<tomreyn> but before we do this, let's confirm what is mounted where using "mount"
<tomreyn> mount | pastebinit
<wendico> http://paste.ubuntu.com/p/83yTrJR2tv/
<tomreyn> line 33 of this confirms what i just claimed
<tomreyn> we need to umommunt /boot first, which is /dev/sdc2, since we want to reuse it
<tomreyn> sudo umount /boot
<wendico> done^^  no echo
<tomreyn> which means it succeeded
<tomreyn> just to confirm things, and for a better overview: sudo lsblk -o NAME,SIZE,FSTYPE,TYPE,MOUNTPOINT | pastebinit
<wendico> http://paste.ubuntu.com/p/2cW9CCsc7k/
<tomreyn> now prepare the raid devices: sudo mdadm --zero-superblock /dev/sdc2
<tomreyn> sudo mdadm --zero-superblock /dev/sda2
<wendico> mdadm: Unrecognised md component device
<tomreyn> oh right
<tomreyn> so we can just skip this
<tomreyn> sudo mdadm --create --verbose /dev/md/Boot --level=0 --raid-devices=2 /dev/sda2 /dev/sdc2
<tomreyn> wait
<tomreyn> wrong raid level
<tomreyn> sudo mdadm --create --verbose /dev/md/Boot --level=1 --raid-devices=2 /dev/sda2 /dev/sdc2
<tomreyn> wendico: ^
<tomreyn> then do "cat /proc/mdstat" and see it building / initially synching
<tomreyn> (if you're fast enough)
<wendico> done
<tomreyn> then, if there are no errors: sudo mkfs.ext4 -F /dev/md/Boot
<wendico> on first command i get this note:Note: this array has metadata at the start and
<wendico>     may not be suitable as a boot device.
<wendico> by i clicked yes
<wendico> then i runned second command with no echo
<wendico> so my console look like this https://paste.ubuntu.com/p/wjrmwrd5kW/
<tomreyn> it went on to say "If you plan to store '/boot' on this device please ensure that your boot-loader understands md/v1.x metadata, or use --metadata=0.90"
<wendico> yep
<tomreyn> our bootloader, grub 2, AKA grub 1.99,  understands this newer md metadata, so this is of no concern
<wendico> awesome
<tomreyn> you were meant to just run this in the end: cat /proc/mdstat
<tomreyn> nothe the text i wrote: " and see it building / initially synching
<tomreyn> :)
<tomreyn> just ctrl-c if you're still hanging there
<tomreyn> but i guess it's not waitring for input, but you have a prompt
<tomreyn> does it look like you can enter new commands right now?
<wendico> yep done
<wendico> and cat proc shows now 3 raids
<wendico> seems worked
<tomreyn> cat /proc/mdstat | pastebinit
<tomreyn> i'm so curious
<wendico> http://paste.ubuntu.com/p/7CnF3kHPXZ/
<tomreyn> loooks fine
<tomreyn> and its already in sync
<tomreyn> now we need to update /etc/fstab, the file which configured which file systems are part of this ubuntu installation and how they should eb treated on boot
<wendico> ok
<tomreyn> before we do, we need to get the UUIDs of those partitions we have
<tomreyn> blkid | pastebinit
<wendico> http://paste.ubuntu.com/p/jS6gM4ZfBC/
<tomreyn> do you have a preferred console text editor, such as vim, nano, jed, pico
<wendico> no
<wendico> im learning on it
<wendico> im just on default terminal
<tomreyn> are oyu into vim basics, yet?
<wendico> yes a bit
<wendico> i edited a file sometime
<tomreyn> so you know you need to type :q to quit, unless you made exits, then you need to user :x or :wq
<tomreyn> *use, not useR
<tomreyn> well, lets use nano for now, it's easier
<tomreyn> sudo nano /etc/fstab
<tomreyn> wait, this is missing one, because... we didnt create a file system, yet
<tomreyn> exit nano if you started it already
<tomreyn> wendico: sudo mkfs.ext4 /dev/md/Boot
<wendico> lol, i can go out vim
<wendico> q doesnt work
<tomreyn> it's colon q
<wendico> im about to close terminal an open ssh again
<tomreyn> :q
<wendico> done
<wendico> ty
<tomreyn> and before that, in case you are editing, you need to hit escape
<tomreyn> ok
<tomreyn> so do the mkfs
<wendico> done^^ with normal echo no errors
<tomreyn> then, once again (my fault): blkid | pastebinit
<wendico> http://paste.ubuntu.com/p/PJTbdzFy72/
<tomreyn> this should not like the file system we just created on the /boot raid
<tomreyn> but it doesnt
<tomreyn> wendico: are you sure you ran the "mkfs.ext4" command?
<wendico> http://paste.ubuntu.com/p/VddpVf2PNj/
<tomreyn> okay this looks liek the output of this
<tomreyn> oh, sudo helps
<tomreyn> sudo blkid /dev/md/Boot
<tomreyn> says what?
<wendico> /dev/md/Boot: UUID="c6603bb0-a540-4060-9b1d-14f665169137" TYPE="ext4"
<tomreyn> wendico: okay, now: sudo nano /etc/fstab
<wendico> im there
<tomreyn> actually quit it again, the pastebinit /etc/fstab
<tomreyn> then edit again
<tomreyn> now look for the line which has "/boot" in it, and replace UUID=... by: UUID=c6603bb0-a540-4060-9b1d-14f665169137
<wendico> replaced and saved file
<tomreyn> to explain this a little: each file syytem has a 'universally uniquie ID' assigned to it, that's one of these garbled strings. they can be used for mounting at boot. it's an alternative to using these /dev/sd... device IDs, which, as we learnt during this boot where you changed the order of disks on the bios, can vary.
<tomreyn> but the UUIDs always point to 'the right thing'
<wendico> i understand
<tomreyn> so even when you change the bios boot order, as long as grub loads, it will know where to keep booting from
<tomreyn> i dont think you posted /etc/fstab
<wendico> i see
<tomreyn> could you do it now?
<tomreyn> to exit nano, press ctrl-x
<wendico> http://paste.ubuntu.com/p/Xjhbp6wHzq/
<wendico> soz had some problems hehe
<tomreyn> 'soz'?
<wendico> file opened by root and by user, then tryint to paste an empty document to pastebin
<wendico> thats why took so long for last paste
<wendico> soz=sorry
<tomreyn> oh ok, glad it worked, let me proof read this quicklky
<wendico> ok np
<tomreyn> i'm comparing to http://paste.ubuntu.com/p/PJTbdzFy72/
<tomreyn>  / in fstab has UUID 08d55fa0-9c1e-11e8-82c0-001a92eb6f5c
<tomreyn> uui in your "blkid" output is /dev/md126
<tomreyn> which is the raid-1 across sda3[0] sdc3[1]
<tomreyn> so this should be the md/Server
<tomreyn> which is then fine
<wendico> ok so we fixed the raid1 /boot partitions
<wendico> should we now move grub to the proper drive?
<tomreyn> fstab says /boot is UUID c6603bb0-a540-4060-9b1d-14f665169137
<tomreyn> you said above that this UUID is /dev/md/Boot
<tomreyn> so thats fine
<tomreyn> fstab says /home is UUID 11799c98-9c1e-11e8-82c0-001a92eb6f5c
<tomreyn> and "sudo blkid" and http://paste.ubuntu.com/p/jS6gM4ZfBC/ say that this is /dev/md127
<tomreyn> and according to "cat /proc/mdstat" and http://paste.ubuntu.com/p/7CnF3kHPXZ/ md127 is the raid-0 spun across sdb and sdd, so the NAS storage
<tomreyn> wendico: so, yes, this looks good.
<tomreyn> there is another change we need to make to /etc/fstab thanks to another installer bug
<wendico> awesome, you are the master hehe
<tomreyn> so "sudo nano /etc/fstab" it again
<wendico> go ahead, im all ears (eyes)
<tomreyn> in the line which is about the / munt point, change the trailing 0 into 1
<wendico> im on nano
<tomreyn> in the lines which are about the /boo and /home mount points, change the trailing 0 to 2
<tomreyn> then ctrl-x  and save
<tomreyn> then: pastebinit /etc/fstab
<wendico> there are two 0 in each line
<wendico> all line ends with double 0
<wendico> wich one of those 0 have to switch to 1
<tomreyn> you only edit those in the last column
<wendico> perfect
<tomreyn> i can confirem this once it's on pastebin
<wendico> http://paste.ubuntu.com/p/kFbfNGsJkN/
<tomreyn> and while you're at it: pastebinit /etc/mdadm/mdadm.conf
<wendico> http://paste.ubuntu.com/p/XTnfbJZrrP/
<tomreyn> okay fstab looks fine
<tomreyn> mdadm.conf is the main mdadm configuration file, which tells the system which raid arrays there are.
<tomreyn> does it look good to you?
<wendico> no, no /boot array
<tomreyn> i agree
<tomreyn> run: sudo mdadm --detail --scan
<tomreyn> do you know what to do next?
<wendico> http://paste.ubuntu.com/p/7CnF3kHPXZ/  this showed we had 3 arrays
<wendico> reboot?
<tomreyn> nonno.
<wendico> mdadm scan show 3 arrays
<tomreyn> sudo mdadm --detail --scan | pastebinit
<wendico> the boot uuid array dows not match
<tomreyn> okay it shows three arrays NOW, but the system may not know about this at boot
<wendico> ?
<tomreyn> does not match waht?
<tomreyn> also if you would boot now you would not have a kernel to boot. since this needs to be on /boot, which is currently an empty new file system
<wendico> ARRAY /dev/md/Boot metadata=1.2 name=servertronica:Boot UUID=d5b6fc5c:9a7dfc93:dd6e08a9:eac5746e
<tomreyn> this was returned by "sudo mdadm --detail --scan"?
<wendico> yes
<tomreyn> okay then addi it to mdadm.conf
<tomreyn> and tell me when you're done
<tomreyn> so we got mdadm prepared for booting, we got fstab prepared for booting, but we need yet to re-populate /boot. /boot needs to contain our kernel image and initrd, without it linux (the kernel) cant boot
<tomreyn> wendico: how are you coming
<tomreyn> i'll brb, 3 minutes
<wendico> http://paste.ubuntu.com/p/BfPfQGkMcx/
<wendico> added
<wendico> is that ok^?
<tomreyn> i dont know your "sudo mdadm --detail --scan" output, but so i cant guarantee
<tomreyn> but it seems to be in the right format
<wendico> http://paste.ubuntu.com/p/JjTG9WX7Qc/
<wendico> i see a problem there though
<wendico> the lines i have not added i can read "Ubuntu-server" but my server name is correct only in the line i added "servertronica"
<wendico> why is it that? should i edit the other first 2 line to match my server name?
<tomreyn> this is fine, as long as it matches the mdadm --detail --scan output
<tomreyn> this information is not only stored in mdadm.conf but also written to the raid arrays themselves
<wendico> ok i understand
<tomreyn> so the hostname you see there is the one which was valid by the time the raid array was created
<tomreyn> two of these arrays we created from the installer
<wendico> exactly
<tomreyn> which had this "ubuntu-server" hostname
<tomreyn> okay, now lets fix /boot
<wendico> perfect
<tomreyn> sudo mount /boot
<wendico> done
<tomreyn> now we need to getthe kernel and initrd installed there again
<tomreyn> forst of all we need to find out which kernel should be installed / was installed on /boot before we deleted it
<tomreyn> dpkg -l linux\*
<tomreyn> those lines which start with ii are packages which are currently installed
<tomreyn> we only care about those linux-image-4.15... packages for now
<tomreyn> which ones do you have there=?
<tomreyn> wendico: meep meep
<wendico> 4.15.0linux-image-4. 4.15.0-29.31
<tomreyn> oh this is cut off
<wendico> also 30.32
<tomreyn> you'd need to increase the size of your terminal or use something like
<wendico> let me pastebin better, many lines there
<tomreyn> COLUMNS=200 dpkg -l linux\*
<wendico> http://paste.ubuntu.com/p/Rwy7xwd5xz/
<tomreyn> okay, great, so we only care about the 'Name' column for now
<tomreyn> and there only about those linux-image-4... packages
<tomreyn> those are the ones which were on /boot previously and which we eradicated
<wendico> i see
<tomreyn> and which we now need to reinstall
<tomreyn> so which packages is this?
<tomreyn> i'm tryin got make you understand and learn things a bit,. if you'd prefer to be done soon we can do it a little faster
<wendico> no i prefer this way
<wendico> im learning
<tomreyn> cool
<wendico> linux generic 4.15.0.30.32  ??
<tomreyn> just look at package names
<tomreyn> you loolked at the Version column as well
<sarnold> btw rather than COLUMNS=... stuff, I prefer dpkg -l whatever | cat
<sarnold> that's enough to get dpkg to just show the output
<wendico> so only linux-generic
<tomreyn> thanks sarnold, good hint
<tomreyn> so we're looking for the linux-image-4.... something packages
<tomreyn> those with a veriosn number in the package name
<tomreyn> i know it's a bit itrritating thatthose have version numbers in their name
<wendico> but i have many of those lines
<wendico> linux-image-generic
<tomreyn> wendico: you don't . in the first column, there are those 'ii' and 'un'. we only want those which are 'ii'
<tomreyn> in the second column, yuo have the package names.
#ubuntu-server 2018-08-10
<tomreyn> we want only those with package names which start "linux-image-4"
<tomreyn> AND which are "ii" in the first column, too
<tomreyn> that is no more than 2 packages really
<tomreyn> look at lines 19 and 20
<wendico> so linux-signed-generic?
<wendico> description is generic signed kernel
<tomreyn> dos "linux-signed-generic" start with "linux-image-4" ?
<tomreyn> *does
<wendico> no, ok, but does that start like that i have many lines
<wendico> i supose coz i updated online
<tomreyn> i'm looking at http://paste.ubuntu.com/p/Rwy7xwd5xz/ all the time
<tomreyn> and there you have only lines 19 and 20 where there is a package named something which starts "linux-image-4"
<tomreyn> AND where it's 'ii' in the first column
<wendico> ok got it
<tomreyn> great :)
<wendico> linux-image-4.15.0-30-generic          4.15.0-30.32 amd64
<wendico> that i need on boot?
<tomreyn> yes, we also want the other one, just to be safe
<wendico> ok, in case i need to rollback last update
<wendico> i guess
<tomreyn> so obviously 'ii' means installed, the o'un' ones are not installed
<tomreyn> this is not precise, in fact these two letters have separate meaninigs as indicated on top of this list
<tomreyn> but this is not relevant now
<tomreyn> so what we need to do now is to reinstall these two packages
<tomreyn> sudo apt install --reinstall linux-image-4.15.0-29-generic linux-image-4.15.0-30
<wendico> sudo apt-get install
<wendico> lol going for
<tomreyn> sudo apt install --reinstall linux-image-4.15.0-29-generic linux-image-4.15.0-30-generic
<tomreyn> ^ this actually
<tomreyn> and maybe we'll need the ones without --generic, too,checking
<tomreyn> no this will be enough
<wendico> downloading
<wendico> done with errors, no groub founded
<wendico> i pastebin output
<wendico> https://paste.ubuntu.com/p/WC4fXcVM88/
<wendico> i can read no grub found
<tomreyn> i can read "no grub directory found"
<tomreyn> indeed, this didnt go as i expected
<wendico> remember that the installer moved grub to the second drive
<wendico> as we didnt spected
<wendico> maybe that gives u the hint
<tomreyn> but it makes sense, with /boot we also deleted /boot/grub, and that's the root cause of these errors.
<tomreyn> let's just: sudo mkdir /boot/grub
<tomreyn> this just created this directory
<wendico> done
<tomreyn> maybe we should reinstall grub2 as well
<tomreyn> all those packages are: sudo apt install --reinstall grub-pc grub-pc-bin grub2-common grub-gfxpayload-lists grub-common
<wendico> installing^
<tomreyn> i still run into errors ther,e and so will you
<wendico> yep
<wendico> complains on the procesing the linux-image-4.....
