/srv/irclogs.ubuntu.com/2009/10/22/#ubuntu-server.txt

uvirtbot	New bug: #457716 in libvirt (main) "apparmor denies save and restore" [High,Triaged] https://launchpad.net/bugs/457716	00:26
=== dendro-afk is now known as dendrobates
=== timburke_ is now known as timburke
=== crohakon\|afk is now known as crohakon
Alysum	hello - how can I insert the date time in my shell along with user@host? thanks	00:54
crohakon	So, I have ubuntu server edition installed on a spare box just to use as a sandbox. I have it set up with LAMP. Everything seems to be working just fine except that after a while the box freezes. Can't SSH in, can't access the websites... turn on the monitor connected to it and the login prompt is frozen. Any ideas on what can fix this? I highly doubt it is an over heating issue as my basement is cold and the report it sho	00:56
crohakon	uld when I log in does not show dangerous heat levels.	00:56
crohakon	I should also add that the box ran just fine without these problems with fedora	00:57
bdmurray	jdstrand: should bug 403215 be reopened?	00:58
uvirtbot	Launchpad bug 403215 in qemu "2.6.31 guest vm's unable to use virtio" [Medium,Fix committed] https://launchpad.net/bugs/403215	00:58
crohakon	Anyone?	01:00
vraa	anyone know of a good, friendly, multi-wan router? more for failover vs more bandwidth	01:03
smoser	kirkland, you uploaded ec2-init right?	01:11
mathiaz	smoser: I think so - https://launchpad.net/ubuntu/karmic/+queue?queue_state=1&queue_text=	01:13
mathiaz	smoser: It hasn't been accepted though	01:14
smoser	mathiaz, thanks i wasn't aware of this 'queue'.	01:14
mathiaz	smoser: https://launchpad.net/ubuntu/karmic/+queue	01:14
smoser	it has to be accepted by a release person ?	01:15
mathiaz	smoser: ^^ has the different types of queues	01:15
mathiaz	smoser: yes	01:15
crohakon	When I log into my server box it tells me I have x packages can be updated... how do I update them?	01:22
smackdaddy	i cannot figure out why i cant recieve mail on this server... i setup postfix and dovecot	01:42
smackdaddy	wont work	01:42
MTecknology	smackdaddy: error logs?	01:44
MTecknology	crohakon: sudo aptitude update && sudo aptitude full-upgrade	01:45
MTecknology	crohakon: you can use apt-get too	01:45
MTecknology	crohakon: or you can do "sudo aptitude" then the keys to update the same was are u U g g	01:46
smackdaddy	MT, how do i check those	01:48
MTecknology	smackdaddy: /var/log/	01:48
smackdaddy	mail.err is empty	01:50
MTecknology	how are you trying to send email to the local machine?	01:51
smackdaddy	from myyahoo account	01:53
smackdaddy	and gmail account	01:53
smackdaddy	im wondering if its ip hostname problem... idont know.. i used the ubuntu config website and followed all the steps.. did the test and it worked ..	01:55
smackdaddy	telnet IP 25	01:56
smackdaddy	all that	01:56
smackdaddy	worked'	01:56
MTecknology	you have it?	01:56
skuld	what web mail client would you all recommend?	01:56
MTecknology	make sure you have an MX record for the domain pointing at the server	01:56
MTecknology	skuld: I like claws-mail	01:56
skuld	is it easy to install for postfix/dovecot?	01:57
MTecknology	hm?	01:57
MTecknology	you mean mail server or mail client?	01:57
MTecknology	the mail client is independent from the server	01:58
skuld	I (think) I just got my dovecot and postfix email server working. now I want to install a web based email reader on my server too	01:58
MTecknology	oh	01:58
MTecknology	webmail	01:58
MTecknology	try roundcube or quirrelmail	01:58
smackdaddy	that might be part ofmyproblem.. how should the mx record look	01:58
smackdaddy	i have...	01:58
smackdaddy	IN MX 10 mail.example.com.	01:58
smackdaddy	IN MX 10 mail2.example.com.	01:58
MTecknology	whast's the domain name?	01:58
smackdaddy	in the forward file	01:58
smackdaddy	cconnectx.com	01:59
Pairadimesitty	hey folks, feeling helpful today? I've got my forum framed now by editing the forum php and css with my site info, and I'm linking to the forum page by having my homepage index.htm load it with php include	01:59
skuld	Pairadimesitty: hi!	01:59
crohakon	So, I have a website hosted by a webhosting company. Is there any benefit to upgrading my home account to a static IP and doing my own hosting?	01:59
smackdaddy	do i need a MX for just cconnectx.com with out the mail.*	01:59
Pairadimesitty	skuld: hi, thanks for before	01:59
MTecknology	skuld aside from the two, there's some really high-end tools out there - but don't expect any ease of use...	02:00
crohakon	it would cost me about +$10 a month	02:00
MTecknology	or installation*	02:00
skuld	crohakon: the benefits are in learning a new hobby.... and for that extra $5.00 a month or whatever, you can charge others rent-space on your server...when you'r ready	02:00
Pairadimesitty	and there is a tiny bit of css linked to the home page that makes the home button highlight when I'm on that page and go back to normal when I click anything inside. I love that.	02:00
skuld	MTecknology: I just need a basic email reader for the web	02:01
MTecknology	skuld: then you want one of those; my preference is roundcube since it's skinnable	02:01
MTecknology	they could both use heavy development	02:01
Pairadimesitty	my problem is that the forum doesn't request the cookie when I'm on the home page, so login and preferences dissapear there	02:01
Pairadimesitty	I have to click inside the forum for them to show up	02:02
skuld	Pairadimesitty: I thought of a possibility for your vertical...."framing" issue without using frames. It might be possible to use a <div> tag, but I haven't worked with it a whole lot to know if it would work correctly...if at all	02:02
Pairadimesitty	wow, cool	02:02
skuld	Pairadimesitty: you're using smf, right? you can just use <?php ssi_welcome; ?> (I think it is) and that will have your cookie info on your home page	02:03
crohakon	skuld; That was kind of my thoughts... once I get my sh*t down maybe offer cheap hosting to non-profits just to offset my internet costs.	02:03
skuld	MTecknology: cool, thanks. I'll look into that	02:03
MTecknology	smackdaddy: your DNS looks fine - but I can't connect to your system - so it's probably localhost only	02:03
Pairadimesitty	just add that line to the default page? that would rock if it was that easy, trying now	02:03
skuld	Pairadimesitty: You also need at the very top... <?php require ('forum/SSI.php'); ?> if I remember right, and assuming your forum is located in the 'forum' dir	02:04
Pairadimesitty	'tis indeed	02:05
skuld	that should be all you need. If the user is logged in, they will get the number of messages they have in PM, if not then a login dialog will show wherever you place that welcome code.	02:06
Pairadimesitty	both above the doctype?	02:06
skuld	there is an advanced option if you don't want to see the welcome text if logged in, you can use.... ssi_welcome('array')	02:06
skuld	you could try that...I usually work with PHP files only	02:07
skuld	brb	02:07
erichammond	kirkland: Any chance of getting "EC2" as one the primary options on your virtualization survey? Folks using EC2 don't really think of themselves as using Xen.	02:11
jdstrand	bdmurray: I'm not sure-- I wanted feedback from someone	02:14
=== freeflyi3g is now known as freeflying
smackdaddy	MTecknology cantconnect on what port?	02:18
MTecknology	25	02:18
crohakon	So, how can I install linux on a computer with no CD rom drive?	02:18
crohakon	also, no floppy	02:18
smackdaddy	yeah every time i try it says connecting to the wrong ip	02:18
MTecknology	smackdaddy: I tried with 24.155.117.48:25	02:19
MTecknology	smackdaddy: Can you connect to localhost:25 ?	02:19
Pairadimesitty	skuld: those seems to be calling something, but they throw up errors	02:20
smackdaddy	yes	02:20
smackdaddy	thats the correct public iptoo	02:20
smackdaddy	.48	02:20
MTecknology	it's likely smtp isn't listening for internal traffic	02:21
MTecknology	external*	02:22
smackdaddy	i cant send either	02:22
smackdaddy	tried emailing using user@IP	02:22
MTecknology	check firewall rules	02:22
smackdaddy	what config for smtp	02:22
MTecknology	if you have ufw enabled, etc	02:22
bdmurray	jdstrand: but if it is closed who will see it? ;-)	02:23
MTecknology	!info courier	02:23
ubottu	Package courier does not exist in jaunty	02:23
MTecknology	!info dovecot	02:23
ubottu	Package dovecot does not exist in jaunty	02:23
MTecknology	ubottu: -_-	02:23
MTecknology	OK	02:23
MTecknology	It'll be right around /etc/courier/	02:23
MTecknology	I don't have a mail server running to check	02:24
smackdaddy	no firewall	02:24
smackdaddy	its off	02:24
MTecknology	ufw?	02:24
smackdaddy	yea	02:24
MTecknology	any router?	02:24
smackdaddy	no	02:24
jdstrand	bdmurray: I figured that the subscribers would...	02:25
jdstrand	who seem to be kirkland and rtg iirc	02:25
MTecknology	smackdaddy: dpkg-recongigure postfix	02:25
smackdaddy	k	02:25
MTecknology	smackdaddy: that will let you specify who can connect	02:26
MTecknology	reboot tiem	02:26
bdmurray	jdstrand: I don't know I heard kirkland filters fix released e-mail ;-)	02:27
smackdaddy	after this reboot?	02:27
jdstrand	bdmurray: heh. maybe kirkland will notice how often we are saying kirkland	02:27
crohakon	Is there a command to check system temperature?	02:27
* jdstrand whispers bug #403215 into kirkland's ear		02:27
bdmurray	one can only hope	02:27
uvirtbot	Launchpad bug 403215 in qemu "2.6.31 guest vm's unable to use virtio" [Medium,Fix committed] https://launchpad.net/bugs/403215	02:27
smackdaddy	acpi -V or something	02:28
smackdaddy	croh	02:28
smackdaddy	MTecknology> on the part where it asks for all my domains do i need the TLD only, or mail.domain.com	02:29
MTecknology	smackdaddy: I'd do localhost, domain.com, mail.domain.com	02:30
smackdaddy	ok thanks	02:30
smackdaddy	should i force synchronous updates onmail queue?	02:31
MTecknology	it's up to you	02:31
smackdaddy	if its slower...	02:31
smackdaddy	no	02:31
smackdaddy	lol	02:32
MTecknology	personally - leave the majority set to defaults	02:32
smackdaddy	k	02:32
crohakon	smackdaddy; thanks	02:32
smackdaddy	np	02:32
smackdaddy	on the specify network blocks screen, just my public ip is all i need right.'	02:33
smackdaddy	or the 127.0.0.1	02:33
* smackdaddy needs ubuntu for retards		02:34
smackdaddy	:(	02:34
MTecknology	whatever is default	02:34
smackdaddy	it erasedsince last time i didit	02:35
smackdaddy	damn	02:35
MTecknology	the only thing you really need to worry about is where you selected who can use it	02:36
skuld	I'm back	02:36
smackdaddy	ah	02:36
MTecknology	It pulls all the defaults from the config	02:36
MTecknology	the existing config*	02:36
smackdaddy	ok its done	02:37
smackdaddy	letme try it out..	02:37
MTecknology	restart the service	02:37
smackdaddy	done.	02:38
MTecknology	I still can't connect	02:40
smackdaddy	me either	02:40
MTecknology	sudo ufw status	02:40
smackdaddy	im looking in master.cf	02:40
