/srv/irclogs.ubuntu.com/2009/08/25/#ubuntu-server.txt

cheeseboyi cant get my ethernet working :(00:16
cheeseboysays " eth0: link is not ready"00:16
giovanithen either the cable isn't plugged in on one side, the cable is bad, the switch/hub is bad, or the network card is bad00:16
cheeseboynone of the above?00:17
giovanihow do you know?00:17
cheeseboycause ive checked em all00:19
giovanihow did you check if the network card is bad?00:19
KillMeNowi'm thinking it's a cross over cable and switch tried to auto negotiate it and roll it but was made of fail00:20
giovaniKillMeNow: out of the dozens of possible causes, why that one?00:21
cheeseboygiovani, because its fine00:23
giovanicheeseboy: that doesn't sound like a00:23
giovani*test*00:23
cheeseboyits fine00:25
giovaniok, so you're lying -- you haven't tested it00:25
giovanifeel free to get help from someone else00:25
cheeseboy"it obviously doesnt work cause I say so"00:26
=== qiyong_ is now known as qiyong
ballUgh.  Wish users wouldn't put '*' in filenames02:34
ballit makes my head hurt02:35
Sam-I-Amor name them -rf02:37
Sam-I-Amor.. put carriage returns in them02:37
ballI get a lot of &s and 's...a few *s02:38
ballI'm going to have to install something like mc02:38
* ball sighs02:38
Sam-I-Amwhat are you trying to do?02:38
ballAh, it's alright.  The *s weren't part of the filenames, they were ls -F showing me that some files were marked executable02:44
ballchmod ftw02:44
Sam-I-Amah02:45
ballStill have files with ' and & in the names though02:50
uvirtbotNew bug: #418396 in mysql-dfsg-5.1 (main) "need to port 38_scripts__mysqld_safe.sh__signals.dpatch from mysql server 5.0" [Undecided,New] https://launchpad.net/bugs/41839603:16
mase_workhi guys, i am setting up rssh to allow chrooted sftp access to users and was wondering why /bin/bash needs to be accessable in the chroot. I was under the impression the purpose of rssh was to replace the shell03:19
giovanimase_work: who said bash needed to be in the chroot?03:22
mase_workgiovani: well it fails if it is not in the chroot.03:22
giovanidid you set the user's shell to rssh?03:22
mase_workyes03:23
giovaniwhere is the failure error message?03:23
giovanii.e. how did you come to know it failed?03:23
mase_workit is in /var/log/user and it immediately disconncts the sftp sessions03:23
giovanilet's see the error then03:23
mase_workok 10 secs03:24
mase_workgiovani: ignore me. it seems i have one set up here without /bin/bash which is working .there is obviously something else going on as well.03:29
mushroomtwoanyone know a way to limit ssh login attempts to 3 per hour?03:29
giovanimushroomtwo: do you mean per source ip?03:30
=== mushroomtwo is now known as mushroomblue
mushroombluethat would work too.03:31
giovanithere's no built-in mechanism for that -- you'd have to use a script that watches for logins (failed, presumably) and then actively bans that IP -- which is essentially an IPS (Intrusion Prevention System)03:31
giovaniwell why not describe what your goal is ...03:31
mushroombluesomeone has compromised me over wifi03:31
giovaniyour initial description was an output ... not really a motivation03:31
mushroomblueand I'm pretty sure there's been a man-in-the-middle attack going on via the router.03:31
Wickedhello all. im wondering how i can have a user start up a program at boot....id like for it start a screen session. i tried adding this to the crontab "@reboot /usr/bin/screen &" ...but it does not work.03:32
mushroomblueso all my machines are more than likely compromised.03:32
giovaniWicked: you should add it to the proper runlevels03:32
giovanimushroomblue: how is this related to wifi?03:32
Wickedgiovani, well i just want to start screen for a certain user at boot...i really dont want to add a init script or somehting like that.03:32
mushroomblueI've narrowed down the ways the attacker has accessed the system, and it appears it happened over wifi03:32
Wickedthere has to be a way to have a user be able to start something at or after the machine boots03:33
mushroombluewhich means, I have a douche of a neighbor03:33
giovaniWicked: ok ... "at boot" and "for a user" are entirely different, and not compatable methods03:33
Wickedhow about...id like a program to start under a certain user after the machine is fully booted.03:33
giovanithe proper way to do anything like that is with an init script03:34
giovaniit's just that simple03:34
Wickedhmm ok03:35
giovanibut I really don't think that you should be doing it -- I think you should be looking for a better method to achieve the output you want03:35
giovanimushroomblue: fail2ban, denyhosts, etc -- a bunch of scripts to monitor failed logins03:35
giovaniI'm not sure how limiting logins to 3 per hour has anything to do with preventing an attacker who already has a password03:36
mushroomblueit wouldn't. but it would discourage bruteforce03:36
giovanibut if they already have hacked your system03:36
giovanithere won't be any bruteforcing03:36
giovaniso you need to define your parameters here03:36
Wickedi run irssi and a few other things inside a screen session. i have screen setup to start the programs when screen is started. after the machine is rebooted i would like screen to be started so then my programs will always be running...then i can connect via ssh and reconnect to the screen session03:37
giovaniWicked: why would the system be shut down?03:37
Wickedi thought setting a crontab to do that at boot would work...but it fails to start screen03:37
Wickedgiovani, lots of reasons. mostly...power outages03:37
Wickedor new kernels03:37
mushroombluegiovani: make no mistake, I'm in the process of reinstalling all my servers atm, and flashing the router. I'm just trying to come up with ideas so that there isn't a next time.03:38
Wickedor someone trips over the power cord...03:38
mushroomblueI can't afford another full system rebuild.03:38
mushroomblues/system/network/03:38
mushroombluebut thanks for the tips.03:38
giovanimushroomblue: ok -- but without understanding the attack you're trying to prevent, you're not goign to get anywhere03:38
giovaniWicked: alright, well if you want to use the crontab -- there's no need to add the '&' at the end -- the process isn't going to ever be in the foreground anyway03:42
grim76Wicked: Why not setup .bash_profile to launch screen for the user upon login?03:42
giovaniI presume you added that to your user's crontab?03:42
giovanigrim76: because he doesn't want a new screen session on every login, obviously03:42
Wickedyea03:42
giovaniWicked: and you tested this with a -reboot- and not a clean startup? I'm not sure if it's specific to the former03:43
Wickedand i just want screen to start at boot so all my programs in screen witll be running as soon as the computer boots.03:43
Wickedhttp://rpatterson.net/blog/screen-sessions-at-boot03:43
Wickedim trying that now03:43
Wickedgiovani, ive tried both03:43
giovaniboth what?03:43
giovaniok well that url is using an rc script03:44
giovanilike I recommended03:44
giovanidid you remove the '&' from the end and try a reboot?03:44
Wickedyes03:46
Wickedi added the & because without it it did nothing.03:46
giovanithat seems unlikely, but alright03:46
giovaniit's possible that @reboot isn't supported in your version of cron03:48
giovaniI don't see it in my manpages03:48
Wickedyea.03:49
Wickedthats what i was thinking...that its a newer feature thats not in 8.0403:49
giovanior a custom-compiled one in a major distro, who knows03:50
giovanibut I don't see it documented outside of casual mentions in google03:50
giovanii don't see manpages containing it03:50
Wickedyea me neither. i actually 1st saw the @reboot mentioned on a debian page03:52
Wickedcant remember which one.03:52
giovaniyeah, looks like ubuntu contains cron 3.003:52
giovaniand the only manpage I can find mentioning @reboot is for 4.103:53
ballIs that Gnu Cron?03:53
giovanino ... isc/vixie03:53
giovanithe standard one :)03:53
Wickedah03:53
ballThanks03:54
giovanignu cron doesn't even seem to exist03:55
giovaniexcept in intention03:55
giovanihttp://www.gnu.org/software/gcron/main.html03:55
Wickednice that did just what i wanted03:56
ball"This project has been decommissioned and is no longer developed."03:56
ballhttp://directory.fsf.org/project/gcron/03:56
jmarsdenUmmm   man 5 crontab |less +/@reboot      shows @reboot in the Ubuntu 8.04 crontab(5) manpage, for me at least...04:12
giovanijmarsden: I stand corrected -- you're right, somehow I missed that04:20
twbDebian, at least, defaults to Vixie cron04:21
giovaniyeah, as does ubuntu04:22
=== jtimberm1n is now known as jtimberman
=== pace_t_zulu_ is now known as pace_t_zulu
jtimbermani think theres a vixie cron on aix even04:33
Alex_21I am having trouble with Webdav. I get the Error:  You cannot connect to this server because it cannot be found on the network. Try again later or try a different URL.05:06
Alex_21Here is my Virtual Host configuration: http://paste.ubuntu.com/259068/05:06
Alex_21Any help is appreciated.05:06
Alex_21Please05:07
slapI have a private lan with a domain name gandalf.lan. I'm trying to configure /etc/exports with the following line /sharing *.tolkien.lan(blablabla). But it doesn't work Can someone telling me what I'm doing wrong ?05:12
slapIf I write /sharing *(blabalbla) everything is ok05:12
Sam-I-Amprobably a name resolution problem05:13
slapHow can I check?05:13
Sam-I-Amcan either host ping each other on tokien.lan and galdalf.lan?05:14
slapI'm able to ping the gandalf.tolkien.lan from the cleint05:14
Sam-I-Amwhats the clients name?05:14
slaphal900005:14
Sam-I-Amcan the server resolve that to hal9000.tolkien.lan ?05:15
Alex_21I am using: http://www.howtoforge.com/how-to-set-up-webdav-with-apache2-on-ubuntu-8.1005:15
slapNo !05:15
