[00:00] <Bilge> derp
[00:11] <jdstrand> apache2-mpm-itk is also in universe, so no USN
[00:11] <jbernard__> kirkland, mathiaz: i've just uploaded libcgroup to REVU that addresses all of the current issues
[00:12] <jbernard__> kirkland, mathiaz: I think it's super solid now, any feedback you've got is much appreciated
[00:16] <mathiaz> jdstrand: hm - so USN are not published for packages in universe?
[00:16] <jdstrand> mathiaz: that is correct
[00:25] <mathiaz> jbernard__: since the 0ubuntu1 version of libcgroup has been rejected
[00:25] <jbernard__> i already bumped it
[00:25] <jbernard__> to 0ubuntu2
[00:25] <mathiaz> jbernard__: you should just upload a new version of 0ubuntu1 to revu
[00:25] <jbernard__> ahh
[00:25] <jbernard__> good call
[00:25] <jbernard__> im on it
[00:25] <mathiaz> jbernard__: package version are only relevant once they're in the archive
[00:26] <mathiaz> jbernard__: but REVU is used before the archive - and thus should only have 0ubuntu1 versions
[00:26] <jbernard__> mathiaz: ok, good to know
[00:27] <mathiaz> jbernard__: and an changelog entry just stating Initial Release
[00:27] <mathiaz> jbernard__: once the package is the archive, REVU is not used anymore
[00:27] <mathiaz> jbernard__: new version should be sponsored via LP bugs(branches soon)
[00:30] <jbernard__> mathiaz: ok, upload complete, should show up on the next pulse
[00:35] <mathiaz> jbernard__: it seems that most of the code is actually licensed under LGPL 2.1
[00:35] <jbernard__> mathiaz: yes
[00:35] <mathiaz> jbernard__: while debian/copyright states LGPL 2
[00:36] <mathiaz> jbernard__: COPYING in the src tree is LGPL 2.1
[00:36] <jbernard__> yeah, as i understood it, LGPL-2 == 2.1
[00:36] <jbernard__> since it was the first successor to GPL-2
[00:37] <mathiaz> jbernard__: hm - I don't think so
[00:37] <jbernard__> mathiaz: i was reading the second para from the top in COPYING
[00:38] <mathiaz> jbernard__: /usr/share/common-licenses/ has a file for LGPL-2 and another one for LGPL-2.1
[00:38] <jbernard__> mathiaz: indeed it does, oops ;)
[00:38] <jbernard__> ill fix it up, gimme a sec
[00:38] <mathiaz> jbernard__: right - that paragraph is confusing
[00:39] <jbernard__> nothing gets by you guys ;)
[00:39] <mathiaz> jbernard__: licensecheck
[00:39] <mathiaz> jbernard__: ^^ help script to figure out the licenses of every file in the src tree.
[00:42] <jbernard__> mathiaz: i ran that, but it seems to be very particular about header format
[00:42] <jbernard__> mathiaz: so i ended up having to go through most of it by hand
[00:44] <mathiaz> jbernard__: I usually run this command http://paste.ubuntu.com/259563/
[00:44] <mathiaz> jbernard__: which is just for loop
[00:45] <jbernard__> mathiaz: oh nice
[00:47] <jbernard__> mathiaz: ok, upload is done
[00:47] <jbernard__> mathiaz: i have to run out for a bit, but leave comments here and I'll pick them up on my return
[00:47] <jbernard__> mathiaz: thanks for all the time, I really appreciate it
[00:53] <mathiaz> kirkland: ^^ - looks good to me now
[00:53] <mathiaz> kirkland: you can have another look at the packaging - (0ubuntu1 has been rejected from the NEW queue)
[01:13] <Doonz> hey guys can someone recommend a program to monitor my network cards. im having connection issues with my server and i beleive i have a bad nic in it but need to justify getting a new one
[01:16] <KillMeNow> wireshark maybe?
[01:16] <KillMeNow> hrm...  are you getting a bunch of errors when you do a ifconfig?
[01:44] <giovani> wireshark on a server? no ...
[01:45] <giovani> tcpdump will work fine -- but it won't tell you if the problem is at the NIC
[01:46] <giovani> you can run some traffic tests locally on the LAN
[01:46] <giovani> but unless you test the same switch ports, etc -- you can't eliminate all of the variables
[01:54] <KillMeNow> how many times have you seen a NIC fail giovani?
[01:54] <KillMeNow> it's pretty rare
[02:32] <oh_noes> is it posisble to tell lvextend  "extend to the end of the physical disk" instead of saying "+400M"
[02:49] <twb> oh_noes: I guess you could just keep extending it until you run out of extents.
[02:49] <twb> pvs will tell you how much is left
[02:49] <twb> Ah, the manpage mentions %FREE
[02:50] <twb> So try --size 100%FREE
[02:50] <twb> +100%FREE, rather
[02:51] <oh_noes> nice, thanks!! Let me try
[02:51] <twb> oh_noes: I worked this out by READING THE MANUAL
[02:51] <twb> It's an approach I highly recommend.
[03:37] <oh_noes> twb: your right,  I can use 100%FREE which works, however I cant lvextend it because the VG is still the same size
[03:37] <oh_noes> any thoughts on how to tell vgextend to "extend to the end of the existing disk you already have"
[03:37] <twb> oh_noes: that doesn't make sense.
[03:38] <twb> a VG is a bag of PVs.  PVs are either disks or (more commonly) partitions.
[03:38] <twb> Pastebin the output of "pvs", "vgs" and "lvs".
[03:40] <oh_noes> twb: http://pastebin.com/meeb9974
[03:40] <twb> oh_noes: so you have one PV, /dev/sdb1
[03:41] <oh_noes> twb: in my example, I have extended the 'end' of an existing disk.  So theres sdb1 which was originally 100% (8GB), then I added another 8GB to sdb, so I want to extend sdb1 to include the new free space at the end of the disk
[03:41] <twb> oh_noes: if there is space on sdb not allocated to sdb1, you can't use it.
[03:41] <twb> You would either need to extend the PV, or add another partition (sdb2) and make that a second PV, and add that new PV to the VG.
[03:43] <oh_noes> twb: hrm, ok thanks.  What Im trying to do is handle a "VMware size increase".  ie. the OS is shutdown, then sdb is brought back with additional space at the end.  I want to be able to handle this and increase /foobar
[03:43] <oh_noes> I thought LVM would handle this, but maybe not.  As you said, it appears my problem is that sdb1 isnt associated with that free space.
[03:43] <oh_noes> can I use anything to resize and expand sdb1 to take up the free space?
[03:44] <twb> You can delete the partition from the partition table and create a new one in the same place, with a different size.  I do not know if LVM will cope with that.
[03:45] <oh_noes> so there isnt a 'proper' way to handle this?
[03:45] <oh_noes> I prefer not to create a new partition, because I don't know how many more times it'll be extended (and thus new partitions) will be needed
[03:47] <twb> Because you're running in vmware there's not a lot of point in using LVM anyway
[03:48] <twb> You might as well just make a filesystem directly on /dev/sdb1 and then use resize2fs when you grow it.
[03:49] <oh_noes> twb: but wont I have the same problem?  the partition is 8GB with unallocated space at the end of the disk.
[03:49] <oh_noes> I will still need to resize the actual partition, right?
[03:50] <twb> Oh, yeah, I guess.  But I *know* ext3 won't care if you delete and create a new partition
[03:52] <oh_noes> theres no GNU tool that can resize a partition into unallocated space?
[03:53] <oh_noes> gparted will do it, but I dont want to boot into a live CD.  I was hopign to do it somewhere in rc2.d before applications come up (so they can use the new size)
[03:53] <giovani> "resizing" = bad!
[03:53] <giovani> oh_noes: you can't resize a normal partition while an OS is running from it
[03:54] <giovani> not even windows can accomplish that
[03:55] <oh_noes> maybe i can manually delete the partition with fdisk and create it again (but bigger)
[03:55] <giovani> yeah ... back up your data first
[03:56] <oh_noes> giovani: whats the definition of a 'normal' partition?  Whats the difference between creating sdb1 on a new unused sdb1 and extending sdb1 when sdb is unused?
[03:56] <giovani> a "normal" partition is one that isn't LVM
[03:56] <giovani> your sdb/sdb1 example makes no sense
[03:56] <oh_noes> giovani: yep i get that, in my case the partition in question is /foobar
[03:57] <oh_noes> OS is *not* running from it, sdb1 isnt mounted.
[03:57] <giovani> ok -- so then why do you need to do it in rc2?
[03:57] <giovani> you can always modify partitions that don't have the OS on them when the system is fully booted
[03:57] <giovani> no need to use a livecd
[03:57] <oh_noes> i was hoping i could 'detect' the VMware disk has been increased, then resize it before apps come online
[03:58] <giovani> what?
[03:58] <giovani> sigh
[03:58] <giovani> I have no idea what you're talking about
[03:58] <oh_noes> giovani: what can I use to modify the existing partition into unallocated space?
[03:58] <giovani> what does "modify the existing partition into unallocated space" mean?