smackdaddy	ok ufw stats just lists the commands	02:41
MTecknology	sudo ufw status	02:41
smackdaddy	i did that	02:41
smackdaddy	same	02:41
MTecknology	STATUS	02:42
MTecknology	U	02:42
MTecknology	not stats	02:42
smackdaddy	lol	02:42
smackdaddy	inactive	02:42
smackdaddy	sorry	02:42
MTecknology	pastebing ifconfig	02:43
smackdaddy	whats that url	02:44
MTecknology	!pastebin	02:44
ubottu	pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic	02:44
MTecknology	there's a command I'm looking for - for the life of me I can't remember what it is	02:45
smackdaddy	pic	02:46
smackdaddy	?	02:46
smackdaddy	http://paste.ubuntu.com/298723/	02:46
MTecknology	I'm scanning your system - just fyi	02:47
smackdaddy	np	02:47
MTecknology	every single port - I want to at least see one of them filtered	02:47
MTecknology	is this a static ip on the system?	02:48
MTecknology	or is it sitting inside your house?	02:48
smackdaddy	no, im moving to static next week	02:48
smackdaddy	just want to get everything working athome first	02:48
MTecknology	oh..........	02:48
MTecknology	drop the project until next week	02:48
MTecknology	port 25, 80, and others are blocked until you get that	02:48
smackdaddy	mail wont work on dhcp?	02:48
MTecknology	99.999% of all ISP's block it	02:49
smackdaddy	ohmy web server ftp ssh works	02:49
MTecknology	port 80?	02:49
smackdaddy	ya	02:49
smackdaddy	apache2	02:49
smackdaddy	and vsftpd	02:49
smackdaddy	are working	02:49
MTecknology	ok - your isp doesn't do that then.. ok	02:49
MTecknology	there - 25/tcp filtered smtp	02:50
MTecknology	it's being blocked somewhere	02:50
MTecknology	your server, your isp, idk	02:50
smackdaddy	for my domain name, registered with netfirms.. i set a custom ns, ns.cconnectx.com, and made a A record for it, and setup bind9 also on this box...	02:50
smackdaddy	dns is working great	02:50
smackdaddy	web	02:51
smackdaddy	just not mail	02:51
smackdaddy	its wierd	02:51
MTecknology	something is blocking it..	02:51
smackdaddy	could be	02:51
smackdaddy	ill assume its them til next week	02:51
MTecknology	can another system inside the same subnet as the server get into the server?	02:51
smackdaddy	yes	02:52
MTecknology	then it's something on the server	02:52
MTecknology	pastebin main.cf	02:52
smackdaddy	http://paste.ubuntu.com/298726/	02:53
MTecknology	home_mailbox = Maildir/	02:54
MTecknology	It's not standard, but I usually to .mail/	02:55
smackdaddy	for users hom dir	02:55
smackdaddy	?	02:55
smackdaddy	mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0/24	02:56
smackdaddy	that part should have a public ip too?	02:56
=== timburke_ is now known as timburke
MTecknology	that .mail/ keeps it hidden from the user which seems to help against accidental deletion	02:57
MTecknology	smackdaddy: This is beyond what I have the time to debug for you..	02:59
MTecknology	smackdaddy: try in #postfix	02:59
MTecknology	Sorry I can't help you more	03:00
MTecknology	I gotta run	03:00
smackdaddy	no problem,thanks alot	03:00
uvirtbot	New bug: #457788 in php5 (main) "package php5-cli 5.2.6.dfsg.1-3ubuntu4.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/457788	03:06
kirkland	erichammond: hmm, ec2 made it on there in a few places.... we can't very well change it now that some people have answered the survey. but nijaba will be conducting a much more comprehensive survey soon. he can take that feedback into account	03:18
kirkland	smoser: yes, i did upload it. it's waiting for approval from the release team to be "accepted"	03:19
smoser	right. discussion of that in #ubuntu-release	03:19
kirkland	jdstrand: bdmurray: that's fix-released	03:20
kirkland	jdstrand: bdmurray: are you still having trouble with virtio?	03:20
kirkland	jdstrand: bdmurray: i'm using virtio across the board in karmic; very solid	03:20
Pairadimesitty	skuld:I gave up and switch to a redirect	03:29
=== nxvl_ is now known as nxvl
skuld	Pairadimesitty: what? LOL	03:32
Pairadimesitty	sorry, I mean this <meta HTTP-EQUIV="REFRESH" content="0; url=http://epicdatanet.co.cc/forum/">	03:34
Pairadimesitty	it lacks the handy home button alternate hilighting, and it's lazy, but I'm dumb so it'll have to do	03:35
skuld	ah. give it some time, you'll figure it out. :) I know what you want can be done	03:35
Pairadimesitty	the advice you gave only spat out errors, it seemed to reference things from the wrong paths or something	03:36
Pairadimesitty	though it was definately the right thing to do, I'm just missing something important	03:37
skuld	I don't have my php pages in front of me so I had to guess from memory	03:38
Pairadimesitty	how's your situation coming?	03:38
skuld	ugh!	03:39
Pairadimesitty	sounds lovely	03:39
Pairadimesitty	need a Reese's Cup?	03:39
skuld	why can't people who build email packages just set up by default to do the thing that people setting up the email servers want to do: send email from authenticated users on the server to anybody else inthe world?	03:40
skuld	I think I need a bag of those Dark Chocolate ones LOL	03:40
Pairadimesitty	I don't have any dark, sorry, I do have some Ghirardelli white chocolates with vanilla specks.	03:41
skuld	oooou :)	03:42
Pairadimesitty	just call me a romantic guy...	03:42
Pairadimesitty	it sounds better than glutton	03:42
Pairadimesitty	oh, I was changing the button hilight color of all the buttons and links in my forum theme from blue to my site's red shade, and I missed the bored navigation line	03:44
jdstrand	kirkland: yeah, we know it is fix released. I added a comment to it today because the default install failed for me today and it looked similar to that (see my last comment)	04:35
=== Jagged_ is now known as Jagged
=== RoAk is now known as RoAkSoAx
crohakon	What is cpanel?	05:41
twb	cpanel is basically a manage your (virtual?) server via a web UI.	05:41
twb	http://en.wikipedia.org/wiki/cPanel	05:42
crohakon	thanks	05:42
twb	e.g. "I can't fix that because I don't have ssh access, only cpanel"	05:42
crohakon	I see it is not free..	05:43
twb	Correct; it is a proprietary product.	05:43
crohakon	I am just looking for something to play around with so as to help me expand my knowledge. Not willing to pay for the education at the moment. =) broke.	05:44
crohakon	Know of an alternative?	05:44
twb	!RUTE	05:44
ubottu	documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com	05:44
twb	RUTE, and perhaps the Ubuntu admin guide, are the best resources I know of for learning more about Unix system administration in general.	05:45
crohakon	oh, no, I mean I am trying to learn how to set it up so I can host for others. Mostly friends and non-profits. But, still, just to learn how to do it.	05:46
twb	Web management isn't so much training wheels as it is a black box -- you do something via the UI and have no idea what is really happening under the hood.	05:46
twb	crohakon: you want to learn how to set up cpanel?	05:46
crohakon	Correct.	05:46
crohakon	OR something like it.	05:46
twb	We generally discourage web-based system administration here.	05:47
twb	FSVO here = in this channel.	05:47
crohakon	FSVO?	05:47
twb	Some FOSS solutions include ebox (which is supported for Ubuntu server) and webmin (which is definitely NOT supported).	05:47
twb	FSVO = For Some Value(s) Of	05:48
twb	Personally I have been extremely unimpressed with webmin and (what little I've seen of) ebox.	05:48
crohakon	Well, like I said, I only ask because I want to learn how to set the stuff up. Just to learn without having to fork out a lot of money to do so.	05:49
twb	I suppose you could steal a copy.	05:49
twb	Maybe cpanel also provides gratis temporary licenses.	05:50
crohakon	I suppose I could, but I try to remain as legal as possible.	05:50
twb	You could talk to the cpanel people about that.	05:50
crohakon	there is a 15 day test license for free.	05:50
crohakon	Anyway, it is bed time for me. Goodnight	05:50
crohakon	Thanks for the help.	05:50
=== crohakon is now known as crohakon\|zZz
MTecknology	holy crap - it was like at first the kernel .config was like 4,760 lines, and now it's like 2,576	05:56
MTecknology	and at first it was all like 3.8MB and now it's all like duuude (1.7MB)	05:57
MTecknology	then I wuz just like OMG! n like, omg we gotsta like make it smaller and like, ya no wut i meen?	05:58
twb	MTecknology: plonk	05:58
MTecknology	twb: :)	06:00
MTecknology	twb: I was confused. I couldn't figure out why you were in this channel... then I noticed what channel I'm in...	06:00
smackdaddy	how can i setup webmail for my server with postfix	06:02
MTecknology	smackdaddy: squirrelmail and roundcube are pretty common	06:02
smackdaddy	what 1 would you say is more userfriendly	06:04
MTecknology	personally, roundcube can be skinned easily enough - but squirrelmail is more expandable	06:05
MTecknology	personally I use google apps and use claws-mail - try them both and see what you like best	06:05
smackdaddy	ok cool	06:06
smackdaddy	during install i selected use landscape conicle.. do you know how to change that back to automatic update	06:07
MTecknology	not offhand	06:07
smackdaddy	ahcus it charges for landscape	06:07
smackdaddy	heh	06:07
syncrondi	Has anyone here installed OpenVZ on Jaunty?	06:09
syncrondi	Or any other nice alternative to jails	06:14
twb	I have used OpenVZ on Hardy.	06:16
twb	Someone else did the install, though.	06:17
syncrondi	twb: I understand it's a bit of a bear?	06:31
twb	OpenVZ blows.	06:32
syncrondi	Bad?	06:32
twb	I would not recommend it to anyone who can run KVM on 10.04	06:32
twb	OpenVZ is primarily useful if you need a very large number of VMs (like, hundreds or thousands), and you have no hardware virtualization support in your CPU.	06:32
syncrondi	I don't have physical access to my server at the moment	06:33
syncrondi	So a lower-level type of virtualization is out of the question	06:33
syncrondi	And I just need a couple VMs	06:34
twb	Running VMs in a VM is not going to work well	06:35
twb	If by "physical access" you actually mean the ability to pick up the box in your hands -- you don't need that for hardware virtualization.	06:36
syncrondi	eh? Well, I don't need full virtualization.. just something like solaris zones	06:36
syncrondi	for me, all I have is ssh	06:37
twb	Well, I guess you might need physical access to turn on VT-x in the BIOS.	06:37
twb	syncrondi: even if you don't NEED full virtualizaton, I would still recommend KVM over OpenVZ.	06:37
twb	IME it's more reliable, and it allows you for flexibility (e.g. "now I need unionfs support" or "now I need a RHEL VM") later.	06:39
syncrondi	Does it require a fresh install?	06:39
twb	Does what require a fresh install?	06:40
syncrondi	KVM	06:40
twb	No, it's built into the kernel.	06:52
twb	Also, openvz receives no support from Ubuntu, whereas kvm got 18mo (hardy) and lessee...	06:53
Boohbah	we've run VZ since 2006	06:55
twb	Bleh, maintenance-check is taking WAY to long to fetch the jaunty seeds	06:59