Alex_21To set up Apache for Webdav05:16
Sam-I-Amyeah, so name resolution needs to work both wats05:16
Sam-I-Amways05:16
Sam-I-Amotherwise use IPs05:16
slapHow can I do that both way ?05:16
Sam-I-Amif you dont have a dns server, make sure they're all defined in /etc/hosts05:17
slapI've already installed DNS.05:17
slapSeems to work ok05:17
Alex_21Any ideas about my Webdav?05:18
Sam-I-Amapparently its not if things arent resolving...05:18
slap'Cause I can ping gandalf.tolkien.lan www.tolkien.lan and tolkien.lan from the cleint05:18
Sam-I-Amof course, all your hosts need to point to the same dns server05:18
Alex_21I see no difference but the paths in my file from the tutorial's pages05:18
Sam-I-Ambut the server..05:18
Sam-I-AmAlex_21: i havent messed with webdav in a long time05:18
Alex_21Can someone check to see if my config file is correct?05:19
slapWhere do I start to configure the server to recognize clients05:19
Sam-I-Amslap: make sure it can resolve your hostnames05:20
Alex_21It is a mission critical webdav share05:20
Sam-I-Amlike... either consider it to point to your dns server in /etc/resolv.conf or edit /etc/hosts ... probably the same way you configured the client05:20
slapTotally forgot to edit resolv! ( I remember reading something about that) Thanks a lot05:21
Sam-I-Amare you trying to get to the webdav server using the URL as configured?05:24
Sam-I-Amits going to be some.domain/base05:25
slapOk, now I can ping it both way. But I still have an access denied when I triy to mount the sharing ? Any clues ?05:32
Sam-I-Amlook in the logs05:32
slapIt says that there is a mount request for a unknown host ??05:36
Alex_21I figured it out.05:37
slapfound it05:37
Alex_21I shouldn't have been so chicken about looking in Apache's logs05:38
slapadd the client's name on /etc/hosts05:38
slapThanks Sam-I-Am05:38
Alex_21Now, I can enjoy this webda share05:39
Sam-I-Amlogs are good05:40
Alex_21Yes.05:41
Alex_21Not plesant when you use a screen reader, but good all the same05:41
slap2Sam-I-Am I'm learning networking on linux. I have one thing I would like to know. If I want a sharing on a medium network with a DHCP service, how can I configure bind and nfs if I have dynamic address. Do I have to use something else ?05:46
slap2Is it possible ?05:47
Sam-I-Amyou can either make sure hosts keep the same name independent of IP... using dynamic DNS... or you statically assign IPs to hosts05:47
slap2no, I would ike to try with dynamic IPs for hosts. So I have to take a look at dynamic DNS, right ?05:48
Sam-I-Amyup05:48
Sam-I-Amor just allow entire ranges of IPs for nfs05:49
Sam-I-Amor domains05:49
slap2Do I have to use bind9 with a different configuration, or there's another deamon05:49
Sam-I-Amisc dhcp talks to bind905:49
slap2No. How can I do that ?05:51
Sam-I-Amtheres documentation out there05:53
Sam-I-Amtime for bed...05:59
Alex_21Thanks for all your help06:09
Alex_21Good night.06:09
uvirtbotNew bug: #416093 in samba (main) "karmic hangs during booting" [Undecided,New] https://launchpad.net/bugs/41609307:00
roxy08Hi there, I just recover my samba server but i cannot access to all of my shared folder even if i have permisions, and still i got error such as cli_lsa_lookup_sids_noalloc(): out of memory07:54
uvirtbotNew bug: #418276 in samba (main) "package samba-common 2:3.4.0-3ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/41827607:55
johe|workshort question, what time is it (in UTC)?08:20
andoljohe|work: date -u08:36
johe|worktoo easy :-)08:36
johe|worki have a problem here with the ldap client auth, user logging works now, but he does not get the groups08:39
=== mdz_ is now known as mdz
soloslingeris there a decent guide that someone can point me to regarding 9.04 and hardware raid?10:23
garymcHi, anyone know anything about RAID. See im not sure what config im best using11:01
garymcI see RAID 1 is all drives are the same and if one goes down you just replace it. But that means that if I have 6 72gb drives in, im only gonna get about 68gb of space?11:02
garymcwhich is ok for my LTSP server, but11:02
garymci need to setup an asterisk server and store lots of calls. Am i best using RAID 5 for that?11:02
\shgarymc: if you want  raid1 over 6 drives, you use RAID1011:08
\shgarymc: which is a mix between raid0 and raid111:08
garymcthanks, but thats my issue i dont really understand raid11:08
garymcso dont know which one is best to use11:08
\shgarymc: http://www.cuddletech.com/veritas/raidtheory/x31.html11:09
garymcim just looking to update the controller array 5i firmware11:09
\shgarymc: it depends on your work setup ... raid5 + databases could be a problem in some cases...then you have raid6 which is similar to raid5 but has two drives which could fail at the same time11:10
\shgarymc: HP?11:10
garymcyes11:10
garymcHP11:10
* \sh is mostly using raid10 for more diskspace with mirroring...and having at least one more redundancy via drbd or directly using HP MSA 60/70 or iscsi solutions for lots of diskspace...11:11
garymchmm lol, i better read up more on it all11:12
garymcim looking to download the firmware for my server, but theres that many differnt packages on the HP site not sure which one to get.11:14
garymcWhat do you think of this one?11:14
garymcSystems ROMPaq Firmware Upgrade Diskette for HP ProLiant DL380 G3 (P29) Servers11:14
garymcwould that be the correct stuff to download and boot my server with?11:14
\shgarymc: there is normally bios firmware updates and smart array updates packages...and there is at least one CD ISO where the latest stuff is on..depending on your configuration...11:15
\shsmart array 5i is old afaik11:15
garymcso do i have to download the 5i firmwarE?11:15
garymcor can i upgrade my firmware to someting else11:16
\shgarymc: for your smart array 5i http://h20000.www2.hp.com/bizsupport/TechSupport/DriverDownload.jsp?lang=en&cc=us&prodNameId=266599&taskId=135&prodTypeId=329290&prodSeriesId=374803&lang=en&cc=us this is the right page11:17
\shfor your dl380 there is some other page....search hp...11:17
garymcthanks11:17
garymc:)11:17
garymctrying to load that link now11:18
\shgarymc: for your ROM update...you need http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=266599&prodTypeId=329290&prodSeriesId=374803&swLang=8&taskId=135&swEnvOID=1085 this page11:18
=== mrchrisadams_ is now known as mrchrisadams
garymcwhats a rom update?11:18
\shgarymc: the smart array bios firmware stuff...it's the bios of your smart array controller11:18
garymcthat first link you gave me lists operating systems11:18
garymcim using ubuntu 9.04?11:19
garymcor Centos11:19
\shgarymc: yes and there is a smartstart maintaince - ROM update...that's what you need11:19
garymcdo i just burn them to CD rom?11:19
garymcand boot the serveR? with it in?11:19
\shgarymc: dunno...I'll have a debian OOB installation for this to update..cause I'm not really convienced that HP is supporting my ubuntu 64bit setup ;)11:20
garymcahh ko11:21
garymcok11:21
garymcwell im running 32bit as 64 bit wouldnt work?11:21
garymcor wouldnt go on11:21
\shgarymc: ah no...hp is supporting debian 32 + 64bit ... but as there are some kernel modules which I didn't test against ubuntu 32 or 64bit I can't say if it works...problem is that my HP supporter always tells me "You know more about this crap then I do" and I don't have the time to test it11:22
garymcok lol11:22
\shgarymc: next target of my work is to implement HP SIM for our server infrastructure and then I have the time to test HP drivers on Ubuntu11:23
garymccool, busy busy :)11:23
Davieyh11:36
jpdsDaviey: ...12:04
sergevnhi12:37
sergevni have a question, how can I install and configure truetype fonts for php?12:37
Davieysergevn: I'm kinda confused what you want to achieve.. php will produce valid output, but the fonts really need to be client side..12:44
DavieyUnless you are trying to create images or similar sergevn ?12:45
sergevnDaviey: yeah images :)12:45
Davieyah12:46
sergevni am trying to use imagettfbbox() but getting error it cant fint the font.12:47
Davieysergevn: unless i'm mistaken, it uses a full path12:48
Davieyyou can't just say $font = "somefont.ttf";12:48
Davieyso you could just drop the somefont.ttf to the same location as the .php script12:50
sergevnyeah im doing that.12:52
sergevnstill error12:52
sergevnthat's the weird part12:53
sergevnand on "another" webhoster it does work12:53
Davieysergevn: http://uk.php.net/manual/en/function.imagettftext.php#9058012:56
Davieysergevn: you might get more specifc help in a #php channel.12:57
sergevnDaviey: you saved my day13:00
sergevnit works :)13:00
Davieyheh13:00
soloslingeris there a decent guide to making 9.04 work with hardware raid?13:05
soloslingereverything seems to want to send a person to software raid13:06
tarekeldeebHello all, I want to build an ubuntu based lab, with fat-client config. Login+home mount should be authenticated using LDAP. Can any1 guide me to the needed howto documents?13:07
Davieysoloslinger: to get hardware raid *working* is often irrelevant to the OS.13:08
pmatulissoloslinger: that's b/c with hardware raid the OS does not know anything about the raid configuration.  it will see one drive when there are actually two (RAID1)13:08
pmatulis(for instance)13:08
Davieysoloslinger: hardware raid just presents the raid disk as a standard block device.13:08
soloslingerpmatulis: I have configured hardware raids for use with other operating systems, but I can't seem to get ubuntu's server installer to want to recognize it.13:09
tarekeldeebCan any1 support me, please ?13:09
pmatulissoloslinger: k, that's different13:09
=== cjwatson_ is now known as cjwatson
Davieytarekeldeeb: however, monitoring the raid device is normally the responsability of the OS.13:09
Davieysoloslinger: What make/model raid contoller are we taling about here?13:10