[03:58] <oh_noes> it means, sdb is 0-1000 blocks
[03:58] <oh_noes> sdb1 is using 0-300
[03:58] <oh_noes> I want to make sdb1 take up the entire 0-1000
[03:59] <giovani> you don't
[04:00] <giovani> particularly if it uses ext3
[04:00] <ball> giovani: Is that like spreading peanut butter too thin?
[04:00] <ball> (run out of inodes etc?)
[04:00] <giovani> ext3 won't resize
[04:01] <giovani> period
[04:01] <giovani> the only way to resize a ext3 partition is to convert it to ext2
[04:01] <giovani> and then back
[04:01] <giovani> and I would never recommend it
[04:01] <giovani> just move the data off -- make it LVM for future use
[04:01] <giovani> and move the data back
[04:14] <ball> hello pw_thirdfloor_
[04:48] <Tim__Reichhart> there anyway that I can configure squirrelmail just accept just the username and not the full email address?
[08:48] <martinjh99> Is there a package for mod_security for Apache2 on hardy lts?
[08:55] <\sh> martinjh99: doesn't look like...libapache2-mod-security occured first time in jaunty (when packages.ubuntu.com is true)
[08:56] <martinjh99> poo - Just had someone putting phishing files on my server... Trying to harden it up a bit...
[08:56] <martinjh99> setup ufw to allow http
[08:57] <martinjh99> and ssh only from local network...
[08:57] <martinjh99> Also added a password to root.  Is there anything else I should be doing?
[09:04] <\sh> martinjh99: I would fix the application first
[09:11] <martinjh99> Everything is updated from ubuntu repos - Updated Joomla from their website to the latest version.
[09:26] <Boohbah> martinjh99: don't use vulnerable web applications
[09:29] <ewook> lol
[09:29] <martinjh99> yes that might be a good idea...
[09:30] <ewook> joomla is indeed targeted - or, foremost the badly written plugins.
[09:31] <martinjh99> Ah ok - suggestions for a CMS then??
[09:31] <martinjh99> So might be my choice of cms thats the problem...
[09:32] <\sh> drupal is good...typo3 is also having issues mostly plugin wise
[09:33] <martinjh99> thanks for those - Could never get my head round Drupal when I tried it before plus there are no examples like the ones in Joomla
[09:38] <\sh> martinjh99: drupal has a lot of examples and good books out in the field
[09:46] <martinjh99> :) I'll google and have a look... Thanks
[10:03] <dayo> anyone has any experience with snort?
[10:05] <jtimberman> dayo: you might try #snort :)
[10:05] <dayo> jtimberman: in there right now. spookily quiet, though
[10:06] <jtimberman> dayo: more active during the day in the US, I think.
[10:06] <dayo> jtimberman: true. forgot the timezome thing lol
[10:06] <jtimberman> dayo: me too, its apparently after 3am.
[10:06] <dayo> i'll check back later, then
[10:07] <dayo> lol
[10:13] <alvin> Are there known issues when using ext4 filesystems in qcow2 images? I'm seeing a lot of corruption when using a Karmic kvm host.
[10:22] <alvin> What I actually want is building a stable production system:
[10:23] <alvin> What Ubuntu version has the most stable version of kvm, what filesystem and what type of images should I use?
[10:28] <a_ok> I did an release update however the php gd.so lib disapeared. how is this possible? (fixed it by installing the package php-gd)
[10:37] <mattt> a_ok: the only reason i could think it'd get removed was if gd was now built into the base php package, and not required as a module
[10:37] <mattt> a_ok: which release are you using?
[10:38] <a_ok> hardy
[10:39] <a_ok> mattt: yeah guess that must be it. dangerous though as these kind of changes can break stuff
[10:40] <mattt> a_ok: hmmm, i don't think that's it :/
[10:47] <mattt> a_ok: maybe you want to look through /var/log/dpkg.log to see if it offers any insight
[10:49] <a_ok> mattt: 2009-08-26 07:32:23 upgrade php5-gd 5.2.3-1ubuntu6.3 5.2.4-2ubuntu5.7
[10:49] <a_ok> when updating it just removed it and did not install the new one
[10:50] <a_ok> i checked with apt-cache policy and there simply was no php5-gd installed anymore. i guess something is broken in that package
[10:51] <a_ok> mattt: or 2009-08-26 07:40:47 remove php5-gd 5.2.4-2ubuntu5.7 5.2.4-2ubuntu5.7
[10:51] <a_ok>  removed a bit to much
[12:19] <cjwatson> soren: so, if I fix that start-stop-daemon thing (at least on start) can I go ahead and upload that?
[12:19] <soren> cjwatson: Yes, please do.
[12:20] <soren> cjwatson: Sorry, didn't I say that last night before I passed out?
[12:20] <soren> cjwatson: scrollback suggests I did not. Sorry.
[12:24] <cjwatson> no problem, I was beating on RAID this morning anyway
[12:25] <spiekey> Hi!
[12:26] <spiekey> if i boot with 8.04 or 9.04 live cd, i get a sda device. If i boot with my own kernel, i have a hda device.
[12:26] <spiekey> this sucks since i want to do automatic cloning :)
[12:26] <spiekey> is there a way to turn off/on this scsi emulation?
[12:37] <cjwatson> only by recompiling the kernel, usually
[12:37] <cjwatson> it's probably CONFIG_ATA plus CONFIG_PATA_WHATEVERDRIVERRUNSYOURCONTROLLER
[12:38] <cjwatson> the old IDE stuff is decreasingly well maintained so in general it's a good idea to try to switch away from it
[12:41] <spiekey> okay, thanks
[13:09] <soren> spiekey: What exactly are you trying to do?
[13:12] <spiekey> soren: Boot up Ubuntu-Live CD ---> Run a Script that mounts, rsyncs, writes grub, reboots the Cloned PC.
[13:12] <spiekey> my problem: When it boots up i get hda, in the Live CD its sda
[13:13] <spiekey> so my searchand replace script wikk fail...well it works, but then i run into a kernel panic :)
[13:21] <heath|work> I need to find a script that has a name in it. So far I have: find / -type f -regex .*\.sh -exec grep smith {} \;
[13:21] <heath|work> It spits out the line the name is on, but not the file name. What do I need to add to view the filename?
[13:26] <pmatulis> heath|work: try 'grep -l'
[13:28] <heath|work> pmatulis, thanks, I will
[13:37] <szczym> Helo all, i have a problem installing ubuntu server on box with no cdrom (i do it from usbstick). install stops on detecting cdrom (demands floppy drivers). could any one help me please ?
[13:38] <pmatulis> szczym: does your BIOS support booting from USB?
[13:38] <heath|work> pmatulis, Thanks that worked!
[13:38] <pmatulis> heath|work: good stuff
[13:38] <szczym> yes, i did booted fine from usb
[13:39] <pmatulis> szczym: that's strange, what release are you tring to install?
[13:39] <pmatulis> *trying
[13:40] <szczym> 8.04.03 installer works from usb but dont go forward after message "No common CD-ROM drive was detected"
[13:41] <szczym> the failing item is: Detect and mount CD-ROM
[13:45] <pmatulis> szczym: maybe add comment to bug 378442
[13:46] <szczym> there are several bugs issued on that topic, but no solution ;(
[13:51] <pmatulis> szczym: i know, but commenting to it is the proper thing to do
[13:54] <szczym> yes, thanx for info. in my humble opinion its very embarrassing problem given debian/ubuntu excellence ...
[13:55] <pmatulis> szczym: agreed
[13:55] <pmatulis> szczym: you may want to dig dipper by asking in #ubuntu-installer
[13:55] <pmatulis> *deeper
[14:02] <szczym> thanx, i will
[14:26] <giovani> above +/-1500?
[14:27] <soren> giovani: I'm guessing "+/-" is a poor man's "~".
[14:27] <mattt> :)
[14:35] <giovani> soren: ah, it baffled me, honestly
[14:46] <pmatulis> szczym: looks like you got some good info over there
[14:47] <szczym> yes indeed it helped me partially
[14:48] <szczym> but any way i will tray to install 8.04 on other box into pendrive and then boot from it the machine because on 9.04 i head problems with gphoto2
[15:32] <ahasenack> is there a command line tool that checks for available security updates and matches them with USNs?
[15:32] <ahasenack>  /usr/lib/update-notifier/apt-check uses just the repository name. If it ends in -security, the update is considered a security one
[15:32] <ahasenack> (and it has to come from "ubuntu")
[15:39] <sgsax> ahasenack: I was looking for just such a thing a month or so ago, but never found one
[15:47] <garymc> sorry guys, forgot the command to add a user in the terminal is it "sudo aduser john" ?
[15:48] <garymc>  "sudo adduser john" ?
[15:49] <sommer> garymc: yeppers
[15:50] <garymc> thanks
[15:50] <sgsax> useradd is the "classic" tool
[15:50] <sgsax> but adduser is the kinder gentler interactive debian tool
[16:04] <traemccombs> hey guys... morning.
[16:05] <traemccombs> Anyone use clonezilla  and know if there is a problem with doing 4 machines @ once over a network?