uvirtbot	New bug: #329852 in pptpd (main) "pppd or pptpd fails when client try to connect" [Low,Incomplete] https://launchpad.net/bugs/329852	07:01
twb	Hmm, it's also 18mo in Jaunty.	07:04
twb	This is not good!	07:04
twb	Oh, that's because jaunty isn't an LTS.	07:04
twb	Presumably the next LTS will have kvm in main, and thus will get 5y support.	07:04
poningru	twb, question re: openvz	07:13
poningru	does it really support arm?	07:13
twb	I don't know.	07:13
twb	OpenVZ is a bunch of patches to the Linux kernel, so in theory it should be architecture-independent.	07:13
twb	Of course, the guest OS would also have to be supported on that CPU.	07:13
twb	So you couldn't have an ARM gaol on an x86-64 server, but you could have ARM gaols on an ARM server.	07:14
poningru	ah ic	07:14
syncrondi	twb: so you need to access the bios for sure during install of KVM?	07:14
twb	syncrondi: it's common for VT-x to be disabled by default in the BIOS.	07:14
poningru	syncrondi, well if its already turned on then no	07:15
poningru	syncrondi, check /proc/cpuinfo	07:15
syncrondi	I see. Thanks twb	07:15
=== WALoeIII_ is now known as WALoeIII
twb	poningru: of course, any time the guest architecture isn't native, you lose any VT benefits.	07:15
poningru	twb, right	07:15
twb	i.e. you HAVE to do full userspace virtualization.	07:15
poningru	syncrondi, egrep '(vmx\|svm)' --color=always /proc/cpuinfo	07:15
twb	The () are unnecessary	07:15
mneptok	such kernel patches usually require virtualization extensions in the CPU. AFAIK, ARM doesn't have such things.	07:16
twb	mneptok: OpenVZ doesn't use hardware virtualization at all.	07:16
mneptok	twb: ewwww ...	07:16
syncrondi	poningru: that doesn't return anything, I'm afraid.	07:16
mneptok	now i know why i never palyed with it :)	07:16
twb	mneptok: OpenVZ is an extension of the chroot approach to include /proc and network segmentation. ALL code runs natively.	07:16
poningru	syncrondi, yeah its turned off then or your cpu doesnt have it	07:16
poningru	what cpu do you have?	07:17
twb	You also cannot have a different kernel inside an OpenVZ gaol.	07:17
syncrondi	poningru: dual p4 2.8	07:17
twb	Also, OpenVZ has poor support for e.g. NFS and completely hangs the entire machine when you try to use either unionfs or aufs.	07:18
poningru	syncrondi, depending on the gen it probably has vt	07:18
poningru	err I mean doesnt have vt	07:19
twb	If all you're gonna run in your gaol is a different version of Apache and PHP and MySQL, then OpenVZ is probably not so bad.	07:19
smoser	bug 451881	07:19
uvirtbot	smoser: Error: Could not parse data returned by Launchpad: The read operation timed out	07:19
syncrondi	twb: that's basically all. I just wanted to separate a new development environment from existing.	07:20
twb	syncrondi: given that you lack VT support in your CPU, OpenVZ becomes a more reasonable choice.	07:20
syncrondi	but I've been working with another server that's running a jail for the same situation and weird errors come up at times	07:20
twb	syncrondi: however you may prefer to look into pbuilder	07:20
twb	syncrondi: if you're just doing DEVELOPMENT	07:21
syncrondi	development that could move into production	07:21
poningru	syncrondi, also virtual box if you have X on it	07:22
poningru	not sure if virtual box requires X	07:22
syncrondi	Yeah, no X	07:22
twb	AFAICT virtualbox is ill-suited for server gaols.	07:22
poningru	http://www.howtoforge.com/vboxheadless-running-virtual-machines-with-virtualbox-2.0-on-a-headless-ubuntu-8.04-server	07:22
twb	It's really intended for jackasses who want to run IE or something on their ridiculously over-specced personal laptop	07:23
syncrondi	twb: I tried it on my windows and also on an OpenSolaris install and it seems a lot like VMwarez	07:23
twb	syncrondi: yeah, VMware falls into the same category.	07:23
Boohbah	if you want a virtualized web server, openvz or xen	07:23
twb	You could sum up my gripes with virtualbox as "it tries to be like vmware"	07:23
Boohbah	xen with swap is good (required) for java	07:23
poningru	http://www.bgevolution.com/blog/virtualbox-headless-mode/	07:23
syncrondi	twb: haha, yeah, for sure.	07:23
twb	Xen is also a good choice compared to OpenVZ, if all you need are gaols.	07:24
Boohbah	poningru: i didn't know virtualbox could run without X, thanks!	07:24
poningru	:)	07:24
Boohbah	twb: what is this 'gaol' you speak of?	07:24
twb	Boohbah: IIRC the trick is to put it in an xvfb, which is pretty fugly	07:24
syncrondi	A coworker was showing me solaris containers and I was pretty impressed with that	07:24
twb	Boohbah: "jail" is a neological spelling of "gaol".	07:24
Boohbah	or rather "gaol" is archaic "jail" :)	07:25
Boohbah	i see	07:25
Boohbah	Norman-derived gaol (preferred in Britain)	07:25
twb	It's not archaic.	07:25
Boohbah	it's just preferred in Britain?	07:26
twb	It's "English" as opposed to "American" :-P	07:26
twb	Boohbah: and everywhere else in the commonwealth.	07:26
Boohbah	rubbish colour armour boot bonnet aluminium	07:26
twb	Good gods, how do Americans say "bonnet"?	07:27
poningru	in India we used to call the boot/trunk dickie	07:27
twb	"Headscarf" or something?	07:27
poningru	twb, hood	07:27
twb	Oh, you mean of an auto.	07:27
poningru	hehe yeah	07:27
poningru	its funny my gf is from scotland and she taught me that in gb/uk (depending on who you ask) the queens english is considered proper	07:28
poningru	while here in the US there is no 'proper' english	07:28
poningru	how you speak is proper for you	07:28
twb	It depends if you're a language instructor, or a linguist.	07:28
twb	Language instruction is prescriptive; linguistics is descriptive.	07:29
poningru	granted exceptions do popup for the neds/hicks	07:29
* poningru gives twb a glassgow kiss		07:30
poningru	nn guys	07:30
Boohbah	i almost forgot this wasn't #defocus	07:30
Boohbah	poningru: good night	07:30
syncrondi	I'm out too.. thanks for the advice	07:31
poi77	Hi! I am running Ubuntu w/ sw raid. I run mdadm to check status. At the end of output there is " Number Major Minor RaidDevice State" and then my RAID devices. What does this data mean?	07:34
Boohbah	poi77: http://linux.die.net/man/8/mdadm	07:36
poi77	Boohbah: thanks, I am wondering whether the "major" "minor" values have any significance and if they indicate errors?	07:37
twb	poi77: run "cat /proc/mdstat" to check status	07:39
twb	major and minor ar ethe block numbers.	07:40
poi77	twb: thanks, [2/2] would mean normal, right?	07:40
twb	see e.g. the mknod(8) manpage	07:40
twb	It's not a quality status	07:40
twb	it's a name, like "sdd2" means "fourth SCSI disk, second slice"	07:41
twb	A major and minor number of "2, 7" means "I'm the seventh component of the second device"	07:41
poi77	twb: many thanks for your explanations!	07:42
* soren breaks		07:51
smoser	mathiaz, its bad... hacky, but heres what i have right now	07:58
smoser	http://paste.ubuntu.com/298860/	07:58
smoser	am running that with input: x86_64 us-east-1 ami-7132d118	07:58
mathiaz	smoser: yop - seems good to me	07:59
smoser	it actually worked!	07:59
smoser	fired off a bunch of instances, then waited, then sshed to each of them	08:00
smoser	:)	08:00
mathiaz	smoser: ec2-describe-images doesn't have the proper information to infer the availability zone from the output	08:00
mathiaz	smoser: as well as the list of types	08:00
mathiaz	smoser: I think we can infer everything from the name of the bucket/image	08:00
mathiaz	smoser: the bucket as the -us/-eu -> region	08:00
mathiaz	smoser: the image name has amd64/i386 -> type list	08:01
mathiaz	smoser: the best call would be: test-ec2.sh ami-7132d118	08:01
smoser	you can't get bucket/path without knowing region	08:02
smoser	other than by trying both	08:02
smoser	which would in all likelyhood be sufficient	08:02
mathiaz	smoser: oh - you're right	08:02
mathiaz	smoser: you need to set the region	08:02
smoser	but arch isn't needed.	08:03
mathiaz	smoser: well - you could use ec2-describe-region	08:03
mathiaz	smoser: ec2-describe-regions	08:03
smoser	mathiaz, right, you could use that to get a list and then look in each for that id	08:03
mathiaz	smoser: and then try to find which one has the ami ;)	08:03
smoser	unlikely, but possible that an id existed in multiple regions	08:03
smoser	yeah. it would be good enough	08:03
mathiaz	smoser: that's true - but the ami path would be completly different	08:04
smoser	those tests you wrote probably cost a couple bucks per region to run	08:04
mathiaz	smoser: it would probably not match the bucket name	08:04
smoser	the bucket names are different. manifest name is the same. (ie, basename)	08:04
smoser	anyway...	08:05
smoser	i think i'm going to go to sleep now	08:05
mathiaz	smoser: yeah - we can discuss improvments at UDS :)	08:05
smoser	oh. the goal is nightly automated tests with logs	08:06
smoser	its all doable.	08:06
* mathiaz nods		08:06
smoser	i've just spent the time doing the publishing portion of it all	08:06
smoser	if you dont have a build out there, you can't test it :)	08:06
mathiaz	smoser: yop - one step at a time	08:07
smoser	i will say that at 3:00 am eastern, us-east-1 performs fairly well	08:07
smoser	started 17 hosts in like < 50 seconds	08:07
smoser	anyway, good night.	08:08
dru_	can someon point me to the quick low down "drop all iptables"	08:54
dru_	please	08:54
dru_	:)	08:54
twb	dru_: what about it?	08:54
dru_	iptables must die	08:55
th0mz	the song is invaders must die	08:55
dru_	i need to basicly disable all tables for a test on our local network	08:55
cemc	dru_: you could try to remove all modules	08:55
th0mz	-F	08:55
th0mz	if you need to clean	08:55
cemc	dru_: lsmod, then rmmod everything iptables-related	08:56
soren	dru_: for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F ; sudo iptables -X	08:56
dru_	can I just "/etc/init.d/iptables stop" ?	09:01
soren	No.	09:02
soren	dru_: for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F ; sudo iptables -X	09:02
soren	dru_: That's it.	09:02
dru_	bash: syntax error near unexpected token `done'	09:03
twb	You should not use iptables(8), because it is not atomic.	09:03
twb	Always use iptables-restore and iptables-save.	09:03
soren	I don't see how atomicity is really important in this case?	09:04
twb	soren: suppose you have a script in /etc/network/if-pre-up.d/00firewall that runs a dozen iptables rules	09:04
soren	dru_: Are you sure you copy/pasted it correctly?	09:04
soren	twb: I don't. I'm clearing all rules.	09:04
soren	twb: That's it.	09:04
twb	soren: admittedly, it probably doesn't matter in THIS case, but it is a good habit to encourage.	09:04
soren	twb: "in this case" being the operative part of my question.	09:05
soren	twb: I'm just arguing against your "never", which seems quite out of place here.	09:05
twb	soren: well, you could conceivably have another sysadmin logged into the box	09:05
dru_	guys guys...	09:05
twb	It's just very very unlikely that you'd hit that race condition :-)	09:05