<tomreyn> sorry, got us into a bit of a delicate situation there
<wendico> hehe dont worry
<wendico> my main focus was to learn and you are teaching me so much
<wendico> nevertheless is ubuntu mistake not yours
<wendico> my pc works and everithing is working
<wendico> only ubuntu server suck a bit yet hehe
<tomreyn> wendico: i'm looking into fixing this, just give me a biut of time
<wendico> maybe i just install a pirated windows like everybody until ubuntu can make a proper instaler hehe
<wendico> of course no worries
<wendico> i love that u are helping me
<tomreyn> well there is always the alternate installer in case you want things to work
<wendico> not really, im not so much in a hurry
<tomreyn> i mean for next time
<wendico> i have a whole week
<wendico> to have my server running
<wendico> if not, back to windows, what can i do
<wendico> i use ubuntu desktop since version 6 with no problem, my windows server finally died today so i decided to give it a try to ubuntu server
<wendico> anyways is just a 8 pc network with no domain
<wendico> i thought was the best scenario to start learning
<wendico> i really do not like pirated windows but im my country no money for those kinds of licences hehe
<wendico> i can even leave the server on if you want to continue help me tomorrow, i dont care about light either
<wendico> im scared we cannot shutdown without grub and boot or we may have to start over
<wendico> and right now the server is up un running
<tomreyn> wendico: okay, so i think we need to: sudo apt purge grub-legacy-ec2
<wendico> done
<tomreyn> then: sudo apt -f install
<tomreyn> and then show the output of this and the previous commands, please
<tomreyn> paste manually to https://paste.ubuntu.com
<wendico> first command -- > https://paste.ubuntu.com/p/73HBTdTzKG/
<wendico> for apt-f install   --->  0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<tomreyn> lets fix your locales
<tomreyn> sudo dpkg-reconfigure locales
<tomreyn> make sure that "en_US.UTF-8 UTF-8" and your native locale are selected
<tomreyn> your native locale seems to be "es_ES.UTF-8 UTF-8"
<tomreyn> then choose which one should be default. personally, i prefer the english one
<tomreyn> wendico: ^
<wendico> done
<wendico> i need es for native coz of keyboard so different
<tomreyn> now let's add a secondary bios_grub partition (we have one on sdc1 already, now we add one on sda1): sudo parted /dev/sda toggle 1 bios_grub
<wendico> if not i cant -   / or | or even &, i dont find them in other locales
<tomreyn> sure makes sense
<tomreyn> although display locale is about output, not about keyboard input
<tomreyn> but you can reconfigure this later with the same command if you wish to
<wendico> done sudo parted with sugestion: You may need to update /etc/fstab
<tomreyn> sudo dpkg-reconfigure grub-pc
<tomreyn> we make sure grub is installed on both sda1 and sdc1 now, in these 1MB bios_grub partition
<tomreyn> leave the first two prompts as they are
<wendico> done and verified i have 2 grubs
<tomreyn> on the thrid proipt where you can select disks to install to, select /dev/sda and /dev/sdc
<wendico> but i see one inconsistency
<tomreyn> ntfs? irrelevant
<wendico> the filesystem on my new grub shows ntfs
<wendico> yeps
<wendico> that was hehe
<tomreyn> let me know when you'te done with grub
<tomreyn> and show me its output AFTER the prompts
<tomreyn> like when its done
<wendico> no outputs and only 2 prompts
<wendico> doesnt ask me where to install
<wendico> but it did install where it wasnt installed
<tomreyn> how do you know?
<tomreyn> was the second prompt about this?
<wendico> i do again to read prompt but was about adding commands
<wendico> linux command line that can be empty, second prompt parameters that can
<wendico> be empty
<wendico> then exits program
<tomreyn> ok, then we do this: sudo apt purge grub-pc
<tomreyn> then: sudo apt install grub-pc
<tomreyn> tell me whether it prompted you during the last command.
<tomreyn> and how many prompts
<wendico> yes
<wendico> now i got a prompt
<wendico> ask me where to install
<wendico> i have my 4 drives independent
<tomreyn> sda and sdc
<wendico> but i have 2 raids also where i can install
<wendico> on the boot raid and on the server raid
<wendico> so where i install, on the disk, or on the group for boot?
<wendico> or everywhere? :)
<tomreyn> see above
<tomreyn> you dont want grub itself on the raid
<wendico> ok, so in each disk, are you sure i dont want it in the /boot array?
<tomreyn> it needs to go either into the MBR, if we had MBR partition tables on those disks, or onthe the bios_grub partition, which we have, since we have GPT partitionned disks
<tomreyn> i am sure
<wendico> done with no errors and succesfull echo
<wendico> installed in both disk
<tomreyn> selecting sda and sdc there resulted in grub being written to /dev/sda1 and /dev/sdc1
<tomreyn> those are the 1MB bios_grub partitions
<tomreyn> so thats how we want it
<wendico> btw the ntfs flag also gone
<tomreyn> right
<tomreyn> so let's see what's in /boot/
<tomreyn> ls -la /boot
<tomreyn> ls -la /boot/grub/
<tomreyn> and pastebinit
<wendico> https://paste.ubuntu.com/p/PfThQgJ2Df/
<tomreyn> looks fine to me, reboot
<wendico> ok,im going for, wish me luck :)
 * tomreyn crosses figers
<wendico> booting
<wendico> :-D
<tomreyn> like, really, and stuff?
<wendico> let me log in hehe
<tomreyn> omgomgomg!
<wendico> logged on ssh
<wendico> yeah
<tomreyn> did you reset the boot order in bios btw?
<tomreyn> you should do that if you havent
<wendico> no, let me check, im gonna shutdown and put bios normal order
<tomreyn> sure
<tomreyn> it would be nice to end up with the small SSDs as sda and sdb
<tomreyn> those with the bios_grub partitions on them
<tomreyn> you can run "sudo lsblk" or "sudo parted -ls" to confirm this is the case
<wendico> nice, took long to shutdown
<wendico> but i fixed bios to correct order so 0 and 1 are the small disk and 2 and 3 the big
<wendico> is booting
<tomreyn> hmm this probably means somehting is not right then
<tomreyn> (if it took long to shutdown)
<wendico> yes, took longer than expected
<wendico> but boots faster than expected aswell
<tomreyn> as long AS it boots i'm ok with the fast boo
<tomreyn> t
<tomreyn> were there lines in red when it was shutting down?
<tomreyn> (you can always reboot more if you feel like it ;- )
<wendico> mmm strange though
<wendico> linux shows always same order
<wendico> let me paste bin
<wendico> http://paste.ubuntu.com/p/tXxCwzhPgp/
<wendico> i dont know why sdb shows before
<wendico> i belive i must have connected to the wrong sata port
<wendico> should i be able to swap the sata ports on the 2nd and 3rd disk?
<wendico> and ubuntu will boot again?
<tomreyn> yes you can do so
<wendico> im goonna try to get what u mean, and also to see for any shutdown errors
<tomreyn> ubuntu will boot, thanks to uuids
<wendico> gonna go shutdown on the machine instead of ssh to look for error, bb asap
<tomreyn> ok
<wendico> lol, sudo shutdown gives 8 min time
<wendico> how can i force now please
<wendico> :)
<wendico> ah no, wrong time
<wendico> now shutdown correctrly and fast
<wendico> change sata cables and boot again
<tomreyn> maybe it said it was waiting for somethiing and would wait up to 8 minutes?
<tomreyn> or maybe you ran "shutdown" instead off "shutdown now" or "poweroff"
<wendico> solved
<wendico> http://paste.ubuntu.com/p/pq2sw9d9Xq/
<tomreyn> good job!
<wendico> may i ask u last question?
<tomreyn> of course
<wendico> why i see on that last pastebin
<wendico> 2 times 2GB partition
<wendico> on each disk i dont get it
<wendico> let me underline what i mean
<tomreyn> you can tell me th line numbers
<wendico> âsda2      8:2    0     2G  0 part
<wendico> â ââmd126   9:126  0     2G  0 raid1 /boot
<tomreyn> 6,7 + 12,13 ?
<wendico> exactly
<wendico> that i dont get
<tomreyn> so sda2 is a partition, which is roughly 2 GB in size
<wendico> is not that i care waste 2gb is that i dont understand
<tomreyn> on top of this partition, we have created an md device, which is roughly 2 GB in size
<wendico> ahhhh
<wendico> ok i get it now
<tomreyn> you're not wasting anything
<tomreyn> its all in use
<wendico> thank you very much very much
<tomreyn> ':)
<wendico> if anytime i can do something for you...
<tomreyn> i'm happy, thank you
<wendico> even come to couchsurfing to spain you are invited
<tomreyn> hehe thanks
<wendico> u just teached me a bunch
<tomreyn> i also trained byself
<tomreyn> *myself
<wendico> and server boots and reboots awesome
<tomreyn> and we found some more bugs in this %Â§"&%" installer
<wendico> heheh right
<tomreyn> whic hi need yet to report
<wendico> i guess ubuntu people are recording this to improve, are they?
<tomreyn> record what, the chat?
<wendico> i though so
<tomreyn> i doubt anyone will spend the time to read all of  this :)
<wendico> i though maybe canonical or something would read here to improve software
<tomreyn> though apparetly someone had followed us for some time
<tomreyn> they read the bug trackers
<wendico> im to naive
<tomreyn> but some developers are here, too, thats right
<tomreyn> but its not their business hours now
<wendico> o, right so, should i write something for the ubuntu group? should i explain the problems i have in a bug report somwhere?
<tomreyn> during the day oyu could maybe get some help here with complex server issues. and generic ubuntu support questions you can get help with in #uubntu
<wendico> i dont care to help after being helped so much
<tomreyn> but this is all volunteer work
<wendico> oh i see
<wendico> how wonderfull voluntiers then
<tomreyn> i will file bugs shortly, you are welcome to review and add to them if you feel like it.
<tomreyn> (but i dont expect this from you)
<wendico> ok, for example, even the boot usb dont work correctrly
<tomreyn> what do you mean there?
<wendico> stays on a boot loop error thing
<wendico> and i have to hit TAB
<tomreyn> that's not usually so
<wendico> in order to boot the ubuntu server to install on my usb
<wendico> i used 3 pendrives and 2 downloads
<wendico> always same problem when boot on usb
<tomreyn> mabye you have a bad pendrive, or a bad download, or both
<tomreyn> oh ok
<wendico> just hit tab
<wendico> then i can write live
<wendico> then works
<wendico> if not, no boot
<tomreyn> hmm, i'm not sure what this is, haven't seen this
<wendico> i found solution online first page, let me point u to the problem i found
<wendico> here finally
<wendico> https://askubuntu.com/questions/67780/not-a-com32r-image-error-when-trying-to-install-from-a-usb-key
<wendico> this happends all the time i try to boot from the usb we just made our server run
<wendico> shows the com32r error on a loop until i hit TAB
<tomreyn> i suspect that's actually a bug in your bios there
<wendico> ohhh ok, can be, is a very old bios
<wendico> i will try the boot in my office computer tomorrow to make sure
<tomreyn> hmm, or maybe it was the utuility you used to write the iso to the usb
<wendico> but have sense
<tomreyn> which utility were you using?
<wendico> i used ubuntu desktop built in utility
<wendico> the "start up disk creator"
<tomreyn> on which uubntu release?
<tomreyn> this utility is also known as "usb-creator-gtk". it was buggy in some past ubuntu releases, i think in 14.04.
<wendico> 14.04
<tomreyn> :)
<wendico> lol
<wendico> ok
<wendico> now i understand
<tomreyn> you can always use "etcher" from http://etcher.io
<wendico> but my old laptop have compatibility issues with more modern
<tomreyn> it works pretty well, and on all major operating syste4ms
<wendico> downloading
<wendico> everytime i go over ubuntu 14 on this laptop i have many hardware problems
<wendico> thats why im stuk here yet hehe
<tomreyn> maybe that's something to look into tomorrow then ;)
<wendico> hehe, i prefer to learn on my new server
<tomreyn> try to get the bios updated if you dont have the latest versions
<wendico> but thank you
<tomreyn> welcome ;)
<wendico> i dont think i should try to fix this laptop haha look at it
<tomreyn> is it falling apart all by itself?
<wendico> yes haha, i was goona pastebin but no need
<wendico> has not even keys allready
<wendico> jajajaja
<wendico> is one of those laptops nobody knows how can work haha
<tomreyn> its difficult to know if it doesnt have keys
<wendico> i have to plug keyboard hehe
<wendico> but many othre problems
<wendico> dont bother about
<wendico> at least i can talk here is mainly fot what i use it
<wendico> is my tool to be connected while solving the other computers hehe
<tomreyn> yes its good to have something liek this
<wendico> if this server make it work correctly im gonna get a pc as gift
<wendico> finally an up to date pc
<tomreyn> good luck there.
<wendico> i dont even have virtualization technology on mines
<wendico> i will get it
<wendico> i dont want to bother u more
<wendico> i should be studing now to configure my new server as router, proxy, firewall and nas
<tomreyn> you should, and i'll be filing those bug reports now, but wioll be back later. bye bye, in case you'll leave in the meantime!
<wendico> i can do all that in windows server, so i hope i can do it here
<wendico> ok, thanks for all
<tomreyn> you're still welcome ;)
<Emmanuel_Chanel> Hello! I can't finish installing Ubuntu 18.04.1 Server by ubuntu-18.04.1-live-server-amd64.iso
<Emmanuel_Chanel> Somebody's here?
<sarnold> a few hundred somebodies :)
<teward> Emmanuel_Chanel: you need to give more info than "I can't finish installing".  Also this tends to be a less active time of day for the channel so you need some patience before you get a response
<teward> sarnold: and you have a summons for your opinion :P
<sarnold> hey teward :)
<teward> (don't ask why i'm even awake right now, I should be in bed >.>)
<teward> (been a long week and i'm tired but blah)
<Emmanuel_Chanel> Oops...
<Emmanuel_Chanel> I mispasted. Correctly, ubuntu-18.04.1-server-amd64.iso
<teward> same problem: not enough details.  explain where it hangs on installing, what errors it provides if any, etc.
<Emmanuel_Chanel> And partman doesn't progress at "47%"
<Emmanuel_Chanel> teward: Right. So I try additional explanation.
<teward> sorry i'm impatient when i'm tired :P
<Emmanuel_Chanel> How long do I have to wait for the progress?
<Emmanuel_Chanel> And if I deleted the partitions, the installer progresses to Software Selection part. But the loop occurred. And unprogress occurred again.
<Emmanuel_Chanel> It repeats 0% - 12%
<Emmanuel_Chanel> teward: Well, your word helps me a lot. I'm very tired and I can't name the detail without the situation that nobody asks me.
<teward> i'm probably going to have to head off within a few minutes so not sure how much help I can be :P
<teward> insomnia might finally go away at any moment :|
<sarnold> teward: ugh. insomnia sucks :(
<teward> sarnold: indeed it does.  and i didn't sleep well last night either, so insomnia on top of being extremely tired is not the best combo
<sarnold> Emmanuel_Chanel: maybe swap to another virtual console and check dmesg, or log messages..
<Emmanuel_Chanel> Is the iso on jigdo updated from the torrent's?
<Emmanuel_Chanel> The partman's stop is for scanning partions of the HDDs.
<Emmanuel_Chanel> The loop on the software selection, I don't find the answer.
<cpaelzer> good morning
<Unit193> Heya.
<lordievader> Good morning
<boritek> Hello, when I pxe boot ubuntu-server 18.04.1 and trying to install it in Virtualbox, installation fails
<patsToms> morning, maybe there is any way to make system to wait until systemd service is started and then continue to boot?
<Emmanuel_Chanel> Can't we boot a GPT system HDD on Ubuntu 18.04?
<boritek> Hello, when I pxe boot ubuntu-server 18.04.1 and trying to install it in Virtualbox, installation fails, check out this screenshot: https://i.imgur.com/1pIIDxx.png
<hateball> Emmanuel_Chanel: yes
<boritek> MAAS install also fails
<Emmanuel_Chanel> Can't we boot a GPT system HDD from BIOS on Ubuntu 18.04?
<Emmanuel_Chanel> Sorry for my lack of the words.
<ahasenack> good morning
<ahasenack> Emmanuel_Chanel: yes you can
<ahasenack> Emmanuel_Chanel: have you checked the md5sum of the iso you downloaded?
<Emmanuel_Chanel> Oh, not really.
<Emmanuel_Chanel> Someone says that Ubuntu 18.04 disables us to boot a GPT disks from BIOS. So I asked.
<Emmanuel_Chanel> Thanks for answering me.