[16:05] <traemccombs> I've got a single image on a box... and I want to get said image down to 4 machines.  But wouldn't think there'd be a problem with accessing the same file from 4 machines
[16:09] <josephpiche> I was wondering if could have someone look at ubuntu bug 396632. I filed it because I feel like I should be able to run `service lighttpd status` as an unprivileged user, but I'm not familiar enough with init scripts to know what to modify in order to write a patch.
[16:12] <sgsax> traemccombs: accessing the image file shouldn't be a problem, but iirc, clonezilla uses udp broadcast, which could conceivably cause your network to get real slow
[16:16] <traemccombs> sgsax: yeah.... that could be bad. :)
[16:16] <traemccombs> maybe I'll just take them off the network and stick em' on a solo switch
[16:24] <frojnd> Hello there.
[16:25] <frojnd> I desperetally need someone that has experience with linux
[16:25] <frojnd> I've done some "terrible" things
[16:25] <frojnd> First I've removed my primary rtorrent 0.8.0
[16:25] <frojnd> And I've installed it with ./configure and make commands
[16:26] <frojnd> All fine and well but I excidentally removed the source dir :S
[16:26] <frojnd> So I thought why not download again and ./configure and make again..
[16:26] <frojnd> all good and fine only that I missed the stable  versioninstaead I've selected development version :S
[16:26] <frojnd> I tried to make uninstall
[16:26] <frojnd> but I couldn't
[16:27] <frojnd> i kept getting errors like: make: *** No rule to make target `uninstall'.  Stop.
[16:27] <frojnd> and if that wasn't enough I've tried to install svn and from it rtorrent
[16:27] <frojnd> http://www.howtoforge.com/compile-rtorrent-from-svn-ubuntu-8.04-hardy-heron <- I follewed that guide
[16:28] <frojnd> all good and fine, only that know I have not working 0.8.0 version that only sudo user is allowed to run it :S
[16:28] <frojnd> Is there anyone brave enough to help me solve this mess? I need to remove newest version of rtorrent which is 0.8.4
[16:28] <frojnd> and possible the svn lateset version 0.8.5
[16:29] <frojnd> and maybe even version 0.8.0
[16:30] <frojnd> any brave ppl here?
[16:31] <frojnd> I guess not :S
[16:32] <ilowe> frojnd: give people a chance to respond.... we are all multi-tasking
[16:33] <frojnd> ilowe: ok I'm myself so I'll wait hope someone response.
[16:33] <ilowe> frojnd: I take it the version in the repos is no good for you?
[16:34] <mushroomblue> has anyone actually successfully set up OpenLDAP using the server guide?
[16:35] <virtualdisaster> mushroomblue, no :)
[16:35] <virtualdisaster> mushroomblue, but i got a book that helped
[16:35] <frojnd> ilowe: no
[16:35] <frojnd> ilowe: I have 8.04 LTS and it is only 0.8.0
[16:35] <mushroomblue> virtualdisaster: wait. so the book helped you _not_ set up openldap?
[16:36] <mushroomblue> virtualdisaster: what'd you end up doing to set it up?
[16:36] <virtualdisaster> mushroomblue, one sec
[16:37] <ilowe> frojnd: what version do you *require*?
[16:37] <mattt> mushroomblue: i just set it up on lenny :)
[16:37] <mushroomblue> hah.
[16:37] <mushroomblue> doesn't lenny also require GnuTLS?
[16:38] <mattt> i do have libgnutls26 installed
[16:38] <frojnd> ilowe: 0.8.4
[16:38] <frojnd> ilowe: it has features that I need
[16:38] <frojnd> ilowe: well 0.8.4+
[16:39] <mushroomblue> mattt: didja use a howto, or are you merely strong with the force and set it up from memory?
[16:39] <virtualdisaster> mushroomblue, mastering openldap
[16:39] <virtualdisaster> good book
[16:40] <mushroomblue> virtualdisaster: relevant to 9.04?
[16:40] <virtualdisaster> should be
[16:40] <mushroomblue> hmm. seems most books on openldap I found require modifying a deprecated slapd.conf
[16:41] <mattt> mushroomblue: i know nothing about ldap, used some guides online
[16:41] <mattt> mushroomblue: what problem are you running into?
[16:41] <mattt> mushroomblue: i want to use ldap for vsftpd authentication -- used these two (fortunately book-marked them): http://www.howtoforge.com/linux_ldap_authentication http://www.debuntu.org/ldap-server-and-linux-ldap-clients
[16:42] <mattt> mushroomblue: it's working from what i can tell, i managed to use libpam_ldap to connect ldap and vsftpd
[16:42] <mushroomblue> mattt: that might solve it.
[16:42] <mushroomblue> I think my first mistake was using the ubuntu server guide
[16:44] <mushroomblue> my first issue was trying to figure out GnuTLS in order to set up a certificate authority. documentation was slim
[16:44] <mushroomblue> now slapd seems to be working with it
[16:44] <mushroomblue> but I can't log in as a user from the directory.
[16:45] <mushroomblue> I'll stop talking and RTFM a bit more. thanks for the links.
[16:45] <frojnd> ilowe: I'm doing programming myself just out of curiousity, u still with me despite multi-tasking stuff? :P
[16:46] <ilowe> yup; just checked out the SVN trunk, I want to see if I can throw together a quick deb for you
[16:46] <mattt> mushroomblue: you're trying to log in via what?
[16:46] <mushroomblue> ssh.
[16:46] <mattt> mushroomblue: you took care of /etc/nsswitch.conf?
[16:46] <frojnd> ilowe: great, just wannt u to know that I appreciate this.
[16:47] <mushroomblue> I think so.
[16:47] <ilowe> frojnd: you got it :)
[16:47] <mushroomblue> should ldap be before files?
[16:47] <mushroomblue> in nsswitch.conf?
[16:47] <mattt> yeah
[16:47] <mushroomblue> mmkay.
[16:51] <mattt> mushroomblue: when you installed libldap on the client, did you specify the ldap server correctly?
[16:51] <mushroomblue> it appears not.
[16:52] <mushroomblue> I haven't even gotten to clients yet.
[16:52] <mushroomblue> I'm still trying to get the server to auth.
[16:52] <mushroomblue> turns out, nss-ldap is spitting out a ton of errors on startup.
[16:52] <mushroomblue> apparently, ldaps//127.0.0.1 doesn't exist
[16:52] <mushroomblue> it's also trying to find these things long before slapd starts
[16:53] <mushroomblue> mattt: out of curiosity, did you just create a slapd.conf file?
[16:53] <mattt> mushroomblue: i'd start without the SSL stuff first, and then move on to that :/
[16:53] <mushroomblue> fair enough.
[16:54] <garchotron> hello
[16:54] <mattt> mushroomblue: nope, i had one in /etc/ldap, provided by the ldap server ... you don't have that file?
[16:54] <mattt> mushroomblue: the only thing i can't figure out is when you configure libldap, where it stores that info about the server (as my /etc/ldap/ldap.conf file on the client isn't updated)
[16:55] <garchotron> i'm having trouble using refresh-ims directive in squid refresh patterns in ubuntu server 8.04
[16:55] <garchotron> why isn't the directive supported?
[16:59] <cPF> is there anyone experiencing this issue? ctrl+c not interrupting processes and various zombies https://bugs.launchpad.net/ubuntu/+bug/402973
[17:00] <mattt> cPF: thankfully not :)
[17:00] <cPF> it's totally driving me nuts.. been like that for 2 months now
[17:03] <cPF> hmm, seems like i just found a duplicate bug getting more attention https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/407428
[17:03] <mushroomblue> matt: slapd.conf is deprecated as of 8.10. 9.04 uses cn=config by default.
[17:04] <mushroomblue> mattt: is it storing it in /etc/ldap/cn=config ?
[17:04] <mattt> mushroomblue: nope, al i have in there is a default ldap.conf file
[17:07] <kirkland> mathiaz: hey, you noticed that libcgroup was rejected too....
[17:07] <kirkland> mathiaz: i couldn't find any specific feedback, or who did the rejection
[17:07] <kirkland> mathiaz: could you?
[17:08] <mathiaz> kirkland: hm - no. I usually don't know why it has been rejected.
[17:08] <mathiaz> kirkland: I just ask the AA of the day
[17:09] <ilowe> frojnd: will rtorrent work with latest repo libtorrent or does it depend on more recent versions?
[17:12] <mathiaz> kirkland: hm - the last karmic kernel update broke my karmic vms.
[17:12] <mathiaz> kirkland: the block device is not found anymore - have you heard of something similar
[17:12] <kirkland> mathiaz: hrm, not really
[17:13] <kirkland> mathiaz: dpkg -S `which kvm`
[17:13] <frojnd> ilowe: it needs more recent libraries
[17:13] <frojnd> ilowe: but to tell you the truth I don't know which ones since I have a mess here
[17:13] <mathiaz> kirkland: kvm
[17:13] <mathiaz> kirkland: the host is running hardy
[17:13] <frojnd> ilowe: I would need someone that can fix my problems.. becouse to tell you the truth  I don't know where to begin
[17:14] <frojnd> ilowe: I can give you sudo user and you can fix it
[17:14] <mathiaz> kirkland: is was working correctly until today when I saw a kernel upgrade
[17:14] <ilowe> frojnd: LOL.... that's a little familiar for a first date
[17:14] <kirkland> mathiaz: interesting;  hardy kernel too?