soren	dru_: That command line works for me. You mistyped, or miscopy/mispasted.	09:06
twb	It would also mean that you couldn't accidentally set the default policy to ACCEPT, and then make a typo after your loop, such that you had all the rules still in there. Given that you're trying to flush all the rules, that's also unlikely (but not strictly impossible) to be an issue.	09:07
dru_	really I dont want to change any of the tables...I just need to diable them for a test as to why my centreon server isnt able to "catch snmp commands for client hosts	09:07
twb	dru_: you cannot "disable" the iptables in the kernel without modifying them.	09:07
twb	dru_: if you want to restore them later, dump them to a file first using iptables-save.	09:07
soren	twb: How would you create the input file for iptables-restore?	09:08
twb	soren: with a text editor?	09:08
soren	From scratch?	09:08
twb	Sure.	09:08
soren	I don't even thing the format is documented anywhere.	09:08
twb	It's not, but it's easy to run "iptables-save" and see what you get.	09:09
soren	twb: But that would require you to use the dangerous, never-use-it iptables command directly first.	09:09
twb	I mean, you can still using iptables(8) directly on a machine that's not in production.	09:09
twb	soren: yep -- because some other idiot used iptables(8) directly before you got there.	09:09
dru_	soren: im running root so :"iptables -P $chain ACCEPT ; done ; iptables -F ; iptables -X" was the used syntax . and "bash: syntax error near unexpected token `done'"	09:09
dru_	was the return	09:10
dru_	..	09:10
twb	dru_: you have omitted the start of the for loop.	09:10
cemc	dru_: you forgot the for chain in... part	09:10
soren	dru_: ...	09:10
soren	08:02:31 < soren> dru_: for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F ; sudo iptables -X	09:10
twb	Hmm, does -F only apply to a single table (i.e. -t filter)?	09:10
soren	twb: Well, /someone/ has to prime the it so that you can see what the format looks like.	09:10
cemc	dru_: the command begins at 'for' :)	09:10
soren	twb: I believe so.	09:11
twb	You ought to flush any other tables that are in use, too.	09:11
dru_	thanks soren, that semed to have worked	09:11
soren	twb: You're right. I was typing just that when you started your "never use iptables, always use iptables-{restore,save}" rant. and I got sidetracked :)	09:12
soren	So really, it ought to be:	09:12
twb	soren: granting that there are exceptions to the "rule of thumb" that I stated as an absolute, I would still use iptables-restore to flush tables.	09:13
soren	for table in filter nat mangle; do for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F -t table; sudo iptables -X -t $table ;done	09:13
twb	soren: that code will create empty nat and mangle tables if they were previously unused.	09:13
soren	I might actually use iptables-apply instead, actually.	09:13
twb	Which doesn't really matter, it just makes iptables-save output a bit verbose	09:14
twb	Also, you missed the raw table	09:14
cemc	and loads some extra modules	09:14
twb	cemc: yeah, that's what I meant	09:14
soren	The dude wanted his iptables cleared. I'm not going to sit here writing a 100 line shell script to make sure all that shit is taken care of so that he doesn't load an extra module or so.	09:15
soren	:p	09:15
cemc	;)	09:15
twb	"Run iptables-save, change the policy of all : lines to ACCEPT, comment out all -A lines, and then pipe it into iptables-restore"	09:15
twb	...apart from the user changes, where the policy is and stays "-".	09:16
soren	twb: He managed to miscopy/mispaste a perfectly good command line. I think asking him to mangle a text file like that may be asking for more trouble.	09:16
cemc	twb: to that the response would probably be: "huh??" :)	09:16
twb	cemc: shrug.	09:16
cemc	;)	09:16
Sorell	hey guys, is ssh turned off by default?	09:17
twb	Sorell: ssh is not installed by default.	09:18
Sorell	oh	09:18
twb	Sorell: if openssh-server is installed, it will start by default and accept connections from anywhere, to any user, by default.	09:18
twb	IMO this is a horrible default behaviour, but what can you do?	09:18
twb	I think dropbear is also "on by default" after you install it.	09:18
Sorell	idk that one.	09:19
twb	dropbear is just another sshd/ssh implementation	09:19
twb	Hm, is iproute installed by default? If so, when was it first installed by default (on ubuntu-server, not desktops).	09:20
Sorell	no idea	09:24
Sorell	hey twb, can you try something for me?	09:25
dru_	hey...please stop useing me as a subject of conflict	09:25
dru_	thanks	09:25
Sorell	I'm setting up a Eucalyptus server	09:26
Sorell	can you tell me if you can see it?	09:26
Sorell	https://myuniversitycenter.com:8443/	09:26
twb	SSL error: error:00000000:lib(0):func(0):reason(0)	09:28
twb	Sorell: you're using a crypto function that is blacklisted now	09:28
Sorell	:/	09:28
twb	(IIRC what that error really means)	09:28
twb	3-DES or whatever	09:28
twb	Lemme see if I can find a server that doesn't track security.d.o nor hardy-security	09:29
Sorell	any quick way to turn it off?	09:29
Sorell	I just got the DL of 9.10 server installed.	09:29
twb	Turn what off?	09:29
twb	You can't un-blacklist a crypto function without recompiling libopenssl/libgnutls	09:30
Sorell	:(	09:30
Sorell	not something I would want to do right now.	09:31
twb	On a Fedora Core 3 machine, neither lynx nor curl will connect at all.	09:31
Sorell	I'm having issues with firefox / konquor too	09:31
twb	Sorell: you shouldn't be using that crypto method in the first place! If you're gonna futz it, you should be futzing eucalyptus to use a modern crypto algo.	09:31
Sorell	but only if I'm not on the LAN	09:32
twb	Sorell: no, anywhere.	09:32
Sorell	I just used the standard install.	09:32
twb	"It's OK, I'm behind a firewall" really means "I am only protected by one layer of security"	09:32
twb	Sorell: report a bug against eucalyptus, then	09:32
Sorell	okay	09:33
twb	Sorell: note: this assumes I'm diagnosing the problem correctly.	09:33
soren	twb: Since day 1: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/platform.karmic/revision/1	09:33
Sorell	I'm going to try to ask on ubuntu-cloud	09:33
twb	soren: day 1 = karmic?	09:34
soren	twb: Warty.	09:34
twb	Oh, I see, that's just the branch name	09:34
twb	soren: OK, thanks.	09:34
soren	2004-11-02 17:11:15	09:34
soren	"import warty seeds from the Ubuntu wiki"	09:34
twb	Yeah, I was just looking at the URI initially ;-)	09:34
soren	:)	09:35
Sorell	I'm confused, is this the bug list?	09:37
soren	"this"?	09:37
Sorell	the link you posted	09:37
twb	Sorell: he's in another thread	09:37
twb	IRC doesn't thread well	09:37
Sorell	okay	09:37
soren	Sorell: Bug list? No, it's the list of packages that got installed in the very first Ubuntu release 5 years ago.	09:38
twb	19:20 <twb> Hm, is iproute installed by default? If so, when was it first installed by default (on ubuntu-server, not desktops).	09:38
soren	twb: Sorry, then I lied, actually. Ubuntu server did not exist until Breezy.	09:38
soren	iirc.	09:38
twb	Yeah, I nearly asked that :-()	09:39
twb	* :-)	09:39
twb	Fat-fingered oaf that I am...	09:39
uvirtbot	New bug: #458001 in eucalyptus (main) "Changing LOGLEVEL in eucalyptus.conf doesn't affect log verbosity" [Undecided,New] https://launchpad.net/bugs/458001	09:57
mdz	ttx, good morning	10:41
mdz	ttx, do you know what was resolved with regard to the EC2 images and bug 451881? I know that Scott uploaded the fix but do not know if there was a respin	10:42
uvirtbot	Launchpad bug 451881 in ec2-init "ssh public key fingerprint not available on console in UEC environement" [High,Fix released] https://launchpad.net/bugs/451881	10:42
mdz	ttx, I checked http://uec-images.ubuntu.com/karmic/current/karmic-uec-i386.manifest and confirmed that the fix is there	10:43
mdz	(20091022)	10:43
mdz	is 20091022 the build we are releasing for RC?	10:43
mdz	ttx, ah, ok, I was able to cross-reference the build number with the AMI ID (which is in the ISO tracker) and confirm	10:44
mdz	the fix is in RC	10:44
ttx	yes	10:46
ttx	mdz: I verified it	10:46
ttx	(on UEC images)	10:46
ttx	mdz: updated https://wiki.ubuntu.com/ServerTeam/ReleaseStatus with current status	10:47
mdz	ttx, thank you	10:47
ttx	mdz: mathiaz found bug 457866 -- I think this needs to be fixed for release	10:47
ttx	as it has security implications	10:47
uvirtbot	ttx: Error: Could not parse data returned by Launchpad: The read operation timed out	10:47
ttx	"Security disabled for universe in UEC/EC2 images apt/sources.list"	10:47
ttx	mdz: we didn't get much feedback on the recent bugs filed against eucalyptus, in particular the one nurmi said he would look into	10:48
mdz	ttx, argh	10:48
mdz	ttx, can we not fix 457866 for RC?	10:49
mdz	the idea of RC is that we have no known blockers for release :-)	10:49
ttx	mdz: I wouldn't try without smoser	10:49
ttx	mdz: but that might still be doable	10:50
ttx	since testing is relatively fast	10:50
ttx	and the fix should be relatively harmless	10:50
ttx	mdz: -> #ubuntu-release ?	10:51
tramsei_	anyone available to help me wiuth ubuntu and dhcp	10:57
ttx	soren: what's the status for bug 410886 ? It's our only remaining release-targeted bug.	11:07
uvirtbot	Launchpad bug 410886 in vmbuilder "VMBuilder doesn't work with grub2" [Undecided,Confirmed] https://launchpad.net/bugs/410886	11:07
soren	ttx: I just need to upload a new VMBuilder snapshot.	11:08
soren	ttx: Is it right-now urgent?	11:08
ttx	soren: not sure, asking in #ubuntu-release	11:09
ghh	i cant login to vsftp server keeps denying access, anybody know whats stopping me?	11:14
=== ATuin is now known as A-Tuin
* soren lunches		11:37
=== gamla_ko1san is now known as gamla_kossan
nijaba	kirkland: good morning :)	12:42
ttx	kirkland: tested cloud power features this morning. Goes to sleep ok but I can't seem to be able to wake it up. WakeonLan enabled in BIOS and showing up on ethtool (WakeOn g), but wakeonlan or powerwake fail.	13:03
ttx	probably some hw issue on that Dell	13:03
=== UnixDawg____ is now known as UnixDawg
=== aubre_afk is now known as aubre
smoser	soren, i agree that vmbuilder on nectarine should be pulling from something non-trunk	13:47
soren	smoser: Yeah. I didn't want to make the change, as I wasn't sure if it was referenced anywhere else (I at least saw the README, that had the url in it).	13:49
smoser	rather than an 0.11 branch, i'd just as soon create a "karmic-stable" branch	13:50
smoser	explicitly named for this	13:51
kirkland	ttx: can you wake-on-lan that machine independent of eucalyptus/powernap/powerwake?	13:54
ttx	kirkland: no	13:55
kirkland	ttx: hrm, well, that stinks... have you googled for info about that hardware and wakeonlan?	13:59
kirkland	ttx: there are some quirks, sometimes ....	13:59
ttx	kirkland: I wonder if my green switch is playing tricks	13:59
ttx	kirkland: I'll have to troubleshoot that sometime in the future	13:59