<ahasenack> I'm not sure what "boot gpt disk from bios" means, though
<ahasenack> I mean, I don't know that it is a special case (gpt disk booting)
<ahasenack> it boots fine in legacy mode, and uefi mode
<tomreyn> Emmanuel_Chanel: what you say might be related to this bug? #1786384
<tomreyn> bug 1786384
<ubottu> bug 1786384 in subiquity "Boot failure with BIOS /bios_grub with multiple disks" [Undecided,New] https://launchpad.net/bugs/1786384
<Emmanuel_Chanel> Maybe. I don't really know.
<tomreyn> ok, i guess we can't tell without more info.
<ahasenack> cpaelzer: rbasak do you remember if debian has a problem with having ssl-cert (snakeoil certs) as a depends in a package?
<ahasenack> it's one of the deltas we have
<ahasenack> and one of the reasons their squid dep8 tests are failing. They adopted our tests, but didn't adopt that bit in the package
<ahasenack> which I can submit to them, but whenever I hear ssl.*debian, I think openssl, and licensing issues
<rbasak> I'm not sure if Debian does snakeoil? Or did they implement it later, but differently?
<ahasenack> the package is the same, and it installed the certificates where apache expected them
<ahasenack> went from this:
<ahasenack> Aug 10 14:58:48 autopkgtest-lxd-xprozj apachectl[2817]: SSLCertificateFile: file '/etc/ssl/certs/ssl-cert-snakeoil.pem' does not exist or is empty
<ahasenack> to
<ahasenack>    Active: active (running) since Fri 2018-08-10 15:00:53 UTC; 3s ago
<rbasak> I'm not sure then.
<ahasenack> all I had to do was apt install ssl-cert
<rbasak> Perhaps they'll take it now.
 * rbasak wonders how snakeoil interacts with certbot
<RoyK> then use certbot/letsencrypt instead
<rbasak> certbot still needs user interaction
<rbasak> (and we're working on improving UX on Ubuntu, but certbot in the archive is still a poor experience right now)
<rbasak> (improving _certbot_ UX on Ubuntu)
<rbasak> So it can't deprecate snakeoil completely. Hence snakeoil is still useful.
<rbasak> It'd be nice to get snakeoil well integrated with certbot though.
<rbasak> Providing a self-signed cert to start, but a very smooth UX to get it to letsencrypt-issued one.
<ahasenack> I could add it just to the dep8 depends for now
<ahasenack> and poke them if they would take it as a depends of the package
<rbasak> Perhaps a Recommends?
<ahasenack> would still be a delta
<ahasenack> we have it as a depends
<ahasenack> I'm still going to look over that in detail
<ahasenack> what it means for squid to have ssl-cert
<ahasenack> having it as a depends in d/t/control would be a no-op for us, and would make the tests pass for debian
<rbasak> OK
<cpaelzer> ahasenack: dovecot changed to snakeoil in 1:2.2.31-1
<cpaelzer> ahasenack: so it does exist and is used in Debian
<ahasenack> as in, the ssl-cert package?
<cpaelzer> Depends: ssl-cert
<cpaelzer> ahasenack: yes
<ahasenack> cool
<cpaelzer> ahasenack: FYI https://salsa.debian.org/debian/dovecot/commit/05d3d0f
<ahasenack> thx
<axisys> anyone know a place where I can discuss about HP hardware raid controller? I need to convert a raid1 (2 600G disks) into a raid10 (2 600G and 2 2TB) using hpssacli
<tomreyn> i just did another installation on a uefi VM with two sata storages, using the server live installer. the installation log contains the output of "grub-install --usage" four times. should i be worried?
<ahasenack> tomreyn: can you paste them somewhere?
<tomreyn> example screenshot http://i.imgur.com/Gz48c29.png
<ahasenack> that doesn't look right
<tomreyn> i asusme th einstallation log will be preserved at /var/log/install on the target system?
<ahasenack> tomreyn: yes
<ahasenack> ah, wait
<ahasenack> I don't know
<tomreyn> it did boot at least
<ahasenack> that's good :)
<ahasenack> if the logs are still there, would you mind opening a bug and attaching them?
<ahasenack> tomreyn: https://bugs.launchpad.net/subiquity/+filebug
<tomreyn> i forgot to zero the drives beforehand, it's possible that grub was already installed.
<tomreyn> sure, will be happy to
<ahasenack> there have been such bugs in the installer where it didn't zero the drives
<ahasenack> we have seen that with zfs and raid
<ahasenack> thanks tomreyn
<tomreyn> it's raid + lvm
<ahasenack> I assume you are using a VM to test it first?
<tomreyn> yes, it's a VM (as i wrote above)
<tomreyn> http://paste.ubuntu.com/p/7RGXrzJsSW is the log
<tomreyn> ahasenack: i'm not sure what the bug report should be about, since this time it actually seems to have done what i configured in the installer.
<ahasenack> geez, is it really calling "grub-install --help"?
<ahasenack> I suggest the bug be about that ^
<tomreyn> i would have assumed grub-install returns the --usage output because un unknown option or incorrect syntax was passed
<ahasenack> there seem to be some debugging messages in there
<ahasenack> you didn't add any, while troubleshooting something?
<ahasenack> look at lines
<ahasenack> 2300,
<ahasenack> and 2327
<tomreyn> i did not spawn a shell / switched tty's from the installer
<ahasenack> mwhudson: around?
<ahasenack> might be too early still
<tomreyn> and the log is a direct pastebinit from the booted system
<ahasenack> then file away
<tomreyn> bug 1786525
<ubottu> bug 1786525 in subiquity "Dumps "grub-install --help" output to curtin-install.log" [Undecided,New] https://launchpad.net/bugs/1786525
 * tomreyn bbl
<ahasenack> thanks
<jak2000> basic quesiton: i have a directory /backups and have my home directory: /home/jak   i want create a link permanently on: /home/jak/backups how to?
<tomreyn> ahasenack: looks like it's on purpose
<wendico> hello
<keithzg> Well I'm stumped by netplan, I basically just copied the example from https://netplan.io/examples#dhcp-and-static-addressing for the right values for a static address for the server on my network and now the interface isn't even coming up.
<roaksoax> keithzg: netplan apply ?
<keithzg> roaksoax: Yeah I was doing that and then the interface just wouldn't come up. I *just* noticed the problem though: I'd typo'd the random (well, not random, but random to an unknowing human!) numbers in the ethernet adapter name, whoops!
<keithzg> I still reserve a bit of dislike for netplan though since it apparently hates tabs :P
<havenstance> has anyone in here managed to get psensor-server to run as a manually created service without it shutting down instantly on Ubuntu 16.04?
<roaksoax> keithzg: ha :) I quite like netplan :)
<keithzg> roaksoax: Other than YAML's distasteful prohibition against tabs and that it didn't really make clear that I was trying to apply rules to a nonexistent device, it *does* seem pretty neat so far.
 * keithzg was half-tempted originally to just use /etc/network/interfaces anyways, but it's always fun to learn new things, particularly if they're not unnecessarily complicated; and netplan does seem nicely simple in most ways.
<havenstance> nvm I think I have it figured out guys
<sarnold> havenstance: what was it?
<havenstance> sarnold, didn't specify the end command
<havenstance> wrote a script to just pkill it, haven't tested yet as I'm still rewriting the service, will report back in a few if I managed to get it working
<sarnold> I hope there's a better way than just pkill..
<havenstance> if it were any other program in the world I'd worry about it, but since it's just monitoring temps I installed it simply for the GUI so I could watch system temps on the server from my desktop lol
<sarnold> aha :)
<havenstance> unfortunately the program doesn't include a start script or an end script
<sarnold> yeah I can see that
<havenstance> I'll probably write a tutorial after this to help anyone else who comes across the issue, and hopefully the community can help correct my terrible coding lol I'm not at all a vet, I've used ubuntu for years, but mostly just to play around, only recently have I really gotten into building things to make it do what I want
<havenstance> and frankly seeing how easy it is, Microsoft can keep windows lol
<sarnold> :D
<havenstance> sarnold, it's working now
<sarnold> woot
<havenstance> is there a place to write a tutorial for this? cuz I feel like someone in the community would benefit from knowing what I just did lol
<sarnold> you could pop up a new page on the wiki, or perhaps ask a question and then immediately answer it on askubuntu
<tomreyn> mwhudson: So apparently "/RAIDs/RAID-1/My awesome RAID-1 (fresh and shiny)" is not a valid md device name according to mdadm (but it is according to curtin / 18.04.1 live server installer).
<tomreyn> is it worth it to file more bugs about similar issues or should i wait until there is a version which does basic input validation?
<tomreyn> while it might sound differently, i dont mean to blame you personally, or any developer, i'm just disappointed by the overall result of how bleak what was chosen to be the default installer for 18.04, and still for 18.04.1, looks altogether.
<powersj> tomreyn, have you found other fields that fail?
<tomreyn> powersj: i haven't verified, this, yet
<wendico> hello there, finally im ready to continue learning ubuntu server. My server is installed and running and i am connected with my desktop on ssh, but...
<tomreyn> here are my accepted inputs http://i.imgur.com/ZgmorAs.png http://i.imgur.com/RYK8dmI.png
<sarnold> pretty
<wendico> im an old windows server user, i will like to have a small talk on posibilities and realities of nowdays, know what my server can do by default, etc
<tomreyn> powersj: ^ i assume the VG and LV name would also have failed
<wendico> if anyone would like to have a talk with me about this server things on my mind, i read a lot but questions solve to slow reading
<wendico> i would like to know what i want to learn before i learn it i mean, because i really want to learn, i dont just want to ask you the commands to make my server a router for example
<sarnold> wendico: have you found 'apt-cache search' and 'apt-cache show' yet?
<wendico> may i just drop questions here?, maybe is offtopic, someone want to privete me about server services now days on private, im fast typer and learner
<wendico> apt-cache show shows no packages found, but giving me that command means i cant explain myself im sorry, english third language
<wendico> im limited on the amount of info i can learn coz im old, nevertheless i want to be able to run an ubuntu server with basics services. im expert runing windows domains, could someone have a talk to me
<wendico> so i can explain what services i want to run then can lead me to the path of commands i should master
<wendico> i have no mind to be an expert
<tomreyn> wendico: do you know https://help.ubuntu.com/lts/serverguide/ ?
<wendico> yes but it is for dumb people
<wendico> i read 4 pages to learn sudo
<wendico> i would love to someone spend sometime with me so i ask straight questions and learn just what i need
<TJ-> wendico: Onlt 4 pages!!?? Wow, I/m still learning it after 15 years!
<TJ-> s/Onlt/Only/
<tomreyn> hmm, i think i would find it useful if i was new.
<wendico> at least im sincerily accepting i have not the capacity to learn it all
<wendico> nevertheless i installed my server on software raid and running on ssh and is my first try, of course guided here
<tomreyn> there's no need to 'lern it all', no one can. but you can focus on one task / problem at a time.
<wendico> (ty tomreyn)
<wendico> so im sure, instead of just teach me full task of each problem at a time
<tomreyn> and there actually is a lot of documentation out there which can help
<wendico> i could explain all services in one time i want to be able lto manage
<wendico> and then u answer me in one line wich commands i have to master
<wendico> could that be posible?
<tomreyn> i can suggest softwares for functionality you want to configure
<tomreyn> if that's what you're asking
<wendico> thank you you just got me, so let me repeat the correct straight question
<tomreyn> i'm not going to be able to spend another night with you today, i'm afraid
<wendico> of course thats why
<sarnold> ubuntu ships 62000 packages
<sarnold> there's no way to summarize all that qauickly
<sarnold> that's why I asked if you've seen apt-cache search
<sarnold> it lets you find which thousand packages might be relevant to your interest
<wendico> so i have an ubuntu server running out of the box and i just want to use it as gateway, router, firewall, proxy and nass
<sarnold> and then apt-cache show to show you information on each in turn, so you can decide which packages to try
<TJ-> wendico: would it help you to see a program that is designed to manage most of the server packages and exposes the settings in logical groupings?
<wendico> what commands should i start learning to master configure networks, routes, firewall rules, proxy cache and files access
<TJ-> wendico: For your gateway/router/firewall I'd recommend shorewall, which presents a HTML based GUI to organise things, which helps understand how everything fits together as well as the individual 'power' settings
<wendico> or that is good for me to, what "software" gui could help me achive those jobs
<wendico> tj, yes a program to manage server packages also help please
<TJ-> wendico: for a much wider view I'd recommend the related projects webmin, usermin, and virtualmin. They aren't packaged in Ubuntu but you can get debian packages from the upstream source.
<wendico> going into learning shorewalll
<wendico> i allready started learning iwconfig and ifconfig
<sarnold> skip ifconfig, learn iproute2 instead
<wendico> thank you, noted, ifconfig deleted
<sarnold> unfortunately lartc.org is down :(
<sarnold> here's a mirror .. probably old :( https://www.tldp.org/HOWTO/Adv-Routing-HOWTO/
<sarnold> learn netfilter, iptables
<wendico> wow you are all so helpfull, im glad i could express myself, u are really helping me
<wendico> i dont want like yesterday tomreyn guiding me 2 hours
<wendico> now u got me and my limits
<wendico> thanks all for the support
<sarnold> wendico: I strongly recommend avoiding webmin, usermin, and virtualmin, etc. most of the time those front-end things are terrible code quality and security problems
<sarnold> wendico: take a look at squid for your proxy/cache needs
<sarnold> wendico: and NAS .. that's a big topic. samba is the SMB-compatible server, but you could also just use nfs and skip that giant headache
<tomreyn> i second that shorewall is a good choice for gateway/router/firewall. since you run 18.04.1 server, you can use netplan to configure your network interfaces.
<wendico> tomreyn: noted on my notepad, studing to achieve it
<wendico> sarnold: squid noted, avoiding bla bla bla noted
<wendico> sarnold, thats what i though, all my clients gonna be windows, so i will just nas ntfs
<wendico> noted down
<sarnold> wendico: ah. then squid. :)
<sarnold> sigh.
<sarnold> samba
<tomreyn> uuh did you just recommend webmin and usermin, TJ? i wouldnt dare to, think they break more than they help. and they prevent you from learning.
<TJ-> wendico: if you want a prox/cache for many Debian/Ubuntu PCs on the same network fetching packages only once via the Internet, then sharing  them locally, look at squid-deb-proxy and squid-deb-proxy-client
<TJ-> tomreyn: not so, that's been false for over 10 years
<wendico> maybe coz he though i want fast and unestable, i noted sarnold recomendation thought
<TJ-> tomreyn: I've used them extensively and they've not broken anything, including release upgrades
<wendico> i want limited but stable even though slower
<TJ-> tomreyn: there was some hiccups around 2004-5 since then they've been very stable
<tomreyn> TJ-: hmm, ok, i have not used them for a long time, and only short when i did. it just feels wrong to use a webinterface to handle file system ACLs etc. but maybe i should revisit it some day.
<wendico> ok, i like pros opinions and since i got a new used spare hardware i will test the webmin and all that in a second test enviroment
<wendico> just in case im not able to learn to do it without those tools
<wendico> writtinng it down
<havenstance> TJ-, I like webmin to a point, I just think the first thing a hacker is gonna look for is an open port 10000 because then your only protected by the complexity of your password at that point
<TJ-> tomreyn: that is not something it focuses on at all,
<havenstance> so as long as you use the webgui in your local network and don't open that port to the outside world I'd recommend webmin
<tomreyn> 2003/4/5 is probably when i last used those.
<havenstance> but if I were doing an all in one network server I might recommend Zentyal over webmin.
<wendico> btw, with proper configuration and a wifi network card, this ubuntu server can my my wifi gateway for the cellphone clients, cant it?
<havenstance> but it's purely based on user preference at that point, cuz some people prefer CLI, some people prefer webmin, some people prefer zentyal
<wendico> i didnt know but i allready istalled a 300mb wifi card, i asummed for sure
<TJ-> My point with webmin and friends is to learn the relationships of all the settings of many packages in a consistent way. It presents them in logical groups but still writes the underlying config files according to the way the projects require, so you can do things in the GUI that are quite complex, then look at what settings get changed/created in the underlying config files
<wendico> exactly tj, thats why i noted it and i will do it in parallel in the test server
<wendico> so i can use gui to make changes, look at them, and then not use gui on production server
<havenstance> TJ-, like I said I can get behind webmin, and any forks thereof, as well as zentyal in that regard, Zentyal is what taught me a majority of what I know of CLI just by doing what you said, run the options and read the logs
<wendico> is a good tip
<TJ-> Same goes for Shorewall
<TJ-> Many people only want to configure a package once; don't have the time or inclination to want to become experts in each project, just feel they've got it about right without unintended consequences
<havenstance> TJ-, I agree with that, I used to work for a guy who used webmin on an old ubuntu server, I spent more time troubleshooting his mistakes than I ever did doing anything else
<tomreyn> maybe the first thing to focus on should actually be backups
<wendico> backups... ummm...