pmatulissoloslinger: maybe ubuntu just doesn't support that particular controller13:10
soloslingerpmatulis: that is my sneaking suspicion(sp?) unfortunately...  Daviey: I'd hafta reboot the box and look, it's in a fairly new 1 u server, an hp dl160 g513:11
Davieysoloslinger: ahh, is it hp raid?13:11
pmatulisThe spelling of suspicion is correct13:12
soloslingerDaviey: yeah.13:13
Davieysoloslinger: Then it is probably cciss, and i dislike it :)13:13
soloslingerpmatulis: ty  =)13:13
Davieysoloslinger: What version of Ubuntu are you trying to use?13:14
soloslingerDaviey: most likely it is.  Am I SoL tryin to get the ubuntu installer to see it?   9.0413:14
Davieyno.. it should work.13:14
soloslingerkk13:15
soloslingerI'll hafta play with it when I have the opportunity to bring the server down for longer.  Is there some docs somewhere that you (or someone else) could point me to?13:15
soloslingerDid some googling for that, but everything comes back with software raid tips13:16
Davieysoloslinger: The "disk" should show under /dev/cciss13:16
soloslingeryeah13:16
soloslingerBut as the installer moves along, even if I want to do partitioning manually, I don't see it prompt me to specify a device to use as a disk13:17
Davieyie, $ ls /dev/cciss/13:17
Davieyc0d0  c0d0p1  c0d0p213:17
Davieysoloslinger: Can you confirm you are using the Ubuntu Server disk, or the Ubuntu Desktop?13:17
soloslingerDaviey: I am fairly certain I am, nobody here runs Ubuntu for a desktop, so there shouldn't be a cd of it laying around.  If I install to one drive it doesn't try to get me to put a WM on like the desktop installs I did once upon a time.13:19
Davieyok, great.13:19
soloslingerDaviey: I would say I am fairly certain I am using a Server disk.13:19
pmatulissoloslinger: is it graphical or ncurses (blue)?13:19
soloslingerpmatulis: blue13:20
Davieysoloslinger: When you get to the disk management area, what do you see?13:20
soloslingerDaviey: It first prompts me for something to the effect of "Do you want to enable Serial ATA RAID" with a yes, no and cancel.  Regardless of if I select yes or no, the next screen where normally the partitions are built is blank.  In other words, there isn't a "disk" there to divide up the partitions.13:22
maswanOne trick could be to switch to a shell prompt (alt+f2) and type lspci to find out what storage controller it actually is13:22
maswanI'm not sure that the dl160 has a real cciss13:23
Davieyi'll bet it's the P400.13:23
soloslingerDaviey: You'll hafta forgive me too, i needed something up by the time I left today so I am going from memory an hour or so ago.13:23
Davieysoloslinger: no worries, can you try what maswan said?13:23
tarekeldeebsorry for duplicating, but i need support13:23
tarekeldeebHello all, I want to build an ubuntu based lab, with fat-client config. Login+home mount should be authenticated using LDAP. Can any1 guide me to the needed howto documents?13:24
soloslingerIf I switch to a shell prompt and build the partitions via Fdisk, could I switch back into the installer and carry on like normal?  I am comfortable using Fdisk.13:24
tarekeldeeb:(13:24
maswansoloslinger: I'm not sure offhand if fdisk is included in the environment, parted and probably sfdisk is13:24
maswantarekeldeeb: Hm. Don't really know. We use kerberos auth.13:25
soloslingerDaviey: I will try the next time I can bring the server down for any time.  I am fortunate that it's in a cluster of a couple other servers, so losing a disk will suck, but it could be worse.13:25
Davieytarekeldeeb: There are a bunch of ways, perhaps if you hit the ubuntu-server mailing list, you'll get a better response.13:25
Davieysoloslinger: ok.. what OS is it at the moment?13:26
soloslingerubuntu 9.04, I just have it running on one disk atm13:26
=== freeflyi2g is now known as freeflying
soloslingerDaviey: you want the output from a lspci ?13:26
Davieyahh, you can just ssh in and run some commands :)13:26
tarekeldeebkerboros, is it better than LDAP? Or you seek windows clients interoperability ?13:26
Davieysoloslinger: please.13:27
Davieysoloslinger: Also, fdisk -l would be handy13:27
tarekeldeebDaviey: thanks ..13:28
soloslingerDaviey:    lspci = http://pastebin.com/d6e9ca9a413:28
Daviey631xESB hmm13:29
soloslingerDaviey:  fdisk -l = http://pastebin.com/dd2f5c3c13:29
Davieyi was wrong :)13:30
Davieysoloslinger: for a two disk setup, is there a reason you dont want to use software raid?13:30
soloslingerDaviey: haven't really weighed the pros and cons out yet.  Figured it had the hardware for a hardware raid, might as well use it.13:31
Davieysoloslinger: I can see your point, but for 2 disks - there is no real extra overhead for a mirror / RAID-113:33
Davieyand actually, you get some bonus.. you can pull the disk out and put it in any server, not locked to the RAID controller card13:33
Davieyit's easy to monitor.13:33
soloslingerDaviey:  I suppose so.  What are you seeing that put the nail in the coffin to the hardware raid idea for my future reference?13:34
Davieysoloslinger: I haven't used hardware raid with 631xESB.. but it was the fdisk -l, that showed 2 disks made me mention it.13:35
soloslingerDaviey:  ah.  Gotcha13:35
Davieysoloslinger: mdad really is your new best friend :).13:36
soloslingerDaviey, maswan, pmatulis: I appreciate your time and help.  I get to get outta here and get some sleep!13:37
soloslingerDaviey:  Yuup.  Sounds like I got some reading to do.13:37
Davieynn soloslinger, let us kow how you get on.13:38
soloslingerwill do13:38
garymcyo, im installing new firmware for my HP server and its stopped at 82% :(13:38
garymcshould i just wait?13:38
pmatulisfirmware?  for what device?13:39
garymcArray controller 5i13:39
garymcRAID13:39
pmatulisok13:39
garymcall seemed to be going well then it stops, just sitting there :(13:39
garymc:)13:40
garymcnow its done lol13:40
pmatulisok13:40
garymcanyone tell me if I can have 4 X 146gb drives in my Server13:44
garymc3 of them setup as a logical drive as RAID 1 and one of them spare13:44
garymcand the fourth 146 as Logical drive on its own as RAID 013:44
garymc?13:44
_rubenboth raid0 and single drives arent raid13:45
garymcso would the RAID 0 drive be its own drive for extra storage?13:45
garymcso I could remove it  when backing up?13:45
garymcOr should I set the 4 DRives up as RAID 1+0 and have two of them as Spares?13:46
garymcdecisions decisions13:46
garymcits for a UBUNTU LTSP server13:46
_rubenyou cant do raid10 with 2 spares with just 4 disks13:46
_rubenraid10 has a 4disk minimum without spares13:46
_ruben(except for the software raid10 in linux, which can do fancy raid10 setups with odd number of drives for instance)13:47
smoserjdstrand, so yesterday you mentioned to me that passing sensitive data to a application via environment was not secure ? why is that? i'm not aware of a way in which a non-root user can view environment of another users' processes.13:47
_rubenit pretty much comes down to how much performance and how much storage you need13:47
garymcwell my RAID config is letting me setup RAID 1+0 with 2 drives and two spares?13:48
uvirtbotNew bug: #418342 in mysql-dfsg-5.1 (main) "akonadi-server prevents install of mysql-server-5.0" [Undecided,New] https://launchpad.net/bugs/41834213:48
garymcwhat linux software can i get that does that _ruben13:48
garymcis it in the GUI or command prompt?13:49
garymcim better with gui13:49
garymc:)13:49
_rubengarymc: mdadm .. not sure if there's a gui for it13:50
garymcok13:50
garymcis RAID 0 just pure disk space?13:51
Tom_Assand performance13:53
_rubenraid0 isnt raid (as the r in raid stands for redundant, and raid0 doesnt offer redundancy) .. it basically 'glues' 2 or more drives together .. same as with using multiple pv's in lvm13:53
garymcok well ive setup two logical drives in the array controller13:54
garymcone RAID 0 146gb drive13:54
garymcand 3 Raid 1+0 (2 plus a spare)13:54
_rubenperformance is one of the most common reasons for raid0 .. its nice for video editing for instance13:54
garymcWill this work?13:54
garymcI want to use the single 146 as a data backup13:54
_rubenlike i said, a single drive isnt raid, not even raid013:54
garymcwill it show up as a seperate drive in ubuntu?13:54
_rubenand im not sure how your raid controller does it, but in my book, raid10 over 2 disks isnt possible13:55
garymchmm posible its RAID 1?13:55
_rubencould be13:55
garymcthats over 313:55
garymcone as spare13:55
garymcjust trying to work out the best setup of this stuff13:55
_rubenraid1 with 2+1 disks is fairly common13:55
garymccool but i got a RAID 0 on there too13:57
garymcin the fourth slot13:57
garymcwill this work?13:57
jdstrandsmoser: it is an unnecessary risk imo. subprocesses will inherit it, which might not be what you want. the same user can get to it (of course), root can get to it (of course). There might be other ways I'm not thinking of. IMO it will be difficult to get right, and if you do get it right, you may not have covered everything for another platform13:58
jdstrandsmoser: I also googled it to see if I was missing anything and came across: http://dev.mysql.com/doc/refman/5.0/en/password-security-user.html13:59
_rubengarymc: it probably would14:00
smoseron linux the "extremely insecure" would seem a bit incorrect14:00
smoseras "If you set MYSQL_PWD, your password is exposed to any other user who runs ps." is as far as i can tell explicitly wrong14:01
smoserso anyway... i agree that without care, environment is longer lived than data written to a pipe.  but loads better than other ways.14:02
smoserand actually, i *think* that mysql was where i first saw this... if you do run '-pMYPASSWORD' as a command line argument, it reads that, and then writes over its argv space, so that the 'ps' only shows 'XXXXXXX'14:03