=== dendrobates is now known as dendro-afk
kirkland	ttx: d-link green switch? I have the same one...	13:59
smoser	green as in "consume less power" ?	14:02
smoser	it would be somewhat funny if a switch marketed as green had problems with wake on lan.	14:03
smoser	ttx, so what are we doing with bug 457866	14:03
uvirtbot	Launchpad bug 457866 in ec2-init "Same components for every pocket in apt sources.list" [Medium,Triaged] https://launchpad.net/bugs/457866	14:03
smoser	oh good, you're back ubottu	14:04
smoser	oops. uvirtbot	14:04
ghostlines	I'm trying to umount a volume, but I can't because it's in use, I stopped all processes from using it except the mount process	14:04
ghostlines	will killing the mount process be risky?	14:04
ghostlines	don't want to risk losing any files	14:04
ttx	smoser: fix it post-beta	14:04
ttx	post-RC I mean	14:05
ttx	smoser: see slangasek decision on #ubuntu-release	14:05
smoser	right	14:05
smoser	so it should be targetted somewhere ?	14:05
ttx	smoser: it's not critical, so no	14:06
ttx	smoser: just "very good to fix"	14:06
ttx	so, nominated for karmic	14:06
smoser	ok. well, theres a patch attached for it.	14:06
smoser	we're expecting then that we want that in like tomorrow or saturday ?	14:06
smoser	or like karmic-updates	14:07
ttx	like tomorrow	14:09
ttx	so that dailies can be validated asap	14:09
ttx	kirkland: I did a pass on the doc, looks good. Fixed a few pointers in moreInfo (was mentioning old /etc/init.d things)	14:12
kirkland	ttx: excellent!	14:13
kirkland	ttx: https://help.ubuntu.com/community/KVM/VirtManager	14:13
kirkland	ttx: i did that yesterday	14:13
kirkland	ttx: i was going to do something similar for virsh	14:13
ttx	kirkland: looking at PackageInstall now	14:13
kirkland	ttx: PackageInstall was fun, as I hadn't installed that way previously	14:13
ttx	kirkland: you validated it with current packages ?	14:13
kirkland	ttx: i was going to do a PowerManagement one too, with PowerNap instructions	14:13
kirkland	ttx: current as of Tuesday, yes	14:14
ttx	kirkland: good	14:14
kirkland	ttx: i created that while doing the install	14:14
kirkland	ttx: there's on funky part that could potentially use some improvement	14:14
kirkland	ttx: ssh key distribution	14:14
kirkland	ttx: i used ssh-copy-id	14:14
kirkland	ttx: but that required that I set a eucalyptus password on the node(s)	14:14
kirkland	ttx: i gave instructions for setting it, then un-setting it	14:15
ttx	reading right now	14:16
nijaba	ttx: who has a muti-node setup to try reproducing a bug intel is having	14:18
ttx	this part is a little dependent on what the user already has installed, obviously. If they disabled password auth on their SSh server that would fail. But I think that's a sane default instruction	14:18
ttx	nijaba: maybe etienneg/mathiaz	14:18
nijaba	ttx: it seems that as long as vm are launched, autodiscovery of additional nodes fails as the wrong ip is returned via avahi	14:18
nijaba	ttx: can't verify it with only one node :(	14:19
ttx	nijaba: you filed a bug already or you wait to reproduce it ?	14:19
nijaba	ttx: I have asked Paul @ intel to file it, so that he can follow up to request for additional info	14:20
nijaba	ttx: he now has a lab with 4 nodes running	14:21
ttx	nijaba: that will make asking for reproduction easier	14:21
nijaba	ttx: he also eventually can give us access to it if needed	14:21
nijaba	ttx: an uec is his current #1 priority for the weeks to come	14:22
ttx	nijaba: that sounds great !	14:24
smoser	ok, ttx, i'm not going to be here tomorrow, nor around the interweb until monday AM. so bug 457866 probably be assigned to someone who will be here to fix it (soren, zul)... really it just needs a upload. if it goes into archive by 01:30 UTC tomorrow it will be in 20091023 builds automatically.	14:25
uvirtbot	Launchpad bug 457866 in ec2-init "Same components for every pocket in apt sources.list" [Medium,Triaged] https://launchpad.net/bugs/457866	14:25
zul	smoser: its got a debdiff attached to it?	14:28
ttx	smoser: could you brief zul on the required action ?	14:28
smoser	yes	14:28
smoser	well, a bzr diff: http://launchpadlibrarian.net/34144024/bug457866-set-karmic-security-apt-sources.diff	14:29
smoser	it would be nice if mathiaz someone could just take a look at it also, to make sure i'm not fat fingering anything	14:30
smoser	and that my understanding of the bug is what needs to change.	14:30
smoser	basically, all i did was s/restricted/universe/	14:30
soren	smoser: Ah, right. Good catch.	14:33
aubre	are y'all reliably able to attach UEC SC volumes to your UEC instances ?	14:43
aubre	I'm considering reinstalling everything using ext3 , I can't figure out why this isn't working for me	14:44
aubre	but if I know it is working for you , that would help me	14:45
smoser	aubre, i have not tested that. i think that kirkland might have.	14:46
aubre	smoser: could you just create a SC volume and try mounting it? it's fairly easy to test	14:46
aubre	for example:	14:48
aubre	euca-create-volume -s 1 -z vcl	14:48
aubre	euca-attach-volume -i i-43440758 -d sdb vol-32DF04AE	14:48
aubre	if it shows	14:49
zul	smoser: looks reasonable	14:49
smoser	aubre, sure. i'll test that.	14:49
aubre	smozer: thanks	14:49
smoser	thanks for spelling it out for me :)	14:49
aubre	smoser: if euca-describe-volumes shows "in use" you suceeded, if it still shows "available" you failed	14:50
aubre	smozer: if you succeeded, in the above example, you should be able to ssh into the instance and look for /dev/sdb, and then be able to fdisk /dev/sdb	14:50
aubre	smozer: and create a mountable partition, etc etc	14:51
aubre	in euca-create-volume -s is size in GB , and -z is zone	14:51
ttx	aubre: smoser with an "s"	14:55
aubre	ttx: ty	14:56
aubre	smoser: sorry	14:56
smoser	ok, so euca-describe-volumes shows 'available', and i'm about to type	14:56
smoser	euca-attach-volume -i i-4AA8096D -d sdb vol-32F804B0	14:56
smoser	right?	14:56
aubre	smoser yep	14:56
aubre	smoser: yep	14:56
aubre	I'm a troublemaker lol	14:57
smoser	$ euca-describe-volumes	14:58
smoser	VOLUME vol-32F804B0 1 sm-zone-1a in-use 2009-10-22T13:53:04.836Z	14:58
smoser	ATTACHMENT vol-32F804B0 i-4AA8096D unknown,requested:sdb 2009-10-22T13:56:42.522Z	14:58
smoser	and in the instance	14:58
aubre	smoser: looks good	14:58
smoser	dmesg \| tail showed a new 'sdb'	14:58
aubre	smoser: you win	14:58
smoser	and i just : mkfs.ext4 -F /dev/sdb	14:58
aubre	smoser: ok, I will try to reinstall my cloud	14:58
soren	smoser: Is the VMBuilder branch used on nectarine referenced anywhere other than the README and in the branch metadata of /home/vmbuilder/ec2-daily/vmbuilder/ ?	14:58
aubre	smoser: thanks so much	14:59
soren	smoser: I'd like to update it right now. I have some changes I'd like to make to VMBuilder for the appliance stuff, and they could start landing in the trunk at any time.	14:59
=== aubre is now known as aubre_afk
smoser	seems like it is good, aubre. i just mounted and wrote a file there and unmounted and mounted and verified it wsa still there.	15:00
aubre_afk	aubre_afk: thanks man	15:00
smoser	soren, bin/bzr-pull . thats what i do to pull all the updates.	15:00
aubre_afk	aubre_afk: I will reinstall	15:00
smoser	oh. but all it does is 'bzr pull' in the appropriate directory	15:00
smoser	so if you fix that it will change.	15:00
soren	Ok. I'll fix the README as well to avoid confusion.	15:01
smoser	right. please do.	15:01
smoser	what branch name are you using ?	15:01
smoser	did you see my suggestion of karmic-stable	15:01
uvirtbot	New bug: #458163 in eucalyptus (main) "[regression] euca_rootwrap fixes broke eucalyptus power management (powerwake)" [High,In progress] https://launchpad.net/bugs/458163	15:01
soren	smoser: lp:~ubuntu-virt/vmbuilder/0.11	15:01
soren	smoser: 0.11 is what we have in Karmic.	15:02
soren	smoser: It will not be developed any further (i.e. it's in bugfix only-mode).	15:02
soren	smoser: So that branch is stable.	15:03
smoser	... i would prefer explicit. but ok.	15:03
soren	smoser: I'd like to keep the branch names of VMBuilder free of Ubuntu-like names.	15:03
soren	https://edge.launchpad.net/ubuntu/karmic/+source/vm-builder has the appropriate metadata.	15:04
soren	...which reminds me I need to add 0.11.2 to Launchpad.	15:04
soren	There.	15:07
uvirtbot	New bug: #273930 in qemu-kvm (main) "oosplash.bin crashed with SIGSEGV in splash_create_window() under KVM" [Medium,Triaged] https://launchpad.net/bugs/273930	15:09
smoser	aubre_afk, http://paste.ubuntu.com/299078/	15:09
smoser	kirkland, ttx, see above	15:09
smoser	is that known behavior? user error ?	15:09
smoser	i think i might have been missing some step to explicitly release /dev/sdb from the guest (maybe 'eject /dev/sdb' or something)	15:10
kirkland	smoser: the stack trace on detach?	15:10
kirkland	smoser: i've seen that, clearly wrong, but I haven't noticed any mal-effects	15:10
smoser	yes	15:10
kirkland	smoser: file it, and mark against upstream qemu too	15:11
smoser	kirkland, file against kvm ?	15:12
smoser	or eucalyptus ?	15:12
kirkland	smoser: file against the qemu-kvm package, and add a task for the upstream QEMU project	15:12
zul	smoser: do you want me to upload that ec2-init fix for you?	15:19
smoser	zul, if you can upload it, and it wont magically be pulled into archive and piss people off about release, then yes.	15:20
zul	smoser: hmm...ill wait til tomorrow then ;)	15:21
smoser	we want it in "as soon as possible after release". so if you can accomplish that by upload now, then please do.	15:21
smoser	i think there are gates on what gets pulled, and that it requires an explicit ACK at the moment	15:21
smoser	so that upload wouldn't hurt	15:21
smoser	but i'd maek sure someone more process knowledgable than i agreed.	15:22
zul	smoser: yes someone has to ack it but I wait til rc is out just to be sure	15:26
smoser	no problem.	15:27
uvirtbot	New bug: #348633 in qemu-kvm "Fails to boot from CD after reboot: CDROM boot failure code: 0003" [Low,Triaged] https://launchpad.net/bugs/348633	15:27
* soren takes a break		15:30
smoser	bug 458201	15:33
uvirtbot	Launchpad bug 458201 in qemu-kvm "kernel stacktrace on volume detach in kvm guest" [Undecided,New] https://launchpad.net/bugs/458201	15:33
smoser	kirkland,	15:33
kirkland	smoser: okay, thanks	15:34
kirkland	ttx: okay, i'm now confirming your db error :-/	15:35
uvirtbot	New bug: #458198 in bind9 (main) "host crashed with SIGSEGV in start_thread()" [Undecided,New] https://launchpad.net/bugs/458198	15:36
uvirtbot	New bug: #293898 in vmbuilder "regression: vm-builder lacks --security-mirror option" [High,Fix committed] https://launchpad.net/bugs/293898	15:37
smoser	ttx, kirkland zul i'm going to step out for ~ 1h. if you need me, call cell phone (kirkland has it)	15:38
zul	ttx: ack	15:39
=== MTecknology is now known as MTeck-ricer