[17:14] <frojnd> ilowe: under screen x :)
[17:14] <kirkland> mathiaz: and your host is using the kvm-84 dkms module?
[17:14] <kirkland> mathiaz: so the problem is clearly in the karmic guest?
[17:15] <mathiaz> kirkland: kvm on the host: 1:84+dfsg-0ubuntu12.1~rc5ppa1
[17:15] <mathiaz> kirkland: yes - I think so
[17:16] <mathiaz> kirkland: my first guess is that virtio block device are no longer recognized by the kernel
[17:16] <mathiaz> kirkland: the guest is running karmic
[17:16] <kirkland> mathiaz: interesting ... the latest kernel busted my desktop too
[17:16] <kirkland> mathiaz: something about crypto swap it doesn't like
[17:17] <mathiaz> kirkland: hm - block device related too?
[17:17] <kirkland> mathiaz: maybe so...
[17:17] <kirkland> mathiaz: can you confirm that booting the older kernel allows you to boot?
[17:17] <kirkland> jbernard__: ping
[17:18] <mathiaz> kirkland: it was working correctly yesterday  - let me try with an old kernel
[17:19] <lssd> hello guys! I just setup my ubuntu 64bit server as following: 2 disk 160each same partiotions.. 1 20gb 1 1gb 139gb rest ...the first 2 x20gb made md0 and they are / filesystem the other 2x139 are lvm and the 2x1gb swap... Is there a way to check they work properly ?
[17:19] <mathiaz> kirkland: yes - it works
[17:20] <mathiaz> kirkland: 2.6.31-6-server works
[17:20] <mathiaz> kirkland: 2.6.31-6-server boots
[17:20] <lssd> i ask because i think when i first booted it gave me an error :(
[17:22] <lssd> is there a way to check my server errors during booting ?
[17:23] <kirkland> mathiaz: let's talk to rtg in -devel
[17:23] <mathiaz> kirkland: right - I won't have so much time to debug this today though
[17:24] <mathiaz> kirkland: I need my karmic vms working correctly for package testing before FF
[17:24] <kirkland> mathiaz: right, i'm very swamped as well
[17:24] <kirkland> mathiaz: we need the kernel team to get -7 into shape
[17:26] <ilowe> frojnd: you still with me?
[17:27] <garchotron> i tried to use reload-ims with the default squid (oooooold 2.6) in 8.04 -- to no avail, since it is not implemented in that version. now i've installed a "squid3" package from the official repos, and it seems to work with my previous config. It hasn't replaced squid2 tho...should i uninstall it? or expect any problems?
[17:27] <kirkland> mathiaz: one more question ....
[17:27] <kirkland> mathiaz: can you try booting with -7 kernel, and virtio off?
[17:27] <kirkland> mathiaz: to see if it's a virtio problem specifically?
[17:31] <garymc> anyone know the command to uninstall?
[17:31] <garymc> Im trying to uninstall or remove twinkle from the server
[17:31] <garymc> i tried sudo remove twinkle
[17:31] <garymc> it doesnt work
[17:31] <virtualdisaster> garymc, sudo apt-get remove twinkle
[17:32] <garymc> thanks
[17:32] <virtualdisaster> garymc, i suggest you consult the handbook on items such as this
[17:32] <garymc> ok sorry
[17:32] <virtualdisaster> garymc, no biggie we all are learning :P
[17:32] <virtualdisaster> i just learned how to "pin" packages
[17:32] <garymc> :)
[17:35] <frojnd> ilowe: yes still with u
[17:36] <frojnd> ilowe: I just went out to check on workers...
[17:36] <ilowe> frojnd: OK, I have a bunch of debs for you
[17:36] <frojnd> ilowe: can't wait :)
[17:36] <ilowe> frojnd: where can I put them?
[17:36] <frojnd> ilowe: rapidshare, firewire, u can put em on my server via ssh
[17:37] <ilowe> frojnd: ssh is cool
[17:37] <frojnd> ilowe: ok let me create user for ya
[17:37] <mathiaz> kirkland: I'll give it a try later today
[17:39] <cjwatson> cPF: I intend to look into that, but only in a few days once I've done the feature work I have to get done first for karmic
[17:41] <cPF> cjwatson: nice to know.. but just guess what, it started working normally after aptitude reinstall openssh-server :o
[17:42] <cjwatson> thanks for erasing the evidence ;-)
[17:43] <josephpiche> I was wondering if could have someone look at ubuntu bug 396632. I filed it because I feel like I should be able to run `service lighttpd status` as an unprivileged user since I can run `service mysql status` unprivileged, but I'm not familiar enough with init scripts to know what to do
[17:43] <cPF> maybe i'll reboot and see what happens
[17:43] <cjwatson> *shrug* don't worry too much, I'm not going to be able to investigate today anyway and there's already a bunch of information on the bug
[17:43] <cPF> i had it go away for a while in the past too
[17:44] <thefish> anyone know the difference between an IDC insertion tool and a punchdown tool?
[17:44] <cPF> but last time i thought it was related to bash or pam upgrades
[17:44] <cjwatson> entirely possible
[17:44] <cjwatson> it'll be something to do with the precise nature of the environment in which the daemon is started
[17:45] <cjwatson> restarting the daemon in a different environment will make it go away
[17:46] <cPF> i checked the signalmask bits before the miracle happened (as shown in the bug info) but they were all zeroes, as they should be
[17:46] <cPF> hmm, that could be it
 well I got my machines racked and powered, I'm setting up the cloud/cluster controller now and will be setting up the node controllers shortly. Now just awaiting the networking folks to tell me how to lay out my private network and bridge and we'll be ready to start testing the cloud at Auburn University!
[17:53] <aubre> hoping to help test and help debug the karmic UEC instances
[17:55] <kinnaz> pacemaker ?
[17:55] <kinnaz> or whats controlling them
[17:56] <aubre> they aren't up just yet, I'm going to try a few things, maybe RightScale, Cohesive
[17:56] <aubre> maybe I should look at pacemaker
[17:57] <aubre> I'm formatting 1.5 tb of disk space so I am taking a lunch break
[18:00] <cPF> cjwatson: it works after reboot no matter what i do... crazy
[18:00] <cjwatson> cPF: sure, it's probably the automatic restart from networkmanager when new interfaces appear
[18:00] <cjwatson> I doubt you needed to reinstall - just restarting the daemon from a console (not an ssh session) should have done the trick
[18:01] <cPF> hmm, launcing pptp vpn shouldn't trigger that?
[18:02] <cjwatson> dunno tbh, sorry, no time to look now.
[18:07] <cPF> ok, vpn doesn't seem to make a difference... i'm now pretty confident it's fixed by the reinstall
[18:38] <rtg_> kirkland, 'sudo ecryptfs-setup-swap' gets me 'ERROR: Please'. Perhaps it should be "Please sir, may I have another?"
[18:39] <rtg_> clean A4 install with full upgrade
[18:41] <kirkland> rtg_: hrm
[18:41] <kirkland> rtg_: it should say:
[18:42] <kirkland> rtg_: Please install cryptsetup
[18:42] <rtg_> kirkland, how come its not a depends?
[18:43] <rtg_> rtg@xps1330:~$ sudo ecryptfs-setup-swap
[18:43] <rtg_> dm_task_set_name: Device /dev/sda5 not found
[18:43] <rtg_> Command failed
[18:44] <rtg_> kind of scary.
[18:53] <kirkland> rtg_: do you not have a /dev/sda5 ?
[18:53] <kirkland> rtg_: it's not a Depends because ecryptfs doesn't actually depend on you having encrypted swap
[18:53] <kirkland> rtg_: merely strongly recommended
[18:54] <kirkland> rtg_: though, I think you're probably right ... I could probably, at this point, depend on it
[18:54] <kirkland> rtg_: when the error message prints correctly, it should tell you exactly what you need to install to get it working
[18:54] <rtg_> kirkland, it does have a /dev/sda5, and its marked as a swap partition.
[18:54] <kirkland> rtg_: cat /proc/swaps
[18:55] <rtg_> kirkland, nothing in it, but I answered yes to 'Do you want to proceed with encrypting your swap? [y/N]: y', and its been running awhile now.
[18:55] <rtg_> INFO: Setting
[18:55] <rtg_> WARNING: Commented out your unencrypted swap from /etc/fstab
[18:55] <rtg_>  * Stopping remaining crypto disks...                                                                                  * cryptswap1 (stopped)...                                                                                     [ OK ]
[18:55] <rtg_>  * Starting remaining crypto disks...                                                                                  * cryptswap1 (starting)
[18:56] <kirkland> rtg_: right, i'm hanging there too
[18:56] <kirkland> rtg_: only with the -7 kernel
[18:56] <rtg_> kirkland, hmm, this is with a 2.6.31-7 kernel.