<havenstance> tomreyn, that is the best advice for anyone new, I can't tell you how many times I've broken my system screwing up one line in a config file
<wendico> i actually do have backups always of everithing multiple times
<wendico> but actually i spent lot of time a week doing so
<tomreyn> it's boring and sometimes a bit annoying but it's something you'll just postpone later since there'll always be something better to do.
<havenstance> absolutely, like I said can't tell you how many installs I've fragged by not doing it lol
<wendico> auto back ups will be so cool for me
<TJ-> One example where I still find it easier to use the HTML UI is Virtualmin's management of postgrey, the postfix grelist add-on for preventing spam. When I need to add exceptions I can never recall the correct format or files to edit - it makes it trivial and prevents me making mistakes
<wendico> TJ u are right im on that school, im very old computers invented when i could buy one, and i have always been so lazy
<TJ-> Version control over /etc/ is a very useful thing too
<wendico> i loved linux
<wendico> but just click is so easy....
<wendico> i becamed lazy
<wendico> but the people that program those uis are not the experts and their ui option sends wrong command
<wendico> ooops
<havenstance> anyone in here use 18.04 server yet?
<wendico> that didnt hapend old times
<wendico> if there where a ui, the ui always worked
<TJ-> I started with Linux servers in the late 1990s when it was hell to figure stuff out so maybe I'm biased due to that because these HTML UIs taught me so much and gave me confidence and insights I wouldn't have gained by editing the raw config files, or reading the (often) poor documentation
<TJ-> havenstance: Yes, all my stuff went to 18.04 during the beta
<havenstance> TJ-, I can't disagree with you on that, like I said, I learned a ton from using HTML stuff as well
<havenstance> TJ-, does it have the same annoying feature Debian Stretch has where if you input a root password it doesn't install sudo?
<TJ-> I never set a root password :)
<wendico> i did just the opposite way, since emule was legal in my country, i always could find the code written for what i needed
<wendico> even for hacking
<wendico> cain, abel....
<wendico> no command send
<wendico> just 3 clicks
<havenstance> TJ-, I won't after that fiasco ever again lol, but does it ask for said root password on install like stretch did?
<wendico> now im garbage in nowdays computers hahaha
<havenstance> TJ-, nvm I'll just do a VM and check it out :)
<TJ-> havenstance: I've never seen Ubuntu do that ever! I didn't realise Debian did!
<TJ-> havenstance: then again many of my deployments are from 'cloud' (hate that word!) images, or debootstrap
<havenstance> TJ-, updated Jessie to Stretch for a buddy of mine, and we fought that thing for like 3 and a half hours to try and get sudo working
<havenstance> Jessie had sudo by default tho
<havenstance> eventually I talked him into scrapping Debian and going with Ubuntu and he's surprisingly even doing better than I do in CLI most times lol
<havenstance> for me tho it's only recently been about the last year or so that I've even experimented with scripting things and actually getting under the hood of Ubuntu, and I must say it's been enjoyable
<TJ-> I'll tell you something I take extreme issue with for several core server packages. Freaking out and refusing to work if their /etc/ directories are set g+w! I mean, what gives? I want to allocate admin groups who can edit without needing root rights in any way. There's no security hole. sudo breaks, ssh will refuse to start, and several others I forget now
<TJ-> The entire point of groups/ACLs is to allow non-root managemeent
<TJ-> I've recently hacked on vagrant-libvirt/vagrant-mutate to do som deploymnet/orchestration testing locally using QEMU/KVM and that's been 'fun', got those issues fixed and now Ansible is thwawting me  :)
<havenstance> lol I have to say I've found that if you have the patience to work thru it line by line, most times Linux tells you why it's b0rked
<havenstance> lol
<TJ-> yeah, I was demoing to some Windows users at a charity I volunteer for, all the logging Linux does as it boots for example, and in /var/log/ - these were just 'users' who pilot Word and Excel, and they fell in love with Linux immediately - especially the speed and power of the shell for piping output to filter results. I was amazed how they responded; was expecting them to have eyes glazing over.
<TJ-> As a result I am developing a plan to completely replace Windows throughout with Ubuntu
<TJ-> The way their eyes popped when I Alt+Fx-ed between the consoles to demonstrate the multi-user nature was a sight to behold :)
<RoyK> TJ-: try to do that with windows logs ;)
<wendico> `sudo apt-cache show`says E: no packages found. I understood sarnold that command should show thousand of available packges, what did i miss?
<sarnold> wendico: a package :) try apt-cache show bash
<keithzg> Yeah, personally I gravitated towards Linux ages ago because I always manage to find myself with computers going terribly wrong, and at least with Linux I could reasonably find out what and why and fix it, whereas Windows is often just a confusing mess with a black box in the middle . . .
<keithzg> Hrmm drat, I was hoping to switch from MySQL to MariaDB at work here, but the version in the 18.04 repos is still too old to upgrade from the MySQL version we were using on 16.04, and MariaDB's own repos for 10.3 give unmet dependency errors :(
<wendico> apt-cache show bash shows basic info and that i have minimal install, maybe is that i have really no package yet hehe
<wendico> iptables work as sugested to learn but netfilter also says command not found
<TJ-> RoyK: I was dealing with the company that manages the Windows AD server last 2 days; 1stly they couldn't add a PC to the network because the local Admin password doesn't work (so I booted it from my Ubuntu USB flash and ran chntpwd on it!) and they can't figure out why DHCP leases for new devices on the Wifi don't get issued for 3 hours. So far its not occurred to them to read the Event Logs :)
<sarnold> wendico: netfilter is a whole framework for firewalling, packet manipulation, etc.. there's a lot more to it than one command ;)
<sarnold> keithzg: hrm, I'm surprised about the unmet deps on their repos.. are you sure you picked *ubuntu* and not *debian* repos?
<RoyK> TJ-: rotfl
<keithzg> sarnold: Uhhh it's Friday and I was literally typing into the wrong terminal whoooops
<sarnold> keithzg: oh! :)
<wendico> sarnold: ty, noted down, and last question, UFW command has never been mentioned here but is installed by default, is that a replacement for netfilter or iptables?
<sarnold> wendico: no; ufw is a simple front-end for iptables that's supposed to be easy for easy situations
<tomreyn> wendico: to make 'apt-cache show' work you need to 'apt update' first. also there's an installer bug which we did not fix last night https://launchpad.net/bugs/1783129
<ubottu> Launchpad bug 1783129 in subiquity "Only "main" component enabled after install" [High,Confirmed]
<wendico> thank you, so if i could really master iptables, that would be enought for firewall and routing then not need netfilter or shorewall?
<tomreyn> this is correct, but it can have a somewhat steep learning curve, depending on where you come from.
<sarnold> iptables is built on netfilter; knowing how netfilter works would be helpful
<sarnold> if ufw works for you, then you can skip shorewall, but I doubt ufw will work for you
<wendico> i just used the commands to enable ufw and enable just ssh trafic and seems worked on default installed server
<sarnold> yes, that should work great :) but NAT or routing may be more than it is prepared to handle
<wendico> nevertheless i need more control, is not ennough, so i go into iptables
<sarnold> exactly
<tomreyn> ufw works fine for simple port blocking, but not for routing with multiple interfaces and different policies.
<wendico> i will install downgraded virtual machine to check on netfilter and delete
<wendico> and i will install a simple one disk server to test all the other tools
<wendico> now really last question, is samba installed by default and the squid-deb-proxy is worth if i only have one ubuntu client?
<sarnold> samba shouldn't be installed by default
<sarnold> and squid-deb-proxy is probably not worth it for just one machine; unless you're building packages on that machine..
<wendico> and for normal proxy-cache services, i think im missing that answer, if i decide to master iptables and not use shorewall or similar, what packages should i master for internet proxy cache services?
<sarnold> just plain 'squid' for proxy cache
<wendico> thank you
<sarnold> squid-deb-proxy is pre-configured to accept the huge objects and long lifetimes that debian packages usually have
<wendico> ^that is no suggest to disable it since i wont have ubuntu clientes?
<wendico> no=to  ^
<sarnold> yeah
<wendico> ty,
<sarnold> squid-deb-proxy wouldn't provide you with much benefit if you've only got the one machine, and it'll add another 30 seconds to every single reboot
<wendico> thats what i though, im the only brave enought to use ubuntu, all other 6 clients are windows
<sarnold> I *love* it on my laptop, since I build packages there, it really helps -- even though I've got a local archive mirror in the basement, it's still only connected over a gigabit network, and having most of the packages locally already makes those go *way* faster
<wendico> and i have a good line and a total of 7 clients plus cellphones, is actually ridiculous for experts like u haha
<LastTalon> Hey, I'm attempting to install ubuntu server on a machine and I'm having some trouble.
<LastTalon> It ends up posting "Could not delete variable: No such file or directory" to stderr int he end.
<LastTalon> Any idea why this might be happening on ubuntu server 18.04.1?
<sarnold> do you have any other context on screen?
<sarnold> in isolation I'm not sure what that would be
<LastTalon> Unfortunately I rebooted before I came here to maybe check if it was a hard drive issue.
<LastTalon> I can give more details after I try again.
#ubuntu-server 2018-08-11
<wendico> tomreyn: still here?
<LastTalon> Alright.
<LastTalon> So it worked this time.
<LastTalon> Not sure what was going wrong.
<LastTalon> Thanks for your help anyway, sarnold
<sarnold> LastTalon: heh, bummer.. I hate not knowing what caused an issue :)
<wendico> ok thannk you, with all the info you gave me, i writted down a working plan, may y post it for you to see if i got it correctly. Thank you for suggestions https://imgur.com/a/nnDfaY5
<sarnold> wendico: iwconfig is still useful
<wendico> sarnold: noted, thank you i actually want my server to be wireless access point, i think i need it for that
<sarnold> wendico: aha, then also take a look at wpa_supplicant and ...
<sarnold> wendico: .. hostapd
<wendico> sarnold: ok noted, i think i even remember using those things in that old times of WEP aircrack
<sarnold> :D
<wendico> i asked on ubuntu channel but i would like a second opinion, for my virtual test, virtualbox right?
<sarnold> I'd rather use qemu/kvm .. install virt-manager and use that instead
<wendico> but that im gonna do on my desktop, in case u think im installing that on my server
<wendico> just for the test server 1 on the screenshot i prefer use my desktop since is more powerfull, im running ubuntu desktop last version clean install
<wendico> for that also qemu/kvm?
<sarnold> wendico: yeah; libvirt is the best way to use qemu and kvm, and virt-manager is definitely the easiest way to use libvirt
<wendico> thank you sarnold, noted down and reading on it, runned sudo apt-get revome virtualbox ;)
<sarnold> libvirt can do some really cool things.. you can have the virt-manager front-end program on one computer manage the VMs run on a bunch of other computers
<sarnold> I don't actually like libvirt much, but it's still the best / easiest ..
<wendico> can i just sudo apt-get install libvirt or should i read on it, i have experiencce only on vmware
<sarnold> I think apt-get install virt-manager  would bring in all you need
<wendico> ty
<keithzg> Starting to worry that there's something weirdly wrong with the ethernet adapter in this new server, since when it's plugged in it seems to be killing our router's internal-facing network adapter . . .
<sarnold> keithzg: o_O
<keithzg> It's really disconcerting, if I turn the new machine on and plug it into our network in our server room, at some short but seemingly random interval (up to a few minutes) the internal-facing ethernet adapter on our router dies like so: https://paste.kde.org/prxgycxci
<keithzg> Hmm, seems like it might be a known-ish bug? Seems potentially fixable by either disabling some offloading on the network device, or by compiling and installing a newer version of the Intel e1000e driver.
<keithzg> In the meantime though keeping the new server plugged in on the other side of the building seems to have solved things so I might just leave things like that and leave for the weekend :P
<keithzg> ...clearly I spoke too soon.
<sarnold> fwiw I've always had an impression turning off offloading was a good step to take
<sarnold> is that a possibility for your load?
<keithzg> sarnold: That's certainly what I'm about to try! Until now the machine in question has shown *tons* of headroom CPU-wise, so we'll see if disabling a ton of the offloading is too much for it or not (a bit more CPU usage is a small price to pay if it means the adapter isn't dying, heh)
<sarnold> I have a small hunch that it wouldn't be a big deal for gigabit nic anyway, there just isn't that much data to move around on such a slow medium..
<keithzg> Yeah and it's not like our uplink to the wider internet is gigabit anyways, so the actual traffic through our router should be even more modest still.
<keithzg> Welllll that didn't work.
<keithzg> Maybe disabling offloading for gro, gso, tso, tx, rx, and sg wasn't enough?
<sarnold> what's left? :)
<keithzg> ufo, lro, ntuple and rxhash I guess?
<keithzg> (But yeah not much that seems likely)
<keithzg_> Well nothing so far has worked. Current plan, upgrade the router to 18.04 and hope that magically fixes things somehow :P
<keithzg> That . . . seems to have worked? At least kindof?
<keithzg> Definitely seeing packet loss though.
<wendico> how do i get out of full screen of my virt-manager machine? ty
<tomreyn> wendico: in case you didnt find out, yet: you move the mouse to the top cente rof the screen, where two icons should then show up, one of which exits full screen
<tomreyn> personally, i do like using virtualbox on desktop type computers, and prefer it over kvm/libvirt/virt-manager there.
<compdoc> Ive been using kvm for years. I like much better
<tomreyn> i definitely prefer kvm + libvirt for (headless) servers
<tomreyn> kvm is more flexible in terms of virtualization and doesn't require proprietary add-ons for some functionality. but virtualbox integrates better in a desktop., the GUI is better.
<tomreyn> (which is, of course, a subjective judgement, as with all GUIs)
 * compdoc subjects tomreyn to some harsh judgement
<wendico> tomreyn: compdoc: thanks both. i was blind, yes i finally found out just move mouse top. i preferred virtualbox but doesnt work on my fresh installed ubuntu desktop
<wendico> i even followed a post to install virtualbox 5.2 on ubuntu 18 but still could not make it work, to not bother you i decided try virt-manager
<wendico> worked like a charm on first try and got machines running, just coz im old im blind could not get out full screen, solved
<compdoc> 10.04 is still a little fresh. Ive had some weirdness
<compdoc> *18.04
<wendico> i want to use my server as access point with a wireless im reading on wpa supplicant and hostpad. should i `sudo apt install wireless-tools` or should i go on reading to install more specific pacages? Ty
<wendico> is this option on my server "sudo apt-get install --no-install-recommends ubuntu-desktop" to bad for a very small bussiess? or could be a reasoable solution for easy server managment?
<tomreyn> on your desktop, this is fine, on your server, i would not do this.
<tomreyn> if you require GUIs you'd be better served with the webmind/uermin/virtualmin... package
<wendico> thank u tomreyn, im exactly on that path
<wendico> what about wireless support, should i `sudo apt install wireless-tools` on my server?
<wendico> thank you
<tomreyn> yes, probably. i've never setup a wireless access point, so i'm not going to be much help there.
<tomreyn> i assume you can do it using network-manager and nmcli or nmtui, though
<wendico> tomreyn: thank you i try but i think is not gonna be posible, hostapd or iwconfig commands ask me to install wireless tools or hostapd
<tomreyn> i think you'll need all of those
<tomreyn> iwconfig, hostapd, wireless-tools are the low level commands, network-manager or (alternatively) systemd-networkd are higher level management utilities.
<tomreyn> netplan would sit on top of the stack, but i can't seem to figure out how to configure a wirelless AP using netplan.
<tomreyn> so i guess i'd scratch netplan there for now and se whether it can be done with either systemd-networkd (default for servers) or network-manager (default for desktops)
<tomreyn> nmcli / nmtui are non graphical frontends to the network-manager instrumentation / framework for managing network interfaces.