jdstrandsmoser: yes, but it is in ps output for a split second in that case14:05
smoseryeah14:05
smosers/second/milli secong/ but yeah14:05
smoser:)14:05
jdstrandsmoser: it's not particularly hard to win those kind of races14:06
smoserfair.14:07
smoserjdstrand, do you know, is it actually the case that environment is intended to be "secure" on linux ?14:07
smoserie, as a general goal rather than just happenstance that the /proc/<pid>/environ has secure perms14:07
jdstrandsmoser: I think it is hoped to be, based on /proc/<pid>/environ14:08
smoser(i realize not pure happenstance, but wonder if it would be considered a bug if it would be treated as a security issue if that were leaked elsewhere)14:08
smoserjdstrand, thanks.14:08
jdstrandsmoser: of course, I've seen kernel bugs where the permissinos end up wrong in /proc/<pid>14:09
jdstrandsmoser: based on /proc/<pid>/environ, you *probably* are ok to use it, but still are dealing with subprocesses and root. I don't know exactly what you are trying to do, but if it is ec2, protecting against root where feasible would be a good defensive stance14:11
jdstrandsmoser: I don't claim to know every means of getting at the environment, but it doesn't feel right14:11
jdstrandsmoser: kees and mdeslaur may want to weigh in as well14:12
smoserjdstrand, it was just a general question, really, but came up in context of ec2-ami-tools (from amazon) which expose "secret-key" on cmdline and provide no other way to pass it (that i'm aware of)14:13
smoserhow much hope does one actually have for protecting against root ? is that a reasonable goal?14:13
smoserjdstrand, i would say that if you were a program reading sensitive data from environment you should take care to un-set that data after reading14:14
mdeslaursmoser: a real fix would be to use a config file, as mysql does. You should file a bug with amazon to get that implemented.14:14
jdstrand(I recommended that initially)14:15
smoserso how is a permanently stored plaintext password in a config file more secure than just about anything... definitely not safe from root.14:15
mdeslauroh...good luck protecting from root14:16
jdstrandsmoser: those are two different points14:16
* mdeslaur has not followed the whole thread14:16
kworkyou should always protect your stuff from root14:16
kworkbecause root is the evil man14:16
smoserit would seem to me that plain text password in a text file is not really more secure than environment on linux14:16
jdstrandsmoser: you can't fully from root, cause there could be a keylogger14:16
jdstrandsmoser: and of course root has access tot he file as well as /proc/../environ14:17
mdeslaursmoser: most "debugging" scripts people run grab the user's environment14:17
smoserright. thats what i was thinking... doesn't really matter what you've done if there is evil root14:17
jdstrandsmoser: I don't know the application, but prompting for the password and piping it into a command via a shell built-in is safe from all but a key logger and memory attacks14:18
jdstrandsmoser: my point wrt to the env is that 'ps auxwwe' will show all the environment as root. if the perms in /proc/.../environ happen to be wrong (I'm assuming ps is looking at that), your screwed14:19
jdstrandsmoser: if you don't use the environment, you are protected from such matters14:20
mdeslaurwhat's the debate here? storing passwords in environment variables?14:20
jdstrandsmoser: imho, when dealing with ec2 private keys, I think a defense in depth is in order14:20
smosermainly, yes.14:20
jdstrandmdeslaur: it's not so much a debate as a discussion14:20
smoseri'd say an education of smoser more than debate14:21
jdstrandmdeslaur: but that is what I thought you might want to weigh in on. it makes me feel queezy14:21
jdstrandqueazy?14:21
mdeslaurwell, environment variables aren't usually considered confidential. A whole slew of scripts pick up the environment variables when submitting bug reports, etc.14:21
* jdstrand goes with qweezee14:21
smoserjust fyi, i verified that /proc/<pid>/environ is apparently read-only even to <pid> and recorded at invocation time14:21
smoser PASSWORD=bar bash -c 'PASSWORD=XXX; unset PASSWORD; sleep 30' &14:21
smoser[4] 653014:21
smoserlooking at environ of 6530 still shows "PASSWORD=bar"14:22
jdstrandmdeslaur: that is an excellent point14:23
jdstrandif there is a bug, a user would happily run 'sudo apport-collect -p ...' if asked to in a bug report14:24
jdstrandnow you have to make sure your apport hook doesn't submit it, but then you can't protect against ad hoc debugging scripts14:25
mdeslaurlike "ipsec barf"14:25
smoserjdstrand, apport-collect does tell the user "please look for confidential data"14:25
mdeslaurand phpinfo()14:25
smoserbut yeah, probably they're not going to :)14:25
mdeslaurand whatever else14:25
jdstrandsmoser: apport-collect does? I'm pretty sure it just runs and submits (note, apport-collect is for adding info to a bug after it is filed, and separate from apport-cli and apport-gtk)14:26
smoserjdstrand, ok... i'm probably wrong yet again... i was thinking of 'ubuntu-bug foo'... i sweare it used to say "if you weren't doing anything confidential..."14:27
smoserbut it doesn't seem to say that now. it really should.14:27
jdstrandsmoser: you are right about that-- it will give you a chance to look at it :)14:27
jdstrandsmoser: it does give you a chance to look at it though14:28
jdstrandsmoser: regardless, using env seems brittle at best14:28
smosermdeslaur, jdstrand thank you for environment-variable-security-101 class.14:30
jdstrandsmoser: I think apport will say the confidential bits if it grabs a crash. ubuntu-bug may not prompt for anything, but gives you a way to see what youa re submitting. apport-collect just does it14:30
mdeslaursmoser: the other thing, is environment variables being private may not be portable14:31
jdstrandI'm not an apport expert, but pretty sure that is how it works14:31
smosermdeslaur, i agree, its not portable to other unixes14:32
smoserbut does anyone care about other unixes ? :)14:32
* smoser ducks14:32
mdeslaursmoser: what other unixes? :P14:32
mdeslaursmoser: amazon may care14:32
smoseri think larry ellison owns a unix14:33
smoserhe owns a lot of stuff14:33
mdeslauralso, some people use some legacy OS called "Windows"14:33
sorenjdstrand: It's "queasy" isn't it?14:36
jdstrandsoren: aha! that's it14:36
jdstrandsoren: though, I think qweezee is more fun14:36
* soren agrees14:36
jdstrandat least as fun as feeling 'barfy' can be14:36
Tom_Assit's not fair to other legacy software to call Windows legacy ;D14:37
sorenmdeslaur: Environment variables under Windows are freaky in all sorts of ways, though.14:38
sorenmdeslaur: Processes that can modify each other's environment makes me cringe.14:39
sorenjdstrand: Heh... "barfy". That's good.14:39
jdstrand:)14:40
ScottKFYI, I just put in a big stack of sync requests that should result in a working turbogears2 for Karmic.14:42
garymcI just installed Ubuntu LTSP on my server with the RAID config above ^^ 3 RAID 1 , one as a spare and One 146gb as RAID 0.14:51
=== giovani_ is now known as giovani
garymcNow the 146gb RAID 0 drive shows up in the file system, but it says unable to mount when i click on it14:52
ballhello garymc14:52
ballA single RAID 0 drive *makes no sense*!14:53
Tom_Assgarymc, is that 5 disks total?14:53
ivoksball: remove 'A single' and 'drive'14:53
ballivoks: There are probably a few applications where non-redundant striping is justified (e.g. video editing scratchpad).14:54
ttxivoks: anything special I should know about before acking your openais sync request ?14:54
ball...but not on a single drive ;-)14:54
garymclol ball, i was just thinking maybe using it as a mass storage device you know for extra disk space14:55
ballgarymc: that's not RAID-0 though.14:55
ivoksttx: nothing special...14:55
=== clusty_ is now known as clusty
ballthat's just a disk.14:55
garymcno? it says it is in the Array utility, just updated firmware too14:55
garymcohh ok14:55
garymcI cant mount it anyhow in my Ubuntu Ltsp setup14:55
ballgarymc: you may want to remove it from your RAID controller's list of drives to use.14:56
garymcand i know now it aint a good idea14:56
garymci will14:56
garymcjust delete it and remove it?14:56
garymcor can i do something else with it14:56
garymcmaybe make it another spare?14:57
ivoksttx: there will most probably be additional syncs from debian later14:57
ivoksttx: but i'd like to have everything in place before FF14:57
ttxivoks: sounds like a good idea14:57
ballgarymc: are the three disks (RAID-1 mirror and a standby drive) all 72 Gbytes?14:57
garymcyes but 146gb now14:59
ivokssound of dell t300 booting14:59
=== ivoks_ is now known as ivoks
ttxivoks: acked15:02
ivoksttx: :* thanks15:02
ttxivoks: in all cases it sounded better than what was already there :)15:03
ivoksright... i'll upload pacemaker once openais settles down15:03
ivoksand somebody will need to sync rhcs15:04
ivoksand that's it15:04
ivoks0 time spent on mail stack :( :( :(15:04
garymcanyone know where MySql likes to save the databases you create?15:19
ivoks /var/lib/mysql15:20
Steve[mbp]morning everyone15:20
* ball waves15:20
balloooh, we have a meeting today, right?15:20
ivoksyep15:20
ballIs that in here or in #ubuntu-meeting ?15:25
ewookooh. Meetings.15:25
ewookwhat time?15:26
ttxball: #ubuntu-meeting15:29
ttxin 30 minutes15:29
ballThanks15:30
heath|workwhat package do I need to install to be able to compile apache modules with apxs ?15:31
heath|workI see, the development headers15:31
Sam-I-Amjoin #ubuntu-meeting15:46
Sam-I-Amoops15:46
andolSam-I-Am: Thanks for the reminder :)15:48
Sam-I-Amhaha15:48