[18:56] <kirkland> rtg_: with the -6 kernel, it starts fine
[18:58] <kirkland> rtg_: let me strace that
[18:58] <kirkland> rtg_: anything in dmesg interesting while you're hanging at *starting*
[18:59] <rtg_> kirkland, just complaints about the various encryption engines no starting.
[18:59] <kirkland> rtg_: still think those are red herrings ?
[18:59] <rtg_> kirkland, yeah, but I'm gonna have to prove it.
[19:01] <kirkland> rtg_: if you reboot at this point, you will hang there, waiting for cryptdisks to finish
[19:01] <rtg_> kirkland, think I'll go get some brain food before wrecking this thing.
[19:04] <kirkland> rtg_: it's hanging on the cryptsetup call
[19:04] <kirkland> rtg_: i'll try to get an strace
[19:09] <SockPants> hello
[19:09] <SockPants> i have an older machinet to which i can't connect a cd-drive or external harddrive, and wont boot from USB.
[19:09] <giovani> SockPants: ok, so?
[19:09] <sgsax> SockPants: got a floppy drive?
[19:10] <giovani> PXE boot, or floppy
[19:10] <SockPants> i installed ubuntu server 8.04 on a virtual machine on my mac, and copied the virtual drive to the older machine's internal drive using a usb adapter and DD
[19:10] <giovani> it has to have ONE of the above
[19:10] <SockPants> that seems to work
[19:10] <SockPants> the system boots
[19:10] <SockPants> but now it doesn't detect the computers NIC
[19:10] <giovani> yeah, I wouldn't have done that
[19:10] <SockPants> is there any way i can make it re-scan stuff like that
[19:11] <SockPants> its the only thing that really matters, the rest seems to work already
[19:14] <SockPants> its listed in lspci
[19:14] <SockPants> i just dont know how to make it work
[19:15] <giovani> SockPants: do you know that it's a supported chipset?
[19:15] <giovani> i.e. what's the driver that it should be using?
[19:15] <SockPants> ummm
[19:15] <SockPants> its a 3com 3c905c-tx/tx-m
[19:16] <giovani> umm ... find the driver name
[19:16] <SockPants> "Works fine with the standard 3c59x kernel driver
[19:16] <SockPants> "
[19:16] <giovani> ok, so try modprobing that drive
[19:16] <giovani> driver
[19:16] <giovani> and see if it works
[19:20] <SockPants> so
[19:21] <SockPants> in modprobe
[19:21] <SockPants> it lists the 3c59x.ko
[19:22] <sgsax> SockPants: that's right
[19:22] <sgsax> now you should be able to do "ifconfig -a" and see eth0 listed
[19:22] <sgsax> it's probably not configured, but should be listed
[19:22] <kirkland> rtg_: do you see any crypt changes in the diff between -6 and -7
[19:23] <rtg_> kirkland, I surveyed commits yesterday, but none (of the several hundred) lept out at me.
[19:23] <SockPants> it lists eth1
[19:23] <SockPants> and lo
[19:23] <SockPants> but no eth0
[19:23] <SockPants> that would probably be the virtual one then
[19:24] <SockPants> that isnt present now
[19:24] <SockPants> right?
[19:24] <kirkland> rtg_: is it worth building a few and bisecting?
[19:24] <sgsax> ok, so udev has probably reserved eth0 for whatever was in the box you copied the drive image from
[19:24] <SockPants> ok
[19:24] <sgsax> you need to edit /etc/udev/rules.d/70-persistent-net.rules
[19:24] <rtg_> kirkland, well, I'm starting to look at the code a bit. kcryptd seems to be active, so I wanna figure out what its doing
[19:24] <sgsax> remove any lines referring to the old interface
[19:25] <sgsax> then when you reboot, udev should discover the new card and update that file for you
[19:25] <kirkland> rtg_: k
[19:25] <rtg_> kirkland, cryptsetup is running 100%, so its likely something there.
[19:25] <kirkland> rtg_: you can strace -p $PID to see what it's doing
[19:26] <sgsax> alternative to a full reboot, restarting the udev service may be sufficient, but I cant' say for sure
[19:26] <SockPants> ok, i'll reboot and see
[19:27] <SockPants> there was already a line for the other nic in that file though
[19:27] <SockPants> should i have deleted that too?
[19:27] <sgsax> yeah, it was probably eth1
[19:27] <SockPants> yeah
[19:27] <SockPants> should i have deleted both or kept the eth1
[19:28] <sgsax> you can probably just change it to eth0, but you'll have to either reboot again, or probably just "rmmod 3c59x" and "modprobe 3c59x" again
[19:32] <SockPants> and all is good
[19:32] <SockPants> :D thanks
[19:32] <SockPants> now, how can i change the system time
[19:35] <SockPants> oh, no need
[19:35] <SockPants> haha, anyway, great :)
[19:36] <guntbert> SockPants: have you seen https://help.ubuntu.com/9.04/serverguide/C/NTP.html ?
[19:36] <guntbert> and he left... :-)
[19:36] <sgsax> giovani: sorry if I stomped on you there, I just jumped in without looking at the scrollback
[19:49] <kirkland> mathiaz: fyi, i can boot karmic guest on virtio okay
[19:49] <kirkland> mathiaz: using kvm directly (no libvirt)
[19:50] <giovani> sgsax: not at all -- I come and go -- being at work and such -- I appreciate the assistance :)
[19:54] <soren> kirkland, mathiaz: What's the problem you're discussing?
[19:55] <mathiaz> soren: after upgrading to 2.6.31-7 today my vms no longer boot
[19:56] <mathiaz> soren: the block device is not recognized by the kernel anymore
[19:56] <soren> mathiaz: In the guest?
[19:56] <mathiaz> soren: yes
[19:56] <soren> mathiaz: How far do you get?
[19:56] <mathiaz> soren: booting the guest with 2.6.31-6 works correclty
[19:56] <mathiaz> soren: I get dropped to the ramdisk
[19:57] <mathiaz> soren: with a message stating that /dev/by-uuid/kXXXX is not found
[19:57] <kirkland> soren: i'm also having block device issues with the new -7 kernel, specifically encrypted swap is busted, won't boot
[19:58]  * soren looks around
[19:59] <soren> mathiaz: Which of the virtio modules do you have in the initramfs?
[19:59] <mathiaz> soren: how can I tell?
[19:59] <rtg_> soren, kirkland: I'm installing mainline -rc7 just to make sure, then I'm gonna have to start bisecting (I think). It happens on bare metal as well.
[19:59] <soren> mathiaz: find /lib/modules/ -name 'virtio*'
[20:00] <kirkland> rtg_: yes, i saw it first on my laptop, bare metal
[20:01] <soren> device mapper problems?
[20:01] <mathiaz> soren: nothing
[20:01] <soren> mathiaz: Umm... Ok.
[20:02] <soren> mathiaz: There's your problem :)
[20:02] <mathiaz> soren: http://people.canonical.com/~mathiaz/karmic-2.6.31-7.fail.png
[20:03] <soren> mathiaz: uname -a
[20:04] <mathiaz> soren: refresh the image above
[20:05] <rtg_> kirkland, when you boot -rc7, do you get _any_ swap device?
[20:06] <kirkland> rtg_: it never finishes the boot
[20:06] <kirkland> rtg_: or drops to busybox
[20:06] <kirkland> rtg_: it just hangs on startup, trying to cryptsetup the device
[20:06] <soren> mathiaz: ta
[20:06] <soren> mathiaz: Is this a freshly installed system or an upgraded one?
[20:07] <rtg_> kirkland, I'm not getting a swap device on an unencrypted platform.
[20:07] <mathiaz> soren: upgraded one
[20:07] <soren> mathiaz: Alright.
[20:07] <kirkland> rtg_: do you have a swap partition?
[20:07] <mathiaz> soren: 2.6.31-6 is booting correctly
[20:07] <kirkland> rtg_: a non-encrypted swap?
[20:07] <rtg_> kirkland, used to
[20:07] <rtg_> trying -rc6 next
[20:07] <kirkland> rtg_: right, ecryptfs-setup-swap converted your swap to be encrypted to protect your data
[20:07] <soren> mathiaz: Can you boot into the 2.6.31-6 and run a command for me?
[20:08] <mathiaz> soren: sure
[20:08] <kirkland> rtg_: if you want a non-encrypted swap, you'll need to comment out one line from /etc/fstab and /etc/cryptsetup
[20:08] <rtg_> kirkland, did that already
[20:08] <soren> mathiaz: find /lib/modules/2.6.31-{6,7}-* -name 'virtio*'
[20:08] <kirkland> rtg_: and then edit /etc/fstab, copying the line you commented out, and changing the mount point
[20:08] <kirkland> rtg_: to be the /dev/sda5 device, or whatever
[20:08] <kirkland> rtg_: you'll also need to mkswap /dev/sda5
[20:08] <kirkland> rtg_: and swapon /dev/sda5
[20:09] <kirkland> rtg_: after that, you should have swap in /proc/swaps
[20:09] <kirkland> rtg_: on reboot, then, you should have workign cleartext swap at boot
[20:09] <kirkland> rtg_: i think mkswap was the key bit you're missing
[20:09] <mathiaz> soren: http://paste.ubuntu.com/260002/
[20:10] <mathiaz> soren: seems like the virtio modules are not included in -7
[20:10] <soren> mathiaz: Seems like it. i386 or amd64?