<wendico> thank you tomreyn. By the way, seems i cannot add a wireless virtual card on my virtual server
<wendico> im gonna try to add the physical wireless card host hardware to the virtual machine to see if the virtual machine detects as wireless adapter for the testing
<tomreyn> i'm not aware of any way to emulate wireless network devices
<wendico> no, confirmed, not adding wifi posible on my virtual if anybody knows how tell me please, not even adding the hardware anfitrion wifi as bridged on the virtual machine shows as not wifi
#ubuntu-server 2018-08-12
<tomreyn> how would i report a bug against the 18.04(.1) release notes? It should mention that Xorg logs may now go to ~/.local/share/xorg/ and under which circumstancers they will (not).
<tomreyn> i think some other processes which used to log to /var/log may also log to the users' home now, and it woul dbe good to point this out.
<tomreyn> this would be relevant for people migrating / upgrading from 16.04
<tomreyn> 'other processes' such as gdm, lightdm, sddm (i think?). also, maybe this is only with UMS, or with KMS, not sure.
<tomreyn> x.org vs wayland may also matter
<ogra> first of all you should probably ask this in #ubuntu-desktop, not #ubuntu-server ;)
<ogra> (or in the more generic #ubuntu-devel channel)
<tomreyn> my experience is that developers watch this channel most closely, -devel is second, #ubuntu is mostly ignored.
<ogra> well, but xorg is rather off-topic here
<tomreyn> but you are, of course, right, in terms of on / off topic
<tomreyn> i can repost to #devel, do you think that's a good idea?
<tomreyn> * #uubntu-devel
<ogra> yes
<ogra> all the relevant people are there and usually use IRC proxies ... so they will see your request when starting their workday tomorrow
<tomreyn> there we go
<tomreyn> btw. a *lot* of the chat during the week here, especially by ubuntu devs, is OT ;)
<tomreyn> not that i mind, just saying
<rbasak> I think that's OK.
<rbasak> It's a channel _for_ the devs.
<rbasak> (though this channel welcomes server users too)
<ca-on-adam> Good day :)
#ubuntu-server 2019-08-05
<circ-user-dFjby> Hi, how do I make a mysqldump from a database on an old harddrive?
<circ-user-dFjby> The server isn't running btu I've got access to /var/lib/mysql
<circ-user-dFjby> nvm got it working
<rbasak> bryce: I'm not sure what happened to your git-ubuntu MP?
<rbasak> I don't see it at https://code.launchpad.net/~usd-import-team/usd-importer/+git/usd-importer/+ref/master/+activereviews
<rbasak> I reviewed from your branch though. I've proposed some fixup commits at https://git.launchpad.net/~racb/usd-importer?h=fix_derive_codename_from_series.3
<rbasak> I'd also like to determine for certain whether "...**kwargs,)" is acceptable or not.
<rbasak> But git-ubuntu CI is broken at the moment AIUI (being worked on, thanks Paride and Andreas) so I'm not certain.
<rbasak> Since git-ubuntu uses Python 3.6 in snapcraft.yaml, I think it's OK, and then it might be reasonable for developers (and the code style) to use >= 3.6 or otherwise compensate for that.
<Katronix> Hi all, someone suggested I try in here, running the standard "home" version of Ubuntu just installed Windows 10 via Qemu trying to make it run as close to hardware speed as possible.
<tomreyn> Katronix: install virtio drivers in the guest, switch to virtio hardware, re-license guest if needed.
<tomreyn> https://www.linux-kvm.org/page/WindowsGuestDrivers/Download_Drivers
<tomreyn> and make sure kvm is in use
<tomreyn> that's probably the first thing to do
<cpaelzer> ack to tomreyn, and if you are into graphics consider getting a second GPU to pass through
<Katronix> tomreyn, svm is on in bios and using qemu so I think I'm using KVM?
<Katronix> will Windows 10 use the Server 2008 drivers? the iso only has those drivers on it
<Katronix> I guess they do
<tomreyn> phew it's not really easy to find the prebuilt virtio-win iso anymore
<tomreyn> https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso seesm to be the best option.
<m1dnight_> Is the ubuntu shop definitely closed? If so, that means there is no official merchandise anymore?
#ubuntu-server 2019-08-06
<mmercer> when using preseed to configure disks,  what is the d-i partman options for NOT using lvm
<powersj> mmercer, I like to refer to this doc when trying to create a preseed https://www.debian.org/releases/wheezy/example-preseed.txt
<powersj> You will see the options for disk methods e.g. regular, lvm, crypto
<rbasak> cpaelzer: "You said you don't want me to parse those keys at all"
<cpaelzer> yep
<rbasak> No, I meant I didn't want you to parse a simplestreams filter/query string
<cpaelzer> ok, but still as I outlined none of the local context data has the keys I'd need
<rbasak> Since that syntax is not strictly defined and the simplestream library handles parsing, and I didn't want an additional parser
<cpaelzer> help me navigate it and I happily drop the re.search
<rbasak> I understand - I'll look into that
<lord4163> There is no way to make netplan rename the an interface but not bring it up?
<kierank> Would there be a reason the "live" 18.04 server installer has a kernel module that the "alternate" one does not?
<sarnold> kierank: it wouldn't surprise me, noi
<kierank> Is it possible to preseed with the live variant?
<kierank> or failing that use the alternate one with the kernel from live?
<sarnold> what problem are you seeing?
<sarnold> I wouldn't be surprised if the live system booted up with an overlayfs or something similar in place
<kierank> SD card on Intel NUC isn't detected by alternate, but is with live
<kierank> so I can't install with alternate
<sarnold> ew. I wonder why
<kierank> though actually the reason we use preseed is to get raid 1 but with a nuc I can just image the SD card
<kierank> so not the end of the world per se
<TJ-> kierank: I think the alternate runs the debian-installer directly, from .udebs, so likely it'd need the udeb that contains the missing kernel module. what module is it?
<kierank> TJ-: rtsx_pci sd/mmc
<kierank> rtsx_pci_sdmmc*
<TJ-> kierank: missing... the sdhci_pci is in block-modules but not that one
<kierank> TJ-: what does "live" do differently?
<TJ-> kierank: it has a the full kernel images the same as an installed system
<TJ-> kierank: which include all those modules
<kierank> Ok
<TJ-> kierank: debian-installer (d-i) relies on .udeb packages (smaller less capable versions of .deb packages). Some kernel modules are included in themed .udeb packages. The block-modules udeb has the main block device modules but not that rtsx* group
<kierank> Makes sense, I've never had to install on a storage device that goes via pcie before
<TJ-> kierank: in theory, if you have that/those modules handy from the same kernel version you can 'sideload' them from the d-i installer, it has an option to load drivers
#ubuntu-server 2019-08-07
<karlthane> Does anyone know what the tool the installer uses to pull ssh keys from github/launchpad and if there is any way to set it to run regularly?
<sarnold> ssh-import-id
<sarnold> you can use it in a cronjob or script or something similar if you wish; there's no default tool to do so, that I know of
<karlthane> @sarnold Thank you.
<sarnold> karlthane: you're welcome :)
<heller_> hey
<heller_> my server rebooted yesterday evening. Any tips where to look for the issue?
<lotuspsychje> elaborate here heller, like server version and services running
<heller_> ubuntu 18.04 and running only zabbix serer
<heller_> virtualized at an external provider
<heller_> https://pastebin.com/KRDbU7Pn
<heller_> thats kern.log when it rebooted
<heller_> U-U havent done any upgrades for few days at least
<heller_> syslog  https://pastebin.com/JPiL0LpL
<heller_> syslog.1 https://pastebin.com/mgB7cJar
<OerHeks> does zabbix has a log? find / -name 'zabbix_server.log' or something like that
<OerHeks> maybe /var/log/zabbix/ ..
<heller_> yeah looking, but there's not much info about the system status
<OerHeks> maybe the host ..
<lotuspsychje> heller_: maybe take a look at your auth logs aswell for intrusion
<heller_> hey wait a minute
<heller_> https://pastebin.com/FpzCeHqD
<heller_> what does that mean
<lotuspsychje> heller_: how are you protecting your ports/ services?
<OerHeks> you had visitors :-D
<lotuspsychje> heller_: can you nmap -PN -sV your external ip to see whats exposed to the outside?
<heller_> it is exposed quite alot
<heller_> but i dont see anyone getting in?
<OerHeks> nowadays they try just once, with a botnet, so fail2ban is useless.
<OerHeks> restrict access to your ip maybe?
<heller_> i could do that yes
<heller_> but i still dont see anyone getting in?
<heller_> just curious about the power button event
<lotuspsychje> heller_: its not because logs doesnt show, that nobody can enter
<lotuspsychje> heller_: you never know what kind of exploits are used when exposed
<heller_> hmm
<lotuspsychje> heller_: it might be not your case, but better assume its possible
<heller_> got ufw running now
<lotuspsychje> heller_: if you check your open ports with nmap, thats the way attackers will find your ports & services
<heller_> Yeah i did check that, ssh and http + zabbix related are open
<lotuspsychje> heller_: for the attacker, everything open will get auto scanned these days
<lotuspsychje> they find your weak spot, and they get in
<heller_> Sure, but this issue was worse earlier
<lotuspsychje> howso?
<heller_> it rebooted like every second day. i asked the hosting company to move this vm to another host and then it stayed up for at least a week
<lotuspsychje> !info lynis | heller_
<ubottu> heller_: lynis (source: lynis): security auditing tool for Unix based systems. In component universe, is optional. Version 2.6.2-1 (bionic), package size 179 kB, installed size 1353 kB
<lotuspsychje> heller_: id suggest a full check of your server, perhaps also bandwith monitor to see whats going in/out
<heller_> Nothing special on bw graphs
<heller_> hmm
<heller_> Well lynis did not find anything ground breaking
<heller_> So the digging continues
<lordievader> Good morning
<supaman> when creating a tar backup of a folder, does the command 'tar -cf /cifs-mount/backup.tar /folder' create the tar backup in the local machine and then move it to the cifs mount or does it create the file and add to it in the cifs mount?
<supaman> I have a 70GB dir that needs backup and don't have space for that in the local machine
<lordievader> I'd expect it writes directly to the `/cifs-mount/backup.tar` file. You could test this with strace and a small test setup.
<supaman> yeah, thats what I expect also, thanks for the suggestion of test, will do that :-)
<supaman> yup, writes directly to cifs mount
<Checkmatex> trying to configure sendmail with non tls  should i use `A p y' ?
<catphish> hi, i've just configured netplan with an extremely simple bridge, and it's causing my boot to hang for about 60 seconds on the network start job, would anyone be able to suggest why? https://paste.ubuntu.com/p/s92svp72qr/
<catphish> in fact it's 120 seconds
<ahasenack> catphish: why do you need the quotes around the nameservers ip?
<ahasenack> not saying it's related, it just jumped out
<catphish> i don't know, ask the ubuntu installer :)
<ahasenack> interesting
<catphish> (i only added the bridge)
<ahasenack> catphish: I think you are missing interfaces for the bridge, i.e., which interface(s) are part of it
<ahasenack> see the bridge example at https://netplan.io/examples
<catphish> i am indeed, there are no interfaces in it
<catphish> do you think it could be waiting for interfaces to join it for some reason?
<catphish> to clarify, this is not an error, there should be no interfaces in the bridge
<rbasak> Is it waiting for DHCP on the bridge?
<catphish> i could try manually disabling it, i assumed that would be the default since IPs are specified
<rbasak> That would be my assumption too
<rbasak> I only mention it because it's fairly common for cloud-init to hang waiting on a NIC to appear if it can't find a network.
<catphish> i'm just trying an explicit dhcp disablement and explicit empty interfaces list
<catphish> no change :(
<rbasak> Anything in the logs after the hang?
<rbasak> cloud-init logs specifially
<catphish> i'll have a look once it's booted again
<catphish> could it be waiting for ipv6? there's no RA on this network
<ahasenack> without the bridge, does it hang too?
<catphish> i was just wondering the same
<cyphermox> what version of netplan?
<catphish> no problem with the bridge removed
<cyphermox> it's definitely the bridge, for sure
<catphish> looks that way
<cyphermox> maybe you just need "optional: true" under it, to pacify networkd-wait-online at boot
<cyphermox> but the real question is whether the bridge is up and has an IP address after boot.
<ahasenack> isn't there a way to check what netplan ended up rendering for networkd? In /run/<somewhere> after boot?
<catphish> thinking about it, a bridge with no interfaces appears as DOWN iirc
<catphish> so if netplan is waiting for that, it will time out
<ahasenack> and after those 120s, what does it look like in the booted system?
<ahasenack> is it up with that ip?
<catphish> just rebooted with it re-enabled, but "optional", works perfectly
<catphish> bridge comes up with correct IP, no delay
<ahasenack> and UP or DOWN?
<catphish> but, as i suspected... "br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000"
<catphish> DOWN
<ahasenack> and no members?
<catphish> correct
<catphish> (which is what i want)
<catphish> looks happy now, i have no doubt it'll come up as it should once members are added by my lxc setup
<catphish> makes perfect sense that netplan would have been waiting for that UP status
<catphish> thanks all!
<cyphermox> yeah, that's a "fun" part of *-wait-online scripts
<catphish> it probably didn't help that       addresses: [10.4.16.0/24 ] is clearly an mistake :)
<Checkmatex> i can't received mails
<tomreyn> is this a bug report, a support request, or a social media status?
<mmercer> lo folks -- with ubuntu-server,  normally with many of the distros, if you set the ifnames=0 at the boot opts, it will retain that even during the installation so that you dont have to set the ifnames after.... does this not work in ubuntu?
<rbasak> mmercer: isn't it net.ifnames=0?
<rbasak> https://lists.ubuntu.com/archives/ubuntu-devel/2015-May/038761.html has some background
#ubuntu-server 2019-08-08
<lordievader> Good morning
<popey_> I just tried to install ubuntu 18.04.2 on a microserver and the installer crashed, where should I report this, and what log file should I include?
<OerHeks> apport-cli Subiquity # i guess, popey_  https://help.ubuntu.com/lts/serverguide/reporting-bugs.html
<OerHeks> = server ubiquity
<popey_> huh, you can ru apport-cli on the server iso?
<popey_> ok, will try
<popey_> nope, it's a snap so you can't apport-cli it
<OerHeks> snap info <snap-name> you will see a contact field.
<popey_> I know that much :)
<popey_> (It doesnt)
<popey_> I'll manually file it in launchpad
<OerHeks> oh oke, then snapcraft.io might give a clue?
<popey_> https://bugs.launchpad.net/subiquity/+bug/1839468
<ubottu> Launchpad bug 1839468 in subiquity "Installer crashed - Could not create partition" [Undecided,New]
<lotus|i5> maybe tomreyn has an idea ^
 * popey_ switches to the traditional ISO
<rbasak> popey_: did you flag that on the ISO tracker please? I forget how the connection works, but we need to make sure it is connected so the relevant QA people spot it.
<rbasak> rafaeldtinoco: o/
<rafaeldtinoco> rbasak: morning!
<rbasak> For dbconfig-common, I'm preparing an Ubuntu upload identical to what is in Debian VCS.
<rbasak> For cacti, where should I source the upload from?
<rafaeldtinoco> rbasak: let me rebase the MR for you
<rafaeldtinoco> (ubuntu ready)
<rbasak> Thanks!
<popey_> rbasak: no, because I'm using 18.04.2 not .3 the new one
<rbasak> Oh.
<rbasak> Sorry!
<popey_> np :)
<popey_> I went for the old installer, which worked
<popey_> I suspect subiquity didn't like the existing partitions on the disks or something
<rbasak> Thank you for the report!
<rbasak> I assume Michael will see the bug.
<rbasak> And send it up to curtin if needed
<rbasak> Or perhaps I should add a curtin task.
 * rbasak does so
<rbasak> rafaeldtinoco: oh, one thought. cacti, by using the new dbconfig-common option, will need a versioned dependency presumably?
<rafaeldtinoco> rbasak: hum.. true
<rafaeldtinoco> iÂ´ll set >=
<rbasak> +1
<rbasak> It will probably help with ordering as tests runs through excuses.
<rbasak> Oh
<rbasak> rafaeldtinoco: note I'm using 2.0.11ubuntu1 for dbconfig-common
<rbasak> So >= 2.0.11ubuntu1 please
<rafaeldtinoco> ah ok
<rbasak> Or >= 2.0.11ubuntu1~ if you prefer
<rbasak> (I don't care; backporting for this seems extremely unlikely)
<rafaeldtinoco> rbasak: do we have to set -proposed in autopkgtests
<rafaeldtinoco> when this occurs ?