uvirtbot	New bug: #458201 in qemu-kvm "kernel stacktrace on volume detach in kvm guest" [Undecided,New] https://launchpad.net/bugs/458201	15:42
uvirtbot	New bug: #458203 in eucalyptus (main) "euca_conf is missing command-line completion" [Wishlist,New] https://launchpad.net/bugs/458203	15:43
uvirtbot	New bug: #458211 in eucalyptus (main) "eucalyptus.conf is confusing and underdocumented" [Medium,New] https://launchpad.net/bugs/458211	15:52
uvirtbot	New bug: #355410 in qemu-kvm "kvm crashed with SIGSEGV in malloc_consolidate()" [Medium,Triaged] https://launchpad.net/bugs/355410	15:53
ttx	kirkland: I don't know if I should rejoice :)	15:58
kirkland	ttx: on my confirming your db error?	15:58
ttx	kirkland: yes	15:58
ttx	kirkland: talking to the euca guys it sometimes feeled like I was the idiot with a weird error noone ever saw	15:59
ttx	felt like, even	15:59
* ttx jumps from call to call		15:59
kirkland	ttx: nope, i'm with you now	16:00
ttx	yay, lets do a LP group	16:00
kirkland	ttx: however, it just started working again, eventually	16:00
ttx	kirkland: oh yes, its pretty transient	16:00
ttx	just someone might abandon after hitting that error on the first commands used, so better releasenote it	16:00
ttx	(and fix it)	16:00
ttx	It a "Low" but desirable-to-fix bug	16:01
mdz	kirkland, https://bugs.edge.launchpad.net/eucalyptus/+bug/457978	16:41
uvirtbot	Launchpad bug 457978 in eucalyptus "terminate request during instance start-up can SEGFAULT the NC (shows up under heavy load)" [High,Fix committed]	16:41
smoser	zul, at some point you and i need to go through all of canonical's published images (a{krm}i and clean up) there a bunch of cruft	16:43
cytotoxic	!ops	16:43
ubottu	Help! Channel emergency! infinity, soren, lamont, mathiaz or tom	16:43
zul	smoser: sure	16:44
kirkland	mdz: read the bug... what's up?	16:44
mdz	kirkland, that's the bug that dmitrii mentioned on the call, they're not sure if it affects the KVM configuration or not but I asked that they give us the bug number and we would check into it	16:47
mdz	(it's a heads up)	16:47
smoser	aubre_afk, kirkland is 'euca-attach-volume' really supposed to work ?	16:54
smoser	that should have said 'with --device'	16:54
smoser	--device : local device name (inside the guest VM) to use.	16:55
smoser	that seems like a very hard thing to accomplish (requiring help from the guest)	16:57
nijaba	has anyone played with security groups with euca?	16:59
nijaba	seems that when I add authorization to another group than default, they are never effective when I start an instance in this group	17:00
uvirtbot	New bug: #458274 in apache2 (main) "unnecassary dependencies of apache2 modules" [Undecided,New] https://launchpad.net/bugs/458274	17:01
uvirtbot	New bug: #283888 in autofs (main) "strange Conflicts list" [Low,Incomplete] https://launchpad.net/bugs/283888	17:02
ttx	smoser: I attached a device succesfully	17:07
ttx	nijaba: not really, not above the default group	17:08
nijaba	ttx: I opened a bug	17:08
ttx	nijaba: you can ping the eucalyptoids in #eucalyptus to get a quick opinion	17:09
=== erichammond1 is now known as erichammond
nijaba	ttx: in a bit of a rush atm :(	17:09
smoser	ttx, you attached it, yes, but is it actually supposed to attach with "local device name (inside the guest VM)" used ?	17:10
smoser	just doesn't seem reasonable to me.	17:10
nijaba	ttx: and it seems to be a LS bug. Works fine when doing the same with efox	17:10
ttx	LS?	17:11
nijaba	ttx: landscape	17:11
ttx	nijaba: ah	17:11
* ttx will pop up again later tonight		17:13
=== mrchrisadams_ is now known as mrchrisadams
darkphader	trying to clean up old kernels getting errors	17:18
darkphader	Errors were encountered while processing:	17:18
darkphader	linux-restricted-modules-2.6.28-11-server	17:18
darkphader	as the directory was manually deleted	17:18
darkphader	how to remedy?	17:18
uvirtbot	New bug: #458284 in eucalyptus (main) "New security groups are not applied" [Undecided,Invalid] https://launchpad.net/bugs/458284	17:26
jmedina	ivoks?	17:36
jmedina	anyone using bacula 3.0.2?	17:36
nekro_	nijaba: I haven't seen that issue with security groups. Just tried it against the source.	18:17
nijaba	nekro_: forget about it, was a landscape problem	18:18
nijaba	nekro_: thanks for chekcing though	18:18
nekro_	nijaba: oh okay. np	18:18
=== jono is now known as crimsun
=== crimsun is now known as jono
nijaba	grrr: just ran into bug #457283	18:25
uvirtbot	Launchpad bug 457283 in eucalyptus "x86_64 images should be presented a /dev/sdb, not a /dev/sda2" [Medium,Confirmed] https://launchpad.net/bugs/457283	18:25
SyL	is there a command to reconfigure the network in commandline/	18:29
SyL	that / was suppose to be a ?	18:29
=== WALoeIII_ is now known as WALoeIII
=== mrchrisadams_ is now known as mrchrisadams
jmedina	SyL, AFAIK, there is no such a program, you can use your favorite text editor and modify /etc/network/interfaces and then reload networking rc script	18:37
SyL	ok	18:37
=== mrchrisadams_ is now known as mrchrisadams
soren	SyL: There might be "third party" tools to do it, but the network configuration stuff you see in the installer only exists in the installer.	18:52
=== niko is now known as Guest97125
nijaba	Is there a "trick" to have smaller images? I did an euca-bundle-vol of a running instance that took only 3.2G on disk (in /var/lib/eucalyptus/instances/admin/), and when I instanciate this new image it now takes 11G on disk!	19:14
soren	nijaba: Lower the disk size in the admin console.	19:15
soren	You probably set it to 11 to fit the old 10 GB images.	19:15
soren	Does that sound about right?	19:15
nijaba	soren: i did use -s 10240 in the bundle-vol. I should not have?	19:16
nijaba	soren: and when you say "in the admin console", you are talking about the web interface?	19:17
soren	nijaba: Yes.	19:18
soren	nijaba: But the -s 10240 is probably also significant.	19:18
nijaba	soren: I would think so because in both cases (before and after) I used the same instance type.	19:19
nijaba	it took 22 minutes to start this instance, yeah!!!	19:20
=== aubre_afk is now known as aubre
=== dendro-afk is now known as dendrobates
aubre	smoser: I think that's how euca-attach-volume is supposed to work	19:24
aubre	smoser: some of the help commands for euca* need to be refined for sure	19:24
smoser	actually doing that, saying "add sdb" and expecting for '/dev/sdb' to show up in the guest is going to be really hard to maintain	19:26
smoser	across linuxes, not to mention non-linux.	19:26
smoser	if, instead 'sdb' means "second scsi device on first scsi controller" or something like that, then its not so bad.	19:27
aubre	smoser: it should also be clearer imo that you use "sdb" as the device name in the command line as opposed to "/dev/sdb"	19:27
aubre	smoser: I agree	19:28
soren	smoser: The problem is that Xen lets you specify the device name an attached disk will have in the guest. libata does not.	19:28
aubre	smoser: aha	19:28
soren	smoser: ..and this is difficult to emulate.	19:28
smoser	even in xen, thats is not possible	19:28
soren	smoser: Uh... Why?	19:28
smoser	because it is dependent upon udev rules in the guest (in linux)	19:29
smoser	in freebsd or windows i have no idea how that is done	19:29
soren	Try it on EC2. Attach an EBS, ask for it to be called /dev/xdm6 and it will be so.	19:29
smoser	it will be so based on a limited set of udev rules	19:29
soren	Well, /dev/xdm, at least. I'm not sure if you can specify it as a "partition".	19:29
soren	I'm quite sure udev just accepts whatever the kernel tells it.	19:30
smoser	and i'm quite sure that it doesnt have too	19:30
soren	It adds a bunch of symlinks (for UUID, id, and path based access), but the base name sticks.	19:31
soren	Of course it doesn't have to.	19:31
soren	You can change anything you like with udev.	19:31
soren	Forget it. I didn't think it was going to be that sort of argument.	19:31
aubre	wow I started downloading from here http://cdimage.ubuntu.com/ubuntu-server/daily/20091020.3/ way before lunch and it still has 16 mins to go :/ I had to double-check to make sure a new cd hadn't been released while I was downloading	19:31
smoser	so then, asserting "the guest will name this device XXX" cannot be expected to be correct 100%	19:31
smoser	its not "that kind of argument"	19:32
smoser	remember adding and removing usb keys say 3 years ago ?	19:32
soren	It very much is.	19:32
smoser	remember what a pain it was ? sometimes it came up as /dev/sdb, you take it out, add it in, this time its /dev/sdc	19:32
soren	I know.	19:32
soren	It wasn't udev coming up with those names.	19:33
soren	It was the kernel.	19:33
smoser	i would suggest that documentation indicate that you are specifying which scsi bus/controller is to be attached (simliar to what kvm takes).	19:33
* jmedina remembers that hell...		19:33
soren	but whatever. Forget it. I can tell right now this is not going to be a useful argument.	19:33
aubre	smoser: well when you remove an ethernet inteface on a vmware 3 image of ubuntu server 9.04 you don't necessarily get the same device name when you replace it. But I am used to that and it doesn't bother me.	19:33
soren	aubre: If it has the same MAC, it should.	19:34
soren	aubre: If not, it shouldn't.	19:34
soren	By design.	19:34
aubre	soren: it won't	19:34
smoser	so anyway, i just think its silly to say "this is the name the guest will call it"	19:34
smoser	as 'sdb' that might work	19:34
aubre	soren: vmware assigns a new mac each time, I probably could override it	19:34
soren	aubre: I'd like to see udev logs as well as /etc/udev/rules.d/70-persistent-net.rules from a system where that happens. It's a bug and should be fixed.	19:34
smoser	what if i name it wackJob123	19:34
Reepicheep	soren: smoser, I haven't really been following to much of what your talking about but I specify partitions with xen.. It's always seemed to work	19:35
smoser	its not going to work. so you shouldn't document or imply to the user that it will.	19:35
Reepicheep	for example:	19:35
Reepicheep	disk = [ "phy:vg/VM-Peter-root,sda1,w", "phy:vg/VM-Peter-swap,sda2,w" ]	19:35
smoser	actually, even that doesn't always work.	19:35
smoser	depending on kernel you may see that has 'xda1'	19:35
soren	aubre: That's what I'm saying. If it gets a new MAC, it'll get a new name. If it gets the old mac, it'll reuse the name. This is intentional.	19:35
Nivex	The release notes for Karmic indicate that installing to root on iSCSI is now supported, but my test install says otherwise (bug 457767)	19:36
aubre	soren: That makes a lot of sense.	19:36
uvirtbot	Launchpad bug 457767 in debian-installer "karmic: iSCSI root: boot hangs on starting iscsid" [Undecided,New] https://launchpad.net/bugs/457767	19:36
jmedina	Reepicheep: it also works for hot plug dissk using block-attach, the guest machine will get the disk using the name you used to attachit from the dom0 machine	19:36
aubre	soren: I just didn't know why it happened, but now I do - thanks :)	19:36