[20:10] <soren> amd64.
[20:10] <mathiaz> soren: amd64
[20:12] <rtg_> mathiaz, debian.master/config/config.common.ubuntu:CONFIG_VIRTIO_BLK=m. I wonder where they all went?
[20:13] <soren> The build log also says it's there.
[20:14] <rtg_> soren, I have it in the generic image, just about to look in -server
[20:15] <soren> I'm looking at the build logs from launchpad.
[20:15] <rtg_> /lib/modules/2.6.31-7-server/kernel/drivers/block/virtio_blk.ko
[20:15] <soren> the virtio modules are clearly listed as included in linux-image-2.6.31-7-server_2.6.31-7.27_amd64.deb:.
[20:16] <soren> mathiaz: Oh!
[20:16] <soren> Hang on, I have a hunch.
[20:16] <soren> Yes, got it.
[20:16] <camilojd> Hello all..  anyone knows how is the best way to install postgresql 8.2 on jaunty server? i cannot use my app with 8.3
[20:16] <soren> You guys are using the -virtual kernel, not the -server one.
[20:16] <mathiaz> soren: yes
[20:17] <soren> *That
[20:17] <soren> * image does not have the virtio modules anymore.
[20:17] <rtg_> ah, did I drop some stuff from virt?
[20:17] <soren> rtg_: Lots of stuff, apparantly.
[20:17] <rtg_> soren, it must have moved
[20:18] <soren> rtg_: It doesn't look like it.
[20:18] <soren> You said:
[20:18] <soren> /lib/modules/2.6.31-7-server/kernel/drivers/block/virtio_blk.ko
[20:18] <soren> I have:
[20:18] <soren> /lib/modules/2.6.31-6-generic/kernel/drivers/block/virtio_blk.ko
[20:19] <rtg_> soren, digging...
[20:20] <camilojd> Jaunty server ships with PostgreSQL 8.3, which breaks my application. How is the best way to replace it with 8.2?
[20:22] <soren> rtg_: Found it.
[20:23] <rtg_> soren, wtf ?
[20:23] <rtg_> my local builds are fine.
[20:23] <soren> rtg_: ata_generic no longer exists.
[20:23] <soren> rtg_: ...so it bails out when it gets to that one.
[20:23] <soren> (it's explicitly listed in virtual.list)
[20:24] <rtg_> soren, why on the buildd and not locally?
[20:24] <soren> rtg_: Do you have build logs?
[20:24] <Daviey> camilojd: use Ubuntu Hardy server
[20:24] <rtg_> soren, no, but I can re-run a build quickly enough and make some logs
[20:24] <soren> rtg_: Really? Launchpad takes three hours to do it :)
[20:25] <rtg_> soren, 10-15 minutes
[20:25] <soren> s/Launchpad/the buildds/
[20:25] <soren> What's your secret?
[20:25] <rtg_> sodual quad core nehalem w/18GB RAM
[20:25] <rtg_> soren, ^^
[20:25] <soren> So no cheating involved? No ccache or something?
[20:25] <camilojd> Daviey, isn't a better way? Like, recompile from sources?... I don't want to trash someone else's job on the server..
[20:26] <rtg_> soren, well, of course I'm using ccache. Its much faster the 2nd time though
[20:26] <soren> rtg_: Wow.
[20:26] <soren> Well, let's seem those build logs, then :)
[20:27] <soren> -m
[20:27] <camilojd> Daviey, what´s the "ubuntu way" to build and install from source?
[20:27] <rtg_> soren, ok, build started. I'll see what I kind find.
[20:27] <soren> rtg_: You don't have a stale ata_generic.ko lying around or something, do you?
[20:27] <Daviey> camilojd: well sure, but it's already in Hardy - which is also an LTS..  Sure you could try and bring the old version into Jaunty.. but then you ave the burden of maintaining it yourself.
[20:27] <rtg_> soren, I typically scrub and re-clone
[20:28] <soren> Yeah, I figured. *shrug*
[20:28] <camilojd> Daviey, yeah i understand. Gotta go back to Hardy LTS then :-(
[20:29] <guntbert> camilojd: not exactly what you asked for: but you could have a look at http://www.postgresql.org/docs/8.3/static/release-8-3.html to see why it breaks your app - and the change the app ...
[20:29] <guntbert> *then
[20:30] <camilojd> guntbert: that looks interesting. I'll check it out!
[20:30] <soren> rtg_: I totally understand why it fails. I completely don't understand why -6 didn't.
[20:31] <guntbert> camilojd: good luck :-)
[20:34] <rtg_> soren, it doesn't look like it stopped, even though it couldn't find drivers/ata/ata_generic.ko
[20:35]  * soren has a hunch
[20:37] <soren> rtg_: Is your system completely up-to-date?
[20:37] <rtg_> soren, as of this morning
[20:38] <soren> rtg_: Which version of bash?
[20:38] <rtg_> GNU bash, version 4.0.28(1)-release (x86_64-pc-linux-gnu)
[20:38] <soren> New bash was uploaded the day before yesterday. This is in the changelog:
[20:38] <soren> l.  Changed behavior of shell when -e option is in effect to reflect consensus of Posix shell standardization working group.
[20:38] <soren> Are you bulding in an sbuild or something?
[20:39] <rtg_> soren, I should have thought of that. I found a find-utils bug early in the karmic cycle that took days to spot.
[20:39] <soren> rtg_: I remember :)
[20:39] <soren> rtg_: This time, though, it seems to be an intended change.
[20:40] <rtg_> soren, I'm building in a straight chroot with dbuild
[20:40] <soren> rtg_: And is /that/ completely up-to-date?
[20:40] <rtg_> lemme check that the chroots are up to date
[20:40] <soren> New bash on the 24th.
[20:41] <rtg_> soren, check this out: GNU bash, version 3.2.48(1)-release (x86_64-pc-linux-gnu)
[20:41] <soren> There were go.
[20:41] <rtg_> thats my chroot version
[20:41] <soren> There /we/ go, I mean.
[20:41] <rtg_> ok, I'll update and see what happens.
[20:41] <soren> I'm sure it'll fail. It makes sense :)
[20:41] <soren> There's a non-zero return code in a subshell of a shell with -e enabled.
[20:42] <rtg_> soren, thats a theory, or you have spotted it?
[20:43] <soren> I've spotted it.
[20:43] <soren> 20 minutes ago :)
[20:43] <rtg_> in scripts/sub-flavour
[20:43] <soren> The sub-flavour script has -e enabled. It fails ..
[20:43] <soren> right.
[20:43] <soren> ..to find ata_generic in a subshell.
[20:43] <rtg_> remind me what -e does?
[20:44] <soren> It bails out if anything has a non-zero return code.
[20:44] <rtg_> I don't think thats what I want in this case.
[20:44] <soren> Perhaps.
[20:44] <soren> Well...
[20:44] <soren> I guess what you really want is for the entire build to fail if this fails.
[20:45] <soren> ...so that you'll notice that the module list is out of date.
[20:45]  * soren takes a half hour break
[20:45] <rtg_> soren, I guess thats fine too. why doesn't the make bail out?
[20:46] <ewook> soren: in the middle of the night? :)
[21:06] <martinjh99> How do I stop denyhosts from denying 192.168.0.0/24 ip addresses and how do I get into my server again..?
[21:07] <KillMeNow> ummm console?
[21:07] <sgsax> martinjh99: login as a different user
[21:07] <sgsax> denyhosts blocks per IP *and* userid
[21:07] <martinjh99> Killmenow I might have to do that
[21:08] <KillMeNow> sgsax, i think he just did a block deny on class C IP range
[21:08] <sgsax> then you have to delete lines from the denyhosts database files
[21:08] <KillMeNow> which locks anyone from that IP subnet
[21:08] <sgsax> didn't even realize you could do that, I just use it to block brute-force ssh attacks
[21:08] <martinjh99> Killmenow got a report saying it just blocked my local network desktop ip 192.168.1.2
[21:09] <martinjh99> I want to stop it from denying those ips...
[21:09] <aubre> I have a dhcp server, its clients don't seem to be able to talk to the outside world
[21:10] <KillMeNow> aubre:  did you set the router option in DHCP?
[21:11] <sgsax> martinjh99: I can tell you what to do if it was a dynamic block, but if you specified a block on all IPs in that subnet (as KillMeNow suggested), you'll have to undo the setting somehow
[21:11] <martinjh99> sax its only blocked 192.168.1.2 - Found a page that tells me I can keep denyhosts from blocking it by putting that ip in hosts.allow
[21:12] <sgsax> that's fine, but you'll still need to remove it from the current database files
[21:12] <sgsax> and hosts.deny
[21:12] <martinjh99> thats what I'm going to do... Which other denyhosts files are there?