<rbasak> What do you mean?
<rafaeldtinoco> for the migration
<rafaeldtinoco> both are going to be in -proposed
<rafaeldtinoco> and depend on each other
<rbasak> FWIW >= 2.0.11ubuntu1~ would be more consistent so let's use that.
<rbasak> We will probably need to mess with dep8 triggers I expect
<rafaeldtinoco> (yep ~ is better)
<rbasak> I'm not sure. We'll see :)
<rafaeldtinoco> ok
<rafaeldtinoco> rbasak: should I prepare a debdiff for u ?
<rafaeldtinoco> cacti is not imported yet
<rafaeldtinoco> i can push a git in ~rafaeldtinoco
<rafaeldtinoco> if its better
<rbasak> rafaeldtinoco: yes please. Maybe put a final debdiff into our staging git repo?
<rbasak> I don't really mind
<rafaeldtinoco> ok
<jamespage> cpaelzer: hello
<jamespage> cpaelzer: I've been working on a snapshot of the ovs 2.12 branch in preparation for its release in the next few weeks.
<jamespage> s390x issue worked through - however I'm having an odd issue with the DPDK build on arm64
<jamespage> https://launchpadlibrarian.net/436381942/buildlog_ubuntu-eoan-arm64.openvswitch_2.12.0~git20190807.38a85a041-0ubuntu1~ubuntu19.10.1~ppa201908071540_BUILDING.txt.gz
<jamespage> any ideas? I suspect something dpdk ish but I've not dug deep yet
<cpaelzer> yeah
<cpaelzer> no clear idea
<cpaelzer> let me read it for 2 min ...
<cpaelzer> all sorts of rdma and mlx things fail on config
<cpaelzer> maybe we build no mlx4/5 on arm?
<cpaelzer> also suspicious: gcc: error: unrecognized command line option '-mssse3'
<cpaelzer> that should be x86 only right
<cpaelzer> non arm64 work as expected?
<rafaeldtinoco> cpaelzer: mlx4 and 5 is needed for arm64
<rafaeldtinoco> i was doing work on top of that @ linaro
<rafaeldtinoco> #)
<rafaeldtinoco> lustrefs is being ported to arm64 (server part, client is good)
<rafaeldtinoco> mellanox was doing some efforts on arm64 also
<cpaelzer> we build the mlx[45] PMDs on arm64 (just checked)
<rafaeldtinoco> -Integer field ip4.src is not compatible with string constant.
<rafaeldtinoco> -String field inport is not compatible with integer constant.
<rafaeldtinoco> -Syntax error at `=' expecting relational operator.
<cpaelzer> jamespage: it seems as if none of the dpdk config is in place to get the includes and the linkage right
<rafaeldtinoco> this reminds me the iproute issue we had with ss recently
<cpaelzer> ther is a pkgconfig file provided and OVS was using it last time I checked
<cpaelzer> that would be the route I'd start looking at it (is the pkgconf available and still used on arm64)
<rafaeldtinoco> AH OK
<rafaeldtinoco> cpaelzer: jamespage: python3 on arm64
<rafaeldtinoco> jamespage: which machine are you using
<rafaeldtinoco> to compile this ?
<cpaelzer> rafaeldtinoco: see above that is a builder on LP
<rafaeldtinoco> i had problems (illegal instructions on python3)
<rafaeldtinoco> inside KVM guests
<rafaeldtinoco> and outside (host) it would work
<jamespage> that's from a launchpad builder
<rafaeldtinoco> this is python3 misbehaving inside kvm
<rafaeldtinoco> iÂ´ve faced that multiple times
<rafaeldtinoco> i recompiled python3 in the host and installed pkg inside the guest
<rafaeldtinoco> i guess this is a toolchain and/or kvm instr issue
<rafaeldtinoco> i discovered that using LXC arm{hf,64} on top of x86 using qemu-user-static
<rafaeldtinoco> and then i faced the same issue using kvm guests on armv8
<rafaeldtinoco> :\
<cpaelzer> but I don't see anything that smells like it in jamespage log - do you?
<thiras> hello. Fresh install ubuntu. When I try to `apt install redis-server` it hangs at the settings section. The service doesn't start install fails. There is no systemd service file after installation
<thiras> any idea what that could be?
<rafaeldtinoco> cpaelzer: yep, but do have that in mind
<rafaeldtinoco> it stole some time of mine back then
<cpaelzer> hehe
<rafaeldtinoco> +/<<PKGBUILDDIR>>/_dpdk/tests/testsuite.dir/at-groups/442/test-source: line 22: 31813 Illegal instruction     (core dumped) ovs-ofctl --strict parse-oxm OpenFlow12 < oxm.txt
<rafaeldtinoco> this is the first error
<rafaeldtinoco> is this test using python somehow ?
<cpaelzer> oh
<cpaelzer> haven't seen that one in the log
<cpaelzer> good eyes (and searches)
<cpaelzer> but I think that still continued, I have seen the fails at configure time
<cpaelzer> maybe that all passed and I should have looked further ...
<rafaeldtinoco> its a bunch of illegal instructions
<rafaeldtinoco> and a bunch of them come from python based tests
<rafaeldtinoco> thats why i brought that to attention
<jamespage> it only appears to happen in the dpdk build, not the vanilla one
<rafaeldtinoco> 1344: real - C                                        FAILED (ovsdb-types.at:5)
<rafaeldtinoco> cpaelzer: ^
<rafaeldtinoco> first real error to fail
<rafaeldtinoco> anyway, have fun
<rafaeldtinoco> just trying to help #)
<jamespage> confirmed - the vanilla build tests all passed fine
<cpaelzer> rafaeldtinoco: agreed there are plenty of illegal instruction dumps
<rafaeldtinoco> hum
<rafaeldtinoco> looks like the issue i faced :\
<rafaeldtinoco> i had some illegal instructions inside kvm/qemu
<rafaeldtinoco> specially with python3 (i guess they were type related ?)
<cpaelzer> and after the test fail it dumps the full config.log which contians all the errors that derailed me
<jamespage> cpaelzer: yes its not pretty and a bit distracting!
<rafaeldtinoco> unfortunately if its virtualization related
<rafaeldtinoco> and this is kvm (and not tcg)
<rafaeldtinoco> it would be a microcode issue :o)
<rafaeldtinoco> like failing to implement aarch32/64 in virtual mode
<rafaeldtinoco> i suspected that back then
<rafaeldtinoco> not sure watch launchpad has
<cpaelzer> the failing programs seem to be binaries thou - I've seen ovs-vsctl and such
<rafaeldtinoco> and if its qemu or kvm accelerated
<cpaelzer> unless it is the wrapping test script, that could very well be python
<rafaeldtinoco> if its python (hopefully it is)
<rafaeldtinoco> i re-generated the same package
<rafaeldtinoco> in a diff HW/setup
<rafaeldtinoco> and i was able to make it work BUT
<rafaeldtinoco> my python would fail the installation post-inst
<rafaeldtinoco> super fast
<rafaeldtinoco> ^ could also be related to toolchain
<jamespage> all under git+ssh://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/openvswitch
<jamespage> master branch
<jamespage> (git-buildpackage repo)
<rafaeldtinoco> cpaelzer: i can get you access to armv8 here
<rafaeldtinoco> if you need
<rafaeldtinoco> armhf and arm64 kvm guests
<rafaeldtinoco> let me know
<cpaelzer> oh I have an idea rafaeldtinoco and jamespage
<cpaelzer> I have discussed and battled and lost upstream, but this might be one consequence
<cpaelzer> trying a TL;DR
<cpaelzer> dpdk really likes processor optimizations
<cpaelzer> distributions really like their software to work everywhere
<cpaelzer> the DPDK build system makes their -march sometimes bleed into e.g. the pkgconfig they export
<rafaeldtinoco> hum
<cpaelzer> it is possible that we generate code that is too new for the virt env that we have
<rafaeldtinoco> yep
<cpaelzer> -march=armv8-a+crc+crypto
<rafaeldtinoco> if the instruction is bad virtualized
<rafaeldtinoco> or not even implemented in aarch32/64 virt microcode
<rafaeldtinoco> (since armv8 does not require aarch32 for kvm, for example)
<rafaeldtinoco> its an Â¨extensionÂ¨ to the microcode
<rafaeldtinoco> so, yes, makes sense
<cpaelzer> jamespage: if you could override that march lowering it until you hit it working
<cpaelzer> then let me know what arch was the hightest that worked
<cpaelzer> then I could patch DPDK to use this lower level
<rafaeldtinoco> +1
<cpaelzer> I have a call with the co-maintainer in a few minutes, I'll pre-discuss that
<cpaelzer> for now just assuming that this is the reason
<cpaelzer> but I'd need your checking if possible to know what would work (maybe we jsut check an old build)
<cpaelzer> hmm
<cpaelzer> no the old 2.11 build had -march=armv8-a+crc+crypto as well
<cpaelzer> that is the same is it?
<cpaelzer> unless newer GCC makes the same march use newer thigs failing in VMs
<rafaeldtinoco> yep
<rafaeldtinoco> depending on which toolchain youÂ´re using
<cpaelzer> jamespage: how about building the same in Disco for a try?
<jamespage> I can try that
<rafaeldtinoco> rbasak: fighting with a patch and its Â¨fuzzÂ¨iness
<rafaeldtinoco> will get you the diff soon :)
<rafaeldtinoco> quilt refresh wonÂ´t fix the fuzz :\
<rafaeldtinoco> will re-do it
<jamespage> cpaelzer, rafaeldtinoco no cigar
<jamespage> https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3534/+build/17389545
<rafaeldtinoco> cpaelzer: ^ if you want armv8 kvm guests let me know =)
<rafaeldtinoco> or i can check this later if youÂ´d like
<rbasak> rafaeldtinoco: I think your issue is because in commit 9e2dc74 you modified docs-source/General-Installing-Instructions.md directly instead of via a quilt patch
<rbasak> The component tarball is a red herring - the same issue would have happened without a component tarball being used I think.
<rbasak> You can use "dpkg-source --commit" to have it create the quilt patch for you
<rbasak> And then adjust the quilt patch, commit that, and drop your commit that changed the file directly
<rafaeldtinoco> rbasak: quilt generates fuzz
<rafaeldtinoco> even with dpkg-source --commit
<rafaeldtinoco> it does not accept.. this merge was the last attempt
<rbasak> It didn't for me
<rafaeldtinoco> try debuild -S after quilt
<rafaeldtinoco> no issue ?
<rbasak> I use dpkg-buildpackage -us -uc -S -nc -d -I -sd -I
<rafaeldtinoco> :O
<rbasak> To avoid the lintian run and the need to install build dependencies
<rafaeldtinoco> oh
<rafaeldtinoco> alright then =)
<rafaeldtinoco> let me re-push using quilt
<rbasak> But debuild just calls dpkg-buildpackage in the end
<rafaeldtinoco> yep
<rbasak> So I don't think it should be any different
<rafaeldtinoco> perfect! tks for checking it!
<rafaeldtinoco> rbasak: https://code.launchpad.net/~rafaeldtinoco/+git/cacti is updated
<rbasak> rafaeldtinoco: looks good from a quick glance - not reviewed in detail yet.
<rbasak> rafaeldtinoco: but (Closes #XXXX) in debian/changelog needs to be (Closes: #XXX) to be picked up in the changes file, or was that intentional?
<rafaeldtinoco> rbasak: ~ Depends: dbconfig-common (>= 2.0.12~),
<rafaeldtinoco> im setting it for debian at least
<rafaeldtinoco> so next merge its there for us
<DammitJim> what does extended security maintenance mean?
<DammitJim> <DammitJim> I just read that Ubuntu 18.04LTS will be supported for like 10 years, but only with regards to extended security maintenance
<rafaeldtinoco> DammitJim: packages will be only updated in regards to CVEs
<rafaeldtinoco> and not bug fixes directly
<DammitJim> ah ok, so only security patchess
<DammitJim> driven by CVEs
<DammitJim> forget about bug fixes
<rafaeldtinoco> yep, I think SRUs are not considered, so -security gets the updates
<DammitJim> do I have to have a special support license to be supported?
<rbasak> rafaeldtinoco: +1
<rbasak> DammitJim: yes - ESM is a Canonical product
<sam_newbie> Hi guys, have a question regarding install ubuntu from pxe server. host/client is on same machine, same network, i'm trying to create multiple os choice pxe server, so far other CentOS working fine from client. ubuntu client getting ip from dhcp server, the installation screen comes up but with error... https://pasteboard.co/IrLJnUD.png
<sam_newbie> selinux*firewall disabled on pxe server
<sam_newbie> this is my preseed https://paste.ubuntu.com/p/k9wjFGKWVW/
<rbasak> ahasenack, rafaeldtinoco: looks like cacti and dbconfig-common are good (on their own) in proposed
<rbasak> Pending dbconfig-common armhf but I'm assuming that'll be fine.
<rafaeldtinoco> yep, i was checking that now
<ahasenack> shipit!
<rafaeldtinoco> its impressive the amount of tests
<rbasak> So I have triggered what I think are the correct retests for mysql-8.0
<rbasak> mysql-8.0 with the new dbconfig-common that we uploaded for all archs
<rbasak> And mysql-8.0 with the new dbconfig-common with the new cacti that we uploaded for all archs
<rafaeldtinoco> alright
<rafaeldtinoco> so failures would be *new* if they happen
<rafaeldtinoco> hopefully there wont be any
<rbasak> Hopefully they'll all go green then when done
<rafaeldtinoco> cool, before eod iÂ´ll check one more time
<rafaeldtinoco> just to make sure there is nothing we could save time
<rbasak> Nothing will migrate yet though - we need to do the mass rebuild uploads and the FTBFS fixes we have prepared
<rbasak> And I know we have some remaining.
<rafaeldtinoco> k
<rbasak> Hopefully we'll be able to start churning them out tomorrow.
<rafaeldtinoco> sounds good
#ubuntu-server 2019-08-09
<rbasak> rafaeldtinoco: cacti dep8 failed against the new dbconfig-common and mysql-8.0
<rbasak> Despite your latest change I was expecting ubuntu1 to pass against MySQL?
<rbasak> I should have checked that before upload
<rafaeldtinoco> I tested it :/
<rafaeldtinoco> rbasak: will give a look in a few
<rafaeldtinoco> oh it's armhf
<rafaeldtinoco> no that's dbconfig
<rafaeldtinoco>  mysql said: ERROR 1419 (HY000) at line 9: You do not have the SUPER privilege and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable)
<rafaeldtinoco> this is new
<rafaeldtinoco> I'll investigate and try to mitigate this
<xibalba> on ubuntu server 18, selinux is not enabled by default. correct?
<sarnold> correct
<xibalba> thanks. i just found my answer on ask ubuntu too
<rafaeldtinoco> rbasak: ERROR 2061 (HY000): Authentication plugin 'sha256_password' reported error: Authentication requires SSL encryption.
<rafaeldtinoco> armhf is already fixed in the git repo I provided
<Casper26> Anyone know how i can prevent when booting ubuntu server with usb external drive connected it;s get labled as sda prevent the server from booting i have it in fstab by uuid to mount?
<RoyK> possibly something in /etc/default/grub
<RoyK> or perhaps a BIOS setting if it tries to boot off the USB thing before the main disk
<rafaeldtinoco> Casper26: e2fsck -LNEWLABEL /dev/yourpendrive
<rafaeldtinoco> change /etc/fstab to use LABEL if you want (or UUID)
<rafaeldtinoco> sorry tune2fs
<rafaeldtinoco> so tune2fs -LPENDRIVE /dev/sdb
<rafaeldtinoco> tune2fs -LROOT /dev/sda1
<rafaeldtinoco> mkswap -LSWAP /dev/sda2
<rafaeldtinoco> in /etc/fstab:
<rafaeldtinoco> LABEL=ROOT ...
<rafaeldtinoco> (this is Â¨o
<rafaeldtinoco> one way of doing this)
<rafaeldtinoco> rbasak: https://code.launchpad.net/~rafaeldtinoco/+git/cacti/+ref/master
<rafaeldtinoco> fixed
<rafaeldtinoco> running autopkgtests now
<rafaeldtinoco> will need another upload unfortunately
<rafaeldtinoco> fixed upstream: https://github.com/Cacti/cacti/pull/2882
<rafaeldtinoco> maintainer asked to pull request against version 1.2.x
<rafaeldtinoco> and he will include in the next version (he said asap)
<rafaeldtinoco> after tests will push this to cacti on salsa as well
<rbasak> rafaeldtinoco: thanks!