giovanihmm, so crontab in ubuntu (and other linuxs ) doesn't seem to support a backslash dor multiple lines -- but freebsd does -- despite using the "same version" of cron15:51
Jeeves_If you need more than one line, wouldn't a script be nicer?15:59
giovaniin some cases16:00
giovaninot always -- just annoying that it's available somewhere and seems simple to have16:00
garymcstgraber is this documentaion, does it work with Ubuntu LTSP or do I need to install Ubuntu server on the one I want to add as a cluster to my main LTSP server?16:06
Davieychaps -> meeting16:07
sorengiovani: If it's the same version, they'll act the same.16:07
garymcstgraber: O k I need to follow those instructions youve done to the tee16:08
garymcpretty good rigth up and thanks for providing this16:09
garymc*write16:09
jbernard__ive just uploaded libcgroup (http://revu.ubuntuwire.com/p/libcgroup) to REVU, if anyone has some cycles to review it I'd be very grateful16:09
garymcsorry wrong room :S16:10
ewookscary dealio with how meetings are conducted.16:14
giovanisoren: putting "same version" in quotes wasn't accidental -- and that's false -- different distros apply patches and keep the upstream versions the same all the time16:26
=== nxvl_ is now known as nxvl
ewookI don't get the idea of holding back bacula 3.0.x.16:54
ivoksFF is day after tomorrow16:59
ivoksand nobody looked at bacula and the merge isn't quite trivial17:00
ewookFF?17:00
ivoksfeature freeze17:00
ewookmind you, this is my first meeting.17:00
ewookah.17:00
mdzsoren/smoser: I wanted to check on how testing is done of the UEC/EC2 images for milestones17:01
mdzI looked in the test tracker at http://iso.qa.ubuntu.com/ but they aren't there17:02
mdzwhere do you report the test results?17:02
sorenmdz: It's manual at the moment. there's a testing matrix on the iso tracker.17:02
mdzsoren: oh, did I overlook them?17:02
aubreDaviey: is Thursday the last day to submit tips for karmic?17:02
sorenmdz: To be honest, I've not used it. I just talked to slangasek about it, and he said he was putting it up there.17:02
mdzI looked at the left in the list of products, and under the server section17:02
Davieyaubre: no.. should still be ok after that..17:02
mdzsoren: who performs the testing?17:03
Davieyaubre: it's not been uploaded yet anyway.17:03
aubreDaviey: ok, it's not like it would break anything. Is it going to be in karmic?17:03
sorenmdz: For Alpha4, I did. I forget who else.17:03
Davieyaubre: should be, just resolving some issues before it gets uploaded.17:03
sorenmdz: They're listed as UEC images.17:04
mdzsoren: I have looked all around and can't find them. can you give me the URL if they're there?17:04
ivokstake care17:04
sorenmdz: In light of the... um.. interesting kernel issues we're seeing on EC2, we should probably track those separately.17:04
sorenmdz: I chose the "All" filter.17:05
aubreare theimages working ok in UEC?17:05
sorenaubre: I'm not familiar with the filtering magic in the ISO tracker. Perhaps "All" is the only way to see it.17:06
mdzsoren: weird, they do show up there, but not anywhere else that i see17:06
mdzsoren: in any case, it shows no test results submitted17:06
mdzsoren: and most of those tests are nonsensical for UEC and EC217:06
mdzso we need to get the test tracker sorted out, and then make sure that all milestone test results get reported there17:06
sorenmdz: It's something slangasek and I agreed to revisit for the next alpha.17:07
sorenmdz: Alpha4 did have a bit of a  "this is the first time we're doing alphas of these things" feel to it.17:07
ttxmdz: I'm about to call it a day, did you have any question not EC2/UEC related that you wanted answers for ?17:07
mdzsoren: we had discussed the possibility of getting the daily UEC images into EC2 as AMIs.  wheer does that stand?17:07
mdzttx: yes17:07
ttxmdz: fire17:08
mdzttx: what is the status of "user login leverages directory infrastructure" in Karmic today?17:08
sorenmdz: It was a useful experience, though. It uncovered a lot of things, such as the need to specific tests we need to put on the ISO tracker, for instance.17:08
mdzttx: should I address all EC2/UEC questions to soren then?17:08
mathiazmdz: waiting on openldap upstream to deliver the feature17:08
mathiazmdz: will require a FFe for 2.4.1817:08
mdzmathiaz: what other work is remaining in Karmic for that spec?17:09
mdzother than openldap 2.4.18?17:09
ttxmdz: yes.17:09
mathiazmdz: package sssd - it's under testing right now17:09
dendrobatesmathiaz: is that correctly reflected in the status page?17:09
ttxmathiaz: shoudl be done sometime today, right17:09
mathiazmdz: as upstream released their version yesterday - it should be in karmic before FF17:09
ttxdendrobates: it's up to date on the Canonical Server team Operational plan page, yes17:10
mathiazdendrobates: nope - last time I updated the status page was on Friday17:10
smosermdz, regarding daily UEC images into EC2 as AMIs, I was planning on looking at adding code to do that to the automated builds17:10
mdzdendrobates: the status page shows it as "on track" but we are 2 days away from "missed the deadline" so I thought I'd check17:10
ttxmathiaz: I updated it for you.17:10
mathiazdendrobates: and the news I got arrived yesterday late (my time-EST)17:10
sorenmdz: We haven't had time to look into that. I've scripted the entire process, though, so just need to find out if a) we can pull the images at will (so we don't end up having thousands of images on EC2 for no good reason), and b) where we'll be running the scripts to do this automagically.17:10
mathiazttx: ah ok - thanks.17:11
smosermdz, regarding updated-ness of ec2 mirrors, I just verified that at least the us is up to date and sources.list is functional to point at it17:11
smoserhttp://pastebin.com/m2601b85c17:11
ttxmdz: status page shows "Has issues that need to be resolved in order to make the release" for that spec17:11
mdzsoren: do you think it is worth doing for 9.10, or should we put it off until Karmic+1?17:11
clustyhey17:11
=== Faust-C is now known as VirtualDisaster
mdzsmoser: thank you. can you clarify who is responsible for the operation of those mirrors? is it canonical IS?17:11
sorensmoser: I think it's worth revisiting for this release.17:11
sorenErr..17:11
sorenmdz: I think it's worth revisiting for this release.17:11
smosermdz, i don't know that.... soren said IS, i have no info to refute17:11
dendrobatessoren: I think we should defer that to 10.0417:12
mdzsoren: do you have a name for someone in IS who is responsible?17:12
sorenmdz: For what, exactly? The mirrors? I've only talked to elmo about it, I think.17:12
mdzsoren: yes, the mirrors. OK.17:12
ttxmdz: anything else ?17:12
clustyi am having some issues using LDAP as a source for usernames (network auth). I installed the LDAP server and can query it locally with ldapsearch. Also installed lib-nss-ldap and configured it to the best of my knowledge17:13
clustyhttps://help.ubuntu.com/community/LDAPClientAuthentication17:13
mdzttx: lots, but all the rest is EC2/UEC, so if you don't have information on those projects, I guess there is no need to stick around17:13
clustyunfortunately when I do a getend i don't see any user from LDAP17:13
clustyany ways how i can debug what is going on?17:13
ttxmdz: I have some, but soren has much fresher information.17:13
ttxmdz: what TZ are you in currently ?17:14
mdzsoren: what's the story on EC2UpgradesSpec?  it's low priority and 0 of 4 work items are complete, so it sounds like "defer to post-Karmic"17:14
sorenttx: Have a nice evening, talk to you tomorrow.17:14
mdzttx: UTC+117:14
ttxmdz: ok, so we should be able to discuss any remaining questions with you tomorrow morning.17:15
mdzbut I will be staying around until I have a clear idea of what's done vs. not done for feature freeze17:15
mdzttx: the rest of this week I will be UTC-7 FYI17:15
sorenmdz: It's been blocked on the whole kernel thing. It's something I'd really, really like to do for this release, I have most of the code on my side, it just needs testing on EC2. It's very much worth an FFe.17:15
mdzsoren: what's "the whole kernel thing"?  the bug(s) which cause boot failure?17:16
sorenmdz: Yes-ish :)17:16
sorenmdz: The absence of a karmic ec2 kernel.17:16
sorenmdz: ...which is caused by the boot failure bug(s).17:17
mdzsoren: absence?  I thought it was just unreliable17:18
sorenmdz: That's the Jaunty kernel.17:18
mdzsoren: what's the story with the karmic kernel (bug numbers?)17:18
sorenmdz: I'm not sure there is a bug report on it. It has simply not been delivered.17:19
mdzsoren: what's included in the karmic UEC images then?17:19
mdzoh, a non-xen kernel of course17:19
sorenmdz: UEC images do not contain kernels.17:19
mdzsoren: so what's in the karmic alpha 4 AMIs on EC2?17:20
mdzthe amazon kernel?17:20
sorenmdz: An Intrepid kernel.17:20
mdzoh dear17:20
soren...from Amazon.17:20
sorenWell, the one we've been using for Intrepid on Amazon.17:21
soren"oh dear" indeed.17:21
soren:(17:21
sorenI'm well aware that this is bad in more ways than I'd like to enumerate. We needed a kernel that worked.17:22
mdzsoren: under the circumstances, I'd like to propose that we drop the kernel upgrades project, since we have our hands full getting even one kernel working17:22
sorenmdz: Well, getting a kernel working is the kernel team's job.17:23
sorenmdz: So that does not take time from us.17:23
sorenmdz: Other than the poking and nudging and all that.17:23
mdzsoren: moving on to UEC, what's the status of eucalyptus 1.6?  I see there's a snapshot from bzr in karmic17:23
sorenmdz: Correct.17:24
mdzsoren: how is it working?17:24
sorenmdz: It's still settling somewhat.17:24
sorenmdz: There are some upgrade issues (conffile handling) that are causing problems.17:25
foolanomathiaz: sorry i was away during the meeting, i though I would be available but I couldnt make it :(17:25