[21:13] <sgsax> default work dir is /var/lib/denyhosts
[21:13] <sgsax> check in your denyhosts.conf to see if yours is in a different location
[21:14] <sgsax> remove any lines containing that IP in any files in the work dir
[21:14] <sgsax> be sure to stop the denyhosts service before making changes to these files
[21:14] <martinjh99> Thanks Sax :) Will do that tomorrow!
[21:14] <sgsax> have fun :)
[21:14] <martinjh99> I will...
[21:14] <martinjh99> :)
[21:15] <sgsax> I've written a script to do this, I can post it if you're interested
[21:15] <sgsax> ...or not
[21:17] <qman__> what setup do you use for blocking SSH brute force attempts?
[21:17] <qman__> I use iptables with the recent module to just slow them down
[21:19] <KillMeNow> yea, i use IPtables and a counter
[21:20] <KillMeNow> once it reaches X number of 22 connects, it locks them out for a while
[21:20] <KillMeNow> totally blacklists their IP address
[21:23] <qman__> I'd like to come up with something that blocked anyone who attempted to use "Administrator" or "root" or "test", etc., automatically
[21:23] <qman__> without a cron-based log parser
[21:25] <giovani> so you have two log-checking methods
[21:25] <giovani> either inode-notification, or a daemon
[21:25] <giovani> I don't know which fail2ban uses
[21:25] <giovani> I
[21:25] <giovani> I'd prefer to do it on the network level, rather than on the log level
[21:25] <giovani> but that's just met
[21:25] <giovani> me*
[21:27] <giovani> denyhosts is another option
[21:27] <giovani> ossec as well
[21:27] <qman__> I'm not much of a coder, so a daemon might be too much
[21:28] <qman__> but I'll look into inode notification
[21:28] <rtg_> kirkland, so mainline -rc7 seems to work with encrypted swap. the substantive change that has likely caused this is 'SAUCE: (drop after 2.6.31) Added KSM from mmotm-2009-08-20-19-18' which is a bit of a change from -rc6.
[21:28] <KillMeNow> i thought fail2ban parses the log file
[21:28] <qman__> I don't have the performance to spare for cron-based log parsing, so it's out of the question, but something that parsed it as it logs would work
[21:28] <kirkland> rtg_: okay, what does that patch do?
[21:29] <giovani> qman__: well inode notification just saves you the i/o load of checking the file every X (mili)seconds
[21:29] <giovani> I'm not sure why you think cron is a performance waster in and of itself
[21:29] <rtg_> kirkland, its the virtual machine shared memory patch, but it may also have some impact on crypto. I'm gonna revert that and see
[21:29] <qman__> well
[21:29] <giovani> a daemon will keep memory allocated, when a cronjob wouldn't
[21:29] <qman__> that's not what I meant, I meant that it has to reread the whole log
[21:29] <giovani> no it doesn't
[21:30] <giovani> only a fool would do that
[21:30] <qman__> that's where the problem is
[21:30] <giovani> that's unrelated to cron
[21:30] <giovani> and related to how the app is coded
[21:30] <kirkland> rtg_: cool, thanks
[21:30] <giovani> you shouldn't be reading the entire log
[21:30] <kirkland> rtg_: oh, duh
[21:30] <kirkland> rtg_: yeah, KSM, right
[21:30] <kirkland> rtg_: if we have to lose that one, i won't cry about
[21:31] <rtg_> kirkland, does KSM in -rc6 work?
[21:31] <kirkland> rtg_: good question, i haven't gotten around to it yet
[21:31] <rtg_> kirkland, lemme verify first
[21:32] <qman__> I just need something to intercept new entries like tail -f, only for a script, not to console output
[21:32] <giovani> qman__: no ...
[21:32] <giovani> tail -f is brutal on the disk
[21:32] <giovani> that's the opposite of clean and efficient
[21:33] <qman__> regardless of how it collects it, that's the data I need
[21:33] <giovani> heh
[21:34] <giovani> but you're very concerned about performance impact
[21:34] <giovani> so I'm discussing the issues to reduce it
[21:34] <qman__> yes
[21:34] <qman__> the system is very old and slow, so performance is important
[21:34] <kirkland> rtg_: i gotta run for a bit, will be back later
[21:34] <giovani> then consider doing this on the network level
[21:35] <rtg_> kirkland, me too, beer night.
[21:35] <kirkland> rtg_: oh, that's a lot more fun
[21:35] <rtg_> kirkland, biking, then beer.
[21:35] <qman__> I have no idea how to intercept that data at the network level, since SSH is encrypted
[21:37] <giovani> qman__: brute forces set up many different connections to SSH
[21:38] <giovani> most IDS/IPS have rules for X number of connections per timeframe from a single host
[21:38] <qman__> I already have that set up
[21:38] <giovani> then what's the problem?
[21:38] <qman__> I meant for triggering based on which usernames were used as well
[21:39] <giovani> I don't see the need for that
[21:39] <giovani> unless your system isn't catching a specific attack
[21:39] <giovani> in which case you might want to adjust its threshhold
[21:39] <qman__> well, it is catching them
[21:39] <qman__> but it's really just slowing them down
[21:39] <giovani> why isn't it stopping them? it should be blocking that IP at the firewall level
[21:39] <qman__> and, if for any reason my iptables gets flushed, the flood gates open
[21:39] <giovani> ... why are you flushing your iptables of your firewall?
[21:39] <giovani> that's bad
[21:40] <qman__> I'm not, but it's happened a few times
[21:40] <nuckable> hey everyone, im working on a little ion based ubuntu server, and id really like to put ubuntu server on a usb flash drive and make it boot to ram
[21:40] <giovani> alright, well, blocking a handful of countries (presuming you don't have a need to receive legit SSH connections from China, or Brazil, for example) will reduce a large percentage of the attacks
[21:40] <giovani> the rest are mitigated through brute force detection
[21:40] <nuckable> so i can fully use the hd space for the samba server
[21:40] <nuckable> is that possible/smart?
[21:41] <giovani> nuckable: that's a highly custom setup -- look into ramdisks
[21:41] <giovani> it's possible ... smart is another matter
[21:41] <nuckable> what speaks against it?
[21:41] <giovani> livecds work this way
[21:41] <giovani> it's messy to set up
[21:41] <giovani> it's not standard
[21:41] <nuckable> well sure its messy, but it stays after the initial setup
[21:41] <qman__> and without considerable work, it's not persistent
[21:41] <qman__> patching is difficult
[21:41] <giovani> right
[21:41] <nuckable> yeah, thats the biggest problem im having
[21:42] <giovani> this is not really a way to run a server
[21:42] <giovani> possibly an embedded device
[21:42] <nuckable> when it loads into ram theres gotta be a way to change the files on the usb flash drive
[21:42] <giovani> but not an active filesystem
[21:42] <giovani> nuckable: sure ... many liveusb distros do this
[21:42] <giovani> but it's complex
[21:42] <nuckable> i see
[21:42] <giovani> creating a rw filesystem for temp storage, and writing it back out to the ramdisk filesystem, etc
[21:42] <giovani> it's not something I'd ever do on a server
[21:42] <giovani> and it's not something we can really help you with here
[21:42] <giovani> it's highly custom -- and will take a lot of experimentation
[21:43] <nuckable> hmmmm
[21:43] <nuckable> well what would you recommend then?
[21:43] <qman__> if power consumption is the concern, low-capacity SSDs can be had reasonably cheap
[21:43] <giovani> not doing that ...
[21:43] <giovani> nuckable: what's the problem with keeping the OS on a disk?
[21:43] <nuckable> qman__, that sounds interesting
[21:43] <nuckable> for the ssd id need a pcie slot, or does pci work too?
[21:43] <giovani> what?
[21:43] <giovani> no, it's a drive
[21:43] <qman__> SSDs connect to regular drive interfaces
[21:44] <qman__> usually SATA
[21:44] <giovani> SATA
[21:44] <nuckable> oh :/
[21:44] <nuckable> well the mobo only got 4 sata slots
[21:44] <giovani> ...
[21:44] <giovani> that sounds like more than enough
[21:44] <nuckable> and id like to use it as a nas with extras
[21:44] <giovani> oh boy
[21:44] <giovani> another nas
[21:44] <qman__> a 32/64GB disk can usually be had for about $80, though prices may have changed since I last looked
[21:45] <qman__> does the board have IDE?
[21:45] <giovani> if you have a pci slot
[21:45] <nuckable> qman__, nope
[21:45] <giovani> you can add a sata controller
[21:45] <qman__> yeah
[21:45] <giovani> with many more ports
[21:45] <giovani> they can be had for cheap
[21:45] <giovani> $20
[21:45] <qman__> a four-port SATA controller, non-RAID, is about $40-60
[21:45] <nuckable> im eyeing for the nvidia ion board
[21:45] <qman__> more than four gets expensive
[21:45] <nuckable> cause its got very low power consumption due to the abscence of the intel chipset
[21:46] <qman__> your largest power usage is going to be the disks themselves
[21:46] <qman__> a SATA controller doesn't use much
[21:46] <giovani> why is the power consumption so critical?