Nivex	seems like a problem handing off from iscsistart to iscsid	19:36
soren	aubre: sure :)	19:36
flagg0204	nivex - had problems with iscsi install as well	19:36
smoser	the short of my argument is that the hypervisor should not guarantee to the user that a guest will behave in a certain way.	19:37
crohakon	how do I unzip a file in console?	19:37
smoser	crohakon, unzip	19:37
aubre	unzip filename	19:37
soren	smoser: I'm not saying you can give it arbitrary names.	19:37
jmedina	:)	19:37
crohakon	oh, really? haha	19:37
Nivex	flagg0204: yeah, I've been working with #ubuntu-installer to clear a lot issues up, but now it's failing inside the installed environment	19:37
Nivex	it's so close to the line I don't know where it is	19:37
flagg0204	nivex - do you know if its possible to specify a iscsi initiator name?	19:37
soren	smoser: I'm saying that with paravirt Xen, within certain specifications, you get to decide the block device name in the guest.	19:37
aubre	I haven't had a chance to test iscsi yet but I do intent to use it if/when we go to production	19:38
Nivex	flagg0204: afaik, not yet	19:38
flagg0204	when dealing with a netapp it uses the initiator name to determine what target you can use	19:38
smoser	"within certain specifications" is useless to depend on	19:38
soren	smoser: See. It's "that sort of argument".	19:38
flagg0204	and since the installer uses a random initiator name, its impossible to predict	19:38
Nivex	I have the feeling that will be sometime after karmic	19:38
Nivex	seeing as the internal bits aren't even functional yet :(	19:39
flagg0204	nivex - i fgured as much, ah well. guess its nfs root for now	19:39
smoser	anyway. sorry to have derailed into "that kind of argument". it is obvious that eucalyptus is neither trying to nor capable of making a device appear in the guest as a given name	19:39
smoser	or at least not making a good effort at it. so it shouldn't imply in its help that it can.	19:39
soren	The amount of hacks it would have to apply to make it happen with kvm (or hvm Xen) is no fun at all.	19:44
crohakon	how do you delete all the files in a directory?	19:44
smoser	i agree. so i think the documentation (and interface) should be more like kvm's.	19:44
soren	It's kind of like file descriptors. You can't just say that you want to open something as file descriptor 10. You have to make sure 10 is free, and an 0-9 are taken, and then open the file.	19:44
smoser	and euc has basically no way of knowing if 'sdb' is available	19:46
soren	...so if you wanted sdm, they could attach a dummy sdb, sdc..., sdl, and then the real sdm, and detach sdb..sdl. ..and assume that people have not installed special udev rules.	19:46
smoser	but it does know if the second block device on controller 1 is taken	19:46
zul	smoser: rc is out im going to upload it now	19:46
aubre	"if I knew it was going to be this kind of party I would have stuck my **** in the mashed potatoes." Mantan Moreland	19:46
soren	People have root access to these things. They are free to shoot themselves as much in the foot as they please.	19:46
soren	If they don't, we can make reasonable guesesses as to what the names are going to be in the guest.	19:47
mathiaz	zul: the archive is frozen until release - you could have uploaded what ever is needed before	19:47
skuld	Today's project: get my email working LOL. I think I've got an authentication issue with postfix	19:47
soren	The point is: This is good enough. The worst enemy of "good enough" is "perfect".	19:48
Nivex	mathiaz: who do I talk to about something that's busted and might need a freeze override?	19:49
zul	smoser: done	19:49
zul	mathiaz: safer than sorry	19:49
mathiaz	Nivex: the release team	19:49
mathiaz	Nivex: I'd suggest to start by filling a bug	19:50
smoser	i disagree with "good enough". indeterminable behavior is not good enough.	19:50
jfb_h2o	in Karmic I can't open X display. I thought it's related to DisallowTCP, but there is no file /etc/gdm/gdm.conf, suggestions?	19:50
smoser	the interface gives no way for something more intelligent to drive it.	19:51
Nivex	mathiaz: bug's in already. no traction yet :(	19:51
soren	What do you mean?	19:51
soren	smoser: ^	19:51
Egonis	I cannot seem to find a pppoe-client howto for Ubuntu Server anywhere for after-the-fact installs. Can someone point me in the right direction?	19:52
soren	Egonis: pppoeconf - configures PPPoE/ADSL connections	19:52
jmedina	pppoe-config?	19:53
Egonis	soren: Which packages do I need to install?	19:53
soren	pppoeconf	19:53
jmedina	oh that the one	19:53
smoser	if the interface was like kvm's it would be possible to program.	19:53
smoser	pci_add auto\|[[<domain>:]<bus>:]<slot> nic\|storage\|host [[vlan=n][,macaddr=addr]	19:53
smoser	[,model=type]] [file=file][,if=type][,bus=nr]... [host=02:00.0[,name=string][,dm	19:53
smoser	a=none] -- hot-add PCI device	19:53
Egonis	soren, jmedina: Ahh, thank you!	19:53
smoser	pci_add auto\|[[<domain>:]<bus>:]<slot> nic\|storage\|host [[vlan=n][,macaddr=addr] [,model=type]] [file=file][,if=type][,bus=nr]... [host=02:00.0[,name=string][,dma=none] -- hot-add PCI device	19:53
smoser	its less "user friendly", but more determinable.	19:53
soren	smoser: Well, we're stuck with the "fantastic" EC2 API. Deal.	19:53
smoser	that argument just isn't going to work indefinitely	19:54
Egonis	Another dumb question (recently left Gentoo environment) -- how do I add a /etc/init.d script to startup?	19:54
smoser	"ec2 sucks, so eucalyptus has to also"	19:54
soren	smoser: Maybe this will surprise you, but amazon actualy gets away with having tools that let you specify the device name, and somehow, magically, despite the fact that people can put random shite in their udev rules to change the name of block devices when they turn up, it works for on EC2.	19:55
smoser	i dont think that it does.	19:55
smoser	i think their documentation is incorrect, and that people probably find that out, and deal with it in the guest	19:56
soren	smoser: What do you base this on?	19:56
soren	What would the motivation be to add those weird udev rules?	19:56
soren	The amount of people who even have the skill to write them is astonishingly low.	19:56
smoser	so if i just say "add shc", it works ?	19:57
soren	the few who do, I'm sure can deal with the consequencees.	19:57
soren	No. xdc, for instance.	19:57
smoser	how about xed	19:57
soren	smoser: "within certain specifications"	19:57
smoser	which is valid.	19:57
soren	Maybe xed.	19:57
soren	I don't know.	19:57
smoser	right.	19:57
smoser	maybe xed	19:57
jmedina	Egonis: just like any other sysv distro, creating symlinks, for ubuntu you can use update-rc.d	19:58
smoser	if i had previously added xda-xdh and then xda-xdd	19:58
smoser	or some silliness like that	19:58
soren	Huh?	19:58
smoser	if you've previously done no volume attaches in ec2 to your instance	19:59
smoser	and then you say "attach xdd"	19:59
soren	Yes.	19:59
smoser	that will "just work" ?	19:59
soren	Yes	19:59
jfb_h2o	fixed: edit /etc/gdm/custom.conf	19:59
soren	smoser: That's what I've been saying all along.	19:59
smoser	i dont think it will across even all of ubuntu's images	19:59
smoser	let alone all images on ec2	19:59
smoser	even that extremely simple case	19:59
soren	Give me one good reason why it wouldn't work.	19:59
smoser	because my experience of device hotplug in linux indicates that things are lss than determinable	20:00
soren	If you say "the admin may have made a udev rule to override it", I /will/ kick you when I see you.	20:00
nijaba	weird, my cloud seems to have forgotten how to route all my public ips, apart from the first one	20:00
soren	smoser: Well, that's paravirt Xen for you.	20:01
soren	smoser: There are perfectly valid explanations why USB disks get the names they do.	20:01
=== aubre is now known as aubre_afk
smoser	i bet it doesn't show up as /dev/xdc on windows.	20:01
soren	smoser: It's not like it's random.	20:01
soren	Forget it.	20:02
* soren rolls eyes and leaves		20:02
smoser	yes, that was off the wall.	20:02
smoser	but the point is, hardware (and a hypervisor managment platform is emulating "hardware") should be "hardware" and not make assertions about how the softwrae that runs on it will act	20:02
soren	I'm not here, remember?	20:03
smoser	when you say "plug a volume into that instance" its like telling a sysadmin to walk over and attach a device.	20:03
smoser	anyway.	20:03
smoser	i'lll agree with you its silly	20:03
smoser	have a nice night soren	20:03
soren	For paravirt Xen, it's nothing at all like that.	20:04
soren	Sorry, but it just isn't.	20:04
nijaba	any clues on what might be going with this routing being lost? I do see the public ip of all my instances when I do an 'ip addr', but I can only ping the first one. Of course, all instances are from the same image and in the same security group...	20:07
nijaba	when I say ping, it is also the same for ssh	20:07
=== dendrobates is now known as dendro-afk
mathiaz	nijaba: are you pinging/sshing from the CC?	20:13
ruben23	hi i have setup nfs on a server and client, im able to mount and view the server directory i share in my client problem is when i reboot i got this error and the mount directory is gone..------>http://pastebin.com/m447cd3e6	20:13
nijaba	mathiaz: both from the CC and from my desktop -> same result	20:13
ruben23	any idea on the error	20:13
mathiaz	nijaba: try to look at the iptables rules for the nat table	20:14
mathiaz	nijaba: this is where the public <-> private mapping is done	20:14
mathiaz	nijaba: iptables -nL -t nat	20:14
mathiaz	nijaba: can you ping/ssh into the instances using their private ips?	20:15
nijaba	mathiaz: not the ones I cannot reach on their public ip	20:16
nijaba	mathiaz: iptables looks good. Do you want a pastebin?	20:16
mathiaz	nijaba: sure	20:16
mathiaz	nijaba: not the ones I cannot reach on their public ip? do you mean that the you cannot reach these via their private IPs as well?	20:17
nijaba	mathiaz: http://pastebin.ubuntu.com/299266/	20:17
nijaba	mathiaz: I can ping 10.67.108.100 and 172.19.1.2 but not 101 and 3	20:17
mathiaz	nijaba: is the .3 guest running correclty?	20:18
mathiaz	nijaba: can you get the console-output?	20:19
nijaba	mathiaz: yep	20:20
mathiaz	nijaba: can you paste the output for iptables -nL	20:21
mathiaz	nijaba: and route -n	20:21
* smoser heads out for the night. I'll check in later.		20:22
smoser	mathiaz, its a trivial change, but could you just verifiy that the patch on	20:22
nijaba	mathiaz: http://pastebin.ubuntu.com/299268/	20:22
smoser	bug 457866 is what you were wanting	20:23
uvirtbot	Launchpad bug 457866 in ec2-init "Same components for every pocket in apt sources.list" [Medium,Fix released] https://launchpad.net/bugs/457866	20:23
jmedina	ruben be sure portmap is running before nfs tryes to mount	20:23
soren	jdstrand: Around?	20:23