sorenmdz: ..and some other bits and pieces.17:26
mdzsoren: does it pass a smoke test on a fresh install?17:27
sorenmdz: The reason for the bzr snapshot is that upstream hasn't actually tagged their 1.6 release yet. They are also stabilising. I'll grab the freshest code tomorrow evening or Thursday morning, so we're as close to their final relaese before FF.17:27
sorenmdz: I've not had a chance to test that yet.17:27
sorenmdz: ...since it doesn't really work very well in a VM.17:27
mdzsoren: when will the seed changes land to put eucalyptus on the CD?17:28
sorenmdz: The NC because it needs to run virtual machines (which is tricky inside a virtual machines) and the other stuff because the networking is special.17:28
sorenmdz: They landed a while ago.17:28
sorenmdz: I think.17:28
* soren checks17:28
sorenmdz: cd-build-logs agrees.17:30
mdzcommitter: Colin Watson <cjwatson@canonical.com>17:30
mdzbranch nick: ubuntu.karmic17:30
mdztimestamp: Tue 2009-08-11 13:57:54 +010017:30
mdzmessage:17:30
mdz  add eucalyptus-simple-cluster and eucalyptus-node tasks, for foundations-karmic-cloud-setup-in-server-installer17:30
sorenYup.17:30
mdzsoren: so that's blocked on eucalyptus getting promoted to main?17:30
sorenYup.17:30
mdzwhat's holding that back?17:30
sorenEyes and hands.17:30
sorenWe're waiting for the MIR team.17:31
sorenExcept for a few cases where I need to fix up a few things. The vast majority is java dependencies which simply need a review from the MIR team.17:31
mdzsoren: who is working on that?17:32
sorenmdz: lool and pitti, I believe.17:32
mathiazfoolano: np - we've got the update17:32
sorenmdz: I seem to remember overhearing something about the rest of the team being on holiday.17:33
sorenmdz: Don't quote me on that, though.17:33
mdzsoren: since we're almost out of time, I think we need to be tracking it more closely17:33
mdzespecially if the people who would normally work on it happen to be on holiday17:33
mdzhow can I help move it forward?17:33
sorenmdz: I'm not sure what more we can do. We poke and prod as much as we can without being excessively annoying. :)17:34
ttxmdz: the whole MIR team is working on that17:34
ttxthough so far only asac did some reviews.17:34
ttxand lool on the C ones.17:34
mathiazttx: hm - regarding sssd17:34
mathiazttx: the packaging is ready17:34
mdzttx: there is a fine line between "everyone is accountable" and "no one is accountable" ;-)17:34
ttxmdz: indeed17:34
sorenmdz: :)17:34
mdzif no one is working on it, it will not get done, no matter how many people are on the MIR team17:35
mathiazttx: but sssd doesn't work on karmic - related to dbus being broken17:35
mathiazttx: does it make sense to upload the package to karmic even it's broken?17:35
mathiazttx: with upstream being aware of the issue?17:35
mdzit sounds like what you need is a commitment to get the remaining reviews processed, and the packages promoted to main, in the next two days17:35
sorenmdz: Correct me if I'm wrong, but I don't believe we usually consider main promotions covered by feature freeze?17:36
ttxmdz: during my meeting with the MIR team, they said it was ok to do MIR stuff after FF... though in our case it clearly screws up the delivery of the feature on the CD.17:36
mdzsoren: they're correct in that we can promote things to main post-FF. however, you can't deliver your features until those MIRs are processed.17:37
ttxmathiaz: would it require a fix in sssd to be working, or just a future fix in dbus ?17:37
sorenmdz: Ah, yeah, we do have the "*-on-a-cd" spec.17:37
mdzsoren: and if I'm not mistaken, the foundations team has a feature goal which depends on eucalyptus being on the CD, and they won't be able to land that either17:37
mdz(the cloud installer)17:38
sorenmdz: *nod*17:38
mdzso it's not OK to put that off17:38
mdznext, the virtual appliance project17:38
mdzI see that alfresco has landed in partner, which is great17:38
sorenOh, we're not actively delaying it :)17:38
mathiazttx: I don't know - bug is under investigation17:38
mdzbut who is working on making the appliance?17:38
sorenI am.17:38
ttxmathiaz: if the dbus bug is tracked and milestoned appropriately, I'd upload the package, not working but not broken in itself17:39
mdzsoren: sounds like you have a lot on your plate17:39
mdzsoren: is there anyone else who can work on some of these things, to let you focus more?17:39
ttxok, now I really need to go or I'll die.17:39
mathiazttx: hm - well the package doesn't install since the daemon is not able to start17:39
mathiazttx: ok - I'll keep investigatin this issue17:39
sorenmdz: I'm not sure I can split it up, explain and train someone else to work on it iwithin the given timeframe.17:40
sorenttx: Take care!17:40
ttxmathiaz: mdz knows what FF should cover. Ask him what alternative is the less worse.17:40
sorenmdz: I do have a lot on my plate. No argument there :)17:40
cjwatsonmdz: for the record, I do not need euca on the CD to develop my side of this17:40
cjwatsonit can be landed for netboot at least17:41
mdzcjwatson: only to test it? ;-)17:41
* soren suspects cjwatson can roll a CD with eucalyptus on it if he wants to test it :)17:41
cjwatsonlots of people will be using this with netboot anyway17:41
mdzindeed17:41
cjwatsonso I can develop *and test* it that way17:41
cjwatsonas it happens I'm debugging it into existence at the moment17:41
mdzcjwatson: should I be nervous that you're not talking about it in the past tense?17:41
mdzah17:41
cjwatsonit is not exactly terribly early, but I think I have it under control17:42
mdzcjwatson: is there anything I can do to help?17:42
cjwatsonmdz: I've bounced you the mail I sent about it before going on holiday last week17:43
mdzsoren: what sort of explanation or training would be needed to work on the appliance?17:44
mdzsoren: I think I could explain it to someone pretty easily if that would help17:44
mdzI'm happy to put the time in if it would move things forward17:44
cjwatsonthe main things that are left are additional debconf configuration and the thing to write and publish the preseed file on the cluster17:44
mdzcjwatson:  I can take back that TB action if needed ;-)17:45
sorenmdz: There are two sides to this, really. There's the one where we build a UEC image with the alfresco package preinstalled. This is quite simple.17:45
cjwatsonif what I have here does anything sensible at all, I'll upload it hopefully today17:45
cjwatsonmdz: I have two weeks for it, right? :)17:45
mdzsoren: that's the part I'm asking about . that is, in fact, the whole reason for this exercise. it was the original requirement: a reference appliance :-)17:45
cjwatson(yes, I know)17:46
mdzcjwatson: :-(17:46
mdzI wish I could say that it could be deferred, but it can't17:46
cjwatsonI mean for the TB action17:46
mdzoh17:46
mdzphew17:47
cjwatsonerr, you can come and babysit so I don't have a child trying to climb over me? :)17:47
mdzcjwatson: if I didn't have a plane to board tomorrow...17:47
sorenmdz: The other is the recipe based version (or as I like to call it:  the one that is actually useful).17:47
cjwatsondon't panic, captain mainwaringg17:47
cjwatson-g17:47
sorenmdz: A CMS is no fun if it's going to throw away all your content when it's rebooted.17:47
mdzsoren: why does that require a recipe? I figured it would just use an EBS volume or whatever17:48
sorenmdz: You just answered your own question :)17:48
sorenmdz: Because it needs and EBS volume.17:48
soren-d17:48
mdzsoren: I guess my understanding of what we mean by recipes is a bit weak17:48
cjwatsonyou know, what would really help me that's basically decoupled would be having the eucalyptus package in revision control in a useful way17:49
sorenmdz: Recipes are needed if you need to take actions that require the user's credentials.17:49
mdzsoren: this is not as urgent as the other items; if it requires hacks which can't go in past FF, we can hide those away in the image17:49
cjwatsonwhich probably only takes making sure that James' import is sane and then branching it and agreeing to use it17:49
sorenmdz: Since those are not going to be available in a generic image.17:50
sorenmdz: ...so we need something that holds the user's credentials  to set up the EBS volume and all that for them.17:50
mdzsoren: is there anyone in particular assigned to packaging landscape this cycle?17:50
sorenmdz: Packaging... landscape..?17:51
sorenmdz: Oh, the client stuff?17:51
mdzsoren: yes, landscape-client, sorry17:51
sorenI'm not sure.17:51
mdzdendrobates: ?17:51
sorenNot that I know, but that is not to say there isn't :)17:51
dendrobatesmdz: not that I am aware of.  I will ask mathiaz.17:52
sorencjwatson: The eucalyptus packaging should be on launchpad already?17:52
* soren checks17:52
mathiazmdz: I uploaded the latest version of landscape-client two weeks ago IIRC17:52
mathiazmdz: I haven't heard anything from the team since then17:53
mdzmathiaz: can you tell me if there is another code drop they expect to land for feature freeze?17:53
cjwatsonsoren: there's no vcs-bzr field in the package17:53
mathiazmdz: I don't know.17:53
cjwatsonwhich is, at the moment, an indicator that the branch is actually being used17:53
sorencjwatson: Ah, sorry about that.17:53
cjwatsonI don't want to commit to a vacuum17:53
sorencjwatson: https://edge.launchpad.net/~ubuntu-core-dev/eucalyptus/ubuntu [+]17:53
cjwatsonaha17:54
sorens/\[\+\]//g17:54
cjwatsonright then, I will get that into shape with my recent uploads17:54
sorencjwatson: That would be fantastic. Thank you.17:54
sorenmdz: Did you want anything else from me? I've got dinner waiting.17:54
cjwatson(out for half an hour while this test install runs)17:55
sorenmdz: Alternatively, I'll be back in a couple of hours.17:55