[21:46] <nuckable> giovani, cause its gonna be running 24/7
[21:46] <giovani> I mean, tons of machines will run on 50-60W these days
[21:46] <giovani> sure ...
[21:46] <qman__> unless you're on battery, a sata controller is going to be neglegible
[21:46] <giovani> Ion is definitely not the *most* efficient
[21:47] <nuckable> qman__, its not the sata controller, more the case xD
[21:47] <giovani> the case uses no power
[21:47] <nuckable> giovani, but for the price it does the trick quite well
[21:47] <nuckable> giovani, i was referring to the problem being there aint that much room in the case xD
[21:47] <giovani> nuckable: well you can't have everything ...
[21:47] <qman__> sata controllers aren't that big
[21:48] <qman__> are you referring to space for disks?
[21:48] <giovani> disks are about 10x the space of PCI cards
[21:48] <nuckable> giovani, sure, at least i can try to get as good as possible no? =)
[21:48] <giovani> nuckable: but you're being unrealistic
[21:48] <nuckable> qman__, yup
[21:48]  * virtualdisaster tries to remember the name of that ubuntu book that is free
[21:48] <nuckable> giovani, so far i havent even decided anything, im just evaluating possibilities
[21:48] <qman__> look into 2.5" hard drive sthen
[21:48] <giovani> ok
[21:48] <nuckable> so i cant be unrealistic yet xD
[21:48] <qman__> you can fit a ton of them in the space
[21:48] <giovani> qman__: not for a NAS ...
[21:49] <giovani> clearly he's trying to maximize disk space
[21:49] <giovani> for the NAS storage
[21:49] <nuckable> exactly
[21:49] <nuckable> 4 drives with as much space as possible
[21:49] <giovani> so don't use such a tiny case
[21:49] <qman__> yeah
[21:49] <giovani> you need enough space for the system
[21:49] <giovani> a SSD is small
[21:49] <qman__> you need a bigger case
[21:49] <giovani> as is a PCI card
[21:49] <nuckable> true
[21:49] <nuckable> im gonna have to recheck if the ion has a pci slot
[21:49] <giovani> you can fit both in less space than you can a single 3.5" HD
[21:49] <qman__> my file server is a large mid-tower
[21:49] <nuckable> cause afaik it only has pcie
[21:49] <giovani> nvidia ion is a chipset
[21:49] <giovani> not a board
[21:50] <nuckable> the boards name is ion something
[21:50] <qman__> PCI or PCIe is irrelevant
[21:50] <qman__> you can get controllers in either
[21:50] <qman__> for roughly the same price
[21:50] <qman__> you just need to know which you have
[21:51] <qman__> also
[21:51] <qman__> make sure you're providing adequate cooling for the hard drives
[21:51] <qman__> they don't need much, but if you're not getting any air through, they will have a considerably shorter life
[21:51] <giovani> heh
[21:51] <giovani> that's debatable
[21:52] <giovani> HDs have no air intakes at all
[21:52] <giovani> heat is not an issue for most drives
[21:52] <giovani> vibration is
[21:52] <giovani> unless the heat you're talking about is 110+F
[21:52] <qman__> it also depends on the drives
[21:52] <nuckable> yeah im not penny-pinching with the hdd themselves
[21:52] <qman__> in my experience, WD drives run very hot
[21:52] <giovani> nuckable: this has nothing to do with drive costs
[21:53] <qman__> this is about case airflow
[21:53] <qman__> small cases tend to not have any
[21:53] <nuckable> true
[21:53] <nuckable> i guess a midi tower wouldnt hurt
[21:53] <giovani> chenbro
[21:53] <giovani> makes a really nice NAS case
[21:53]  * nuckable looks it up
[21:53] <qman__> I have some 250GB WD drives that have gotten to 50C before I installed more fans
[21:53] <nuckable> qman__, but in general would you recommend wd?
[21:54] <qman__> I like seagate
[21:54] <nuckable> cause so far i had no problems with wd drives
[21:54] <giovani> segates are awesome
[21:54] <giovani> I've hated WDs I've owned
[21:54] <nuckable> i already had 2 seagates failing on me
[21:54] <nuckable> during the years
[21:54] <giovani> http://usa.chenbro.com/corporatesite/products_detail.php?sku=78
[21:54] <giovani> there's the 4-drive case
[21:55] <giovani> they have 2-drive cases as well
[21:55] <bptk421> Has anyone tried WD's Green drives for a NAS?
[21:55] <giovani> bptk421: they're awful, stay away
[21:55] <giovani> green drives are very low-end
[21:55] <bptk421> In what way?
[21:55] <qman__> yeah
[21:55] <giovani> in that we've had 50% of them fail in our fileserver
[21:55] <giovani> over a 6 month period
[21:55] <bptk421> ouch
[21:55] <giovani> (24-drive fileserver)
[21:55] <qman__> I would never buy a drive marketed that way
[21:55] <qman__> performance and reliability are more important
[21:55] <giovani> green drives are the lowest-end for WD
[21:55] <nuckable> giovani, problem with that case is i wont be able to fit an ssd in it
[21:55] <giovani> they're appropriate for grandma's internet machine
[21:56] <giovani> nuckable: ... that's not true
[21:56] <giovani> SSDs are small
[21:56] <giovani> you can velcro it to the side of the case
[21:56] <giovani> that's what I do
[21:56] <nuckable> velcro?
[21:56] <soren> rtg_: Did you find an answer to your question, or do you want me to look?
[21:56] <giovani> yes ... velcro
[21:56] <nuckable> (sorry not english native)
[21:56] <giovani> they're light and small
[21:56] <giovani> google it
[21:56] <qman__> velcro, double sided tape, even drill your own mounting holes
[21:57] <qman__> not up for a little modding?
[21:57] <nuckable> oh lol
[21:57] <giovani> velcro is the most portable imo
[21:57] <rtg_> soren, which question? I found taht the KSM patches in -rc7 are scrogging encrypted swap.
[21:57] <nuckable> the stuff children use to fasten their shoes
[21:57] <nuckable> xD
[21:57] <giovani> easy to take the drive out
[21:57] <qman__> yeah
[21:57] <giovani> nuckable: yes, it's awesome stuff
[21:57] <nuckable> hehe
[21:57] <soren> rtg_: Why make doesn't bail out.
[21:57] <qman__> velcro is a good idea, since SSDs don't care about shock or heat
[21:57] <giovani> exactly
[21:57] <giovani> and they're light
[21:57] <soren> rtg_: KSM break encrypted swap? Sounds like fun.
[21:57] <rtg_> soren, dunno yet, I'll have to get back to that question later tonight.
[21:58] <giovani> I put velcro in every server I build now
[21:58] <nuckable> im gonna have to cheak if chenbro is available in my area
[21:58] <giovani> and stick the SSD on it
[21:58] <soren> rtg_: Alright.
[21:58] <giovani> nuckable: in your area? no
[21:58] <giovani> you order online, from a reseller
[21:58] <rtg_> soren, I'm on a beer mission right now.
[21:58] <soren> rtg_: Sounds good. Wish I was too.
[21:58] <nuckable> giovani, nope its available
[21:58] <giovani> btw, nuckable
[21:58] <rtg_> soren, why are you up so late?
[21:58] <giovani> if you can only get a minipcie slot on your ion board
[21:58] <soren> rtg_: feature freeze
[21:58] <giovani> there are SSDs that fit into mini-pcie
[21:58] <soren> rtg_: It's not that late yet, really, though.
[21:59] <rtg_> 11P?
[21:59] <soren> rtg_: 11 PM is not unusually late.
[21:59] <sgsax> beer misson, I like that
[21:59] <rtg_> ah, well I'm usually done by 2P
[21:59] <sgsax> apt-get install beer
[21:59] <soren> rtg_: When do you start?
[21:59] <rtg_> 0600
[22:00] <soren> rtg_: Ah. I don't start until some time between 7 and 9.
[22:00] <rtg_> anyways, gots to go.
[22:00] <soren> rtg_: And most of my team is 6 hours behind, so if I want to work just a little bit with them...
[22:02] <nuckable> ok thank you very much giovani and qman__
[23:18] <gene420> good evening everyone, and would anyone be familar with setting up ubuntu snmp as a client .....I seem to need help with snmp.conf since snmpwalk works locally
[23:20] <virtualdisaster> gene420, make sure firewall allows snmp out etc, also man there is something you need to run to get it to work properly
[23:20] <virtualdisaster> there is a program to make messing snmp simpler but i cant recall atm
[23:23] <gene420> hmm I don't have a firewall open and I'm sure there is something missing since I don't see any netstat ports open 161 or services running for snmp
[23:24] <gene420> opps that open shouldn't be there...no firewall on the unit.....
[23:38] <gene420> fyi ahh here is the setup script to run snmpconf -g basic_setup
[23:53] <kirkland> ScottK: ping
[23:53] <kirkland> ScottK: i'm processing sync requests
[23:53] <kirkland> ScottK: i see a stack of yours for new packages from debian
[23:53] <kirkland> ScottK: new-source doesn't seem to know anything about these
[23:53] <kirkland> ScottK: do you know what's up?