RobEss	Hi, has anyone been unable to upgrade the server version to 2.6.24-25 kernel? I'm running 8.04 version. The workstation flavor had no problems updating. The sources.list files seem identical between the two. Thanks!	20:23
nijaba	mathiaz: hold on. I just restarted the 2nd instance.	20:23
=== WALoeIII_ is now known as WALoeIII
nijaba	mathiaz: and of course, now it works.... /me scratches his head...	20:25
mathiaz	nijaba: you're becoming a koala... ;)	20:26
nijaba	AH!!	20:27
nijaba	mathiaz: instance 1 : m1.xlarge, instance 2: m1.large: both work	20:28
nijaba	mathiaz: but it the 2 instances and m1.xlarge, the second one does not work!!!	20:28
* nijaba can't start to imagine what's going on...		20:29
mathiaz	nijaba: are you using the same image?	20:30
nijaba	mathiaz: of course I am	20:30
mathiaz	nijaba: how many NC do you have?	20:31
mathiaz	nijaba: you may run out of ressource (like memory or disk space) when you run two m1.xlarge instances	20:32
nijaba	mathiaz: only one	20:32
mathiaz	nijaba: which you wouldn't run into when you use m1.large and m1.xlarge	20:32
nijaba	mathiaz: 5G, 8 core machine...	20:32
mathiaz	nijaba: disk sapce?	20:33
Egonis	Which is the typical preferred firewall/masquerade method in Ubuntu Server? I have typically used Shorewall, although am not sure what the Ubuntu standard is	20:33
nijaba	mathiaz: df shows plenty of space left	20:33
mathiaz	nijaba: how much?	20:33
ScottK	Egonis: ufw	20:33
nijaba	mathiaz: 60G	20:33
mathiaz	Egonis: depending on what you wanna do, ufw or shorewall	20:33
nijaba	mathiaz: out of 66	20:34
mathiaz	Egonis: ufw is great for host based firewall	20:34
mathiaz	Egonis: if you wanna setup a gateway with complex routing scheme (such as DMZ and public/private zones) you'd better invest some time in shorewall	20:34
mathiaz	Egonis: you could do it with ufw - but it doesn't support everything yet for the gateway/router use case	20:35
nekro_	"it is obvious that eucalyptus is neither trying to nor capable of making a device appear in the guest as a given name"	20:35
mathiaz	nijaba: can you reproduce the failure with 2 m1.xlarge?	20:35
nekro_	smoser: it works with xen	20:35
nekro_	smoser: does not work with kvm	20:35
mathiaz	nijaba: and the success with 1 m1.large and 1 m1.xlarge?	20:36
nekro_	smoser: euca2ools are supposed to be compatible with Amazon and Eucalyptus. Amazon uses xen	20:36
RobEss	Egonis, if you're going to run the firewall on a separate box, take a look at smoothwall. It's really easy to configure.	20:36
nijaba	mathiaz: yes, 3 times already	20:36
Egonis	RobEss: Thank you, I will check that out.	20:36
Egonis	mathiaz: Thank you	20:36
smoser	nekro_, i still disagree that it works with xen. it works for maybe 16 strings or something (xda->xdd)	20:36
mathiaz	nijaba: could you double-check that the failing instance (.3) in m1.xlarge gets the correct IP address?	20:37
mathiaz	nijaba: is there another dhcp server on the network?	20:37
soren	smoser: What are you basing this on? And how is xda->xdd 16 strings?	20:37
nekro_	smoser: ok, it works in most cases.	20:37
mathiaz	nijaba: that would server dynamic ip addresses?	20:38
ruben23	hi i have setup nfs on a server and client, im able to mount and view the server directory i share in my client problem is when i reboot i got this error and the mount directory is gone..------>http://pastebin.com/m447cd3e6	20:38
nijaba	mathiaz: nope, isolated net, no dhcp	20:38
nekro_	smoser: I don't want to get into this argument because it is a hypervisor level issue, but to blame it on the client tools is a bit erroneous.	20:38
nijaba	mathiaz: how would I check the ip of an instance I cannot connect to?	20:38
jmedina	ruben23: did you read my message about portmap?	20:38
smoser	nekro_, it doesn't work in most cases. "most cases" would be > 50% of possible input strings	20:38
mathiaz	nijaba: try to log on the NC and look at the kvm command	20:38
smoser	in which case no way.	20:39
mathiaz	nijaba: it should have the MAC address	20:39
mathiaz	nijaba: on the CC look into the dhcpd lease file for eucalyptus	20:39
smoser	whatever xda->xdd is . (it was a typo above).	20:39
mathiaz	nijaba: and check if the MAC address is there	20:39
ruben23	jmedina: i ahvent see it	20:39
smoser	at very least the help should tell you to use something like "sdX"	20:39
jmedina	I see	20:39
smoser	that would make me happy	20:39
smoser	it would still be broken and indeterminable but at least less so	20:39
Egonis	RobEss: I was also hoping to run Postfix for a simple Filtering gateway, can I install this into smoothwall?	20:40
soren	smoser: Well, Xen does not name stuff sdX. It names it xdX.	20:40
jmedina	isnt it xvdX?	20:40
smoser	well, goign with your "ec2 sucks so so should euca" argument, then we should just say "xda" is what it should take	20:41
soren	jmedina: Err... could be. I'm not sure.	20:41
smoser	but anyway	20:41
smoser	i have to go. soren you shouldn't have started up again. both of us have better things to do. at least i'd think you do :)	20:41
ruben23	jmedina:..? whats your message..?	20:41
soren	Oh, I do. I really do.	20:42
jmedina	ruben23: scroll up, I answer two times	20:42
nekro_	smoser: I'm not making that argument. In fact, I am making no argument. We will fix software if there are legitimate bugs. File a bug if you think it is a bug. Based on how priority it is, it will be fixed at the appropriate time.	20:42
smoser	nekro_, thank you.	20:42
RobEss	Egonis, I'm not sure. Smoothwall comes as a self-installing ISO. It is not Ubuntu-based.	20:43
ruben23	jmedina: portmap should be runnning, how do i check it	20:43
jmedina	ps?	20:43
nijaba	mathiaz: which file. /var/lib/dhcp3/dhcpd.leases is empty	20:44
mathiaz	nijaba: right - that's not the eucalyptus lease file	20:44
mathiaz	nijaba: I think it's somewhere in /var/lib/eucaluptys/	20:44
mathiaz	nijaba: or /var/run/eucal/	20:44
mathiaz	nijaba: if you do a ps -ef	20:44
mathiaz	nijaba: and look for dhcpd processes you'll fine the eucalyptus lease file	20:45
ruben23	jmedina: i think its running----->daemon 3952 1 0 11:55 ? 00:00:00 /sbin/portmap	20:45
mathiaz	nijaba: as it's specified on the command line	20:45
jmedina	ruben23: you need to be sure it is running before you try to mount nfs share	20:45
=== dendro-afk is now known as dendrobates
nijaba	mathiaz: /var/run/eucalyptus/net/euca-dhcp.leases	20:45
jmedina	you didnt say how did you mount it, or how are you tring to auto mount it	20:46
mathiaz	nijaba: right - that's it	20:46
ruben23	mount 192.168.0.100:/var/spool/asterisk/monitorDONE /home/cron/RECORDINGS	20:47
nijaba	mathiaz: it is empty :(	20:47
ruben23	jmedina: on my fstab i have this --->http://pastebin.com/m431e8a5f	20:48
jmedina	ruben23: sorry I have to go :S	20:48
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
uvirtbot	New bug: #291590 in vm-builder "--iso option ignored?" [High,Fix released] https://launchpad.net/bugs/291590	21:08
ka3uww	Hey I guys I installed Ubuntu server and changed to a faster box. Now it doesn't see the new nic card. Can anyone help???	21:33
_ruben	ka3uww: sudo rm /etc/udev/rules.d/70-persistent-net.rules (or alter the mac address(es) listed in that file, then reboot	21:35
ka3uww	TNX _ruben! I am trying it right now.... TNX agn!	21:38
ka3uww	_ruben TNX... IT WORKS!!! TNX...	21:40
ruben23	hi if i have serverA and ServerB then i want to copy files form my serverA to server B where should i installed the FTP server to do it..?	21:55
guntbert	ruben23: I don't think it matters	21:56
_ruben	just use rsync instead	21:56
ruben23	_ruben: what if ill used FTP...?	21:56
ruben23	what it would be	21:56
ruben23	where should i install the FTP server	21:56
_ruben	the server you wont initiate the copy from .. which, again, leaves it up to yourself	21:57
_ruben	one will be server, one will be client, data can be transfered both ways either way	21:57
SyL	is there a link for a howto to get eucalyptus working in karmic? I remember seeing one, but I can't find the link	21:58
ahe	SyL: you mean this one: https://help.ubuntu.com/community/UEC ?	22:02
jdstrand	soren: hi! I noticed your vmbuilder upload and installed it. However, I can seem to boot the karmic vm after it is created. see http://paste.ubuntu.com/299317/	22:10
jdstrand	soren: it just sits after the BIOS post with 'Booting from Hard Disk...'	22:10
SyL	ok, maybe I'm crazy, but I'm not seeing any keys in /var/lib/eucalyptus/keys/ on the frontend or the nodes. any ideas?	22:11
jdstrand	s/I can/I can't/	22:12
jdstrand	soren: s/I can/I can't/	22:12
soren	jdstrand: I'm working on that right now.	22:15
soren	jdstrand: ..but I'm surprised you're seeing it.	22:15
jdstrand	soren: why surprised? output not what you expected?	22:16
soren	jdstrand: /me must be barking up the wrong tree	22:16
jdstrand	soren: if it helps, I have grub installed, but not grub2	22:16
soren	jdstrand: No, I was seeing the same thing, but doing something "special", and thought that was why it was breaking.	22:16
jdstrand	hmm	22:16
soren	jdstrand: If you're seeing it as well, I was barking up the wrong tree. In fact, I thin kI know what it is.	22:17
jdstrand	ah good	22:17
soren	jdstrand: Thanks for the poke. You got me back on the right track :)	22:17
=== WALoeIII_ is now known as WALoeIII
jdstrand	5	22:17
jdstrand	o/	22:17
soren	ditto :)	22:17
jdstrand	heh	22:18
* soren waits for vmbuilder to finish.		22:18
MTeck-ricer	!search autofs	22:19
ubottu	Found: automount, autofs	22:19
MTeck-ricer	!info autofs	22:19
ubottu	autofs (source: autofs): kernel-based automounter for Linux. In component main, is extra. Version 4.1.4+debian-2.1ubuntu2 (jaunty), package size 112 kB, installed size 508 kB	22:20
soren	jdstrand: I seem to have fixed it.	22:48
jdstrand	\o/	22:49
soren	Now I just need to file a bug to track it.	22:50
=== WALoeIII_ is now known as WALoeIII
bventura	i have a internal DNS server in my office, and when I try to resolve the address "example.com" without any prefix (like www.example.com) it's returning the address of the internal dns server, not my website's address which is what I want. How can I fix that? what DNS entry do I need to make?	23:25
bventura	ie. someone puts in their browser "http://example.com" when they are at the office	23:25
qman__	bventura, you need to change the "example.com" entry in your zone file	23:29
bventura	qman__ that's what I think I am not getting here, that 'example.com' is not really specifically mentioned there except at the top line "example IN SOA dns1.example.com. dnsadmin.dns1.example.com" then a bit down "$ORIGIN example.com."	23:35
qman__	bventura, you need an A record for example.com	23:47
qman__	normally such an oversight would cause bind to not start	23:48
qman__	so, more likely, it IS defined, but you didn't notice	23:48
qman__	the fact that $ORIGIN is defined means that the record could be	23:48
qman__	@ IN A 1.2.3.4	23:48
bventura	ok qman let me check it out	23:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!