<rafaeldtinoco> rbasak: ive made 2 mistakes sorry
<rafaeldtinoco> 1) changed cacti.sql thinking it would be good
<rafaeldtinoco> and ran autopkgtests before that change
<rafaeldtinoco> sorry about that =)
<rbasak> rafaeldtinoco: OK so not ready for upload yet?
<rafaeldtinoco> wont repeat, now ill run autopkgtests in between Â¨lsÂ¨
<rafaeldtinoco> rbasak: gimme 5 min
<rafaeldtinoco> and it will be
<rbasak> ack
<rafaeldtinoco> want to confirm tests
<rbasak> rafaeldtinoco: can you please rebase against the debian/changelog amendment in my actual upload too please
<rafaeldtinoco> ooh, yep, definitely
<rafaeldtinoco> rbasak: where is your upload again ?
<rafaeldtinoco> cacti is not imported, is it ?
<rafaeldtinoco> sorry I context switched too much
<rbasak> rafaeldtinoco: you can grab using pull-lp-source
<rafaeldtinoco> ah alright, regular uploaded source
<rafaeldtinoco> sure, let me finish tests and ill do it
<rbasak> rafaeldtinoco: and in the git-ubuntu source tree, there's a tool called git-dsc-commit if you want to use that.
<rbasak> It adds a new commit that is exactly what a dsc has
<rafaeldtinoco> nice
<rafaeldtinoco> rbasak: did I wake you ?
<rafaeldtinoco> sorry if I did
<rafaeldtinoco> i want leaving msgs for tomorrow =)
<rbasak> No
<rbasak> I'm not crazy enough to allow myself to be woken by IRC pings :)
<rafaeldtinoco> phew
<rafaeldtinoco> =)
<rbasak> I don't even get interrupted during the work day by IRC pings. I have to actually look at IRC to see any pings
<rbasak> (which is why I often don't notice them for an hour or two)
<rafaeldtinoco> thats actually a good practice
<rafaeldtinoco> im having some problems to fix yet, looks like mysql cant create the function with the user permissions created by dbconfig, im fixing it right now (SET GLOBAL log_bin_trust_function_creators=1;) and running tests, etc.. not sure im holding you or not
<rbasak> No problem. I'll check in the morning.
<rafaeldtinoco> ok
<rbasak> Also feel free to finish for the day! It must be beyond your EOD too.
<rbasak> I can take over the morning.
<rafaeldtinoco> nah, ill fix this now
<rafaeldtinoco> dpkg -i works good, autopkgtest fails
<rafaeldtinoco> almost there =)
<Sky_Scraper> Hi guys, don't know if it's the right place to ask but I try cos for shure you are experts in server managements. I'm buying my first server =D I'm really zero expert in servers or how to choose or manage them, very skilled with normal pcs of every kind but zero on server. So I cannot choose between this 2 configs for almost the same price: [model: HP DL380 G7 - CPU: Intel X5650 x 2 , 2.66GHz, Hex core - 24 GB of RAM PC3
<Sky_Scraper> 10600R]  OR [HP ProLiant DL360e Generation 8 - 2 x 8-Core Intel Xeon E5-2450L(20M Cache, 1.8GHz/8 -core/8.0GT-s) - RAM 48GB PC3] ---> so, given that my goal is to use them for intensive virtualization with 20-30 virtual machines for web scraping purposes, with the firstone I will have 2 x 6cores CPU at 2.66Ghz, so 24 Threads, and 24GB ram --- With the second one I will have 2 x 8 cores, so 32 threads, BUT ONLY 1.80GHz,
<Sky_Scraper> but 48GB ram. What is the best, if you are planning to have maximum number of cirtual machine possible with more ore less 1GB ram each? The second seams more flexible, but is possible that 1.80Ghz of processor will be worst also with more cores and more ram?? cannot understand. What's your opinion?
<rbasak> Seems like a big investment to be making when you're not sure about workload requirements. Maybe considering renting from a provider first?
<rbasak> Eg. use a cloud provider initially.
<Sky_Scraper> Just want to clarify before questions that no, I don't want to go in cloud or use other kind of hardware or adopt any other kind of solution or start a conversation about many different techniques I can apply or start talking about the problem of having a physical refurbished server instead of renting online
<mybalzitch> Sky_Scraper: I wonder if you checked benchmarks if that e5-2450L is faster than a spaceheater x5650
<Sky_Scraper> mybalzitch, no I didn't, I checked the intel website spechs for the 2 models
<rbasak> I don't think any other answer is reasonable then.
<rbasak> Nobody can know what your bottleneck will be if you don't know yourself.
<mybalzitch> I'm leaning towards the second server, more threads and more ram.
<Sky_Scraper> thanks mybalzitch, I was on the same line
<avg_joe> hello. is this the correct place to ask about stress-ng? or could you point me to the correct channel.(i'm running it on debian actually).
<supaman> avg_joe: if you installed stress-ng from a debian package then its on topic in #debian on oftc network
<avg_joe> thank you supaman.
<rbasak> rafaeldtinoco: I've been looking at your latest debdiffs.
<rbasak> I was wondering why we didn't pick up the dbconfig-common problem before, but I think I've just figured it out.
<rafaeldtinoco> rbasak: because i didnt go through autopkgtest for mariadb with cacti
<rafaeldtinoco> i thought i had when i started merging it quickly for you
<rafaeldtinoco> forgot it was a todo, it was my bad sorry
<rafaeldtinoco> lessons learned
<rafaeldtinoco> and thinking little bit more about this
<rafaeldtinoco> dbconfig-mysql is showing auth plugins, but theyÂ´re most mysql ones
<rbasak> Yeah so it's not exercised unless testing cacti
<rafaeldtinoco> (only sha256_password) is for both
<rafaeldtinoco> which could be fair
<rafaeldtinoco> rbasak: ill get them now and fix upstream (debian/cacti)
<rafaeldtinoco> rbasak: how would u like to proceed with them now ?
<rafaeldtinoco> i have to forward upstream and fix DEP3 for cactiÂ´s patch
<rbasak> rafaeldtinoco: are your latest pastebins still appropriate for upload to Ubuntu?
<rafaeldtinoco> rbasak: i guarantee they work and autopkgtests pass
<rafaeldtinoco> but iÂ´ll do the upstream forward and fix dep3 now
<rafaeldtinoco> if you wait a few might be better
<rbasak> rafaeldtinoco: minor adjustemetns to dbconfig-common debdiff: s/Mysql/MySQL/ and s/bellow/below/
 * rafaeldtinoco fixing
<rafaeldtinoco> re-pushed to debian
<rafaeldtinoco> rbasak: https://paste.ubuntu.com/p/XGqDksHBWD/
<rafaeldtinoco> uploaded to debian
<rafaeldtinoco> if you are +1 both are the same
<rafaeldtinoco> im pilling changes in the same MR in debian now
<Ussat> OK, REALLY basic question but brain is not functioning this am: On my Ununtu 18.04LTS I use rsyslog.  If I want to catch all error and above ONLY be forwarded to a remote server, it is err.*@remote_server
<FaTaL_G> I have an ubuntu machine that was 16.04 running a asus pcie-ac88u (broadcom) and using interfaces & hostapd I ran it as a router AP successfully for over a year. I upgraded to 18.04, now its not working
<FaTaL_G> I get an error, even though it seems the driver is loading it wont activate
<FaTaL_G> eg: kernel: [55270.802443] brcmfmac: brcmf_run_escan: error (-4)
<Casper26> If /boot is it's partion can it be unmounted without taking down the system?
<dami0> hi, i have netplan 0.36 on ubuntu 18.04, can i set a route through ifup scripts and have it work fine with netplan? i need a route with source defined which doesn't work on netplan 0.36
<avg_joe> Casper25: hmm not sure but i don't see why the system would need /boot partiton after bootup. however do it at your own risk since if you update kernel or something with apt, it's probably going to break your system.
<avg_joe> so always remember to remount it.
<tomreyn> Casper26 CP'd to #ubuntu, and got replies there, too
#ubuntu-server 2019-08-10
<jakefb> Hi I have just upgrade to 18.04 but I am having an issue with systemd-modules-load
<jakefb> when running systemctl status systemd-modules-load I get this:
<jakefb> could not open moddep file '/lib/modules/4.14.135-rh164-20190731212002.xenU.x86_64/modules.dep.bin'
<jakefb> anyone know why this is happening?
<jakefb> I also get this error: Failed to lookup alias 'acpiphp': Function not implemented
<lotuspsychje> jakefb: you might wanna idle a bit here, weekend & US wakeup might take a while
<jakefb> lotuspsychje: okay thanks I'll wait and see if anyone can help
<Greyztar> hello,when i do timedatectl list-timezones it only finds UTC, how do i get all the other zones or if so is there a way to install other timezones or to reinstall the whole timedatectl stuff?
<Greyztar> also might mention zoneinfo directory isnt present in usr directory that might be it?
<tomreyn> Greyztar: that's unusual, it should notmally list all the known time zones. you may want to install / reinstall tzdata
<Greyztar> tomreyn: cheers ill try that,recently migrated server so its probably missing some stuff (,")
<Greyztar> tomreyn: that worked like a charm,seems it was missing something from that package
<tomreyn> Greyztar: migrated from what? you can "apt install ubuntu-server^"  (the ^ is NOT a typo) to ensure you have all the relevant packages installed.
<tomreyn> the above command won't reinstall already installed packages nor restore configuration files for packages with dpkg-tracked configurations, though.
<Greyztar> tomreyn: its an vps so i suspect they have slimmed down the image or so ,never had this problem at other providers though or my own regular installed server
<Greyztar> tomreyn: but reinstalling that tzdata package added the missing timezones atleast so all good now cheers
<tomreyn> Greyztar: servers are often set to UTC, so it's not too unusual, i guess, but, at least to me, it still seems wrong to delete files of installed packages in an image installation.
<tomreyn> this and other reasons make me not want to use hosting companies' images at all.
<Greyztar> tomreyn: yeah its abit odd, they also have a bunch of scripts running,couldnt at all figure out what was happening after i setup my iptables rules i couldnt log on anymore,after much research i managed to find the culprit,an ssh key import script was made so that the ssh service wouldnt start if that script failed none of them at support could tell me that before hand so that got a little spicy
<tomreyn> you wih they'd all have proper documentation on the diff between a default ubuntu image and their customizations, so that you could easily cherry pick from those.
<Greyztar> that would be great indeed (,")
<tomreyn> unfortunately pretty much none offers this. you either go with their images or you are on your own, guessing, hoping things will work.
<tomreyn> what i usually do is to boot into an imaged system, take notes on how it's setup, then do my own fresh install and redo the config as needed.
<Greyztar> yeah that seems nice,although some only provide images and not like Vultr where one could install from your own iso thats a great feature though
<tomreyn> so network configs, network mounts (if any), /root/.ssh/authorized_keys, /root/.ssh/config, /etc/hosts, /etc/hostname is usually what you need, but there can be more.
<Greyztar> really happy i got time functioning again thank you very much!
<tomreyn> you're welcome.
<foo> This should not prompt for password if git user tries to run this command as dev user, correct? git ALL=(dev) NOPASSWD: /home/dev/deploy.sh
<foo> It worked in a previous ubuntu installation but not another system, my error likely exists somewhere else
<foo> oh, actually, it doesn't work on the old system either when I do... sudo -u dev /home/dev/deploy-shannon.sh ... hmm.
<foo> err, well, old system had a different path for command, which is in visudo, and that did not prompt for password. /me investigates what is going on here
<foo> ah, I know the problem. service changed
#ubuntu-server 2019-08-11
<foo> Is there a way to set the home directory for a bash script? Or is it best to sudo as a user and do that via bash?
<JanC> foo: do you mean the working directory or the home directory?
<foo> JanC: nevermind, fixed it. :) Thanks anywho
#ubuntu-server 2020-08-03
<keithzg[m]> Sven_vB: Yeah, I was vaguely thinking about doing such wrapper-script filtering. Instead decided to just install https://packages.debian.org/sid/all/s3cmd which seems to be new enough to avoid the problem (and, with S3 always subtly shifting, it's nice to be on the latest version anyways)
<Sven_vB> :) good that you found it
<keithzg[m]> Normally I'd be a bit more wary about crossing releases/distros like that, but it's just to-be-interpreted Python text anyways, so I figure it's probably fine :)
<keithzg[m]> (So confident I didn't even bother grabbing the deb from the Groovy repos, heh)
<lordievader> Good morning
<xibalba> my home ubuntu box has ~800 processes right now, and so many of them appear to be related to ZFS even though i'm not using any ZFS on this system. processes like z_iput (129 processes), z_fr_iss_* (97), arc_prune (129). not sure what's going on here, just started looking into it
<foo> Trying to get pihole running. Something else is listening on port 53. I had it running before but apparently something changed. I thought netstat -nap |grep :53 would show me what's running, but I'm not able to clearly see it. bind and named not running.
<foo> This is the error: ERROR: for pihole  Cannot start service pihole: driver failed programming external connectivity on endpoint pihole (b045e64594c66786472712e8689802c00e4e69d1042ccf05765e10c52db7a299): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use
<foo> ah, got it service dbus-org.freedesktop.resolve1 stop
 * foo works to turn off dbus-org.freedesktop.resolve1 at boot time
<foo> How do I disable a service in systemd?
<foo> Having some internet issues and googling is making this difficult
<oerheks> systemctrl enable/disable/mask/unmask <service>
<foo> oerheks: thanks, something else is going on here it would seem
<foo> Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use
<foo> Getting that but nothing is running on :53
<foo> netstat -nap |grep :53 shows nothing
<foo> It's almost like since I removed dbus-org.freedesktop.resolve1 something else is doing DNS... or maybe at runtime when I try docker-compose up, something *is* running on :53?
<oerheks> i did read somewhere that pihole install needs to disable resolv.. not sure what guide that was
<foo> ah, it's systemd-resolved.service
<foo> Finally, gah.
<foo> sigh, spoke too soon.
<foo> # cat /etc/resolv.conf
<foo> cat: /etc/resolv.conf: No such file or directory
<foo> that doesn't look good.
<foo> I've spent close to 3 hours this morning trying to get pihole working on startup. It was working fine for months, then realized it wasn't set up to start on startup. Now it runs on startup, but it seems there's a ubuntu-level issue with /etc/resolv.conf disappearing. If anyone has any troubleshooting steps please let me know, I'm going to bypass it with another DNS server so I can actually do work...
<foo> I'm stumped at why I'm having so many issues.
<foo> ah, might be dns cache issues
<foo> No, there is still quite a bit of lag to resolve and some devices aren't resolving. Gah
<foo> I'm beginning to think there's an IPv6 in my /etc/resolve.conf ... and I can't ping it
<foo> I don't know where this is coming from
<RoyK> foo: can you ping something like 2001:4860:4860::8888 ?
<foo> RoyK: I realize you said "something like" - ping: cannot resolve 2001:4860:4860::8888: Unknown host -
<RoyK> pipng6?
<RoyK> *ping6*
<foo> RoyK: yes, that worked
<RoyK> some older versjons of ping are separated between the two stacks - newer ones take both
<foo> I just did dig google.com @ ... and I tried it against both IPs in resolv.conf, the one for pihole, and this other IPv6. IPv6 definitely hangs
<RoyK> foo: if you can ping an ipv6 host on the other side of the planet, then it works. that the resolver doesn't work is another thing
<RoyK> can you dig aaaa @yourresolver google.com ?
<foo> RoyK: thakns, I got it. I had to reboot the airport time capsule. Looks like some quirk that likekly cost me a few hours, meh
<RoyK> so it works?
<foo> RoyK: yes
<RoyK> whee
<foo> RoyK: thanks for "being there" :)
<RoyK> foo: np :)
#ubuntu-server 2020-08-04
<lordievader> Good morning
<geosmile> does anyone have a good pointer to a systemd service that spins up docker compose / down?
<DammitJim> someone in the office was just telling me that Ubuntu 16.04 LTS is end of life 04.2021
<DammitJim> but then I reviewed the Ubuntu page and it says it's EOL in 2024
<DammitJim> what kinda support does one get between 2021 and 2024?