mdzmathiaz, dendrobates: I just remembered Gustavo was here in the office :-)17:56
mdzhe says that he doesn't think there are any features outstanding, that they expect to be in bug fix only mode at this point17:56
mdzbut he will confirm 100% and get back to us17:56
mathiazmdz: great :)17:56
cjwatsonhmm, actually, I can take the laptop downstairs with me ... the magic of wireless17:56
mdzmathiaz, dendrobates: he says they normally release the client once per month.  we should make sure that we track those monthly releases and sponsor them17:56
mdzFree on the landscape team is apparently working on the packaging17:57
mdzso hopefully they just need review and sponsorship17:57
mathiazmdz: yes - I'm in contact with him17:57
* soren needs to run17:57
mathiazmdz: he pings whenever he needs sponsoring17:57
* soren will check back later17:57
mdzmathiaz: ok, good. so I'll just get confirmation that there is no more feature work expected to land in karmic17:58
mdzsoren: thanks for all your help17:58
cjwatsonoh GOD I hate CDBS17:58
mdzmathiaz: regarding the directory stuff, so AIUI you hope to upload sssd before FF, and seek an FFe for openldap...and there is nothing else to do but fix bugs?18:01
mathiazmdz: that's is correct.18:01
mdzmathiaz: thank you18:02
cjwatsonsoren: hmm, not to be picky, but do you think you could remember to commit your *own* changes to that branch? :-) 0ubuntu2 doesn't seem to be there ...18:07
* cjwatson syncs it up18:07
clustywhere in /etc/ is the place where i can change kernel params?18:10
kinnazsysctl.conf18:12
kinnazmaybe :P18:12
cjwatsonthat depends on the kernel parameter18:13
cjwatsonif you mean the kind you put on the kernel command line, then that goes in bootloader configuration - /boot/grub/menu.lst in <=9.04, or /etc/default/grub in >=9.1018:13
cjwatsonsoren: synced up to match the archive now18:16
clustygot it18:16
clustykinnaz, got it thanks.18:16
keessmoser: leaking environment variables would be considered a security issue, yes.18:37
=== BigJB_ is now known as bigjb
keessmoser: also, /proc/$pid/environ, as you saw, is only the invocation environment, since later env changes need to use different regions of memory, IIRC18:37
=== Authority is now known as Guest50088
heath|workWhat software is being used for spam scanning now a days?19:33
giovaniheath|work: it's always been spamassassin for content scanning19:37
giovanithere are many other spam-prevention techniques19:37
giovanibut spamassassin has dominated the content scanning market19:37
heath|workgiovani, What about Mail Scanner? It looks like it uses spamassassin and clamav19:38
giovaniwell it's just a package19:39
giovaniit's not a scanner application itself19:39
giovaniit uses some blacklists, etc19:39
giovaniI see no point in using it over using the individual applications yourself -- which gives you a lot more flexibility and customization19:40
=== Faust-C is now known as VirtualDisaster
VirtualDisasteri have 2 repos with the same package name in each19:53
VirtualDisasterhowever the one i need is from a custom repo, how would i install a package explicitly from the custom repo and not brick apt-get19:53
genii!pinning19:59
ubottupinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto19:59
geniiVirtualDisaster: ^19:59
VirtualDisastergenii, ah ty19:59
geniinp20:00
heath|workgenii, thanks20:02
heath|worksorry giovani ^^20:03
* genii hands out more mugs of coffee20:03
sorencjwatson: *blush* Sorry about that :(20:14
* genii scrolls back up to see what all the blushing is about20:26
jpdskirkland: I still have the padlock_sha.ko problem.20:40
kirklandjpds: oh, really!20:41
kirklandjpds: herm20:41
jpdskirkland: What's kernel is your fresh install running?20:41
kirklandjpds: i just updated it to latest; rebooting20:42
kirklandjpds: boom ... it's back20:42
jpdsInstalled: 2.6.31-7.2720:42
kirklandjpds: yeah, -7 breaks20:44
kirklandjpds: -6 works20:44
jpdsI know.20:44
kirklandjpds: are you encrypting swap?20:45
jpdsOtherwise I wouldn't be here. ;-)20:45
jpdskirkland: /home, with LUKS.20:45
kirklandjpds: interesting, okay20:46
cjwatsonsoren: I'd very much appreciate it if you could review lp:~cjwatson/eucalyptus/installer - would there be a major problem with merging and uploading this as a step on the road?20:49
cjwatsonI'm pretty sure it's not all the way there20:49
cjwatsonmdz: ^- or indeed you might like to20:54
cjwatsonthis is basically the patch from a week ago with basic bug-fixes applied following smoke-testing20:56
cjwatsonand with euca_find_cluster updated to output IP addresses rather than hostnames20:57
mathiazkirkland: hey - http://people.canonical.com/~mathiaz/cgroup.boot.png21:34
mathiazkirkland: Am I supposed to do something special to make cgroup working?21:34
kirklandjbernard__: cgroups21:40
kirklandjbernard__: what needs to be done to make it work out-of-the-box?21:40
jbernard__kirkland: ahh21:40
jbernard__you need to edit /etc/cgconfig.conf21:40
kirklandjbernard__: to say what21:41
jbernard__and at least uncomment the lines referring to 'mount'21:41
kirklandis it something that we could ship a more sensible default?21:41
kirklandjbernard__: or disable the init script by default, if config must be done?21:41
jbernard__yes21:41
jbernard__we could go both ways21:41
jbernard__the current package install everything as the upstream author indented it, but I really think we can do a bit better on default configuration21:42
jbernard__what are your thoughts there?21:43
mathiazjbernard__: is there a reason to *not* have the mount lines uncommented?21:43
mathiazjbernard__: the idea being that a default install should work OOTB - ie have a minimal working configuration21:43
jbernard__the directory must exist, in this case '/mnt/cgroups'21:43
jbernard__so we could ship with those lines uncommented and create the dir if it doesn't exist21:44
mathiazjbernard__: if every use will have to uncoment the lines, then it makes sense to enable them by default21:44
jbernard__i agreee21:44
jbernard__i can make that change quickly21:44
kirklandjbernard__: cool, thanks21:45
kirklandjbernard__: please bump the ubuntu version, as i uploaded the other one already21:45
jbernard__other one?21:45
jbernard__from 0ubuntu1 to 1ubuntu1 you mean?21:45
kirklandi uploaded what you put in revu21:45
kirklandjbernard__: you did a nice job packaging this, thanks ;-)21:46
kirklandjbernard__: i asked mathiaz to additionally review21:46
jbernard__no problem21:46
mathiazjbernard__: 0ubuntu221:46
jbernard__so the only request I'm hearing is a sane default configuration21:46
kirklandjbernard__: his comments on the init script/config are correct, but that can be solved between now and beta21:46
jbernard__ok, so this solves the in-before-freeze issue21:47
jbernard__or is the clock still ticking?21:47
mathiazI think that's ok to fix the default configuration between now and beta21:48
mathiazIt's not a blocker for FeatureFreeze IMO21:48
jbernard__ok, thats good to hear21:48
jbernard__i will make the change then so the initscripts can be run at install successfully21:50
mathiazjbernard__: right - I noticed that the init scripts weren't installed via dh_installinit21:51
mathiazjbernard__: so they're only installed, and not run21:52
mathiazjbernard__: which is kind of odd for init script21:52
jbernard__correct, i removed the running of them from the postinst21:52
aubreexcited - I got my hardware in and tomorrow I will be racking it and getting ready for my UEC proof of concept cloud for Auburn University21:52
jbernard__because it requires a working configuration21:52
mathiazjbernard__: the result is that either the system needs to be rebooted or the init script needs to be run manually afterwards21:52
mathiazjbernard__: right - I think that providing a default working configuration would fix this issue21:53
mathiazjbernard__: it makes sense to install an init script and then start it21:53
mathiazjbernard__: one of the Ubuntu policy is to have a default configuration working OOTB21:53
jbernard__i agree, ill make that change21:53
kirklandmathiaz: okay, where's the sssd branch?21:54
jbernard__james just mentioned that he's inclined to reject it from the queue, so ill try to get these changes tested an uploaded this evening21:54
kirklandmathiaz: sorry, i'm sure it's in my history :-)21:54
kirklandmathiaz: it's been a crazy busy day21:54
mathiazjbernard__: note that I don't have enough knowledge about cgroups to actually figure out whether it makes to have a default configuration working for 80% of the systems21:54
aubreSince this setup is proof of concept, should I stick with jaunty, or go ahead with karmic?21:54
mathiazkirkland: https://code.launchpad.net/~mathiaz/sssd/ubuntu-pkg-release-tarball21:55
mathiazkirkland: yeah - welcome to pre-FeatureFreeze crazyness...21:55
aubreit certainly won't be in production until after karmic21:55
mathiazaubre: UEC testing in Karmic is more than welcome21:56
mathiazaubre: however you may enconter rough edges21:56
mathiazaubre: just be aware of that.21:56
aubremathiaz:  great, I'm prepared for that21:56
mathiazaubre: like - it may break, not work at all, or eat your data21:57
aubremathiaz: actually this setup is for testing , it won't have anything of vaule on it21:57
mathiazaubre: if you're up for it and ready to debug/report bugs, testing UEC in Karmic is welcome21:57
aubremathiaz:  made for breaking, I am ready to help with bugs, I have my launchpad account all set up21:58
mathiazaubre: awesome - welcome to the factory floor..21:58
aubremathiaz: hehe thanks - I have 3 machines , one will be cloud & cluster controller and 2 will be ncs.21:59
aubremathiaz: and the white paper was really helpful in ironing things out for me21:59
aubremathiaz: but the most important thing is I have a supportive director21:59