<xnox> DammitJim: most likely one will either need a free Ubuntu Advantage personal (free) or one of the paid tiers to access ESM (Extended Security Maintenance). Like one currently needs for 12.04 LTS and 14.04 LTS both of which are end of basic support. You can ask questions about Ubuntu Advantage in the live chat at https://buy.ubuntu.com/
<xnox> DammitJim:  but that will be announced next year, as xenial is still currently supported.
<DammitJim> ty
<xnox> DammitJim:  we try to not use "EOL" anymore, and we try to instead use "End of Basic support" and "End of Extended Security Maintenance" because it is ambigious, 2021 vs 2024.
<xnox> or well 2026
<xnox> who knows what ESM offering for 16.04 will be.
<DammitJim> si
<RoyK> DammitJim: it's probably not much of a problem to upgrade it, though, depending on what it runs
<DammitJim> how can I figure out if a certain package came from main or something else?
<DammitJim> for example openjdk-8-jdk on Ubuntu 16
<quadrathoch2> DammitJim apt policy <package>
<DammitJim> ty
<DammitJim> I don't know why I was thinking there was a webpage with that info
<DammitJim> querying
<quadrathoch2> you could use packages.ubuntu.com DammitJim ;)
<quadrathoch2> but only if it's within the ubuntu repos
<DammitJim> man, things get very weird... when upgrading the OS
<quadrathoch2> DammitJim oO what specifically?
<DammitJim> because it almost forces you to update your applications to support the version that is in main for the OS you are going to
<DammitJim> so, we have servers that run applications written in java and go on tomcat
<DammitJim> so, for example, we have Ubuntu 16 servers with tomcat 7 and openjdk 8
<DammitJim> if I upgrade to Ubuntu 18 because Ubuntu 16 is EOS 04.2020
<DammitJim> then it sounds like I won't get support for installing/keeping openjdk 8 and tomcat 7 because those aren't coming from main
<DammitJim> does that make sense?
<quadrathoch2> yup :) DammitJim
<DammitJim> gotta keep up with tech, I guess
<quadrathoch2> DammitJim yeah, tech is really fast in comparison to anything else
<quadrathoch2> advancing
<DammitJim> I might just have to run the outdated OS...
<DammitJim> actually, I wonder what is worse... I think I loose either way
<DammitJim> or pay for support, I guess
<quadrathoch2> support _should_ not be too expensive
<DammitJim> it adds up, though
<quadrathoch2> in comparison to what?
<DammitJim> 100 VMs @ $100 a pop per year
<DammitJim> I don't have $10k laying around
<DammitJim> I better start cracking the whip and get the devs updating their applications
<quadrathoch2> yes, but imho when having a 100 VMs you probably (as a company) already earn more/have more revenue, where it should be possible to pay it (I mean or you could get more devs who update the software)
<DammitJim> yeah, you know how it is... it's not my money, it's the president's
<DammitJim> maybe the problem I have is that I haven't been moving fast enough telling devs to get off java 8
<quadrathoch2> probably, as it's already 6 years old
<quadrathoch2> and already out of support (at least commercial from oracle)
<DammitJim> well, Ubuntu support java 8 since it's in main for Ubuntu 16
<DammitJim> there's a fine balance
<quadrathoch2> yup :) I know, just saying that upstream support is eol.
<dasjoe> I've done debootstrapped root-on-ZFS server installs for what, 7? years by now, although I have no experience with zsys either
<sarnold> dasjoe: wow
<dasjoe> sarnold, long time no see :-)
<sarnold> dasjoe: indeed, it's been ages :) how are you doing?
<dasjoe> I found some of my notes about how to get an installation similar to Ubuntu Server on ZFS, https://gist.github.com/dasjoe/09ecf8190c523bf7a7dc
<dasjoe> sarnold, I'm fine! Just a bit busy all the time, so I "kind of forgot about" IRC for a while. I was cleaning up some stuff and stumbled upon my client again. How are you?
<sarnold> dasjoe: I can relate to most of that, hehe :) too busy, too little time, but happy to be gainfully employed at home, you know? :)
<sarnold> dasjoe: here's hoping you'll remember your client more often :)
<sarnold> dasjoe: five years ago .. installing the wily hwe kernel. man.
<dasjoe> sarnold, I've set it to autostart when I login, so there's that :-) Yeah, I'm enjoying my last week off. Past few months have been quite stressful with everybody working from home and my team having to fix not only our office stuff but home networks, too :-)
<dasjoe> sarnold, yeah, the gist even contains some hacks for grub like enabling only some feature flags and symlinking ZFS partitions into /dev/ so grub can find them
<dasjoe> sarnold, also, BIOS only, no UEFI grub. Times were simpler!
<sarnold> dasjoe: hah, and at the moment I'm composing a knowledge base thing for folks booting ith legacy / bios etc and busted grub installs...
<sarnold> dasjoe: .. at the moment, uefi is feeling simpler in many ways :)
<sarnold> dasjoe: how long did you have off?
<dasjoe> sarnold, well, I'm sadly no longer too involved with ZFS as of now. My laptop's root filesystem is NTFS ;-)
<sarnold> a swedish pal is lamenting the end of his month off .. actuall I htink he returns tomorrow
<sarnold> dasjoe: *gasp*
<sarnold> dasjoe: actually, I'm thinking of buying a windows myself, MS flightsim is looking pretty good..
<dasjoe> sarnold, I uninstalled Outlook and RocketChat on July 17th, so it's three and a half weeks in total. Originally we wanted to have a real vacation - as in travel somewhere for a week or so - oh well
<sarnold> dasjoe: yeah :(
<sarnold> I love the "uninstall" though :) hahaha
<dasjoe> sarnold, yes! Uninstalled everything at around 23:50 on that friday, so I'm really out of the loop about what's happening in the office right now. We still have no on-call rotation, so I had to explain again and again how I'm not reachable for anybody in any case
<sarnold> dasjoe: more than once I've heard of folks using 'vacation time' to get work done.. without being bothered by co-workers
<dasjoe> sarnold, I found it easier to ignore bothering requests working from home, we could actually focus on some problems or do some research for once :-)
<sarnold> dasjoe: yay :D I do imagine we're going to see more work-from-home..
<dasjoe> sarnold, still, I'm thnking about looking for a job at a real remote company instead of "remote-first"-as-long-as-it-suits-us, especially now that my family and I established methods and rules for me working from home
<sarnold> dasjoe: oooo good luck :D
<dasjoe> So I'm browsing through SRE jobs every few weeks. As of now my short commute (a 5 minute walk) and okay-ish compensation is what's keeping me there. Better compensation with no commute would be nice to have, but I can't really complain
#ubuntu-server 2020-08-05
<kinghat> my server booted into emergency mode for reasons and when i hit enter it gave me root. is that normal or is that a security issue?
<mybalzitch> thats why you don't let untrusted people have console access to your server
<mybalzitch> 100% normal on a default install
<kinghat> ok just making sure. i didnt know if i should report it or not. thanks for the head up. this is just a basement home server. the only thing that untrusted down there is the sump pump.
<sarnold> kinghat: it depends; if you set a root password, you'll be prompted for it. if you didn't set a root password, you won't be prompted for it.
<sarnold> kinghat: anyone at the console can simple add "init=/bin/bash" or "init=/usr/bin/bash" and get instaroot without prompting anyway
<kinghat> nah i only set the user account password when i install iirc. i did set passwordless login for ssh though ð
<sarnold> hopefully thats passwordless because you use keys, and not passwordless because it's now even worse than telnet :)
<kinghat> ya because im using keys
<kinghat> so the only way to not give root at the console is to set a password for root?
<sarnold> I think it's a bunch of steps: (a) set the master and operator passwords on your bios (b) use secure boot on the bios (c) lock the bios to booting just grub (d) set a password on grub to prevent changing the command line (e) use a full-disk encryption system to make sure the drive can't be used without supplying a decryption key
<kinghat> oh ya duh. if they are at the console they can probably just take the drive if they wanted.
<kinghat> thanks for the schooling ð
<icey> jamespage: would you be available to review https://code.launchpad.net/~chris.macnaughton/ubuntu/+source/openvswitch/+git/openvswitch/+merge/387852 ?
<jamespage> icey: merged
<jamespage> doing 2.13.1 alongside that so will upload later
<icey> :-D
<Delemas> I realize this is an archaeology question at this point but I'm trying to figure out why an openssh 7.2p2 server, despite being able to generate them, refuses to understand newer hostkey formats ex. ed25519 and ecdsa. Anyone know why?
<Delemas> This is on 16.04
<sdeziel> Delemas: got some logs and sshd_config to share ?
<sdeziel> 16.04 isn't yet in the archaeology realm ... had you said 8.04 maybe ;)
<Delemas> sdeziel, basically I'm trying to figure out what 16.04 based openssh-server 1:7.2p2-4ubuntu2.10 is giving this is in ssh -v connection to it: debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
<Delemas> other than setting the hostkeys there isn't anything in the configuration which should be restricted that.
<Delemas> restricting that...
<Delemas> ugh language skills may be broken today... lol
<sdeziel> Delemas: please share the sshd_config
<rangergord> if I'm setting up multiple systems by cloning a working Ubuntu Server disk then writing that disk image to another system, are there anythings in particular I should modify to avoid issues from having these machines on the same LAN? I know about /etc/hostname (which isn't an issue) and IP conflicts, what other concerns are there?
<sdeziel> rangergord: you'll want to "rm -f /etc/ssh/ssh_host_*key*" at least
<sdeziel> IIRC, those are created on demand if missing
<sdeziel> hmm, they are not created on demand with Bionic, so add "ssh-keygen -A" to your first run script
<rangergord> Allright, thanks
#ubuntu-server 2020-08-06
<locknet>  Hi guys, I need your advice, what book or manual do you recommend me to learn about Physical Servers and how to setup them?
<sarnold> locknet: I wish I knew; it took me ages to learn what I do know, and the amount of things I don't know is staggering
<sarnold> locknet: there's lots of cool stuff on https://www.servethehome.com/
<locknet> sarnold, thank you dude, I'll check it right now
<mybalzitch> yeah STH is a great website
<locknet> yep, STH has all what i was looking for
<locknet> thx
<Woet> randomly at night, systemd is stopping a bunch of services and then starting them again: https://gist.github.com/Woet/2e82b2e806d35fc469d748adaabca955
<Woet> however, some of the services are being skipped, so they get turned off and never turned on again
<Woet> they get started fine on boot up - but they never get restarted during these randomly "restart everything" events at night.
<TAFB> the prompt on my new vps is "\[\e[1;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]$" what the fudge? Colours work in nano and the like so I assume it's not a putty settings, how can I fix it?
<TAFB> also the up arrow doesn't work to look at past commands, need that to work too
<TAFB> fixed it, nevermind "chsh -s /bin/bash"
<lordievader> Good morning
<icey> jamespage: if I'm reading it right, intervals in now accepted into groovy, so all of the OpenStack stuff that's stuck in proposed should be able to push forward with a no-change rebuild?
<mgariepy> mwhudson, do you have a minute or two i'd like to talk about a small issue i have on subiguity on 20.04 live.
<mgariepy> the issue i have is that the installer get's the netplan config as defined in the user-data but when the installer write the config in the target it's not the same.
<jamespage> icey: no need - as soon as its published, the builders will have another go I think - its called a dep-wait
<icey> jamespage: coolio :)
<jamespage> icey: alternatively someone with core-dev permissions can hit 'retry' on the build
<icey> jamespage: as long as it gets built, I don't mind how :)
<jamespage> icey: it has already - https://launchpad.net/ubuntu/+source/python-sqlalchemy-utils/0.36.1-0ubuntu2/+build/19616861
<chrismills> I noticed that the current MOTD has a bad link in it. It looks like https://www.microk8s.io/ should be https://microk8s.io/. I tried looking, doesn't really seem like it's a thing that's possible to submit a PR or file a bug about.
<powersj> ^ if he comes back, can someone thank him and let him know it is being worked
#ubuntu-server 2020-08-07
<lordievader> Good morning
<ren0v0> Hi, I tried to upgrade from 18.04 to 20.04 on proxmox but it failed and though I've now got the container back online i'm getting errors when using apt update
<ren0v0> sqlite3.OperationalError: disk I/O error
<ren0v0> "dpkg: error: unable to sync new file '/var/lib/dpkg/status-new'
<ren0v0> any ideas?
<sdeziel> ren0v0: a dying disk?
#ubuntu-server 2020-08-08
<monokrome> hey all
<monokrome> has anyone ever seen this from MPD? ERROR: Failed to open "X3" (alsa); Failed to open ALSA device "default": Permission denied
<monokrome> mpd has access to the files, it finds the files fine, but if I try to play audio it says "permission denied" even though the mpd user is in the audio group?
<monokrome> I think it may be because the process is running w/ group "storage" but that means the process doesn't have group audio? even though the user it runs as has the group?
<monokrome> Is that a thing?
<qman__> monokrome: when you add a user to a group, that user has to log out and log back in to get the new permissions; have you shut down all the processes in that tree with the mpd user and relaunched them for the permissions to take effect?
<qman__> stopping the mpd service is probably enough
<dn_> I have a very odd problem with installing zfs on a new machine with a lot of cores/ram. https://nopaste.xyz/?5c47cceb46b9b2f7#HBcoskBzyCKjjKSYaYevePQNoAVzRPd7SdyQHCfapbBw - the native device performance is around 2343MiB/s - but if I make a single zpool with that same device I get only around  bw=340MiB/s (via fio benchmark). With the help of
<dn_> #zfsonlinux I figured out that there is a very high cpu load, while running the benchmark - like loadvg 140+ with a ton of dp_sync_taskq and even more of z_wr_int using all 256 cores. I'm a bit out of ideas why I see this problem. The same happens if I use a SSD instead of an NVME. CPU is an EPYC
<compdoc> dn_, there are people in ##hardware that own and use those cpus. dont know if they are present now, but ask
#ubuntu-server 2020-08-09
<locknet>  Hi everyone!, for some reason my apache2 server is limiting the upload speed. I have a vps with 500Mbps upload speed, but for some reason when I download a file located in /var/www/html/ it's only gives me 6Mbps
<locknet> why is this happening?
<Woet> locknet: that won't happen on a default install
<Woet> check 1) that you're actually getting that upload speed 2) you don't have some speed limiting firewall rule/apache module
<Woet> but 1) is much more likely.
<locknet> Woet, it's a default install, I test the upload speed with Ookla's speedtest CLI
<locknet> and it gives me 500Mbps
<Woet> locknet: that doesn't benchmark the speed to your ISP.
<Woet> locknet: check using something like SFTP.
<locknet> Woet, rsync could works?
<Woet> sure.
<locknet> OK, I'll be back in a sec
<locknet991> Woet, nop, my normal download speed is 20Mbps, but if I try to download from the index of file it gives me 5Mbps
<Woet> locknet991: what about with rsync/sftp?
<locknet991> Woet, the test was done with rsync
<Woet> locknet991: okay, so then your connection to the server is throttled to 5 Mbps, maybe due to bad peering, under capacity, stingy ISP, etc
<Woet> locknet991: whats the latency?
<locknet991> I'm really far away from the server so the normal latency is 220ms
<locknet991> I'll read about bad peering, another user told me the same
<Woet> locknet119: then it's quite normal you don't get your full download speed.
<locknet119> Woet, but just get less than th half of speed?
<Woet> locknet119: that's quite normal.
<locknet119> hmmm, i didn't know it
<locknet119> Thanks you dude
<Woet> locknet119: do a speedtest on your computer and change the location to where your server is.
<locknet991> Woet, yes, as you say I connected to my vpn in there and get 5Mbps. So that is bad peering, right?
<Woet> locknet991: https://networkengineering.stackexchange.com/questions/13079/why-are-downloads-slower-if-the-server-is-far-away
<locknet> Woet, thank you man, you save me a lot of research time
<CuChulaind> Hello. I have installed elasticsearch. I have logstash running and i don't want it to. systemctl stop logstash doesn't do anything, and I show that the service is enabled even after I run systemctl disable logstash. How do I get this java program to stop and NOT be enabled?
<CuChulaind> using killl and PID it just pops back up
<CuChulaind> Can I simply remove the file in /etc/systemd/system to at least disable it?