jbernard__mathiaz: i tend to agree22:02
jbernard__mathiaz: but it's probably nice to not see a boot-time error22:03
jbernard__even though no cgroups are configured for the default installation22:03
kirklandmathiaz:         mv $(CURDIR)/debian/tmp/usr/lib/libnss_sss.so.2 $(CURDIR)/debian/tmp/lib/libnss_sss.so.222:04
kirklandmathiaz: what's that doing?22:05
kirklandmathiaz: moving it out of the way, i see22:05
mathiazkirkland: nss libraries need to be in /lib rather than /usr/lib22:05
mathiazkirkland: or at least that's where most of them are located22:05
kirklandmathiaz: ah22:05
kirklandmathiaz: fair enough22:06
mathiazkirkland: yeah - I'm not sure about my first statement22:06
mathiazkirkland: there may be a use case to have the nss libraries in the ramdisk?22:06
kirklandmathiaz: perhaps required for boot somehow?22:06
jbernard__does anyone have a package example laying around where dh_installinit installs an initscript from outside the debian directory?22:07
jbernard__i couldn't seem to get it to work right, but maybe I was just tired22:09
mathiazjbernard__: hm - dh_installinit only works from the debian/ directory22:12
kirklandmathiaz: you could solve a couple of bashisms in the sssd initscript with /bin/kill22:13
mathiazjbernard__: you could copy the init scripts from scripts/init.d/ to debian/libcgroup1.(name).init and then call dh_installinit --name22:13
jbernard__mathiaz: that would work too, but it would also mean upstream changes would require a manual sync22:14
kirklandjbernard__: if you want, just send me a debdiff22:14
anAngelHello. I have some problems configuring amavis with postfix and dovecot with virtual domains and users. It doesn't scan/put any Headers in my mail. Anyone can help me?22:15
jbernard__kirkland: for the license updates and default configuratin?22:15
kirklandmathiaz: your sssd package looks good to me22:15
mathiazjbernard__: even if you copy the file from scripts/init.d/ *during* the build process?22:15
jbernard__mathiaz: oh, i hadn't thought of that22:15
jbernard__mathiaz: ill look into that, good idea22:16
kirklandmathiaz: note that I didn't build it, since I didn't have the tarball22:20
anAngelHello. I have some problems configuring amavis with postfix and dovecot with virtual domains and users. It doesn't scan/put any Headers in my mail. Anyone can help me?22:20
cjwatsonjbernard__: symlink in debian/ ?22:25
mathiazkirkland: https://fedorahosted.org/released/sssd/sssd-0.5.0.tar.gz22:25
mathiazkirkland: ^^ upstream tarbal22:25
mathiazkirkland: ^^ upstream tarball22:25
cjwatsonjbernard__: though unless it's a native package you'll probably have to make the symlink during the build, which isn't really much better than copying the file during the build22:25
jbernard__cjwatson: good grief, that'd be even awesomer22:25
jbernard__cjwatson: true22:26
cjwatsonI don't think dpkg-source will preserve symlinks in any particularly sane way, yet22:26
jbernard__but at least i would have to override dh_installinit target22:26
jbernard__but actually i have to anyway to put the name in there22:26
anAngelHello. I have some problems configuring amavis. It doesn't scan/put any Headers in my mail. Anyone can help me?22:29
mathiaz!volunteers | anAngel22:30
ubottuSorry, I don't know anything about volunteers22:30
mathiaz!volunteer | anAngel22:30
ubottuSorry, I don't know anything about volunteer22:30
mathiaz!behavior | anAngel22:31
ubottuanAngel: The people here are volunteers, your attitude should reflect that. Answers are not always available. See http://wiki.ubuntu.com/IrcGuidelines22:31
jbernard__does the absense of a license on a source file prevent a package from being included in the release?22:45
jbernard__I assume this has to be resolved before it can be uploaded? Or are there exceptions to this?22:46
cjwatsonjbernard__: personally I think it's OK as long as the licence of the whole package is clear (if it's just "all these source files are licensed under ..." kind of thing). There are some differences among archive admins about this, I think22:50
cjwatsonI tend to think of it as "would you be able to convince a court that there was any reasonable doubt about this licence?"22:50
cjwatson(indeed civil cases are on balance of probabilities so if it's that strong you're on pretty solid ground I feel)22:50
jbernard__Yes, it's just a few, 7 actually, but 5 of those are standalone test programs in /test22:51
cjwatsontest files without explicit licences are really very common - is the licence of the whole package clear?22:52
jbernard__i would assume they just forgot to put a license on those, there does exist /COPYING which is LGPL and 85% of the source files have that license in the header22:52
cjwatsonthen I reckon it's ok22:53
jbernard__in that case, what would be the proper documentation in debian/copyright to reflect this?22:54
jbernard__or can you point me to a doc and/or example where this has been done22:54
jbernard__oh, nevermind, dh_make has a snippet at the bottom of the template that I can use22:57
jbernard__cjwatson: thanks for the input22:57
sorencjwatson: I'm curious why you didn't use start-stop-daemon for this: http://bazaar.launchpad.net/~cjwatson/eucalyptus/installer/revision/457 ?23:06
cjwatsonsoren: maybe I should have done23:14
cjwatsonI didn't think of it23:14
cjwatson(of course s-s-d renders it Debian-specific, but ...)23:15
cjwatsonthe kill stuff was extending something that was already there, though23:18
sorencjwatson: Ah, right, the dhcp server stuff?23:18
sorencjwatson: meh, not important.23:19
sorencjwatson: Apart from that, I must admit I was hoping for something that wouldn't be installer specific.23:19
cjwatsonhttp://paste.ubuntu.com/259535/ ? untested23:19
cjwatsonnot installer-specific for which bit?23:20
cjwatsonwe do need to have installer integration23:20
ZachManhello, i am trying to install unbuntu server and it fails to load the CD driver, it is a standard IDE DVD/CD rom23:21
sorencjwatson: re the patch> I was also thinking for the killing part. s-s-d implements the wait-for-a-bit-and-then-SIGKILL-it quite nicely.23:21
cjwatsonit does, but I would have had to change other code23:22
sorencjwatson: Oh, ok.23:22
cjwatsonif that other code is updated to use start-stop-daemon, then I'd be happy to follow suit23:22
cjwatsonit would certainly be cleaner23:22
sorencjwatson: Ah, you mean the existing code from upstream?23:22
cjwatsonI mean the stuff that kills the pid listed in /var/run/eucalyptus/eucalyptus-cc.pid23:23
cjwatsonin debian/eucalyptus-cc.init, and likewise for the nc23:23
sorenRight, that's straight from upstream.23:23
sorencjwatson: As for the installer specificness (specificity?), I just mean it'd be nice if you got roughly the same experience if you installed eucalyptus-nc on an existing system.23:24
cjwatsonZachMan: more often than not this turns out to be a kernel bug. To verify, try booting an Ubuntu live CD and see if it starts up successfully23:24
cjwatsonsoren: oh, right. so, one of the things I mentioned in my mail as being missing is some euca_conf integration to do the scanning on a running system as well23:24
cjwatsonI don't see any reason euca_find_cluster couldn't be integrated into that23:24
ZachMancjwatson where can i get the live cd?23:25
cjwatsonZachMan: http://releases.ubuntu.com/23:25
mushroomblueZachMan: have you tried installing via usb stick?23:25
cjwatsonpick your release, grab the desktop CD23:25
sorencjwatson: Makes sense.23:25
ZachManmushroomblue no23:25
mushroomblueZachMan: I only install by CDROM on systems that don't support usb boot.23:25
cjwatsonI realise you probably don't want a desktop installation, but it's just to verify whether the CD detection problem lives in the kernel23:25
cjwatsonsoren: the libd-i dependency is a little ugly, although it would *work* on a regular system since libdebian-installer4 exists as a .deb - it wouldn't be upstreamable that way though. It ought to be replaced with some other hashtable implementation23:26
ZachManhow can i boot via usb stick23:26
cjwatsonI was just in a tearing hurry and that was the first canned hash impl that came to hand23:26
sorencjwatson: glib isn't anywhere in the dependency stack, is it? /me thinks not23:27
mushroomblueZachMan: sudo apt-get install usb-imagewriter23:27
cjwatsonsoren: no, I was quite careful about that23:27
mushroomblueZachMan: I think there's a windows utility to burn a .iso file to usb23:27
sorencjwatson: I meant in Eucalyptus' existing dependency tree. It's not per se, but you'd be hard pressed to find a system that runs Eucalyptus that doesn't already have glib. :)23:32
TViYHhow hard is it to install ubuntu server?23:35
cjwatsonsoren: oh, right. or it's not like it actually needs a hash for all it does; walking a list would do fine.23:39
mushroomblueTViYH: easy as pie23:39
mushroomblueunless you're afraid of a console-based GUI and arrow keys.23:39
mushroomblueyou might have to press enter and tab occasionally, if that's a problem. :)23:40
mushroomblueapparently, that was too much to bear.23:43
ahasenackquick question: are USNs issued for packages in universe? I think not, right?23:44
mathiazahasenack: USNs are issued for packages in universe.23:52
ahasenackmathiaz: hmm, my theory is off then23:54
mathiazahasenack: sorry about that. I didn't mean to ruin your whole life...23:54
ahasenackmathiaz: a guy just told me he saw apache2-mpm-itk in the hardy security repository but that it had no USN23:56
mathiazahasenack: right - that's probably because apache2-mpm-itk needs to be rebuilt every time apache2 is published23:56
mathiazahasenack: it's a special case23:56
ahasenackmathiaz: ok, so it's a dependency, and it doesn't come from the same source23:57
mathiazahasenack: yop.23:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!